HSS will always be there in for User authentication, At the time of attach itself the VoLTE subscriber will first authenticate itself to EPC core where MME will forward authentication request/response to/from HSS.
Once UE is authenticated (validated from HSS as valid user) the VoLTE mobile user will be allowed to make default bearer for IMS signaling with QCI=5. The user will then be able to make a SIP register to the domain.com of IMS server. This IMS server will be accessible via IMS APN which will is configurable on UE by service operator.
So even in the case of VoLTE mobile user (who is using IMS backbone for VoLTE call) the initial authentication is still being validated using HSS database which is maintained by service provider.
