Interact with one HSM in an AWS CloudHSM cluster using CMU
Use the server command in the AWS CloudHSM cloudhsm_mgmt_util to enter server mode and interact directly with a particular hardware security module (HSM) instance.
Normally, when you issue a command in cloudhsm_mgmt_util, the command effects all HSMs in the designated cluster (global mode). However, there may be circumstances for which you need to issue commands to a single HSM. For instance, in the event that automatic synchronization fails, you may need to sync keys and users on an HSM in order to maintain consistency across the cluster.
Upon successful initiation, the aws-cloudhsm> command prompt is replaced with
the server> command prompt.
In order to exit server mode, use the exit command. Upon successful exit, you
will be returned to the cloudhsm_mgmt_util command prompt.
Before you run any cloudhsm_mgmt_util command, you must start cloudhsm_mgmt_util.
User type
The following users can run this command.
-
All users.
Prerequisites
In order to enter server mode, you must first know the server number of the target
HSM. Server numbers are listed in the trace output generated by cloudhsm_mgmt_util upon initiation.
Server numbers are assigned in the same order that the HSMs appear in the configuration
file. For this example, we assume that server 0 is the server that
corresponds to the desired HSM.
Syntax
To start server mode:
server<server-number>
To exit server mode:
server> exit
Example
This command enters server mode on an HSM with server number 0.
aws-cloudhsm>server 0Server is in 'E2' mode...
In order to exit server mode, use the exit command.
server0>exit
Arguments
server<server-number>
- <server-number>
-
Specifies the server number of the target HSM.
Required: Yes
There are no arguments for the exit command.
Related topics
