InitializeCluster - AWS CloudHSM

InitializeCluster

Claims an AWS CloudHSM cluster by submitting the cluster certificate issued by your issuing certificate authority (CA) and the CA's root certificate. Before you can claim a cluster, you must sign the cluster's certificate signing request (CSR) with your issuing CA. To get the cluster's CSR, use DescribeClusters.

Cross-account use: No. You cannot perform this operation on an AWS CloudHSM cluster in a different AWS account.

Request Syntax

{ "ClusterId": "string", "SignedCert": "string", "TrustAnchor": "string" }

Request Parameters

For information about the parameters that are common to all actions, see Common Parameters.

The request accepts the following data in JSON format.

ClusterId

The identifier (ID) of the cluster that you are claiming. To find the cluster ID, use DescribeClusters.

Type: String

Pattern: cluster-[2-7a-zA-Z]{11,16}

Required: Yes

SignedCert

The cluster certificate issued (signed) by your issuing certificate authority (CA). The certificate must be in PEM format and can contain a maximum of 5000 characters.

Type: String

Length Constraints: Maximum length of 20000.

Pattern: [a-zA-Z0-9+-/=\s]*

Required: Yes

TrustAnchor

The issuing certificate of the issuing certificate authority (CA) that issued (signed) the cluster certificate. You must use a self-signed certificate. The certificate used to sign the HSM CSR must be directly available, and thus must be the root certificate. The certificate must be in PEM format and can contain a maximum of 5000 characters.

Type: String

Length Constraints: Maximum length of 20000.

Pattern: [a-zA-Z0-9+-/=\s]*

Required: Yes

Response Syntax

{ "State": "string", "StateMessage": "string" }

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

State

The cluster's state.

Type: String

Valid Values: CREATE_IN_PROGRESS | UNINITIALIZED | INITIALIZE_IN_PROGRESS | INITIALIZED | ACTIVE | UPDATE_IN_PROGRESS | MODIFY_IN_PROGRESS | ROLLBACK_IN_PROGRESS | DELETE_IN_PROGRESS | DELETED | DEGRADED

StateMessage

A description of the cluster's state.

Type: String

Length Constraints: Maximum length of 300.

Pattern: .*

Errors

For information about the errors that are common to all actions, see Common Errors.

CloudHsmAccessDeniedException

The request was rejected because the requester does not have permission to perform the requested operation.

HTTP Status Code: 400

CloudHsmInternalFailureException

The request was rejected because of an AWS CloudHSM internal failure. The request can be retried.

HTTP Status Code: 500

CloudHsmInvalidRequestException

The request was rejected because it is not a valid request.

HTTP Status Code: 400

CloudHsmResourceNotFoundException

The request was rejected because it refers to a resource that cannot be found.

HTTP Status Code: 400

CloudHsmServiceException

The request was rejected because an error occurred.

HTTP Status Code: 400

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: