InitializeCluster
Claims an AWS CloudHSM cluster by submitting the cluster certificate issued by your issuing certificate authority (CA) and the CA's root certificate. Before you can claim a cluster, you must sign the cluster's certificate signing request (CSR) with your issuing CA. To get the cluster's CSR, use DescribeClusters.
Cross-account use: No. You cannot perform this operation on an AWS CloudHSM cluster in a different AWS account.
Request Syntax
{
"ClusterId": "string
",
"SignedCert": "string
",
"TrustAnchor": "string
"
}
Request Parameters
For information about the parameters that are common to all actions, see Common Parameters.
The request accepts the following data in JSON format.
- ClusterId
-
The identifier (ID) of the cluster that you are claiming. To find the cluster ID, use DescribeClusters.
Type: String
Pattern:
cluster-[2-7a-zA-Z]{11,16}
Required: Yes
- SignedCert
-
The cluster certificate issued (signed) by your issuing certificate authority (CA). The certificate must be in PEM format and can contain a maximum of 5000 characters.
Type: String
Length Constraints: Maximum length of 20000.
Pattern:
[a-zA-Z0-9+-/=\s]*
Required: Yes
- TrustAnchor
-
The issuing certificate of the issuing certificate authority (CA) that issued (signed) the cluster certificate. You must use a self-signed certificate. The certificate used to sign the HSM CSR must be directly available, and thus must be the root certificate. The certificate must be in PEM format and can contain a maximum of 5000 characters.
Type: String
Length Constraints: Maximum length of 20000.
Pattern:
[a-zA-Z0-9+-/=\s]*
Required: Yes
Response Syntax
{
"State": "string",
"StateMessage": "string"
}
Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
- State
-
The cluster's state.
Type: String
Valid Values:
CREATE_IN_PROGRESS | UNINITIALIZED | INITIALIZE_IN_PROGRESS | INITIALIZED | ACTIVE | UPDATE_IN_PROGRESS | MODIFY_IN_PROGRESS | ROLLBACK_IN_PROGRESS | DELETE_IN_PROGRESS | DELETED | DEGRADED
- StateMessage
-
A description of the cluster's state.
Type: String
Length Constraints: Maximum length of 300.
Pattern:
.*
Errors
For information about the errors that are common to all actions, see Common Errors.
- CloudHsmAccessDeniedException
-
The request was rejected because the requester does not have permission to perform the requested operation.
HTTP Status Code: 400
- CloudHsmInternalFailureException
-
The request was rejected because of an AWS CloudHSM internal failure. The request can be retried.
HTTP Status Code: 500
- CloudHsmInvalidRequestException
-
The request was rejected because it is not a valid request.
HTTP Status Code: 400
- CloudHsmResourceNotFoundException
-
The request was rejected because it refers to a resource that cannot be found.
HTTP Status Code: 400
- CloudHsmServiceException
-
The request was rejected because an error occurred.
HTTP Status Code: 400
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following: