CreateCluster
Creates a new AWS CloudHSM cluster.
Request Syntax
{
"BackupRetentionPolicy": {
"Type": "string
",
"Value": "string
"
},
"HsmType": "string
",
"SourceBackupId": "string
",
"SubnetIds": [ "string
" ],
"TagList": [
{
"Key": "string
",
"Value": "string
"
}
]
}
Request Parameters
For information about the parameters that are common to all actions, see Common Parameters.
The request accepts the following data in JSON format.
- BackupRetentionPolicy
-
A policy that defines how the service retains backups.
Type: BackupRetentionPolicy object
Required: No
- HsmType
-
The type of HSM to use in the cluster. Currently the only allowed value is
hsm1.medium
.Type: String
Pattern:
(hsm1\.medium)
Required: Yes
- SourceBackupId
-
The identifier (ID) of the cluster backup to restore. Use this value to restore the cluster from a backup instead of creating a new cluster. To find the backup ID, use DescribeBackups.
Type: String
Pattern:
backup-[2-7a-zA-Z]{11,16}
Required: No
- SubnetIds
-
The identifiers (IDs) of the subnets where you are creating the cluster. You must specify at least one subnet. If you specify multiple subnets, they must meet the following criteria:
-
All subnets must be in the same virtual private cloud (VPC).
-
You can specify only one subnet per Availability Zone.
Type: Array of strings
Array Members: Minimum number of 1 item. Maximum number of 10 items.
Pattern:
subnet-[0-9a-fA-F]{8,17}
Required: Yes
-
- TagList
-
Tags to apply to the CloudHSM cluster during creation.
Type: Array of Tag objects
Array Members: Minimum number of 1 item. Maximum number of 50 items.
Required: No
Response Syntax
{
"Cluster": {
"BackupPolicy": "string",
"BackupRetentionPolicy": {
"Type": "string",
"Value": "string"
},
"Certificates": {
"AwsHardwareCertificate": "string",
"ClusterCertificate": "string",
"ClusterCsr": "string",
"HsmCertificate": "string",
"ManufacturerHardwareCertificate": "string"
},
"ClusterId": "string",
"CreateTimestamp": number,
"Hsms": [
{
"AvailabilityZone": "string",
"ClusterId": "string",
"EniId": "string",
"EniIp": "string",
"HsmId": "string",
"State": "string",
"StateMessage": "string",
"SubnetId": "string"
}
],
"HsmType": "string",
"PreCoPassword": "string",
"SecurityGroup": "string",
"SourceBackupId": "string",
"State": "string",
"StateMessage": "string",
"SubnetMapping": {
"string" : "string"
},
"TagList": [
{
"Key": "string",
"Value": "string"
}
],
"VpcId": "string"
}
}
Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
Errors
For information about the errors that are common to all actions, see Common Errors.
- CloudHsmAccessDeniedException
-
The request was rejected because the requester does not have permission to perform the requested operation.
HTTP Status Code: 400
- CloudHsmInternalFailureException
-
The request was rejected because of an AWS CloudHSM internal failure. The request can be retried.
HTTP Status Code: 500
- CloudHsmInvalidRequestException
-
The request was rejected because it is not a valid request.
HTTP Status Code: 400
- CloudHsmResourceNotFoundException
-
The request was rejected because it refers to a resource that cannot be found.
HTTP Status Code: 400
- CloudHsmServiceException
-
The request was rejected because an error occurred.
HTTP Status Code: 400
- CloudHsmTagException
-
The request was rejected because of a tagging failure. Verify the tag conditions in all applicable policies, and then retry the request.
HTTP Status Code: 400
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following: