Menu
AWS CloudHSM V2
API Reference (API Version 2017-04-28)

InitializeCluster

Claims an AWS CloudHSM cluster by submitting the cluster certificate issued by your issuing certificate authority (CA) and the CA's root certificate. Before you can claim a cluster, you must sign the cluster's certificate signing request (CSR) with your issuing CA. To get the cluster's CSR, use DescribeClusters.

Request Syntax

Copy
{ "ClusterId": "string", "SignedCert": "string", "TrustAnchor": "string" }

Request Parameters

For information about the parameters that are common to all actions, see Common Parameters.

The request accepts the following data in JSON format.

ClusterId

The identifier (ID) of the cluster that you are claiming. To find the cluster ID, use DescribeClusters.

Type: String

Pattern: cluster-[2-7a-zA-Z]{11,16}

Required: Yes

SignedCert

The cluster certificate issued (signed) by your issuing certificate authority (CA). The certificate must be in PEM format.

Type: String

Length Constraints: Maximum length of 5000.

Pattern: [a-zA-Z0-9+-/=\s]*

Required: Yes

TrustAnchor

The issuing certificate of the issuing certificate authority (CA) that issued (signed) the cluster certificate. This can be a root (self-signed) certificate or a certificate chain that begins with the certificate that issued the cluster certificate and ends with a root certificate. The certificate or certificate chain must be in PEM format.

Type: String

Length Constraints: Maximum length of 5000.

Pattern: [a-zA-Z0-9+-/=\s]*

Required: Yes

Response Syntax

Copy
{ "State": "string", "StateMessage": "string" }

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

State

The cluster's state.

Type: String

Valid Values: CREATE_IN_PROGRESS | UNINITIALIZED | INITIALIZE_IN_PROGRESS | INITIALIZED | ACTIVE | UPDATE_IN_PROGRESS | DELETE_IN_PROGRESS | DELETED | DEGRADED

StateMessage

A description of the cluster's state.

Type: String

Length Constraints: Maximum length of 300.

Pattern: .*

Errors

For information about the errors that are common to all actions, see Common Errors.

CloudHsmAccessDeniedException

The request was rejected because the requester does not have permission to perform the requested operation.

HTTP Status Code: 400

CloudHsmInternalFailureException

The request was rejected because of an AWS CloudHSM internal failure. The request can be retried.

HTTP Status Code: 500

CloudHsmInvalidRequestException

The request was rejected because it is not a valid request.

HTTP Status Code: 400

CloudHsmResourceNotFoundException

The request was rejected because it refers to a resource that cannot be found.

HTTP Status Code: 400

CloudHsmServiceException

The request was rejected because an error occurred.

HTTP Status Code: 400

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: