You are viewing documentation for version 3 of the AWS SDK for Ruby. Version 2 documentation can be found here.

Class: Aws::CloudHSM::Client

Inherits:
Seahorse::Client::Base show all
Includes:
Aws::ClientStubs
Defined in:
gems/aws-sdk-cloudhsm/lib/aws-sdk-cloudhsm/client.rb

Instance Attribute Summary

Attributes inherited from Seahorse::Client::Base

#config, #handlers

API Operations collapse

Instance Method Summary collapse

Methods included from Aws::ClientStubs

#stub_data, #stub_responses

Methods inherited from Seahorse::Client::Base

add_plugin, api, clear_plugins, define, new, #operation_names, plugins, remove_plugin, set_api, set_plugins

Methods included from Seahorse::Client::HandlerBuilder

#handle, #handle_request, #handle_response

Constructor Details

#initialize(*args) ⇒ Client

Returns a new instance of Client

Parameters:

  • options (Hash)

    a customizable set of options



152
153
154
# File 'gems/aws-sdk-cloudhsm/lib/aws-sdk-cloudhsm/client.rb', line 152

def initialize(*args)
  super
end

Instance Method Details

#add_tags_to_resource(params = {}) ⇒ Types::AddTagsToResourceResponse

Adds or overwrites one or more tags for the specified AWS CloudHSM resource.

Each tag consists of a key and a value. Tag keys must be unique to each resource.

Examples:

Request syntax with placeholder values


resp = client.add_tags_to_resource({
  resource_arn: "String", # required
  tag_list: [ # required
    {
      key: "TagKey", # required
      value: "TagValue", # required
    },
  ],
})

Response structure


resp.status #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :resource_arn (required, String)

    The Amazon Resource Name (ARN) of the AWS CloudHSM resource to tag.

  • :tag_list (required, Array<Types::Tag>)

    One or more tags.

Returns:

See Also:



194
195
196
197
# File 'gems/aws-sdk-cloudhsm/lib/aws-sdk-cloudhsm/client.rb', line 194

def add_tags_to_resource(params = {}, options = {})
  req = build_request(:add_tags_to_resource, params)
  req.send_request(options)
end

#create_hapg(params = {}) ⇒ Types::CreateHapgResponse

Creates a high-availability partition group. A high-availability partition group is a group of partitions that spans multiple physical HSMs.

Examples:

Request syntax with placeholder values


resp = client.create_hapg({
  label: "Label", # required
})

Response structure


resp.hapg_arn #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :label (required, String)

    The label of the new high-availability partition group.

Returns:

See Also:



224
225
226
227
# File 'gems/aws-sdk-cloudhsm/lib/aws-sdk-cloudhsm/client.rb', line 224

def create_hapg(params = {}, options = {})
  req = build_request(:create_hapg, params)
  req.send_request(options)
end

#create_hsm(params = {}) ⇒ Types::CreateHsmResponse

Creates an uninitialized HSM instance.

There is an upfront fee charged for each HSM instance that you create with the CreateHsm operation. If you accidentally provision an HSM and want to request a refund, delete the instance using the DeleteHsm operation, go to the AWS Support Center, create a new case, and select Account and Billing Support.

It can take up to 20 minutes to create and provision an HSM. You can monitor the status of the HSM with the DescribeHsm operation. The HSM is ready to be initialized when the status changes to RUNNING.

Examples:

Request syntax with placeholder values


resp = client.create_hsm({
  subnet_id: "SubnetId", # required
  ssh_key: "SshKey", # required
  eni_ip: "IpAddress",
  iam_role_arn: "IamRoleArn", # required
  external_id: "ExternalId",
  subscription_type: "PRODUCTION", # required, accepts PRODUCTION
  client_token: "ClientToken",
  syslog_ip: "IpAddress",
})

Response structure


resp.hsm_arn #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :subnet_id (required, String)

    The identifier of the subnet in your VPC in which to place the HSM.

  • :ssh_key (required, String)

    The SSH public key to install on the HSM.

  • :eni_ip (String)

    The IP address to assign to the HSM's ENI.

    If an IP address is not specified, an IP address will be randomly chosen from the CIDR range of the subnet.

  • :iam_role_arn (required, String)

    The ARN of an IAM role to enable the AWS CloudHSM service to allocate an ENI on your behalf.

  • :external_id (String)

    The external ID from IamRoleArn, if present.

  • :subscription_type (required, String)

    Specifies the type of subscription for the HSM.

    • PRODUCTION - The HSM is being used in a production environment.
    • TRIAL - The HSM is being used in a product trial.
  • :client_token (String)

    A user-defined token to ensure idempotence. Subsequent calls to this operation with the same token will be ignored.

  • :syslog_ip (String)

    The IP address for the syslog monitoring server. The AWS CloudHSM service only supports one syslog monitoring server.

Returns:

See Also:



303
304
305
306
# File 'gems/aws-sdk-cloudhsm/lib/aws-sdk-cloudhsm/client.rb', line 303

def create_hsm(params = {}, options = {})
  req = build_request(:create_hsm, params)
  req.send_request(options)
end

#create_luna_client(params = {}) ⇒ Types::CreateLunaClientResponse

Creates an HSM client.

Examples:

Request syntax with placeholder values


resp = client.create_luna_client({
  label: "ClientLabel",
  certificate: "Certificate", # required
})

Response structure


resp.client_arn #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :label (String)

    The label for the client.

  • :certificate (required, String)

    The contents of a Base64-Encoded X.509 v3 certificate to be installed on the HSMs used by this client.

Returns:

See Also:



336
337
338
339
# File 'gems/aws-sdk-cloudhsm/lib/aws-sdk-cloudhsm/client.rb', line 336

def create_luna_client(params = {}, options = {})
  req = build_request(:create_luna_client, params)
  req.send_request(options)
end

#delete_hapg(params = {}) ⇒ Types::DeleteHapgResponse

Deletes a high-availability partition group.

Examples:

Request syntax with placeholder values


resp = client.delete_hapg({
  hapg_arn: "HapgArn", # required
})

Response structure


resp.status #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :hapg_arn (required, String)

    The ARN of the high-availability partition group to delete.

Returns:

See Also:



364
365
366
367
# File 'gems/aws-sdk-cloudhsm/lib/aws-sdk-cloudhsm/client.rb', line 364

def delete_hapg(params = {}, options = {})
  req = build_request(:delete_hapg, params)
  req.send_request(options)
end

#delete_hsm(params = {}) ⇒ Types::DeleteHsmResponse

Deletes an HSM. After completion, this operation cannot be undone and your key material cannot be recovered.

Examples:

Request syntax with placeholder values


resp = client.delete_hsm({
  hsm_arn: "HsmArn", # required
})

Response structure


resp.status #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :hsm_arn (required, String)

    The ARN of the HSM to delete.

Returns:

See Also:



393
394
395
396
# File 'gems/aws-sdk-cloudhsm/lib/aws-sdk-cloudhsm/client.rb', line 393

def delete_hsm(params = {}, options = {})
  req = build_request(:delete_hsm, params)
  req.send_request(options)
end

#delete_luna_client(params = {}) ⇒ Types::DeleteLunaClientResponse

Deletes a client.

Examples:

Request syntax with placeholder values


resp = client.delete_luna_client({
  client_arn: "ClientArn", # required
})

Response structure


resp.status #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :client_arn (required, String)

    The ARN of the client to delete.

Returns:

See Also:



421
422
423
424
# File 'gems/aws-sdk-cloudhsm/lib/aws-sdk-cloudhsm/client.rb', line 421

def delete_luna_client(params = {}, options = {})
  req = build_request(:delete_luna_client, params)
  req.send_request(options)
end

#describe_hapg(params = {}) ⇒ Types::DescribeHapgResponse

Retrieves information about a high-availability partition group.

Examples:

Request syntax with placeholder values


resp = client.describe_hapg({
  hapg_arn: "HapgArn", # required
})

Response structure


resp.hapg_arn #=> String
resp.hapg_serial #=> String
resp.hsms_last_action_failed #=> Array
resp.hsms_last_action_failed[0] #=> String
resp.hsms_pending_deletion #=> Array
resp.hsms_pending_deletion[0] #=> String
resp.hsms_pending_registration #=> Array
resp.hsms_pending_registration[0] #=> String
resp.label #=> String
resp.last_modified_timestamp #=> String
resp.partition_serial_list #=> Array
resp.partition_serial_list[0] #=> String
resp.state #=> String, one of "READY", "UPDATING", "DEGRADED"

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :hapg_arn (required, String)

    The ARN of the high-availability partition group to describe.

Returns:

See Also:



469
470
471
472
# File 'gems/aws-sdk-cloudhsm/lib/aws-sdk-cloudhsm/client.rb', line 469

def describe_hapg(params = {}, options = {})
  req = build_request(:describe_hapg, params)
  req.send_request(options)
end

#describe_hsm(params = {}) ⇒ Types::DescribeHsmResponse

Retrieves information about an HSM. You can identify the HSM by its ARN or its serial number.

Examples:

Request syntax with placeholder values


resp = client.describe_hsm({
  hsm_arn: "HsmArn",
  hsm_serial_number: "HsmSerialNumber",
})

Response structure


resp.hsm_arn #=> String
resp.status #=> String, one of "PENDING", "RUNNING", "UPDATING", "SUSPENDED", "TERMINATING", "TERMINATED", "DEGRADED"
resp.status_details #=> String
resp.availability_zone #=> String
resp.eni_id #=> String
resp.eni_ip #=> String
resp.subscription_type #=> String, one of "PRODUCTION"
resp.subscription_start_date #=> String
resp.subscription_end_date #=> String
resp.vpc_id #=> String
resp.subnet_id #=> String
resp.iam_role_arn #=> String
resp.serial_number #=> String
resp.vendor_name #=> String
resp.hsm_type #=> String
resp.software_version #=> String
resp.ssh_public_key #=> String
resp.ssh_key_last_updated #=> String
resp.server_cert_uri #=> String
resp.server_cert_last_updated #=> String
resp.partitions #=> Array
resp.partitions[0] #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :hsm_arn (String)

    The ARN of the HSM. Either the HsmArn or the SerialNumber parameter must be specified.

  • :hsm_serial_number (String)

    The serial number of the HSM. Either the HsmArn or the HsmSerialNumber parameter must be specified.

Returns:

See Also:



545
546
547
548
# File 'gems/aws-sdk-cloudhsm/lib/aws-sdk-cloudhsm/client.rb', line 545

def describe_hsm(params = {}, options = {})
  req = build_request(:describe_hsm, params)
  req.send_request(options)
end

#describe_luna_client(params = {}) ⇒ Types::DescribeLunaClientResponse

Retrieves information about an HSM client.

Examples:

Request syntax with placeholder values


resp = client.describe_luna_client({
  client_arn: "ClientArn",
  certificate_fingerprint: "CertificateFingerprint",
})

Response structure


resp.client_arn #=> String
resp.certificate #=> String
resp.certificate_fingerprint #=> String
resp.last_modified_timestamp #=> String
resp.label #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :client_arn (String)

    The ARN of the client.

  • :certificate_fingerprint (String)

    The certificate fingerprint.

Returns:

See Also:



585
586
587
588
# File 'gems/aws-sdk-cloudhsm/lib/aws-sdk-cloudhsm/client.rb', line 585

def describe_luna_client(params = {}, options = {})
  req = build_request(:describe_luna_client, params)
  req.send_request(options)
end

#get_config(params = {}) ⇒ Types::GetConfigResponse

Gets the configuration files necessary to connect to all high availability partition groups the client is associated with.

Examples:

Request syntax with placeholder values


resp = client.get_config({
  client_arn: "ClientArn", # required
  client_version: "5.1", # required, accepts 5.1, 5.3
  hapg_list: ["HapgArn"], # required
})

Response structure


resp.config_type #=> String
resp.config_file #=> String
resp.config_cred #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :client_arn (required, String)

    The ARN of the client.

  • :client_version (required, String)

    The client version.

  • :hapg_list (required, Array<String>)

    A list of ARNs that identify the high-availability partition groups that are associated with the client.

Returns:

See Also:



627
628
629
630
# File 'gems/aws-sdk-cloudhsm/lib/aws-sdk-cloudhsm/client.rb', line 627

def get_config(params = {}, options = {})
  req = build_request(:get_config, params)
  req.send_request(options)
end

#list_available_zones(params = {}) ⇒ Types::ListAvailableZonesResponse

Lists the Availability Zones that have available AWS CloudHSM capacity.

Examples:

Response structure


resp.az_list #=> Array
resp.az_list[0] #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Returns:

See Also:



648
649
650
651
# File 'gems/aws-sdk-cloudhsm/lib/aws-sdk-cloudhsm/client.rb', line 648

def list_available_zones(params = {}, options = {})
  req = build_request(:list_available_zones, params)
  req.send_request(options)
end

#list_hapgs(params = {}) ⇒ Types::ListHapgsResponse

Lists the high-availability partition groups for the account.

This operation supports pagination with the use of the NextToken member. If more results are available, the NextToken member of the response contains a token that you pass in the next call to ListHapgs to retrieve the next set of items.

Examples:

Request syntax with placeholder values


resp = client.list_hapgs({
  next_token: "PaginationToken",
})

Response structure


resp.hapg_list #=> Array
resp.hapg_list[0] #=> String
resp.next_token #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :next_token (String)

    The NextToken value from a previous call to ListHapgs. Pass null if this is the first call.

Returns:

See Also:



685
686
687
688
# File 'gems/aws-sdk-cloudhsm/lib/aws-sdk-cloudhsm/client.rb', line 685

def list_hapgs(params = {}, options = {})
  req = build_request(:list_hapgs, params)
  req.send_request(options)
end

#list_hsms(params = {}) ⇒ Types::ListHsmsResponse

Retrieves the identifiers of all of the HSMs provisioned for the current customer.

This operation supports pagination with the use of the NextToken member. If more results are available, the NextToken member of the response contains a token that you pass in the next call to ListHsms to retrieve the next set of items.

Examples:

Request syntax with placeholder values


resp = client.list_hsms({
  next_token: "PaginationToken",
})

Response structure


resp.hsm_list #=> Array
resp.hsm_list[0] #=> String
resp.next_token #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :next_token (String)

    The NextToken value from a previous call to ListHsms. Pass null if this is the first call.

Returns:

See Also:



723
724
725
726
# File 'gems/aws-sdk-cloudhsm/lib/aws-sdk-cloudhsm/client.rb', line 723

def list_hsms(params = {}, options = {})
  req = build_request(:list_hsms, params)
  req.send_request(options)
end

#list_luna_clients(params = {}) ⇒ Types::ListLunaClientsResponse

Lists all of the clients.

This operation supports pagination with the use of the NextToken member. If more results are available, the NextToken member of the response contains a token that you pass in the next call to ListLunaClients to retrieve the next set of items.

Examples:

Request syntax with placeholder values


resp = client.list_luna_clients({
  next_token: "PaginationToken",
})

Response structure


resp.client_list #=> Array
resp.client_list[0] #=> String
resp.next_token #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :next_token (String)

    The NextToken value from a previous call to ListLunaClients. Pass null if this is the first call.

Returns:

See Also:



760
761
762
763
# File 'gems/aws-sdk-cloudhsm/lib/aws-sdk-cloudhsm/client.rb', line 760

def list_luna_clients(params = {}, options = {})
  req = build_request(:list_luna_clients, params)
  req.send_request(options)
end

#list_tags_for_resource(params = {}) ⇒ Types::ListTagsForResourceResponse

Returns a list of all tags for the specified AWS CloudHSM resource.

Examples:

Request syntax with placeholder values


resp = client.list_tags_for_resource({
  resource_arn: "String", # required
})

Response structure


resp.tag_list #=> Array
resp.tag_list[0].key #=> String
resp.tag_list[0].value #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :resource_arn (required, String)

    The Amazon Resource Name (ARN) of the AWS CloudHSM resource.

Returns:

See Also:



790
791
792
793
# File 'gems/aws-sdk-cloudhsm/lib/aws-sdk-cloudhsm/client.rb', line 790

def list_tags_for_resource(params = {}, options = {})
  req = build_request(:list_tags_for_resource, params)
  req.send_request(options)
end

#modify_hapg(params = {}) ⇒ Types::ModifyHapgResponse

Modifies an existing high-availability partition group.

Examples:

Request syntax with placeholder values


resp = client.modify_hapg({
  hapg_arn: "HapgArn", # required
  label: "Label",
  partition_serial_list: ["PartitionSerial"],
})

Response structure


resp.hapg_arn #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :hapg_arn (required, String)

    The ARN of the high-availability partition group to modify.

  • :label (String)

    The new label for the high-availability partition group.

  • :partition_serial_list (Array<String>)

    The list of partition serial numbers to make members of the high-availability partition group.

Returns:

See Also:



827
828
829
830
# File 'gems/aws-sdk-cloudhsm/lib/aws-sdk-cloudhsm/client.rb', line 827

def modify_hapg(params = {}, options = {})
  req = build_request(:modify_hapg, params)
  req.send_request(options)
end

#modify_hsm(params = {}) ⇒ Types::ModifyHsmResponse

Modifies an HSM.

This operation can result in the HSM being offline for up to 15 minutes while the AWS CloudHSM service is reconfigured. If you are modifying a production HSM, you should ensure that your AWS CloudHSM service is configured for high availability, and consider executing this operation during a maintenance window.

Examples:

Request syntax with placeholder values


resp = client.modify_hsm({
  hsm_arn: "HsmArn", # required
  subnet_id: "SubnetId",
  eni_ip: "IpAddress",
  iam_role_arn: "IamRoleArn",
  external_id: "ExternalId",
  syslog_ip: "IpAddress",
})

Response structure


resp.hsm_arn #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :hsm_arn (required, String)

    The ARN of the HSM to modify.

  • :subnet_id (String)

    The new identifier of the subnet that the HSM is in. The new subnet must be in the same Availability Zone as the current subnet.

  • :eni_ip (String)

    The new IP address for the elastic network interface (ENI) attached to the HSM.

    If the HSM is moved to a different subnet, and an IP address is not specified, an IP address will be randomly chosen from the CIDR range of the new subnet.

  • :iam_role_arn (String)

    The new IAM role ARN.

  • :external_id (String)

    The new external ID.

  • :syslog_ip (String)

    The new IP address for the syslog monitoring server. The AWS CloudHSM service only supports one syslog monitoring server.

Returns:

See Also:



888
889
890
891
# File 'gems/aws-sdk-cloudhsm/lib/aws-sdk-cloudhsm/client.rb', line 888

def modify_hsm(params = {}, options = {})
  req = build_request(:modify_hsm, params)
  req.send_request(options)
end

#modify_luna_client(params = {}) ⇒ Types::ModifyLunaClientResponse

Modifies the certificate used by the client.

This action can potentially start a workflow to install the new certificate on the client's HSMs.

Examples:

Request syntax with placeholder values


resp = client.modify_luna_client({
  client_arn: "ClientArn", # required
  certificate: "Certificate", # required
})

Response structure


resp.client_arn #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :client_arn (required, String)

    The ARN of the client.

  • :certificate (required, String)

    The new certificate for the client.

Returns:

See Also:



923
924
925
926
# File 'gems/aws-sdk-cloudhsm/lib/aws-sdk-cloudhsm/client.rb', line 923

def modify_luna_client(params = {}, options = {})
  req = build_request(:modify_luna_client, params)
  req.send_request(options)
end

#remove_tags_from_resource(params = {}) ⇒ Types::RemoveTagsFromResourceResponse

Removes one or more tags from the specified AWS CloudHSM resource.

To remove a tag, specify only the tag key to remove (not the value). To overwrite the value for an existing tag, use AddTagsToResource.

Examples:

Request syntax with placeholder values


resp = client.remove_tags_from_resource({
  resource_arn: "String", # required
  tag_key_list: ["TagKey"], # required
})

Response structure


resp.status #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :resource_arn (required, String)

    The Amazon Resource Name (ARN) of the AWS CloudHSM resource.

  • :tag_key_list (required, Array<String>)

    The tag key or keys to remove.

    Specify only the tag key to remove (not the value). To overwrite the value for an existing tag, use AddTagsToResource.

Returns:

See Also:



961
962
963
964
# File 'gems/aws-sdk-cloudhsm/lib/aws-sdk-cloudhsm/client.rb', line 961

def remove_tags_from_resource(params = {}, options = {})
  req = build_request(:remove_tags_from_resource, params)
  req.send_request(options)
end