Module cloudhsmv2

@pulumi/aws > cloudhsmv2

This provider is a derived work of the Terraform Provider distributed under MPL 2.0. If you encounter a bug or missing feature, first check the pulumi/pulumi-aws repo; however, if that doesn’t turn up anything, please consult the source terraform-providers/terraform-provider-aws repo.

class Cluster

extends CustomResource

Creates an Amazon CloudHSM v2 cluster.

For information about CloudHSM v2, see the [AWS CloudHSM User Guide][1] and the [Amazon CloudHSM API Reference][2].

NOTE: CloudHSM can take up to several minutes to be set up. Practically no single attribute can be updated except TAGS. If you need to delete a cluster, you have to remove its HSM modules first. To initialize cluster, you have to add an hsm instance to the cluster then sign CSR and upload it.

Example Usage

The following example below creates a CloudHSM cluster.

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const cloudhsm2Vpc = new aws.ec2.Vpc("cloudhsm2Vpc", {
    cidrBlock: "10.0.0.0/16",
    tags: {
        Name: "example-aws_cloudhsm_v2_cluster",
    },
});
const available = pulumi.output(aws.getAvailabilityZones({}));
const cloudhsm2Subnets: aws.ec2.Subnet[] = [];
for (let i = 0; i < 2; i++) {
    cloudhsm2Subnets.push(new aws.ec2.Subnet(`cloudhsm2_subnets-${i}`, {
        availabilityZone: available.apply(available => available.names[i]),
        cidrBlock: var_subnets[i],
        mapPublicIpOnLaunch: false,
        tags: {
            Name: "example-aws_cloudhsm_v2_cluster",
        },
        vpcId: cloudhsm2Vpc.id,
    }));
}
const cloudhsmV2Cluster = new aws.cloudhsmv2.Cluster("cloudhsmV2Cluster", {
    hsmType: "hsm1.medium",
    subnetIds: cloudhsm2Subnets.map(v => v.id),
    tags: {
        Name: "example-aws_cloudhsm_v2_cluster",
    },
});

This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/r/cloudhsm_v2_cluster.html.markdown.

constructor

new Cluster(name: string, args: ClusterArgs, opts?: pulumi.CustomResourceOptions)

Create a Cluster resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: ClusterState, opts?: pulumi.CustomResourceOptions): Cluster

Get an existing Cluster resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of Cluster. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property clusterCertificates

public clusterCertificates: pulumi.Output<{
    awsHardwareCertificate: string;
    clusterCertificate: string;
    clusterCsr: string;
    hsmCertificate: string;
    manufacturerHardwareCertificate: string;
}>;

The list of cluster certificates. * cluster_certificates.0.cluster_certificate - The cluster certificate issued (signed) by the issuing certificate authority (CA) of the cluster’s owner. * cluster_certificates.0.cluster_csr - The certificate signing request (CSR). Available only in UNINITIALIZED state after an hsm instance is added to the cluster. * cluster_certificates.0.aws_hardware_certificate - The HSM hardware certificate issued (signed) by AWS CloudHSM. * cluster_certificates.0.hsm_certificate - The HSM certificate issued (signed) by the HSM hardware. * cluster_certificates.0.manufacturer_hardware_certificate - The HSM hardware certificate issued (signed) by the hardware manufacturer.

property clusterId

public clusterId: pulumi.Output<string>;

The id of the CloudHSM cluster.

property clusterState

public clusterState: pulumi.Output<string>;

The state of the cluster.

property hsmType

public hsmType: pulumi.Output<string>;

The type of HSM module in the cluster. Currently, only hsm1.medium is supported.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property securityGroupId

public securityGroupId: pulumi.Output<string>;

The ID of the security group associated with the CloudHSM cluster.

property sourceBackupIdentifier

public sourceBackupIdentifier: pulumi.Output<string | undefined>;

The id of Cloud HSM v2 cluster backup to be restored.

property subnetIds

public subnetIds: pulumi.Output<string[]>;

The IDs of subnets in which cluster will operate.

property tags

public tags: pulumi.Output<{[key: string]: any} | undefined>;

A mapping of tags to assign to the resource.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property vpcId

public vpcId: pulumi.Output<string>;

The id of the VPC that the CloudHSM cluster resides in.

class Hsm

extends CustomResource

Creates an HSM module in Amazon CloudHSM v2 cluster.

Example Usage

The following example below creates an HSM module in CloudHSM cluster.

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const cluster = pulumi.output(aws.cloudhsmv2.getCluster({
    clusterId: var_cloudhsm_cluster_id,
}));
const cloudhsmV2Hsm = new aws.cloudhsmv2.Hsm("cloudhsmV2Hsm", {
    clusterId: cluster.clusterId,
    subnetId: cluster.apply(cluster => cluster.subnetIds[0]),
});

This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/r/cloudhsm_v2_hsm.html.markdown.

constructor

new Hsm(name: string, args: HsmArgs, opts?: pulumi.CustomResourceOptions)

Create a Hsm resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: HsmState, opts?: pulumi.CustomResourceOptions): Hsm

Get an existing Hsm resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of Hsm. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property availabilityZone

public availabilityZone: pulumi.Output<string>;

The IDs of AZ in which HSM module will be located. Do not use together with subnet_id.

property clusterId

public clusterId: pulumi.Output<string>;

The ID of Cloud HSM v2 cluster to which HSM will be added.

property hsmEniId

public hsmEniId: pulumi.Output<string>;

The id of the ENI interface allocated for HSM module.

property hsmId

public hsmId: pulumi.Output<string>;

The id of the HSM module.

property hsmState

public hsmState: pulumi.Output<string>;

The state of the HSM module.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property ipAddress

public ipAddress: pulumi.Output<string>;

The IP address of HSM module. Must be within the CIDR of selected subnet.

property subnetId

public subnetId: pulumi.Output<string>;

The ID of subnet in which HSM module will be located.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

function getCluster

getCluster(args: GetClusterArgs, opts?: pulumi.InvokeOptions): Promise<GetClusterResult> & GetClusterResult

Use this data source to get information about a CloudHSM v2 cluster

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const cluster = pulumi.output(aws.cloudhsmv2.getCluster({
    clusterId: "cluster-testclusterid",
}));

This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/d/cloudhsm_v2_cluster.html.markdown.

interface ClusterArgs

The set of arguments for constructing a Cluster resource.

property hsmType

hsmType: pulumi.Input<string>;

The type of HSM module in the cluster. Currently, only hsm1.medium is supported.

property sourceBackupIdentifier

sourceBackupIdentifier?: pulumi.Input<string>;

The id of Cloud HSM v2 cluster backup to be restored.

property subnetIds

subnetIds: pulumi.Input<pulumi.Input<string>[]>;

The IDs of subnets in which cluster will operate.

property tags

tags?: pulumi.Input<{[key: string]: any}>;

A mapping of tags to assign to the resource.

interface ClusterState

Input properties used for looking up and filtering Cluster resources.

property clusterCertificates

clusterCertificates?: pulumi.Input<{
    awsHardwareCertificate: pulumi.Input<string>;
    clusterCertificate: pulumi.Input<string>;
    clusterCsr: pulumi.Input<string>;
    hsmCertificate: pulumi.Input<string>;
    manufacturerHardwareCertificate: pulumi.Input<string>;
}>;

The list of cluster certificates. * cluster_certificates.0.cluster_certificate - The cluster certificate issued (signed) by the issuing certificate authority (CA) of the cluster’s owner. * cluster_certificates.0.cluster_csr - The certificate signing request (CSR). Available only in UNINITIALIZED state after an hsm instance is added to the cluster. * cluster_certificates.0.aws_hardware_certificate - The HSM hardware certificate issued (signed) by AWS CloudHSM. * cluster_certificates.0.hsm_certificate - The HSM certificate issued (signed) by the HSM hardware. * cluster_certificates.0.manufacturer_hardware_certificate - The HSM hardware certificate issued (signed) by the hardware manufacturer.

property clusterId

clusterId?: pulumi.Input<string>;

The id of the CloudHSM cluster.

property clusterState

clusterState?: pulumi.Input<string>;

The state of the cluster.

property hsmType

hsmType?: pulumi.Input<string>;

The type of HSM module in the cluster. Currently, only hsm1.medium is supported.

property securityGroupId

securityGroupId?: pulumi.Input<string>;

The ID of the security group associated with the CloudHSM cluster.

property sourceBackupIdentifier

sourceBackupIdentifier?: pulumi.Input<string>;

The id of Cloud HSM v2 cluster backup to be restored.

property subnetIds

subnetIds?: pulumi.Input<pulumi.Input<string>[]>;

The IDs of subnets in which cluster will operate.

property tags

tags?: pulumi.Input<{[key: string]: any}>;

A mapping of tags to assign to the resource.

property vpcId

vpcId?: pulumi.Input<string>;

The id of the VPC that the CloudHSM cluster resides in.

interface GetClusterArgs

A collection of arguments for invoking getCluster.

property clusterId

clusterId: string;

The id of Cloud HSM v2 cluster.

property clusterState

clusterState?: undefined | string;

The state of the cluster to be found.

interface GetClusterResult

A collection of values returned by getCluster.

property clusterCertificates

clusterCertificates: {
    awsHardwareCertificate: string;
    clusterCertificate: string;
    clusterCsr: string;
    hsmCertificate: string;
    manufacturerHardwareCertificate: string;
};

The list of cluster certificates. * cluster_certificates.0.cluster_certificate - The cluster certificate issued (signed) by the issuing certificate authority (CA) of the cluster’s owner. * cluster_certificates.0.cluster_csr - The certificate signing request (CSR). Available only in UNINITIALIZED state. * cluster_certificates.0.aws_hardware_certificate - The HSM hardware certificate issued (signed) by AWS CloudHSM. * cluster_certificates.0.hsm_certificate - The HSM certificate issued (signed) by the HSM hardware. * cluster_certificates.0.manufacturer_hardware_certificate - The HSM hardware certificate issued (signed) by the hardware manufacturer. The number of available cluster certificates may vary depending on state of the cluster.

property clusterId

clusterId: string;

property clusterState

clusterState: string;

property id

id: string;

id is the provider-assigned unique ID for this managed resource.

property securityGroupId

securityGroupId: string;

The ID of the security group associated with the CloudHSM cluster.

property subnetIds

subnetIds: string[];

The IDs of subnets in which cluster operates.

property vpcId

vpcId: string;

The id of the VPC that the CloudHSM cluster resides in.

interface HsmArgs

The set of arguments for constructing a Hsm resource.

property availabilityZone

availabilityZone?: pulumi.Input<string>;

The IDs of AZ in which HSM module will be located. Do not use together with subnet_id.

property clusterId

clusterId: pulumi.Input<string>;

The ID of Cloud HSM v2 cluster to which HSM will be added.

property ipAddress

ipAddress?: pulumi.Input<string>;

The IP address of HSM module. Must be within the CIDR of selected subnet.

property subnetId

subnetId?: pulumi.Input<string>;

The ID of subnet in which HSM module will be located.

interface HsmState

Input properties used for looking up and filtering Hsm resources.

property availabilityZone

availabilityZone?: pulumi.Input<string>;

The IDs of AZ in which HSM module will be located. Do not use together with subnet_id.

property clusterId

clusterId?: pulumi.Input<string>;

The ID of Cloud HSM v2 cluster to which HSM will be added.

property hsmEniId

hsmEniId?: pulumi.Input<string>;

The id of the ENI interface allocated for HSM module.

property hsmId

hsmId?: pulumi.Input<string>;

The id of the HSM module.

property hsmState

hsmState?: pulumi.Input<string>;

The state of the HSM module.

property ipAddress

ipAddress?: pulumi.Input<string>;

The IP address of HSM module. Must be within the CIDR of selected subnet.

property subnetId

subnetId?: pulumi.Input<string>;

The ID of subnet in which HSM module will be located.