A low-level client representing AWS CloudHSM V2
For more information about AWS CloudHSM, see AWS CloudHSM and the AWS CloudHSM User Guide .
client = session.create_client('cloudhsmv2')
These are the available methods:
Check if an operation can be paginated.
operation_name (string) – The operation name. This is the same name
as the method name on the client. For example, if the
method name is create_foo
, and you’d normally invoke the
operation as client.create_foo(**kwargs)
, if the
create_foo
operation can be paginated, you can use the
call client.get_paginator("create_foo")
.
True
if the operation can be paginated,
False
otherwise.
Closes underlying endpoint connections.
Copy an AWS CloudHSM cluster backup to a different region.
See also: AWS API Documentation
Request Syntax
response = client.copy_backup_to_region(
DestinationRegion='string',
BackupId='string',
TagList=[
{
'Key': 'string',
'Value': 'string'
},
]
)
DestinationRegion (string) –
[REQUIRED]
The AWS region that will contain your copied CloudHSM cluster backup.
BackupId (string) –
[REQUIRED]
The ID of the backup that will be copied to the destination region.
TagList (list) –
Tags to apply to the destination backup during creation. If you specify tags, only these tags will be applied to the destination backup. If you do not specify tags, the service copies tags from the source backup to the destination backup.
(dict) –
Contains a tag. A tag is a key-value pair.
Key (string) – [REQUIRED]
The key of the tag.
Value (string) – [REQUIRED]
The value of the tag.
dict
Response Syntax
{
'DestinationBackup': {
'CreateTimestamp': datetime(2015, 1, 1),
'SourceRegion': 'string',
'SourceBackup': 'string',
'SourceCluster': 'string'
}
}
Response Structure
(dict) –
DestinationBackup (dict) –
Information on the backup that will be copied to the destination region, including CreateTimestamp, SourceBackup, SourceCluster, and Source Region. CreateTimestamp of the destination backup will be the same as that of the source backup.
You will need to use the sourceBackupID
returned in this operation to use the DescribeBackups operation on the backup that will be copied to the destination region.
CreateTimestamp (datetime) –
The date and time when both the source backup was created.
SourceRegion (string) –
The AWS region that contains the source backup from which the new backup was copied.
SourceBackup (string) –
The identifier (ID) of the source backup from which the new backup was copied.
SourceCluster (string) –
The identifier (ID) of the cluster containing the source backup from which the new backup was copied.
Exceptions
Creates a new AWS CloudHSM cluster.
See also: AWS API Documentation
Request Syntax
response = client.create_cluster(
BackupRetentionPolicy={
'Type': 'DAYS',
'Value': 'string'
},
HsmType='string',
SourceBackupId='string',
SubnetIds=[
'string',
],
TagList=[
{
'Key': 'string',
'Value': 'string'
},
]
)
BackupRetentionPolicy (dict) –
A policy that defines how the service retains backups.
Type (string) –
The type of backup retention policy. For the DAYS
type, the value is the number of days to retain backups.
Value (string) –
Use a value between 7 - 379.
HsmType (string) –
[REQUIRED]
The type of HSM to use in the cluster. Currently the only allowed value is hsm1.medium
.
SourceBackupId (string) – The identifier (ID) of the cluster backup to restore. Use this value to restore the cluster from a backup instead of creating a new cluster. To find the backup ID, use DescribeBackups .
SubnetIds (list) –
[REQUIRED]
The identifiers (IDs) of the subnets where you are creating the cluster. You must specify at least one subnet. If you specify multiple subnets, they must meet the following criteria:
All subnets must be in the same virtual private cloud (VPC).
You can specify only one subnet per Availability Zone.
(string) –
TagList (list) –
Tags to apply to the CloudHSM cluster during creation.
(dict) –
Contains a tag. A tag is a key-value pair.
Key (string) – [REQUIRED]
The key of the tag.
Value (string) – [REQUIRED]
The value of the tag.
dict
Response Syntax
{
'Cluster': {
'BackupPolicy': 'DEFAULT',
'BackupRetentionPolicy': {
'Type': 'DAYS',
'Value': 'string'
},
'ClusterId': 'string',
'CreateTimestamp': datetime(2015, 1, 1),
'Hsms': [
{
'AvailabilityZone': 'string',
'ClusterId': 'string',
'SubnetId': 'string',
'EniId': 'string',
'EniIp': 'string',
'HsmId': 'string',
'State': 'CREATE_IN_PROGRESS'|'ACTIVE'|'DEGRADED'|'DELETE_IN_PROGRESS'|'DELETED',
'StateMessage': 'string'
},
],
'HsmType': 'string',
'PreCoPassword': 'string',
'SecurityGroup': 'string',
'SourceBackupId': 'string',
'State': 'CREATE_IN_PROGRESS'|'UNINITIALIZED'|'INITIALIZE_IN_PROGRESS'|'INITIALIZED'|'ACTIVE'|'UPDATE_IN_PROGRESS'|'DELETE_IN_PROGRESS'|'DELETED'|'DEGRADED',
'StateMessage': 'string',
'SubnetMapping': {
'string': 'string'
},
'VpcId': 'string',
'Certificates': {
'ClusterCsr': 'string',
'HsmCertificate': 'string',
'AwsHardwareCertificate': 'string',
'ManufacturerHardwareCertificate': 'string',
'ClusterCertificate': 'string'
},
'TagList': [
{
'Key': 'string',
'Value': 'string'
},
]
}
}
Response Structure
(dict) –
Cluster (dict) –
Information about the cluster that was created.
BackupPolicy (string) –
The cluster’s backup policy.
BackupRetentionPolicy (dict) –
A policy that defines how the service retains backups.
Type (string) –
The type of backup retention policy. For the DAYS
type, the value is the number of days to retain backups.
Value (string) –
Use a value between 7 - 379.
ClusterId (string) –
The cluster’s identifier (ID).
CreateTimestamp (datetime) –
The date and time when the cluster was created.
Hsms (list) –
Contains information about the HSMs in the cluster.
(dict) –
Contains information about a hardware security module (HSM) in an AWS CloudHSM cluster.
AvailabilityZone (string) –
The Availability Zone that contains the HSM.
ClusterId (string) –
The identifier (ID) of the cluster that contains the HSM.
SubnetId (string) –
The subnet that contains the HSM’s elastic network interface (ENI).
EniId (string) –
The identifier (ID) of the HSM’s elastic network interface (ENI).
EniIp (string) –
The IP address of the HSM’s elastic network interface (ENI).
HsmId (string) –
The HSM’s identifier (ID).
State (string) –
The HSM’s state.
StateMessage (string) –
A description of the HSM’s state.
HsmType (string) –
The type of HSM that the cluster contains.
PreCoPassword (string) –
The default password for the cluster’s Pre-Crypto Officer (PRECO) user.
SecurityGroup (string) –
The identifier (ID) of the cluster’s security group.
SourceBackupId (string) –
The identifier (ID) of the backup used to create the cluster. This value exists only when the cluster was created from a backup.
State (string) –
The cluster’s state.
StateMessage (string) –
A description of the cluster’s state.
SubnetMapping (dict) –
A map from availability zone to the cluster’s subnet in that availability zone.
(string) –
(string) –
VpcId (string) –
The identifier (ID) of the virtual private cloud (VPC) that contains the cluster.
Certificates (dict) –
Contains one or more certificates or a certificate signing request (CSR).
ClusterCsr (string) –
The cluster’s certificate signing request (CSR). The CSR exists only when the cluster’s state is UNINITIALIZED
.
HsmCertificate (string) –
The HSM certificate issued (signed) by the HSM hardware.
AwsHardwareCertificate (string) –
The HSM hardware certificate issued (signed) by AWS CloudHSM.
ManufacturerHardwareCertificate (string) –
The HSM hardware certificate issued (signed) by the hardware manufacturer.
ClusterCertificate (string) –
The cluster certificate issued (signed) by the issuing certificate authority (CA) of the cluster’s owner.
TagList (list) –
The list of tags for the cluster.
(dict) –
Contains a tag. A tag is a key-value pair.
Key (string) –
The key of the tag.
Value (string) –
The value of the tag.
Exceptions
Creates a new hardware security module (HSM) in the specified AWS CloudHSM cluster.
See also: AWS API Documentation
Request Syntax
response = client.create_hsm(
ClusterId='string',
AvailabilityZone='string',
IpAddress='string'
)
ClusterId (string) –
[REQUIRED]
The identifier (ID) of the HSM’s cluster. To find the cluster ID, use DescribeClusters .
AvailabilityZone (string) –
[REQUIRED]
The Availability Zone where you are creating the HSM. To find the cluster’s Availability Zones, use DescribeClusters .
IpAddress (string) – The HSM’s IP address. If you specify an IP address, use an available address from the subnet that maps to the Availability Zone where you are creating the HSM. If you don’t specify an IP address, one is chosen for you from that subnet.
dict
Response Syntax
{
'Hsm': {
'AvailabilityZone': 'string',
'ClusterId': 'string',
'SubnetId': 'string',
'EniId': 'string',
'EniIp': 'string',
'HsmId': 'string',
'State': 'CREATE_IN_PROGRESS'|'ACTIVE'|'DEGRADED'|'DELETE_IN_PROGRESS'|'DELETED',
'StateMessage': 'string'
}
}
Response Structure
(dict) –
Hsm (dict) –
Information about the HSM that was created.
AvailabilityZone (string) –
The Availability Zone that contains the HSM.
ClusterId (string) –
The identifier (ID) of the cluster that contains the HSM.
SubnetId (string) –
The subnet that contains the HSM’s elastic network interface (ENI).
EniId (string) –
The identifier (ID) of the HSM’s elastic network interface (ENI).
EniIp (string) –
The IP address of the HSM’s elastic network interface (ENI).
HsmId (string) –
The HSM’s identifier (ID).
State (string) –
The HSM’s state.
StateMessage (string) –
A description of the HSM’s state.
Exceptions
Deletes a specified AWS CloudHSM backup. A backup can be restored up to 7 days after the DeleteBackup request is made. For more information on restoring a backup, see RestoreBackup .
See also: AWS API Documentation
Request Syntax
response = client.delete_backup(
BackupId='string'
)
BackupId (string) –
[REQUIRED]
The ID of the backup to be deleted. To find the ID of a backup, use the DescribeBackups operation.
dict
Response Syntax
{
'Backup': {
'BackupId': 'string',
'BackupState': 'CREATE_IN_PROGRESS'|'READY'|'DELETED'|'PENDING_DELETION',
'ClusterId': 'string',
'CreateTimestamp': datetime(2015, 1, 1),
'CopyTimestamp': datetime(2015, 1, 1),
'NeverExpires': True|False,
'SourceRegion': 'string',
'SourceBackup': 'string',
'SourceCluster': 'string',
'DeleteTimestamp': datetime(2015, 1, 1),
'TagList': [
{
'Key': 'string',
'Value': 'string'
},
]
}
}
Response Structure
(dict) –
Backup (dict) –
Information on the Backup
object deleted.
BackupId (string) –
The identifier (ID) of the backup.
BackupState (string) –
The state of the backup.
ClusterId (string) –
The identifier (ID) of the cluster that was backed up.
CreateTimestamp (datetime) –
The date and time when the backup was created.
CopyTimestamp (datetime) –
The date and time when the backup was copied from a source backup.
NeverExpires (boolean) –
Specifies whether the service should exempt a backup from the retention policy for the cluster. True
exempts a backup from the retention policy. False
means the service applies the backup retention policy defined at the cluster.
SourceRegion (string) –
The AWS Region that contains the source backup from which the new backup was copied.
SourceBackup (string) –
The identifier (ID) of the source backup from which the new backup was copied.
SourceCluster (string) –
The identifier (ID) of the cluster containing the source backup from which the new backup was copied.
DeleteTimestamp (datetime) –
The date and time when the backup will be permanently deleted.
TagList (list) –
The list of tags for the backup.
(dict) –
Contains a tag. A tag is a key-value pair.
Key (string) –
The key of the tag.
Value (string) –
The value of the tag.
Exceptions
Deletes the specified AWS CloudHSM cluster. Before you can delete a cluster, you must delete all HSMs in the cluster. To see if the cluster contains any HSMs, use DescribeClusters . To delete an HSM, use DeleteHsm .
See also: AWS API Documentation
Request Syntax
response = client.delete_cluster(
ClusterId='string'
)
ClusterId (string) –
[REQUIRED]
The identifier (ID) of the cluster that you are deleting. To find the cluster ID, use DescribeClusters .
dict
Response Syntax
{
'Cluster': {
'BackupPolicy': 'DEFAULT',
'BackupRetentionPolicy': {
'Type': 'DAYS',
'Value': 'string'
},
'ClusterId': 'string',
'CreateTimestamp': datetime(2015, 1, 1),
'Hsms': [
{
'AvailabilityZone': 'string',
'ClusterId': 'string',
'SubnetId': 'string',
'EniId': 'string',
'EniIp': 'string',
'HsmId': 'string',
'State': 'CREATE_IN_PROGRESS'|'ACTIVE'|'DEGRADED'|'DELETE_IN_PROGRESS'|'DELETED',
'StateMessage': 'string'
},
],
'HsmType': 'string',
'PreCoPassword': 'string',
'SecurityGroup': 'string',
'SourceBackupId': 'string',
'State': 'CREATE_IN_PROGRESS'|'UNINITIALIZED'|'INITIALIZE_IN_PROGRESS'|'INITIALIZED'|'ACTIVE'|'UPDATE_IN_PROGRESS'|'DELETE_IN_PROGRESS'|'DELETED'|'DEGRADED',
'StateMessage': 'string',
'SubnetMapping': {
'string': 'string'
},
'VpcId': 'string',
'Certificates': {
'ClusterCsr': 'string',
'HsmCertificate': 'string',
'AwsHardwareCertificate': 'string',
'ManufacturerHardwareCertificate': 'string',
'ClusterCertificate': 'string'
},
'TagList': [
{
'Key': 'string',
'Value': 'string'
},
]
}
}
Response Structure
(dict) –
Cluster (dict) –
Information about the cluster that was deleted.
BackupPolicy (string) –
The cluster’s backup policy.
BackupRetentionPolicy (dict) –
A policy that defines how the service retains backups.
Type (string) –
The type of backup retention policy. For the DAYS
type, the value is the number of days to retain backups.
Value (string) –
Use a value between 7 - 379.
ClusterId (string) –
The cluster’s identifier (ID).
CreateTimestamp (datetime) –
The date and time when the cluster was created.
Hsms (list) –
Contains information about the HSMs in the cluster.
(dict) –
Contains information about a hardware security module (HSM) in an AWS CloudHSM cluster.
AvailabilityZone (string) –
The Availability Zone that contains the HSM.
ClusterId (string) –
The identifier (ID) of the cluster that contains the HSM.
SubnetId (string) –
The subnet that contains the HSM’s elastic network interface (ENI).
EniId (string) –
The identifier (ID) of the HSM’s elastic network interface (ENI).
EniIp (string) –
The IP address of the HSM’s elastic network interface (ENI).
HsmId (string) –
The HSM’s identifier (ID).
State (string) –
The HSM’s state.
StateMessage (string) –
A description of the HSM’s state.
HsmType (string) –
The type of HSM that the cluster contains.
PreCoPassword (string) –
The default password for the cluster’s Pre-Crypto Officer (PRECO) user.
SecurityGroup (string) –
The identifier (ID) of the cluster’s security group.
SourceBackupId (string) –
The identifier (ID) of the backup used to create the cluster. This value exists only when the cluster was created from a backup.
State (string) –
The cluster’s state.
StateMessage (string) –
A description of the cluster’s state.
SubnetMapping (dict) –
A map from availability zone to the cluster’s subnet in that availability zone.
(string) –
(string) –
VpcId (string) –
The identifier (ID) of the virtual private cloud (VPC) that contains the cluster.
Certificates (dict) –
Contains one or more certificates or a certificate signing request (CSR).
ClusterCsr (string) –
The cluster’s certificate signing request (CSR). The CSR exists only when the cluster’s state is UNINITIALIZED
.
HsmCertificate (string) –
The HSM certificate issued (signed) by the HSM hardware.
AwsHardwareCertificate (string) –
The HSM hardware certificate issued (signed) by AWS CloudHSM.
ManufacturerHardwareCertificate (string) –
The HSM hardware certificate issued (signed) by the hardware manufacturer.
ClusterCertificate (string) –
The cluster certificate issued (signed) by the issuing certificate authority (CA) of the cluster’s owner.
TagList (list) –
The list of tags for the cluster.
(dict) –
Contains a tag. A tag is a key-value pair.
Key (string) –
The key of the tag.
Value (string) –
The value of the tag.
Exceptions
Deletes the specified HSM. To specify an HSM, you can use its identifier (ID), the IP address of the HSM’s elastic network interface (ENI), or the ID of the HSM’s ENI. You need to specify only one of these values. To find these values, use DescribeClusters .
See also: AWS API Documentation
Request Syntax
response = client.delete_hsm(
ClusterId='string',
HsmId='string',
EniId='string',
EniIp='string'
)
ClusterId (string) –
[REQUIRED]
The identifier (ID) of the cluster that contains the HSM that you are deleting.
HsmId (string) – The identifier (ID) of the HSM that you are deleting.
EniId (string) – The identifier (ID) of the elastic network interface (ENI) of the HSM that you are deleting.
EniIp (string) – The IP address of the elastic network interface (ENI) of the HSM that you are deleting.
dict
Response Syntax
{
'HsmId': 'string'
}
Response Structure
(dict) –
HsmId (string) –
The identifier (ID) of the HSM that was deleted.
Exceptions
Gets information about backups of AWS CloudHSM clusters.
This is a paginated operation, which means that each response might contain only a subset of all the backups. When the response contains only a subset of backups, it includes a NextToken
value. Use this value in a subsequent DescribeBackups
request to get more backups. When you receive a response with no NextToken
(or an empty or null value), that means there are no more backups to get.
See also: AWS API Documentation
Request Syntax
response = client.describe_backups(
NextToken='string',
MaxResults=123,
Filters={
'string': [
'string',
]
},
SortAscending=True|False
)
NextToken (string) – The NextToken
value that you received in the previous response. Use this value to get more backups.
MaxResults (integer) – The maximum number of backups to return in the response. When there are more backups than the number you specify, the response contains a NextToken
value.
Filters (dict) –
One or more filters to limit the items returned in the response.
Use the backupIds
filter to return only the specified backups. Specify backups by their backup identifier (ID).
Use the sourceBackupIds
filter to return only the backups created from a source backup. The sourceBackupID
of a source backup is returned by the CopyBackupToRegion operation.
Use the clusterIds
filter to return only the backups for the specified clusters. Specify clusters by their cluster identifier (ID).
Use the states
filter to return only backups that match the specified state.
Use the neverExpires
filter to return backups filtered by the value in the neverExpires
parameter. True
returns all backups exempt from the backup retention policy. False
returns all backups with a backup retention policy defined at the cluster.
(string) –
(list) –
(string) –
SortAscending (boolean) – Designates whether or not to sort the return backups by ascending chronological order of generation.
dict
Response Syntax
{
'Backups': [
{
'BackupId': 'string',
'BackupState': 'CREATE_IN_PROGRESS'|'READY'|'DELETED'|'PENDING_DELETION',
'ClusterId': 'string',
'CreateTimestamp': datetime(2015, 1, 1),
'CopyTimestamp': datetime(2015, 1, 1),
'NeverExpires': True|False,
'SourceRegion': 'string',
'SourceBackup': 'string',
'SourceCluster': 'string',
'DeleteTimestamp': datetime(2015, 1, 1),
'TagList': [
{
'Key': 'string',
'Value': 'string'
},
]
},
],
'NextToken': 'string'
}
Response Structure
(dict) –
Backups (list) –
A list of backups.
(dict) –
Contains information about a backup of an AWS CloudHSM cluster. All backup objects contain the BackupId
, BackupState
, ClusterId
, and CreateTimestamp
parameters. Backups that were copied into a destination region additionally contain the CopyTimestamp
, SourceBackup
, SourceCluster
, and SourceRegion
parameters. A backup that is pending deletion will include the DeleteTimestamp
parameter.
BackupId (string) –
The identifier (ID) of the backup.
BackupState (string) –
The state of the backup.
ClusterId (string) –
The identifier (ID) of the cluster that was backed up.
CreateTimestamp (datetime) –
The date and time when the backup was created.
CopyTimestamp (datetime) –
The date and time when the backup was copied from a source backup.
NeverExpires (boolean) –
Specifies whether the service should exempt a backup from the retention policy for the cluster. True
exempts a backup from the retention policy. False
means the service applies the backup retention policy defined at the cluster.
SourceRegion (string) –
The AWS Region that contains the source backup from which the new backup was copied.
SourceBackup (string) –
The identifier (ID) of the source backup from which the new backup was copied.
SourceCluster (string) –
The identifier (ID) of the cluster containing the source backup from which the new backup was copied.
DeleteTimestamp (datetime) –
The date and time when the backup will be permanently deleted.
TagList (list) –
The list of tags for the backup.
(dict) –
Contains a tag. A tag is a key-value pair.
Key (string) –
The key of the tag.
Value (string) –
The value of the tag.
NextToken (string) –
An opaque string that indicates that the response contains only a subset of backups. Use this value in a subsequent DescribeBackups
request to get more backups.
Exceptions
Gets information about AWS CloudHSM clusters.
This is a paginated operation, which means that each response might contain only a subset of all the clusters. When the response contains only a subset of clusters, it includes a NextToken
value. Use this value in a subsequent DescribeClusters
request to get more clusters. When you receive a response with no NextToken
(or an empty or null value), that means there are no more clusters to get.
See also: AWS API Documentation
Request Syntax
response = client.describe_clusters(
Filters={
'string': [
'string',
]
},
NextToken='string',
MaxResults=123
)
Filters (dict) –
One or more filters to limit the items returned in the response.
Use the clusterIds
filter to return only the specified clusters. Specify clusters by their cluster identifier (ID).
Use the vpcIds
filter to return only the clusters in the specified virtual private clouds (VPCs). Specify VPCs by their VPC identifier (ID).
Use the states
filter to return only clusters that match the specified state.
(string) –
(list) –
(string) –
NextToken (string) – The NextToken
value that you received in the previous response. Use this value to get more clusters.
MaxResults (integer) – The maximum number of clusters to return in the response. When there are more clusters than the number you specify, the response contains a NextToken
value.
dict
Response Syntax
{
'Clusters': [
{
'BackupPolicy': 'DEFAULT',
'BackupRetentionPolicy': {
'Type': 'DAYS',
'Value': 'string'
},
'ClusterId': 'string',
'CreateTimestamp': datetime(2015, 1, 1),
'Hsms': [
{
'AvailabilityZone': 'string',
'ClusterId': 'string',
'SubnetId': 'string',
'EniId': 'string',
'EniIp': 'string',
'HsmId': 'string',
'State': 'CREATE_IN_PROGRESS'|'ACTIVE'|'DEGRADED'|'DELETE_IN_PROGRESS'|'DELETED',
'StateMessage': 'string'
},
],
'HsmType': 'string',
'PreCoPassword': 'string',
'SecurityGroup': 'string',
'SourceBackupId': 'string',
'State': 'CREATE_IN_PROGRESS'|'UNINITIALIZED'|'INITIALIZE_IN_PROGRESS'|'INITIALIZED'|'ACTIVE'|'UPDATE_IN_PROGRESS'|'DELETE_IN_PROGRESS'|'DELETED'|'DEGRADED',
'StateMessage': 'string',
'SubnetMapping': {
'string': 'string'
},
'VpcId': 'string',
'Certificates': {
'ClusterCsr': 'string',
'HsmCertificate': 'string',
'AwsHardwareCertificate': 'string',
'ManufacturerHardwareCertificate': 'string',
'ClusterCertificate': 'string'
},
'TagList': [
{
'Key': 'string',
'Value': 'string'
},
]
},
],
'NextToken': 'string'
}
Response Structure
(dict) –
Clusters (list) –
A list of clusters.
(dict) –
Contains information about an AWS CloudHSM cluster.
BackupPolicy (string) –
The cluster’s backup policy.
BackupRetentionPolicy (dict) –
A policy that defines how the service retains backups.
Type (string) –
The type of backup retention policy. For the DAYS
type, the value is the number of days to retain backups.
Value (string) –
Use a value between 7 - 379.
ClusterId (string) –
The cluster’s identifier (ID).
CreateTimestamp (datetime) –
The date and time when the cluster was created.
Hsms (list) –
Contains information about the HSMs in the cluster.
(dict) –
Contains information about a hardware security module (HSM) in an AWS CloudHSM cluster.
AvailabilityZone (string) –
The Availability Zone that contains the HSM.
ClusterId (string) –
The identifier (ID) of the cluster that contains the HSM.
SubnetId (string) –
The subnet that contains the HSM’s elastic network interface (ENI).
EniId (string) –
The identifier (ID) of the HSM’s elastic network interface (ENI).
EniIp (string) –
The IP address of the HSM’s elastic network interface (ENI).
HsmId (string) –
The HSM’s identifier (ID).
State (string) –
The HSM’s state.
StateMessage (string) –
A description of the HSM’s state.
HsmType (string) –
The type of HSM that the cluster contains.
PreCoPassword (string) –
The default password for the cluster’s Pre-Crypto Officer (PRECO) user.
SecurityGroup (string) –
The identifier (ID) of the cluster’s security group.
SourceBackupId (string) –
The identifier (ID) of the backup used to create the cluster. This value exists only when the cluster was created from a backup.
State (string) –
The cluster’s state.
StateMessage (string) –
A description of the cluster’s state.
SubnetMapping (dict) –
A map from availability zone to the cluster’s subnet in that availability zone.
(string) –
(string) –
VpcId (string) –
The identifier (ID) of the virtual private cloud (VPC) that contains the cluster.
Certificates (dict) –
Contains one or more certificates or a certificate signing request (CSR).
ClusterCsr (string) –
The cluster’s certificate signing request (CSR). The CSR exists only when the cluster’s state is UNINITIALIZED
.
HsmCertificate (string) –
The HSM certificate issued (signed) by the HSM hardware.
AwsHardwareCertificate (string) –
The HSM hardware certificate issued (signed) by AWS CloudHSM.
ManufacturerHardwareCertificate (string) –
The HSM hardware certificate issued (signed) by the hardware manufacturer.
ClusterCertificate (string) –
The cluster certificate issued (signed) by the issuing certificate authority (CA) of the cluster’s owner.
TagList (list) –
The list of tags for the cluster.
(dict) –
Contains a tag. A tag is a key-value pair.
Key (string) –
The key of the tag.
Value (string) –
The value of the tag.
NextToken (string) –
An opaque string that indicates that the response contains only a subset of clusters. Use this value in a subsequent DescribeClusters
request to get more clusters.
Exceptions
Create a paginator for an operation.
operation_name (string) – The operation name. This is the same name
as the method name on the client. For example, if the
method name is create_foo
, and you’d normally invoke the
operation as client.create_foo(**kwargs)
, if the
create_foo
operation can be paginated, you can use the
call client.get_paginator("create_foo")
.
OperationNotPageableError – Raised if the operation is not
pageable. You can use the client.can_paginate
method to
check if an operation is pageable.
L{botocore.paginate.Paginator}
A paginator object.
Returns an object that can wait for some condition.
waiter_name (str) – The name of the waiter to get. See the waiters section of the service docs for a list of available waiters.
The specified waiter object.
botocore.waiter.Waiter
Claims an AWS CloudHSM cluster by submitting the cluster certificate issued by your issuing certificate authority (CA) and the CA’s root certificate. Before you can claim a cluster, you must sign the cluster’s certificate signing request (CSR) with your issuing CA. To get the cluster’s CSR, use DescribeClusters .
See also: AWS API Documentation
Request Syntax
response = client.initialize_cluster(
ClusterId='string',
SignedCert='string',
TrustAnchor='string'
)
ClusterId (string) –
[REQUIRED]
The identifier (ID) of the cluster that you are claiming. To find the cluster ID, use DescribeClusters .
SignedCert (string) –
[REQUIRED]
The cluster certificate issued (signed) by your issuing certificate authority (CA). The certificate must be in PEM format and can contain a maximum of 5000 characters.
TrustAnchor (string) –
[REQUIRED]
The issuing certificate of the issuing certificate authority (CA) that issued (signed) the cluster certificate. You must use a self-signed certificate. The certificate used to sign the HSM CSR must be directly available, and thus must be the root certificate. The certificate must be in PEM format and can contain a maximum of 5000 characters.
dict
Response Syntax
{
'State': 'CREATE_IN_PROGRESS'|'UNINITIALIZED'|'INITIALIZE_IN_PROGRESS'|'INITIALIZED'|'ACTIVE'|'UPDATE_IN_PROGRESS'|'DELETE_IN_PROGRESS'|'DELETED'|'DEGRADED',
'StateMessage': 'string'
}
Response Structure
(dict) –
State (string) –
The cluster’s state.
StateMessage (string) –
A description of the cluster’s state.
Exceptions
Gets a list of tags for the specified AWS CloudHSM cluster.
This is a paginated operation, which means that each response might contain only a subset of all the tags. When the response contains only a subset of tags, it includes a NextToken
value. Use this value in a subsequent ListTags
request to get more tags. When you receive a response with no NextToken
(or an empty or null value), that means there are no more tags to get.
See also: AWS API Documentation
Request Syntax
response = client.list_tags(
ResourceId='string',
NextToken='string',
MaxResults=123
)
ResourceId (string) –
[REQUIRED]
The cluster identifier (ID) for the cluster whose tags you are getting. To find the cluster ID, use DescribeClusters .
NextToken (string) – The NextToken
value that you received in the previous response. Use this value to get more tags.
MaxResults (integer) – The maximum number of tags to return in the response. When there are more tags than the number you specify, the response contains a NextToken
value.
dict
Response Syntax
{
'TagList': [
{
'Key': 'string',
'Value': 'string'
},
],
'NextToken': 'string'
}
Response Structure
(dict) –
TagList (list) –
A list of tags.
(dict) –
Contains a tag. A tag is a key-value pair.
Key (string) –
The key of the tag.
Value (string) –
The value of the tag.
NextToken (string) –
An opaque string that indicates that the response contains only a subset of tags. Use this value in a subsequent ListTags
request to get more tags.
Exceptions
Modifies attributes for AWS CloudHSM backup.
See also: AWS API Documentation
Request Syntax
response = client.modify_backup_attributes(
BackupId='string',
NeverExpires=True|False
)
BackupId (string) –
[REQUIRED]
The identifier (ID) of the backup to modify. To find the ID of a backup, use the DescribeBackups operation.
NeverExpires (boolean) –
[REQUIRED]
Specifies whether the service should exempt a backup from the retention policy for the cluster. True
exempts a backup from the retention policy. False
means the service applies the backup retention policy defined at the cluster.
dict
Response Syntax
{
'Backup': {
'BackupId': 'string',
'BackupState': 'CREATE_IN_PROGRESS'|'READY'|'DELETED'|'PENDING_DELETION',
'ClusterId': 'string',
'CreateTimestamp': datetime(2015, 1, 1),
'CopyTimestamp': datetime(2015, 1, 1),
'NeverExpires': True|False,
'SourceRegion': 'string',
'SourceBackup': 'string',
'SourceCluster': 'string',
'DeleteTimestamp': datetime(2015, 1, 1),
'TagList': [
{
'Key': 'string',
'Value': 'string'
},
]
}
}
Response Structure
(dict) –
Backup (dict) –
Contains information about a backup of an AWS CloudHSM cluster. All backup objects contain the BackupId
, BackupState
, ClusterId
, and CreateTimestamp
parameters. Backups that were copied into a destination region additionally contain the CopyTimestamp
, SourceBackup
, SourceCluster
, and SourceRegion
parameters. A backup that is pending deletion will include the DeleteTimestamp
parameter.
BackupId (string) –
The identifier (ID) of the backup.
BackupState (string) –
The state of the backup.
ClusterId (string) –
The identifier (ID) of the cluster that was backed up.
CreateTimestamp (datetime) –
The date and time when the backup was created.
CopyTimestamp (datetime) –
The date and time when the backup was copied from a source backup.
NeverExpires (boolean) –
Specifies whether the service should exempt a backup from the retention policy for the cluster. True
exempts a backup from the retention policy. False
means the service applies the backup retention policy defined at the cluster.
SourceRegion (string) –
The AWS Region that contains the source backup from which the new backup was copied.
SourceBackup (string) –
The identifier (ID) of the source backup from which the new backup was copied.
SourceCluster (string) –
The identifier (ID) of the cluster containing the source backup from which the new backup was copied.
DeleteTimestamp (datetime) –
The date and time when the backup will be permanently deleted.
TagList (list) –
The list of tags for the backup.
(dict) –
Contains a tag. A tag is a key-value pair.
Key (string) –
The key of the tag.
Value (string) –
The value of the tag.
Exceptions
Modifies AWS CloudHSM cluster.
See also: AWS API Documentation
Request Syntax
response = client.modify_cluster(
BackupRetentionPolicy={
'Type': 'DAYS',
'Value': 'string'
},
ClusterId='string'
)
BackupRetentionPolicy (dict) –
[REQUIRED]
A policy that defines how the service retains backups.
Type (string) –
The type of backup retention policy. For the DAYS
type, the value is the number of days to retain backups.
Value (string) –
Use a value between 7 - 379.
ClusterId (string) –
[REQUIRED]
The identifier (ID) of the cluster that you want to modify. To find the cluster ID, use DescribeClusters .
dict
Response Syntax
{
'Cluster': {
'BackupPolicy': 'DEFAULT',
'BackupRetentionPolicy': {
'Type': 'DAYS',
'Value': 'string'
},
'ClusterId': 'string',
'CreateTimestamp': datetime(2015, 1, 1),
'Hsms': [
{
'AvailabilityZone': 'string',
'ClusterId': 'string',
'SubnetId': 'string',
'EniId': 'string',
'EniIp': 'string',
'HsmId': 'string',
'State': 'CREATE_IN_PROGRESS'|'ACTIVE'|'DEGRADED'|'DELETE_IN_PROGRESS'|'DELETED',
'StateMessage': 'string'
},
],
'HsmType': 'string',
'PreCoPassword': 'string',
'SecurityGroup': 'string',
'SourceBackupId': 'string',
'State': 'CREATE_IN_PROGRESS'|'UNINITIALIZED'|'INITIALIZE_IN_PROGRESS'|'INITIALIZED'|'ACTIVE'|'UPDATE_IN_PROGRESS'|'DELETE_IN_PROGRESS'|'DELETED'|'DEGRADED',
'StateMessage': 'string',
'SubnetMapping': {
'string': 'string'
},
'VpcId': 'string',
'Certificates': {
'ClusterCsr': 'string',
'HsmCertificate': 'string',
'AwsHardwareCertificate': 'string',
'ManufacturerHardwareCertificate': 'string',
'ClusterCertificate': 'string'
},
'TagList': [
{
'Key': 'string',
'Value': 'string'
},
]
}
}
Response Structure
(dict) –
Cluster (dict) –
Contains information about an AWS CloudHSM cluster.
BackupPolicy (string) –
The cluster’s backup policy.
BackupRetentionPolicy (dict) –
A policy that defines how the service retains backups.
Type (string) –
The type of backup retention policy. For the DAYS
type, the value is the number of days to retain backups.
Value (string) –
Use a value between 7 - 379.
ClusterId (string) –
The cluster’s identifier (ID).
CreateTimestamp (datetime) –
The date and time when the cluster was created.
Hsms (list) –
Contains information about the HSMs in the cluster.
(dict) –
Contains information about a hardware security module (HSM) in an AWS CloudHSM cluster.
AvailabilityZone (string) –
The Availability Zone that contains the HSM.
ClusterId (string) –
The identifier (ID) of the cluster that contains the HSM.
SubnetId (string) –
The subnet that contains the HSM’s elastic network interface (ENI).
EniId (string) –
The identifier (ID) of the HSM’s elastic network interface (ENI).
EniIp (string) –
The IP address of the HSM’s elastic network interface (ENI).
HsmId (string) –
The HSM’s identifier (ID).
State (string) –
The HSM’s state.
StateMessage (string) –
A description of the HSM’s state.
HsmType (string) –
The type of HSM that the cluster contains.
PreCoPassword (string) –
The default password for the cluster’s Pre-Crypto Officer (PRECO) user.
SecurityGroup (string) –
The identifier (ID) of the cluster’s security group.
SourceBackupId (string) –
The identifier (ID) of the backup used to create the cluster. This value exists only when the cluster was created from a backup.
State (string) –
The cluster’s state.
StateMessage (string) –
A description of the cluster’s state.
SubnetMapping (dict) –
A map from availability zone to the cluster’s subnet in that availability zone.
(string) –
(string) –
VpcId (string) –
The identifier (ID) of the virtual private cloud (VPC) that contains the cluster.
Certificates (dict) –
Contains one or more certificates or a certificate signing request (CSR).
ClusterCsr (string) –
The cluster’s certificate signing request (CSR). The CSR exists only when the cluster’s state is UNINITIALIZED
.
HsmCertificate (string) –
The HSM certificate issued (signed) by the HSM hardware.
AwsHardwareCertificate (string) –
The HSM hardware certificate issued (signed) by AWS CloudHSM.
ManufacturerHardwareCertificate (string) –
The HSM hardware certificate issued (signed) by the hardware manufacturer.
ClusterCertificate (string) –
The cluster certificate issued (signed) by the issuing certificate authority (CA) of the cluster’s owner.
TagList (list) –
The list of tags for the cluster.
(dict) –
Contains a tag. A tag is a key-value pair.
Key (string) –
The key of the tag.
Value (string) –
The value of the tag.
Exceptions
Restores a specified AWS CloudHSM backup that is in the PENDING_DELETION
state. For mor information on deleting a backup, see DeleteBackup .
See also: AWS API Documentation
Request Syntax
response = client.restore_backup(
BackupId='string'
)
BackupId (string) –
[REQUIRED]
The ID of the backup to be restored. To find the ID of a backup, use the DescribeBackups operation.
dict
Response Syntax
{
'Backup': {
'BackupId': 'string',
'BackupState': 'CREATE_IN_PROGRESS'|'READY'|'DELETED'|'PENDING_DELETION',
'ClusterId': 'string',
'CreateTimestamp': datetime(2015, 1, 1),
'CopyTimestamp': datetime(2015, 1, 1),
'NeverExpires': True|False,
'SourceRegion': 'string',
'SourceBackup': 'string',
'SourceCluster': 'string',
'DeleteTimestamp': datetime(2015, 1, 1),
'TagList': [
{
'Key': 'string',
'Value': 'string'
},
]
}
}
Response Structure
(dict) –
Backup (dict) –
Information on the Backup
object created.
BackupId (string) –
The identifier (ID) of the backup.
BackupState (string) –
The state of the backup.
ClusterId (string) –
The identifier (ID) of the cluster that was backed up.
CreateTimestamp (datetime) –
The date and time when the backup was created.
CopyTimestamp (datetime) –
The date and time when the backup was copied from a source backup.
NeverExpires (boolean) –
Specifies whether the service should exempt a backup from the retention policy for the cluster. True
exempts a backup from the retention policy. False
means the service applies the backup retention policy defined at the cluster.
SourceRegion (string) –
The AWS Region that contains the source backup from which the new backup was copied.
SourceBackup (string) –
The identifier (ID) of the source backup from which the new backup was copied.
SourceCluster (string) –
The identifier (ID) of the cluster containing the source backup from which the new backup was copied.
DeleteTimestamp (datetime) –
The date and time when the backup will be permanently deleted.
TagList (list) –
The list of tags for the backup.
(dict) –
Contains a tag. A tag is a key-value pair.
Key (string) –
The key of the tag.
Value (string) –
The value of the tag.
Exceptions
Adds or overwrites one or more tags for the specified AWS CloudHSM cluster.
See also: AWS API Documentation
Request Syntax
response = client.tag_resource(
ResourceId='string',
TagList=[
{
'Key': 'string',
'Value': 'string'
},
]
)
ResourceId (string) –
[REQUIRED]
The cluster identifier (ID) for the cluster that you are tagging. To find the cluster ID, use DescribeClusters .
TagList (list) –
[REQUIRED]
A list of one or more tags.
(dict) –
Contains a tag. A tag is a key-value pair.
Key (string) – [REQUIRED]
The key of the tag.
Value (string) – [REQUIRED]
The value of the tag.
dict
Response Syntax
{}
Response Structure
(dict) –
Exceptions
Removes the specified tag or tags from the specified AWS CloudHSM cluster.
See also: AWS API Documentation
Request Syntax
response = client.untag_resource(
ResourceId='string',
TagKeyList=[
'string',
]
)
ResourceId (string) –
[REQUIRED]
The cluster identifier (ID) for the cluster whose tags you are removing. To find the cluster ID, use DescribeClusters .
TagKeyList (list) –
[REQUIRED]
A list of one or more tag keys for the tags that you are removing. Specify only the tag keys, not the tag values.
(string) –
dict
Response Syntax
{}
Response Structure
(dict) –
Exceptions
Client exceptions are available on a client instance via the exceptions
property. For more detailed instructions and examples on the exact usage of client exceptions, see the error handling user guide.
The available client exceptions are:
CloudHSMV2.Client.exceptions.CloudHsmInternalFailureException
CloudHSMV2.Client.exceptions.CloudHsmInvalidRequestException
CloudHSMV2.Client.exceptions.CloudHsmResourceNotFoundException
The request was rejected because the requester does not have permission to perform the requested operation.
Example
try:
...
except client.exceptions.CloudHsmAccessDeniedException as e:
print(e.response)
The parsed error response. All exceptions have a top level Error
key that provides normalized access to common exception atrributes. All other keys are specific to this service or exception class.
Syntax
{
'Message': 'string',
'Error': {
'Code': 'string',
'Message': 'string'
}
}
Structure
(dict) –
The request was rejected because the requester does not have permission to perform the requested operation.
Message (string) –
Error (dict) – Normalized access to common exception attributes.
Code (string) – An identifier specifying the exception type.
Message (string) – A descriptive message explaining why the exception occured.
The request was rejected because of an AWS CloudHSM internal failure. The request can be retried.
Example
try:
...
except client.exceptions.CloudHsmInternalFailureException as e:
print(e.response)
The parsed error response. All exceptions have a top level Error
key that provides normalized access to common exception atrributes. All other keys are specific to this service or exception class.
Syntax
{
'Message': 'string',
'Error': {
'Code': 'string',
'Message': 'string'
}
}
Structure
(dict) –
The request was rejected because of an AWS CloudHSM internal failure. The request can be retried.
Message (string) –
Error (dict) – Normalized access to common exception attributes.
Code (string) – An identifier specifying the exception type.
Message (string) – A descriptive message explaining why the exception occured.
The request was rejected because it is not a valid request.
Example
try:
...
except client.exceptions.CloudHsmInvalidRequestException as e:
print(e.response)
The parsed error response. All exceptions have a top level Error
key that provides normalized access to common exception atrributes. All other keys are specific to this service or exception class.
Syntax
{
'Message': 'string',
'Error': {
'Code': 'string',
'Message': 'string'
}
}
Structure
(dict) –
The request was rejected because it is not a valid request.
Message (string) –
Error (dict) – Normalized access to common exception attributes.
Code (string) – An identifier specifying the exception type.
Message (string) – A descriptive message explaining why the exception occured.
The request was rejected because it refers to a resource that cannot be found.
Example
try:
...
except client.exceptions.CloudHsmResourceNotFoundException as e:
print(e.response)
The parsed error response. All exceptions have a top level Error
key that provides normalized access to common exception atrributes. All other keys are specific to this service or exception class.
Syntax
{
'Message': 'string',
'Error': {
'Code': 'string',
'Message': 'string'
}
}
Structure
(dict) –
The request was rejected because it refers to a resource that cannot be found.
Message (string) –
Error (dict) – Normalized access to common exception attributes.
Code (string) – An identifier specifying the exception type.
Message (string) – A descriptive message explaining why the exception occured.
The request was rejected because an error occurred.
Example
try:
...
except client.exceptions.CloudHsmServiceException as e:
print(e.response)
The parsed error response. All exceptions have a top level Error
key that provides normalized access to common exception atrributes. All other keys are specific to this service or exception class.
Syntax
{
'Message': 'string',
'Error': {
'Code': 'string',
'Message': 'string'
}
}
Structure
(dict) –
The request was rejected because an error occurred.
Message (string) –
Error (dict) – Normalized access to common exception attributes.
Code (string) – An identifier specifying the exception type.
Message (string) – A descriptive message explaining why the exception occured.
The request was rejected because of a tagging failure. Verify the tag conditions in all applicable policies, and then retry the request.
Example
try:
...
except client.exceptions.CloudHsmTagException as e:
print(e.response)
The parsed error response. All exceptions have a top level Error
key that provides normalized access to common exception atrributes. All other keys are specific to this service or exception class.
Syntax
{
'Message': 'string',
'Error': {
'Code': 'string',
'Message': 'string'
}
}
Structure
(dict) –
The request was rejected because of a tagging failure. Verify the tag conditions in all applicable policies, and then retry the request.
Message (string) –
Error (dict) – Normalized access to common exception attributes.
Code (string) – An identifier specifying the exception type.
Message (string) – A descriptive message explaining why the exception occured.
The available paginators are:
paginator = client.get_paginator('describe_backups')
Creates an iterator that will paginate through responses from CloudHSMV2.Client.describe_backups()
.
See also: AWS API Documentation
Request Syntax
response_iterator = paginator.paginate(
Filters={
'string': [
'string',
]
},
SortAscending=True|False,
PaginationConfig={
'MaxItems': 123,
'PageSize': 123,
'StartingToken': 'string'
}
)
Filters (dict) –
One or more filters to limit the items returned in the response.
Use the backupIds
filter to return only the specified backups. Specify backups by their backup identifier (ID).
Use the sourceBackupIds
filter to return only the backups created from a source backup. The sourceBackupID
of a source backup is returned by the CopyBackupToRegion operation.
Use the clusterIds
filter to return only the backups for the specified clusters. Specify clusters by their cluster identifier (ID).
Use the states
filter to return only backups that match the specified state.
Use the neverExpires
filter to return backups filtered by the value in the neverExpires
parameter. True
returns all backups exempt from the backup retention policy. False
returns all backups with a backup retention policy defined at the cluster.
(string) –
(list) –
(string) –
SortAscending (boolean) – Designates whether or not to sort the return backups by ascending chronological order of generation.
PaginationConfig (dict) –
A dictionary that provides parameters to control pagination.
MaxItems (integer) –
The total number of items to return. If the total number of items available is more than the value specified in max-items then a NextToken
will be provided in the output that you can use to resume pagination.
PageSize (integer) –
The size of each page.
StartingToken (string) –
A token to specify where to start paginating. This is the NextToken
from a previous response.
dict
Response Syntax
{
'Backups': [
{
'BackupId': 'string',
'BackupState': 'CREATE_IN_PROGRESS'|'READY'|'DELETED'|'PENDING_DELETION',
'ClusterId': 'string',
'CreateTimestamp': datetime(2015, 1, 1),
'CopyTimestamp': datetime(2015, 1, 1),
'NeverExpires': True|False,
'SourceRegion': 'string',
'SourceBackup': 'string',
'SourceCluster': 'string',
'DeleteTimestamp': datetime(2015, 1, 1),
'TagList': [
{
'Key': 'string',
'Value': 'string'
},
]
},
],
}
Response Structure
(dict) –
Backups (list) –
A list of backups.
(dict) –
Contains information about a backup of an AWS CloudHSM cluster. All backup objects contain the BackupId
, BackupState
, ClusterId
, and CreateTimestamp
parameters. Backups that were copied into a destination region additionally contain the CopyTimestamp
, SourceBackup
, SourceCluster
, and SourceRegion
parameters. A backup that is pending deletion will include the DeleteTimestamp
parameter.
BackupId (string) –
The identifier (ID) of the backup.
BackupState (string) –
The state of the backup.
ClusterId (string) –
The identifier (ID) of the cluster that was backed up.
CreateTimestamp (datetime) –
The date and time when the backup was created.
CopyTimestamp (datetime) –
The date and time when the backup was copied from a source backup.
NeverExpires (boolean) –
Specifies whether the service should exempt a backup from the retention policy for the cluster. True
exempts a backup from the retention policy. False
means the service applies the backup retention policy defined at the cluster.
SourceRegion (string) –
The AWS Region that contains the source backup from which the new backup was copied.
SourceBackup (string) –
The identifier (ID) of the source backup from which the new backup was copied.
SourceCluster (string) –
The identifier (ID) of the cluster containing the source backup from which the new backup was copied.
DeleteTimestamp (datetime) –
The date and time when the backup will be permanently deleted.
TagList (list) –
The list of tags for the backup.
(dict) –
Contains a tag. A tag is a key-value pair.
Key (string) –
The key of the tag.
Value (string) –
The value of the tag.
paginator = client.get_paginator('describe_clusters')
Creates an iterator that will paginate through responses from CloudHSMV2.Client.describe_clusters()
.
See also: AWS API Documentation
Request Syntax
response_iterator = paginator.paginate(
Filters={
'string': [
'string',
]
},
PaginationConfig={
'MaxItems': 123,
'PageSize': 123,
'StartingToken': 'string'
}
)
Filters (dict) –
One or more filters to limit the items returned in the response.
Use the clusterIds
filter to return only the specified clusters. Specify clusters by their cluster identifier (ID).
Use the vpcIds
filter to return only the clusters in the specified virtual private clouds (VPCs). Specify VPCs by their VPC identifier (ID).
Use the states
filter to return only clusters that match the specified state.
(string) –
(list) –
(string) –
PaginationConfig (dict) –
A dictionary that provides parameters to control pagination.
MaxItems (integer) –
The total number of items to return. If the total number of items available is more than the value specified in max-items then a NextToken
will be provided in the output that you can use to resume pagination.
PageSize (integer) –
The size of each page.
StartingToken (string) –
A token to specify where to start paginating. This is the NextToken
from a previous response.
dict
Response Syntax
{
'Clusters': [
{
'BackupPolicy': 'DEFAULT',
'BackupRetentionPolicy': {
'Type': 'DAYS',
'Value': 'string'
},
'ClusterId': 'string',
'CreateTimestamp': datetime(2015, 1, 1),
'Hsms': [
{
'AvailabilityZone': 'string',
'ClusterId': 'string',
'SubnetId': 'string',
'EniId': 'string',
'EniIp': 'string',
'HsmId': 'string',
'State': 'CREATE_IN_PROGRESS'|'ACTIVE'|'DEGRADED'|'DELETE_IN_PROGRESS'|'DELETED',
'StateMessage': 'string'
},
],
'HsmType': 'string',
'PreCoPassword': 'string',
'SecurityGroup': 'string',
'SourceBackupId': 'string',
'State': 'CREATE_IN_PROGRESS'|'UNINITIALIZED'|'INITIALIZE_IN_PROGRESS'|'INITIALIZED'|'ACTIVE'|'UPDATE_IN_PROGRESS'|'DELETE_IN_PROGRESS'|'DELETED'|'DEGRADED',
'StateMessage': 'string',
'SubnetMapping': {
'string': 'string'
},
'VpcId': 'string',
'Certificates': {
'ClusterCsr': 'string',
'HsmCertificate': 'string',
'AwsHardwareCertificate': 'string',
'ManufacturerHardwareCertificate': 'string',
'ClusterCertificate': 'string'
},
'TagList': [
{
'Key': 'string',
'Value': 'string'
},
]
},
],
}
Response Structure
(dict) –
Clusters (list) –
A list of clusters.
(dict) –
Contains information about an AWS CloudHSM cluster.
BackupPolicy (string) –
The cluster’s backup policy.
BackupRetentionPolicy (dict) –
A policy that defines how the service retains backups.
Type (string) –
The type of backup retention policy. For the DAYS
type, the value is the number of days to retain backups.
Value (string) –
Use a value between 7 - 379.
ClusterId (string) –
The cluster’s identifier (ID).
CreateTimestamp (datetime) –
The date and time when the cluster was created.
Hsms (list) –
Contains information about the HSMs in the cluster.
(dict) –
Contains information about a hardware security module (HSM) in an AWS CloudHSM cluster.
AvailabilityZone (string) –
The Availability Zone that contains the HSM.
ClusterId (string) –
The identifier (ID) of the cluster that contains the HSM.
SubnetId (string) –
The subnet that contains the HSM’s elastic network interface (ENI).
EniId (string) –
The identifier (ID) of the HSM’s elastic network interface (ENI).
EniIp (string) –
The IP address of the HSM’s elastic network interface (ENI).
HsmId (string) –
The HSM’s identifier (ID).
State (string) –
The HSM’s state.
StateMessage (string) –
A description of the HSM’s state.
HsmType (string) –
The type of HSM that the cluster contains.
PreCoPassword (string) –
The default password for the cluster’s Pre-Crypto Officer (PRECO) user.
SecurityGroup (string) –
The identifier (ID) of the cluster’s security group.
SourceBackupId (string) –
The identifier (ID) of the backup used to create the cluster. This value exists only when the cluster was created from a backup.
State (string) –
The cluster’s state.
StateMessage (string) –
A description of the cluster’s state.
SubnetMapping (dict) –
A map from availability zone to the cluster’s subnet in that availability zone.
(string) –
(string) –
VpcId (string) –
The identifier (ID) of the virtual private cloud (VPC) that contains the cluster.
Certificates (dict) –
Contains one or more certificates or a certificate signing request (CSR).
ClusterCsr (string) –
The cluster’s certificate signing request (CSR). The CSR exists only when the cluster’s state is UNINITIALIZED
.
HsmCertificate (string) –
The HSM certificate issued (signed) by the HSM hardware.
AwsHardwareCertificate (string) –
The HSM hardware certificate issued (signed) by AWS CloudHSM.
ManufacturerHardwareCertificate (string) –
The HSM hardware certificate issued (signed) by the hardware manufacturer.
ClusterCertificate (string) –
The cluster certificate issued (signed) by the issuing certificate authority (CA) of the cluster’s owner.
TagList (list) –
The list of tags for the cluster.
(dict) –
Contains a tag. A tag is a key-value pair.
Key (string) –
The key of the tag.
Value (string) –
The value of the tag.
paginator = client.get_paginator('list_tags')
Creates an iterator that will paginate through responses from CloudHSMV2.Client.list_tags()
.
See also: AWS API Documentation
Request Syntax
response_iterator = paginator.paginate(
ResourceId='string',
PaginationConfig={
'MaxItems': 123,
'PageSize': 123,
'StartingToken': 'string'
}
)
ResourceId (string) –
[REQUIRED]
The cluster identifier (ID) for the cluster whose tags you are getting. To find the cluster ID, use DescribeClusters .
PaginationConfig (dict) –
A dictionary that provides parameters to control pagination.
MaxItems (integer) –
The total number of items to return. If the total number of items available is more than the value specified in max-items then a NextToken
will be provided in the output that you can use to resume pagination.
PageSize (integer) –
The size of each page.
StartingToken (string) –
A token to specify where to start paginating. This is the NextToken
from a previous response.
dict
Response Syntax
{
'TagList': [
{
'Key': 'string',
'Value': 'string'
},
],
}
Response Structure
(dict) –
TagList (list) –
A list of tags.
(dict) –
Contains a tag. A tag is a key-value pair.
Key (string) –
The key of the tag.
Value (string) –
The value of the tag.