Struct: kms.CloudHsmClusterInvalidConfigurationException

import "../ibm-cos-sdk-go/service/kms"

Overview

The request was rejected because the associated CloudHSM cluster did not meet the configuration requirements for an CloudHSM key store.

  • The CloudHSM cluster must be configured with private subnets in at least two different Availability Zones in the Region.

  • The security group for the cluster (docs.aws.amazon.com/cloudhsm/latest/userguide/configure-sg.html) (cloudhsm-cluster-<cluster-id>-sg) must include inbound rules and outbound rules that allow TCP traffic on ports 2223-2225. The Source in the inbound rules and the Destination in the outbound rules must match the security group ID. These rules are set by default when you create the CloudHSM cluster. Do not delete or change them. To get information about a particular security group, use the DescribeSecurityGroups (docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeSecurityGroups.html) operation.

  • The CloudHSM cluster must contain at least as many HSMs as the operation requires. To add HSMs, use the CloudHSM CreateHsm (docs.aws.amazon.com/cloudhsm/latest/APIReference/API_CreateHsm.html) operation. For the CreateCustomKeyStore, UpdateCustomKeyStore, and CreateKey operations, the CloudHSM cluster must have at least two active HSMs, each in a different Availability Zone. For the ConnectCustomKeyStore operation, the CloudHSM must contain at least one active HSM.

For information about the requirements for an CloudHSM cluster that is associated with an CloudHSM key store, see Assemble the Prerequisites (docs.aws.amazon.com/kms/latest/developerguide/create-keystore.html#before-keystore) in the Key Management Service Developer Guide. For information about creating a private subnet for an CloudHSM cluster, see Create a Private Subnet (docs.aws.amazon.com/cloudhsm/latest/userguide/create-subnets.html) in the CloudHSM User Guide. For information about cluster security groups, see Configure a Default Security Group (docs.aws.amazon.com/cloudhsm/latest/userguide/configure-sg.html) in the CloudHSM User Guide .

Implemented Interfaces

s3crypto.Cipher, awserr.Error, s3manager.ReadSeekerWriteTo, awserr.RequestFailure, s3manager.WriterReadFrom

Structure Field Summary collapse

Service Operations collapse

Structure Field Details

Message_ *string `locationName:"message" type:"string"`

RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

_ struct{} `type:"structure"`

Method Details

func (s *CloudHsmClusterInvalidConfigurationException) Code() string

Code returns the exception type name.



8265
8266
8267
// File 'service/kms/api.go', line 8265

func (s *CloudHsmClusterInvalidConfigurationException) Error() string



8282
8283
8284
// File 'service/kms/api.go', line 8282

func (s *CloudHsmClusterInvalidConfigurationException) Error() string { return fmt.Sprintf("%s: %s", s.Code(), s.Message()) }

func (s CloudHsmClusterInvalidConfigurationException) GoString() string

GoString returns the string representation.

API parameter values that are decorated as “sensitive” in the API will not be included in the string output. The member name will be present, but the value will be replaced with “sensitive”.



8254
8255
8256
// File 'service/kms/api.go', line 8254

func (s CloudHsmClusterInvalidConfigurationException) GoString() string { return s.String() }

func (s *CloudHsmClusterInvalidConfigurationException) Message() string

Message returns the exception's message.



8270
8271
8272
8273
8274
8275
// File 'service/kms/api.go', line 8270

func (s *CloudHsmClusterInvalidConfigurationException) Message() string { if s.Message_ != nil { return *s.Message_ } return "" }

func (s *CloudHsmClusterInvalidConfigurationException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.



8278
8279
8280
// File 'service/kms/api.go', line 8278

func (s *CloudHsmClusterInvalidConfigurationException) OrigErr() error { return nil }

func (s *CloudHsmClusterInvalidConfigurationException) RequestID() string

RequestID returns the service's response RequestID for request.



8292
8293
8294
// File 'service/kms/api.go', line 8292

func (s *CloudHsmClusterInvalidConfigurationException) RequestID() string { return s.RespMetadata.RequestID }

func (s *CloudHsmClusterInvalidConfigurationException) StatusCode() int

Status code returns the HTTP status code for the request's response error.



8287
8288
8289
// File 'service/kms/api.go', line 8287

func (s *CloudHsmClusterInvalidConfigurationException) StatusCode() int { return s.RespMetadata.StatusCode }

func (s CloudHsmClusterInvalidConfigurationException) String() string

String returns the string representation.

API parameter values that are decorated as “sensitive” in the API will not be included in the string output. The member name will be present, but the value will be replaced with “sensitive”.



8245
8246
8247
// File 'service/kms/api.go', line 8245

func (s CloudHsmClusterInvalidConfigurationException) String() string { return awsutil.Prettify(s) }