ModifyHsm - AWS CloudHSM Service
Request SyntaxRequest ParametersResponse SyntaxResponse ElementsErrorsSee Also

ModifyHsm

This is documentation for AWS CloudHSM Classic. For more information, see AWS CloudHSM Classic FAQs, the AWS CloudHSM Classic User Guide, and the AWS CloudHSM Classic API Reference.

For information about the current version of AWS CloudHSM, see AWS CloudHSM, the AWS CloudHSM User Guide, and the AWS CloudHSM API Reference.

Modifies an HSM.

Important

This operation can result in the HSM being offline for up to 15 minutes while the AWS CloudHSM service is reconfigured. If you are modifying a production HSM, you should ensure that your AWS CloudHSM service is configured for high availability, and consider executing this operation during a maintenance window.

Request Syntax

{
   "EniIp": "string",
   "ExternalId": "string",
   "HsmArn": "string",
   "IamRoleArn": "string",
   "SubnetId": "string",
   "SyslogIp": "string"
}

Request Parameters

The request accepts the following data in JSON format.

EniIp

The new IP address for the elastic network interface (ENI) attached to the HSM.

If the HSM is moved to a different subnet, and an IP address is not specified, an IP address will be randomly chosen from the CIDR range of the new subnet.

Type: String

Pattern: \d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}

Required: No

ExternalId

The new external ID.

Type: String

Pattern: [\w :+=./-]*

Required: No

HsmArn

The ARN of the HSM to modify.

Type: String

Pattern: arn:aws(-iso)?:cloudhsm:[a-zA-Z0-9\-]*:[0-9]{12}:hsm-[0-9a-f]{8}

Required: Yes

IamRoleArn

The new IAM role ARN.

Type: String

Pattern: arn:aws(-iso)?:iam::[0-9]{12}:role/[a-zA-Z0-9_\+=,\.\-@]{1,64}

Required: No

SubnetId

The new identifier of the subnet that the HSM is in. The new subnet must be in the same Availability Zone as the current subnet.

Type: String

Pattern: subnet-[0-9a-f]{8}

Required: No

SyslogIp

The new IP address for the syslog monitoring server. The AWS CloudHSM service only supports one syslog monitoring server.

Type: String

Pattern: \d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}

Required: No

Response Syntax

{
   "HsmArn": "string"
}

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

HsmArn

The ARN of the HSM.

Type: String

Pattern: arn:aws(-iso)?:cloudhsm:[a-zA-Z0-9\-]*:[0-9]{12}:hsm-[0-9a-f]{8}

Errors

For information about the errors that are common to all actions, see Common Errors.

CloudHsmInternalException

Indicates that an internal error occurred.

HTTP Status Code: 500

CloudHsmServiceException

Indicates that an exception occurred in the AWS CloudHSM service.

HTTP Status Code: 400

InvalidRequestException

Indicates that one or more of the request parameters are not valid.

HTTP Status Code: 400

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: