Class CloudHsmClusterInvalidConfigurationException
- All Implemented Interfaces:
Serializable
,SdkPojo
,ToCopyableBuilder<CloudHsmClusterInvalidConfigurationException.Builder,
CloudHsmClusterInvalidConfigurationException>
The request was rejected because the associated CloudHSM cluster did not meet the configuration requirements for an CloudHSM key store.
-
The CloudHSM cluster must be configured with private subnets in at least two different Availability Zones in the Region.
-
The security group for the cluster (cloudhsm-cluster-<cluster-id>-sg) must include inbound rules and outbound rules that allow TCP traffic on ports 2223-2225. The Source in the inbound rules and the Destination in the outbound rules must match the security group ID. These rules are set by default when you create the CloudHSM cluster. Do not delete or change them. To get information about a particular security group, use the DescribeSecurityGroups operation.
-
The CloudHSM cluster must contain at least as many HSMs as the operation requires. To add HSMs, use the CloudHSM CreateHsm operation.
For the CreateCustomKeyStore, UpdateCustomKeyStore, and CreateKey operations, the CloudHSM cluster must have at least two active HSMs, each in a different Availability Zone. For the ConnectCustomKeyStore operation, the CloudHSM must contain at least one active HSM.
For information about the requirements for an CloudHSM cluster that is associated with an CloudHSM key store, see Assemble the Prerequisites in the Key Management Service Developer Guide. For information about creating a private subnet for an CloudHSM cluster, see Create a Private Subnet in the CloudHSM User Guide. For information about cluster security groups, see Configure a Default Security Group in the CloudHSM User Guide .
- See Also:
-
Nested Class Summary
Modifier and TypeClassDescriptionstatic interface
-
Method Summary
Modifier and TypeMethodDescriptionbuilder()
static Class
<? extends CloudHsmClusterInvalidConfigurationException.Builder> Create aAwsServiceException.Builder
initialized with the properties of thisAwsServiceException
.Methods inherited from class software.amazon.awssdk.awscore.exception.AwsServiceException
awsErrorDetails, getMessage, isClockSkewException, isThrottlingException
Methods inherited from class software.amazon.awssdk.core.exception.SdkServiceException
extendedRequestId, requestId, statusCode
Methods inherited from class software.amazon.awssdk.core.exception.SdkException
create, retryable
Methods inherited from class java.lang.Throwable
addSuppressed, fillInStackTrace, getCause, getLocalizedMessage, getStackTrace, getSuppressed, initCause, printStackTrace, printStackTrace, printStackTrace, setStackTrace, toString
Methods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, wait, wait, wait
Methods inherited from interface software.amazon.awssdk.core.SdkPojo
equalsBySdkFields
Methods inherited from interface software.amazon.awssdk.utils.builder.ToCopyableBuilder
copy
-
Method Details
-
toBuilder
Description copied from class:AwsServiceException
Create aAwsServiceException.Builder
initialized with the properties of thisAwsServiceException
.- Specified by:
toBuilder
in interfaceToCopyableBuilder<CloudHsmClusterInvalidConfigurationException.Builder,
CloudHsmClusterInvalidConfigurationException> - Overrides:
toBuilder
in classKmsException
- Returns:
- A new builder initialized with this config's properties.
-
builder
-
serializableBuilderClass
public static Class<? extends CloudHsmClusterInvalidConfigurationException.Builder> serializableBuilderClass() -
sdkFields
- Specified by:
sdkFields
in interfaceSdkPojo
- Overrides:
sdkFields
in classSdkServiceException
- Returns:
- List of
SdkField
in this POJO. May be empty list but should never be null.
-