Resource: awsRedshiftHsmConfiguration
Creates an HSM configuration that contains the information required by an Amazon Redshift cluster to store and use database encryption keys in a Hardware Security Module (HSM).
Example Usage
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
new aws.redshiftHsmConfiguration.RedshiftHsmConfiguration(this, "example", {
description: "example",
hsmConfigurationIdentifier: "example",
hsmIpAddress: "10.0.0.1",
hsmPartitionName: "aws",
hsmPartitionPassword: "example",
hsmServerPublicCertificate: "example",
});
Argument Reference
The following arguments are supported:
description
- (Required, Forces new resource) A text description of the HSM configuration to be created.hsmConfigurationIdentifier
- (Required, Forces new resource) The identifier to be assigned to the new Amazon Redshift HSM configuration.hsmIpAddress
- (Required, Forces new resource) The IP address that the Amazon Redshift cluster must use to access the HSM.hsmPartitionName
- (Required, Forces new resource) The name of the partition in the HSM where the Amazon Redshift clusters will store their database encryption keys.hsmPartitionPassword
- (Required, Forces new resource) The password required to access the HSM partition.hsmServerPublicCertificate
- (Required, Forces new resource) The HSMs public certificate file. When using Cloud HSM, the file name is server.pem.tags
- (Optional) A map of tags to assign to the resource. If configured with a providerdefaultTags
configuration block present, tags with matching keys will overwrite those defined at the provider-level.
Attributes Reference
In addition to all arguments above, the following attributes are exported:
arn
- Amazon Resource Name (ARN) of the Hsm Client Certificate.hsmConfigurationPublicKey
- The public key that the Amazon Redshift cluster will use to connect to the HSM. You must register the public key in the HSM.tagsAll
- A map of tags assigned to the resource, including those inherited from the providerdefaultTags
configuration block.
Import
Redshift Hsm Client Certificates support import by hsmConfigurationIdentifier
, e.g.,