aws redshift create-hsm-configuration

Creates an HSM configuration that contains the information required by an Amazon Redshift cluster to store and use database encryption keys in a Hardware Security Module (HSM). After creating the HSM configuration, you can specify it as a parameter when creating a cluster. The cluster will then store its encryption keys in the HSM. In addition to creating an HSM configuration, you must also create an HSM client certificate. For more information, go to Hardware Security Modules in the Amazon Redshift Cluster Management Guide


--hsm-configuration-identifier <string>The identifier to be assigned to the new Amazon Redshift HSM configuration
--description <string>A text description of the HSM configuration to be created
--hsm-ip-address <string>The IP address that the Amazon Redshift cluster must use to access the HSM
--hsm-partition-name <string>The name of the partition in the HSM where the Amazon Redshift clusters will store their database encryption keys
--hsm-partition-password <string>The password required to access the HSM partition
--hsm-server-public-certificate <string>The HSMs public certificate file. When using Cloud HSM, the file name is server.pem
--tags <list>A list of tag instances
--cli-input-json <string>Performs service operation based on the JSON string provided. The JSON string follows the format provided by ``--generate-cli-skeleton``. If other arguments are provided on the command line, the CLI values will override the JSON-provided values. It is not possible to pass arbitrary binary values using a JSON-provided value as the string will be taken literally
--generate-cli-skeleton <string>Prints a JSON skeleton to standard output without sending an API request. If provided with no value or the value ``input``, prints a sample input JSON that can be used as an argument for ``--cli-input-json``. If provided with the value ``output``, it validates the command inputs and returns a sample output JSON for that command