Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enhance create cluster from backup to highlight dependency on customer CA cert from original cluster #28

Open
ckamps opened this issue Aug 9, 2023 · 0 comments
Open

Enhance create cluster from backup to highlight dependency on customer CA cert from original cluster #28

ckamps opened this issue Aug 9, 2023 · 0 comments

Comments

@ckamps
Copy link
Contributor

ckamps commented Aug 9, 2023
edited
Loading

In this section of the doc:

https://github.com/aws-samples/aws-cloudhsm-cloudformation-template#creating-a-cloudhsm-cluster-from-a-backup

Make clear that the customer CA cert associated with the cluster from which the backup was taken must exist in Secrets Manager under the name:

/{system_id}/{backup_cluster_id}/customer-ca-cert

Where {system_id} is the value of the pSystem parameter used for both the stack associated with the original cluster from which the backup was taken and the new cluster to be created from the backup. Also highlight that the pSystem parameter value for both stack needs to be the same.

The original customer CA cert is used during the process of creating a new cluster from a backup to configure the EC2 client with the proper CA cert so that the CloudHSM client tools can interact with HSMs in the newly created cluster.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@ckamps