HardwareSecurityModuleGroup

Description

API


    POST /api/hardwaresecuritymodulegroup
    PUT /api/hardwaresecuritymodulegroup/<key>
    DELETE /api/hardwaresecuritymodulegroup/<key>
    GET /api/hardwaresecuritymodulegroup
    GET /api/hardwaresecuritymodulegroup/<key>

CLI


    configure hardwaresecuritymodulegroup <key>
    show hardwaresecuritymodulegroup <key>

Data

HardwareSecurityModuleGroup

uuid

Type
string
Category
required
Description
UUID of the HSM Group configuration object

name

Type
string
Category
required
Description
Name of the HSM Group configuration object

hsm

Type
HardwareSecurityModule
Category
required
Description
Hardware Security Module configuration

tenant_ref

Type
Reference to Tenant
Category
required
Description

HardwareSecurityModule

type

Type
enum
Category
required
Description
HSM type to use
Choices
HSM_TYPE_THALES_NETHSM, HSM_TYPE_SAFENET_LUNA

rfs

Type
HSMThalesRFS
Category
optional
Description
Thales Remote File System (RFS), used for the netHSMs, configuration

nethsm

Type
HSMThalesNetHsm
Category
repeated
Description
Thales netHSM specific configuration

HSMThalesRFS

ip

Type
IpAddr
Category
required
Description
IP address of the RFS server from where to sync the Thales encrypted private key

port

Type
Port
Category
optional
Description
Port at which the RFS server accepts the sync request from clients for Thales encrypted private key

IpAddr

addr

Type
string
Category
required
Description
IP address

type

Type
enum
Category
required
Description
Choices
V4, DNS

Port

port

Type
uint32
Category
required
Description
TCP/UDP port number.

HSMThalesNetHsm

remote_ip

Type
IpAddr
Category
required
Description
IP address of the netHSM device

remote_port

Type
Port
Category
optional
Description
Port at which the netHSM device accepts the connection

esn

Type
string
Category
required
Description
Electronic serial number of the netHSM device. Use Thales anonkneti utility to find the netHSM ESN

module_id

Type
uint32
Category
optional
Description
Local module id of the netHSM device
Default
0

keyhash

Type
string
Category
required
Description
Hash of the key that netHSM device uses to authenticate itself. Use Thales anonkneti utility to find the netHSM keyhash

priority

Type
uint32
Category
required
Description
Priority class of the nethsm in an high availability setup. 1 is the highest priority and 100 is the lowest priority
Default
100

References

Tenant

Sub Objects