Creating an HSM Cluster

Create an HSM Cluster resource.

As a first step, you begin the provisioning workflow by first creating an HSM cluster. Upon creation, the cluster state is set to "Creating" and the Dedicated KMS provisions three HSM partitions with an DNS entry.

    1. Open the navigation menu, click Identity & Security. Under Key Management & Secret Management, click Dedicated Key Management.
    2. In the Dedicated KMS section, click Create HSM Cluster.
    3. In the Create HSM Cluster page, select a compartment in which you want to create the HSM cluster.
    4. Enter a name for the cluster.
    5. Click Show advanced options to add tags to the cluster.
      Note

      If you have permissions to create a resource, then you also have permissions to apply free-form tags to that resource. To apply a defined tag, you must have permissions to use the tag namespace. For more information about tagging, see Resource Tags.
    6. Click Create.

      After the HSM cluster is created, for seamless provisioning, the cluster state changes from "Creating", to "Initialization Required".

  • Open a command prompt and run hsm-cluster create to create a HSM cluster.

    oci kms kms-hsm-cluster hsm-cluster create -compartment-id

    For example:

    oci kms kms-hsm-cluster hsm-cluster create --compartment-id  ocid1.compartment.sample1..aaaaaaaaaziotxjmvm4sbdczvrc4cllpkqvl2wf5v5p3mdkj5clzp6njmtoq --display-name CLI_test

    For a complete list of parameters and values for CLI commands, see KMS CLI Command Reference.

  • Run the CreateHsmCluster operation that uses the KMSHSMCLUSTER API endpoint.

    Note

    Each region uses the KMSHSMCLUSTER API endpoint for HSM cluster operations. For regional endpoints, see the API Endpoints.