221 221 |
|
222 222 | impl ::aws_smithy_runtime_api::client::interceptors::Intercept for CreateCustomKeyStoreEndpointParamsInterceptor {
|
223 223 | fn name(&self) -> &'static str {
|
224 224 | "CreateCustomKeyStoreEndpointParamsInterceptor"
|
225 225 | }
|
226 226 |
|
227 227 | fn read_before_execution(
|
228 228 | &self,
|
229 229 | context: &::aws_smithy_runtime_api::client::interceptors::context::BeforeSerializationInterceptorContextRef<
|
230 230 | '_,
|
231 231 | ::aws_smithy_runtime_api::client::interceptors::context::Input,
|
232 232 | ::aws_smithy_runtime_api::client::interceptors::context::Output,
|
233 233 | ::aws_smithy_runtime_api::client::interceptors::context::Error,
|
234 234 | >,
|
235 235 | cfg: &mut ::aws_smithy_types::config_bag::ConfigBag,
|
236 236 | ) -> ::std::result::Result<(), ::aws_smithy_runtime_api::box_error::BoxError> {
|
237 237 | let _input = context
|
238 238 | .input()
|
239 239 | .downcast_ref::<CreateCustomKeyStoreInput>()
|
240 240 | .ok_or("failed to downcast to CreateCustomKeyStoreInput")?;
|
241 241 |
|
242 242 | let params = crate::config::endpoint::Params::builder()
|
243 243 | .set_region(cfg.load::<::aws_types::region::Region>().map(|r| r.as_ref().to_owned()))
|
244 244 | .set_use_dual_stack(cfg.load::<::aws_types::endpoint_config::UseDualStack>().map(|ty| ty.0))
|
245 245 | .set_use_fips(cfg.load::<::aws_types::endpoint_config::UseFips>().map(|ty| ty.0))
|
246 246 | .set_endpoint(cfg.load::<::aws_types::endpoint_config::EndpointUrl>().map(|ty| ty.0.clone()))
|
247 247 | .build()
|
248 248 | .map_err(|err| {
|
249 249 | ::aws_smithy_runtime_api::client::interceptors::error::ContextAttachedError::new("endpoint params could not be built", err)
|
250 250 | })?;
|
251 + |
|
251 252 | cfg.interceptor_state()
|
252 253 | .store_put(::aws_smithy_runtime_api::client::endpoint::EndpointResolverParams::new(params));
|
254 + |
|
253 255 | ::std::result::Result::Ok(())
|
254 256 | }
|
255 257 | }
|
256 258 |
|
257 259 | // The get_* functions below are generated from JMESPath expressions in the
|
258 260 | // operationContextParams trait. They target the operation's input shape.
|
259 261 |
|
260 262 | /// Error type for the `CreateCustomKeyStoreError` operation.
|
261 263 | #[non_exhaustive]
|
262 264 | #[derive(::std::fmt::Debug)]
|
263 265 | pub enum CreateCustomKeyStoreError {
|
264 266 | /// <p>The request was rejected because the specified CloudHSM cluster is already associated with an CloudHSM key store in the account, or it shares a backup history with an CloudHSM key store in the account. Each CloudHSM key store in the account must be associated with a different CloudHSM cluster.</p>
|
265 267 | /// <p>CloudHSM clusters that share a backup history have the same cluster certificate. To view the cluster certificate of an CloudHSM cluster, use the <a href="https://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_DescribeClusters.html">DescribeClusters</a> operation.</p>
|
266 268 | CloudHsmClusterInUseException(crate::types::error::CloudHsmClusterInUseException),
|
267 269 | /// <p>The request was rejected because the associated CloudHSM cluster did not meet the configuration requirements for an CloudHSM key store.</p>
|
268 270 | /// <ul>
|
269 271 | /// <li>
|
270 272 | /// <p>The CloudHSM cluster must be configured with private subnets in at least two different Availability Zones in the Region.</p></li>
|
271 273 | /// <li>
|
272 274 | /// <p>The <a href="https://docs.aws.amazon.com/cloudhsm/latest/userguide/configure-sg.html">security group for the cluster</a> (cloudhsm-cluster-<i><cluster-id></cluster-id></i>-sg) must include inbound rules and outbound rules that allow TCP traffic on ports 2223-2225. The <b>Source</b> in the inbound rules and the <b>Destination</b> in the outbound rules must match the security group ID. These rules are set by default when you create the CloudHSM cluster. Do not delete or change them. To get information about a particular security group, use the <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeSecurityGroups.html">DescribeSecurityGroups</a> operation.</p></li>
|
273 275 | /// <li>
|
274 276 | /// <p>The CloudHSM cluster must contain at least as many HSMs as the operation requires. To add HSMs, use the CloudHSM <a href="https://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_CreateHsm.html">CreateHsm</a> operation.</p>
|
275 277 | /// <p>For the <code>CreateCustomKeyStore</code>, <code>UpdateCustomKeyStore</code>, and <code>CreateKey</code> operations, the CloudHSM cluster must have at least two active HSMs, each in a different Availability Zone. For the <code>ConnectCustomKeyStore</code> operation, the CloudHSM must contain at least one active HSM.</p></li>
|
276 278 | /// </ul>
|
277 279 | /// <p>For information about the requirements for an CloudHSM cluster that is associated with an CloudHSM key store, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/create-keystore.html#before-keystore">Assemble the Prerequisites</a> in the <i>Key Management Service Developer Guide</i>. For information about creating a private subnet for an CloudHSM cluster, see <a href="https://docs.aws.amazon.com/cloudhsm/latest/userguide/create-subnets.html">Create a Private Subnet</a> in the <i>CloudHSM User Guide</i>. For information about cluster security groups, see <a href="https://docs.aws.amazon.com/cloudhsm/latest/userguide/configure-sg.html">Configure a Default Security Group</a> in the <i> <i>CloudHSM User Guide</i> </i>.</p>
|
278 280 | CloudHsmClusterInvalidConfigurationException(crate::types::error::CloudHsmClusterInvalidConfigurationException),
|
279 281 | /// <p>The request was rejected because the CloudHSM cluster associated with the CloudHSM key store is not active. Initialize and activate the cluster and try the command again. For detailed instructions, see <a href="https://docs.aws.amazon.com/cloudhsm/latest/userguide/getting-started.html">Getting Started</a> in the <i>CloudHSM User Guide</i>.</p>
|
280 282 | CloudHsmClusterNotActiveException(crate::types::error::CloudHsmClusterNotActiveException),
|
281 283 | /// <p>The request was rejected because KMS cannot find the CloudHSM cluster with the specified cluster ID. Retry the request with a different cluster ID.</p>
|
282 284 | CloudHsmClusterNotFoundException(crate::types::error::CloudHsmClusterNotFoundException),
|