--- title: CloudHSM Cluster description: Datadog, the leading service for cloud-scale monitoring. breadcrumbs: Docs > DDSQL Reference > Data Directory > CloudHSM Cluster --- # CloudHSM Cluster This table represents the CloudHSM Cluster resource from Amazon Web Services. ``` aws.cloudhsm_cluster ``` ## Fields | Title | ID | Type | Data Type | Description | | ---------------------------- | ---- | ---------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------- | | _key | core | string | | account_id | core | string | | backup_policy | core | string | The cluster's backup policy. | | backup_retention_policy | core | json | A policy that defines how the service retains backups. | | certificates | core | json | Contains one or more certificates or a certificate signing request (CSR). | | cluster_id | core | string | The cluster's identifier (ID). | | create_timestamp | core | timestamp | The date and time when the cluster was created. | | hsm_type | core | string | The type of HSM that the cluster contains. | | hsm_type_rollback_expiration | core | timestamp | The timestamp until when the cluster can be rolled back to its original HSM type. | | hsms | core | json | Contains information about the HSMs in the cluster. | | mode | core | string | The mode of the cluster. | | network_type | core | string | The cluster's NetworkType can be IPv4 (the default) or DUALSTACK. The IPv4 NetworkType restricts communication between your application and the hardware security modules (HSMs) to the IPv4 protocol only. The DUALSTACK NetworkType enables communication over both IPv4 and IPv6 protocols. To use DUALSTACK, configure your virtual private cloud (VPC) and subnets to support both IPv4 and IPv6. This configuration involves adding IPv6 Classless Inter-Domain Routing (CIDR) blocks to the existing IPv4 CIDR blocks in your subnets. The NetworkType you choose affects the network addressing options for your cluster. DUALSTACK provides more flexibility by supporting both IPv4 and IPv6 communication. | | pre_co_password | core | string | The default password for the cluster's Pre-Crypto Officer (PRECO) user. | | security_group | core | string | The identifier (ID) of the cluster's security group. | | source_backup_id | core | string | The identifier (ID) of the backup used to create the cluster. This value exists only when the cluster was created from a backup. | | state | core | string | The cluster's state. | | state_message | core | string | A description of the cluster's state. | | subnet_mapping | core | hstore | A map from availability zone to the cluster's subnet in that availability zone. | | tags | core | hstore_csv | | vpc_id | core | string | The identifier (ID) of the virtual private cloud (VPC) that contains the cluster. |