enable_trust_anchor
(**kwargs)¶Enables a trust anchor. When enabled, certificates in the trust anchor chain are authorized for trust validation.
Required permissions:rolesanywhere:EnableTrustAnchor
.
See also: AWS API Documentation
Request Syntax
response = client.enable_trust_anchor(
trustAnchorId='string'
)
[REQUIRED]
The unique identifier of the trust anchor.
{
'trustAnchor': {
'createdAt': datetime(2015, 1, 1),
'enabled': True|False,
'name': 'string',
'source': {
'sourceData': {
'acmPcaArn': 'string',
'x509CertificateData': 'string'
},
'sourceType': 'AWS_ACM_PCA'|'CERTIFICATE_BUNDLE'|'SELF_SIGNED_REPOSITORY'
},
'trustAnchorArn': 'string',
'trustAnchorId': 'string',
'updatedAt': datetime(2015, 1, 1)
}
}
Response Structure
The state of the trust anchor after a read or write operation.
The ISO-8601 timestamp when the trust anchor was created.
Indicates whether the trust anchor is enabled.
The name of the trust anchor.
The trust anchor type and its related certificate data.
The data field of the trust anchor depending on its type.
Note
This is a Tagged Union structure. Only one of the following top level keys will be set: acmPcaArn
, x509CertificateData
. If a client receives an unknown member it will set SDK_UNKNOWN_MEMBER
as the top level key, which maps to the name or tag of the unknown member. The structure of SDK_UNKNOWN_MEMBER
is as follows:
'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}
The root certificate of the Certificate Manager Private Certificate Authority specified by this ARN is used in trust validation for CreateSession operations. Included for trust anchors of type AWS_ACM_PCA
.
The PEM-encoded data for the certificate anchor. Included for trust anchors of type CERTIFICATE_BUNDLE
.
The type of the trust anchor.
The ARN of the trust anchor.
The unique identifier of the trust anchor.
The ISO-8601 timestamp when the trust anchor was last updated.
Exceptions
IAMRolesAnywhere.Client.exceptions.ResourceNotFoundException
IAMRolesAnywhere.Client.exceptions.AccessDeniedException