PcaConnectorAd / Client / create_template_group_access_control_entry

create_template_group_access_control_entry#

PcaConnectorAd.Client.create_template_group_access_control_entry(**kwargs)#

Create a group access control entry. Allow or deny Active Directory groups from enrolling and/or autoenrolling with the template based on the group security identifiers (SIDs).

See also: AWS API Documentation

Request Syntax

response = client.create_template_group_access_control_entry(
    AccessRights={
        'AutoEnroll': 'ALLOW'|'DENY',
        'Enroll': 'ALLOW'|'DENY'
    },
    ClientToken='string',
    GroupDisplayName='string',
    GroupSecurityIdentifier='string',
    TemplateArn='string'
)
Parameters:
  • AccessRights (dict) –

    [REQUIRED]

    Allow or deny permissions for an Active Directory group to enroll or autoenroll certificates for a template.

    • AutoEnroll (string) –

      Allow or deny an Active Directory group from autoenrolling certificates issued against a template. The Active Directory group must be allowed to enroll to allow autoenrollment

    • Enroll (string) –

      Allow or deny an Active Directory group from enrolling certificates issued against a template.

  • ClientToken (string) –

    Idempotency token.

    This field is autopopulated if not provided.

  • GroupDisplayName (string) –

    [REQUIRED]

    Name of the Active Directory group. This name does not need to match the group name in Active Directory.

  • GroupSecurityIdentifier (string) –

    [REQUIRED]

    Security identifier (SID) of the group object from Active Directory. The SID starts with “S-“.

  • TemplateArn (string) –

    [REQUIRED]

    The Amazon Resource Name (ARN) that was returned when you called CreateTemplate.

Returns:

None

Exceptions

  • PcaConnectorAd.Client.exceptions.AccessDeniedException

  • PcaConnectorAd.Client.exceptions.ValidationException

  • PcaConnectorAd.Client.exceptions.ResourceNotFoundException

  • PcaConnectorAd.Client.exceptions.ThrottlingException

  • PcaConnectorAd.Client.exceptions.ServiceQuotaExceededException

  • PcaConnectorAd.Client.exceptions.InternalServerException

  • PcaConnectorAd.Client.exceptions.ConflictException