DirectoryService / Client / describe_ca_enrollment_policy

describe_ca_enrollment_policy

DirectoryService.Client.describe_ca_enrollment_policy(**kwargs)

Retrieves detailed information about the certificate authority (CA) enrollment policy for the specified directory. This policy determines how client certificates are automatically enrolled and managed through Amazon Web Services Private Certificate Authority.

See also: AWS API Documentation

Request Syntax

response = client.describe_ca_enrollment_policy(
    DirectoryId='string'
)
Parameters:

DirectoryId (string) –

[REQUIRED]

The identifier of the directory for which to retrieve the CA enrollment policy information.

Return type:

dict

Returns:

Response Syntax

{
    'DirectoryId': 'string',
    'PcaConnectorArn': 'string',
    'CaEnrollmentPolicyStatus': 'InProgress'|'Success'|'Failed'|'Disabling'|'Disabled'|'Impaired',
    'LastUpdatedDateTime': datetime(2015, 1, 1),
    'CaEnrollmentPolicyStatusReason': 'string'
}

Response Structure

  • (dict) –

    Contains the results of the DescribeCAEnrollmentPolicy operation.

    • DirectoryId (string) –

      The identifier of the directory associated with this CA enrollment policy.

    • PcaConnectorArn (string) –

      The Amazon Resource Name (ARN) of the Amazon Web Services Private Certificate Authority (PCA) connector that is configured for automatic certificate enrollment in this directory.

    • CaEnrollmentPolicyStatus (string) –

      The current status of the CA enrollment policy. This indicates if automatic certificate enrollment is currently active, inactive, or in a transitional state.

      Valid values:

      • IN_PROGRESS - The policy is being activated T

      • SUCCESS - The policy is active and automatic certificate enrollment is operational

      • FAILED - The policy activation or deactivation failed

      • DISABLING - The policy is being deactivated

      • DISABLED - The policy is inactive and automatic certificate enrollment is not available

      • IMPAIRED - Network connectivity is impaired.

    • LastUpdatedDateTime (datetime) –

      The date and time when the CA enrollment policy was last modified or updated.

    • CaEnrollmentPolicyStatusReason (string) –

      Additional information explaining the current status of the CA enrollment policy, particularly useful when the policy is in an error or transitional state.

Exceptions