DirectoryService / Client / enable_ca_enrollment_policy
enable_ca_enrollment_policy¶
- DirectoryService.Client.enable_ca_enrollment_policy(**kwargs)¶
Enables certificate authority (CA) enrollment policy for the specified directory. This allows domain-joined clients to automatically request and receive certificates from the specified Amazon Web Services Private Certificate Authority.
Note
Before enabling CA enrollment, ensure that the PCA connector is properly configured and accessible from the directory. The connector must be in an active state and have the necessary permissions.
See also: AWS API Documentation
Request Syntax
response = client.enable_ca_enrollment_policy( DirectoryId='string', PcaConnectorArn='string' )
- Parameters:
DirectoryId (string) –
[REQUIRED]
The identifier of the directory for which to enable the CA enrollment policy.
PcaConnectorArn (string) –
[REQUIRED]
The Amazon Resource Name (ARN) of the Private Certificate Authority (PCA) connector to use for automatic certificate enrollment. This connector must be properly configured and accessible from the directory.
The ARN format is:
arn:aws:pca-connector-ad:region:account-id:connector/connector-id
- Return type:
dict
- Returns:
Response Syntax
{}
Response Structure
(dict) –
Contains the results of the EnableCAEnrollmentPolicy operation.
Exceptions
DirectoryService.Client.exceptions.DirectoryDoesNotExistException
DirectoryService.Client.exceptions.DirectoryUnavailableException
DirectoryService.Client.exceptions.InvalidParameterException
DirectoryService.Client.exceptions.EntityAlreadyExistsException
DirectoryService.Client.exceptions.EntityDoesNotExistException
DirectoryService.Client.exceptions.EnableAlreadyInProgressException