DirectoryService / Client / enable_ca_enrollment_policy

enable_ca_enrollment_policy

DirectoryService.Client.enable_ca_enrollment_policy(**kwargs)

Enables certificate authority (CA) enrollment policy for the specified directory. This allows domain-joined clients to automatically request and receive certificates from the specified Amazon Web Services Private Certificate Authority.

Note

Before enabling CA enrollment, ensure that the PCA connector is properly configured and accessible from the directory. The connector must be in an active state and have the necessary permissions.

See also: AWS API Documentation

Request Syntax

response = client.enable_ca_enrollment_policy(
    DirectoryId='string',
    PcaConnectorArn='string'
)
Parameters:
  • DirectoryId (string) –

    [REQUIRED]

    The identifier of the directory for which to enable the CA enrollment policy.

  • PcaConnectorArn (string) –

    [REQUIRED]

    The Amazon Resource Name (ARN) of the Private Certificate Authority (PCA) connector to use for automatic certificate enrollment. This connector must be properly configured and accessible from the directory.

    The ARN format is: arn:aws:pca-connector-ad:region:account-id:connector/connector-id

Return type:

dict

Returns:

Response Syntax

{}

Response Structure

  • (dict) –

    Contains the results of the EnableCAEnrollmentPolicy operation.

Exceptions