AccessControlEntry
An access control entry allows or denies Active Directory groups based on their security identifiers (SIDs) from enrolling and/or autoenrolling with the template.
Contents
- AccessRights
-
Permissions to allow or deny an Active Directory group to enroll or autoenroll certificates issued against a template.
Type: AccessRights object
Required: No
- CreatedAt
-
The date and time that the Access Control Entry was created.
Type: Timestamp
Required: No
- GroupDisplayName
-
Name of the Active Directory group. This name does not need to match the group name in Active Directory.
Type: String
Length Constraints: Minimum length of 0. Maximum length of 256.
Pattern:
^[\x20-\x7E]+$Required: No
- GroupSecurityIdentifier
-
Security identifier (SID) of the group object from Active Directory. The SID starts with "S-".
Type: String
Length Constraints: Minimum length of 7. Maximum length of 256.
Pattern:
^S-[0-9]-([0-9]+-){1,14}[0-9]+$Required: No
- TemplateArn
-
The Amazon Resource Name (ARN) that was returned when you called CreateTemplate.
Type: String
Length Constraints: Minimum length of 5. Maximum length of 200.
Pattern:
^arn:[\w-]+:pca-connector-ad:[\w-]+:[0-9]+:connector\/[0-9a-f]{8}(-[0-9a-f]{4}){3}-[0-9a-f]{12}\/template\/[0-9a-f]{8}(-[0-9a-f]{4}){3}-[0-9a-f]{12}$Required: No
- UpdatedAt
-
The date and time that the Access Control Entry was updated.
Type: Timestamp
Required: No
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
