CfnTemplateGroupAccessControlEntryProps
- class aws_cdk.aws_pcaconnectorad.CfnTemplateGroupAccessControlEntryProps(*, access_rights, group_display_name, group_security_identifier=None, template_arn=None)
Bases:
objectProperties for defining a
CfnTemplateGroupAccessControlEntry.- Parameters:
access_rights (
Union[IResolvable,AccessRightsProperty,Dict[str,Any]]) – Permissions to allow or deny an Active Directory group to enroll or autoenroll certificates issued against a template.group_display_name (
str) – Name of the Active Directory group. This name does not need to match the group name in Active Directory.group_security_identifier (
Optional[str]) – Security identifier (SID) of the group object from Active Directory. The SID starts with “S-“.template_arn (
Optional[str]) – The Amazon Resource Name (ARN) that was returned when you called CreateTemplate .
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_pcaconnectorad as pcaconnectorad cfn_template_group_access_control_entry_props = pcaconnectorad.CfnTemplateGroupAccessControlEntryProps( access_rights=pcaconnectorad.CfnTemplateGroupAccessControlEntry.AccessRightsProperty( auto_enroll="autoEnroll", enroll="enroll" ), group_display_name="groupDisplayName", # the properties below are optional group_security_identifier="groupSecurityIdentifier", template_arn="templateArn" )
Attributes
- access_rights
Permissions to allow or deny an Active Directory group to enroll or autoenroll certificates issued against a template.
- group_display_name
Name of the Active Directory group.
This name does not need to match the group name in Active Directory.
- group_security_identifier
Security identifier (SID) of the group object from Active Directory.
The SID starts with “S-“.