AWS::PCAConnectorAD::Template - AWS CloudFormation

AWS::PCAConnectorAD::Template

Creates an Active Directory compatible certificate template. The connectors issues certificates using these templates based on the requester’s Active Directory group membership.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON

{ "Type" : "AWS::PCAConnectorAD::Template", "Properties" : { "ConnectorArn" : String, "Definition" : TemplateDefinition, "Name" : String, "ReenrollAllCertificateHolders" : Boolean, "Tags" : {Key: Value, ...} } }

YAML

Type: AWS::PCAConnectorAD::Template Properties: ConnectorArn: String Definition: TemplateDefinition Name: String ReenrollAllCertificateHolders: Boolean Tags: Key: Value

Properties

ConnectorArn

The Amazon Resource Name (ARN) that was returned when you called CreateConnector.

Required: Yes

Type: String

Pattern: ^arn:[\w-]+:pca-connector-ad:[\w-]+:[0-9]+:connector\/[0-9a-f]{8}(-[0-9a-f]{4}){3}-[0-9a-f]{12}$

Minimum: 5

Maximum: 200

Update requires: Replacement

Definition

Template configuration to define the information included in certificates. Define certificate validity and renewal periods, certificate request handling and enrollment options, key usage extensions, application policies, and cryptography settings.

Required: Yes

Type: TemplateDefinition

Update requires: No interruption

Name

Name of the templates. Template names must be unique.

Required: Yes

Type: String

Pattern: ^(?!^\s+$)((?![\x5c'\x2b,;<=>#\x22])([\x20-\x7E]))+$

Minimum: 1

Maximum: 64

Update requires: Replacement

ReenrollAllCertificateHolders

This setting allows the major version of a template to be increased automatically. All members of Active Directory groups that are allowed to enroll with a template will receive a new certificate issued using that template.

Required: No

Type: Boolean

Update requires: No interruption

Tags

Metadata assigned to a template consisting of a key-value pair.

Required: No

Type: Object of String

Pattern: .+

Update requires: No interruption

Return values

Ref

Fn::GetAtt

The Fn::GetAtt intrinsic function returns a value for a specified attribute of this type. The following are the available attributes and sample return values.

For more information about using the Fn::GetAtt intrinsic function, see Fn::GetAtt.

TemplateArn

The Amazon Resource Name (ARN) that was returned when you called CreateTemplate .