PcaConnectorAd / Paginator / ListTemplateGroupAccessControlEntries

ListTemplateGroupAccessControlEntries#

class PcaConnectorAd.Paginator.ListTemplateGroupAccessControlEntries#
paginator = client.get_paginator('list_template_group_access_control_entries')
paginate(**kwargs)#

Creates an iterator that will paginate through responses from PcaConnectorAd.Client.list_template_group_access_control_entries().

See also: AWS API Documentation

Request Syntax

response_iterator = paginator.paginate(
    TemplateArn='string',
    PaginationConfig={
        'MaxItems': 123,
        'PageSize': 123,
        'StartingToken': 'string'
    }
)
Parameters:

  • TemplateArn (string) –

    [REQUIRED]

    The Amazon Resource Name (ARN) that was returned when you called CreateTemplate.

  • PaginationConfig (dict) –

    A dictionary that provides parameters to control pagination.

    • MaxItems (integer) –

      The total number of items to return. If the total number of items available is more than the value specified in max-items then a NextToken will be provided in the output that you can use to resume pagination.

    • PageSize (integer) –

      The size of each page.

    • StartingToken (string) –

      A token to specify where to start paginating. This is the NextToken from a previous response.

Return type:

dict

Returns:

Response Syntax

{
    'AccessControlEntries': [
        {
            'AccessRights': {
                'AutoEnroll': 'ALLOW'|'DENY',
                'Enroll': 'ALLOW'|'DENY'
            },
            'CreatedAt': datetime(2015, 1, 1),
            'GroupDisplayName': 'string',
            'GroupSecurityIdentifier': 'string',
            'TemplateArn': 'string',
            'UpdatedAt': datetime(2015, 1, 1)
        },
    ],

}

Response Structure

  • (dict) –

    • AccessControlEntries (list) –

      An access control entry grants or denies permission to an Active Directory group to enroll certificates for a template.

      • (dict) –

        Summary of group access control entries that allow or deny Active Directory groups based on their security identifiers (SIDs) from enrolling and/or autofenrolling with the template.

        • AccessRights (dict) –

          Allow or deny an Active Directory group from enrolling and autoenrolling certificates issued against a template.

          • AutoEnroll (string) –

            Allow or deny an Active Directory group from autoenrolling certificates issued against a template. The Active Directory group must be allowed to enroll to allow autoenrollment

          • Enroll (string) –

            Allow or deny an Active Directory group from enrolling certificates issued against a template.

        • CreatedAt (datetime) –

          The date and time that the Access Control Entry was created.

        • GroupDisplayName (string) –

          Name of the Active Directory group. This name does not need to match the group name in Active Directory.

        • GroupSecurityIdentifier (string) –

          Security identifier (SID) of the group object from Active Directory. The SID starts with “S-“.

        • TemplateArn (string) –

          The Amazon Resource Name (ARN) that was returned when you called CreateTemplate.

        • UpdatedAt (datetime) –

          The date and time that the Access Control Entry was updated.