L1 ConstructAWS::PCAConnectorAD::TemplateGroupAccessControlEntry

CfnTemplateGroupAccessControlEntry

Create a group access control entry. Allow or deny Active Directory groups from enrolling and/or autoenrolling with the template based on the group security identifiers (SIDs).

Import

import { CfnTemplateGroupAccessControlEntry } from 'aws-cdk-lib/aws-pcaconnectorad';

Or use the module namespace:

import * as pcaconnectorad from 'aws-cdk-lib/aws-pcaconnectorad';
// pcaconnectorad.CfnTemplateGroupAccessControlEntry

Properties

Configuration passed to the constructor as CfnTemplateGroupAccessControlEntryProps.

accessRightsRequired

IResolvable | AccessRightsProperty

Permissions to allow or deny an Active Directory group to enroll or autoenroll certificates issued against a template.

groupDisplayNameRequired

string

Name of the Active Directory group. This name does not need to match the group name in Active Directory.

groupSecurityIdentifierOptional

string

Security identifier (SID) of the group object from Active Directory. The SID starts with "S-".

templateArnOptional

string

The Amazon Resource Name (ARN) that was returned when you called [CreateTemplate](https://docs.aws.amazon.com/pca-connector-ad/latest/APIReference/API_CreateTemplate.html) .

CloudFormation Resource

This L1 construct maps directly to the following CloudFormation resource type.

AWS::PCAConnectorAD::TemplateGroupAccessControlEntryView in CloudFormation Explorer

Learn AWS the Practical Way

Our bi-weekly newsletter teaches hands-on AWS fundamentals. No certification fluff - just practical knowledge.

Subscribe to Newsletter

Quick Facts

LevelL1 (CloudFormation)

Moduleaws-pcaconnectorad

CFN TypeAWS::PCAConnectorAD::TemplateGroupAccessControlEntry

Properties4

Related Constructs

Explore This Service

External Links

CDK API Documentation