AWS::PCAConnectorAD::TemplateGroupAccessControlEntry AccessRights - Amazon CloudFormation
SyntaxProperties
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

AWS::PCAConnectorAD::TemplateGroupAccessControlEntry AccessRights

Allow or deny permissions for an Active Directory group to enroll or autoenroll certificates for a template.

Syntax

To declare this entity in your Amazon CloudFormation template, use the following syntax:

JSON

{
  "AutoEnroll" : String,
  "Enroll" : String
}

YAML

  AutoEnroll: String
  Enroll: String

Properties

AutoEnroll

Allow or deny an Active Directory group from autoenrolling certificates issued against a template. The Active Directory group must be allowed to enroll to allow autoenrollment

Required: No

Type: String

Allowed values: ALLOW | DENY

Update requires: No interruption

Enroll

Allow or deny an Active Directory group from enrolling certificates issued against a template.

Required: No

Type: String

Allowed values: ALLOW | DENY

Update requires: No interruption