Creates a connector between Amazon Web Services Private CA and an Active Directory.

You must specify the private CA, directory ID, and security groups.

Creates a directory registration that authorizes communication between Amazon Web Services Private CA and an Active Directory

Creates a service principal name (SPN) for the service account in Active Directory.

Kerberos authentication uses SPNs to associate a service instance with a service sign-in account.

Creates an Active Directory compatible certificate template.

The connectors issues certificates using these templates based on the requester’s Active Directory group membership.

Create a group access control entry.

Allow or deny Active Directory groups from enrolling and/or autoenrolling with the template based on the group security identifiers (SIDs).

Deletes a connector for Active Directory.

You must provide the Amazon Resource Name (ARN) of the connector that you want to delete. You can find the ARN by calling the https://docs.aws.amazon.com/pca-connector-ad/latest/APIReference/API_ListConnectors action. Deleting a connector does not deregister your directory with Amazon Web Services Private CA. You can deregister your directory by calling the https://docs.aws.amazon.com/pca-connector-ad/latest/APIReference/API_DeleteDirectoryRegistration action.

Deletes a directory registration.

Deleting a directory registration deauthorizes Amazon Web Services Private CA with the directory.

Deletes the service principal name (SPN) used by a connector to authenticate with your Active Directory.

Deletes a template.

Certificates issued using the template are still valid until they are revoked or expired.

Deletes a group access control entry.

Lists information about your connector.

You specify the connector on input by its ARN (Amazon Resource Name).

A structure that contains information about your directory registration.

Lists the service principal name that the connector uses to authenticate with Active Directory.

Retrieves a certificate template that the connector uses to issue certificates from a private CA.

Retrieves the group access control entries for a template.

Lists the connectors that you created by using the https://docs.aws.amazon.com/pca-connector-ad/latest/APIReference/API_CreateConnector action.

Lists the directory registrations that you created by using the https://docs.aws.amazon.com/pca-connector-ad/latest/APIReference/API_CreateDirectoryRegistration action.

Lists the service principal names that the connector uses to authenticate with Active Directory.

Lists the tags, if any, that are associated with your resource.

Lists group access control entries you created.

Lists the templates, if any, that are associated with a connector.

Adds one or more tags to your resource.

Removes one or more tags from your resource.

Update template configuration to define the information included in certificates.

Update a group access control entry you created using CreateTemplateGroupAccessControlEntry.