2020/12/01 - AWS Directory Service - 2 new 3 updated api methods
Changes Adding client authentication feature for AWS AD Connector
Disable client authentication for smart cards.
See also: AWS API Documentation
Request Syntax
client.disable_client_authentication(
DirectoryId='string',
Type='SmartCard'
)
string
[REQUIRED]
Disable client authentication in a specified directory for smart cards.
string
[REQUIRED]
Disable the type of client authentication request.
dict
Response Syntax
{}
Response Structure
(dict) --
Enable client authentication for smardtcards.
See also: AWS API Documentation
Request Syntax
client.enable_client_authentication(
DirectoryId='string',
Type='SmartCard'
)
string
[REQUIRED]
Enable client authentication in a specified directory for smart cards.
string
[REQUIRED]
Enable the type of client authentication request.
dict
Response Syntax
{}
Response Structure
(dict) --
{'Certificate': {'ClientCertAuthSettings': {'OCSPUrl': 'string'},
'Type': 'ClientCertAuth | ClientLDAPS'}}
Displays information about the certificate registered for a secured LDAP connection.
See also: AWS API Documentation
Request Syntax
client.describe_certificate(
DirectoryId='string',
CertificateId='string'
)
string
[REQUIRED]
The identifier of the directory.
string
[REQUIRED]
The identifier of the certificate.
dict
Response Syntax
{
'Certificate': {
'CertificateId': 'string',
'State': 'Registering'|'Registered'|'RegisterFailed'|'Deregistering'|'Deregistered'|'DeregisterFailed',
'StateReason': 'string',
'CommonName': 'string',
'RegisteredDateTime': datetime(2015, 1, 1),
'ExpiryDateTime': datetime(2015, 1, 1),
'Type': 'ClientCertAuth'|'ClientLDAPS',
'ClientCertAuthSettings': {
'OCSPUrl': 'string'
}
}
}
Response Structure
(dict) --
Certificate (dict) --
Information about the certificate, including registered date time, certificate state, the reason for the state, expiration date time, and certificate common name.
CertificateId (string) --
The identifier of the certificate.
State (string) --
The state of the certificate.
StateReason (string) --
Describes a state change for the certificate.
CommonName (string) --
The common name for the certificate.
RegisteredDateTime (datetime) --
The date and time that the certificate was registered.
ExpiryDateTime (datetime) --
The date and time when the certificate will expire.
Type (string) --
Select ClientCertAuth for smart card integration.
ClientCertAuthSettings (dict) --
Provides information about the client certificate authentication settings. The default value is ClientLDAPS .
OCSPUrl (string) --
Specifies the URL of the default OCSP server used to check for revocation status.
{'CertificatesInfo': {'Type': 'ClientCertAuth | ClientLDAPS'}}
For the specified directory, lists all the certificates registered for a secured LDAP connection.
See also: AWS API Documentation
Request Syntax
client.list_certificates(
DirectoryId='string',
NextToken='string',
Limit=123
)
string
[REQUIRED]
The identifier of the directory.
string
A token for requesting another page of certificates if the NextToken response element indicates that more certificates are available. Use the value of the returned NextToken element in your request until the token comes back as null . Pass null if this is the first call.
integer
The number of items that should show up on one page
dict
Response Syntax
{
'NextToken': 'string',
'CertificatesInfo': [
{
'CertificateId': 'string',
'CommonName': 'string',
'State': 'Registering'|'Registered'|'RegisterFailed'|'Deregistering'|'Deregistered'|'DeregisterFailed',
'ExpiryDateTime': datetime(2015, 1, 1),
'Type': 'ClientCertAuth'|'ClientLDAPS'
},
]
}
Response Structure
(dict) --
NextToken (string) --
Indicates whether another page of certificates is available when the number of available certificates exceeds the page limit.
CertificatesInfo (list) --
A list of certificates with basic details including certificate ID, certificate common name, certificate state.
(dict) --
Contains general information about a certificate.
CertificateId (string) --
The identifier of the certificate.
CommonName (string) --
The common name for the certificate.
State (string) --
The state of the certificate.
ExpiryDateTime (datetime) --
The date and time when the certificate will expire.
Type (string) --
Displays the type of certificate.
{'ClientCertAuthSettings': {'OCSPUrl': 'string'},
'Type': 'ClientCertAuth | ClientLDAPS'}
Registers a certificate for secured LDAP connection.
See also: AWS API Documentation
Request Syntax
client.register_certificate(
DirectoryId='string',
CertificateData='string',
Type='ClientCertAuth'|'ClientLDAPS',
ClientCertAuthSettings={
'OCSPUrl': 'string'
}
)
string
[REQUIRED]
The identifier of the directory.
string
[REQUIRED]
The certificate PEM string that needs to be registered.
string
The certificate type to register for the request.
dict
Contains information about the client certificate authentication settings, such as ClientLDAPS or ClientCertAuth .
OCSPUrl (string) --
Specifies the URL of the default OCSP server used to check for revocation status.
dict
Response Syntax
{
'CertificateId': 'string'
}
Response Structure
(dict) --
CertificateId (string) --
The identifier of the certificate.