PrivateCAConnectorforSCEP ************************* Client ====== class PrivateCAConnectorforSCEP.Client A low-level client representing Private CA Connector for SCEP Connector for SCEP creates a connector between Amazon Web Services Private CA and your SCEP-enabled clients and devices. For more information, see Connector for SCEP in the *Amazon Web Services Private CA User Guide*. import boto3 client = boto3.client('pca-connector-scep') These are the available methods: * can_paginate * close * create_challenge * create_connector * delete_challenge * delete_connector * get_challenge_metadata * get_challenge_password * get_connector * get_paginator * get_waiter * list_challenge_metadata * list_connectors * list_tags_for_resource * tag_resource * untag_resource Paginators ========== Paginators are available on a client instance via the "get_paginator" method. For more detailed instructions and examples on the usage of paginators, see the paginators user guide. The available paginators are: * ListChallengeMetadata * ListConnectors PrivateCAConnectorforSCEP / Paginator / ListChallengeMetadata ListChallengeMetadata ********************* class PrivateCAConnectorforSCEP.Paginator.ListChallengeMetadata paginator = client.get_paginator('list_challenge_metadata') paginate(**kwargs) Creates an iterator that will paginate through responses from "PrivateCAConnectorforSCEP.Client.list_challenge_metadata()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( ConnectorArn='string', PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: * **ConnectorArn** (*string*) -- **[REQUIRED]** The Amazon Resource Name (ARN) of the connector. * **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max-items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'Challenges': [ { 'Arn': 'string', 'ConnectorArn': 'string', 'CreatedAt': datetime(2015, 1, 1), 'UpdatedAt': datetime(2015, 1, 1) }, ], } **Response Structure** * *(dict) --* * **Challenges** *(list) --* The challenge metadata for the challenges belonging to your Amazon Web Services account. * *(dict) --* Details about the specified challenge, returned by the GetChallengeMetadata action. * **Arn** *(string) --* The Amazon Resource Name (ARN) of the challenge. * **ConnectorArn** *(string) --* The Amazon Resource Name (ARN) of the connector. * **CreatedAt** *(datetime) --* The date and time that the challenge was created. * **UpdatedAt** *(datetime) --* The date and time that the challenge was updated. PrivateCAConnectorforSCEP / Paginator / ListConnectors ListConnectors ************** class PrivateCAConnectorforSCEP.Paginator.ListConnectors paginator = client.get_paginator('list_connectors') paginate(**kwargs) Creates an iterator that will paginate through responses from "PrivateCAConnectorforSCEP.Client.list_connectors()". See also: AWS API Documentation **Request Syntax** response_iterator = paginator.paginate( PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } ) Parameters: **PaginationConfig** (*dict*) -- A dictionary that provides parameters to control pagination. * **MaxItems** *(integer) --* The total number of items to return. If the total number of items available is more than the value specified in max- items then a "NextToken" will be provided in the output that you can use to resume pagination. * **PageSize** *(integer) --* The size of each page. * **StartingToken** *(string) --* A token to specify where to start paginating. This is the "NextToken" from a previous response. Return type: dict Returns: **Response Syntax** { 'Connectors': [ { 'Arn': 'string', 'CertificateAuthorityArn': 'string', 'Type': 'GENERAL_PURPOSE'|'INTUNE', 'MobileDeviceManagement': { 'Intune': { 'AzureApplicationId': 'string', 'Domain': 'string' } }, 'OpenIdConfiguration': { 'Issuer': 'string', 'Subject': 'string', 'Audience': 'string' }, 'Status': 'CREATING'|'ACTIVE'|'DELETING'|'FAILED', 'StatusReason': 'INTERNAL_FAILURE'|'PRIVATECA_ACCESS_DENIED'|'PRIVATECA_INVALID_STATE'|'PRIVATECA_RESOURCE_NOT_FOUND', 'Endpoint': 'string', 'CreatedAt': datetime(2015, 1, 1), 'UpdatedAt': datetime(2015, 1, 1) }, ], } **Response Structure** * *(dict) --* * **Connectors** *(list) --* The connectors belonging to your Amazon Web Services account. * *(dict) --* Lists the Amazon Web Services Private CA SCEP connectors belonging to your Amazon Web Services account. * **Arn** *(string) --* The Amazon Resource Name (ARN) of the connector. * **CertificateAuthorityArn** *(string) --* The Amazon Resource Name (ARN) of the connector's associated certificate authority. * **Type** *(string) --* The connector type. * **MobileDeviceManagement** *(dict) --* Contains settings relevant to the mobile device management system that you chose for the connector. If you didn't configure "MobileDeviceManagement", then the connector is for general-purpose use and this object is empty. Note: This is a Tagged Union structure. Only one of the following top level keys will be set: "Intune". If a client receives an unknown member it will set "SDK_UNKNOWN_MEMBER" as the top level key, which maps to the name or tag of the unknown member. The structure of "SDK_UNKNOWN_MEMBER" is as follows: 'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'} * **Intune** *(dict) --* Configuration settings for use with Microsoft Intune. For information about using Connector for SCEP for Microsoft Intune, see Using Connector for SCEP for Microsoft Intune. * **AzureApplicationId** *(string) --* The directory (tenant) ID from your Microsoft Entra ID app registration. * **Domain** *(string) --* The primary domain from your Microsoft Entra ID app registration. * **OpenIdConfiguration** *(dict) --* Contains OpenID Connect (OIDC) parameters for use with Microsoft Intune. * **Issuer** *(string) --* The issuer value to copy into your Microsoft Entra app registration's OIDC. * **Subject** *(string) --* The subject value to copy into your Microsoft Entra app registration's OIDC. * **Audience** *(string) --* The audience value to copy into your Microsoft Entra app registration's OIDC. * **Status** *(string) --* The connector's status. Status can be creating, active, deleting, or failed. * **StatusReason** *(string) --* Information about why connector creation failed, if status is "FAILED". * **Endpoint** *(string) --* The connector's HTTPS public SCEP URL. * **CreatedAt** *(datetime) --* The date and time that the challenge was created. * **UpdatedAt** *(datetime) --* The date and time that the challenge was updated. PrivateCAConnectorforSCEP / Client / get_paginator get_paginator ************* PrivateCAConnectorforSCEP.Client.get_paginator(operation_name) Create a paginator for an operation. Parameters: **operation_name** (*string*) -- The operation name. This is the same name as the method name on the client. For example, if the method name is "create_foo", and you'd normally invoke the operation as "client.create_foo(**kwargs)", if the "create_foo" operation can be paginated, you can use the call "client.get_paginator("create_foo")". Raises: **OperationNotPageableError** -- Raised if the operation is not pageable. You can use the "client.can_paginate" method to check if an operation is pageable. Return type: "botocore.paginate.Paginator" Returns: A paginator object. PrivateCAConnectorforSCEP / Client / can_paginate can_paginate ************ PrivateCAConnectorforSCEP.Client.can_paginate(operation_name) Check if an operation can be paginated. Parameters: **operation_name** (*string*) -- The operation name. This is the same name as the method name on the client. For example, if the method name is "create_foo", and you'd normally invoke the operation as "client.create_foo(**kwargs)", if the "create_foo" operation can be paginated, you can use the call "client.get_paginator("create_foo")". Returns: "True" if the operation can be paginated, "False" otherwise. PrivateCAConnectorforSCEP / Client / delete_challenge delete_challenge **************** PrivateCAConnectorforSCEP.Client.delete_challenge(**kwargs) Deletes the specified Challenge. See also: AWS API Documentation **Request Syntax** response = client.delete_challenge( ChallengeArn='string' ) Parameters: **ChallengeArn** (*string*) -- **[REQUIRED]** The Amazon Resource Name (ARN) of the challenge password to delete. Returns: None **Exceptions** * "PrivateCAConnectorforSCEP.Client.exceptions.ResourceNotFoundExc eption" * "PrivateCAConnectorforSCEP.Client.exceptions.InternalServerExcep tion" * "PrivateCAConnectorforSCEP.Client.exceptions.ValidationException" * "PrivateCAConnectorforSCEP.Client.exceptions.ThrottlingException" * "PrivateCAConnectorforSCEP.Client.exceptions.AccessDeniedExcepti on" * "PrivateCAConnectorforSCEP.Client.exceptions.ConflictException" PrivateCAConnectorforSCEP / Client / get_connector get_connector ************* PrivateCAConnectorforSCEP.Client.get_connector(**kwargs) Retrieves details about the specified Connector. Calling this action returns important details about the connector, such as the public SCEP URL where your clients can request certificates. See also: AWS API Documentation **Request Syntax** response = client.get_connector( ConnectorArn='string' ) Parameters: **ConnectorArn** (*string*) -- **[REQUIRED]** The Amazon Resource Name (ARN) of the connector. Return type: dict Returns: **Response Syntax** { 'Connector': { 'Arn': 'string', 'CertificateAuthorityArn': 'string', 'Type': 'GENERAL_PURPOSE'|'INTUNE', 'MobileDeviceManagement': { 'Intune': { 'AzureApplicationId': 'string', 'Domain': 'string' } }, 'OpenIdConfiguration': { 'Issuer': 'string', 'Subject': 'string', 'Audience': 'string' }, 'Status': 'CREATING'|'ACTIVE'|'DELETING'|'FAILED', 'StatusReason': 'INTERNAL_FAILURE'|'PRIVATECA_ACCESS_DENIED'|'PRIVATECA_INVALID_STATE'|'PRIVATECA_RESOURCE_NOT_FOUND', 'Endpoint': 'string', 'CreatedAt': datetime(2015, 1, 1), 'UpdatedAt': datetime(2015, 1, 1) } } **Response Structure** * *(dict) --* * **Connector** *(dict) --* The properties of the connector. * **Arn** *(string) --* The Amazon Resource Name (ARN) of the connector. * **CertificateAuthorityArn** *(string) --* The Amazon Resource Name (ARN) of the certificate authority associated with the connector. * **Type** *(string) --* The connector type. * **MobileDeviceManagement** *(dict) --* Contains settings relevant to the mobile device management system that you chose for the connector. If you didn't configure "MobileDeviceManagement", then the connector is for general-purpose use and this object is empty. Note: This is a Tagged Union structure. Only one of the following top level keys will be set: "Intune". If a client receives an unknown member it will set "SDK_UNKNOWN_MEMBER" as the top level key, which maps to the name or tag of the unknown member. The structure of "SDK_UNKNOWN_MEMBER" is as follows: 'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'} * **Intune** *(dict) --* Configuration settings for use with Microsoft Intune. For information about using Connector for SCEP for Microsoft Intune, see Using Connector for SCEP for Microsoft Intune. * **AzureApplicationId** *(string) --* The directory (tenant) ID from your Microsoft Entra ID app registration. * **Domain** *(string) --* The primary domain from your Microsoft Entra ID app registration. * **OpenIdConfiguration** *(dict) --* Contains OpenID Connect (OIDC) parameters for use with Connector for SCEP for Microsoft Intune. For more information about using Connector for SCEP for Microsoft Intune, see Using Connector for SCEP for Microsoft Intune. * **Issuer** *(string) --* The issuer value to copy into your Microsoft Entra app registration's OIDC. * **Subject** *(string) --* The subject value to copy into your Microsoft Entra app registration's OIDC. * **Audience** *(string) --* The audience value to copy into your Microsoft Entra app registration's OIDC. * **Status** *(string) --* The connector's status. * **StatusReason** *(string) --* Information about why connector creation failed, if status is "FAILED". * **Endpoint** *(string) --* The connector's HTTPS public SCEP URL. * **CreatedAt** *(datetime) --* The date and time that the connector was created. * **UpdatedAt** *(datetime) --* The date and time that the connector was updated. **Exceptions** * "PrivateCAConnectorforSCEP.Client.exceptions.ResourceNotFoundExc eption" * "PrivateCAConnectorforSCEP.Client.exceptions.InternalServerExcep tion" * "PrivateCAConnectorforSCEP.Client.exceptions.ValidationException" * "PrivateCAConnectorforSCEP.Client.exceptions.ThrottlingException" * "PrivateCAConnectorforSCEP.Client.exceptions.AccessDeniedExcepti on" PrivateCAConnectorforSCEP / Client / list_tags_for_resource list_tags_for_resource ********************** PrivateCAConnectorforSCEP.Client.list_tags_for_resource(**kwargs) Retrieves the tags associated with the specified resource. Tags are key-value pairs that you can use to categorize and manage your resources, for purposes like billing. For example, you might set the tag key to "customer" and the value to the customer name or ID. You can specify one or more tags to add to each Amazon Web Services resource, up to 50 tags for a resource. See also: AWS API Documentation **Request Syntax** response = client.list_tags_for_resource( ResourceArn='string' ) Parameters: **ResourceArn** (*string*) -- **[REQUIRED]** The Amazon Resource Name (ARN) of the resource. Return type: dict Returns: **Response Syntax** { 'Tags': { 'string': 'string' } } **Response Structure** * *(dict) --* * **Tags** *(dict) --* The key-value pairs to associate with the resource. * *(string) --* * *(string) --* **Exceptions** * "PrivateCAConnectorforSCEP.Client.exceptions.ResourceNotFoundExc eption" * "PrivateCAConnectorforSCEP.Client.exceptions.InternalServerExcep tion" * "PrivateCAConnectorforSCEP.Client.exceptions.ValidationException" * "PrivateCAConnectorforSCEP.Client.exceptions.ThrottlingException" * "PrivateCAConnectorforSCEP.Client.exceptions.AccessDeniedExcepti on" PrivateCAConnectorforSCEP / Client / create_challenge create_challenge **************** PrivateCAConnectorforSCEP.Client.create_challenge(**kwargs) For general-purpose connectors. Creates a *challenge password* for the specified connector. The SCEP protocol uses a challenge password to authenticate a request before issuing a certificate from a certificate authority (CA). Your SCEP clients include the challenge password as part of their certificate request to Connector for SCEP. To retrieve the connector Amazon Resource Names (ARNs) for the connectors in your account, call ListConnectors. To create additional challenge passwords for the connector, call "CreateChallenge" again. We recommend frequently rotating your challenge passwords. See also: AWS API Documentation **Request Syntax** response = client.create_challenge( ConnectorArn='string', ClientToken='string', Tags={ 'string': 'string' } ) Parameters: * **ConnectorArn** (*string*) -- **[REQUIRED]** The Amazon Resource Name (ARN) of the connector that you want to create a challenge for. * **ClientToken** (*string*) -- Custom string that can be used to distinguish between calls to the CreateChallenge action. Client tokens for "CreateChallenge" time out after five minutes. Therefore, if you call "CreateChallenge" multiple times with the same client token within five minutes, Connector for SCEP recognizes that you are requesting only one challenge and will only respond with one. If you change the client token for each call, Connector for SCEP recognizes that you are requesting multiple challenge passwords. This field is autopopulated if not provided. * **Tags** (*dict*) -- The key-value pairs to associate with the resource. * *(string) --* * *(string) --* Return type: dict Returns: **Response Syntax** { 'Challenge': { 'Arn': 'string', 'ConnectorArn': 'string', 'CreatedAt': datetime(2015, 1, 1), 'UpdatedAt': datetime(2015, 1, 1), 'Password': 'string' } } **Response Structure** * *(dict) --* * **Challenge** *(dict) --* Returns the challenge details for the specified connector. * **Arn** *(string) --* The Amazon Resource Name (ARN) of the challenge. * **ConnectorArn** *(string) --* The Amazon Resource Name (ARN) of the connector. * **CreatedAt** *(datetime) --* The date and time that the challenge was created. * **UpdatedAt** *(datetime) --* The date and time that the challenge was updated. * **Password** *(string) --* The SCEP challenge password, in UUID format. **Exceptions** * "PrivateCAConnectorforSCEP.Client.exceptions.ResourceNotFoundExc eption" * "PrivateCAConnectorforSCEP.Client.exceptions.BadRequestException" * "PrivateCAConnectorforSCEP.Client.exceptions.InternalServerExcep tion" * "PrivateCAConnectorforSCEP.Client.exceptions.ValidationException" * "PrivateCAConnectorforSCEP.Client.exceptions.ThrottlingException" * "PrivateCAConnectorforSCEP.Client.exceptions.AccessDeniedExcepti on" * "PrivateCAConnectorforSCEP.Client.exceptions.ConflictException" * "PrivateCAConnectorforSCEP.Client.exceptions.ServiceQuotaExceede dException" PrivateCAConnectorforSCEP / Client / get_challenge_metadata get_challenge_metadata ********************** PrivateCAConnectorforSCEP.Client.get_challenge_metadata(**kwargs) Retrieves the metadata for the specified Challenge. See also: AWS API Documentation **Request Syntax** response = client.get_challenge_metadata( ChallengeArn='string' ) Parameters: **ChallengeArn** (*string*) -- **[REQUIRED]** The Amazon Resource Name (ARN) of the challenge. Return type: dict Returns: **Response Syntax** { 'ChallengeMetadata': { 'Arn': 'string', 'ConnectorArn': 'string', 'CreatedAt': datetime(2015, 1, 1), 'UpdatedAt': datetime(2015, 1, 1) } } **Response Structure** * *(dict) --* * **ChallengeMetadata** *(dict) --* The metadata for the challenge. * **Arn** *(string) --* The Amazon Resource Name (ARN) of the challenge. * **ConnectorArn** *(string) --* The Amazon Resource Name (ARN) of the connector. * **CreatedAt** *(datetime) --* The date and time that the connector was created. * **UpdatedAt** *(datetime) --* The date and time that the connector was updated. **Exceptions** * "PrivateCAConnectorforSCEP.Client.exceptions.ResourceNotFoundExc eption" * "PrivateCAConnectorforSCEP.Client.exceptions.InternalServerExcep tion" * "PrivateCAConnectorforSCEP.Client.exceptions.ValidationException" * "PrivateCAConnectorforSCEP.Client.exceptions.ThrottlingException" * "PrivateCAConnectorforSCEP.Client.exceptions.AccessDeniedExcepti on" PrivateCAConnectorforSCEP / Client / untag_resource untag_resource ************** PrivateCAConnectorforSCEP.Client.untag_resource(**kwargs) Removes one or more tags from your resource. See also: AWS API Documentation **Request Syntax** response = client.untag_resource( ResourceArn='string', TagKeys=[ 'string', ] ) Parameters: * **ResourceArn** (*string*) -- **[REQUIRED]** The Amazon Resource Name (ARN) of the resource. * **TagKeys** (*list*) -- **[REQUIRED]** Specifies a list of tag keys that you want to remove from the specified resources. * *(string) --* Returns: None **Exceptions** * "PrivateCAConnectorforSCEP.Client.exceptions.ResourceNotFoundExc eption" * "PrivateCAConnectorforSCEP.Client.exceptions.InternalServerExcep tion" * "PrivateCAConnectorforSCEP.Client.exceptions.ValidationException" * "PrivateCAConnectorforSCEP.Client.exceptions.ThrottlingException" * "PrivateCAConnectorforSCEP.Client.exceptions.AccessDeniedExcepti on" PrivateCAConnectorforSCEP / Client / get_waiter get_waiter ********** PrivateCAConnectorforSCEP.Client.get_waiter(waiter_name) Returns an object that can wait for some condition. Parameters: **waiter_name** (*str*) -- The name of the waiter to get. See the waiters section of the service docs for a list of available waiters. Returns: The specified waiter object. Return type: "botocore.waiter.Waiter" PrivateCAConnectorforSCEP / Client / list_challenge_metadata list_challenge_metadata *********************** PrivateCAConnectorforSCEP.Client.list_challenge_metadata(**kwargs) Retrieves the challenge metadata for the specified ARN. See also: AWS API Documentation **Request Syntax** response = client.list_challenge_metadata( MaxResults=123, NextToken='string', ConnectorArn='string' ) Parameters: * **MaxResults** (*integer*) -- The maximum number of objects that you want Connector for SCEP to return for this request. If more objects are available, in the response, Connector for SCEP provides a "NextToken" value that you can use in a subsequent call to get the next batch of objects. * **NextToken** (*string*) -- When you request a list of objects with a "MaxResults" setting, if the number of objects that are still available for retrieval exceeds the maximum you requested, Connector for SCEP returns a "NextToken" value in the response. To retrieve the next batch of objects, use the token returned from the prior request in your next request. * **ConnectorArn** (*string*) -- **[REQUIRED]** The Amazon Resource Name (ARN) of the connector. Return type: dict Returns: **Response Syntax** { 'Challenges': [ { 'Arn': 'string', 'ConnectorArn': 'string', 'CreatedAt': datetime(2015, 1, 1), 'UpdatedAt': datetime(2015, 1, 1) }, ], 'NextToken': 'string' } **Response Structure** * *(dict) --* * **Challenges** *(list) --* The challenge metadata for the challenges belonging to your Amazon Web Services account. * *(dict) --* Details about the specified challenge, returned by the GetChallengeMetadata action. * **Arn** *(string) --* The Amazon Resource Name (ARN) of the challenge. * **ConnectorArn** *(string) --* The Amazon Resource Name (ARN) of the connector. * **CreatedAt** *(datetime) --* The date and time that the challenge was created. * **UpdatedAt** *(datetime) --* The date and time that the challenge was updated. * **NextToken** *(string) --* When you request a list of objects with a "MaxResults" setting, if the number of objects that are still available for retrieval exceeds the maximum you requested, Connector for SCEP returns a "NextToken" value in the response. To retrieve the next batch of objects, use the token returned from the prior request in your next request. **Exceptions** * "PrivateCAConnectorforSCEP.Client.exceptions.ResourceNotFoundExc eption" * "PrivateCAConnectorforSCEP.Client.exceptions.InternalServerExcep tion" * "PrivateCAConnectorforSCEP.Client.exceptions.ValidationException" * "PrivateCAConnectorforSCEP.Client.exceptions.ThrottlingException" * "PrivateCAConnectorforSCEP.Client.exceptions.AccessDeniedExcepti on" PrivateCAConnectorforSCEP / Client / create_connector create_connector **************** PrivateCAConnectorforSCEP.Client.create_connector(**kwargs) Creates a SCEP connector. A SCEP connector links Amazon Web Services Private Certificate Authority to your SCEP-compatible devices and mobile device management (MDM) systems. Before you create a connector, you must complete a set of prerequisites, including creation of a private certificate authority (CA) to use with this connector. For more information, see Connector for SCEP prerequisites. See also: AWS API Documentation **Request Syntax** response = client.create_connector( CertificateAuthorityArn='string', MobileDeviceManagement={ 'Intune': { 'AzureApplicationId': 'string', 'Domain': 'string' } }, ClientToken='string', Tags={ 'string': 'string' } ) Parameters: * **CertificateAuthorityArn** (*string*) -- **[REQUIRED]** The Amazon Resource Name (ARN) of the Amazon Web Services Private Certificate Authority certificate authority to use with this connector. Due to security vulnerabilities present in the SCEP protocol, we recommend using a private CA that's dedicated for use with the connector. To retrieve the private CAs associated with your account, you can call ListCertificateAuthorities using the Amazon Web Services Private CA API. * **MobileDeviceManagement** (*dict*) -- If you don't supply a value, by default Connector for SCEP creates a connector for general-purpose use. A general-purpose connector is designed to work with clients or endpoints that support the SCEP protocol, except Connector for SCEP for Microsoft Intune. With connectors for general-purpose use, you manage SCEP challenge passwords using Connector for SCEP. For information about considerations and limitations with using Connector for SCEP, see Considerations and Limitations. If you provide an "IntuneConfiguration", Connector for SCEP creates a connector for use with Microsoft Intune, and you manage the challenge passwords using Microsoft Intune. For more information, see Using Connector for SCEP for Microsoft Intune. Note: This is a Tagged Union structure. Only one of the following top level keys can be set: "Intune". * **Intune** *(dict) --* Configuration settings for use with Microsoft Intune. For information about using Connector for SCEP for Microsoft Intune, see Using Connector for SCEP for Microsoft Intune. * **AzureApplicationId** *(string) --* **[REQUIRED]** The directory (tenant) ID from your Microsoft Entra ID app registration. * **Domain** *(string) --* **[REQUIRED]** The primary domain from your Microsoft Entra ID app registration. * **ClientToken** (*string*) -- Custom string that can be used to distinguish between calls to the CreateChallenge action. Client tokens for "CreateChallenge" time out after five minutes. Therefore, if you call "CreateChallenge" multiple times with the same client token within five minutes, Connector for SCEP recognizes that you are requesting only one challenge and will only respond with one. If you change the client token for each call, Connector for SCEP recognizes that you are requesting multiple challenge passwords. This field is autopopulated if not provided. * **Tags** (*dict*) -- The key-value pairs to associate with the resource. * *(string) --* * *(string) --* Return type: dict Returns: **Response Syntax** { 'ConnectorArn': 'string' } **Response Structure** * *(dict) --* * **ConnectorArn** *(string) --* Returns the Amazon Resource Name (ARN) of the connector. **Exceptions** * "PrivateCAConnectorforSCEP.Client.exceptions.ResourceNotFoundExc eption" * "PrivateCAConnectorforSCEP.Client.exceptions.InternalServerExcep tion" * "PrivateCAConnectorforSCEP.Client.exceptions.ValidationException" * "PrivateCAConnectorforSCEP.Client.exceptions.ThrottlingException" * "PrivateCAConnectorforSCEP.Client.exceptions.AccessDeniedExcepti on" * "PrivateCAConnectorforSCEP.Client.exceptions.ConflictException" * "PrivateCAConnectorforSCEP.Client.exceptions.ServiceQuotaExceede dException" PrivateCAConnectorforSCEP / Client / get_challenge_password get_challenge_password ********************** PrivateCAConnectorforSCEP.Client.get_challenge_password(**kwargs) Retrieves the challenge password for the specified Challenge. See also: AWS API Documentation **Request Syntax** response = client.get_challenge_password( ChallengeArn='string' ) Parameters: **ChallengeArn** (*string*) -- **[REQUIRED]** The Amazon Resource Name (ARN) of the challenge. Return type: dict Returns: **Response Syntax** { 'Password': 'string' } **Response Structure** * *(dict) --* * **Password** *(string) --* The SCEP challenge password. **Exceptions** * "PrivateCAConnectorforSCEP.Client.exceptions.ResourceNotFoundExc eption" * "PrivateCAConnectorforSCEP.Client.exceptions.InternalServerExcep tion" * "PrivateCAConnectorforSCEP.Client.exceptions.ValidationException" * "PrivateCAConnectorforSCEP.Client.exceptions.ThrottlingException" * "PrivateCAConnectorforSCEP.Client.exceptions.AccessDeniedExcepti on" PrivateCAConnectorforSCEP / Client / close close ***** PrivateCAConnectorforSCEP.Client.close() Closes underlying endpoint connections. PrivateCAConnectorforSCEP / Client / tag_resource tag_resource ************ PrivateCAConnectorforSCEP.Client.tag_resource(**kwargs) Adds one or more tags to your resource. See also: AWS API Documentation **Request Syntax** response = client.tag_resource( ResourceArn='string', Tags={ 'string': 'string' } ) Parameters: * **ResourceArn** (*string*) -- **[REQUIRED]** The Amazon Resource Name (ARN) of the resource. * **Tags** (*dict*) -- **[REQUIRED]** The key-value pairs to associate with the resource. * *(string) --* * *(string) --* Returns: None **Exceptions** * "PrivateCAConnectorforSCEP.Client.exceptions.ResourceNotFoundExc eption" * "PrivateCAConnectorforSCEP.Client.exceptions.InternalServerExcep tion" * "PrivateCAConnectorforSCEP.Client.exceptions.ValidationException" * "PrivateCAConnectorforSCEP.Client.exceptions.ThrottlingException" * "PrivateCAConnectorforSCEP.Client.exceptions.AccessDeniedExcepti on" PrivateCAConnectorforSCEP / Client / delete_connector delete_connector **************** PrivateCAConnectorforSCEP.Client.delete_connector(**kwargs) Deletes the specified Connector. This operation also deletes any challenges associated with the connector. See also: AWS API Documentation **Request Syntax** response = client.delete_connector( ConnectorArn='string' ) Parameters: **ConnectorArn** (*string*) -- **[REQUIRED]** The Amazon Resource Name (ARN) of the connector to delete. Returns: None **Exceptions** * "PrivateCAConnectorforSCEP.Client.exceptions.ResourceNotFoundExc eption" * "PrivateCAConnectorforSCEP.Client.exceptions.InternalServerExcep tion" * "PrivateCAConnectorforSCEP.Client.exceptions.ValidationException" * "PrivateCAConnectorforSCEP.Client.exceptions.ThrottlingException" * "PrivateCAConnectorforSCEP.Client.exceptions.AccessDeniedExcepti on" * "PrivateCAConnectorforSCEP.Client.exceptions.ConflictException" PrivateCAConnectorforSCEP / Client / list_connectors list_connectors *************** PrivateCAConnectorforSCEP.Client.list_connectors(**kwargs) Lists the connectors belonging to your Amazon Web Services account. See also: AWS API Documentation **Request Syntax** response = client.list_connectors( MaxResults=123, NextToken='string' ) Parameters: * **MaxResults** (*integer*) -- The maximum number of objects that you want Connector for SCEP to return for this request. If more objects are available, in the response, Connector for SCEP provides a "NextToken" value that you can use in a subsequent call to get the next batch of objects. * **NextToken** (*string*) -- When you request a list of objects with a "MaxResults" setting, if the number of objects that are still available for retrieval exceeds the maximum you requested, Connector for SCEP returns a "NextToken" value in the response. To retrieve the next batch of objects, use the token returned from the prior request in your next request. Return type: dict Returns: **Response Syntax** { 'Connectors': [ { 'Arn': 'string', 'CertificateAuthorityArn': 'string', 'Type': 'GENERAL_PURPOSE'|'INTUNE', 'MobileDeviceManagement': { 'Intune': { 'AzureApplicationId': 'string', 'Domain': 'string' } }, 'OpenIdConfiguration': { 'Issuer': 'string', 'Subject': 'string', 'Audience': 'string' }, 'Status': 'CREATING'|'ACTIVE'|'DELETING'|'FAILED', 'StatusReason': 'INTERNAL_FAILURE'|'PRIVATECA_ACCESS_DENIED'|'PRIVATECA_INVALID_STATE'|'PRIVATECA_RESOURCE_NOT_FOUND', 'Endpoint': 'string', 'CreatedAt': datetime(2015, 1, 1), 'UpdatedAt': datetime(2015, 1, 1) }, ], 'NextToken': 'string' } **Response Structure** * *(dict) --* * **Connectors** *(list) --* The connectors belonging to your Amazon Web Services account. * *(dict) --* Lists the Amazon Web Services Private CA SCEP connectors belonging to your Amazon Web Services account. * **Arn** *(string) --* The Amazon Resource Name (ARN) of the connector. * **CertificateAuthorityArn** *(string) --* The Amazon Resource Name (ARN) of the connector's associated certificate authority. * **Type** *(string) --* The connector type. * **MobileDeviceManagement** *(dict) --* Contains settings relevant to the mobile device management system that you chose for the connector. If you didn't configure "MobileDeviceManagement", then the connector is for general-purpose use and this object is empty. Note: This is a Tagged Union structure. Only one of the following top level keys will be set: "Intune". If a client receives an unknown member it will set "SDK_UNKNOWN_MEMBER" as the top level key, which maps to the name or tag of the unknown member. The structure of "SDK_UNKNOWN_MEMBER" is as follows: 'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'} * **Intune** *(dict) --* Configuration settings for use with Microsoft Intune. For information about using Connector for SCEP for Microsoft Intune, see Using Connector for SCEP for Microsoft Intune. * **AzureApplicationId** *(string) --* The directory (tenant) ID from your Microsoft Entra ID app registration. * **Domain** *(string) --* The primary domain from your Microsoft Entra ID app registration. * **OpenIdConfiguration** *(dict) --* Contains OpenID Connect (OIDC) parameters for use with Microsoft Intune. * **Issuer** *(string) --* The issuer value to copy into your Microsoft Entra app registration's OIDC. * **Subject** *(string) --* The subject value to copy into your Microsoft Entra app registration's OIDC. * **Audience** *(string) --* The audience value to copy into your Microsoft Entra app registration's OIDC. * **Status** *(string) --* The connector's status. Status can be creating, active, deleting, or failed. * **StatusReason** *(string) --* Information about why connector creation failed, if status is "FAILED". * **Endpoint** *(string) --* The connector's HTTPS public SCEP URL. * **CreatedAt** *(datetime) --* The date and time that the challenge was created. * **UpdatedAt** *(datetime) --* The date and time that the challenge was updated. * **NextToken** *(string) --* When you request a list of objects with a "MaxResults" setting, if the number of objects that are still available for retrieval exceeds the maximum you requested, Connector for SCEP returns a "NextToken" value in the response. To retrieve the next batch of objects, use the token returned from the prior request in your next request. **Exceptions** * "PrivateCAConnectorforSCEP.Client.exceptions.InternalServerExcep tion" * "PrivateCAConnectorforSCEP.Client.exceptions.ValidationException" * "PrivateCAConnectorforSCEP.Client.exceptions.ThrottlingException" * "PrivateCAConnectorforSCEP.Client.exceptions.AccessDeniedExcepti on"