:doc:`DirectoryService <../../ds>` / Client / enable_ca_enrollment_policy

***************************
enable_ca_enrollment_policy
***************************



.. py:method:: DirectoryService.Client.enable_ca_enrollment_policy(**kwargs)

  

  Enables certificate authority (CA) enrollment policy for the specified directory. This allows domain-joined clients to automatically request and receive certificates from the specified Amazon Web Services Private Certificate Authority.

   

  .. note::

    

    Before enabling CA enrollment, ensure that the PCA connector is properly configured and accessible from the directory. The connector must be in an active state and have the necessary permissions.

    

  

  See also: `AWS API Documentation <https://docs.aws.amazon.com/goto/WebAPI/ds-2015-04-16/EnableCAEnrollmentPolicy>`_  


  **Request Syntax**
  ::

    response = client.enable_ca_enrollment_policy(
        DirectoryId='string',
        PcaConnectorArn='string'
    )
    
  :type DirectoryId: string
  :param DirectoryId: **[REQUIRED]** 

    The identifier of the directory for which to enable the CA enrollment policy.

    

  
  :type PcaConnectorArn: string
  :param PcaConnectorArn: **[REQUIRED]** 

    The Amazon Resource Name (ARN) of the Private Certificate Authority (PCA) connector to use for automatic certificate enrollment. This connector must be properly configured and accessible from the directory.

     

    The ARN format is: ``arn:aws:pca-connector-ad:region:account-id:connector/connector-id``

    

  
  
  :rtype: dict
  :returns: 
    
    **Response Syntax**

    
    ::

      {}
      
    **Response Structure**

    

    - *(dict) --* 

      Contains the results of the  EnableCAEnrollmentPolicy operation.

      
  
  **Exceptions**
  
  *   :py:class:`DirectoryService.Client.exceptions.DirectoryDoesNotExistException`

  
  *   :py:class:`DirectoryService.Client.exceptions.DirectoryUnavailableException`

  
  *   :py:class:`DirectoryService.Client.exceptions.InvalidParameterException`

  
  *   :py:class:`DirectoryService.Client.exceptions.EntityAlreadyExistsException`

  
  *   :py:class:`DirectoryService.Client.exceptions.EntityDoesNotExistException`

  
  *   :py:class:`DirectoryService.Client.exceptions.EnableAlreadyInProgressException`

  
  *   :py:class:`DirectoryService.Client.exceptions.ClientException`

  
  *   :py:class:`DirectoryService.Client.exceptions.ServiceException`

  
  *   :py:class:`DirectoryService.Client.exceptions.AccessDeniedException`

  