{-# LANGUAGE DeriveGeneric #-} {-# LANGUAGE DuplicateRecordFields #-} {-# LANGUAGE NamedFieldPuns #-} {-# LANGUAGE OverloadedStrings #-} {-# LANGUAGE RecordWildCards #-} {-# LANGUAGE StrictData #-} {-# LANGUAGE NoImplicitPrelude #-} {-# OPTIONS_GHC -fno-warn-unused-imports #-} {-# OPTIONS_GHC -fno-warn-unused-matches #-} -- Derived from AWS service descriptions, licensed under Apache 2.0. -- | -- Module : Amazonka.EKS.Types.VpcConfigResponse -- Copyright : (c) 2013-2023 Brendan Hay -- License : Mozilla Public License, v. 2.0. -- Maintainer : Brendan Hay -- Stability : auto-generated -- Portability : non-portable (GHC extensions) module Amazonka.EKS.Types.VpcConfigResponse where import qualified Amazonka.Core as Core import qualified Amazonka.Core.Lens.Internal as Lens import qualified Amazonka.Data as Data import qualified Amazonka.Prelude as Prelude -- | An object representing an Amazon EKS cluster VPC configuration response. -- -- /See:/ 'newVpcConfigResponse' smart constructor. data VpcConfigResponse = VpcConfigResponse' { -- | The cluster security group that was created by Amazon EKS for the -- cluster. Managed node groups use this security group for -- control-plane-to-data-plane communication. clusterSecurityGroupId :: Prelude.Maybe Prelude.Text, -- | This parameter indicates whether the Amazon EKS private API server -- endpoint is enabled. If the Amazon EKS private API server endpoint is -- enabled, Kubernetes API requests that originate from within your -- cluster\'s VPC use the private VPC endpoint instead of traversing the -- internet. If this value is disabled and you have nodes or Fargate pods -- in the cluster, then ensure that @publicAccessCidrs@ includes the -- necessary CIDR blocks for communication with the nodes or Fargate pods. -- For more information, see -- -- in the //Amazon EKS User Guide// . endpointPrivateAccess :: Prelude.Maybe Prelude.Bool, -- | This parameter indicates whether the Amazon EKS public API server -- endpoint is enabled. If the Amazon EKS public API server endpoint is -- disabled, your cluster\'s Kubernetes API server can only receive -- requests that originate from within the cluster VPC. endpointPublicAccess :: Prelude.Maybe Prelude.Bool, -- | The CIDR blocks that are allowed access to your cluster\'s public -- Kubernetes API server endpoint. Communication to the endpoint from -- addresses outside of the listed CIDR blocks is denied. The default value -- is @0.0.0.0\/0@. If you\'ve disabled private endpoint access and you -- have nodes or Fargate pods in the cluster, then ensure that the -- necessary CIDR blocks are listed. For more information, see -- -- in the //Amazon EKS User Guide// . publicAccessCidrs :: Prelude.Maybe [Prelude.Text], -- | The security groups associated with the cross-account elastic network -- interfaces that are used to allow communication between your nodes and -- the Kubernetes control plane. securityGroupIds :: Prelude.Maybe [Prelude.Text], -- | The subnets associated with your cluster. subnetIds :: Prelude.Maybe [Prelude.Text], -- | The VPC associated with your cluster. vpcId :: Prelude.Maybe Prelude.Text } deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic) -- | -- Create a value of 'VpcConfigResponse' with all optional fields omitted. -- -- Use or to modify other optional fields. -- -- The following record fields are available, with the corresponding lenses provided -- for backwards compatibility: -- -- 'clusterSecurityGroupId', 'vpcConfigResponse_clusterSecurityGroupId' - The cluster security group that was created by Amazon EKS for the -- cluster. Managed node groups use this security group for -- control-plane-to-data-plane communication. -- -- 'endpointPrivateAccess', 'vpcConfigResponse_endpointPrivateAccess' - This parameter indicates whether the Amazon EKS private API server -- endpoint is enabled. If the Amazon EKS private API server endpoint is -- enabled, Kubernetes API requests that originate from within your -- cluster\'s VPC use the private VPC endpoint instead of traversing the -- internet. If this value is disabled and you have nodes or Fargate pods -- in the cluster, then ensure that @publicAccessCidrs@ includes the -- necessary CIDR blocks for communication with the nodes or Fargate pods. -- For more information, see -- -- in the //Amazon EKS User Guide// . -- -- 'endpointPublicAccess', 'vpcConfigResponse_endpointPublicAccess' - This parameter indicates whether the Amazon EKS public API server -- endpoint is enabled. If the Amazon EKS public API server endpoint is -- disabled, your cluster\'s Kubernetes API server can only receive -- requests that originate from within the cluster VPC. -- -- 'publicAccessCidrs', 'vpcConfigResponse_publicAccessCidrs' - The CIDR blocks that are allowed access to your cluster\'s public -- Kubernetes API server endpoint. Communication to the endpoint from -- addresses outside of the listed CIDR blocks is denied. The default value -- is @0.0.0.0\/0@. If you\'ve disabled private endpoint access and you -- have nodes or Fargate pods in the cluster, then ensure that the -- necessary CIDR blocks are listed. For more information, see -- -- in the //Amazon EKS User Guide// . -- -- 'securityGroupIds', 'vpcConfigResponse_securityGroupIds' - The security groups associated with the cross-account elastic network -- interfaces that are used to allow communication between your nodes and -- the Kubernetes control plane. -- -- 'subnetIds', 'vpcConfigResponse_subnetIds' - The subnets associated with your cluster. -- -- 'vpcId', 'vpcConfigResponse_vpcId' - The VPC associated with your cluster. newVpcConfigResponse :: VpcConfigResponse newVpcConfigResponse = VpcConfigResponse' { clusterSecurityGroupId = Prelude.Nothing, endpointPrivateAccess = Prelude.Nothing, endpointPublicAccess = Prelude.Nothing, publicAccessCidrs = Prelude.Nothing, securityGroupIds = Prelude.Nothing, subnetIds = Prelude.Nothing, vpcId = Prelude.Nothing } -- | The cluster security group that was created by Amazon EKS for the -- cluster. Managed node groups use this security group for -- control-plane-to-data-plane communication. vpcConfigResponse_clusterSecurityGroupId :: Lens.Lens' VpcConfigResponse (Prelude.Maybe Prelude.Text) vpcConfigResponse_clusterSecurityGroupId = Lens.lens (\VpcConfigResponse' {clusterSecurityGroupId} -> clusterSecurityGroupId) (\s@VpcConfigResponse' {} a -> s {clusterSecurityGroupId = a} :: VpcConfigResponse) -- | This parameter indicates whether the Amazon EKS private API server -- endpoint is enabled. If the Amazon EKS private API server endpoint is -- enabled, Kubernetes API requests that originate from within your -- cluster\'s VPC use the private VPC endpoint instead of traversing the -- internet. If this value is disabled and you have nodes or Fargate pods -- in the cluster, then ensure that @publicAccessCidrs@ includes the -- necessary CIDR blocks for communication with the nodes or Fargate pods. -- For more information, see -- -- in the //Amazon EKS User Guide// . vpcConfigResponse_endpointPrivateAccess :: Lens.Lens' VpcConfigResponse (Prelude.Maybe Prelude.Bool) vpcConfigResponse_endpointPrivateAccess = Lens.lens (\VpcConfigResponse' {endpointPrivateAccess} -> endpointPrivateAccess) (\s@VpcConfigResponse' {} a -> s {endpointPrivateAccess = a} :: VpcConfigResponse) -- | This parameter indicates whether the Amazon EKS public API server -- endpoint is enabled. If the Amazon EKS public API server endpoint is -- disabled, your cluster\'s Kubernetes API server can only receive -- requests that originate from within the cluster VPC. vpcConfigResponse_endpointPublicAccess :: Lens.Lens' VpcConfigResponse (Prelude.Maybe Prelude.Bool) vpcConfigResponse_endpointPublicAccess = Lens.lens (\VpcConfigResponse' {endpointPublicAccess} -> endpointPublicAccess) (\s@VpcConfigResponse' {} a -> s {endpointPublicAccess = a} :: VpcConfigResponse) -- | The CIDR blocks that are allowed access to your cluster\'s public -- Kubernetes API server endpoint. Communication to the endpoint from -- addresses outside of the listed CIDR blocks is denied. The default value -- is @0.0.0.0\/0@. If you\'ve disabled private endpoint access and you -- have nodes or Fargate pods in the cluster, then ensure that the -- necessary CIDR blocks are listed. For more information, see -- -- in the //Amazon EKS User Guide// . vpcConfigResponse_publicAccessCidrs :: Lens.Lens' VpcConfigResponse (Prelude.Maybe [Prelude.Text]) vpcConfigResponse_publicAccessCidrs = Lens.lens (\VpcConfigResponse' {publicAccessCidrs} -> publicAccessCidrs) (\s@VpcConfigResponse' {} a -> s {publicAccessCidrs = a} :: VpcConfigResponse) Prelude.. Lens.mapping Lens.coerced -- | The security groups associated with the cross-account elastic network -- interfaces that are used to allow communication between your nodes and -- the Kubernetes control plane. vpcConfigResponse_securityGroupIds :: Lens.Lens' VpcConfigResponse (Prelude.Maybe [Prelude.Text]) vpcConfigResponse_securityGroupIds = Lens.lens (\VpcConfigResponse' {securityGroupIds} -> securityGroupIds) (\s@VpcConfigResponse' {} a -> s {securityGroupIds = a} :: VpcConfigResponse) Prelude.. Lens.mapping Lens.coerced -- | The subnets associated with your cluster. vpcConfigResponse_subnetIds :: Lens.Lens' VpcConfigResponse (Prelude.Maybe [Prelude.Text]) vpcConfigResponse_subnetIds = Lens.lens (\VpcConfigResponse' {subnetIds} -> subnetIds) (\s@VpcConfigResponse' {} a -> s {subnetIds = a} :: VpcConfigResponse) Prelude.. Lens.mapping Lens.coerced -- | The VPC associated with your cluster. vpcConfigResponse_vpcId :: Lens.Lens' VpcConfigResponse (Prelude.Maybe Prelude.Text) vpcConfigResponse_vpcId = Lens.lens (\VpcConfigResponse' {vpcId} -> vpcId) (\s@VpcConfigResponse' {} a -> s {vpcId = a} :: VpcConfigResponse) instance Data.FromJSON VpcConfigResponse where parseJSON = Data.withObject "VpcConfigResponse" ( \x -> VpcConfigResponse' Prelude.<$> (x Data..:? "clusterSecurityGroupId") Prelude.<*> (x Data..:? "endpointPrivateAccess") Prelude.<*> (x Data..:? "endpointPublicAccess") Prelude.<*> ( x Data..:? "publicAccessCidrs" Data..!= Prelude.mempty ) Prelude.<*> ( x Data..:? "securityGroupIds" Data..!= Prelude.mempty ) Prelude.<*> (x Data..:? "subnetIds" Data..!= Prelude.mempty) Prelude.<*> (x Data..:? "vpcId") ) instance Prelude.Hashable VpcConfigResponse where hashWithSalt _salt VpcConfigResponse' {..} = _salt `Prelude.hashWithSalt` clusterSecurityGroupId `Prelude.hashWithSalt` endpointPrivateAccess `Prelude.hashWithSalt` endpointPublicAccess `Prelude.hashWithSalt` publicAccessCidrs `Prelude.hashWithSalt` securityGroupIds `Prelude.hashWithSalt` subnetIds `Prelude.hashWithSalt` vpcId instance Prelude.NFData VpcConfigResponse where rnf VpcConfigResponse' {..} = Prelude.rnf clusterSecurityGroupId `Prelude.seq` Prelude.rnf endpointPrivateAccess `Prelude.seq` Prelude.rnf endpointPublicAccess `Prelude.seq` Prelude.rnf publicAccessCidrs `Prelude.seq` Prelude.rnf securityGroupIds `Prelude.seq` Prelude.rnf subnetIds `Prelude.seq` Prelude.rnf vpcId