{-# LANGUAGE DeriveGeneric #-} {-# LANGUAGE DuplicateRecordFields #-} {-# LANGUAGE NamedFieldPuns #-} {-# LANGUAGE OverloadedStrings #-} {-# LANGUAGE RecordWildCards #-} {-# LANGUAGE StrictData #-} {-# LANGUAGE TypeFamilies #-} {-# LANGUAGE NoImplicitPrelude #-} {-# OPTIONS_GHC -fno-warn-unused-binds #-} {-# OPTIONS_GHC -fno-warn-unused-imports #-} {-# OPTIONS_GHC -fno-warn-unused-matches #-} -- Derived from AWS service descriptions, licensed under Apache 2.0. -- | -- Module : Amazonka.IAM.GetRolePolicy -- Copyright : (c) 2013-2023 Brendan Hay -- License : Mozilla Public License, v. 2.0. -- Maintainer : Brendan Hay -- Stability : auto-generated -- Portability : non-portable (GHC extensions) -- -- Retrieves the specified inline policy document that is embedded with the -- specified IAM role. -- -- Policies returned by this operation are URL-encoded compliant with -- . You can use a URL -- decoding method to convert the policy back to plain JSON text. For -- example, if you use Java, you can use the @decode@ method of the -- @java.net.URLDecoder@ utility class in the Java SDK. Other languages and -- SDKs provide similar functionality. -- -- An IAM role can also have managed policies attached to it. To retrieve a -- managed policy document that is attached to a role, use GetPolicy to -- determine the policy\'s default version, then use GetPolicyVersion to -- retrieve the policy document. -- -- For more information about policies, see -- -- in the /IAM User Guide/. -- -- For more information about roles, see -- . module Amazonka.IAM.GetRolePolicy ( -- * Creating a Request GetRolePolicy (..), newGetRolePolicy, -- * Request Lenses getRolePolicy_roleName, getRolePolicy_policyName, -- * Destructuring the Response GetRolePolicyResponse (..), newGetRolePolicyResponse, -- * Response Lenses getRolePolicyResponse_httpStatus, getRolePolicyResponse_roleName, getRolePolicyResponse_policyName, getRolePolicyResponse_policyDocument, ) where import qualified Amazonka.Core as Core import qualified Amazonka.Core.Lens.Internal as Lens import qualified Amazonka.Data as Data import Amazonka.IAM.Types import qualified Amazonka.Prelude as Prelude import qualified Amazonka.Request as Request import qualified Amazonka.Response as Response -- | /See:/ 'newGetRolePolicy' smart constructor. data GetRolePolicy = GetRolePolicy' { -- | The name of the role associated with the policy. -- -- This parameter allows (through its -- ) a string of characters -- consisting of upper and lowercase alphanumeric characters with no -- spaces. You can also include any of the following characters: _+=,.\@- roleName :: Prelude.Text, -- | The name of the policy document to get. -- -- This parameter allows (through its -- ) a string of characters -- consisting of upper and lowercase alphanumeric characters with no -- spaces. You can also include any of the following characters: _+=,.\@- policyName :: Prelude.Text } deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic) -- | -- Create a value of 'GetRolePolicy' with all optional fields omitted. -- -- Use or to modify other optional fields. -- -- The following record fields are available, with the corresponding lenses provided -- for backwards compatibility: -- -- 'roleName', 'getRolePolicy_roleName' - The name of the role associated with the policy. -- -- This parameter allows (through its -- ) a string of characters -- consisting of upper and lowercase alphanumeric characters with no -- spaces. You can also include any of the following characters: _+=,.\@- -- -- 'policyName', 'getRolePolicy_policyName' - The name of the policy document to get. -- -- This parameter allows (through its -- ) a string of characters -- consisting of upper and lowercase alphanumeric characters with no -- spaces. You can also include any of the following characters: _+=,.\@- newGetRolePolicy :: -- | 'roleName' Prelude.Text -> -- | 'policyName' Prelude.Text -> GetRolePolicy newGetRolePolicy pRoleName_ pPolicyName_ = GetRolePolicy' { roleName = pRoleName_, policyName = pPolicyName_ } -- | The name of the role associated with the policy. -- -- This parameter allows (through its -- ) a string of characters -- consisting of upper and lowercase alphanumeric characters with no -- spaces. You can also include any of the following characters: _+=,.\@- getRolePolicy_roleName :: Lens.Lens' GetRolePolicy Prelude.Text getRolePolicy_roleName = Lens.lens (\GetRolePolicy' {roleName} -> roleName) (\s@GetRolePolicy' {} a -> s {roleName = a} :: GetRolePolicy) -- | The name of the policy document to get. -- -- This parameter allows (through its -- ) a string of characters -- consisting of upper and lowercase alphanumeric characters with no -- spaces. You can also include any of the following characters: _+=,.\@- getRolePolicy_policyName :: Lens.Lens' GetRolePolicy Prelude.Text getRolePolicy_policyName = Lens.lens (\GetRolePolicy' {policyName} -> policyName) (\s@GetRolePolicy' {} a -> s {policyName = a} :: GetRolePolicy) instance Core.AWSRequest GetRolePolicy where type AWSResponse GetRolePolicy = GetRolePolicyResponse request overrides = Request.postQuery (overrides defaultService) response = Response.receiveXMLWrapper "GetRolePolicyResult" ( \s h x -> GetRolePolicyResponse' Prelude.<$> (Prelude.pure (Prelude.fromEnum s)) Prelude.<*> (x Data..@ "RoleName") Prelude.<*> (x Data..@ "PolicyName") Prelude.<*> (x Data..@ "PolicyDocument") ) instance Prelude.Hashable GetRolePolicy where hashWithSalt _salt GetRolePolicy' {..} = _salt `Prelude.hashWithSalt` roleName `Prelude.hashWithSalt` policyName instance Prelude.NFData GetRolePolicy where rnf GetRolePolicy' {..} = Prelude.rnf roleName `Prelude.seq` Prelude.rnf policyName instance Data.ToHeaders GetRolePolicy where toHeaders = Prelude.const Prelude.mempty instance Data.ToPath GetRolePolicy where toPath = Prelude.const "/" instance Data.ToQuery GetRolePolicy where toQuery GetRolePolicy' {..} = Prelude.mconcat [ "Action" Data.=: ("GetRolePolicy" :: Prelude.ByteString), "Version" Data.=: ("2010-05-08" :: Prelude.ByteString), "RoleName" Data.=: roleName, "PolicyName" Data.=: policyName ] -- | Contains the response to a successful GetRolePolicy request. -- -- /See:/ 'newGetRolePolicyResponse' smart constructor. data GetRolePolicyResponse = GetRolePolicyResponse' { -- | The response's http status code. httpStatus :: Prelude.Int, -- | The role the policy is associated with. roleName :: Prelude.Text, -- | The name of the policy. policyName :: Prelude.Text, -- | The policy document. -- -- IAM stores policies in JSON format. However, resources that were created -- using CloudFormation templates can be formatted in YAML. CloudFormation -- always converts a YAML policy to JSON format before submitting it to -- IAM. policyDocument :: Prelude.Text } deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic) -- | -- Create a value of 'GetRolePolicyResponse' with all optional fields omitted. -- -- Use or to modify other optional fields. -- -- The following record fields are available, with the corresponding lenses provided -- for backwards compatibility: -- -- 'httpStatus', 'getRolePolicyResponse_httpStatus' - The response's http status code. -- -- 'roleName', 'getRolePolicyResponse_roleName' - The role the policy is associated with. -- -- 'policyName', 'getRolePolicyResponse_policyName' - The name of the policy. -- -- 'policyDocument', 'getRolePolicyResponse_policyDocument' - The policy document. -- -- IAM stores policies in JSON format. However, resources that were created -- using CloudFormation templates can be formatted in YAML. CloudFormation -- always converts a YAML policy to JSON format before submitting it to -- IAM. newGetRolePolicyResponse :: -- | 'httpStatus' Prelude.Int -> -- | 'roleName' Prelude.Text -> -- | 'policyName' Prelude.Text -> -- | 'policyDocument' Prelude.Text -> GetRolePolicyResponse newGetRolePolicyResponse pHttpStatus_ pRoleName_ pPolicyName_ pPolicyDocument_ = GetRolePolicyResponse' { httpStatus = pHttpStatus_, roleName = pRoleName_, policyName = pPolicyName_, policyDocument = pPolicyDocument_ } -- | The response's http status code. getRolePolicyResponse_httpStatus :: Lens.Lens' GetRolePolicyResponse Prelude.Int getRolePolicyResponse_httpStatus = Lens.lens (\GetRolePolicyResponse' {httpStatus} -> httpStatus) (\s@GetRolePolicyResponse' {} a -> s {httpStatus = a} :: GetRolePolicyResponse) -- | The role the policy is associated with. getRolePolicyResponse_roleName :: Lens.Lens' GetRolePolicyResponse Prelude.Text getRolePolicyResponse_roleName = Lens.lens (\GetRolePolicyResponse' {roleName} -> roleName) (\s@GetRolePolicyResponse' {} a -> s {roleName = a} :: GetRolePolicyResponse) -- | The name of the policy. getRolePolicyResponse_policyName :: Lens.Lens' GetRolePolicyResponse Prelude.Text getRolePolicyResponse_policyName = Lens.lens (\GetRolePolicyResponse' {policyName} -> policyName) (\s@GetRolePolicyResponse' {} a -> s {policyName = a} :: GetRolePolicyResponse) -- | The policy document. -- -- IAM stores policies in JSON format. However, resources that were created -- using CloudFormation templates can be formatted in YAML. CloudFormation -- always converts a YAML policy to JSON format before submitting it to -- IAM. getRolePolicyResponse_policyDocument :: Lens.Lens' GetRolePolicyResponse Prelude.Text getRolePolicyResponse_policyDocument = Lens.lens (\GetRolePolicyResponse' {policyDocument} -> policyDocument) (\s@GetRolePolicyResponse' {} a -> s {policyDocument = a} :: GetRolePolicyResponse) instance Prelude.NFData GetRolePolicyResponse where rnf GetRolePolicyResponse' {..} = Prelude.rnf httpStatus `Prelude.seq` Prelude.rnf roleName `Prelude.seq` Prelude.rnf policyName `Prelude.seq` Prelude.rnf policyDocument