module Network.AWS.KMS.Types
(
KMS
, JSONError
, KeyUsageType (..)
, KeyMetadata
, keyMetadata
, kmAWSAccountId
, kmArn
, kmCreationDate
, kmDescription
, kmEnabled
, kmKeyId
, kmKeyUsage
, DataKeySpec (..)
, GrantConstraints
, grantConstraints
, gcEncryptionContextEquals
, gcEncryptionContextSubset
, AliasListEntry
, aliasListEntry
, aleAliasArn
, aleAliasName
, aleTargetKeyId
, GrantListEntry
, grantListEntry
, gleConstraints
, gleGrantId
, gleGranteePrincipal
, gleIssuingAccount
, gleOperations
, gleRetiringPrincipal
, GrantOperation (..)
, KeyListEntry
, keyListEntry
, kleKeyArn
, kleKeyId
) where
import Network.AWS.Prelude
import Network.AWS.Signing
import qualified GHC.Exts
data KMS
instance AWSService KMS where
type Sg KMS = V4
type Er KMS = JSONError
service = service'
where
service' :: Service KMS
service' = Service
{ _svcAbbrev = "KMS"
, _svcPrefix = "kms"
, _svcVersion = "2014-11-01"
, _svcTargetPrefix = Just "TrentService"
, _svcJSONVersion = Just "1.1"
, _svcHandle = handle
, _svcRetry = retry
}
handle :: Status
-> Maybe (LazyByteString -> ServiceError JSONError)
handle = jsonError statusSuccess service'
retry :: Retry KMS
retry = Exponential
{ _retryBase = 0.05
, _retryGrowth = 2
, _retryAttempts = 5
, _retryCheck = check
}
check :: Status
-> JSONError
-> Bool
check (statusCode -> s) (awsErrorCode -> e)
| s == 500 = True
| s == 509 = True
| s == 503 = True
| otherwise = False
data KeyUsageType
= EncryptDecrypt
deriving (Eq, Ord, Read, Show, Generic, Enum)
instance Hashable KeyUsageType
instance FromText KeyUsageType where
parser = takeLowerText >>= \case
"encrypt_decrypt" -> pure EncryptDecrypt
e -> fail $
"Failure parsing KeyUsageType from " ++ show e
instance ToText KeyUsageType where
toText EncryptDecrypt = "ENCRYPT_DECRYPT"
instance ToByteString KeyUsageType
instance ToHeader KeyUsageType
instance ToQuery KeyUsageType
instance FromJSON KeyUsageType where
parseJSON = parseJSONText "KeyUsageType"
instance ToJSON KeyUsageType where
toJSON = toJSONText
data KeyMetadata = KeyMetadata
{ _kmAWSAccountId :: Maybe Text
, _kmArn :: Maybe Text
, _kmCreationDate :: Maybe POSIX
, _kmDescription :: Maybe Text
, _kmEnabled :: Maybe Bool
, _kmKeyId :: Text
, _kmKeyUsage :: Maybe KeyUsageType
} deriving (Eq, Read, Show)
keyMetadata :: Text
-> KeyMetadata
keyMetadata p1 = KeyMetadata
{ _kmKeyId = p1
, _kmAWSAccountId = Nothing
, _kmArn = Nothing
, _kmCreationDate = Nothing
, _kmEnabled = Nothing
, _kmDescription = Nothing
, _kmKeyUsage = Nothing
}
kmAWSAccountId :: Lens' KeyMetadata (Maybe Text)
kmAWSAccountId = lens _kmAWSAccountId (\s a -> s { _kmAWSAccountId = a })
kmArn :: Lens' KeyMetadata (Maybe Text)
kmArn = lens _kmArn (\s a -> s { _kmArn = a })
kmCreationDate :: Lens' KeyMetadata (Maybe UTCTime)
kmCreationDate = lens _kmCreationDate (\s a -> s { _kmCreationDate = a }) . mapping _Time
kmDescription :: Lens' KeyMetadata (Maybe Text)
kmDescription = lens _kmDescription (\s a -> s { _kmDescription = a })
kmEnabled :: Lens' KeyMetadata (Maybe Bool)
kmEnabled = lens _kmEnabled (\s a -> s { _kmEnabled = a })
kmKeyId :: Lens' KeyMetadata Text
kmKeyId = lens _kmKeyId (\s a -> s { _kmKeyId = a })
kmKeyUsage :: Lens' KeyMetadata (Maybe KeyUsageType)
kmKeyUsage = lens _kmKeyUsage (\s a -> s { _kmKeyUsage = a })
instance FromJSON KeyMetadata where
parseJSON = withObject "KeyMetadata" $ \o -> KeyMetadata
<$> o .:? "AWSAccountId"
<*> o .:? "Arn"
<*> o .:? "CreationDate"
<*> o .:? "Description"
<*> o .:? "Enabled"
<*> o .: "KeyId"
<*> o .:? "KeyUsage"
instance ToJSON KeyMetadata where
toJSON KeyMetadata{..} = object
[ "AWSAccountId" .= _kmAWSAccountId
, "KeyId" .= _kmKeyId
, "Arn" .= _kmArn
, "CreationDate" .= _kmCreationDate
, "Enabled" .= _kmEnabled
, "Description" .= _kmDescription
, "KeyUsage" .= _kmKeyUsage
]
data DataKeySpec
= AES128
| AES256
deriving (Eq, Ord, Read, Show, Generic, Enum)
instance Hashable DataKeySpec
instance FromText DataKeySpec where
parser = takeLowerText >>= \case
"aes_128" -> pure AES128
"aes_256" -> pure AES256
e -> fail $
"Failure parsing DataKeySpec from " ++ show e
instance ToText DataKeySpec where
toText = \case
AES128 -> "AES_128"
AES256 -> "AES_256"
instance ToByteString DataKeySpec
instance ToHeader DataKeySpec
instance ToQuery DataKeySpec
instance FromJSON DataKeySpec where
parseJSON = parseJSONText "DataKeySpec"
instance ToJSON DataKeySpec where
toJSON = toJSONText
data GrantConstraints = GrantConstraints
{ _gcEncryptionContextEquals :: Map Text Text
, _gcEncryptionContextSubset :: Map Text Text
} deriving (Eq, Read, Show)
grantConstraints :: GrantConstraints
grantConstraints = GrantConstraints
{ _gcEncryptionContextSubset = mempty
, _gcEncryptionContextEquals = mempty
}
gcEncryptionContextEquals :: Lens' GrantConstraints (HashMap Text Text)
gcEncryptionContextEquals =
lens _gcEncryptionContextEquals
(\s a -> s { _gcEncryptionContextEquals = a })
. _Map
gcEncryptionContextSubset :: Lens' GrantConstraints (HashMap Text Text)
gcEncryptionContextSubset =
lens _gcEncryptionContextSubset
(\s a -> s { _gcEncryptionContextSubset = a })
. _Map
instance FromJSON GrantConstraints where
parseJSON = withObject "GrantConstraints" $ \o -> GrantConstraints
<$> o .:? "EncryptionContextEquals" .!= mempty
<*> o .:? "EncryptionContextSubset" .!= mempty
instance ToJSON GrantConstraints where
toJSON GrantConstraints{..} = object
[ "EncryptionContextSubset" .= _gcEncryptionContextSubset
, "EncryptionContextEquals" .= _gcEncryptionContextEquals
]
data AliasListEntry = AliasListEntry
{ _aleAliasArn :: Maybe Text
, _aleAliasName :: Maybe Text
, _aleTargetKeyId :: Maybe Text
} deriving (Eq, Ord, Read, Show)
aliasListEntry :: AliasListEntry
aliasListEntry = AliasListEntry
{ _aleAliasName = Nothing
, _aleAliasArn = Nothing
, _aleTargetKeyId = Nothing
}
aleAliasArn :: Lens' AliasListEntry (Maybe Text)
aleAliasArn = lens _aleAliasArn (\s a -> s { _aleAliasArn = a })
aleAliasName :: Lens' AliasListEntry (Maybe Text)
aleAliasName = lens _aleAliasName (\s a -> s { _aleAliasName = a })
aleTargetKeyId :: Lens' AliasListEntry (Maybe Text)
aleTargetKeyId = lens _aleTargetKeyId (\s a -> s { _aleTargetKeyId = a })
instance FromJSON AliasListEntry where
parseJSON = withObject "AliasListEntry" $ \o -> AliasListEntry
<$> o .:? "AliasArn"
<*> o .:? "AliasName"
<*> o .:? "TargetKeyId"
instance ToJSON AliasListEntry where
toJSON AliasListEntry{..} = object
[ "AliasName" .= _aleAliasName
, "AliasArn" .= _aleAliasArn
, "TargetKeyId" .= _aleTargetKeyId
]
data GrantListEntry = GrantListEntry
{ _gleConstraints :: Maybe GrantConstraints
, _gleGrantId :: Maybe Text
, _gleGranteePrincipal :: Maybe Text
, _gleIssuingAccount :: Maybe Text
, _gleOperations :: List "Operations" GrantOperation
, _gleRetiringPrincipal :: Maybe Text
} deriving (Eq, Read, Show)
grantListEntry :: GrantListEntry
grantListEntry = GrantListEntry
{ _gleGrantId = Nothing
, _gleGranteePrincipal = Nothing
, _gleRetiringPrincipal = Nothing
, _gleIssuingAccount = Nothing
, _gleOperations = mempty
, _gleConstraints = Nothing
}
gleConstraints :: Lens' GrantListEntry (Maybe GrantConstraints)
gleConstraints = lens _gleConstraints (\s a -> s { _gleConstraints = a })
gleGrantId :: Lens' GrantListEntry (Maybe Text)
gleGrantId = lens _gleGrantId (\s a -> s { _gleGrantId = a })
gleGranteePrincipal :: Lens' GrantListEntry (Maybe Text)
gleGranteePrincipal =
lens _gleGranteePrincipal (\s a -> s { _gleGranteePrincipal = a })
gleIssuingAccount :: Lens' GrantListEntry (Maybe Text)
gleIssuingAccount =
lens _gleIssuingAccount (\s a -> s { _gleIssuingAccount = a })
gleOperations :: Lens' GrantListEntry [GrantOperation]
gleOperations = lens _gleOperations (\s a -> s { _gleOperations = a }) . _List
gleRetiringPrincipal :: Lens' GrantListEntry (Maybe Text)
gleRetiringPrincipal =
lens _gleRetiringPrincipal (\s a -> s { _gleRetiringPrincipal = a })
instance FromJSON GrantListEntry where
parseJSON = withObject "GrantListEntry" $ \o -> GrantListEntry
<$> o .:? "Constraints"
<*> o .:? "GrantId"
<*> o .:? "GranteePrincipal"
<*> o .:? "IssuingAccount"
<*> o .:? "Operations" .!= mempty
<*> o .:? "RetiringPrincipal"
instance ToJSON GrantListEntry where
toJSON GrantListEntry{..} = object
[ "GrantId" .= _gleGrantId
, "GranteePrincipal" .= _gleGranteePrincipal
, "RetiringPrincipal" .= _gleRetiringPrincipal
, "IssuingAccount" .= _gleIssuingAccount
, "Operations" .= _gleOperations
, "Constraints" .= _gleConstraints
]
data GrantOperation
= GOCreateGrant
| GODecrypt
| GOEncrypt
| GOGenerateDataKey
| GOGenerateDataKeyWithoutPlaintext
| GOReEncryptFrom
| GOReEncryptTo
| GORetireGrant
deriving (Eq, Ord, Read, Show, Generic, Enum)
instance Hashable GrantOperation
instance FromText GrantOperation where
parser = takeLowerText >>= \case
"creategrant" -> pure GOCreateGrant
"decrypt" -> pure GODecrypt
"encrypt" -> pure GOEncrypt
"generatedatakey" -> pure GOGenerateDataKey
"generatedatakeywithoutplaintext" -> pure GOGenerateDataKeyWithoutPlaintext
"reencryptfrom" -> pure GOReEncryptFrom
"reencryptto" -> pure GOReEncryptTo
"retiregrant" -> pure GORetireGrant
e -> fail $
"Failure parsing GrantOperation from " ++ show e
instance ToText GrantOperation where
toText = \case
GOCreateGrant -> "CreateGrant"
GODecrypt -> "Decrypt"
GOEncrypt -> "Encrypt"
GOGenerateDataKey -> "GenerateDataKey"
GOGenerateDataKeyWithoutPlaintext -> "GenerateDataKeyWithoutPlaintext"
GOReEncryptFrom -> "ReEncryptFrom"
GOReEncryptTo -> "ReEncryptTo"
GORetireGrant -> "RetireGrant"
instance ToByteString GrantOperation
instance ToHeader GrantOperation
instance ToQuery GrantOperation
instance FromJSON GrantOperation where
parseJSON = parseJSONText "GrantOperation"
instance ToJSON GrantOperation where
toJSON = toJSONText
data KeyListEntry = KeyListEntry
{ _kleKeyArn :: Maybe Text
, _kleKeyId :: Maybe Text
} deriving (Eq, Ord, Read, Show)
keyListEntry :: KeyListEntry
keyListEntry = KeyListEntry
{ _kleKeyId = Nothing
, _kleKeyArn = Nothing
}
kleKeyArn :: Lens' KeyListEntry (Maybe Text)
kleKeyArn = lens _kleKeyArn (\s a -> s { _kleKeyArn = a })
kleKeyId :: Lens' KeyListEntry (Maybe Text)
kleKeyId = lens _kleKeyId (\s a -> s { _kleKeyId = a })
instance FromJSON KeyListEntry where
parseJSON = withObject "KeyListEntry" $ \o -> KeyListEntry
<$> o .:? "KeyArn"
<*> o .:? "KeyId"
instance ToJSON KeyListEntry where
toJSON KeyListEntry{..} = object
[ "KeyId" .= _kleKeyId
, "KeyArn" .= _kleKeyArn
]