{-# LANGUAGE DeriveGeneric #-}
{-# LANGUAGE DuplicateRecordFields #-}
{-# LANGUAGE NamedFieldPuns #-}
{-# LANGUAGE OverloadedStrings #-}
{-# LANGUAGE RecordWildCards #-}
{-# LANGUAGE StrictData #-}
{-# LANGUAGE TypeFamilies #-}
{-# LANGUAGE NoImplicitPrelude #-}
{-# OPTIONS_GHC -fno-warn-unused-binds #-}
{-# OPTIONS_GHC -fno-warn-unused-imports #-}
{-# OPTIONS_GHC -fno-warn-unused-matches #-}

-- Derived from AWS service descriptions, licensed under Apache 2.0.

-- |
-- Module      : Amazonka.LakeFormation.AssumeDecoratedRoleWithSAML
-- Copyright   : (c) 2013-2023 Brendan Hay
-- License     : Mozilla Public License, v. 2.0.
-- Maintainer  : Brendan Hay
-- Stability   : auto-generated
-- Portability : non-portable (GHC extensions)
--
-- Allows a caller to assume an IAM role decorated as the SAML user
-- specified in the SAML assertion included in the request. This decoration
-- allows Lake Formation to enforce access policies against the SAML users
-- and groups. This API operation requires SAML federation setup in the
-- caller’s account as it can only be called with valid SAML assertions.
-- Lake Formation does not scope down the permission of the assumed role.
-- All permissions attached to the role via the SAML federation setup will
-- be included in the role session.
--
-- This decorated role is expected to access data in Amazon S3 by getting
-- temporary access from Lake Formation which is authorized via the virtual
-- API @GetDataAccess@. Therefore, all SAML roles that can be assumed via
-- @AssumeDecoratedRoleWithSAML@ must at a minimum include
-- @lakeformation:GetDataAccess@ in their role policies. A typical IAM
-- policy attached to such a role would look as follows:
module Amazonka.LakeFormation.AssumeDecoratedRoleWithSAML
  ( -- * Creating a Request
    AssumeDecoratedRoleWithSAML (..),
    newAssumeDecoratedRoleWithSAML,

    -- * Request Lenses
    assumeDecoratedRoleWithSAML_durationSeconds,
    assumeDecoratedRoleWithSAML_sAMLAssertion,
    assumeDecoratedRoleWithSAML_roleArn,
    assumeDecoratedRoleWithSAML_principalArn,

    -- * Destructuring the Response
    AssumeDecoratedRoleWithSAMLResponse (..),
    newAssumeDecoratedRoleWithSAMLResponse,

    -- * Response Lenses
    assumeDecoratedRoleWithSAMLResponse_accessKeyId,
    assumeDecoratedRoleWithSAMLResponse_expiration,
    assumeDecoratedRoleWithSAMLResponse_secretAccessKey,
    assumeDecoratedRoleWithSAMLResponse_sessionToken,
    assumeDecoratedRoleWithSAMLResponse_httpStatus,
  )
where

import qualified Amazonka.Core as Core
import qualified Amazonka.Core.Lens.Internal as Lens
import qualified Amazonka.Data as Data
import Amazonka.LakeFormation.Types
import qualified Amazonka.Prelude as Prelude
import qualified Amazonka.Request as Request
import qualified Amazonka.Response as Response

-- | /See:/ 'newAssumeDecoratedRoleWithSAML' smart constructor.
data AssumeDecoratedRoleWithSAML = AssumeDecoratedRoleWithSAML'
  { -- | The time period, between 900 and 43,200 seconds, for the timeout of the
    -- temporary credentials.
    AssumeDecoratedRoleWithSAML -> Maybe Natural
durationSeconds :: Prelude.Maybe Prelude.Natural,
    -- | A SAML assertion consisting of an assertion statement for the user who
    -- needs temporary credentials. This must match the SAML assertion that was
    -- issued to IAM. This must be Base64 encoded.
    AssumeDecoratedRoleWithSAML -> Text
sAMLAssertion :: Prelude.Text,
    -- | The role that represents an IAM principal whose scope down policy allows
    -- it to call credential vending APIs such as
    -- @GetTemporaryTableCredentials@. The caller must also have iam:PassRole
    -- permission on this role.
    AssumeDecoratedRoleWithSAML -> Text
roleArn :: Prelude.Text,
    -- | The Amazon Resource Name (ARN) of the SAML provider in IAM that
    -- describes the IdP.
    AssumeDecoratedRoleWithSAML -> Text
principalArn :: Prelude.Text
  }
  deriving (AssumeDecoratedRoleWithSAML -> AssumeDecoratedRoleWithSAML -> Bool
forall a. (a -> a -> Bool) -> (a -> a -> Bool) -> Eq a
/= :: AssumeDecoratedRoleWithSAML -> AssumeDecoratedRoleWithSAML -> Bool
$c/= :: AssumeDecoratedRoleWithSAML -> AssumeDecoratedRoleWithSAML -> Bool
== :: AssumeDecoratedRoleWithSAML -> AssumeDecoratedRoleWithSAML -> Bool
$c== :: AssumeDecoratedRoleWithSAML -> AssumeDecoratedRoleWithSAML -> Bool
Prelude.Eq, ReadPrec [AssumeDecoratedRoleWithSAML]
ReadPrec AssumeDecoratedRoleWithSAML
Int -> ReadS AssumeDecoratedRoleWithSAML
ReadS [AssumeDecoratedRoleWithSAML]
forall a.
(Int -> ReadS a)
-> ReadS [a] -> ReadPrec a -> ReadPrec [a] -> Read a
readListPrec :: ReadPrec [AssumeDecoratedRoleWithSAML]
$creadListPrec :: ReadPrec [AssumeDecoratedRoleWithSAML]
readPrec :: ReadPrec AssumeDecoratedRoleWithSAML
$creadPrec :: ReadPrec AssumeDecoratedRoleWithSAML
readList :: ReadS [AssumeDecoratedRoleWithSAML]
$creadList :: ReadS [AssumeDecoratedRoleWithSAML]
readsPrec :: Int -> ReadS AssumeDecoratedRoleWithSAML
$creadsPrec :: Int -> ReadS AssumeDecoratedRoleWithSAML
Prelude.Read, Int -> AssumeDecoratedRoleWithSAML -> ShowS
[AssumeDecoratedRoleWithSAML] -> ShowS
AssumeDecoratedRoleWithSAML -> String
forall a.
(Int -> a -> ShowS) -> (a -> String) -> ([a] -> ShowS) -> Show a
showList :: [AssumeDecoratedRoleWithSAML] -> ShowS
$cshowList :: [AssumeDecoratedRoleWithSAML] -> ShowS
show :: AssumeDecoratedRoleWithSAML -> String
$cshow :: AssumeDecoratedRoleWithSAML -> String
showsPrec :: Int -> AssumeDecoratedRoleWithSAML -> ShowS
$cshowsPrec :: Int -> AssumeDecoratedRoleWithSAML -> ShowS
Prelude.Show, forall x.
Rep AssumeDecoratedRoleWithSAML x -> AssumeDecoratedRoleWithSAML
forall x.
AssumeDecoratedRoleWithSAML -> Rep AssumeDecoratedRoleWithSAML x
forall a.
(forall x. a -> Rep a x) -> (forall x. Rep a x -> a) -> Generic a
$cto :: forall x.
Rep AssumeDecoratedRoleWithSAML x -> AssumeDecoratedRoleWithSAML
$cfrom :: forall x.
AssumeDecoratedRoleWithSAML -> Rep AssumeDecoratedRoleWithSAML x
Prelude.Generic)

-- |
-- Create a value of 'AssumeDecoratedRoleWithSAML' with all optional fields omitted.
--
-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
--
-- The following record fields are available, with the corresponding lenses provided
-- for backwards compatibility:
--
-- 'durationSeconds', 'assumeDecoratedRoleWithSAML_durationSeconds' - The time period, between 900 and 43,200 seconds, for the timeout of the
-- temporary credentials.
--
-- 'sAMLAssertion', 'assumeDecoratedRoleWithSAML_sAMLAssertion' - A SAML assertion consisting of an assertion statement for the user who
-- needs temporary credentials. This must match the SAML assertion that was
-- issued to IAM. This must be Base64 encoded.
--
-- 'roleArn', 'assumeDecoratedRoleWithSAML_roleArn' - The role that represents an IAM principal whose scope down policy allows
-- it to call credential vending APIs such as
-- @GetTemporaryTableCredentials@. The caller must also have iam:PassRole
-- permission on this role.
--
-- 'principalArn', 'assumeDecoratedRoleWithSAML_principalArn' - The Amazon Resource Name (ARN) of the SAML provider in IAM that
-- describes the IdP.
newAssumeDecoratedRoleWithSAML ::
  -- | 'sAMLAssertion'
  Prelude.Text ->
  -- | 'roleArn'
  Prelude.Text ->
  -- | 'principalArn'
  Prelude.Text ->
  AssumeDecoratedRoleWithSAML
newAssumeDecoratedRoleWithSAML :: Text -> Text -> Text -> AssumeDecoratedRoleWithSAML
newAssumeDecoratedRoleWithSAML
  Text
pSAMLAssertion_
  Text
pRoleArn_
  Text
pPrincipalArn_ =
    AssumeDecoratedRoleWithSAML'
      { $sel:durationSeconds:AssumeDecoratedRoleWithSAML' :: Maybe Natural
durationSeconds =
          forall a. Maybe a
Prelude.Nothing,
        $sel:sAMLAssertion:AssumeDecoratedRoleWithSAML' :: Text
sAMLAssertion = Text
pSAMLAssertion_,
        $sel:roleArn:AssumeDecoratedRoleWithSAML' :: Text
roleArn = Text
pRoleArn_,
        $sel:principalArn:AssumeDecoratedRoleWithSAML' :: Text
principalArn = Text
pPrincipalArn_
      }

-- | The time period, between 900 and 43,200 seconds, for the timeout of the
-- temporary credentials.
assumeDecoratedRoleWithSAML_durationSeconds :: Lens.Lens' AssumeDecoratedRoleWithSAML (Prelude.Maybe Prelude.Natural)
assumeDecoratedRoleWithSAML_durationSeconds :: Lens' AssumeDecoratedRoleWithSAML (Maybe Natural)
assumeDecoratedRoleWithSAML_durationSeconds = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\AssumeDecoratedRoleWithSAML' {Maybe Natural
durationSeconds :: Maybe Natural
$sel:durationSeconds:AssumeDecoratedRoleWithSAML' :: AssumeDecoratedRoleWithSAML -> Maybe Natural
durationSeconds} -> Maybe Natural
durationSeconds) (\s :: AssumeDecoratedRoleWithSAML
s@AssumeDecoratedRoleWithSAML' {} Maybe Natural
a -> AssumeDecoratedRoleWithSAML
s {$sel:durationSeconds:AssumeDecoratedRoleWithSAML' :: Maybe Natural
durationSeconds = Maybe Natural
a} :: AssumeDecoratedRoleWithSAML)

-- | A SAML assertion consisting of an assertion statement for the user who
-- needs temporary credentials. This must match the SAML assertion that was
-- issued to IAM. This must be Base64 encoded.
assumeDecoratedRoleWithSAML_sAMLAssertion :: Lens.Lens' AssumeDecoratedRoleWithSAML Prelude.Text
assumeDecoratedRoleWithSAML_sAMLAssertion :: Lens' AssumeDecoratedRoleWithSAML Text
assumeDecoratedRoleWithSAML_sAMLAssertion = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\AssumeDecoratedRoleWithSAML' {Text
sAMLAssertion :: Text
$sel:sAMLAssertion:AssumeDecoratedRoleWithSAML' :: AssumeDecoratedRoleWithSAML -> Text
sAMLAssertion} -> Text
sAMLAssertion) (\s :: AssumeDecoratedRoleWithSAML
s@AssumeDecoratedRoleWithSAML' {} Text
a -> AssumeDecoratedRoleWithSAML
s {$sel:sAMLAssertion:AssumeDecoratedRoleWithSAML' :: Text
sAMLAssertion = Text
a} :: AssumeDecoratedRoleWithSAML)

-- | The role that represents an IAM principal whose scope down policy allows
-- it to call credential vending APIs such as
-- @GetTemporaryTableCredentials@. The caller must also have iam:PassRole
-- permission on this role.
assumeDecoratedRoleWithSAML_roleArn :: Lens.Lens' AssumeDecoratedRoleWithSAML Prelude.Text
assumeDecoratedRoleWithSAML_roleArn :: Lens' AssumeDecoratedRoleWithSAML Text
assumeDecoratedRoleWithSAML_roleArn = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\AssumeDecoratedRoleWithSAML' {Text
roleArn :: Text
$sel:roleArn:AssumeDecoratedRoleWithSAML' :: AssumeDecoratedRoleWithSAML -> Text
roleArn} -> Text
roleArn) (\s :: AssumeDecoratedRoleWithSAML
s@AssumeDecoratedRoleWithSAML' {} Text
a -> AssumeDecoratedRoleWithSAML
s {$sel:roleArn:AssumeDecoratedRoleWithSAML' :: Text
roleArn = Text
a} :: AssumeDecoratedRoleWithSAML)

-- | The Amazon Resource Name (ARN) of the SAML provider in IAM that
-- describes the IdP.
assumeDecoratedRoleWithSAML_principalArn :: Lens.Lens' AssumeDecoratedRoleWithSAML Prelude.Text
assumeDecoratedRoleWithSAML_principalArn :: Lens' AssumeDecoratedRoleWithSAML Text
assumeDecoratedRoleWithSAML_principalArn = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\AssumeDecoratedRoleWithSAML' {Text
principalArn :: Text
$sel:principalArn:AssumeDecoratedRoleWithSAML' :: AssumeDecoratedRoleWithSAML -> Text
principalArn} -> Text
principalArn) (\s :: AssumeDecoratedRoleWithSAML
s@AssumeDecoratedRoleWithSAML' {} Text
a -> AssumeDecoratedRoleWithSAML
s {$sel:principalArn:AssumeDecoratedRoleWithSAML' :: Text
principalArn = Text
a} :: AssumeDecoratedRoleWithSAML)

instance Core.AWSRequest AssumeDecoratedRoleWithSAML where
  type
    AWSResponse AssumeDecoratedRoleWithSAML =
      AssumeDecoratedRoleWithSAMLResponse
  request :: (Service -> Service)
-> AssumeDecoratedRoleWithSAML
-> Request AssumeDecoratedRoleWithSAML
request Service -> Service
overrides =
    forall a. (ToRequest a, ToJSON a) => Service -> a -> Request a
Request.postJSON (Service -> Service
overrides Service
defaultService)
  response :: forall (m :: * -> *).
MonadResource m =>
(ByteStringLazy -> IO ByteStringLazy)
-> Service
-> Proxy AssumeDecoratedRoleWithSAML
-> ClientResponse ClientBody
-> m (Either
        Error (ClientResponse (AWSResponse AssumeDecoratedRoleWithSAML)))
response =
    forall (m :: * -> *) a.
MonadResource m =>
(Int -> ResponseHeaders -> Object -> Either String (AWSResponse a))
-> (ByteStringLazy -> IO ByteStringLazy)
-> Service
-> Proxy a
-> ClientResponse ClientBody
-> m (Either Error (ClientResponse (AWSResponse a)))
Response.receiveJSON
      ( \Int
s ResponseHeaders
h Object
x ->
          Maybe Text
-> Maybe POSIX
-> Maybe Text
-> Maybe Text
-> Int
-> AssumeDecoratedRoleWithSAMLResponse
AssumeDecoratedRoleWithSAMLResponse'
            forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
Prelude.<$> (Object
x forall a. FromJSON a => Object -> Key -> Either String (Maybe a)
Data..?> Key
"AccessKeyId")
            forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x forall a. FromJSON a => Object -> Key -> Either String (Maybe a)
Data..?> Key
"Expiration")
            forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x forall a. FromJSON a => Object -> Key -> Either String (Maybe a)
Data..?> Key
"SecretAccessKey")
            forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x forall a. FromJSON a => Object -> Key -> Either String (Maybe a)
Data..?> Key
"SessionToken")
            forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (forall (f :: * -> *) a. Applicative f => a -> f a
Prelude.pure (forall a. Enum a => a -> Int
Prelude.fromEnum Int
s))
      )

instance Prelude.Hashable AssumeDecoratedRoleWithSAML where
  hashWithSalt :: Int -> AssumeDecoratedRoleWithSAML -> Int
hashWithSalt Int
_salt AssumeDecoratedRoleWithSAML' {Maybe Natural
Text
principalArn :: Text
roleArn :: Text
sAMLAssertion :: Text
durationSeconds :: Maybe Natural
$sel:principalArn:AssumeDecoratedRoleWithSAML' :: AssumeDecoratedRoleWithSAML -> Text
$sel:roleArn:AssumeDecoratedRoleWithSAML' :: AssumeDecoratedRoleWithSAML -> Text
$sel:sAMLAssertion:AssumeDecoratedRoleWithSAML' :: AssumeDecoratedRoleWithSAML -> Text
$sel:durationSeconds:AssumeDecoratedRoleWithSAML' :: AssumeDecoratedRoleWithSAML -> Maybe Natural
..} =
    Int
_salt
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` Maybe Natural
durationSeconds
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` Text
sAMLAssertion
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` Text
roleArn
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` Text
principalArn

instance Prelude.NFData AssumeDecoratedRoleWithSAML where
  rnf :: AssumeDecoratedRoleWithSAML -> ()
rnf AssumeDecoratedRoleWithSAML' {Maybe Natural
Text
principalArn :: Text
roleArn :: Text
sAMLAssertion :: Text
durationSeconds :: Maybe Natural
$sel:principalArn:AssumeDecoratedRoleWithSAML' :: AssumeDecoratedRoleWithSAML -> Text
$sel:roleArn:AssumeDecoratedRoleWithSAML' :: AssumeDecoratedRoleWithSAML -> Text
$sel:sAMLAssertion:AssumeDecoratedRoleWithSAML' :: AssumeDecoratedRoleWithSAML -> Text
$sel:durationSeconds:AssumeDecoratedRoleWithSAML' :: AssumeDecoratedRoleWithSAML -> Maybe Natural
..} =
    forall a. NFData a => a -> ()
Prelude.rnf Maybe Natural
durationSeconds
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf Text
sAMLAssertion
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf Text
roleArn
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf Text
principalArn

instance Data.ToHeaders AssumeDecoratedRoleWithSAML where
  toHeaders :: AssumeDecoratedRoleWithSAML -> ResponseHeaders
toHeaders =
    forall a b. a -> b -> a
Prelude.const
      ( forall a. Monoid a => [a] -> a
Prelude.mconcat
          [ HeaderName
"Content-Type"
              forall a. ToHeader a => HeaderName -> a -> ResponseHeaders
Data.=# ( ByteString
"application/x-amz-json-1.1" ::
                          Prelude.ByteString
                      )
          ]
      )

instance Data.ToJSON AssumeDecoratedRoleWithSAML where
  toJSON :: AssumeDecoratedRoleWithSAML -> Value
toJSON AssumeDecoratedRoleWithSAML' {Maybe Natural
Text
principalArn :: Text
roleArn :: Text
sAMLAssertion :: Text
durationSeconds :: Maybe Natural
$sel:principalArn:AssumeDecoratedRoleWithSAML' :: AssumeDecoratedRoleWithSAML -> Text
$sel:roleArn:AssumeDecoratedRoleWithSAML' :: AssumeDecoratedRoleWithSAML -> Text
$sel:sAMLAssertion:AssumeDecoratedRoleWithSAML' :: AssumeDecoratedRoleWithSAML -> Text
$sel:durationSeconds:AssumeDecoratedRoleWithSAML' :: AssumeDecoratedRoleWithSAML -> Maybe Natural
..} =
    [Pair] -> Value
Data.object
      ( forall a. [Maybe a] -> [a]
Prelude.catMaybes
          [ (Key
"DurationSeconds" forall kv v. (KeyValue kv, ToJSON v) => Key -> v -> kv
Data..=)
              forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
Prelude.<$> Maybe Natural
durationSeconds,
            forall a. a -> Maybe a
Prelude.Just (Key
"SAMLAssertion" forall kv v. (KeyValue kv, ToJSON v) => Key -> v -> kv
Data..= Text
sAMLAssertion),
            forall a. a -> Maybe a
Prelude.Just (Key
"RoleArn" forall kv v. (KeyValue kv, ToJSON v) => Key -> v -> kv
Data..= Text
roleArn),
            forall a. a -> Maybe a
Prelude.Just (Key
"PrincipalArn" forall kv v. (KeyValue kv, ToJSON v) => Key -> v -> kv
Data..= Text
principalArn)
          ]
      )

instance Data.ToPath AssumeDecoratedRoleWithSAML where
  toPath :: AssumeDecoratedRoleWithSAML -> ByteString
toPath = forall a b. a -> b -> a
Prelude.const ByteString
"/AssumeDecoratedRoleWithSAML"

instance Data.ToQuery AssumeDecoratedRoleWithSAML where
  toQuery :: AssumeDecoratedRoleWithSAML -> QueryString
toQuery = forall a b. a -> b -> a
Prelude.const forall a. Monoid a => a
Prelude.mempty

-- | /See:/ 'newAssumeDecoratedRoleWithSAMLResponse' smart constructor.
data AssumeDecoratedRoleWithSAMLResponse = AssumeDecoratedRoleWithSAMLResponse'
  { -- | The access key ID for the temporary credentials. (The access key
    -- consists of an access key ID and a secret key).
    AssumeDecoratedRoleWithSAMLResponse -> Maybe Text
accessKeyId :: Prelude.Maybe Prelude.Text,
    -- | The date and time when the temporary credentials expire.
    AssumeDecoratedRoleWithSAMLResponse -> Maybe POSIX
expiration :: Prelude.Maybe Data.POSIX,
    -- | The secret key for the temporary credentials. (The access key consists
    -- of an access key ID and a secret key).
    AssumeDecoratedRoleWithSAMLResponse -> Maybe Text
secretAccessKey :: Prelude.Maybe Prelude.Text,
    -- | The session token for the temporary credentials.
    AssumeDecoratedRoleWithSAMLResponse -> Maybe Text
sessionToken :: Prelude.Maybe Prelude.Text,
    -- | The response's http status code.
    AssumeDecoratedRoleWithSAMLResponse -> Int
httpStatus :: Prelude.Int
  }
  deriving (AssumeDecoratedRoleWithSAMLResponse
-> AssumeDecoratedRoleWithSAMLResponse -> Bool
forall a. (a -> a -> Bool) -> (a -> a -> Bool) -> Eq a
/= :: AssumeDecoratedRoleWithSAMLResponse
-> AssumeDecoratedRoleWithSAMLResponse -> Bool
$c/= :: AssumeDecoratedRoleWithSAMLResponse
-> AssumeDecoratedRoleWithSAMLResponse -> Bool
== :: AssumeDecoratedRoleWithSAMLResponse
-> AssumeDecoratedRoleWithSAMLResponse -> Bool
$c== :: AssumeDecoratedRoleWithSAMLResponse
-> AssumeDecoratedRoleWithSAMLResponse -> Bool
Prelude.Eq, ReadPrec [AssumeDecoratedRoleWithSAMLResponse]
ReadPrec AssumeDecoratedRoleWithSAMLResponse
Int -> ReadS AssumeDecoratedRoleWithSAMLResponse
ReadS [AssumeDecoratedRoleWithSAMLResponse]
forall a.
(Int -> ReadS a)
-> ReadS [a] -> ReadPrec a -> ReadPrec [a] -> Read a
readListPrec :: ReadPrec [AssumeDecoratedRoleWithSAMLResponse]
$creadListPrec :: ReadPrec [AssumeDecoratedRoleWithSAMLResponse]
readPrec :: ReadPrec AssumeDecoratedRoleWithSAMLResponse
$creadPrec :: ReadPrec AssumeDecoratedRoleWithSAMLResponse
readList :: ReadS [AssumeDecoratedRoleWithSAMLResponse]
$creadList :: ReadS [AssumeDecoratedRoleWithSAMLResponse]
readsPrec :: Int -> ReadS AssumeDecoratedRoleWithSAMLResponse
$creadsPrec :: Int -> ReadS AssumeDecoratedRoleWithSAMLResponse
Prelude.Read, Int -> AssumeDecoratedRoleWithSAMLResponse -> ShowS
[AssumeDecoratedRoleWithSAMLResponse] -> ShowS
AssumeDecoratedRoleWithSAMLResponse -> String
forall a.
(Int -> a -> ShowS) -> (a -> String) -> ([a] -> ShowS) -> Show a
showList :: [AssumeDecoratedRoleWithSAMLResponse] -> ShowS
$cshowList :: [AssumeDecoratedRoleWithSAMLResponse] -> ShowS
show :: AssumeDecoratedRoleWithSAMLResponse -> String
$cshow :: AssumeDecoratedRoleWithSAMLResponse -> String
showsPrec :: Int -> AssumeDecoratedRoleWithSAMLResponse -> ShowS
$cshowsPrec :: Int -> AssumeDecoratedRoleWithSAMLResponse -> ShowS
Prelude.Show, forall x.
Rep AssumeDecoratedRoleWithSAMLResponse x
-> AssumeDecoratedRoleWithSAMLResponse
forall x.
AssumeDecoratedRoleWithSAMLResponse
-> Rep AssumeDecoratedRoleWithSAMLResponse x
forall a.
(forall x. a -> Rep a x) -> (forall x. Rep a x -> a) -> Generic a
$cto :: forall x.
Rep AssumeDecoratedRoleWithSAMLResponse x
-> AssumeDecoratedRoleWithSAMLResponse
$cfrom :: forall x.
AssumeDecoratedRoleWithSAMLResponse
-> Rep AssumeDecoratedRoleWithSAMLResponse x
Prelude.Generic)

-- |
-- Create a value of 'AssumeDecoratedRoleWithSAMLResponse' with all optional fields omitted.
--
-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
--
-- The following record fields are available, with the corresponding lenses provided
-- for backwards compatibility:
--
-- 'accessKeyId', 'assumeDecoratedRoleWithSAMLResponse_accessKeyId' - The access key ID for the temporary credentials. (The access key
-- consists of an access key ID and a secret key).
--
-- 'expiration', 'assumeDecoratedRoleWithSAMLResponse_expiration' - The date and time when the temporary credentials expire.
--
-- 'secretAccessKey', 'assumeDecoratedRoleWithSAMLResponse_secretAccessKey' - The secret key for the temporary credentials. (The access key consists
-- of an access key ID and a secret key).
--
-- 'sessionToken', 'assumeDecoratedRoleWithSAMLResponse_sessionToken' - The session token for the temporary credentials.
--
-- 'httpStatus', 'assumeDecoratedRoleWithSAMLResponse_httpStatus' - The response's http status code.
newAssumeDecoratedRoleWithSAMLResponse ::
  -- | 'httpStatus'
  Prelude.Int ->
  AssumeDecoratedRoleWithSAMLResponse
newAssumeDecoratedRoleWithSAMLResponse :: Int -> AssumeDecoratedRoleWithSAMLResponse
newAssumeDecoratedRoleWithSAMLResponse Int
pHttpStatus_ =
  AssumeDecoratedRoleWithSAMLResponse'
    { $sel:accessKeyId:AssumeDecoratedRoleWithSAMLResponse' :: Maybe Text
accessKeyId =
        forall a. Maybe a
Prelude.Nothing,
      $sel:expiration:AssumeDecoratedRoleWithSAMLResponse' :: Maybe POSIX
expiration = forall a. Maybe a
Prelude.Nothing,
      $sel:secretAccessKey:AssumeDecoratedRoleWithSAMLResponse' :: Maybe Text
secretAccessKey = forall a. Maybe a
Prelude.Nothing,
      $sel:sessionToken:AssumeDecoratedRoleWithSAMLResponse' :: Maybe Text
sessionToken = forall a. Maybe a
Prelude.Nothing,
      $sel:httpStatus:AssumeDecoratedRoleWithSAMLResponse' :: Int
httpStatus = Int
pHttpStatus_
    }

-- | The access key ID for the temporary credentials. (The access key
-- consists of an access key ID and a secret key).
assumeDecoratedRoleWithSAMLResponse_accessKeyId :: Lens.Lens' AssumeDecoratedRoleWithSAMLResponse (Prelude.Maybe Prelude.Text)
assumeDecoratedRoleWithSAMLResponse_accessKeyId :: Lens' AssumeDecoratedRoleWithSAMLResponse (Maybe Text)
assumeDecoratedRoleWithSAMLResponse_accessKeyId = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\AssumeDecoratedRoleWithSAMLResponse' {Maybe Text
accessKeyId :: Maybe Text
$sel:accessKeyId:AssumeDecoratedRoleWithSAMLResponse' :: AssumeDecoratedRoleWithSAMLResponse -> Maybe Text
accessKeyId} -> Maybe Text
accessKeyId) (\s :: AssumeDecoratedRoleWithSAMLResponse
s@AssumeDecoratedRoleWithSAMLResponse' {} Maybe Text
a -> AssumeDecoratedRoleWithSAMLResponse
s {$sel:accessKeyId:AssumeDecoratedRoleWithSAMLResponse' :: Maybe Text
accessKeyId = Maybe Text
a} :: AssumeDecoratedRoleWithSAMLResponse)

-- | The date and time when the temporary credentials expire.
assumeDecoratedRoleWithSAMLResponse_expiration :: Lens.Lens' AssumeDecoratedRoleWithSAMLResponse (Prelude.Maybe Prelude.UTCTime)
assumeDecoratedRoleWithSAMLResponse_expiration :: Lens' AssumeDecoratedRoleWithSAMLResponse (Maybe UTCTime)
assumeDecoratedRoleWithSAMLResponse_expiration = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\AssumeDecoratedRoleWithSAMLResponse' {Maybe POSIX
expiration :: Maybe POSIX
$sel:expiration:AssumeDecoratedRoleWithSAMLResponse' :: AssumeDecoratedRoleWithSAMLResponse -> Maybe POSIX
expiration} -> Maybe POSIX
expiration) (\s :: AssumeDecoratedRoleWithSAMLResponse
s@AssumeDecoratedRoleWithSAMLResponse' {} Maybe POSIX
a -> AssumeDecoratedRoleWithSAMLResponse
s {$sel:expiration:AssumeDecoratedRoleWithSAMLResponse' :: Maybe POSIX
expiration = Maybe POSIX
a} :: AssumeDecoratedRoleWithSAMLResponse) forall b c a. (b -> c) -> (a -> b) -> a -> c
Prelude.. forall (f :: * -> *) (g :: * -> *) s t a b.
(Functor f, Functor g) =>
AnIso s t a b -> Iso (f s) (g t) (f a) (g b)
Lens.mapping forall (a :: Format). Iso' (Time a) UTCTime
Data._Time

-- | The secret key for the temporary credentials. (The access key consists
-- of an access key ID and a secret key).
assumeDecoratedRoleWithSAMLResponse_secretAccessKey :: Lens.Lens' AssumeDecoratedRoleWithSAMLResponse (Prelude.Maybe Prelude.Text)
assumeDecoratedRoleWithSAMLResponse_secretAccessKey :: Lens' AssumeDecoratedRoleWithSAMLResponse (Maybe Text)
assumeDecoratedRoleWithSAMLResponse_secretAccessKey = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\AssumeDecoratedRoleWithSAMLResponse' {Maybe Text
secretAccessKey :: Maybe Text
$sel:secretAccessKey:AssumeDecoratedRoleWithSAMLResponse' :: AssumeDecoratedRoleWithSAMLResponse -> Maybe Text
secretAccessKey} -> Maybe Text
secretAccessKey) (\s :: AssumeDecoratedRoleWithSAMLResponse
s@AssumeDecoratedRoleWithSAMLResponse' {} Maybe Text
a -> AssumeDecoratedRoleWithSAMLResponse
s {$sel:secretAccessKey:AssumeDecoratedRoleWithSAMLResponse' :: Maybe Text
secretAccessKey = Maybe Text
a} :: AssumeDecoratedRoleWithSAMLResponse)

-- | The session token for the temporary credentials.
assumeDecoratedRoleWithSAMLResponse_sessionToken :: Lens.Lens' AssumeDecoratedRoleWithSAMLResponse (Prelude.Maybe Prelude.Text)
assumeDecoratedRoleWithSAMLResponse_sessionToken :: Lens' AssumeDecoratedRoleWithSAMLResponse (Maybe Text)
assumeDecoratedRoleWithSAMLResponse_sessionToken = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\AssumeDecoratedRoleWithSAMLResponse' {Maybe Text
sessionToken :: Maybe Text
$sel:sessionToken:AssumeDecoratedRoleWithSAMLResponse' :: AssumeDecoratedRoleWithSAMLResponse -> Maybe Text
sessionToken} -> Maybe Text
sessionToken) (\s :: AssumeDecoratedRoleWithSAMLResponse
s@AssumeDecoratedRoleWithSAMLResponse' {} Maybe Text
a -> AssumeDecoratedRoleWithSAMLResponse
s {$sel:sessionToken:AssumeDecoratedRoleWithSAMLResponse' :: Maybe Text
sessionToken = Maybe Text
a} :: AssumeDecoratedRoleWithSAMLResponse)

-- | The response's http status code.
assumeDecoratedRoleWithSAMLResponse_httpStatus :: Lens.Lens' AssumeDecoratedRoleWithSAMLResponse Prelude.Int
assumeDecoratedRoleWithSAMLResponse_httpStatus :: Lens' AssumeDecoratedRoleWithSAMLResponse Int
assumeDecoratedRoleWithSAMLResponse_httpStatus = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\AssumeDecoratedRoleWithSAMLResponse' {Int
httpStatus :: Int
$sel:httpStatus:AssumeDecoratedRoleWithSAMLResponse' :: AssumeDecoratedRoleWithSAMLResponse -> Int
httpStatus} -> Int
httpStatus) (\s :: AssumeDecoratedRoleWithSAMLResponse
s@AssumeDecoratedRoleWithSAMLResponse' {} Int
a -> AssumeDecoratedRoleWithSAMLResponse
s {$sel:httpStatus:AssumeDecoratedRoleWithSAMLResponse' :: Int
httpStatus = Int
a} :: AssumeDecoratedRoleWithSAMLResponse)

instance
  Prelude.NFData
    AssumeDecoratedRoleWithSAMLResponse
  where
  rnf :: AssumeDecoratedRoleWithSAMLResponse -> ()
rnf AssumeDecoratedRoleWithSAMLResponse' {Int
Maybe Text
Maybe POSIX
httpStatus :: Int
sessionToken :: Maybe Text
secretAccessKey :: Maybe Text
expiration :: Maybe POSIX
accessKeyId :: Maybe Text
$sel:httpStatus:AssumeDecoratedRoleWithSAMLResponse' :: AssumeDecoratedRoleWithSAMLResponse -> Int
$sel:sessionToken:AssumeDecoratedRoleWithSAMLResponse' :: AssumeDecoratedRoleWithSAMLResponse -> Maybe Text
$sel:secretAccessKey:AssumeDecoratedRoleWithSAMLResponse' :: AssumeDecoratedRoleWithSAMLResponse -> Maybe Text
$sel:expiration:AssumeDecoratedRoleWithSAMLResponse' :: AssumeDecoratedRoleWithSAMLResponse -> Maybe POSIX
$sel:accessKeyId:AssumeDecoratedRoleWithSAMLResponse' :: AssumeDecoratedRoleWithSAMLResponse -> Maybe Text
..} =
    forall a. NFData a => a -> ()
Prelude.rnf Maybe Text
accessKeyId
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf Maybe POSIX
expiration
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf Maybe Text
secretAccessKey
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf Maybe Text
sessionToken
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf Int
httpStatus