{-# LANGUAGE DeriveGeneric #-} {-# LANGUAGE DuplicateRecordFields #-} {-# LANGUAGE NamedFieldPuns #-} {-# LANGUAGE OverloadedStrings #-} {-# LANGUAGE RecordWildCards #-} {-# LANGUAGE StrictData #-} {-# LANGUAGE TypeFamilies #-} {-# LANGUAGE NoImplicitPrelude #-} {-# OPTIONS_GHC -fno-warn-unused-binds #-} {-# OPTIONS_GHC -fno-warn-unused-imports #-} {-# OPTIONS_GHC -fno-warn-unused-matches #-} -- Derived from AWS service descriptions, licensed under Apache 2.0. -- | -- Module : Amazonka.CodeGuruProfiler.PutPermission -- Copyright : (c) 2013-2023 Brendan Hay -- License : Mozilla Public License, v. 2.0. -- Maintainer : Brendan Hay -- Stability : auto-generated -- Portability : non-portable (GHC extensions) -- -- Adds permissions to a profiling group\'s resource-based policy that are -- provided using an action group. If a profiling group doesn\'t have a -- resource-based policy, one is created for it using the permissions in -- the action group and the roles and users in the @principals@ parameter. -- -- >
The one supported action group that can be added is agentPermission
which grants ConfigureAgent
and PostAgent
permissions. For more information, see Resource-based policies in CodeGuru Profiler in the Amazon CodeGuru Profiler User Guide, ConfigureAgent
, and PostAgentProfile
.
The first time you call PutPermission
on a profiling group, do not specify a revisionId
because it doesn't have a resource-based policy. Subsequent calls must provide a revisionId
to specify which revision of the resource-based policy to add the permissions to.
The response contains the profiling group's JSON-formatted resource policy.
module Amazonka.CodeGuruProfiler.PutPermission ( -- * Creating a Request PutPermission (..), newPutPermission, -- * Request Lenses putPermission_revisionId, putPermission_actionGroup, putPermission_principals, putPermission_profilingGroupName, -- * Destructuring the Response PutPermissionResponse (..), newPutPermissionResponse, -- * Response Lenses putPermissionResponse_httpStatus, putPermissionResponse_policy, putPermissionResponse_revisionId, ) where import Amazonka.CodeGuruProfiler.Types import qualified Amazonka.Core as Core import qualified Amazonka.Core.Lens.Internal as Lens import qualified Amazonka.Data as Data import qualified Amazonka.Prelude as Prelude import qualified Amazonka.Request as Request import qualified Amazonka.Response as Response -- | The structure representing the @putPermissionRequest@. -- -- /See:/ 'newPutPermission' smart constructor. data PutPermission = PutPermission' { -- | A universally unique identifier (UUID) for the revision of the policy -- you are adding to the profiling group. Do not specify this when you add -- permissions to a profiling group for the first time. If a policy already -- exists on the profiling group, you must specify the @revisionId@. revisionId :: Prelude.Maybe Prelude.Text, -- | Specifies an action group that contains permissions to add to a -- profiling group resource. One action group is supported, -- @agentPermissions@, which grants permission to perform actions required -- by the profiling agent, @ConfigureAgent@ and @PostAgentProfile@ -- permissions. actionGroup :: ActionGroup, -- | A list ARNs for the roles and users you want to grant access to the -- profiling group. Wildcards are not are supported in the ARNs. principals :: Prelude.NonEmpty Prelude.Text, -- | The name of the profiling group to grant access to. profilingGroupName :: Prelude.Text } deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic) -- | -- Create a value of 'PutPermission' with all optional fields omitted. -- -- Use