{-# LANGUAGE DeriveGeneric #-}
{-# LANGUAGE DuplicateRecordFields #-}
{-# LANGUAGE NamedFieldPuns #-}
{-# LANGUAGE OverloadedStrings #-}
{-# LANGUAGE RecordWildCards #-}
{-# LANGUAGE StrictData #-}
{-# LANGUAGE NoImplicitPrelude #-}
{-# OPTIONS_GHC -fno-warn-unused-imports #-}
{-# OPTIONS_GHC -fno-warn-unused-matches #-}

-- Derived from AWS service descriptions, licensed under Apache 2.0.

-- |
-- Module      : Amazonka.RDS.Types.UserAuthConfig
-- Copyright   : (c) 2013-2023 Brendan Hay
-- License     : Mozilla Public License, v. 2.0.
-- Maintainer  : Brendan Hay
-- Stability   : auto-generated
-- Portability : non-portable (GHC extensions)
module Amazonka.RDS.Types.UserAuthConfig where

import qualified Amazonka.Core as Core
import qualified Amazonka.Core.Lens.Internal as Lens
import qualified Amazonka.Data as Data
import qualified Amazonka.Prelude as Prelude
import Amazonka.RDS.Types.AuthScheme
import Amazonka.RDS.Types.ClientPasswordAuthType
import Amazonka.RDS.Types.IAMAuthMode

-- | Specifies the details of authentication used by a proxy to log in as a
-- specific database user.
--
-- /See:/ 'newUserAuthConfig' smart constructor.
data UserAuthConfig = UserAuthConfig'
  { -- | The type of authentication that the proxy uses for connections from the
    -- proxy to the underlying database.
    UserAuthConfig -> Maybe AuthScheme
authScheme :: Prelude.Maybe AuthScheme,
    -- | The type of authentication the proxy uses for connections from clients.
    UserAuthConfig -> Maybe ClientPasswordAuthType
clientPasswordAuthType :: Prelude.Maybe ClientPasswordAuthType,
    -- | A user-specified description about the authentication used by a proxy to
    -- log in as a specific database user.
    UserAuthConfig -> Maybe Text
description :: Prelude.Maybe Prelude.Text,
    -- | Whether to require or disallow Amazon Web Services Identity and Access
    -- Management (IAM) authentication for connections to the proxy. The
    -- @ENABLED@ value is valid only for proxies with RDS for Microsoft SQL
    -- Server.
    UserAuthConfig -> Maybe IAMAuthMode
iAMAuth :: Prelude.Maybe IAMAuthMode,
    -- | The Amazon Resource Name (ARN) representing the secret that the proxy
    -- uses to authenticate to the RDS DB instance or Aurora DB cluster. These
    -- secrets are stored within Amazon Secrets Manager.
    UserAuthConfig -> Maybe Text
secretArn :: Prelude.Maybe Prelude.Text,
    -- | The name of the database user to which the proxy connects.
    UserAuthConfig -> Maybe Text
userName :: Prelude.Maybe Prelude.Text
  }
  deriving (UserAuthConfig -> UserAuthConfig -> Bool
forall a. (a -> a -> Bool) -> (a -> a -> Bool) -> Eq a
/= :: UserAuthConfig -> UserAuthConfig -> Bool
$c/= :: UserAuthConfig -> UserAuthConfig -> Bool
== :: UserAuthConfig -> UserAuthConfig -> Bool
$c== :: UserAuthConfig -> UserAuthConfig -> Bool
Prelude.Eq, ReadPrec [UserAuthConfig]
ReadPrec UserAuthConfig
Int -> ReadS UserAuthConfig
ReadS [UserAuthConfig]
forall a.
(Int -> ReadS a)
-> ReadS [a] -> ReadPrec a -> ReadPrec [a] -> Read a
readListPrec :: ReadPrec [UserAuthConfig]
$creadListPrec :: ReadPrec [UserAuthConfig]
readPrec :: ReadPrec UserAuthConfig
$creadPrec :: ReadPrec UserAuthConfig
readList :: ReadS [UserAuthConfig]
$creadList :: ReadS [UserAuthConfig]
readsPrec :: Int -> ReadS UserAuthConfig
$creadsPrec :: Int -> ReadS UserAuthConfig
Prelude.Read, Int -> UserAuthConfig -> ShowS
[UserAuthConfig] -> ShowS
UserAuthConfig -> String
forall a.
(Int -> a -> ShowS) -> (a -> String) -> ([a] -> ShowS) -> Show a
showList :: [UserAuthConfig] -> ShowS
$cshowList :: [UserAuthConfig] -> ShowS
show :: UserAuthConfig -> String
$cshow :: UserAuthConfig -> String
showsPrec :: Int -> UserAuthConfig -> ShowS
$cshowsPrec :: Int -> UserAuthConfig -> ShowS
Prelude.Show, forall x. Rep UserAuthConfig x -> UserAuthConfig
forall x. UserAuthConfig -> Rep UserAuthConfig x
forall a.
(forall x. a -> Rep a x) -> (forall x. Rep a x -> a) -> Generic a
$cto :: forall x. Rep UserAuthConfig x -> UserAuthConfig
$cfrom :: forall x. UserAuthConfig -> Rep UserAuthConfig x
Prelude.Generic)

-- |
-- Create a value of 'UserAuthConfig' with all optional fields omitted.
--
-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
--
-- The following record fields are available, with the corresponding lenses provided
-- for backwards compatibility:
--
-- 'authScheme', 'userAuthConfig_authScheme' - The type of authentication that the proxy uses for connections from the
-- proxy to the underlying database.
--
-- 'clientPasswordAuthType', 'userAuthConfig_clientPasswordAuthType' - The type of authentication the proxy uses for connections from clients.
--
-- 'description', 'userAuthConfig_description' - A user-specified description about the authentication used by a proxy to
-- log in as a specific database user.
--
-- 'iAMAuth', 'userAuthConfig_iAMAuth' - Whether to require or disallow Amazon Web Services Identity and Access
-- Management (IAM) authentication for connections to the proxy. The
-- @ENABLED@ value is valid only for proxies with RDS for Microsoft SQL
-- Server.
--
-- 'secretArn', 'userAuthConfig_secretArn' - The Amazon Resource Name (ARN) representing the secret that the proxy
-- uses to authenticate to the RDS DB instance or Aurora DB cluster. These
-- secrets are stored within Amazon Secrets Manager.
--
-- 'userName', 'userAuthConfig_userName' - The name of the database user to which the proxy connects.
newUserAuthConfig ::
  UserAuthConfig
newUserAuthConfig :: UserAuthConfig
newUserAuthConfig =
  UserAuthConfig'
    { $sel:authScheme:UserAuthConfig' :: Maybe AuthScheme
authScheme = forall a. Maybe a
Prelude.Nothing,
      $sel:clientPasswordAuthType:UserAuthConfig' :: Maybe ClientPasswordAuthType
clientPasswordAuthType = forall a. Maybe a
Prelude.Nothing,
      $sel:description:UserAuthConfig' :: Maybe Text
description = forall a. Maybe a
Prelude.Nothing,
      $sel:iAMAuth:UserAuthConfig' :: Maybe IAMAuthMode
iAMAuth = forall a. Maybe a
Prelude.Nothing,
      $sel:secretArn:UserAuthConfig' :: Maybe Text
secretArn = forall a. Maybe a
Prelude.Nothing,
      $sel:userName:UserAuthConfig' :: Maybe Text
userName = forall a. Maybe a
Prelude.Nothing
    }

-- | The type of authentication that the proxy uses for connections from the
-- proxy to the underlying database.
userAuthConfig_authScheme :: Lens.Lens' UserAuthConfig (Prelude.Maybe AuthScheme)
userAuthConfig_authScheme :: Lens' UserAuthConfig (Maybe AuthScheme)
userAuthConfig_authScheme = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\UserAuthConfig' {Maybe AuthScheme
authScheme :: Maybe AuthScheme
$sel:authScheme:UserAuthConfig' :: UserAuthConfig -> Maybe AuthScheme
authScheme} -> Maybe AuthScheme
authScheme) (\s :: UserAuthConfig
s@UserAuthConfig' {} Maybe AuthScheme
a -> UserAuthConfig
s {$sel:authScheme:UserAuthConfig' :: Maybe AuthScheme
authScheme = Maybe AuthScheme
a} :: UserAuthConfig)

-- | The type of authentication the proxy uses for connections from clients.
userAuthConfig_clientPasswordAuthType :: Lens.Lens' UserAuthConfig (Prelude.Maybe ClientPasswordAuthType)
userAuthConfig_clientPasswordAuthType :: Lens' UserAuthConfig (Maybe ClientPasswordAuthType)
userAuthConfig_clientPasswordAuthType = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\UserAuthConfig' {Maybe ClientPasswordAuthType
clientPasswordAuthType :: Maybe ClientPasswordAuthType
$sel:clientPasswordAuthType:UserAuthConfig' :: UserAuthConfig -> Maybe ClientPasswordAuthType
clientPasswordAuthType} -> Maybe ClientPasswordAuthType
clientPasswordAuthType) (\s :: UserAuthConfig
s@UserAuthConfig' {} Maybe ClientPasswordAuthType
a -> UserAuthConfig
s {$sel:clientPasswordAuthType:UserAuthConfig' :: Maybe ClientPasswordAuthType
clientPasswordAuthType = Maybe ClientPasswordAuthType
a} :: UserAuthConfig)

-- | A user-specified description about the authentication used by a proxy to
-- log in as a specific database user.
userAuthConfig_description :: Lens.Lens' UserAuthConfig (Prelude.Maybe Prelude.Text)
userAuthConfig_description :: Lens' UserAuthConfig (Maybe Text)
userAuthConfig_description = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\UserAuthConfig' {Maybe Text
description :: Maybe Text
$sel:description:UserAuthConfig' :: UserAuthConfig -> Maybe Text
description} -> Maybe Text
description) (\s :: UserAuthConfig
s@UserAuthConfig' {} Maybe Text
a -> UserAuthConfig
s {$sel:description:UserAuthConfig' :: Maybe Text
description = Maybe Text
a} :: UserAuthConfig)

-- | Whether to require or disallow Amazon Web Services Identity and Access
-- Management (IAM) authentication for connections to the proxy. The
-- @ENABLED@ value is valid only for proxies with RDS for Microsoft SQL
-- Server.
userAuthConfig_iAMAuth :: Lens.Lens' UserAuthConfig (Prelude.Maybe IAMAuthMode)
userAuthConfig_iAMAuth :: Lens' UserAuthConfig (Maybe IAMAuthMode)
userAuthConfig_iAMAuth = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\UserAuthConfig' {Maybe IAMAuthMode
iAMAuth :: Maybe IAMAuthMode
$sel:iAMAuth:UserAuthConfig' :: UserAuthConfig -> Maybe IAMAuthMode
iAMAuth} -> Maybe IAMAuthMode
iAMAuth) (\s :: UserAuthConfig
s@UserAuthConfig' {} Maybe IAMAuthMode
a -> UserAuthConfig
s {$sel:iAMAuth:UserAuthConfig' :: Maybe IAMAuthMode
iAMAuth = Maybe IAMAuthMode
a} :: UserAuthConfig)

-- | The Amazon Resource Name (ARN) representing the secret that the proxy
-- uses to authenticate to the RDS DB instance or Aurora DB cluster. These
-- secrets are stored within Amazon Secrets Manager.
userAuthConfig_secretArn :: Lens.Lens' UserAuthConfig (Prelude.Maybe Prelude.Text)
userAuthConfig_secretArn :: Lens' UserAuthConfig (Maybe Text)
userAuthConfig_secretArn = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\UserAuthConfig' {Maybe Text
secretArn :: Maybe Text
$sel:secretArn:UserAuthConfig' :: UserAuthConfig -> Maybe Text
secretArn} -> Maybe Text
secretArn) (\s :: UserAuthConfig
s@UserAuthConfig' {} Maybe Text
a -> UserAuthConfig
s {$sel:secretArn:UserAuthConfig' :: Maybe Text
secretArn = Maybe Text
a} :: UserAuthConfig)

-- | The name of the database user to which the proxy connects.
userAuthConfig_userName :: Lens.Lens' UserAuthConfig (Prelude.Maybe Prelude.Text)
userAuthConfig_userName :: Lens' UserAuthConfig (Maybe Text)
userAuthConfig_userName = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\UserAuthConfig' {Maybe Text
userName :: Maybe Text
$sel:userName:UserAuthConfig' :: UserAuthConfig -> Maybe Text
userName} -> Maybe Text
userName) (\s :: UserAuthConfig
s@UserAuthConfig' {} Maybe Text
a -> UserAuthConfig
s {$sel:userName:UserAuthConfig' :: Maybe Text
userName = Maybe Text
a} :: UserAuthConfig)

instance Prelude.Hashable UserAuthConfig where
  hashWithSalt :: Int -> UserAuthConfig -> Int
hashWithSalt Int
_salt UserAuthConfig' {Maybe Text
Maybe AuthScheme
Maybe ClientPasswordAuthType
Maybe IAMAuthMode
userName :: Maybe Text
secretArn :: Maybe Text
iAMAuth :: Maybe IAMAuthMode
description :: Maybe Text
clientPasswordAuthType :: Maybe ClientPasswordAuthType
authScheme :: Maybe AuthScheme
$sel:userName:UserAuthConfig' :: UserAuthConfig -> Maybe Text
$sel:secretArn:UserAuthConfig' :: UserAuthConfig -> Maybe Text
$sel:iAMAuth:UserAuthConfig' :: UserAuthConfig -> Maybe IAMAuthMode
$sel:description:UserAuthConfig' :: UserAuthConfig -> Maybe Text
$sel:clientPasswordAuthType:UserAuthConfig' :: UserAuthConfig -> Maybe ClientPasswordAuthType
$sel:authScheme:UserAuthConfig' :: UserAuthConfig -> Maybe AuthScheme
..} =
    Int
_salt
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` Maybe AuthScheme
authScheme
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` Maybe ClientPasswordAuthType
clientPasswordAuthType
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` Maybe Text
description
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` Maybe IAMAuthMode
iAMAuth
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` Maybe Text
secretArn
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` Maybe Text
userName

instance Prelude.NFData UserAuthConfig where
  rnf :: UserAuthConfig -> ()
rnf UserAuthConfig' {Maybe Text
Maybe AuthScheme
Maybe ClientPasswordAuthType
Maybe IAMAuthMode
userName :: Maybe Text
secretArn :: Maybe Text
iAMAuth :: Maybe IAMAuthMode
description :: Maybe Text
clientPasswordAuthType :: Maybe ClientPasswordAuthType
authScheme :: Maybe AuthScheme
$sel:userName:UserAuthConfig' :: UserAuthConfig -> Maybe Text
$sel:secretArn:UserAuthConfig' :: UserAuthConfig -> Maybe Text
$sel:iAMAuth:UserAuthConfig' :: UserAuthConfig -> Maybe IAMAuthMode
$sel:description:UserAuthConfig' :: UserAuthConfig -> Maybe Text
$sel:clientPasswordAuthType:UserAuthConfig' :: UserAuthConfig -> Maybe ClientPasswordAuthType
$sel:authScheme:UserAuthConfig' :: UserAuthConfig -> Maybe AuthScheme
..} =
    forall a. NFData a => a -> ()
Prelude.rnf Maybe AuthScheme
authScheme
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf Maybe ClientPasswordAuthType
clientPasswordAuthType
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf Maybe Text
description
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf Maybe IAMAuthMode
iAMAuth
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf Maybe Text
secretArn
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf Maybe Text
userName

instance Data.ToQuery UserAuthConfig where
  toQuery :: UserAuthConfig -> QueryString
toQuery UserAuthConfig' {Maybe Text
Maybe AuthScheme
Maybe ClientPasswordAuthType
Maybe IAMAuthMode
userName :: Maybe Text
secretArn :: Maybe Text
iAMAuth :: Maybe IAMAuthMode
description :: Maybe Text
clientPasswordAuthType :: Maybe ClientPasswordAuthType
authScheme :: Maybe AuthScheme
$sel:userName:UserAuthConfig' :: UserAuthConfig -> Maybe Text
$sel:secretArn:UserAuthConfig' :: UserAuthConfig -> Maybe Text
$sel:iAMAuth:UserAuthConfig' :: UserAuthConfig -> Maybe IAMAuthMode
$sel:description:UserAuthConfig' :: UserAuthConfig -> Maybe Text
$sel:clientPasswordAuthType:UserAuthConfig' :: UserAuthConfig -> Maybe ClientPasswordAuthType
$sel:authScheme:UserAuthConfig' :: UserAuthConfig -> Maybe AuthScheme
..} =
    forall a. Monoid a => [a] -> a
Prelude.mconcat
      [ ByteString
"AuthScheme" forall a. ToQuery a => ByteString -> a -> QueryString
Data.=: Maybe AuthScheme
authScheme,
        ByteString
"ClientPasswordAuthType"
          forall a. ToQuery a => ByteString -> a -> QueryString
Data.=: Maybe ClientPasswordAuthType
clientPasswordAuthType,
        ByteString
"Description" forall a. ToQuery a => ByteString -> a -> QueryString
Data.=: Maybe Text
description,
        ByteString
"IAMAuth" forall a. ToQuery a => ByteString -> a -> QueryString
Data.=: Maybe IAMAuthMode
iAMAuth,
        ByteString
"SecretArn" forall a. ToQuery a => ByteString -> a -> QueryString
Data.=: Maybe Text
secretArn,
        ByteString
"UserName" forall a. ToQuery a => ByteString -> a -> QueryString
Data.=: Maybe Text
userName
      ]