{-# LANGUAGE DeriveGeneric #-}
{-# LANGUAGE DuplicateRecordFields #-}
{-# LANGUAGE NamedFieldPuns #-}
{-# LANGUAGE OverloadedStrings #-}
{-# LANGUAGE RecordWildCards #-}
{-# LANGUAGE StrictData #-}
{-# LANGUAGE NoImplicitPrelude #-}
{-# OPTIONS_GHC -fno-warn-unused-imports #-}
{-# OPTIONS_GHC -fno-warn-unused-matches #-}

-- Derived from AWS service descriptions, licensed under Apache 2.0.

-- |
-- Module      : Amazonka.S3.Types.ServerSideEncryptionRule
-- Copyright   : (c) 2013-2023 Brendan Hay
-- License     : Mozilla Public License, v. 2.0.
-- Maintainer  : Brendan Hay
-- Stability   : auto-generated
-- Portability : non-portable (GHC extensions)
module Amazonka.S3.Types.ServerSideEncryptionRule where

import qualified Amazonka.Core as Core
import qualified Amazonka.Core.Lens.Internal as Lens
import qualified Amazonka.Data as Data
import qualified Amazonka.Prelude as Prelude
import Amazonka.S3.Internal
import Amazonka.S3.Types.ServerSideEncryptionByDefault

-- | Specifies the default server-side encryption configuration.
--
-- /See:/ 'newServerSideEncryptionRule' smart constructor.
data ServerSideEncryptionRule = ServerSideEncryptionRule'
  { -- | Specifies the default server-side encryption to apply to new objects in
    -- the bucket. If a PUT Object request doesn\'t specify any server-side
    -- encryption, this default encryption will be applied.
    ServerSideEncryptionRule -> Maybe ServerSideEncryptionByDefault
applyServerSideEncryptionByDefault :: Prelude.Maybe ServerSideEncryptionByDefault,
    -- | Specifies whether Amazon S3 should use an S3 Bucket Key with server-side
    -- encryption using KMS (SSE-KMS) for new objects in the bucket. Existing
    -- objects are not affected. Setting the @BucketKeyEnabled@ element to
    -- @true@ causes Amazon S3 to use an S3 Bucket Key. By default, S3 Bucket
    -- Key is not enabled.
    --
    -- For more information, see
    -- <https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html Amazon S3 Bucket Keys>
    -- in the /Amazon S3 User Guide/.
    ServerSideEncryptionRule -> Maybe Bool
bucketKeyEnabled :: Prelude.Maybe Prelude.Bool
  }
  deriving (ServerSideEncryptionRule -> ServerSideEncryptionRule -> Bool
forall a. (a -> a -> Bool) -> (a -> a -> Bool) -> Eq a
/= :: ServerSideEncryptionRule -> ServerSideEncryptionRule -> Bool
$c/= :: ServerSideEncryptionRule -> ServerSideEncryptionRule -> Bool
== :: ServerSideEncryptionRule -> ServerSideEncryptionRule -> Bool
$c== :: ServerSideEncryptionRule -> ServerSideEncryptionRule -> Bool
Prelude.Eq, Int -> ServerSideEncryptionRule -> ShowS
[ServerSideEncryptionRule] -> ShowS
ServerSideEncryptionRule -> String
forall a.
(Int -> a -> ShowS) -> (a -> String) -> ([a] -> ShowS) -> Show a
showList :: [ServerSideEncryptionRule] -> ShowS
$cshowList :: [ServerSideEncryptionRule] -> ShowS
show :: ServerSideEncryptionRule -> String
$cshow :: ServerSideEncryptionRule -> String
showsPrec :: Int -> ServerSideEncryptionRule -> ShowS
$cshowsPrec :: Int -> ServerSideEncryptionRule -> ShowS
Prelude.Show, forall x.
Rep ServerSideEncryptionRule x -> ServerSideEncryptionRule
forall x.
ServerSideEncryptionRule -> Rep ServerSideEncryptionRule x
forall a.
(forall x. a -> Rep a x) -> (forall x. Rep a x -> a) -> Generic a
$cto :: forall x.
Rep ServerSideEncryptionRule x -> ServerSideEncryptionRule
$cfrom :: forall x.
ServerSideEncryptionRule -> Rep ServerSideEncryptionRule x
Prelude.Generic)

-- |
-- Create a value of 'ServerSideEncryptionRule' with all optional fields omitted.
--
-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
--
-- The following record fields are available, with the corresponding lenses provided
-- for backwards compatibility:
--
-- 'applyServerSideEncryptionByDefault', 'serverSideEncryptionRule_applyServerSideEncryptionByDefault' - Specifies the default server-side encryption to apply to new objects in
-- the bucket. If a PUT Object request doesn\'t specify any server-side
-- encryption, this default encryption will be applied.
--
-- 'bucketKeyEnabled', 'serverSideEncryptionRule_bucketKeyEnabled' - Specifies whether Amazon S3 should use an S3 Bucket Key with server-side
-- encryption using KMS (SSE-KMS) for new objects in the bucket. Existing
-- objects are not affected. Setting the @BucketKeyEnabled@ element to
-- @true@ causes Amazon S3 to use an S3 Bucket Key. By default, S3 Bucket
-- Key is not enabled.
--
-- For more information, see
-- <https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html Amazon S3 Bucket Keys>
-- in the /Amazon S3 User Guide/.
newServerSideEncryptionRule ::
  ServerSideEncryptionRule
newServerSideEncryptionRule :: ServerSideEncryptionRule
newServerSideEncryptionRule =
  ServerSideEncryptionRule'
    { $sel:applyServerSideEncryptionByDefault:ServerSideEncryptionRule' :: Maybe ServerSideEncryptionByDefault
applyServerSideEncryptionByDefault =
        forall a. Maybe a
Prelude.Nothing,
      $sel:bucketKeyEnabled:ServerSideEncryptionRule' :: Maybe Bool
bucketKeyEnabled = forall a. Maybe a
Prelude.Nothing
    }

-- | Specifies the default server-side encryption to apply to new objects in
-- the bucket. If a PUT Object request doesn\'t specify any server-side
-- encryption, this default encryption will be applied.
serverSideEncryptionRule_applyServerSideEncryptionByDefault :: Lens.Lens' ServerSideEncryptionRule (Prelude.Maybe ServerSideEncryptionByDefault)
serverSideEncryptionRule_applyServerSideEncryptionByDefault :: Lens'
  ServerSideEncryptionRule (Maybe ServerSideEncryptionByDefault)
serverSideEncryptionRule_applyServerSideEncryptionByDefault = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\ServerSideEncryptionRule' {Maybe ServerSideEncryptionByDefault
applyServerSideEncryptionByDefault :: Maybe ServerSideEncryptionByDefault
$sel:applyServerSideEncryptionByDefault:ServerSideEncryptionRule' :: ServerSideEncryptionRule -> Maybe ServerSideEncryptionByDefault
applyServerSideEncryptionByDefault} -> Maybe ServerSideEncryptionByDefault
applyServerSideEncryptionByDefault) (\s :: ServerSideEncryptionRule
s@ServerSideEncryptionRule' {} Maybe ServerSideEncryptionByDefault
a -> ServerSideEncryptionRule
s {$sel:applyServerSideEncryptionByDefault:ServerSideEncryptionRule' :: Maybe ServerSideEncryptionByDefault
applyServerSideEncryptionByDefault = Maybe ServerSideEncryptionByDefault
a} :: ServerSideEncryptionRule)

-- | Specifies whether Amazon S3 should use an S3 Bucket Key with server-side
-- encryption using KMS (SSE-KMS) for new objects in the bucket. Existing
-- objects are not affected. Setting the @BucketKeyEnabled@ element to
-- @true@ causes Amazon S3 to use an S3 Bucket Key. By default, S3 Bucket
-- Key is not enabled.
--
-- For more information, see
-- <https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html Amazon S3 Bucket Keys>
-- in the /Amazon S3 User Guide/.
serverSideEncryptionRule_bucketKeyEnabled :: Lens.Lens' ServerSideEncryptionRule (Prelude.Maybe Prelude.Bool)
serverSideEncryptionRule_bucketKeyEnabled :: Lens' ServerSideEncryptionRule (Maybe Bool)
serverSideEncryptionRule_bucketKeyEnabled = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\ServerSideEncryptionRule' {Maybe Bool
bucketKeyEnabled :: Maybe Bool
$sel:bucketKeyEnabled:ServerSideEncryptionRule' :: ServerSideEncryptionRule -> Maybe Bool
bucketKeyEnabled} -> Maybe Bool
bucketKeyEnabled) (\s :: ServerSideEncryptionRule
s@ServerSideEncryptionRule' {} Maybe Bool
a -> ServerSideEncryptionRule
s {$sel:bucketKeyEnabled:ServerSideEncryptionRule' :: Maybe Bool
bucketKeyEnabled = Maybe Bool
a} :: ServerSideEncryptionRule)

instance Data.FromXML ServerSideEncryptionRule where
  parseXML :: [Node] -> Either String ServerSideEncryptionRule
parseXML [Node]
x =
    Maybe ServerSideEncryptionByDefault
-> Maybe Bool -> ServerSideEncryptionRule
ServerSideEncryptionRule'
      forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
Prelude.<$> ([Node]
x forall a. FromXML a => [Node] -> Text -> Either String (Maybe a)
Data..@? Text
"ApplyServerSideEncryptionByDefault")
      forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> ([Node]
x forall a. FromXML a => [Node] -> Text -> Either String (Maybe a)
Data..@? Text
"BucketKeyEnabled")

instance Prelude.Hashable ServerSideEncryptionRule where
  hashWithSalt :: Int -> ServerSideEncryptionRule -> Int
hashWithSalt Int
_salt ServerSideEncryptionRule' {Maybe Bool
Maybe ServerSideEncryptionByDefault
bucketKeyEnabled :: Maybe Bool
applyServerSideEncryptionByDefault :: Maybe ServerSideEncryptionByDefault
$sel:bucketKeyEnabled:ServerSideEncryptionRule' :: ServerSideEncryptionRule -> Maybe Bool
$sel:applyServerSideEncryptionByDefault:ServerSideEncryptionRule' :: ServerSideEncryptionRule -> Maybe ServerSideEncryptionByDefault
..} =
    Int
_salt
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` Maybe ServerSideEncryptionByDefault
applyServerSideEncryptionByDefault
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` Maybe Bool
bucketKeyEnabled

instance Prelude.NFData ServerSideEncryptionRule where
  rnf :: ServerSideEncryptionRule -> ()
rnf ServerSideEncryptionRule' {Maybe Bool
Maybe ServerSideEncryptionByDefault
bucketKeyEnabled :: Maybe Bool
applyServerSideEncryptionByDefault :: Maybe ServerSideEncryptionByDefault
$sel:bucketKeyEnabled:ServerSideEncryptionRule' :: ServerSideEncryptionRule -> Maybe Bool
$sel:applyServerSideEncryptionByDefault:ServerSideEncryptionRule' :: ServerSideEncryptionRule -> Maybe ServerSideEncryptionByDefault
..} =
    forall a. NFData a => a -> ()
Prelude.rnf Maybe ServerSideEncryptionByDefault
applyServerSideEncryptionByDefault
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf Maybe Bool
bucketKeyEnabled

instance Data.ToXML ServerSideEncryptionRule where
  toXML :: ServerSideEncryptionRule -> XML
toXML ServerSideEncryptionRule' {Maybe Bool
Maybe ServerSideEncryptionByDefault
bucketKeyEnabled :: Maybe Bool
applyServerSideEncryptionByDefault :: Maybe ServerSideEncryptionByDefault
$sel:bucketKeyEnabled:ServerSideEncryptionRule' :: ServerSideEncryptionRule -> Maybe Bool
$sel:applyServerSideEncryptionByDefault:ServerSideEncryptionRule' :: ServerSideEncryptionRule -> Maybe ServerSideEncryptionByDefault
..} =
    forall a. Monoid a => [a] -> a
Prelude.mconcat
      [ Name
"ApplyServerSideEncryptionByDefault"
          forall a. ToXML a => Name -> a -> XML
Data.@= Maybe ServerSideEncryptionByDefault
applyServerSideEncryptionByDefault,
        Name
"BucketKeyEnabled" forall a. ToXML a => Name -> a -> XML
Data.@= Maybe Bool
bucketKeyEnabled
      ]