packages feed

amazonka-certificatemanager-pca (empty) → 1.6.0

raw patch · 62 files changed

+5114/−0 lines, 62 filesdep +amazonka-certificatemanager-pcadep +amazonka-coredep +amazonka-testsetup-changed

Dependencies added: amazonka-certificatemanager-pca, amazonka-core, amazonka-test, base, bytestring, tasty, tasty-hunit, text, time, unordered-containers

Files

+ LICENSE view
@@ -0,0 +1,367 @@+Mozilla Public License Version 2.0+==================================++1. Definitions+--------------++1.1. "Contributor"+    means each individual or legal entity that creates, contributes to+    the creation of, or owns Covered Software.++1.2. "Contributor Version"+    means the combination of the Contributions of others (if any) used+    by a Contributor and that particular Contributor's Contribution.++1.3. "Contribution"+    means Covered Software of a particular Contributor.++1.4. "Covered Software"+    means Source Code Form to which the initial Contributor has attached+    the notice in Exhibit A, the Executable Form of such Source Code+    Form, and Modifications of such Source Code Form, in each case+    including portions thereof.++1.5. "Incompatible With Secondary Licenses"+    means++    (a) that the initial Contributor has attached the notice described+        in Exhibit B to the Covered Software; or++    (b) that the Covered Software was made available under the terms of+        version 1.1 or earlier of the License, but not also under the+        terms of a Secondary License.++1.6. "Executable Form"+    means any form of the work other than Source Code Form.++1.7. "Larger Work"+    means a work that combines Covered Software with other material, in+    a separate file or files, that is not Covered Software.++1.8. "License"+    means this document.++1.9. "Licensable"+    means having the right to grant, to the maximum extent possible,+    whether at the time of the initial grant or subsequently, any and+    all of the rights conveyed by this License.++1.10. "Modifications"+    means any of the following:++    (a) any file in Source Code Form that results from an addition to,+        deletion from, or modification of the contents of Covered+        Software; or++    (b) any new file in Source Code Form that contains any Covered+        Software.++1.11. "Patent Claims" of a Contributor+    means any patent claim(s), including without limitation, method,+    process, and apparatus claims, in any patent Licensable by such+    Contributor that would be infringed, but for the grant of the+    License, by the making, using, selling, offering for sale, having+    made, import, or transfer of either its Contributions or its+    Contributor Version.++1.12. "Secondary License"+    means either the GNU General Public License, Version 2.0, the GNU+    Lesser General Public License, Version 2.1, the GNU Affero General+    Public License, Version 3.0, or any later versions of those+    licenses.++1.13. "Source Code Form"+    means the form of the work preferred for making modifications.++1.14. "You" (or "Your")+    means an individual or a legal entity exercising rights under this+    License. For legal entities, "You" includes any entity that+    controls, is controlled by, or is under common control with You. For+    purposes of this definition, "control" means (a) the power, direct+    or indirect, to cause the direction or management of such entity,+    whether by contract or otherwise, or (b) ownership of more than+    fifty percent (50%) of the outstanding shares or beneficial+    ownership of such entity.++2. License Grants and Conditions+--------------------------------++2.1. Grants++Each Contributor hereby grants You a world-wide, royalty-free,+non-exclusive license:++(a) under intellectual property rights (other than patent or trademark)+    Licensable by such Contributor to use, reproduce, make available,+    modify, display, perform, distribute, and otherwise exploit its+    Contributions, either on an unmodified basis, with Modifications, or+    as part of a Larger Work; and++(b) under Patent Claims of such Contributor to make, use, sell, offer+    for sale, have made, import, and otherwise transfer either its+    Contributions or its Contributor Version.++2.2. Effective Date++The licenses granted in Section 2.1 with respect to any Contribution+become effective for each Contribution on the date the Contributor first+distributes such Contribution.++2.3. Limitations on Grant Scope++The licenses granted in this Section 2 are the only rights granted under+this License. No additional rights or licenses will be implied from the+distribution or licensing of Covered Software under this License.+Notwithstanding Section 2.1(b) above, no patent license is granted by a+Contributor:++(a) for any code that a Contributor has removed from Covered Software;+    or++(b) for infringements caused by: (i) Your and any other third party's+    modifications of Covered Software, or (ii) the combination of its+    Contributions with other software (except as part of its Contributor+    Version); or++(c) under Patent Claims infringed by Covered Software in the absence of+    its Contributions.++This License does not grant any rights in the trademarks, service marks,+or logos of any Contributor (except as may be necessary to comply with+the notice requirements in Section 3.4).++2.4. Subsequent Licenses++No Contributor makes additional grants as a result of Your choice to+distribute the Covered Software under a subsequent version of this+License (see Section 10.2) or under the terms of a Secondary License (if+permitted under the terms of Section 3.3).++2.5. Representation++Each Contributor represents that the Contributor believes its+Contributions are its original creation(s) or it has sufficient rights+to grant the rights to its Contributions conveyed by this License.++2.6. Fair Use++This License is not intended to limit any rights You have under+applicable copyright doctrines of fair use, fair dealing, or other+equivalents.++2.7. Conditions++Sections 3.1, 3.2, 3.3, and 3.4 are conditions of the licenses granted+in Section 2.1.++3. Responsibilities+-------------------++3.1. Distribution of Source Form++All distribution of Covered Software in Source Code Form, including any+Modifications that You create or to which You contribute, must be under+the terms of this License. You must inform recipients that the Source+Code Form of the Covered Software is governed by the terms of this+License, and how they can obtain a copy of this License. You may not+attempt to alter or restrict the recipients' rights in the Source Code+Form.++3.2. Distribution of Executable Form++If You distribute Covered Software in Executable Form then:++(a) such Covered Software must also be made available in Source Code+    Form, as described in Section 3.1, and You must inform recipients of+    the Executable Form how they can obtain a copy of such Source Code+    Form by reasonable means in a timely manner, at a charge no more+    than the cost of distribution to the recipient; and++(b) You may distribute such Executable Form under the terms of this+    License, or sublicense it under different terms, provided that the+    license for the Executable Form does not attempt to limit or alter+    the recipients' rights in the Source Code Form under this License.++3.3. Distribution of a Larger Work++You may create and distribute a Larger Work under terms of Your choice,+provided that You also comply with the requirements of this License for+the Covered Software. If the Larger Work is a combination of Covered+Software with a work governed by one or more Secondary Licenses, and the+Covered Software is not Incompatible With Secondary Licenses, this+License permits You to additionally distribute such Covered Software+under the terms of such Secondary License(s), so that the recipient of+the Larger Work may, at their option, further distribute the Covered+Software under the terms of either this License or such Secondary+License(s).++3.4. Notices++You may not remove or alter the substance of any license notices+(including copyright notices, patent notices, disclaimers of warranty,+or limitations of liability) contained within the Source Code Form of+the Covered Software, except that You may alter any license notices to+the extent required to remedy known factual inaccuracies.++3.5. Application of Additional Terms++You may choose to offer, and to charge a fee for, warranty, support,+indemnity or liability obligations to one or more recipients of Covered+Software. However, You may do so only on Your own behalf, and not on+behalf of any Contributor. You must make it absolutely clear that any+such warranty, support, indemnity, or liability obligation is offered by+You alone, and You hereby agree to indemnify every Contributor for any+liability incurred by such Contributor as a result of warranty, support,+indemnity or liability terms You offer. You may include additional+disclaimers of warranty and limitations of liability specific to any+jurisdiction.++4. Inability to Comply Due to Statute or Regulation+---------------------------------------------------++If it is impossible for You to comply with any of the terms of this+License with respect to some or all of the Covered Software due to+statute, judicial order, or regulation then You must: (a) comply with+the terms of this License to the maximum extent possible; and (b)+describe the limitations and the code they affect. Such description must+be placed in a text file included with all distributions of the Covered+Software under this License. Except to the extent prohibited by statute+or regulation, such description must be sufficiently detailed for a+recipient of ordinary skill to be able to understand it.++5. Termination+--------------++5.1. The rights granted under this License will terminate automatically+if You fail to comply with any of its terms. However, if You become+compliant, then the rights granted under this License from a particular+Contributor are reinstated (a) provisionally, unless and until such+Contributor explicitly and finally terminates Your grants, and (b) on an+ongoing basis, if such Contributor fails to notify You of the+non-compliance by some reasonable means prior to 60 days after You have+come back into compliance. Moreover, Your grants from a particular+Contributor are reinstated on an ongoing basis if such Contributor+notifies You of the non-compliance by some reasonable means, this is the+first time You have received notice of non-compliance with this License+from such Contributor, and You become compliant prior to 30 days after+Your receipt of the notice.++5.2. If You initiate litigation against any entity by asserting a patent+infringement claim (excluding declaratory judgment actions,+counter-claims, and cross-claims) alleging that a Contributor Version+directly or indirectly infringes any patent, then the rights granted to+You by any and all Contributors for the Covered Software under Section+2.1 of this License shall terminate.++5.3. In the event of termination under Sections 5.1 or 5.2 above, all+end user license agreements (excluding distributors and resellers) which+have been validly granted by You or Your distributors under this License+prior to termination shall survive termination.++************************************************************************+*                                                                      *+*  6. Disclaimer of Warranty                                           *+*  -------------------------                                           *+*                                                                      *+*  Covered Software is provided under this License on an "as is"       *+*  basis, without warranty of any kind, either expressed, implied, or  *+*  statutory, including, without limitation, warranties that the       *+*  Covered Software is free of defects, merchantable, fit for a        *+*  particular purpose or non-infringing. The entire risk as to the     *+*  quality and performance of the Covered Software is with You.        *+*  Should any Covered Software prove defective in any respect, You     *+*  (not any Contributor) assume the cost of any necessary servicing,   *+*  repair, or correction. This disclaimer of warranty constitutes an   *+*  essential part of this License. No use of any Covered Software is   *+*  authorized under this License except under this disclaimer.         *+*                                                                      *+************************************************************************++************************************************************************+*                                                                      *+*  7. Limitation of Liability                                          *+*  --------------------------                                          *+*                                                                      *+*  Under no circumstances and under no legal theory, whether tort      *+*  (including negligence), contract, or otherwise, shall any           *+*  Contributor, or anyone who distributes Covered Software as          *+*  permitted above, be liable to You for any direct, indirect,         *+*  special, incidental, or consequential damages of any character      *+*  including, without limitation, damages for lost profits, loss of    *+*  goodwill, work stoppage, computer failure or malfunction, or any    *+*  and all other commercial damages or losses, even if such party      *+*  shall have been informed of the possibility of such damages. This   *+*  limitation of liability shall not apply to liability for death or   *+*  personal injury resulting from such party's negligence to the       *+*  extent applicable law prohibits such limitation. Some               *+*  jurisdictions do not allow the exclusion or limitation of           *+*  incidental or consequential damages, so this exclusion and          *+*  limitation may not apply to You.                                    *+*                                                                      *+************************************************************************++8. Litigation+-------------++Any litigation relating to this License may be brought only in the+courts of a jurisdiction where the defendant maintains its principal+place of business and such litigation shall be governed by laws of that+jurisdiction, without reference to its conflict-of-law provisions.+Nothing in this Section shall prevent a party's ability to bring+cross-claims or counter-claims.++9. Miscellaneous+----------------++This License represents the complete agreement concerning the subject+matter hereof. If any provision of this License is held to be+unenforceable, such provision shall be reformed only to the extent+necessary to make it enforceable. Any law or regulation which provides+that the language of a contract shall be construed against the drafter+shall not be used to construe this License against a Contributor.++10. Versions of the License+---------------------------++10.1. New Versions++Mozilla Foundation is the license steward. Except as provided in Section+10.3, no one other than the license steward has the right to modify or+publish new versions of this License. Each version will be given a+distinguishing version number.++10.2. Effect of New Versions++You may distribute the Covered Software under the terms of the version+of the License under which You originally received the Covered Software,+or under the terms of any subsequent version published by the license+steward.++10.3. Modified Versions++If you create software not governed by this License, and you want to+create a new license for such software, you may create and use a+modified version of this License if you rename the license and remove+any references to the name of the license steward (except to note that+such modified license differs from this License).++10.4. Distributing Source Code Form that is Incompatible With Secondary+Licenses++If You choose to distribute Source Code Form that is Incompatible With+Secondary Licenses under the terms of this version of the License, the+notice described in Exhibit B of this License must be attached.++Exhibit A - Source Code Form License Notice+-------------------------------------------++  This Source Code Form is subject to the terms of the Mozilla Public+  License, v. 2.0. If a copy of the MPL was not distributed with this+  file, You can obtain one at http://mozilla.org/MPL/2.0/.++If it is not possible or desirable to put the notice in a particular+file, then You may include the notice in a location (such as a LICENSE+file in a relevant directory) where a recipient would be likely to look+for such a notice.++You may add additional accurate notices of copyright ownership.
+ README.md view
@@ -0,0 +1,45 @@+# Amazon Certificate Manager Private Certificate Authority SDK++* [Version](#version)+* [Description](#description)+* [Contribute](#contribute)+* [Licence](#licence)+++## Version++`1.6.0`+++## Description++Documentation is available via [Hackage](http://hackage.haskell.org/package/amazonka-certificatemanager-pca)+and the [AWS API Reference](https://aws.amazon.com/documentation/).++The types from this library are intended to be used with [amazonka](http://hackage.haskell.org/package/amazonka),+which provides mechanisms for specifying AuthN/AuthZ information, sending requests,+and receiving responses.++Lenses are used for constructing and manipulating types,+due to the depth of nesting of AWS types and transparency regarding+de/serialisation into more palatable Haskell values.+The provided lenses should be compatible with any of the major lens libraries+[lens](http://hackage.haskell.org/package/lens) or [lens-family-core](http://hackage.haskell.org/package/lens-family-core).++See [Network.AWS.CertificateManagerPCA](http://hackage.haskell.org/package/amazonka-certificatemanager-pca/docs/Network-AWS-CertificateManagerPCA.html)+or [the AWS documentation](https://aws.amazon.com/documentation/) to get started.+++## Contribute++For any problems, comments, or feedback please create an issue [here on GitHub](https://github.com/brendanhay/amazonka/issues).++> _Note:_ this library is an auto-generated Haskell package. Please see `amazonka-gen` for more information.+++## Licence++`amazonka-certificatemanager-pca` is released under the [Mozilla Public License Version 2.0](http://www.mozilla.org/MPL/).++Parts of the code are derived from AWS service descriptions, licensed under Apache 2.0.+Source files subject to this contain an additional licensing clause in their header.
+ Setup.hs view
@@ -0,0 +1,2 @@+import           Distribution.Simple+main = defaultMain
+ amazonka-certificatemanager-pca.cabal view
@@ -0,0 +1,101 @@+name:                  amazonka-certificatemanager-pca+version:               1.6.0+synopsis:              Amazon Certificate Manager Private Certificate Authority SDK.+homepage:              https://github.com/brendanhay/amazonka+bug-reports:           https://github.com/brendanhay/amazonka/issues+license:               MPL-2.0+license-file:          LICENSE+author:                Brendan Hay+maintainer:            Brendan Hay <brendan.g.hay+amazonka@gmail.com>+copyright:             Copyright (c) 2013-2018 Brendan Hay+category:              Network, AWS, Cloud, Distributed Computing+build-type:            Simple+cabal-version:         >= 1.10+extra-source-files:    README.md fixture/*.yaml fixture/*.proto src/.gitkeep+description:+    The types from this library are intended to be used with+    <http://hackage.haskell.org/package/amazonka amazonka>, which provides+    mechanisms for specifying AuthN/AuthZ information, sending requests,+    and receiving responses.+    .+    Lenses are used for constructing and manipulating types,+    due to the depth of nesting of AWS types and transparency regarding+    de/serialisation into more palatable Haskell values.+    The provided lenses should be compatible with any of the major lens libraries+    such as <http://hackage.haskell.org/package/lens lens> or+    <http://hackage.haskell.org/package/lens-family-core lens-family-core>.+    .+    See "Network.AWS.CertificateManagerPCA" or <https://aws.amazon.com/documentation/ the AWS documentation>+    to get started.++source-repository head+    type:              git+    location:          git://github.com/brendanhay/amazonka.git+    subdir:            amazonka-certificatemanager-pca++library+    default-language:  Haskell2010+    hs-source-dirs:    src gen++    ghc-options:+        -Wall+        -fwarn-incomplete-uni-patterns+        -fwarn-incomplete-record-updates+        -funbox-strict-fields++    exposed-modules:+          Network.AWS.CertificateManagerPCA+        , Network.AWS.CertificateManagerPCA.CreateCertificateAuthority+        , Network.AWS.CertificateManagerPCA.CreateCertificateAuthorityAuditReport+        , Network.AWS.CertificateManagerPCA.DeleteCertificateAuthority+        , Network.AWS.CertificateManagerPCA.DescribeCertificateAuthority+        , Network.AWS.CertificateManagerPCA.DescribeCertificateAuthorityAuditReport+        , Network.AWS.CertificateManagerPCA.GetCertificate+        , Network.AWS.CertificateManagerPCA.GetCertificateAuthorityCSR+        , Network.AWS.CertificateManagerPCA.GetCertificateAuthorityCertificate+        , Network.AWS.CertificateManagerPCA.ImportCertificateAuthorityCertificate+        , Network.AWS.CertificateManagerPCA.IssueCertificate+        , Network.AWS.CertificateManagerPCA.ListCertificateAuthorities+        , Network.AWS.CertificateManagerPCA.ListTags+        , Network.AWS.CertificateManagerPCA.RevokeCertificate+        , Network.AWS.CertificateManagerPCA.TagCertificateAuthority+        , Network.AWS.CertificateManagerPCA.Types+        , Network.AWS.CertificateManagerPCA.UntagCertificateAuthority+        , Network.AWS.CertificateManagerPCA.UpdateCertificateAuthority+        , Network.AWS.CertificateManagerPCA.Waiters++    other-modules:+          Network.AWS.CertificateManagerPCA.Types.Product+        , Network.AWS.CertificateManagerPCA.Types.Sum++    build-depends:+          amazonka-core == 1.6.0.*+        , base          >= 4.7     && < 5++test-suite amazonka-certificatemanager-pca-test+    type:              exitcode-stdio-1.0+    default-language:  Haskell2010+    hs-source-dirs:    test+    main-is:           Main.hs++    ghc-options:       -Wall -threaded++    -- This section is encoded by the template and any modules added by+    -- hand outside these namespaces will not correctly be added to the+    -- distribution package.+    other-modules:+          Test.AWS.CertificateManagerPCA+        , Test.AWS.Gen.CertificateManagerPCA+        , Test.AWS.CertificateManagerPCA.Internal++    build-depends:+          amazonka-core == 1.6.0.*+        , amazonka-test == 1.6.0.*+        , amazonka-certificatemanager-pca+        , base+        , bytestring+        , tasty+        , tasty-hunit+        , text+        , time+        , unordered-containers
+ fixture/CreateCertificateAuthority.yaml view
@@ -0,0 +1,10 @@+---+method: POST+headers:+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/acm-pca/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?+  Host:                  acm-pca.us-east-1.amazonaws.com+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8+  X-Amz-Content-SHA256:  abcdef+  X-Amz-Date:            20091028T223200Z+body:+  ''
+ fixture/CreateCertificateAuthorityAuditReport.yaml view
@@ -0,0 +1,10 @@+---+method: POST+headers:+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/acm-pca/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?+  Host:                  acm-pca.us-east-1.amazonaws.com+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8+  X-Amz-Content-SHA256:  abcdef+  X-Amz-Date:            20091028T223200Z+body:+  ''
+ fixture/CreateCertificateAuthorityAuditReportResponse.proto view
+ fixture/CreateCertificateAuthorityResponse.proto view
+ fixture/DeleteCertificateAuthority.yaml view
@@ -0,0 +1,10 @@+---+method: POST+headers:+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/acm-pca/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?+  Host:                  acm-pca.us-east-1.amazonaws.com+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8+  X-Amz-Content-SHA256:  abcdef+  X-Amz-Date:            20091028T223200Z+body:+  ''
+ fixture/DeleteCertificateAuthorityResponse.proto view
+ fixture/DescribeCertificateAuthority.yaml view
@@ -0,0 +1,10 @@+---+method: POST+headers:+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/acm-pca/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?+  Host:                  acm-pca.us-east-1.amazonaws.com+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8+  X-Amz-Content-SHA256:  abcdef+  X-Amz-Date:            20091028T223200Z+body:+  ''
+ fixture/DescribeCertificateAuthorityAuditReport.yaml view
@@ -0,0 +1,10 @@+---+method: POST+headers:+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/acm-pca/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?+  Host:                  acm-pca.us-east-1.amazonaws.com+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8+  X-Amz-Content-SHA256:  abcdef+  X-Amz-Date:            20091028T223200Z+body:+  ''
+ fixture/DescribeCertificateAuthorityAuditReportResponse.proto view
+ fixture/DescribeCertificateAuthorityResponse.proto view
+ fixture/GetCertificate.yaml view
@@ -0,0 +1,10 @@+---+method: POST+headers:+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/acm-pca/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?+  Host:                  acm-pca.us-east-1.amazonaws.com+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8+  X-Amz-Content-SHA256:  abcdef+  X-Amz-Date:            20091028T223200Z+body:+  ''
+ fixture/GetCertificateAuthorityCSR.yaml view
@@ -0,0 +1,10 @@+---+method: POST+headers:+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/acm-pca/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?+  Host:                  acm-pca.us-east-1.amazonaws.com+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8+  X-Amz-Content-SHA256:  abcdef+  X-Amz-Date:            20091028T223200Z+body:+  ''
+ fixture/GetCertificateAuthorityCSRResponse.proto view
+ fixture/GetCertificateAuthorityCertificate.yaml view
@@ -0,0 +1,10 @@+---+method: POST+headers:+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/acm-pca/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?+  Host:                  acm-pca.us-east-1.amazonaws.com+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8+  X-Amz-Content-SHA256:  abcdef+  X-Amz-Date:            20091028T223200Z+body:+  ''
+ fixture/GetCertificateAuthorityCertificateResponse.proto view
+ fixture/GetCertificateResponse.proto view
+ fixture/ImportCertificateAuthorityCertificate.yaml view
@@ -0,0 +1,10 @@+---+method: POST+headers:+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/acm-pca/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?+  Host:                  acm-pca.us-east-1.amazonaws.com+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8+  X-Amz-Content-SHA256:  abcdef+  X-Amz-Date:            20091028T223200Z+body:+  ''
+ fixture/ImportCertificateAuthorityCertificateResponse.proto view
+ fixture/IssueCertificate.yaml view
@@ -0,0 +1,10 @@+---+method: POST+headers:+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/acm-pca/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?+  Host:                  acm-pca.us-east-1.amazonaws.com+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8+  X-Amz-Content-SHA256:  abcdef+  X-Amz-Date:            20091028T223200Z+body:+  ''
+ fixture/IssueCertificateResponse.proto view
+ fixture/ListCertificateAuthorities.yaml view
@@ -0,0 +1,10 @@+---+method: POST+headers:+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/acm-pca/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?+  Host:                  acm-pca.us-east-1.amazonaws.com+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8+  X-Amz-Content-SHA256:  abcdef+  X-Amz-Date:            20091028T223200Z+body:+  ''
+ fixture/ListCertificateAuthoritiesResponse.proto view
+ fixture/ListTags.yaml view
@@ -0,0 +1,10 @@+---+method: POST+headers:+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/acm-pca/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?+  Host:                  acm-pca.us-east-1.amazonaws.com+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8+  X-Amz-Content-SHA256:  abcdef+  X-Amz-Date:            20091028T223200Z+body:+  ''
+ fixture/ListTagsResponse.proto view
+ fixture/RevokeCertificate.yaml view
@@ -0,0 +1,10 @@+---+method: POST+headers:+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/acm-pca/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?+  Host:                  acm-pca.us-east-1.amazonaws.com+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8+  X-Amz-Content-SHA256:  abcdef+  X-Amz-Date:            20091028T223200Z+body:+  ''
+ fixture/RevokeCertificateResponse.proto view
+ fixture/TagCertificateAuthority.yaml view
@@ -0,0 +1,10 @@+---+method: POST+headers:+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/acm-pca/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?+  Host:                  acm-pca.us-east-1.amazonaws.com+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8+  X-Amz-Content-SHA256:  abcdef+  X-Amz-Date:            20091028T223200Z+body:+  ''
+ fixture/TagCertificateAuthorityResponse.proto view
+ fixture/UntagCertificateAuthority.yaml view
@@ -0,0 +1,10 @@+---+method: POST+headers:+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/acm-pca/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?+  Host:                  acm-pca.us-east-1.amazonaws.com+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8+  X-Amz-Content-SHA256:  abcdef+  X-Amz-Date:            20091028T223200Z+body:+  ''
+ fixture/UntagCertificateAuthorityResponse.proto view
+ fixture/UpdateCertificateAuthority.yaml view
@@ -0,0 +1,10 @@+---+method: POST+headers:+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/acm-pca/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?+  Host:                  acm-pca.us-east-1.amazonaws.com+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8+  X-Amz-Content-SHA256:  abcdef+  X-Amz-Date:            20091028T223200Z+body:+  ''
+ fixture/UpdateCertificateAuthorityResponse.proto view
+ gen/Network/AWS/CertificateManagerPCA.hs view
@@ -0,0 +1,275 @@+{-# OPTIONS_GHC -fno-warn-unused-imports    #-}+{-# OPTIONS_GHC -fno-warn-duplicate-exports #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module      : Network.AWS.CertificateManagerPCA+-- Copyright   : (c) 2013-2018 Brendan Hay+-- License     : Mozilla Public License, v. 2.0.+-- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>+-- Stability   : auto-generated+-- Portability : non-portable (GHC extensions)+--+-- You can use the ACM PCA API to create a private certificate authority (CA). You must first call the 'CreateCertificateAuthority' function. If successful, the function returns an Amazon Resource Name (ARN) for your private CA. Use this ARN as input to the 'GetCertificateAuthorityCsr' function to retrieve the certificate signing request (CSR) for your private CA certificate. Sign the CSR using the root or an intermediate CA in your on-premises PKI hierarchy, and call the 'ImportCertificateAuthorityCertificate' to import your signed private CA certificate into ACM PCA.+--+--+-- Use your private CA to issue and revoke certificates. These are private certificates that identify and secure client computers, servers, applications, services, devices, and users over SSLS/TLS connections within your organization. Call the 'IssueCertificate' function to issue a certificate. Call the 'RevokeCertificate' function to revoke a certificate.+--+-- Your private CA can optionally create a certificate revocation list (CRL) to track the certificates you revoke. To create a CRL, you must specify a 'RevocationConfiguration' object when you call the 'CreateCertificateAuthority' function. ACM PCA writes the CRL to an S3 bucket that you specify. You must specify a bucket policy that grants ACM PCA write permission.+--+-- You can also call the 'CreateCertificateAuthorityAuditReport' to create an optional audit report that lists every time the CA private key is used. The private key is used for signing when the __IssueCertificate__ or __RevokeCertificate__ function is called.+--+module Network.AWS.CertificateManagerPCA+    (+    -- * Service Configuration+      certificateManagerPCA++    -- * Errors+    -- $errors++    -- ** InvalidTagException+    , _InvalidTagException++    -- ** MalformedCSRException+    , _MalformedCSRException++    -- ** RequestAlreadyProcessedException+    , _RequestAlreadyProcessedException++    -- ** MalformedCertificateException+    , _MalformedCertificateException++    -- ** RequestFailedException+    , _RequestFailedException++    -- ** CertificateMismatchException+    , _CertificateMismatchException++    -- ** TooManyTagsException+    , _TooManyTagsException++    -- ** InvalidArgsException+    , _InvalidArgsException++    -- ** RequestInProgressException+    , _RequestInProgressException++    -- ** ConcurrentModificationException+    , _ConcurrentModificationException++    -- ** InvalidNextTokenException+    , _InvalidNextTokenException++    -- ** InvalidARNException+    , _InvalidARNException++    -- ** InvalidPolicyException+    , _InvalidPolicyException++    -- ** ResourceNotFoundException+    , _ResourceNotFoundException++    -- ** InvalidStateException+    , _InvalidStateException++    -- ** LimitExceededException+    , _LimitExceededException++    -- * Waiters+    -- $waiters++    -- * Operations+    -- $operations++    -- ** ImportCertificateAuthorityCertificate+    , module Network.AWS.CertificateManagerPCA.ImportCertificateAuthorityCertificate++    -- ** DescribeCertificateAuthorityAuditReport+    , module Network.AWS.CertificateManagerPCA.DescribeCertificateAuthorityAuditReport++    -- ** RevokeCertificate+    , module Network.AWS.CertificateManagerPCA.RevokeCertificate++    -- ** UpdateCertificateAuthority+    , module Network.AWS.CertificateManagerPCA.UpdateCertificateAuthority++    -- ** DeleteCertificateAuthority+    , module Network.AWS.CertificateManagerPCA.DeleteCertificateAuthority++    -- ** GetCertificateAuthorityCSR+    , module Network.AWS.CertificateManagerPCA.GetCertificateAuthorityCSR++    -- ** CreateCertificateAuthority+    , module Network.AWS.CertificateManagerPCA.CreateCertificateAuthority++    -- ** ListCertificateAuthorities+    , module Network.AWS.CertificateManagerPCA.ListCertificateAuthorities++    -- ** GetCertificate+    , module Network.AWS.CertificateManagerPCA.GetCertificate++    -- ** TagCertificateAuthority+    , module Network.AWS.CertificateManagerPCA.TagCertificateAuthority++    -- ** DescribeCertificateAuthority+    , module Network.AWS.CertificateManagerPCA.DescribeCertificateAuthority++    -- ** IssueCertificate+    , module Network.AWS.CertificateManagerPCA.IssueCertificate++    -- ** GetCertificateAuthorityCertificate+    , module Network.AWS.CertificateManagerPCA.GetCertificateAuthorityCertificate++    -- ** UntagCertificateAuthority+    , module Network.AWS.CertificateManagerPCA.UntagCertificateAuthority++    -- ** CreateCertificateAuthorityAuditReport+    , module Network.AWS.CertificateManagerPCA.CreateCertificateAuthorityAuditReport++    -- ** ListTags+    , module Network.AWS.CertificateManagerPCA.ListTags++    -- * Types++    -- ** AuditReportResponseFormat+    , AuditReportResponseFormat (..)++    -- ** AuditReportStatus+    , AuditReportStatus (..)++    -- ** CertificateAuthorityStatus+    , CertificateAuthorityStatus (..)++    -- ** CertificateAuthorityType+    , CertificateAuthorityType (..)++    -- ** FailureReason+    , FailureReason (..)++    -- ** KeyAlgorithm+    , KeyAlgorithm (..)++    -- ** RevocationReason+    , RevocationReason (..)++    -- ** SigningAlgorithm+    , SigningAlgorithm (..)++    -- ** ValidityPeriodType+    , ValidityPeriodType (..)++    -- ** ASN1Subject+    , ASN1Subject+    , asn1Subject+    , asGivenName+    , asState+    , asCommonName+    , asOrganizationalUnit+    , asCountry+    , asGenerationQualifier+    , asLocality+    , asPseudonym+    , asInitials+    , asTitle+    , asOrganization+    , asSerialNumber+    , asSurname+    , asDistinguishedNameQualifier++    -- ** CertificateAuthority+    , CertificateAuthority+    , certificateAuthority+    , caStatus+    , caFailureReason+    , caCertificateAuthorityConfiguration+    , caARN+    , caCreatedAt+    , caSerial+    , caNotBefore+    , caType+    , caRevocationConfiguration+    , caLastStateChangeAt+    , caNotAfter++    -- ** CertificateAuthorityConfiguration+    , CertificateAuthorityConfiguration+    , certificateAuthorityConfiguration+    , cacKeyAlgorithm+    , cacSigningAlgorithm+    , cacSubject++    -- ** CrlConfiguration+    , CrlConfiguration+    , crlConfiguration+    , ccCustomCname+    , ccExpirationInDays+    , ccS3BucketName+    , ccEnabled++    -- ** RevocationConfiguration+    , RevocationConfiguration+    , revocationConfiguration+    , rcCrlConfiguration++    -- ** Tag+    , Tag+    , tag+    , tagValue+    , tagKey++    -- ** Validity+    , Validity+    , validity+    , vValue+    , vType+    ) where++import Network.AWS.CertificateManagerPCA.CreateCertificateAuthority+import Network.AWS.CertificateManagerPCA.CreateCertificateAuthorityAuditReport+import Network.AWS.CertificateManagerPCA.DeleteCertificateAuthority+import Network.AWS.CertificateManagerPCA.DescribeCertificateAuthority+import Network.AWS.CertificateManagerPCA.DescribeCertificateAuthorityAuditReport+import Network.AWS.CertificateManagerPCA.GetCertificate+import Network.AWS.CertificateManagerPCA.GetCertificateAuthorityCertificate+import Network.AWS.CertificateManagerPCA.GetCertificateAuthorityCSR+import Network.AWS.CertificateManagerPCA.ImportCertificateAuthorityCertificate+import Network.AWS.CertificateManagerPCA.IssueCertificate+import Network.AWS.CertificateManagerPCA.ListCertificateAuthorities+import Network.AWS.CertificateManagerPCA.ListTags+import Network.AWS.CertificateManagerPCA.RevokeCertificate+import Network.AWS.CertificateManagerPCA.TagCertificateAuthority+import Network.AWS.CertificateManagerPCA.Types+import Network.AWS.CertificateManagerPCA.UntagCertificateAuthority+import Network.AWS.CertificateManagerPCA.UpdateCertificateAuthority+import Network.AWS.CertificateManagerPCA.Waiters++{- $errors+Error matchers are designed for use with the functions provided by+<http://hackage.haskell.org/package/lens/docs/Control-Exception-Lens.html Control.Exception.Lens>.+This allows catching (and rethrowing) service specific errors returned+by 'CertificateManagerPCA'.+-}++{- $operations+Some AWS operations return results that are incomplete and require subsequent+requests in order to obtain the entire result set. The process of sending+subsequent requests to continue where a previous request left off is called+pagination. For example, the 'ListObjects' operation of Amazon S3 returns up to+1000 objects at a time, and you must send subsequent requests with the+appropriate Marker in order to retrieve the next page of results.++Operations that have an 'AWSPager' instance can transparently perform subsequent+requests, correctly setting Markers and other request facets to iterate through+the entire result set of a truncated API operation. Operations which support+this have an additional note in the documentation.++Many operations have the ability to filter results on the server side. See the+individual operation parameters for details.+-}++{- $waiters+Waiters poll by repeatedly sending a request until some remote success condition+configured by the 'Wait' specification is fulfilled. The 'Wait' specification+determines how many attempts should be made, in addition to delay and retry strategies.+-}
+ gen/Network/AWS/CertificateManagerPCA/CreateCertificateAuthority.hs view
@@ -0,0 +1,178 @@+{-# LANGUAGE DeriveDataTypeable #-}+{-# LANGUAGE DeriveGeneric      #-}+{-# LANGUAGE OverloadedStrings  #-}+{-# LANGUAGE RecordWildCards    #-}+{-# LANGUAGE TypeFamilies       #-}++{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-binds   #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module      : Network.AWS.CertificateManagerPCA.CreateCertificateAuthority+-- Copyright   : (c) 2013-2018 Brendan Hay+-- License     : Mozilla Public License, v. 2.0.+-- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>+-- Stability   : auto-generated+-- Portability : non-portable (GHC extensions)+--+-- Creates a private subordinate certificate authority (CA). You must specify the CA configuration, the revocation configuration, the CA type, and an optional idempotency token. The CA configuration specifies the name of the algorithm and key size to be used to create the CA private key, the type of signing algorithm that the CA uses to sign, and X.500 subject information. The CRL (certificate revocation list) configuration specifies the CRL expiration period in days (the validity period of the CRL), the Amazon S3 bucket that will contain the CRL, and a CNAME alias for the S3 bucket that is included in certificates issued by the CA. If successful, this function returns the Amazon Resource Name (ARN) of the CA.+--+--+module Network.AWS.CertificateManagerPCA.CreateCertificateAuthority+    (+    -- * Creating a Request+      createCertificateAuthority+    , CreateCertificateAuthority+    -- * Request Lenses+    , ccaIdempotencyToken+    , ccaRevocationConfiguration+    , ccaCertificateAuthorityConfiguration+    , ccaCertificateAuthorityType++    -- * Destructuring the Response+    , createCertificateAuthorityResponse+    , CreateCertificateAuthorityResponse+    -- * Response Lenses+    , ccarsCertificateAuthorityARN+    , ccarsResponseStatus+    ) where++import Network.AWS.CertificateManagerPCA.Types+import Network.AWS.CertificateManagerPCA.Types.Product+import Network.AWS.Lens+import Network.AWS.Prelude+import Network.AWS.Request+import Network.AWS.Response++-- | /See:/ 'createCertificateAuthority' smart constructor.+data CreateCertificateAuthority = CreateCertificateAuthority'+  { _ccaIdempotencyToken                  :: !(Maybe Text)+  , _ccaRevocationConfiguration           :: !(Maybe RevocationConfiguration)+  , _ccaCertificateAuthorityConfiguration :: !CertificateAuthorityConfiguration+  , _ccaCertificateAuthorityType          :: !CertificateAuthorityType+  } deriving (Eq, Read, Show, Data, Typeable, Generic)+++-- | Creates a value of 'CreateCertificateAuthority' with the minimum fields required to make a request.+--+-- Use one of the following lenses to modify other fields as desired:+--+-- * 'ccaIdempotencyToken' - Alphanumeric string that can be used to distinguish between calls to __CreateCertificateAuthority__ . Idempotency tokens time out after five minutes. Therefore, if you call __CreateCertificateAuthority__ multiple times with the same idempotency token within a five minute period, ACM PCA recognizes that you are requesting only one certificate and will issue only one. If you change the idempotency token for each call, however, ACM PCA recognizes that you are requesting multiple certificates.+--+-- * 'ccaRevocationConfiguration' - Contains a Boolean value that you can use to enable a certification revocation list (CRL) for the CA, the name of the S3 bucket to which ACM PCA will write the CRL, and an optional CNAME alias that you can use to hide the name of your bucket in the __CRL Distribution Points__ extension of your CA certificate. For more information, see the 'CrlConfiguration' structure.+--+-- * 'ccaCertificateAuthorityConfiguration' - Name and bit size of the private key algorithm, the name of the signing algorithm, and X.500 certificate subject information.+--+-- * 'ccaCertificateAuthorityType' - The type of the certificate authority. Currently, this must be __SUBORDINATE__ .+createCertificateAuthority+    :: CertificateAuthorityConfiguration -- ^ 'ccaCertificateAuthorityConfiguration'+    -> CertificateAuthorityType -- ^ 'ccaCertificateAuthorityType'+    -> CreateCertificateAuthority+createCertificateAuthority pCertificateAuthorityConfiguration_ pCertificateAuthorityType_ =+  CreateCertificateAuthority'+    { _ccaIdempotencyToken = Nothing+    , _ccaRevocationConfiguration = Nothing+    , _ccaCertificateAuthorityConfiguration =+        pCertificateAuthorityConfiguration_+    , _ccaCertificateAuthorityType = pCertificateAuthorityType_+    }+++-- | Alphanumeric string that can be used to distinguish between calls to __CreateCertificateAuthority__ . Idempotency tokens time out after five minutes. Therefore, if you call __CreateCertificateAuthority__ multiple times with the same idempotency token within a five minute period, ACM PCA recognizes that you are requesting only one certificate and will issue only one. If you change the idempotency token for each call, however, ACM PCA recognizes that you are requesting multiple certificates.+ccaIdempotencyToken :: Lens' CreateCertificateAuthority (Maybe Text)+ccaIdempotencyToken = lens _ccaIdempotencyToken (\ s a -> s{_ccaIdempotencyToken = a})++-- | Contains a Boolean value that you can use to enable a certification revocation list (CRL) for the CA, the name of the S3 bucket to which ACM PCA will write the CRL, and an optional CNAME alias that you can use to hide the name of your bucket in the __CRL Distribution Points__ extension of your CA certificate. For more information, see the 'CrlConfiguration' structure.+ccaRevocationConfiguration :: Lens' CreateCertificateAuthority (Maybe RevocationConfiguration)+ccaRevocationConfiguration = lens _ccaRevocationConfiguration (\ s a -> s{_ccaRevocationConfiguration = a})++-- | Name and bit size of the private key algorithm, the name of the signing algorithm, and X.500 certificate subject information.+ccaCertificateAuthorityConfiguration :: Lens' CreateCertificateAuthority CertificateAuthorityConfiguration+ccaCertificateAuthorityConfiguration = lens _ccaCertificateAuthorityConfiguration (\ s a -> s{_ccaCertificateAuthorityConfiguration = a})++-- | The type of the certificate authority. Currently, this must be __SUBORDINATE__ .+ccaCertificateAuthorityType :: Lens' CreateCertificateAuthority CertificateAuthorityType+ccaCertificateAuthorityType = lens _ccaCertificateAuthorityType (\ s a -> s{_ccaCertificateAuthorityType = a})++instance AWSRequest CreateCertificateAuthority where+        type Rs CreateCertificateAuthority =+             CreateCertificateAuthorityResponse+        request = postJSON certificateManagerPCA+        response+          = receiveJSON+              (\ s h x ->+                 CreateCertificateAuthorityResponse' <$>+                   (x .?> "CertificateAuthorityArn") <*>+                     (pure (fromEnum s)))++instance Hashable CreateCertificateAuthority where++instance NFData CreateCertificateAuthority where++instance ToHeaders CreateCertificateAuthority where+        toHeaders+          = const+              (mconcat+                 ["X-Amz-Target" =#+                    ("ACMPrivateCA.CreateCertificateAuthority" ::+                       ByteString),+                  "Content-Type" =#+                    ("application/x-amz-json-1.1" :: ByteString)])++instance ToJSON CreateCertificateAuthority where+        toJSON CreateCertificateAuthority'{..}+          = object+              (catMaybes+                 [("IdempotencyToken" .=) <$> _ccaIdempotencyToken,+                  ("RevocationConfiguration" .=) <$>+                    _ccaRevocationConfiguration,+                  Just+                    ("CertificateAuthorityConfiguration" .=+                       _ccaCertificateAuthorityConfiguration),+                  Just+                    ("CertificateAuthorityType" .=+                       _ccaCertificateAuthorityType)])++instance ToPath CreateCertificateAuthority where+        toPath = const "/"++instance ToQuery CreateCertificateAuthority where+        toQuery = const mempty++-- | /See:/ 'createCertificateAuthorityResponse' smart constructor.+data CreateCertificateAuthorityResponse = CreateCertificateAuthorityResponse'+  { _ccarsCertificateAuthorityARN :: !(Maybe Text)+  , _ccarsResponseStatus          :: !Int+  } deriving (Eq, Read, Show, Data, Typeable, Generic)+++-- | Creates a value of 'CreateCertificateAuthorityResponse' with the minimum fields required to make a request.+--+-- Use one of the following lenses to modify other fields as desired:+--+-- * 'ccarsCertificateAuthorityARN' - If successful, the Amazon Resource Name (ARN) of the certificate authority (CA). This is of the form:  @arn:aws:acm:/region/ :/account/ :certificate-authority//12345678-1234-1234-1234-123456789012/ @ .+--+-- * 'ccarsResponseStatus' - -- | The response status code.+createCertificateAuthorityResponse+    :: Int -- ^ 'ccarsResponseStatus'+    -> CreateCertificateAuthorityResponse+createCertificateAuthorityResponse pResponseStatus_ =+  CreateCertificateAuthorityResponse'+    { _ccarsCertificateAuthorityARN = Nothing+    , _ccarsResponseStatus = pResponseStatus_+    }+++-- | If successful, the Amazon Resource Name (ARN) of the certificate authority (CA). This is of the form:  @arn:aws:acm:/region/ :/account/ :certificate-authority//12345678-1234-1234-1234-123456789012/ @ .+ccarsCertificateAuthorityARN :: Lens' CreateCertificateAuthorityResponse (Maybe Text)+ccarsCertificateAuthorityARN = lens _ccarsCertificateAuthorityARN (\ s a -> s{_ccarsCertificateAuthorityARN = a})++-- | -- | The response status code.+ccarsResponseStatus :: Lens' CreateCertificateAuthorityResponse Int+ccarsResponseStatus = lens _ccarsResponseStatus (\ s a -> s{_ccarsResponseStatus = a})++instance NFData CreateCertificateAuthorityResponse+         where
+ gen/Network/AWS/CertificateManagerPCA/CreateCertificateAuthorityAuditReport.hs view
@@ -0,0 +1,188 @@+{-# LANGUAGE DeriveDataTypeable #-}+{-# LANGUAGE DeriveGeneric      #-}+{-# LANGUAGE OverloadedStrings  #-}+{-# LANGUAGE RecordWildCards    #-}+{-# LANGUAGE TypeFamilies       #-}++{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-binds   #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module      : Network.AWS.CertificateManagerPCA.CreateCertificateAuthorityAuditReport+-- Copyright   : (c) 2013-2018 Brendan Hay+-- License     : Mozilla Public License, v. 2.0.+-- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>+-- Stability   : auto-generated+-- Portability : non-portable (GHC extensions)+--+-- Creates an audit report that lists every time that the your CA private key is used. The report is saved in the Amazon S3 bucket that you specify on input. The 'IssueCertificate' and 'RevokeCertificate' functions use the private key. You can generate a new report every 30 minutes.+--+--+module Network.AWS.CertificateManagerPCA.CreateCertificateAuthorityAuditReport+    (+    -- * Creating a Request+      createCertificateAuthorityAuditReport+    , CreateCertificateAuthorityAuditReport+    -- * Request Lenses+    , ccaarCertificateAuthorityARN+    , ccaarS3BucketName+    , ccaarAuditReportResponseFormat++    -- * Destructuring the Response+    , createCertificateAuthorityAuditReportResponse+    , CreateCertificateAuthorityAuditReportResponse+    -- * Response Lenses+    , ccaarrsS3Key+    , ccaarrsAuditReportId+    , ccaarrsResponseStatus+    ) where++import Network.AWS.CertificateManagerPCA.Types+import Network.AWS.CertificateManagerPCA.Types.Product+import Network.AWS.Lens+import Network.AWS.Prelude+import Network.AWS.Request+import Network.AWS.Response++-- | /See:/ 'createCertificateAuthorityAuditReport' smart constructor.+data CreateCertificateAuthorityAuditReport = CreateCertificateAuthorityAuditReport'+  { _ccaarCertificateAuthorityARN   :: !Text+  , _ccaarS3BucketName              :: !Text+  , _ccaarAuditReportResponseFormat :: !AuditReportResponseFormat+  } deriving (Eq, Read, Show, Data, Typeable, Generic)+++-- | Creates a value of 'CreateCertificateAuthorityAuditReport' with the minimum fields required to make a request.+--+-- Use one of the following lenses to modify other fields as desired:+--+-- * 'ccaarCertificateAuthorityARN' - Amazon Resource Name (ARN) of the CA to be audited. This is of the form: @arn:aws:acm:/region/ :/account/ :certificate-authority//12345678-1234-1234-1234-123456789012/ @ .+--+-- * 'ccaarS3BucketName' - Name of the S3 bucket that will contain the audit report.+--+-- * 'ccaarAuditReportResponseFormat' - Format in which to create the report. This can be either __JSON__ or __CSV__ .+createCertificateAuthorityAuditReport+    :: Text -- ^ 'ccaarCertificateAuthorityARN'+    -> Text -- ^ 'ccaarS3BucketName'+    -> AuditReportResponseFormat -- ^ 'ccaarAuditReportResponseFormat'+    -> CreateCertificateAuthorityAuditReport+createCertificateAuthorityAuditReport pCertificateAuthorityARN_ pS3BucketName_ pAuditReportResponseFormat_ =+  CreateCertificateAuthorityAuditReport'+    { _ccaarCertificateAuthorityARN = pCertificateAuthorityARN_+    , _ccaarS3BucketName = pS3BucketName_+    , _ccaarAuditReportResponseFormat = pAuditReportResponseFormat_+    }+++-- | Amazon Resource Name (ARN) of the CA to be audited. This is of the form: @arn:aws:acm:/region/ :/account/ :certificate-authority//12345678-1234-1234-1234-123456789012/ @ .+ccaarCertificateAuthorityARN :: Lens' CreateCertificateAuthorityAuditReport Text+ccaarCertificateAuthorityARN = lens _ccaarCertificateAuthorityARN (\ s a -> s{_ccaarCertificateAuthorityARN = a})++-- | Name of the S3 bucket that will contain the audit report.+ccaarS3BucketName :: Lens' CreateCertificateAuthorityAuditReport Text+ccaarS3BucketName = lens _ccaarS3BucketName (\ s a -> s{_ccaarS3BucketName = a})++-- | Format in which to create the report. This can be either __JSON__ or __CSV__ .+ccaarAuditReportResponseFormat :: Lens' CreateCertificateAuthorityAuditReport AuditReportResponseFormat+ccaarAuditReportResponseFormat = lens _ccaarAuditReportResponseFormat (\ s a -> s{_ccaarAuditReportResponseFormat = a})++instance AWSRequest+           CreateCertificateAuthorityAuditReport+         where+        type Rs CreateCertificateAuthorityAuditReport =+             CreateCertificateAuthorityAuditReportResponse+        request = postJSON certificateManagerPCA+        response+          = receiveJSON+              (\ s h x ->+                 CreateCertificateAuthorityAuditReportResponse' <$>+                   (x .?> "S3Key") <*> (x .?> "AuditReportId") <*>+                     (pure (fromEnum s)))++instance Hashable+           CreateCertificateAuthorityAuditReport+         where++instance NFData CreateCertificateAuthorityAuditReport+         where++instance ToHeaders+           CreateCertificateAuthorityAuditReport+         where+        toHeaders+          = const+              (mconcat+                 ["X-Amz-Target" =#+                    ("ACMPrivateCA.CreateCertificateAuthorityAuditReport"+                       :: ByteString),+                  "Content-Type" =#+                    ("application/x-amz-json-1.1" :: ByteString)])++instance ToJSON CreateCertificateAuthorityAuditReport+         where+        toJSON CreateCertificateAuthorityAuditReport'{..}+          = object+              (catMaybes+                 [Just+                    ("CertificateAuthorityArn" .=+                       _ccaarCertificateAuthorityARN),+                  Just ("S3BucketName" .= _ccaarS3BucketName),+                  Just+                    ("AuditReportResponseFormat" .=+                       _ccaarAuditReportResponseFormat)])++instance ToPath CreateCertificateAuthorityAuditReport+         where+        toPath = const "/"++instance ToQuery+           CreateCertificateAuthorityAuditReport+         where+        toQuery = const mempty++-- | /See:/ 'createCertificateAuthorityAuditReportResponse' smart constructor.+data CreateCertificateAuthorityAuditReportResponse = CreateCertificateAuthorityAuditReportResponse'+  { _ccaarrsS3Key          :: !(Maybe Text)+  , _ccaarrsAuditReportId  :: !(Maybe Text)+  , _ccaarrsResponseStatus :: !Int+  } deriving (Eq, Read, Show, Data, Typeable, Generic)+++-- | Creates a value of 'CreateCertificateAuthorityAuditReportResponse' with the minimum fields required to make a request.+--+-- Use one of the following lenses to modify other fields as desired:+--+-- * 'ccaarrsS3Key' - The __key__ that uniquely identifies the report file in your S3 bucket.+--+-- * 'ccaarrsAuditReportId' - An alphanumeric string that contains a report identifier.+--+-- * 'ccaarrsResponseStatus' - -- | The response status code.+createCertificateAuthorityAuditReportResponse+    :: Int -- ^ 'ccaarrsResponseStatus'+    -> CreateCertificateAuthorityAuditReportResponse+createCertificateAuthorityAuditReportResponse pResponseStatus_ =+  CreateCertificateAuthorityAuditReportResponse'+    { _ccaarrsS3Key = Nothing+    , _ccaarrsAuditReportId = Nothing+    , _ccaarrsResponseStatus = pResponseStatus_+    }+++-- | The __key__ that uniquely identifies the report file in your S3 bucket.+ccaarrsS3Key :: Lens' CreateCertificateAuthorityAuditReportResponse (Maybe Text)+ccaarrsS3Key = lens _ccaarrsS3Key (\ s a -> s{_ccaarrsS3Key = a})++-- | An alphanumeric string that contains a report identifier.+ccaarrsAuditReportId :: Lens' CreateCertificateAuthorityAuditReportResponse (Maybe Text)+ccaarrsAuditReportId = lens _ccaarrsAuditReportId (\ s a -> s{_ccaarrsAuditReportId = a})++-- | -- | The response status code.+ccaarrsResponseStatus :: Lens' CreateCertificateAuthorityAuditReportResponse Int+ccaarrsResponseStatus = lens _ccaarrsResponseStatus (\ s a -> s{_ccaarrsResponseStatus = a})++instance NFData+           CreateCertificateAuthorityAuditReportResponse+         where
+ gen/Network/AWS/CertificateManagerPCA/DeleteCertificateAuthority.hs view
@@ -0,0 +1,116 @@+{-# LANGUAGE DeriveDataTypeable #-}+{-# LANGUAGE DeriveGeneric      #-}+{-# LANGUAGE OverloadedStrings  #-}+{-# LANGUAGE RecordWildCards    #-}+{-# LANGUAGE TypeFamilies       #-}++{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-binds   #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module      : Network.AWS.CertificateManagerPCA.DeleteCertificateAuthority+-- Copyright   : (c) 2013-2018 Brendan Hay+-- License     : Mozilla Public License, v. 2.0.+-- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>+-- Stability   : auto-generated+-- Portability : non-portable (GHC extensions)+--+-- Deletes the private certificate authority (CA) that you created or started to create by calling the 'CreateCertificateAuthority' function. This action requires that you enter an ARN (Amazon Resource Name) for the private CA that you want to delete. You can find the ARN by calling the 'ListCertificateAuthorities' function. You can delete the CA if you are waiting for it to be created (the __Status__ field of the 'CertificateAuthority' is @CREATING@ ) or if the CA has been created but you haven't yet imported the signed certificate (the __Status__ is @PENDING_CERTIFICATE@ ) into ACM PCA. If you've already imported the certificate, you cannot delete the CA unless it has been disabled for more than 30 days. To disable a CA, call the 'UpdateCertificateAuthority' function and set the __CertificateAuthorityStatus__ argument to @DISABLED@ .+--+--+module Network.AWS.CertificateManagerPCA.DeleteCertificateAuthority+    (+    -- * Creating a Request+      deleteCertificateAuthority+    , DeleteCertificateAuthority+    -- * Request Lenses+    , dcaCertificateAuthorityARN++    -- * Destructuring the Response+    , deleteCertificateAuthorityResponse+    , DeleteCertificateAuthorityResponse+    ) where++import Network.AWS.CertificateManagerPCA.Types+import Network.AWS.CertificateManagerPCA.Types.Product+import Network.AWS.Lens+import Network.AWS.Prelude+import Network.AWS.Request+import Network.AWS.Response++-- | /See:/ 'deleteCertificateAuthority' smart constructor.+newtype DeleteCertificateAuthority = DeleteCertificateAuthority'+  { _dcaCertificateAuthorityARN :: Text+  } deriving (Eq, Read, Show, Data, Typeable, Generic)+++-- | Creates a value of 'DeleteCertificateAuthority' with the minimum fields required to make a request.+--+-- Use one of the following lenses to modify other fields as desired:+--+-- * 'dcaCertificateAuthorityARN' - The Amazon Resource Name (ARN) that was returned when you called 'CreateCertificateAuthority' . This must be of the form:  @arn:aws:acm:/region/ :/account/ :certificate-authority//12345678-1234-1234-1234-123456789012/ @ .+deleteCertificateAuthority+    :: Text -- ^ 'dcaCertificateAuthorityARN'+    -> DeleteCertificateAuthority+deleteCertificateAuthority pCertificateAuthorityARN_ =+  DeleteCertificateAuthority'+    {_dcaCertificateAuthorityARN = pCertificateAuthorityARN_}+++-- | The Amazon Resource Name (ARN) that was returned when you called 'CreateCertificateAuthority' . This must be of the form:  @arn:aws:acm:/region/ :/account/ :certificate-authority//12345678-1234-1234-1234-123456789012/ @ .+dcaCertificateAuthorityARN :: Lens' DeleteCertificateAuthority Text+dcaCertificateAuthorityARN = lens _dcaCertificateAuthorityARN (\ s a -> s{_dcaCertificateAuthorityARN = a})++instance AWSRequest DeleteCertificateAuthority where+        type Rs DeleteCertificateAuthority =+             DeleteCertificateAuthorityResponse+        request = postJSON certificateManagerPCA+        response+          = receiveNull DeleteCertificateAuthorityResponse'++instance Hashable DeleteCertificateAuthority where++instance NFData DeleteCertificateAuthority where++instance ToHeaders DeleteCertificateAuthority where+        toHeaders+          = const+              (mconcat+                 ["X-Amz-Target" =#+                    ("ACMPrivateCA.DeleteCertificateAuthority" ::+                       ByteString),+                  "Content-Type" =#+                    ("application/x-amz-json-1.1" :: ByteString)])++instance ToJSON DeleteCertificateAuthority where+        toJSON DeleteCertificateAuthority'{..}+          = object+              (catMaybes+                 [Just+                    ("CertificateAuthorityArn" .=+                       _dcaCertificateAuthorityARN)])++instance ToPath DeleteCertificateAuthority where+        toPath = const "/"++instance ToQuery DeleteCertificateAuthority where+        toQuery = const mempty++-- | /See:/ 'deleteCertificateAuthorityResponse' smart constructor.+data DeleteCertificateAuthorityResponse =+  DeleteCertificateAuthorityResponse'+  deriving (Eq, Read, Show, Data, Typeable, Generic)+++-- | Creates a value of 'DeleteCertificateAuthorityResponse' with the minimum fields required to make a request.+--+deleteCertificateAuthorityResponse+    :: DeleteCertificateAuthorityResponse+deleteCertificateAuthorityResponse = DeleteCertificateAuthorityResponse'+++instance NFData DeleteCertificateAuthorityResponse+         where
+ gen/Network/AWS/CertificateManagerPCA/DescribeCertificateAuthority.hs view
@@ -0,0 +1,157 @@+{-# LANGUAGE DeriveDataTypeable #-}+{-# LANGUAGE DeriveGeneric      #-}+{-# LANGUAGE OverloadedStrings  #-}+{-# LANGUAGE RecordWildCards    #-}+{-# LANGUAGE TypeFamilies       #-}++{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-binds   #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module      : Network.AWS.CertificateManagerPCA.DescribeCertificateAuthority+-- Copyright   : (c) 2013-2018 Brendan Hay+-- License     : Mozilla Public License, v. 2.0.+-- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>+-- Stability   : auto-generated+-- Portability : non-portable (GHC extensions)+--+-- Lists information about your private certificate authority (CA). You specify the private CA on input by its ARN (Amazon Resource Name). The output contains the status of your CA. This can be any of the following:+--+--+--     * __CREATING:__ ACM PCA is creating your private certificate authority.+--+--     * __PENDING_CERTIFICATE:__ The certificate is pending. You must use your on-premises root or subordinate CA to sign your private CA CSR and then import it into PCA.+--+--     * __ACTIVE:__ Your private CA is active.+--+--     * __DISABLED:__ Your private CA has been disabled.+--+--     * __EXPIRED:__ Your private CA certificate has expired.+--+--     * __FAILED:__ Your private CA has failed. Your CA can fail for problems such a network outage or backend AWS failure or other errors. A failed CA can never return to the pending state. You must create a new CA.+--+--+--+module Network.AWS.CertificateManagerPCA.DescribeCertificateAuthority+    (+    -- * Creating a Request+      describeCertificateAuthority+    , DescribeCertificateAuthority+    -- * Request Lenses+    , dCertificateAuthorityARN++    -- * Destructuring the Response+    , describeCertificateAuthorityResponse+    , DescribeCertificateAuthorityResponse+    -- * Response Lenses+    , dcarsCertificateAuthority+    , dcarsResponseStatus+    ) where++import Network.AWS.CertificateManagerPCA.Types+import Network.AWS.CertificateManagerPCA.Types.Product+import Network.AWS.Lens+import Network.AWS.Prelude+import Network.AWS.Request+import Network.AWS.Response++-- | /See:/ 'describeCertificateAuthority' smart constructor.+newtype DescribeCertificateAuthority = DescribeCertificateAuthority'+  { _dCertificateAuthorityARN :: Text+  } deriving (Eq, Read, Show, Data, Typeable, Generic)+++-- | Creates a value of 'DescribeCertificateAuthority' with the minimum fields required to make a request.+--+-- Use one of the following lenses to modify other fields as desired:+--+-- * 'dCertificateAuthorityARN' - The Amazon Resource Name (ARN) that was returned when you called 'CreateCertificateAuthority' . This must be of the form:  @arn:aws:acm:/region/ :/account/ :certificate-authority//12345678-1234-1234-1234-123456789012/ @ .+describeCertificateAuthority+    :: Text -- ^ 'dCertificateAuthorityARN'+    -> DescribeCertificateAuthority+describeCertificateAuthority pCertificateAuthorityARN_ =+  DescribeCertificateAuthority'+    {_dCertificateAuthorityARN = pCertificateAuthorityARN_}+++-- | The Amazon Resource Name (ARN) that was returned when you called 'CreateCertificateAuthority' . This must be of the form:  @arn:aws:acm:/region/ :/account/ :certificate-authority//12345678-1234-1234-1234-123456789012/ @ .+dCertificateAuthorityARN :: Lens' DescribeCertificateAuthority Text+dCertificateAuthorityARN = lens _dCertificateAuthorityARN (\ s a -> s{_dCertificateAuthorityARN = a})++instance AWSRequest DescribeCertificateAuthority+         where+        type Rs DescribeCertificateAuthority =+             DescribeCertificateAuthorityResponse+        request = postJSON certificateManagerPCA+        response+          = receiveJSON+              (\ s h x ->+                 DescribeCertificateAuthorityResponse' <$>+                   (x .?> "CertificateAuthority") <*>+                     (pure (fromEnum s)))++instance Hashable DescribeCertificateAuthority where++instance NFData DescribeCertificateAuthority where++instance ToHeaders DescribeCertificateAuthority where+        toHeaders+          = const+              (mconcat+                 ["X-Amz-Target" =#+                    ("ACMPrivateCA.DescribeCertificateAuthority" ::+                       ByteString),+                  "Content-Type" =#+                    ("application/x-amz-json-1.1" :: ByteString)])++instance ToJSON DescribeCertificateAuthority where+        toJSON DescribeCertificateAuthority'{..}+          = object+              (catMaybes+                 [Just+                    ("CertificateAuthorityArn" .=+                       _dCertificateAuthorityARN)])++instance ToPath DescribeCertificateAuthority where+        toPath = const "/"++instance ToQuery DescribeCertificateAuthority where+        toQuery = const mempty++-- | /See:/ 'describeCertificateAuthorityResponse' smart constructor.+data DescribeCertificateAuthorityResponse = DescribeCertificateAuthorityResponse'+  { _dcarsCertificateAuthority :: !(Maybe CertificateAuthority)+  , _dcarsResponseStatus       :: !Int+  } deriving (Eq, Read, Show, Data, Typeable, Generic)+++-- | Creates a value of 'DescribeCertificateAuthorityResponse' with the minimum fields required to make a request.+--+-- Use one of the following lenses to modify other fields as desired:+--+-- * 'dcarsCertificateAuthority' - A 'CertificateAuthority' structure that contains information about your private CA.+--+-- * 'dcarsResponseStatus' - -- | The response status code.+describeCertificateAuthorityResponse+    :: Int -- ^ 'dcarsResponseStatus'+    -> DescribeCertificateAuthorityResponse+describeCertificateAuthorityResponse pResponseStatus_ =+  DescribeCertificateAuthorityResponse'+    { _dcarsCertificateAuthority = Nothing+    , _dcarsResponseStatus = pResponseStatus_+    }+++-- | A 'CertificateAuthority' structure that contains information about your private CA.+dcarsCertificateAuthority :: Lens' DescribeCertificateAuthorityResponse (Maybe CertificateAuthority)+dcarsCertificateAuthority = lens _dcarsCertificateAuthority (\ s a -> s{_dcarsCertificateAuthority = a})++-- | -- | The response status code.+dcarsResponseStatus :: Lens' DescribeCertificateAuthorityResponse Int+dcarsResponseStatus = lens _dcarsResponseStatus (\ s a -> s{_dcarsResponseStatus = a})++instance NFData DescribeCertificateAuthorityResponse+         where
+ gen/Network/AWS/CertificateManagerPCA/DescribeCertificateAuthorityAuditReport.hs view
@@ -0,0 +1,198 @@+{-# LANGUAGE DeriveDataTypeable #-}+{-# LANGUAGE DeriveGeneric      #-}+{-# LANGUAGE OverloadedStrings  #-}+{-# LANGUAGE RecordWildCards    #-}+{-# LANGUAGE TypeFamilies       #-}++{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-binds   #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module      : Network.AWS.CertificateManagerPCA.DescribeCertificateAuthorityAuditReport+-- Copyright   : (c) 2013-2018 Brendan Hay+-- License     : Mozilla Public License, v. 2.0.+-- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>+-- Stability   : auto-generated+-- Portability : non-portable (GHC extensions)+--+-- Lists information about a specific audit report created by calling the 'CreateCertificateAuthorityAuditReport' function. Audit information is created every time the certificate authority (CA) private key is used. The private key is used when you call the 'IssueCertificate' function or the 'RevokeCertificate' function.+--+--+module Network.AWS.CertificateManagerPCA.DescribeCertificateAuthorityAuditReport+    (+    -- * Creating a Request+      describeCertificateAuthorityAuditReport+    , DescribeCertificateAuthorityAuditReport+    -- * Request Lenses+    , dcaarCertificateAuthorityARN+    , dcaarAuditReportId++    -- * Destructuring the Response+    , describeCertificateAuthorityAuditReportResponse+    , DescribeCertificateAuthorityAuditReportResponse+    -- * Response Lenses+    , dcaarrsS3Key+    , dcaarrsCreatedAt+    , dcaarrsAuditReportStatus+    , dcaarrsS3BucketName+    , dcaarrsResponseStatus+    ) where++import Network.AWS.CertificateManagerPCA.Types+import Network.AWS.CertificateManagerPCA.Types.Product+import Network.AWS.Lens+import Network.AWS.Prelude+import Network.AWS.Request+import Network.AWS.Response++-- | /See:/ 'describeCertificateAuthorityAuditReport' smart constructor.+data DescribeCertificateAuthorityAuditReport = DescribeCertificateAuthorityAuditReport'+  { _dcaarCertificateAuthorityARN :: !Text+  , _dcaarAuditReportId           :: !Text+  } deriving (Eq, Read, Show, Data, Typeable, Generic)+++-- | Creates a value of 'DescribeCertificateAuthorityAuditReport' with the minimum fields required to make a request.+--+-- Use one of the following lenses to modify other fields as desired:+--+-- * 'dcaarCertificateAuthorityARN' - The Amazon Resource Name (ARN) of the private CA. This must be of the form: @arn:aws:acm:/region/ :/account/ :certificate-authority//12345678-1234-1234-1234-123456789012/ @ .+--+-- * 'dcaarAuditReportId' - The report ID returned by calling the 'CreateCertificateAuthorityAuditReport' function.+describeCertificateAuthorityAuditReport+    :: Text -- ^ 'dcaarCertificateAuthorityARN'+    -> Text -- ^ 'dcaarAuditReportId'+    -> DescribeCertificateAuthorityAuditReport+describeCertificateAuthorityAuditReport pCertificateAuthorityARN_ pAuditReportId_ =+  DescribeCertificateAuthorityAuditReport'+    { _dcaarCertificateAuthorityARN = pCertificateAuthorityARN_+    , _dcaarAuditReportId = pAuditReportId_+    }+++-- | The Amazon Resource Name (ARN) of the private CA. This must be of the form: @arn:aws:acm:/region/ :/account/ :certificate-authority//12345678-1234-1234-1234-123456789012/ @ .+dcaarCertificateAuthorityARN :: Lens' DescribeCertificateAuthorityAuditReport Text+dcaarCertificateAuthorityARN = lens _dcaarCertificateAuthorityARN (\ s a -> s{_dcaarCertificateAuthorityARN = a})++-- | The report ID returned by calling the 'CreateCertificateAuthorityAuditReport' function.+dcaarAuditReportId :: Lens' DescribeCertificateAuthorityAuditReport Text+dcaarAuditReportId = lens _dcaarAuditReportId (\ s a -> s{_dcaarAuditReportId = a})++instance AWSRequest+           DescribeCertificateAuthorityAuditReport+         where+        type Rs DescribeCertificateAuthorityAuditReport =+             DescribeCertificateAuthorityAuditReportResponse+        request = postJSON certificateManagerPCA+        response+          = receiveJSON+              (\ s h x ->+                 DescribeCertificateAuthorityAuditReportResponse' <$>+                   (x .?> "S3Key") <*> (x .?> "CreatedAt") <*>+                     (x .?> "AuditReportStatus")+                     <*> (x .?> "S3BucketName")+                     <*> (pure (fromEnum s)))++instance Hashable+           DescribeCertificateAuthorityAuditReport+         where++instance NFData+           DescribeCertificateAuthorityAuditReport+         where++instance ToHeaders+           DescribeCertificateAuthorityAuditReport+         where+        toHeaders+          = const+              (mconcat+                 ["X-Amz-Target" =#+                    ("ACMPrivateCA.DescribeCertificateAuthorityAuditReport"+                       :: ByteString),+                  "Content-Type" =#+                    ("application/x-amz-json-1.1" :: ByteString)])++instance ToJSON+           DescribeCertificateAuthorityAuditReport+         where+        toJSON DescribeCertificateAuthorityAuditReport'{..}+          = object+              (catMaybes+                 [Just+                    ("CertificateAuthorityArn" .=+                       _dcaarCertificateAuthorityARN),+                  Just ("AuditReportId" .= _dcaarAuditReportId)])++instance ToPath+           DescribeCertificateAuthorityAuditReport+         where+        toPath = const "/"++instance ToQuery+           DescribeCertificateAuthorityAuditReport+         where+        toQuery = const mempty++-- | /See:/ 'describeCertificateAuthorityAuditReportResponse' smart constructor.+data DescribeCertificateAuthorityAuditReportResponse = DescribeCertificateAuthorityAuditReportResponse'+  { _dcaarrsS3Key             :: !(Maybe Text)+  , _dcaarrsCreatedAt         :: !(Maybe POSIX)+  , _dcaarrsAuditReportStatus :: !(Maybe AuditReportStatus)+  , _dcaarrsS3BucketName      :: !(Maybe Text)+  , _dcaarrsResponseStatus    :: !Int+  } deriving (Eq, Read, Show, Data, Typeable, Generic)+++-- | Creates a value of 'DescribeCertificateAuthorityAuditReportResponse' with the minimum fields required to make a request.+--+-- Use one of the following lenses to modify other fields as desired:+--+-- * 'dcaarrsS3Key' - S3 __key__ that uniquely identifies the report file in your S3 bucket.+--+-- * 'dcaarrsCreatedAt' - The date and time at which the report was created.+--+-- * 'dcaarrsAuditReportStatus' - Specifies whether report creation is in progress, has succeeded, or has failed.+--+-- * 'dcaarrsS3BucketName' - Name of the S3 bucket that contains the report.+--+-- * 'dcaarrsResponseStatus' - -- | The response status code.+describeCertificateAuthorityAuditReportResponse+    :: Int -- ^ 'dcaarrsResponseStatus'+    -> DescribeCertificateAuthorityAuditReportResponse+describeCertificateAuthorityAuditReportResponse pResponseStatus_ =+  DescribeCertificateAuthorityAuditReportResponse'+    { _dcaarrsS3Key = Nothing+    , _dcaarrsCreatedAt = Nothing+    , _dcaarrsAuditReportStatus = Nothing+    , _dcaarrsS3BucketName = Nothing+    , _dcaarrsResponseStatus = pResponseStatus_+    }+++-- | S3 __key__ that uniquely identifies the report file in your S3 bucket.+dcaarrsS3Key :: Lens' DescribeCertificateAuthorityAuditReportResponse (Maybe Text)+dcaarrsS3Key = lens _dcaarrsS3Key (\ s a -> s{_dcaarrsS3Key = a})++-- | The date and time at which the report was created.+dcaarrsCreatedAt :: Lens' DescribeCertificateAuthorityAuditReportResponse (Maybe UTCTime)+dcaarrsCreatedAt = lens _dcaarrsCreatedAt (\ s a -> s{_dcaarrsCreatedAt = a}) . mapping _Time++-- | Specifies whether report creation is in progress, has succeeded, or has failed.+dcaarrsAuditReportStatus :: Lens' DescribeCertificateAuthorityAuditReportResponse (Maybe AuditReportStatus)+dcaarrsAuditReportStatus = lens _dcaarrsAuditReportStatus (\ s a -> s{_dcaarrsAuditReportStatus = a})++-- | Name of the S3 bucket that contains the report.+dcaarrsS3BucketName :: Lens' DescribeCertificateAuthorityAuditReportResponse (Maybe Text)+dcaarrsS3BucketName = lens _dcaarrsS3BucketName (\ s a -> s{_dcaarrsS3BucketName = a})++-- | -- | The response status code.+dcaarrsResponseStatus :: Lens' DescribeCertificateAuthorityAuditReportResponse Int+dcaarrsResponseStatus = lens _dcaarrsResponseStatus (\ s a -> s{_dcaarrsResponseStatus = a})++instance NFData+           DescribeCertificateAuthorityAuditReportResponse+         where
+ gen/Network/AWS/CertificateManagerPCA/GetCertificate.hs view
@@ -0,0 +1,160 @@+{-# LANGUAGE DeriveDataTypeable #-}+{-# LANGUAGE DeriveGeneric      #-}+{-# LANGUAGE OverloadedStrings  #-}+{-# LANGUAGE RecordWildCards    #-}+{-# LANGUAGE TypeFamilies       #-}++{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-binds   #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module      : Network.AWS.CertificateManagerPCA.GetCertificate+-- Copyright   : (c) 2013-2018 Brendan Hay+-- License     : Mozilla Public License, v. 2.0.+-- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>+-- Stability   : auto-generated+-- Portability : non-portable (GHC extensions)+--+-- Retrieves a certificate from your private CA. The ARN of the certificate is returned when you call the 'IssueCertificate' function. You must specify both the ARN of your private CA and the ARN of the issued certificate when calling the __GetCertificate__ function. You can retrieve the certificate if it is in the __ISSUED__ state. You can call the 'CreateCertificateAuthorityAuditReport' function to create a report that contains information about all of the certificates issued and revoked by your private CA.+--+--+module Network.AWS.CertificateManagerPCA.GetCertificate+    (+    -- * Creating a Request+      getCertificate+    , GetCertificate+    -- * Request Lenses+    , gcCertificateAuthorityARN+    , gcCertificateARN++    -- * Destructuring the Response+    , getCertificateResponse+    , GetCertificateResponse+    -- * Response Lenses+    , gcrsCertificate+    , gcrsCertificateChain+    , gcrsResponseStatus+    ) where++import Network.AWS.CertificateManagerPCA.Types+import Network.AWS.CertificateManagerPCA.Types.Product+import Network.AWS.Lens+import Network.AWS.Prelude+import Network.AWS.Request+import Network.AWS.Response++-- | /See:/ 'getCertificate' smart constructor.+data GetCertificate = GetCertificate'+  { _gcCertificateAuthorityARN :: !Text+  , _gcCertificateARN          :: !Text+  } deriving (Eq, Read, Show, Data, Typeable, Generic)+++-- | Creates a value of 'GetCertificate' with the minimum fields required to make a request.+--+-- Use one of the following lenses to modify other fields as desired:+--+-- * 'gcCertificateAuthorityARN' - The Amazon Resource Name (ARN) that was returned when you called 'CreateCertificateAuthority' . This must be of the form:  @arn:aws:acm:/region/ :/account/ :certificate-authority//12345678-1234-1234-1234-123456789012/ @ .+--+-- * 'gcCertificateARN' - The ARN of the issued certificate. The ARN contains the certificate serial number and must be in the following form:  @arn:aws:acm:/region/ :/account/ :certificate-authority//12345678-1234-1234-1234-123456789012/ /certificate//286535153982981100925020015808220737245/ @+getCertificate+    :: Text -- ^ 'gcCertificateAuthorityARN'+    -> Text -- ^ 'gcCertificateARN'+    -> GetCertificate+getCertificate pCertificateAuthorityARN_ pCertificateARN_ =+  GetCertificate'+    { _gcCertificateAuthorityARN = pCertificateAuthorityARN_+    , _gcCertificateARN = pCertificateARN_+    }+++-- | The Amazon Resource Name (ARN) that was returned when you called 'CreateCertificateAuthority' . This must be of the form:  @arn:aws:acm:/region/ :/account/ :certificate-authority//12345678-1234-1234-1234-123456789012/ @ .+gcCertificateAuthorityARN :: Lens' GetCertificate Text+gcCertificateAuthorityARN = lens _gcCertificateAuthorityARN (\ s a -> s{_gcCertificateAuthorityARN = a})++-- | The ARN of the issued certificate. The ARN contains the certificate serial number and must be in the following form:  @arn:aws:acm:/region/ :/account/ :certificate-authority//12345678-1234-1234-1234-123456789012/ /certificate//286535153982981100925020015808220737245/ @+gcCertificateARN :: Lens' GetCertificate Text+gcCertificateARN = lens _gcCertificateARN (\ s a -> s{_gcCertificateARN = a})++instance AWSRequest GetCertificate where+        type Rs GetCertificate = GetCertificateResponse+        request = postJSON certificateManagerPCA+        response+          = receiveJSON+              (\ s h x ->+                 GetCertificateResponse' <$>+                   (x .?> "Certificate") <*> (x .?> "CertificateChain")+                     <*> (pure (fromEnum s)))++instance Hashable GetCertificate where++instance NFData GetCertificate where++instance ToHeaders GetCertificate where+        toHeaders+          = const+              (mconcat+                 ["X-Amz-Target" =#+                    ("ACMPrivateCA.GetCertificate" :: ByteString),+                  "Content-Type" =#+                    ("application/x-amz-json-1.1" :: ByteString)])++instance ToJSON GetCertificate where+        toJSON GetCertificate'{..}+          = object+              (catMaybes+                 [Just+                    ("CertificateAuthorityArn" .=+                       _gcCertificateAuthorityARN),+                  Just ("CertificateArn" .= _gcCertificateARN)])++instance ToPath GetCertificate where+        toPath = const "/"++instance ToQuery GetCertificate where+        toQuery = const mempty++-- | /See:/ 'getCertificateResponse' smart constructor.+data GetCertificateResponse = GetCertificateResponse'+  { _gcrsCertificate      :: !(Maybe Text)+  , _gcrsCertificateChain :: !(Maybe Text)+  , _gcrsResponseStatus   :: !Int+  } deriving (Eq, Read, Show, Data, Typeable, Generic)+++-- | Creates a value of 'GetCertificateResponse' with the minimum fields required to make a request.+--+-- Use one of the following lenses to modify other fields as desired:+--+-- * 'gcrsCertificate' - The base64 PEM-encoded certificate specified by the @CertificateArn@ parameter.+--+-- * 'gcrsCertificateChain' - The base64 PEM-encoded certificate chain that chains up to the on-premises root CA certificate that you used to sign your private CA certificate.+--+-- * 'gcrsResponseStatus' - -- | The response status code.+getCertificateResponse+    :: Int -- ^ 'gcrsResponseStatus'+    -> GetCertificateResponse+getCertificateResponse pResponseStatus_ =+  GetCertificateResponse'+    { _gcrsCertificate = Nothing+    , _gcrsCertificateChain = Nothing+    , _gcrsResponseStatus = pResponseStatus_+    }+++-- | The base64 PEM-encoded certificate specified by the @CertificateArn@ parameter.+gcrsCertificate :: Lens' GetCertificateResponse (Maybe Text)+gcrsCertificate = lens _gcrsCertificate (\ s a -> s{_gcrsCertificate = a})++-- | The base64 PEM-encoded certificate chain that chains up to the on-premises root CA certificate that you used to sign your private CA certificate.+gcrsCertificateChain :: Lens' GetCertificateResponse (Maybe Text)+gcrsCertificateChain = lens _gcrsCertificateChain (\ s a -> s{_gcrsCertificateChain = a})++-- | -- | The response status code.+gcrsResponseStatus :: Lens' GetCertificateResponse Int+gcrsResponseStatus = lens _gcrsResponseStatus (\ s a -> s{_gcrsResponseStatus = a})++instance NFData GetCertificateResponse where
+ gen/Network/AWS/CertificateManagerPCA/GetCertificateAuthorityCSR.hs view
@@ -0,0 +1,139 @@+{-# LANGUAGE DeriveDataTypeable #-}+{-# LANGUAGE DeriveGeneric      #-}+{-# LANGUAGE OverloadedStrings  #-}+{-# LANGUAGE RecordWildCards    #-}+{-# LANGUAGE TypeFamilies       #-}++{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-binds   #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module      : Network.AWS.CertificateManagerPCA.GetCertificateAuthorityCSR+-- Copyright   : (c) 2013-2018 Brendan Hay+-- License     : Mozilla Public License, v. 2.0.+-- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>+-- Stability   : auto-generated+-- Portability : non-portable (GHC extensions)+--+-- Retrieves the certificate signing request (CSR) for your private certificate authority (CA). The CSR is created when you call the 'CreateCertificateAuthority' function. Take the CSR to your on-premises X.509 infrastructure and sign it by using your root or a subordinate CA. Then import the signed certificate back into ACM PCA by calling the 'ImportCertificateAuthorityCertificate' function. The CSR is returned as a base64 PEM-encoded string.+--+--+module Network.AWS.CertificateManagerPCA.GetCertificateAuthorityCSR+    (+    -- * Creating a Request+      getCertificateAuthorityCSR+    , GetCertificateAuthorityCSR+    -- * Request Lenses+    , gcacsrCertificateAuthorityARN++    -- * Destructuring the Response+    , getCertificateAuthorityCSRResponse+    , GetCertificateAuthorityCSRResponse+    -- * Response Lenses+    , gcacsrrsCSR+    , gcacsrrsResponseStatus+    ) where++import Network.AWS.CertificateManagerPCA.Types+import Network.AWS.CertificateManagerPCA.Types.Product+import Network.AWS.Lens+import Network.AWS.Prelude+import Network.AWS.Request+import Network.AWS.Response++-- | /See:/ 'getCertificateAuthorityCSR' smart constructor.+newtype GetCertificateAuthorityCSR = GetCertificateAuthorityCSR'+  { _gcacsrCertificateAuthorityARN :: Text+  } deriving (Eq, Read, Show, Data, Typeable, Generic)+++-- | Creates a value of 'GetCertificateAuthorityCSR' with the minimum fields required to make a request.+--+-- Use one of the following lenses to modify other fields as desired:+--+-- * 'gcacsrCertificateAuthorityARN' - The Amazon Resource Name (ARN) that was returned when you called the 'CreateCertificateAuthority' function. This must be of the form:  @arn:aws:acm:/region/ :/account/ :certificate-authority//12345678-1234-1234-1234-123456789012/ @+getCertificateAuthorityCSR+    :: Text -- ^ 'gcacsrCertificateAuthorityARN'+    -> GetCertificateAuthorityCSR+getCertificateAuthorityCSR pCertificateAuthorityARN_ =+  GetCertificateAuthorityCSR'+    {_gcacsrCertificateAuthorityARN = pCertificateAuthorityARN_}+++-- | The Amazon Resource Name (ARN) that was returned when you called the 'CreateCertificateAuthority' function. This must be of the form:  @arn:aws:acm:/region/ :/account/ :certificate-authority//12345678-1234-1234-1234-123456789012/ @+gcacsrCertificateAuthorityARN :: Lens' GetCertificateAuthorityCSR Text+gcacsrCertificateAuthorityARN = lens _gcacsrCertificateAuthorityARN (\ s a -> s{_gcacsrCertificateAuthorityARN = a})++instance AWSRequest GetCertificateAuthorityCSR where+        type Rs GetCertificateAuthorityCSR =+             GetCertificateAuthorityCSRResponse+        request = postJSON certificateManagerPCA+        response+          = receiveJSON+              (\ s h x ->+                 GetCertificateAuthorityCSRResponse' <$>+                   (x .?> "Csr") <*> (pure (fromEnum s)))++instance Hashable GetCertificateAuthorityCSR where++instance NFData GetCertificateAuthorityCSR where++instance ToHeaders GetCertificateAuthorityCSR where+        toHeaders+          = const+              (mconcat+                 ["X-Amz-Target" =#+                    ("ACMPrivateCA.GetCertificateAuthorityCsr" ::+                       ByteString),+                  "Content-Type" =#+                    ("application/x-amz-json-1.1" :: ByteString)])++instance ToJSON GetCertificateAuthorityCSR where+        toJSON GetCertificateAuthorityCSR'{..}+          = object+              (catMaybes+                 [Just+                    ("CertificateAuthorityArn" .=+                       _gcacsrCertificateAuthorityARN)])++instance ToPath GetCertificateAuthorityCSR where+        toPath = const "/"++instance ToQuery GetCertificateAuthorityCSR where+        toQuery = const mempty++-- | /See:/ 'getCertificateAuthorityCSRResponse' smart constructor.+data GetCertificateAuthorityCSRResponse = GetCertificateAuthorityCSRResponse'+  { _gcacsrrsCSR            :: !(Maybe Text)+  , _gcacsrrsResponseStatus :: !Int+  } deriving (Eq, Read, Show, Data, Typeable, Generic)+++-- | Creates a value of 'GetCertificateAuthorityCSRResponse' with the minimum fields required to make a request.+--+-- Use one of the following lenses to modify other fields as desired:+--+-- * 'gcacsrrsCSR' - The base64 PEM-encoded certificate signing request (CSR) for your private CA certificate.+--+-- * 'gcacsrrsResponseStatus' - -- | The response status code.+getCertificateAuthorityCSRResponse+    :: Int -- ^ 'gcacsrrsResponseStatus'+    -> GetCertificateAuthorityCSRResponse+getCertificateAuthorityCSRResponse pResponseStatus_ =+  GetCertificateAuthorityCSRResponse'+    {_gcacsrrsCSR = Nothing, _gcacsrrsResponseStatus = pResponseStatus_}+++-- | The base64 PEM-encoded certificate signing request (CSR) for your private CA certificate.+gcacsrrsCSR :: Lens' GetCertificateAuthorityCSRResponse (Maybe Text)+gcacsrrsCSR = lens _gcacsrrsCSR (\ s a -> s{_gcacsrrsCSR = a})++-- | -- | The response status code.+gcacsrrsResponseStatus :: Lens' GetCertificateAuthorityCSRResponse Int+gcacsrrsResponseStatus = lens _gcacsrrsResponseStatus (\ s a -> s{_gcacsrrsResponseStatus = a})++instance NFData GetCertificateAuthorityCSRResponse+         where
+ gen/Network/AWS/CertificateManagerPCA/GetCertificateAuthorityCertificate.hs view
@@ -0,0 +1,160 @@+{-# LANGUAGE DeriveDataTypeable #-}+{-# LANGUAGE DeriveGeneric      #-}+{-# LANGUAGE OverloadedStrings  #-}+{-# LANGUAGE RecordWildCards    #-}+{-# LANGUAGE TypeFamilies       #-}++{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-binds   #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module      : Network.AWS.CertificateManagerPCA.GetCertificateAuthorityCertificate+-- Copyright   : (c) 2013-2018 Brendan Hay+-- License     : Mozilla Public License, v. 2.0.+-- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>+-- Stability   : auto-generated+-- Portability : non-portable (GHC extensions)+--+-- Retrieves the certificate and certificate chain for your private certificate authority (CA). Both the certificate and the chain are base64 PEM-encoded. The chain does not include the CA certificate. Each certificate in the chain signs the one before it.+--+--+module Network.AWS.CertificateManagerPCA.GetCertificateAuthorityCertificate+    (+    -- * Creating a Request+      getCertificateAuthorityCertificate+    , GetCertificateAuthorityCertificate+    -- * Request Lenses+    , gcacCertificateAuthorityARN++    -- * Destructuring the Response+    , getCertificateAuthorityCertificateResponse+    , GetCertificateAuthorityCertificateResponse+    -- * Response Lenses+    , gcacrsCertificate+    , gcacrsCertificateChain+    , gcacrsResponseStatus+    ) where++import Network.AWS.CertificateManagerPCA.Types+import Network.AWS.CertificateManagerPCA.Types.Product+import Network.AWS.Lens+import Network.AWS.Prelude+import Network.AWS.Request+import Network.AWS.Response++-- | /See:/ 'getCertificateAuthorityCertificate' smart constructor.+newtype GetCertificateAuthorityCertificate = GetCertificateAuthorityCertificate'+  { _gcacCertificateAuthorityARN :: Text+  } deriving (Eq, Read, Show, Data, Typeable, Generic)+++-- | Creates a value of 'GetCertificateAuthorityCertificate' with the minimum fields required to make a request.+--+-- Use one of the following lenses to modify other fields as desired:+--+-- * 'gcacCertificateAuthorityARN' - The Amazon Resource Name (ARN) of your private CA. This is of the form: @arn:aws:acm:/region/ :/account/ :certificate-authority//12345678-1234-1234-1234-123456789012/ @ .+getCertificateAuthorityCertificate+    :: Text -- ^ 'gcacCertificateAuthorityARN'+    -> GetCertificateAuthorityCertificate+getCertificateAuthorityCertificate pCertificateAuthorityARN_ =+  GetCertificateAuthorityCertificate'+    {_gcacCertificateAuthorityARN = pCertificateAuthorityARN_}+++-- | The Amazon Resource Name (ARN) of your private CA. This is of the form: @arn:aws:acm:/region/ :/account/ :certificate-authority//12345678-1234-1234-1234-123456789012/ @ .+gcacCertificateAuthorityARN :: Lens' GetCertificateAuthorityCertificate Text+gcacCertificateAuthorityARN = lens _gcacCertificateAuthorityARN (\ s a -> s{_gcacCertificateAuthorityARN = a})++instance AWSRequest+           GetCertificateAuthorityCertificate+         where+        type Rs GetCertificateAuthorityCertificate =+             GetCertificateAuthorityCertificateResponse+        request = postJSON certificateManagerPCA+        response+          = receiveJSON+              (\ s h x ->+                 GetCertificateAuthorityCertificateResponse' <$>+                   (x .?> "Certificate") <*> (x .?> "CertificateChain")+                     <*> (pure (fromEnum s)))++instance Hashable GetCertificateAuthorityCertificate+         where++instance NFData GetCertificateAuthorityCertificate+         where++instance ToHeaders GetCertificateAuthorityCertificate+         where+        toHeaders+          = const+              (mconcat+                 ["X-Amz-Target" =#+                    ("ACMPrivateCA.GetCertificateAuthorityCertificate" ::+                       ByteString),+                  "Content-Type" =#+                    ("application/x-amz-json-1.1" :: ByteString)])++instance ToJSON GetCertificateAuthorityCertificate+         where+        toJSON GetCertificateAuthorityCertificate'{..}+          = object+              (catMaybes+                 [Just+                    ("CertificateAuthorityArn" .=+                       _gcacCertificateAuthorityARN)])++instance ToPath GetCertificateAuthorityCertificate+         where+        toPath = const "/"++instance ToQuery GetCertificateAuthorityCertificate+         where+        toQuery = const mempty++-- | /See:/ 'getCertificateAuthorityCertificateResponse' smart constructor.+data GetCertificateAuthorityCertificateResponse = GetCertificateAuthorityCertificateResponse'+  { _gcacrsCertificate      :: !(Maybe Text)+  , _gcacrsCertificateChain :: !(Maybe Text)+  , _gcacrsResponseStatus   :: !Int+  } deriving (Eq, Read, Show, Data, Typeable, Generic)+++-- | Creates a value of 'GetCertificateAuthorityCertificateResponse' with the minimum fields required to make a request.+--+-- Use one of the following lenses to modify other fields as desired:+--+-- * 'gcacrsCertificate' - Base64-encoded certificate authority (CA) certificate.+--+-- * 'gcacrsCertificateChain' - Base64-encoded certificate chain that includes any intermediate certificates and chains up to root on-premises certificate that you used to sign your private CA certificate. The chain does not include your private CA certificate.+--+-- * 'gcacrsResponseStatus' - -- | The response status code.+getCertificateAuthorityCertificateResponse+    :: Int -- ^ 'gcacrsResponseStatus'+    -> GetCertificateAuthorityCertificateResponse+getCertificateAuthorityCertificateResponse pResponseStatus_ =+  GetCertificateAuthorityCertificateResponse'+    { _gcacrsCertificate = Nothing+    , _gcacrsCertificateChain = Nothing+    , _gcacrsResponseStatus = pResponseStatus_+    }+++-- | Base64-encoded certificate authority (CA) certificate.+gcacrsCertificate :: Lens' GetCertificateAuthorityCertificateResponse (Maybe Text)+gcacrsCertificate = lens _gcacrsCertificate (\ s a -> s{_gcacrsCertificate = a})++-- | Base64-encoded certificate chain that includes any intermediate certificates and chains up to root on-premises certificate that you used to sign your private CA certificate. The chain does not include your private CA certificate.+gcacrsCertificateChain :: Lens' GetCertificateAuthorityCertificateResponse (Maybe Text)+gcacrsCertificateChain = lens _gcacrsCertificateChain (\ s a -> s{_gcacrsCertificateChain = a})++-- | -- | The response status code.+gcacrsResponseStatus :: Lens' GetCertificateAuthorityCertificateResponse Int+gcacrsResponseStatus = lens _gcacrsResponseStatus (\ s a -> s{_gcacrsResponseStatus = a})++instance NFData+           GetCertificateAuthorityCertificateResponse+         where
+ gen/Network/AWS/CertificateManagerPCA/ImportCertificateAuthorityCertificate.hs view
@@ -0,0 +1,153 @@+{-# LANGUAGE DeriveDataTypeable #-}+{-# LANGUAGE DeriveGeneric      #-}+{-# LANGUAGE OverloadedStrings  #-}+{-# LANGUAGE RecordWildCards    #-}+{-# LANGUAGE TypeFamilies       #-}++{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-binds   #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module      : Network.AWS.CertificateManagerPCA.ImportCertificateAuthorityCertificate+-- Copyright   : (c) 2013-2018 Brendan Hay+-- License     : Mozilla Public License, v. 2.0.+-- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>+-- Stability   : auto-generated+-- Portability : non-portable (GHC extensions)+--+-- Imports your signed private CA certificate into ACM PCA. Before you can call this function, you must create the private certificate authority by calling the 'CreateCertificateAuthority' function. You must then generate a certificate signing request (CSR) by calling the 'GetCertificateAuthorityCsr' function. Take the CSR to your on-premises CA and use the root certificate or a subordinate certificate to sign it. Create a certificate chain and copy the signed certificate and the certificate chain to your working directory.+--+--+module Network.AWS.CertificateManagerPCA.ImportCertificateAuthorityCertificate+    (+    -- * Creating a Request+      importCertificateAuthorityCertificate+    , ImportCertificateAuthorityCertificate+    -- * Request Lenses+    , icacCertificateAuthorityARN+    , icacCertificate+    , icacCertificateChain++    -- * Destructuring the Response+    , importCertificateAuthorityCertificateResponse+    , ImportCertificateAuthorityCertificateResponse+    ) where++import Network.AWS.CertificateManagerPCA.Types+import Network.AWS.CertificateManagerPCA.Types.Product+import Network.AWS.Lens+import Network.AWS.Prelude+import Network.AWS.Request+import Network.AWS.Response++-- | /See:/ 'importCertificateAuthorityCertificate' smart constructor.+data ImportCertificateAuthorityCertificate = ImportCertificateAuthorityCertificate'+  { _icacCertificateAuthorityARN :: !Text+  , _icacCertificate             :: !Base64+  , _icacCertificateChain        :: !Base64+  } deriving (Eq, Read, Show, Data, Typeable, Generic)+++-- | Creates a value of 'ImportCertificateAuthorityCertificate' with the minimum fields required to make a request.+--+-- Use one of the following lenses to modify other fields as desired:+--+-- * 'icacCertificateAuthorityARN' - The Amazon Resource Name (ARN) that was returned when you called 'CreateCertificateAuthority' . This must be of the form:  @arn:aws:acm:/region/ :/account/ :certificate-authority//12345678-1234-1234-1234-123456789012/ @+--+-- * 'icacCertificate' - The PEM-encoded certificate for your private CA. This must be signed by using your on-premises CA.-- /Note:/ This 'Lens' automatically encodes and decodes Base64 data. The underlying isomorphism will encode to Base64 representation during serialisation, and decode from Base64 representation during deserialisation. This 'Lens' accepts and returns only raw unencoded data.+--+-- * 'icacCertificateChain' - A PEM-encoded file that contains all of your certificates, other than the certificate you're importing, chaining up to your root CA. Your on-premises root certificate is the last in the chain, and each certificate in the chain signs the one preceding. -- /Note:/ This 'Lens' automatically encodes and decodes Base64 data. The underlying isomorphism will encode to Base64 representation during serialisation, and decode from Base64 representation during deserialisation. This 'Lens' accepts and returns only raw unencoded data.+importCertificateAuthorityCertificate+    :: Text -- ^ 'icacCertificateAuthorityARN'+    -> ByteString -- ^ 'icacCertificate'+    -> ByteString -- ^ 'icacCertificateChain'+    -> ImportCertificateAuthorityCertificate+importCertificateAuthorityCertificate pCertificateAuthorityARN_ pCertificate_ pCertificateChain_ =+  ImportCertificateAuthorityCertificate'+    { _icacCertificateAuthorityARN = pCertificateAuthorityARN_+    , _icacCertificate = _Base64 # pCertificate_+    , _icacCertificateChain = _Base64 # pCertificateChain_+    }+++-- | The Amazon Resource Name (ARN) that was returned when you called 'CreateCertificateAuthority' . This must be of the form:  @arn:aws:acm:/region/ :/account/ :certificate-authority//12345678-1234-1234-1234-123456789012/ @+icacCertificateAuthorityARN :: Lens' ImportCertificateAuthorityCertificate Text+icacCertificateAuthorityARN = lens _icacCertificateAuthorityARN (\ s a -> s{_icacCertificateAuthorityARN = a})++-- | The PEM-encoded certificate for your private CA. This must be signed by using your on-premises CA.-- /Note:/ This 'Lens' automatically encodes and decodes Base64 data. The underlying isomorphism will encode to Base64 representation during serialisation, and decode from Base64 representation during deserialisation. This 'Lens' accepts and returns only raw unencoded data.+icacCertificate :: Lens' ImportCertificateAuthorityCertificate ByteString+icacCertificate = lens _icacCertificate (\ s a -> s{_icacCertificate = a}) . _Base64++-- | A PEM-encoded file that contains all of your certificates, other than the certificate you're importing, chaining up to your root CA. Your on-premises root certificate is the last in the chain, and each certificate in the chain signs the one preceding. -- /Note:/ This 'Lens' automatically encodes and decodes Base64 data. The underlying isomorphism will encode to Base64 representation during serialisation, and decode from Base64 representation during deserialisation. This 'Lens' accepts and returns only raw unencoded data.+icacCertificateChain :: Lens' ImportCertificateAuthorityCertificate ByteString+icacCertificateChain = lens _icacCertificateChain (\ s a -> s{_icacCertificateChain = a}) . _Base64++instance AWSRequest+           ImportCertificateAuthorityCertificate+         where+        type Rs ImportCertificateAuthorityCertificate =+             ImportCertificateAuthorityCertificateResponse+        request = postJSON certificateManagerPCA+        response+          = receiveNull+              ImportCertificateAuthorityCertificateResponse'++instance Hashable+           ImportCertificateAuthorityCertificate+         where++instance NFData ImportCertificateAuthorityCertificate+         where++instance ToHeaders+           ImportCertificateAuthorityCertificate+         where+        toHeaders+          = const+              (mconcat+                 ["X-Amz-Target" =#+                    ("ACMPrivateCA.ImportCertificateAuthorityCertificate"+                       :: ByteString),+                  "Content-Type" =#+                    ("application/x-amz-json-1.1" :: ByteString)])++instance ToJSON ImportCertificateAuthorityCertificate+         where+        toJSON ImportCertificateAuthorityCertificate'{..}+          = object+              (catMaybes+                 [Just+                    ("CertificateAuthorityArn" .=+                       _icacCertificateAuthorityARN),+                  Just ("Certificate" .= _icacCertificate),+                  Just ("CertificateChain" .= _icacCertificateChain)])++instance ToPath ImportCertificateAuthorityCertificate+         where+        toPath = const "/"++instance ToQuery+           ImportCertificateAuthorityCertificate+         where+        toQuery = const mempty++-- | /See:/ 'importCertificateAuthorityCertificateResponse' smart constructor.+data ImportCertificateAuthorityCertificateResponse =+  ImportCertificateAuthorityCertificateResponse'+  deriving (Eq, Read, Show, Data, Typeable, Generic)+++-- | Creates a value of 'ImportCertificateAuthorityCertificateResponse' with the minimum fields required to make a request.+--+importCertificateAuthorityCertificateResponse+    :: ImportCertificateAuthorityCertificateResponse+importCertificateAuthorityCertificateResponse =+  ImportCertificateAuthorityCertificateResponse'+++instance NFData+           ImportCertificateAuthorityCertificateResponse+         where
+ gen/Network/AWS/CertificateManagerPCA/IssueCertificate.hs view
@@ -0,0 +1,180 @@+{-# LANGUAGE DeriveDataTypeable #-}+{-# LANGUAGE DeriveGeneric      #-}+{-# LANGUAGE OverloadedStrings  #-}+{-# LANGUAGE RecordWildCards    #-}+{-# LANGUAGE TypeFamilies       #-}++{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-binds   #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module      : Network.AWS.CertificateManagerPCA.IssueCertificate+-- Copyright   : (c) 2013-2018 Brendan Hay+-- License     : Mozilla Public License, v. 2.0.+-- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>+-- Stability   : auto-generated+-- Portability : non-portable (GHC extensions)+--+-- Uses your private certificate authority (CA) to issue a client certificate. This function returns the Amazon Resource Name (ARN) of the certificate. You can retrieve the certificate by calling the 'GetCertificate' function and specifying the ARN.+--+--+module Network.AWS.CertificateManagerPCA.IssueCertificate+    (+    -- * Creating a Request+      issueCertificate+    , IssueCertificate+    -- * Request Lenses+    , icIdempotencyToken+    , icCertificateAuthorityARN+    , icCSR+    , icSigningAlgorithm+    , icValidity++    -- * Destructuring the Response+    , issueCertificateResponse+    , IssueCertificateResponse+    -- * Response Lenses+    , icrsCertificateARN+    , icrsResponseStatus+    ) where++import Network.AWS.CertificateManagerPCA.Types+import Network.AWS.CertificateManagerPCA.Types.Product+import Network.AWS.Lens+import Network.AWS.Prelude+import Network.AWS.Request+import Network.AWS.Response++-- | /See:/ 'issueCertificate' smart constructor.+data IssueCertificate = IssueCertificate'+  { _icIdempotencyToken        :: !(Maybe Text)+  , _icCertificateAuthorityARN :: !Text+  , _icCSR                     :: !Base64+  , _icSigningAlgorithm        :: !SigningAlgorithm+  , _icValidity                :: !Validity+  } deriving (Eq, Read, Show, Data, Typeable, Generic)+++-- | Creates a value of 'IssueCertificate' with the minimum fields required to make a request.+--+-- Use one of the following lenses to modify other fields as desired:+--+-- * 'icIdempotencyToken' - Custom string that can be used to distinguish between calls to the __IssueCertificate__ function. Idempotency tokens time out after one hour. Therefore, if you call __IssueCertificate__ multiple times with the same idempotency token within 5 minutes, ACM PCA recognizes that you are requesting only one certificate and will issue only one. If you change the idempotency token for each call, PCA recognizes that you are requesting multiple certificates.+--+-- * 'icCertificateAuthorityARN' - The Amazon Resource Name (ARN) that was returned when you called 'CreateCertificateAuthority' . This must be of the form: @arn:aws:acm:/region/ :/account/ :certificate-authority//12345678-1234-1234-1234-123456789012/ @+--+-- * 'icCSR' - The certificate signing request (CSR) for the certificate you want to issue. You can use the following OpenSSL command to create the CSR and a 2048 bit RSA private key.  @openssl req -new -newkey rsa:2048 -days 365 -keyout private/test_cert_priv_key.pem -out csr/test_cert_.csr@  If you have a configuration file, you can use the following OpenSSL command. The @usr_cert@ block in the configuration file contains your X509 version 3 extensions.  @openssl req -new -config openssl_rsa.cnf -extensions usr_cert -newkey rsa:2048 -days -365 -keyout private/test_cert_priv_key.pem -out csr/test_cert_.csr@ -- /Note:/ This 'Lens' automatically encodes and decodes Base64 data. The underlying isomorphism will encode to Base64 representation during serialisation, and decode from Base64 representation during deserialisation. This 'Lens' accepts and returns only raw unencoded data.+--+-- * 'icSigningAlgorithm' - The name of the algorithm that will be used to sign the certificate to be issued.+--+-- * 'icValidity' - The type of the validity period.+issueCertificate+    :: Text -- ^ 'icCertificateAuthorityARN'+    -> ByteString -- ^ 'icCSR'+    -> SigningAlgorithm -- ^ 'icSigningAlgorithm'+    -> Validity -- ^ 'icValidity'+    -> IssueCertificate+issueCertificate pCertificateAuthorityARN_ pCSR_ pSigningAlgorithm_ pValidity_ =+  IssueCertificate'+    { _icIdempotencyToken = Nothing+    , _icCertificateAuthorityARN = pCertificateAuthorityARN_+    , _icCSR = _Base64 # pCSR_+    , _icSigningAlgorithm = pSigningAlgorithm_+    , _icValidity = pValidity_+    }+++-- | Custom string that can be used to distinguish between calls to the __IssueCertificate__ function. Idempotency tokens time out after one hour. Therefore, if you call __IssueCertificate__ multiple times with the same idempotency token within 5 minutes, ACM PCA recognizes that you are requesting only one certificate and will issue only one. If you change the idempotency token for each call, PCA recognizes that you are requesting multiple certificates.+icIdempotencyToken :: Lens' IssueCertificate (Maybe Text)+icIdempotencyToken = lens _icIdempotencyToken (\ s a -> s{_icIdempotencyToken = a})++-- | The Amazon Resource Name (ARN) that was returned when you called 'CreateCertificateAuthority' . This must be of the form: @arn:aws:acm:/region/ :/account/ :certificate-authority//12345678-1234-1234-1234-123456789012/ @+icCertificateAuthorityARN :: Lens' IssueCertificate Text+icCertificateAuthorityARN = lens _icCertificateAuthorityARN (\ s a -> s{_icCertificateAuthorityARN = a})++-- | The certificate signing request (CSR) for the certificate you want to issue. You can use the following OpenSSL command to create the CSR and a 2048 bit RSA private key.  @openssl req -new -newkey rsa:2048 -days 365 -keyout private/test_cert_priv_key.pem -out csr/test_cert_.csr@  If you have a configuration file, you can use the following OpenSSL command. The @usr_cert@ block in the configuration file contains your X509 version 3 extensions.  @openssl req -new -config openssl_rsa.cnf -extensions usr_cert -newkey rsa:2048 -days -365 -keyout private/test_cert_priv_key.pem -out csr/test_cert_.csr@ -- /Note:/ This 'Lens' automatically encodes and decodes Base64 data. The underlying isomorphism will encode to Base64 representation during serialisation, and decode from Base64 representation during deserialisation. This 'Lens' accepts and returns only raw unencoded data.+icCSR :: Lens' IssueCertificate ByteString+icCSR = lens _icCSR (\ s a -> s{_icCSR = a}) . _Base64++-- | The name of the algorithm that will be used to sign the certificate to be issued.+icSigningAlgorithm :: Lens' IssueCertificate SigningAlgorithm+icSigningAlgorithm = lens _icSigningAlgorithm (\ s a -> s{_icSigningAlgorithm = a})++-- | The type of the validity period.+icValidity :: Lens' IssueCertificate Validity+icValidity = lens _icValidity (\ s a -> s{_icValidity = a})++instance AWSRequest IssueCertificate where+        type Rs IssueCertificate = IssueCertificateResponse+        request = postJSON certificateManagerPCA+        response+          = receiveJSON+              (\ s h x ->+                 IssueCertificateResponse' <$>+                   (x .?> "CertificateArn") <*> (pure (fromEnum s)))++instance Hashable IssueCertificate where++instance NFData IssueCertificate where++instance ToHeaders IssueCertificate where+        toHeaders+          = const+              (mconcat+                 ["X-Amz-Target" =#+                    ("ACMPrivateCA.IssueCertificate" :: ByteString),+                  "Content-Type" =#+                    ("application/x-amz-json-1.1" :: ByteString)])++instance ToJSON IssueCertificate where+        toJSON IssueCertificate'{..}+          = object+              (catMaybes+                 [("IdempotencyToken" .=) <$> _icIdempotencyToken,+                  Just+                    ("CertificateAuthorityArn" .=+                       _icCertificateAuthorityARN),+                  Just ("Csr" .= _icCSR),+                  Just ("SigningAlgorithm" .= _icSigningAlgorithm),+                  Just ("Validity" .= _icValidity)])++instance ToPath IssueCertificate where+        toPath = const "/"++instance ToQuery IssueCertificate where+        toQuery = const mempty++-- | /See:/ 'issueCertificateResponse' smart constructor.+data IssueCertificateResponse = IssueCertificateResponse'+  { _icrsCertificateARN :: !(Maybe Text)+  , _icrsResponseStatus :: !Int+  } deriving (Eq, Read, Show, Data, Typeable, Generic)+++-- | Creates a value of 'IssueCertificateResponse' with the minimum fields required to make a request.+--+-- Use one of the following lenses to modify other fields as desired:+--+-- * 'icrsCertificateARN' - The Amazon Resource Name (ARN) of the issued certificate and the certificate serial number. This is of the form: @arn:aws:acm:/region/ :/account/ :certificate-authority//12345678-1234-1234-1234-123456789012/ /certificate//286535153982981100925020015808220737245/ @+--+-- * 'icrsResponseStatus' - -- | The response status code.+issueCertificateResponse+    :: Int -- ^ 'icrsResponseStatus'+    -> IssueCertificateResponse+issueCertificateResponse pResponseStatus_ =+  IssueCertificateResponse'+    {_icrsCertificateARN = Nothing, _icrsResponseStatus = pResponseStatus_}+++-- | The Amazon Resource Name (ARN) of the issued certificate and the certificate serial number. This is of the form: @arn:aws:acm:/region/ :/account/ :certificate-authority//12345678-1234-1234-1234-123456789012/ /certificate//286535153982981100925020015808220737245/ @+icrsCertificateARN :: Lens' IssueCertificateResponse (Maybe Text)+icrsCertificateARN = lens _icrsCertificateARN (\ s a -> s{_icrsCertificateARN = a})++-- | -- | The response status code.+icrsResponseStatus :: Lens' IssueCertificateResponse Int+icrsResponseStatus = lens _icrsResponseStatus (\ s a -> s{_icrsResponseStatus = a})++instance NFData IssueCertificateResponse where
+ gen/Network/AWS/CertificateManagerPCA/ListCertificateAuthorities.hs view
@@ -0,0 +1,158 @@+{-# LANGUAGE DeriveDataTypeable #-}+{-# LANGUAGE DeriveGeneric      #-}+{-# LANGUAGE OverloadedStrings  #-}+{-# LANGUAGE RecordWildCards    #-}+{-# LANGUAGE TypeFamilies       #-}++{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-binds   #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module      : Network.AWS.CertificateManagerPCA.ListCertificateAuthorities+-- Copyright   : (c) 2013-2018 Brendan Hay+-- License     : Mozilla Public License, v. 2.0.+-- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>+-- Stability   : auto-generated+-- Portability : non-portable (GHC extensions)+--+-- Lists the private certificate authorities that you created by using the 'CreateCertificateAuthority' function.+--+--+module Network.AWS.CertificateManagerPCA.ListCertificateAuthorities+    (+    -- * Creating a Request+      listCertificateAuthorities+    , ListCertificateAuthorities+    -- * Request Lenses+    , lcaNextToken+    , lcaMaxResults++    -- * Destructuring the Response+    , listCertificateAuthoritiesResponse+    , ListCertificateAuthoritiesResponse+    -- * Response Lenses+    , lcarsCertificateAuthorities+    , lcarsNextToken+    , lcarsResponseStatus+    ) where++import Network.AWS.CertificateManagerPCA.Types+import Network.AWS.CertificateManagerPCA.Types.Product+import Network.AWS.Lens+import Network.AWS.Prelude+import Network.AWS.Request+import Network.AWS.Response++-- | /See:/ 'listCertificateAuthorities' smart constructor.+data ListCertificateAuthorities = ListCertificateAuthorities'+  { _lcaNextToken  :: !(Maybe Text)+  , _lcaMaxResults :: !(Maybe Nat)+  } deriving (Eq, Read, Show, Data, Typeable, Generic)+++-- | Creates a value of 'ListCertificateAuthorities' with the minimum fields required to make a request.+--+-- Use one of the following lenses to modify other fields as desired:+--+-- * 'lcaNextToken' - Use this parameter when paginating results in a subsequent request after you receive a response with truncated results. Set it to the value of the @NextToken@ parameter from the response you just received.+--+-- * 'lcaMaxResults' - Use this parameter when paginating results to specify the maximum number of items to return in the response on each page. If additional items exist beyond the number you specify, the @NextToken@ element is sent in the response. Use this @NextToken@ value in a subsequent request to retrieve additional items.+listCertificateAuthorities+    :: ListCertificateAuthorities+listCertificateAuthorities =+  ListCertificateAuthorities'+    {_lcaNextToken = Nothing, _lcaMaxResults = Nothing}+++-- | Use this parameter when paginating results in a subsequent request after you receive a response with truncated results. Set it to the value of the @NextToken@ parameter from the response you just received.+lcaNextToken :: Lens' ListCertificateAuthorities (Maybe Text)+lcaNextToken = lens _lcaNextToken (\ s a -> s{_lcaNextToken = a})++-- | Use this parameter when paginating results to specify the maximum number of items to return in the response on each page. If additional items exist beyond the number you specify, the @NextToken@ element is sent in the response. Use this @NextToken@ value in a subsequent request to retrieve additional items.+lcaMaxResults :: Lens' ListCertificateAuthorities (Maybe Natural)+lcaMaxResults = lens _lcaMaxResults (\ s a -> s{_lcaMaxResults = a}) . mapping _Nat++instance AWSRequest ListCertificateAuthorities where+        type Rs ListCertificateAuthorities =+             ListCertificateAuthoritiesResponse+        request = postJSON certificateManagerPCA+        response+          = receiveJSON+              (\ s h x ->+                 ListCertificateAuthoritiesResponse' <$>+                   (x .?> "CertificateAuthorities" .!@ mempty) <*>+                     (x .?> "NextToken")+                     <*> (pure (fromEnum s)))++instance Hashable ListCertificateAuthorities where++instance NFData ListCertificateAuthorities where++instance ToHeaders ListCertificateAuthorities where+        toHeaders+          = const+              (mconcat+                 ["X-Amz-Target" =#+                    ("ACMPrivateCA.ListCertificateAuthorities" ::+                       ByteString),+                  "Content-Type" =#+                    ("application/x-amz-json-1.1" :: ByteString)])++instance ToJSON ListCertificateAuthorities where+        toJSON ListCertificateAuthorities'{..}+          = object+              (catMaybes+                 [("NextToken" .=) <$> _lcaNextToken,+                  ("MaxResults" .=) <$> _lcaMaxResults])++instance ToPath ListCertificateAuthorities where+        toPath = const "/"++instance ToQuery ListCertificateAuthorities where+        toQuery = const mempty++-- | /See:/ 'listCertificateAuthoritiesResponse' smart constructor.+data ListCertificateAuthoritiesResponse = ListCertificateAuthoritiesResponse'+  { _lcarsCertificateAuthorities :: !(Maybe [CertificateAuthority])+  , _lcarsNextToken              :: !(Maybe Text)+  , _lcarsResponseStatus         :: !Int+  } deriving (Eq, Read, Show, Data, Typeable, Generic)+++-- | Creates a value of 'ListCertificateAuthoritiesResponse' with the minimum fields required to make a request.+--+-- Use one of the following lenses to modify other fields as desired:+--+-- * 'lcarsCertificateAuthorities' - Summary information about each certificate authority you have created.+--+-- * 'lcarsNextToken' - When the list is truncated, this value is present and should be used for the @NextToken@ parameter in a subsequent pagination request.+--+-- * 'lcarsResponseStatus' - -- | The response status code.+listCertificateAuthoritiesResponse+    :: Int -- ^ 'lcarsResponseStatus'+    -> ListCertificateAuthoritiesResponse+listCertificateAuthoritiesResponse pResponseStatus_ =+  ListCertificateAuthoritiesResponse'+    { _lcarsCertificateAuthorities = Nothing+    , _lcarsNextToken = Nothing+    , _lcarsResponseStatus = pResponseStatus_+    }+++-- | Summary information about each certificate authority you have created.+lcarsCertificateAuthorities :: Lens' ListCertificateAuthoritiesResponse [CertificateAuthority]+lcarsCertificateAuthorities = lens _lcarsCertificateAuthorities (\ s a -> s{_lcarsCertificateAuthorities = a}) . _Default . _Coerce++-- | When the list is truncated, this value is present and should be used for the @NextToken@ parameter in a subsequent pagination request.+lcarsNextToken :: Lens' ListCertificateAuthoritiesResponse (Maybe Text)+lcarsNextToken = lens _lcarsNextToken (\ s a -> s{_lcarsNextToken = a})++-- | -- | The response status code.+lcarsResponseStatus :: Lens' ListCertificateAuthoritiesResponse Int+lcarsResponseStatus = lens _lcarsResponseStatus (\ s a -> s{_lcarsResponseStatus = a})++instance NFData ListCertificateAuthoritiesResponse+         where
+ gen/Network/AWS/CertificateManagerPCA/ListTags.hs view
@@ -0,0 +1,169 @@+{-# LANGUAGE DeriveDataTypeable #-}+{-# LANGUAGE DeriveGeneric      #-}+{-# LANGUAGE OverloadedStrings  #-}+{-# LANGUAGE RecordWildCards    #-}+{-# LANGUAGE TypeFamilies       #-}++{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-binds   #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module      : Network.AWS.CertificateManagerPCA.ListTags+-- Copyright   : (c) 2013-2018 Brendan Hay+-- License     : Mozilla Public License, v. 2.0.+-- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>+-- Stability   : auto-generated+-- Portability : non-portable (GHC extensions)+--+-- Lists the tags, if any, that are associated with your private CA. Tags are labels that you can use to identify and organize your CAs. Each tag consists of a key and an optional value. Call the 'TagCertificateAuthority' function to add one or more tags to your CA. Call the 'UntagCertificateAuthority' function to remove tags.+--+--+module Network.AWS.CertificateManagerPCA.ListTags+    (+    -- * Creating a Request+      listTags+    , ListTags+    -- * Request Lenses+    , ltNextToken+    , ltMaxResults+    , ltCertificateAuthorityARN++    -- * Destructuring the Response+    , listTagsResponse+    , ListTagsResponse+    -- * Response Lenses+    , ltrsNextToken+    , ltrsTags+    , ltrsResponseStatus+    ) where++import Network.AWS.CertificateManagerPCA.Types+import Network.AWS.CertificateManagerPCA.Types.Product+import Network.AWS.Lens+import Network.AWS.Prelude+import Network.AWS.Request+import Network.AWS.Response++-- | /See:/ 'listTags' smart constructor.+data ListTags = ListTags'+  { _ltNextToken               :: !(Maybe Text)+  , _ltMaxResults              :: !(Maybe Nat)+  , _ltCertificateAuthorityARN :: !Text+  } deriving (Eq, Read, Show, Data, Typeable, Generic)+++-- | Creates a value of 'ListTags' with the minimum fields required to make a request.+--+-- Use one of the following lenses to modify other fields as desired:+--+-- * 'ltNextToken' - Use this parameter when paginating results in a subsequent request after you receive a response with truncated results. Set it to the value of __NextToken__ from the response you just received.+--+-- * 'ltMaxResults' - Use this parameter when paginating results to specify the maximum number of items to return in the response. If additional items exist beyond the number you specify, the __NextToken__ element is sent in the response. Use this __NextToken__ value in a subsequent request to retrieve additional items.+--+-- * 'ltCertificateAuthorityARN' - The Amazon Resource Name (ARN) that was returned when you called the 'CreateCertificateAuthority' function. This must be of the form:  @arn:aws:acm:/region/ :/account/ :certificate-authority//12345678-1234-1234-1234-123456789012/ @+listTags+    :: Text -- ^ 'ltCertificateAuthorityARN'+    -> ListTags+listTags pCertificateAuthorityARN_ =+  ListTags'+    { _ltNextToken = Nothing+    , _ltMaxResults = Nothing+    , _ltCertificateAuthorityARN = pCertificateAuthorityARN_+    }+++-- | Use this parameter when paginating results in a subsequent request after you receive a response with truncated results. Set it to the value of __NextToken__ from the response you just received.+ltNextToken :: Lens' ListTags (Maybe Text)+ltNextToken = lens _ltNextToken (\ s a -> s{_ltNextToken = a})++-- | Use this parameter when paginating results to specify the maximum number of items to return in the response. If additional items exist beyond the number you specify, the __NextToken__ element is sent in the response. Use this __NextToken__ value in a subsequent request to retrieve additional items.+ltMaxResults :: Lens' ListTags (Maybe Natural)+ltMaxResults = lens _ltMaxResults (\ s a -> s{_ltMaxResults = a}) . mapping _Nat++-- | The Amazon Resource Name (ARN) that was returned when you called the 'CreateCertificateAuthority' function. This must be of the form:  @arn:aws:acm:/region/ :/account/ :certificate-authority//12345678-1234-1234-1234-123456789012/ @+ltCertificateAuthorityARN :: Lens' ListTags Text+ltCertificateAuthorityARN = lens _ltCertificateAuthorityARN (\ s a -> s{_ltCertificateAuthorityARN = a})++instance AWSRequest ListTags where+        type Rs ListTags = ListTagsResponse+        request = postJSON certificateManagerPCA+        response+          = receiveJSON+              (\ s h x ->+                 ListTagsResponse' <$>+                   (x .?> "NextToken") <*> (x .?> "Tags") <*>+                     (pure (fromEnum s)))++instance Hashable ListTags where++instance NFData ListTags where++instance ToHeaders ListTags where+        toHeaders+          = const+              (mconcat+                 ["X-Amz-Target" =#+                    ("ACMPrivateCA.ListTags" :: ByteString),+                  "Content-Type" =#+                    ("application/x-amz-json-1.1" :: ByteString)])++instance ToJSON ListTags where+        toJSON ListTags'{..}+          = object+              (catMaybes+                 [("NextToken" .=) <$> _ltNextToken,+                  ("MaxResults" .=) <$> _ltMaxResults,+                  Just+                    ("CertificateAuthorityArn" .=+                       _ltCertificateAuthorityARN)])++instance ToPath ListTags where+        toPath = const "/"++instance ToQuery ListTags where+        toQuery = const mempty++-- | /See:/ 'listTagsResponse' smart constructor.+data ListTagsResponse = ListTagsResponse'+  { _ltrsNextToken      :: !(Maybe Text)+  , _ltrsTags           :: !(Maybe (List1 Tag))+  , _ltrsResponseStatus :: !Int+  } deriving (Eq, Read, Show, Data, Typeable, Generic)+++-- | Creates a value of 'ListTagsResponse' with the minimum fields required to make a request.+--+-- Use one of the following lenses to modify other fields as desired:+--+-- * 'ltrsNextToken' - When the list is truncated, this value is present and should be used for the __NextToken__ parameter in a subsequent pagination request.+--+-- * 'ltrsTags' - The tags associated with your private CA.+--+-- * 'ltrsResponseStatus' - -- | The response status code.+listTagsResponse+    :: Int -- ^ 'ltrsResponseStatus'+    -> ListTagsResponse+listTagsResponse pResponseStatus_ =+  ListTagsResponse'+    { _ltrsNextToken = Nothing+    , _ltrsTags = Nothing+    , _ltrsResponseStatus = pResponseStatus_+    }+++-- | When the list is truncated, this value is present and should be used for the __NextToken__ parameter in a subsequent pagination request.+ltrsNextToken :: Lens' ListTagsResponse (Maybe Text)+ltrsNextToken = lens _ltrsNextToken (\ s a -> s{_ltrsNextToken = a})++-- | The tags associated with your private CA.+ltrsTags :: Lens' ListTagsResponse (Maybe (NonEmpty Tag))+ltrsTags = lens _ltrsTags (\ s a -> s{_ltrsTags = a}) . mapping _List1++-- | -- | The response status code.+ltrsResponseStatus :: Lens' ListTagsResponse Int+ltrsResponseStatus = lens _ltrsResponseStatus (\ s a -> s{_ltrsResponseStatus = a})++instance NFData ListTagsResponse where
+ gen/Network/AWS/CertificateManagerPCA/RevokeCertificate.hs view
@@ -0,0 +1,135 @@+{-# LANGUAGE DeriveDataTypeable #-}+{-# LANGUAGE DeriveGeneric      #-}+{-# LANGUAGE OverloadedStrings  #-}+{-# LANGUAGE RecordWildCards    #-}+{-# LANGUAGE TypeFamilies       #-}++{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-binds   #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module      : Network.AWS.CertificateManagerPCA.RevokeCertificate+-- Copyright   : (c) 2013-2018 Brendan Hay+-- License     : Mozilla Public License, v. 2.0.+-- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>+-- Stability   : auto-generated+-- Portability : non-portable (GHC extensions)+--+-- Revokes a certificate that you issued by calling the 'IssueCertificate' function. If you enable a certificate revocation list (CRL) when you create or update your private CA, information about the revoked certificates will be included in the CRL. ACM PCA writes the CRL to an S3 bucket that you specify. For more information about revocation, see the 'CrlConfiguration' structure. ACM PCA also writes revocation information to the audit report. For more information, see 'CreateCertificateAuthorityAuditReport' .+--+--+module Network.AWS.CertificateManagerPCA.RevokeCertificate+    (+    -- * Creating a Request+      revokeCertificate+    , RevokeCertificate+    -- * Request Lenses+    , rcCertificateAuthorityARN+    , rcCertificateSerial+    , rcRevocationReason++    -- * Destructuring the Response+    , revokeCertificateResponse+    , RevokeCertificateResponse+    ) where++import Network.AWS.CertificateManagerPCA.Types+import Network.AWS.CertificateManagerPCA.Types.Product+import Network.AWS.Lens+import Network.AWS.Prelude+import Network.AWS.Request+import Network.AWS.Response++-- | /See:/ 'revokeCertificate' smart constructor.+data RevokeCertificate = RevokeCertificate'+  { _rcCertificateAuthorityARN :: !Text+  , _rcCertificateSerial       :: !Text+  , _rcRevocationReason        :: !RevocationReason+  } deriving (Eq, Read, Show, Data, Typeable, Generic)+++-- | Creates a value of 'RevokeCertificate' with the minimum fields required to make a request.+--+-- Use one of the following lenses to modify other fields as desired:+--+-- * 'rcCertificateAuthorityARN' - Amazon Resource Name (ARN) of the private CA that issued the certificate to be revoked. This must be of the form: @arn:aws:acm:/region/ :/account/ :certificate-authority//12345678-1234-1234-1234-123456789012/ @+--+-- * 'rcCertificateSerial' - Serial number of the certificate to be revoked. This must be in hexadecimal format. You can retrieve the serial number by calling 'GetCertificate' with the Amazon Resource Name (ARN) of the certificate you want and the ARN of your private CA. The __GetCertificate__ function retrieves the certificate in the PEM format. You can use the following OpenSSL command to list the certificate in text format and copy the hexadecimal serial number.  @openssl x509 -in /file_path/ -text -noout@  You can also copy the serial number from the console or use the <http://docs.aws.amazon.comacm/latest/APIReferenceAPI_DescribeCertificate.html DescribeCertificate> function in the /AWS Certificate Manager API Reference/ .+--+-- * 'rcRevocationReason' - Specifies why you revoked the certificate.+revokeCertificate+    :: Text -- ^ 'rcCertificateAuthorityARN'+    -> Text -- ^ 'rcCertificateSerial'+    -> RevocationReason -- ^ 'rcRevocationReason'+    -> RevokeCertificate+revokeCertificate pCertificateAuthorityARN_ pCertificateSerial_ pRevocationReason_ =+  RevokeCertificate'+    { _rcCertificateAuthorityARN = pCertificateAuthorityARN_+    , _rcCertificateSerial = pCertificateSerial_+    , _rcRevocationReason = pRevocationReason_+    }+++-- | Amazon Resource Name (ARN) of the private CA that issued the certificate to be revoked. This must be of the form: @arn:aws:acm:/region/ :/account/ :certificate-authority//12345678-1234-1234-1234-123456789012/ @+rcCertificateAuthorityARN :: Lens' RevokeCertificate Text+rcCertificateAuthorityARN = lens _rcCertificateAuthorityARN (\ s a -> s{_rcCertificateAuthorityARN = a})++-- | Serial number of the certificate to be revoked. This must be in hexadecimal format. You can retrieve the serial number by calling 'GetCertificate' with the Amazon Resource Name (ARN) of the certificate you want and the ARN of your private CA. The __GetCertificate__ function retrieves the certificate in the PEM format. You can use the following OpenSSL command to list the certificate in text format and copy the hexadecimal serial number.  @openssl x509 -in /file_path/ -text -noout@  You can also copy the serial number from the console or use the <http://docs.aws.amazon.comacm/latest/APIReferenceAPI_DescribeCertificate.html DescribeCertificate> function in the /AWS Certificate Manager API Reference/ .+rcCertificateSerial :: Lens' RevokeCertificate Text+rcCertificateSerial = lens _rcCertificateSerial (\ s a -> s{_rcCertificateSerial = a})++-- | Specifies why you revoked the certificate.+rcRevocationReason :: Lens' RevokeCertificate RevocationReason+rcRevocationReason = lens _rcRevocationReason (\ s a -> s{_rcRevocationReason = a})++instance AWSRequest RevokeCertificate where+        type Rs RevokeCertificate = RevokeCertificateResponse+        request = postJSON certificateManagerPCA+        response = receiveNull RevokeCertificateResponse'++instance Hashable RevokeCertificate where++instance NFData RevokeCertificate where++instance ToHeaders RevokeCertificate where+        toHeaders+          = const+              (mconcat+                 ["X-Amz-Target" =#+                    ("ACMPrivateCA.RevokeCertificate" :: ByteString),+                  "Content-Type" =#+                    ("application/x-amz-json-1.1" :: ByteString)])++instance ToJSON RevokeCertificate where+        toJSON RevokeCertificate'{..}+          = object+              (catMaybes+                 [Just+                    ("CertificateAuthorityArn" .=+                       _rcCertificateAuthorityARN),+                  Just ("CertificateSerial" .= _rcCertificateSerial),+                  Just ("RevocationReason" .= _rcRevocationReason)])++instance ToPath RevokeCertificate where+        toPath = const "/"++instance ToQuery RevokeCertificate where+        toQuery = const mempty++-- | /See:/ 'revokeCertificateResponse' smart constructor.+data RevokeCertificateResponse =+  RevokeCertificateResponse'+  deriving (Eq, Read, Show, Data, Typeable, Generic)+++-- | Creates a value of 'RevokeCertificateResponse' with the minimum fields required to make a request.+--+revokeCertificateResponse+    :: RevokeCertificateResponse+revokeCertificateResponse = RevokeCertificateResponse'+++instance NFData RevokeCertificateResponse where
+ gen/Network/AWS/CertificateManagerPCA/TagCertificateAuthority.hs view
@@ -0,0 +1,127 @@+{-# LANGUAGE DeriveDataTypeable #-}+{-# LANGUAGE DeriveGeneric      #-}+{-# LANGUAGE OverloadedStrings  #-}+{-# LANGUAGE RecordWildCards    #-}+{-# LANGUAGE TypeFamilies       #-}++{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-binds   #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module      : Network.AWS.CertificateManagerPCA.TagCertificateAuthority+-- Copyright   : (c) 2013-2018 Brendan Hay+-- License     : Mozilla Public License, v. 2.0.+-- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>+-- Stability   : auto-generated+-- Portability : non-portable (GHC extensions)+--+-- Adds one or more tags to your private CA. Tags are labels that you can use to identify and organize your AWS resources. Each tag consists of a key and an optional value. You specify the private CA on input by its Amazon Resource Name (ARN). You specify the tag by using a key-value pair. You can apply a tag to just one private CA if you want to identify a specific characteristic of that CA, or you can apply the same tag to multiple private CAs if you want to filter for a common relationship among those CAs. To remove one or more tags, use the 'UntagCertificateAuthority' function. Call the 'ListTags' function to see what tags are associated with your CA.+--+--+module Network.AWS.CertificateManagerPCA.TagCertificateAuthority+    (+    -- * Creating a Request+      tagCertificateAuthority+    , TagCertificateAuthority+    -- * Request Lenses+    , tcaCertificateAuthorityARN+    , tcaTags++    -- * Destructuring the Response+    , tagCertificateAuthorityResponse+    , TagCertificateAuthorityResponse+    ) where++import Network.AWS.CertificateManagerPCA.Types+import Network.AWS.CertificateManagerPCA.Types.Product+import Network.AWS.Lens+import Network.AWS.Prelude+import Network.AWS.Request+import Network.AWS.Response++-- | /See:/ 'tagCertificateAuthority' smart constructor.+data TagCertificateAuthority = TagCertificateAuthority'+  { _tcaCertificateAuthorityARN :: !Text+  , _tcaTags                    :: !(List1 Tag)+  } deriving (Eq, Read, Show, Data, Typeable, Generic)+++-- | Creates a value of 'TagCertificateAuthority' with the minimum fields required to make a request.+--+-- Use one of the following lenses to modify other fields as desired:+--+-- * 'tcaCertificateAuthorityARN' - The Amazon Resource Name (ARN) that was returned when you called 'CreateCertificateAuthority' . This must be of the form:  @arn:aws:acm:/region/ :/account/ :certificate-authority//12345678-1234-1234-1234-123456789012/ @+--+-- * 'tcaTags' - List of tags to be associated with the CA.+tagCertificateAuthority+    :: Text -- ^ 'tcaCertificateAuthorityARN'+    -> NonEmpty Tag -- ^ 'tcaTags'+    -> TagCertificateAuthority+tagCertificateAuthority pCertificateAuthorityARN_ pTags_ =+  TagCertificateAuthority'+    { _tcaCertificateAuthorityARN = pCertificateAuthorityARN_+    , _tcaTags = _List1 # pTags_+    }+++-- | The Amazon Resource Name (ARN) that was returned when you called 'CreateCertificateAuthority' . This must be of the form:  @arn:aws:acm:/region/ :/account/ :certificate-authority//12345678-1234-1234-1234-123456789012/ @+tcaCertificateAuthorityARN :: Lens' TagCertificateAuthority Text+tcaCertificateAuthorityARN = lens _tcaCertificateAuthorityARN (\ s a -> s{_tcaCertificateAuthorityARN = a})++-- | List of tags to be associated with the CA.+tcaTags :: Lens' TagCertificateAuthority (NonEmpty Tag)+tcaTags = lens _tcaTags (\ s a -> s{_tcaTags = a}) . _List1++instance AWSRequest TagCertificateAuthority where+        type Rs TagCertificateAuthority =+             TagCertificateAuthorityResponse+        request = postJSON certificateManagerPCA+        response+          = receiveNull TagCertificateAuthorityResponse'++instance Hashable TagCertificateAuthority where++instance NFData TagCertificateAuthority where++instance ToHeaders TagCertificateAuthority where+        toHeaders+          = const+              (mconcat+                 ["X-Amz-Target" =#+                    ("ACMPrivateCA.TagCertificateAuthority" ::+                       ByteString),+                  "Content-Type" =#+                    ("application/x-amz-json-1.1" :: ByteString)])++instance ToJSON TagCertificateAuthority where+        toJSON TagCertificateAuthority'{..}+          = object+              (catMaybes+                 [Just+                    ("CertificateAuthorityArn" .=+                       _tcaCertificateAuthorityARN),+                  Just ("Tags" .= _tcaTags)])++instance ToPath TagCertificateAuthority where+        toPath = const "/"++instance ToQuery TagCertificateAuthority where+        toQuery = const mempty++-- | /See:/ 'tagCertificateAuthorityResponse' smart constructor.+data TagCertificateAuthorityResponse =+  TagCertificateAuthorityResponse'+  deriving (Eq, Read, Show, Data, Typeable, Generic)+++-- | Creates a value of 'TagCertificateAuthorityResponse' with the minimum fields required to make a request.+--+tagCertificateAuthorityResponse+    :: TagCertificateAuthorityResponse+tagCertificateAuthorityResponse = TagCertificateAuthorityResponse'+++instance NFData TagCertificateAuthorityResponse where
+ gen/Network/AWS/CertificateManagerPCA/Types.hs view
@@ -0,0 +1,300 @@+{-# LANGUAGE OverloadedStrings #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module      : Network.AWS.CertificateManagerPCA.Types+-- Copyright   : (c) 2013-2018 Brendan Hay+-- License     : Mozilla Public License, v. 2.0.+-- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>+-- Stability   : auto-generated+-- Portability : non-portable (GHC extensions)+--+module Network.AWS.CertificateManagerPCA.Types+    (+    -- * Service Configuration+      certificateManagerPCA++    -- * Errors+    , _InvalidTagException+    , _MalformedCSRException+    , _RequestAlreadyProcessedException+    , _MalformedCertificateException+    , _RequestFailedException+    , _CertificateMismatchException+    , _TooManyTagsException+    , _InvalidArgsException+    , _RequestInProgressException+    , _ConcurrentModificationException+    , _InvalidNextTokenException+    , _InvalidARNException+    , _InvalidPolicyException+    , _ResourceNotFoundException+    , _InvalidStateException+    , _LimitExceededException++    -- * AuditReportResponseFormat+    , AuditReportResponseFormat (..)++    -- * AuditReportStatus+    , AuditReportStatus (..)++    -- * CertificateAuthorityStatus+    , CertificateAuthorityStatus (..)++    -- * CertificateAuthorityType+    , CertificateAuthorityType (..)++    -- * FailureReason+    , FailureReason (..)++    -- * KeyAlgorithm+    , KeyAlgorithm (..)++    -- * RevocationReason+    , RevocationReason (..)++    -- * SigningAlgorithm+    , SigningAlgorithm (..)++    -- * ValidityPeriodType+    , ValidityPeriodType (..)++    -- * ASN1Subject+    , ASN1Subject+    , asn1Subject+    , asGivenName+    , asState+    , asCommonName+    , asOrganizationalUnit+    , asCountry+    , asGenerationQualifier+    , asLocality+    , asPseudonym+    , asInitials+    , asTitle+    , asOrganization+    , asSerialNumber+    , asSurname+    , asDistinguishedNameQualifier++    -- * CertificateAuthority+    , CertificateAuthority+    , certificateAuthority+    , caStatus+    , caFailureReason+    , caCertificateAuthorityConfiguration+    , caARN+    , caCreatedAt+    , caSerial+    , caNotBefore+    , caType+    , caRevocationConfiguration+    , caLastStateChangeAt+    , caNotAfter++    -- * CertificateAuthorityConfiguration+    , CertificateAuthorityConfiguration+    , certificateAuthorityConfiguration+    , cacKeyAlgorithm+    , cacSigningAlgorithm+    , cacSubject++    -- * CrlConfiguration+    , CrlConfiguration+    , crlConfiguration+    , ccCustomCname+    , ccExpirationInDays+    , ccS3BucketName+    , ccEnabled++    -- * RevocationConfiguration+    , RevocationConfiguration+    , revocationConfiguration+    , rcCrlConfiguration++    -- * Tag+    , Tag+    , tag+    , tagValue+    , tagKey++    -- * Validity+    , Validity+    , validity+    , vValue+    , vType+    ) where++import Network.AWS.CertificateManagerPCA.Types.Product+import Network.AWS.CertificateManagerPCA.Types.Sum+import Network.AWS.Lens+import Network.AWS.Prelude+import Network.AWS.Sign.V4++-- | API version @2017-08-22@ of the Amazon Certificate Manager Private Certificate Authority SDK configuration.+certificateManagerPCA :: Service+certificateManagerPCA =+  Service+    { _svcAbbrev = "CertificateManagerPCA"+    , _svcSigner = v4+    , _svcPrefix = "acm-pca"+    , _svcVersion = "2017-08-22"+    , _svcEndpoint = defaultEndpoint certificateManagerPCA+    , _svcTimeout = Just 70+    , _svcCheck = statusSuccess+    , _svcError = parseJSONError "CertificateManagerPCA"+    , _svcRetry = retry+    }+  where+    retry =+      Exponential+        { _retryBase = 5.0e-2+        , _retryGrowth = 2+        , _retryAttempts = 5+        , _retryCheck = check+        }+    check e+      | has (hasCode "ThrottledException" . hasStatus 400) e =+        Just "throttled_exception"+      | has (hasStatus 429) e = Just "too_many_requests"+      | has (hasCode "ThrottlingException" . hasStatus 400) e =+        Just "throttling_exception"+      | has (hasCode "Throttling" . hasStatus 400) e = Just "throttling"+      | has (hasStatus 504) e = Just "gateway_timeout"+      | has (hasCode "RequestThrottledException" . hasStatus 400) e =+        Just "request_throttled_exception"+      | has (hasStatus 502) e = Just "bad_gateway"+      | has (hasStatus 503) e = Just "service_unavailable"+      | has (hasStatus 500) e = Just "general_server_error"+      | has (hasStatus 509) e = Just "limit_exceeded"+      | otherwise = Nothing+++-- | The tag associated with the CA is not valid. The invalid argument is contained in the message field.+--+--+_InvalidTagException :: AsError a => Getting (First ServiceError) a ServiceError+_InvalidTagException =+  _MatchServiceError certificateManagerPCA "InvalidTagException"+++-- | The certificate signing request is invalid.+--+--+_MalformedCSRException :: AsError a => Getting (First ServiceError) a ServiceError+_MalformedCSRException =+  _MatchServiceError certificateManagerPCA "MalformedCSRException"+++-- | Your request has already been completed.+--+--+_RequestAlreadyProcessedException :: AsError a => Getting (First ServiceError) a ServiceError+_RequestAlreadyProcessedException =+  _MatchServiceError certificateManagerPCA "RequestAlreadyProcessedException"+++-- | One or more fields in the certificate are invalid.+--+--+_MalformedCertificateException :: AsError a => Getting (First ServiceError) a ServiceError+_MalformedCertificateException =+  _MatchServiceError certificateManagerPCA "MalformedCertificateException"+++-- | The request has failed for an unspecified reason.+--+--+_RequestFailedException :: AsError a => Getting (First ServiceError) a ServiceError+_RequestFailedException =+  _MatchServiceError certificateManagerPCA "RequestFailedException"+++-- | The certificate authority certificate you are importing does not comply with conditions specified in the certificate that signed it.+--+--+_CertificateMismatchException :: AsError a => Getting (First ServiceError) a ServiceError+_CertificateMismatchException =+  _MatchServiceError certificateManagerPCA "CertificateMismatchException"+++-- | You can associate up to 50 tags with a private CA. Exception information is contained in the exception message field.+--+--+_TooManyTagsException :: AsError a => Getting (First ServiceError) a ServiceError+_TooManyTagsException =+  _MatchServiceError certificateManagerPCA "TooManyTagsException"+++-- | One or more of the specified arguments was not valid.+--+--+_InvalidArgsException :: AsError a => Getting (First ServiceError) a ServiceError+_InvalidArgsException =+  _MatchServiceError certificateManagerPCA "InvalidArgsException"+++-- | Your request is already in progress.+--+--+_RequestInProgressException :: AsError a => Getting (First ServiceError) a ServiceError+_RequestInProgressException =+  _MatchServiceError certificateManagerPCA "RequestInProgressException"+++-- | A previous update to your private CA is still ongoing.+--+--+_ConcurrentModificationException :: AsError a => Getting (First ServiceError) a ServiceError+_ConcurrentModificationException =+  _MatchServiceError certificateManagerPCA "ConcurrentModificationException"+++-- | The token specified in the @NextToken@ argument is not valid. Use the token returned from your previous call to 'ListCertificateAuthorities' .+--+--+_InvalidNextTokenException :: AsError a => Getting (First ServiceError) a ServiceError+_InvalidNextTokenException =+  _MatchServiceError certificateManagerPCA "InvalidNextTokenException"+++-- | The requested Amazon Resource Name (ARN) does not refer to an existing resource.+--+--+_InvalidARNException :: AsError a => Getting (First ServiceError) a ServiceError+_InvalidARNException =+  _MatchServiceError certificateManagerPCA "InvalidArnException"+++-- | The S3 bucket policy is not valid. The policy must give ACM PCA rights to read from and write to the bucket and find the bucket location.+--+--+_InvalidPolicyException :: AsError a => Getting (First ServiceError) a ServiceError+_InvalidPolicyException =+  _MatchServiceError certificateManagerPCA "InvalidPolicyException"+++-- | A resource such as a private CA, S3 bucket, certificate, or audit report cannot be found.+--+--+_ResourceNotFoundException :: AsError a => Getting (First ServiceError) a ServiceError+_ResourceNotFoundException =+  _MatchServiceError certificateManagerPCA "ResourceNotFoundException"+++-- | The private CA is in a state during which a report cannot be generated.+--+--+_InvalidStateException :: AsError a => Getting (First ServiceError) a ServiceError+_InvalidStateException =+  _MatchServiceError certificateManagerPCA "InvalidStateException"+++-- | An ACM PCA limit has been exceeded. See the exception message returned to determine the limit that was exceeded.+--+--+_LimitExceededException :: AsError a => Getting (First ServiceError) a ServiceError+_LimitExceededException =+  _MatchServiceError certificateManagerPCA "LimitExceededException"+
+ gen/Network/AWS/CertificateManagerPCA/Types/Product.hs view
@@ -0,0 +1,647 @@+{-# LANGUAGE DeriveDataTypeable #-}+{-# LANGUAGE DeriveGeneric      #-}+{-# LANGUAGE OverloadedStrings  #-}+{-# LANGUAGE RecordWildCards    #-}++{-# OPTIONS_GHC -fno-warn-unused-imports #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module      : Network.AWS.CertificateManagerPCA.Types.Product+-- Copyright   : (c) 2013-2018 Brendan Hay+-- License     : Mozilla Public License, v. 2.0.+-- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>+-- Stability   : auto-generated+-- Portability : non-portable (GHC extensions)+--+module Network.AWS.CertificateManagerPCA.Types.Product where++import Network.AWS.CertificateManagerPCA.Types.Sum+import Network.AWS.Lens+import Network.AWS.Prelude++-- | Contains information about the certificate subject. The certificate can be one issued by your private certificate authority (CA) or it can be your private CA certificate. The __Subject__ field in the certificate identifies the entity that owns or controls the public key in the certificate. The entity can be a user, computer, device, or service. The __Subject__ must contain an X.500 distinguished name (DN). A DN is a sequence of relative distinguished names (RDNs). The RDNs are separated by commas in the certificate. The DN must be unique for each for each entity, but your private CA can issue more than one certificate with the same DN to the same entity.+--+--+--+-- /See:/ 'asn1Subject' smart constructor.+data ASN1Subject = ASN1Subject'+  { _asGivenName                  :: !(Maybe Text)+  , _asState                      :: !(Maybe Text)+  , _asCommonName                 :: !(Maybe Text)+  , _asOrganizationalUnit         :: !(Maybe Text)+  , _asCountry                    :: !(Maybe Text)+  , _asGenerationQualifier        :: !(Maybe Text)+  , _asLocality                   :: !(Maybe Text)+  , _asPseudonym                  :: !(Maybe Text)+  , _asInitials                   :: !(Maybe Text)+  , _asTitle                      :: !(Maybe Text)+  , _asOrganization               :: !(Maybe Text)+  , _asSerialNumber               :: !(Maybe Text)+  , _asSurname                    :: !(Maybe Text)+  , _asDistinguishedNameQualifier :: !(Maybe Text)+  } deriving (Eq, Read, Show, Data, Typeable, Generic)+++-- | Creates a value of 'ASN1Subject' with the minimum fields required to make a request.+--+-- Use one of the following lenses to modify other fields as desired:+--+-- * 'asGivenName' - First name.+--+-- * 'asState' - State in which the subject of the certificate is located.+--+-- * 'asCommonName' - Fully qualified domain name (FQDN) associated with the certificate subject.+--+-- * 'asOrganizationalUnit' - A subdivision or unit of the organization (such as sales or finance) with which the certificate subject is affiliated.+--+-- * 'asCountry' - Two digit code that specifies the country in which the certificate subject located.+--+-- * 'asGenerationQualifier' - Typically a qualifier appended to the name of an individual. Examples include Jr. for junior, Sr. for senior, and III for third.+--+-- * 'asLocality' - The locality (such as a city or town) in which the certificate subject is located.+--+-- * 'asPseudonym' - Typically a shortened version of a longer __GivenName__ . For example, Jonathan is often shortened to John. Elizabeth is often shortened to Beth, Liz, or Eliza.+--+-- * 'asInitials' - Concatenation that typically contains the first letter of the __GivenName__ , the first letter of the middle name if one exists, and the first letter of the __SurName__ .+--+-- * 'asTitle' - A title such as Mr. or Ms. which is pre-pended to the name to refer formally to the certificate subject.+--+-- * 'asOrganization' - Legal name of the organization with which the certificate subject is affiliated.+--+-- * 'asSerialNumber' - The certificate serial number.+--+-- * 'asSurname' - Family name. In the US and the UK for example, the surname of an individual is ordered last. In Asian cultures the surname is typically ordered first.+--+-- * 'asDistinguishedNameQualifier' - Disambiguating information for the certificate subject.+asn1Subject+    :: ASN1Subject+asn1Subject =+  ASN1Subject'+    { _asGivenName = Nothing+    , _asState = Nothing+    , _asCommonName = Nothing+    , _asOrganizationalUnit = Nothing+    , _asCountry = Nothing+    , _asGenerationQualifier = Nothing+    , _asLocality = Nothing+    , _asPseudonym = Nothing+    , _asInitials = Nothing+    , _asTitle = Nothing+    , _asOrganization = Nothing+    , _asSerialNumber = Nothing+    , _asSurname = Nothing+    , _asDistinguishedNameQualifier = Nothing+    }+++-- | First name.+asGivenName :: Lens' ASN1Subject (Maybe Text)+asGivenName = lens _asGivenName (\ s a -> s{_asGivenName = a})++-- | State in which the subject of the certificate is located.+asState :: Lens' ASN1Subject (Maybe Text)+asState = lens _asState (\ s a -> s{_asState = a})++-- | Fully qualified domain name (FQDN) associated with the certificate subject.+asCommonName :: Lens' ASN1Subject (Maybe Text)+asCommonName = lens _asCommonName (\ s a -> s{_asCommonName = a})++-- | A subdivision or unit of the organization (such as sales or finance) with which the certificate subject is affiliated.+asOrganizationalUnit :: Lens' ASN1Subject (Maybe Text)+asOrganizationalUnit = lens _asOrganizationalUnit (\ s a -> s{_asOrganizationalUnit = a})++-- | Two digit code that specifies the country in which the certificate subject located.+asCountry :: Lens' ASN1Subject (Maybe Text)+asCountry = lens _asCountry (\ s a -> s{_asCountry = a})++-- | Typically a qualifier appended to the name of an individual. Examples include Jr. for junior, Sr. for senior, and III for third.+asGenerationQualifier :: Lens' ASN1Subject (Maybe Text)+asGenerationQualifier = lens _asGenerationQualifier (\ s a -> s{_asGenerationQualifier = a})++-- | The locality (such as a city or town) in which the certificate subject is located.+asLocality :: Lens' ASN1Subject (Maybe Text)+asLocality = lens _asLocality (\ s a -> s{_asLocality = a})++-- | Typically a shortened version of a longer __GivenName__ . For example, Jonathan is often shortened to John. Elizabeth is often shortened to Beth, Liz, or Eliza.+asPseudonym :: Lens' ASN1Subject (Maybe Text)+asPseudonym = lens _asPseudonym (\ s a -> s{_asPseudonym = a})++-- | Concatenation that typically contains the first letter of the __GivenName__ , the first letter of the middle name if one exists, and the first letter of the __SurName__ .+asInitials :: Lens' ASN1Subject (Maybe Text)+asInitials = lens _asInitials (\ s a -> s{_asInitials = a})++-- | A title such as Mr. or Ms. which is pre-pended to the name to refer formally to the certificate subject.+asTitle :: Lens' ASN1Subject (Maybe Text)+asTitle = lens _asTitle (\ s a -> s{_asTitle = a})++-- | Legal name of the organization with which the certificate subject is affiliated.+asOrganization :: Lens' ASN1Subject (Maybe Text)+asOrganization = lens _asOrganization (\ s a -> s{_asOrganization = a})++-- | The certificate serial number.+asSerialNumber :: Lens' ASN1Subject (Maybe Text)+asSerialNumber = lens _asSerialNumber (\ s a -> s{_asSerialNumber = a})++-- | Family name. In the US and the UK for example, the surname of an individual is ordered last. In Asian cultures the surname is typically ordered first.+asSurname :: Lens' ASN1Subject (Maybe Text)+asSurname = lens _asSurname (\ s a -> s{_asSurname = a})++-- | Disambiguating information for the certificate subject.+asDistinguishedNameQualifier :: Lens' ASN1Subject (Maybe Text)+asDistinguishedNameQualifier = lens _asDistinguishedNameQualifier (\ s a -> s{_asDistinguishedNameQualifier = a})++instance FromJSON ASN1Subject where+        parseJSON+          = withObject "ASN1Subject"+              (\ x ->+                 ASN1Subject' <$>+                   (x .:? "GivenName") <*> (x .:? "State") <*>+                     (x .:? "CommonName")+                     <*> (x .:? "OrganizationalUnit")+                     <*> (x .:? "Country")+                     <*> (x .:? "GenerationQualifier")+                     <*> (x .:? "Locality")+                     <*> (x .:? "Pseudonym")+                     <*> (x .:? "Initials")+                     <*> (x .:? "Title")+                     <*> (x .:? "Organization")+                     <*> (x .:? "SerialNumber")+                     <*> (x .:? "Surname")+                     <*> (x .:? "DistinguishedNameQualifier"))++instance Hashable ASN1Subject where++instance NFData ASN1Subject where++instance ToJSON ASN1Subject where+        toJSON ASN1Subject'{..}+          = object+              (catMaybes+                 [("GivenName" .=) <$> _asGivenName,+                  ("State" .=) <$> _asState,+                  ("CommonName" .=) <$> _asCommonName,+                  ("OrganizationalUnit" .=) <$> _asOrganizationalUnit,+                  ("Country" .=) <$> _asCountry,+                  ("GenerationQualifier" .=) <$>+                    _asGenerationQualifier,+                  ("Locality" .=) <$> _asLocality,+                  ("Pseudonym" .=) <$> _asPseudonym,+                  ("Initials" .=) <$> _asInitials,+                  ("Title" .=) <$> _asTitle,+                  ("Organization" .=) <$> _asOrganization,+                  ("SerialNumber" .=) <$> _asSerialNumber,+                  ("Surname" .=) <$> _asSurname,+                  ("DistinguishedNameQualifier" .=) <$>+                    _asDistinguishedNameQualifier])++-- | Contains information about your private certificate authority (CA). Your private CA can issue and revoke X.509 digital certificates. Digital certificates verify that the entity named in the certificate __Subject__ field owns or controls the public key contained in the __Subject Public Key Info__ field. Call the 'CreateCertificateAuthority' function to create your private CA. You must then call the 'GetCertificateAuthorityCertificate' function to retrieve a private CA certificate signing request (CSR). Take the CSR to your on-premises CA and sign it with the root CA certificate or a subordinate certificate. Call the 'ImportCertificateAuthorityCertificate' function to import the signed certificate into AWS Certificate Manager (ACM).+--+--+--+-- /See:/ 'certificateAuthority' smart constructor.+data CertificateAuthority = CertificateAuthority'+  { _caStatus :: !(Maybe CertificateAuthorityStatus)+  , _caFailureReason :: !(Maybe FailureReason)+  , _caCertificateAuthorityConfiguration :: !(Maybe CertificateAuthorityConfiguration)+  , _caARN :: !(Maybe Text)+  , _caCreatedAt :: !(Maybe POSIX)+  , _caSerial :: !(Maybe Text)+  , _caNotBefore :: !(Maybe POSIX)+  , _caType :: !(Maybe CertificateAuthorityType)+  , _caRevocationConfiguration :: !(Maybe RevocationConfiguration)+  , _caLastStateChangeAt :: !(Maybe POSIX)+  , _caNotAfter :: !(Maybe POSIX)+  } deriving (Eq, Read, Show, Data, Typeable, Generic)+++-- | Creates a value of 'CertificateAuthority' with the minimum fields required to make a request.+--+-- Use one of the following lenses to modify other fields as desired:+--+-- * 'caStatus' - Status of your private CA.+--+-- * 'caFailureReason' - Reason the request to create your private CA failed.+--+-- * 'caCertificateAuthorityConfiguration' - Your private CA configuration.+--+-- * 'caARN' - Amazon Resource Name (ARN) for your private certificate authority (CA). The format is @/12345678-1234-1234-1234-123456789012/ @ .+--+-- * 'caCreatedAt' - Date and time at which your private CA was created.+--+-- * 'caSerial' - Serial number of your private CA.+--+-- * 'caNotBefore' - Date and time before which your private CA certificate is not valid.+--+-- * 'caType' - Type of your private CA.+--+-- * 'caRevocationConfiguration' - Information about the certificate revocation list (CRL) created and maintained by your private CA.+--+-- * 'caLastStateChangeAt' - Date and time at which your private CA was last updated.+--+-- * 'caNotAfter' - Date and time after which your private CA certificate is not valid.+certificateAuthority+    :: CertificateAuthority+certificateAuthority =+  CertificateAuthority'+    { _caStatus = Nothing+    , _caFailureReason = Nothing+    , _caCertificateAuthorityConfiguration = Nothing+    , _caARN = Nothing+    , _caCreatedAt = Nothing+    , _caSerial = Nothing+    , _caNotBefore = Nothing+    , _caType = Nothing+    , _caRevocationConfiguration = Nothing+    , _caLastStateChangeAt = Nothing+    , _caNotAfter = Nothing+    }+++-- | Status of your private CA.+caStatus :: Lens' CertificateAuthority (Maybe CertificateAuthorityStatus)+caStatus = lens _caStatus (\ s a -> s{_caStatus = a})++-- | Reason the request to create your private CA failed.+caFailureReason :: Lens' CertificateAuthority (Maybe FailureReason)+caFailureReason = lens _caFailureReason (\ s a -> s{_caFailureReason = a})++-- | Your private CA configuration.+caCertificateAuthorityConfiguration :: Lens' CertificateAuthority (Maybe CertificateAuthorityConfiguration)+caCertificateAuthorityConfiguration = lens _caCertificateAuthorityConfiguration (\ s a -> s{_caCertificateAuthorityConfiguration = a})++-- | Amazon Resource Name (ARN) for your private certificate authority (CA). The format is @/12345678-1234-1234-1234-123456789012/ @ .+caARN :: Lens' CertificateAuthority (Maybe Text)+caARN = lens _caARN (\ s a -> s{_caARN = a})++-- | Date and time at which your private CA was created.+caCreatedAt :: Lens' CertificateAuthority (Maybe UTCTime)+caCreatedAt = lens _caCreatedAt (\ s a -> s{_caCreatedAt = a}) . mapping _Time++-- | Serial number of your private CA.+caSerial :: Lens' CertificateAuthority (Maybe Text)+caSerial = lens _caSerial (\ s a -> s{_caSerial = a})++-- | Date and time before which your private CA certificate is not valid.+caNotBefore :: Lens' CertificateAuthority (Maybe UTCTime)+caNotBefore = lens _caNotBefore (\ s a -> s{_caNotBefore = a}) . mapping _Time++-- | Type of your private CA.+caType :: Lens' CertificateAuthority (Maybe CertificateAuthorityType)+caType = lens _caType (\ s a -> s{_caType = a})++-- | Information about the certificate revocation list (CRL) created and maintained by your private CA.+caRevocationConfiguration :: Lens' CertificateAuthority (Maybe RevocationConfiguration)+caRevocationConfiguration = lens _caRevocationConfiguration (\ s a -> s{_caRevocationConfiguration = a})++-- | Date and time at which your private CA was last updated.+caLastStateChangeAt :: Lens' CertificateAuthority (Maybe UTCTime)+caLastStateChangeAt = lens _caLastStateChangeAt (\ s a -> s{_caLastStateChangeAt = a}) . mapping _Time++-- | Date and time after which your private CA certificate is not valid.+caNotAfter :: Lens' CertificateAuthority (Maybe UTCTime)+caNotAfter = lens _caNotAfter (\ s a -> s{_caNotAfter = a}) . mapping _Time++instance FromJSON CertificateAuthority where+        parseJSON+          = withObject "CertificateAuthority"+              (\ x ->+                 CertificateAuthority' <$>+                   (x .:? "Status") <*> (x .:? "FailureReason") <*>+                     (x .:? "CertificateAuthorityConfiguration")+                     <*> (x .:? "Arn")+                     <*> (x .:? "CreatedAt")+                     <*> (x .:? "Serial")+                     <*> (x .:? "NotBefore")+                     <*> (x .:? "Type")+                     <*> (x .:? "RevocationConfiguration")+                     <*> (x .:? "LastStateChangeAt")+                     <*> (x .:? "NotAfter"))++instance Hashable CertificateAuthority where++instance NFData CertificateAuthority where++-- | Contains configuration information for your private certificate authority (CA). This includes information about the class of public key algorithm and the key pair that your private CA creates when it issues a certificate, the signature algorithm it uses used when issuing certificates, and its X.500 distinguished name. You must specify this information when you call the 'CreateCertificateAuthority' function.+--+--+--+-- /See:/ 'certificateAuthorityConfiguration' smart constructor.+data CertificateAuthorityConfiguration = CertificateAuthorityConfiguration'+  { _cacKeyAlgorithm     :: !KeyAlgorithm+  , _cacSigningAlgorithm :: !SigningAlgorithm+  , _cacSubject          :: !ASN1Subject+  } deriving (Eq, Read, Show, Data, Typeable, Generic)+++-- | Creates a value of 'CertificateAuthorityConfiguration' with the minimum fields required to make a request.+--+-- Use one of the following lenses to modify other fields as desired:+--+-- * 'cacKeyAlgorithm' - Type of the public key algorithm and size, in bits, of the key pair that your key pair creates when it issues a certificate.+--+-- * 'cacSigningAlgorithm' - Name of the algorithm your private CA uses to sign certificate requests.+--+-- * 'cacSubject' - Structure that contains X.500 distinguished name information for your private CA.+certificateAuthorityConfiguration+    :: KeyAlgorithm -- ^ 'cacKeyAlgorithm'+    -> SigningAlgorithm -- ^ 'cacSigningAlgorithm'+    -> ASN1Subject -- ^ 'cacSubject'+    -> CertificateAuthorityConfiguration+certificateAuthorityConfiguration pKeyAlgorithm_ pSigningAlgorithm_ pSubject_ =+  CertificateAuthorityConfiguration'+    { _cacKeyAlgorithm = pKeyAlgorithm_+    , _cacSigningAlgorithm = pSigningAlgorithm_+    , _cacSubject = pSubject_+    }+++-- | Type of the public key algorithm and size, in bits, of the key pair that your key pair creates when it issues a certificate.+cacKeyAlgorithm :: Lens' CertificateAuthorityConfiguration KeyAlgorithm+cacKeyAlgorithm = lens _cacKeyAlgorithm (\ s a -> s{_cacKeyAlgorithm = a})++-- | Name of the algorithm your private CA uses to sign certificate requests.+cacSigningAlgorithm :: Lens' CertificateAuthorityConfiguration SigningAlgorithm+cacSigningAlgorithm = lens _cacSigningAlgorithm (\ s a -> s{_cacSigningAlgorithm = a})++-- | Structure that contains X.500 distinguished name information for your private CA.+cacSubject :: Lens' CertificateAuthorityConfiguration ASN1Subject+cacSubject = lens _cacSubject (\ s a -> s{_cacSubject = a})++instance FromJSON CertificateAuthorityConfiguration+         where+        parseJSON+          = withObject "CertificateAuthorityConfiguration"+              (\ x ->+                 CertificateAuthorityConfiguration' <$>+                   (x .: "KeyAlgorithm") <*> (x .: "SigningAlgorithm")+                     <*> (x .: "Subject"))++instance Hashable CertificateAuthorityConfiguration+         where++instance NFData CertificateAuthorityConfiguration+         where++instance ToJSON CertificateAuthorityConfiguration+         where+        toJSON CertificateAuthorityConfiguration'{..}+          = object+              (catMaybes+                 [Just ("KeyAlgorithm" .= _cacKeyAlgorithm),+                  Just ("SigningAlgorithm" .= _cacSigningAlgorithm),+                  Just ("Subject" .= _cacSubject)])++-- | Contains configuration information for a certificate revocation list (CRL). Your private certificate authority (CA) creates base CRLs. Delta CRLs are not supported. You can enable CRLs for your new or an existing private CA by setting the __Enabled__ parameter to @true@ . Your private CA writes CRLs to an S3 bucket that you specify in the __S3BucketName__ parameter. You can hide the name of your bucket by specifying a value for the __CustomCname__ parameter. Your private CA copies the CNAME or the S3 bucket name to the __CRL Distribution Points__ extension of each certificate it issues. Your S3 bucket policy must give write permission to ACM PCA.+--+--+-- Your private CA uses the value in the __ExpirationInDays__ parameter to calculate the __nextUpdate__ field in the CRL. The CRL is refreshed at 1/2 the age of next update or when a certificate is revoked. When a certificate is revoked, it is recorded in the next CRL that is generated and in the next audit report. Only time valid certificates are listed in the CRL. Expired certificates are not included.+--+-- CRLs contain the following fields:+--+--     * __Version__ : The current version number defined in RFC 5280 is V2. The integer value is 0x1.+--+--     * __Signature Algorithm__ : The name of the algorithm used to sign the CRL.+--+--     * __Issuer__ : The X.500 distinguished name of your private CA that issued the CRL.+--+--     * __Last Update__ : The issue date and time of this CRL.+--+--     * __Next Update__ : The day and time by which the next CRL will be issued.+--+--     * __Revoked Certificates__ : List of revoked certificates. Each list item contains the following information.+--+--     * __Serial Number__ : The serial number, in hexadecimal format, of the revoked certificate.+--+--     * __Revocation Date__ : Date and time the certificate was revoked.+--+--     * __CRL Entry Extensions__ : Optional extensions for the CRL entry.+--+--     * __X509v3 CRL Reason Code__ : Reason the certificate was revoked.+--+--+--+--+--+--     * __CRL Extensions__ : Optional extensions for the CRL.+--+--     * __X509v3 Authority Key Identifier__ : Identifies the public key associated with the private key used to sign the certificate.+--+--     * __X509v3 CRL Number:__ : Decimal sequence number for the CRL.+--+--+--+--     * __Signature Algorithm__ : Algorithm used by your private CA to sign the CRL.+--+--     * __Signature Value__ : Signature computed over the CRL.+--+--+--+-- Certificate revocation lists created by ACM PCA are DER-encoded. You can use the following OpenSSL command to list a CRL.+--+-- @openssl crl -inform DER -text -in /crl_path/ -noout@+--+--+-- /See:/ 'crlConfiguration' smart constructor.+data CrlConfiguration = CrlConfiguration'+  { _ccCustomCname      :: !(Maybe Text)+  , _ccExpirationInDays :: !(Maybe Nat)+  , _ccS3BucketName     :: !(Maybe Text)+  , _ccEnabled          :: !Bool+  } deriving (Eq, Read, Show, Data, Typeable, Generic)+++-- | Creates a value of 'CrlConfiguration' with the minimum fields required to make a request.+--+-- Use one of the following lenses to modify other fields as desired:+--+-- * 'ccCustomCname' - Name inserted into the certificate __CRL Distribution Points__ extension that enables the use of an alias for the CRL distribution point. Use this value if you don't want the name of your S3 bucket to be public.+--+-- * 'ccExpirationInDays' - Number of days until a certificate expires.+--+-- * 'ccS3BucketName' - Name of the S3 bucket that contains the CRL. If you do not provide a value for the __CustomCname__ argument, the name of your S3 bucket is placed into the __CRL Distribution Points__ extension of the issued certificate. You can change the name of your bucket by calling the 'UpdateCertificateAuthority' function. You must specify a bucket policy that allows ACM PCA to write the CRL to your bucket.+--+-- * 'ccEnabled' - Boolean value that specifies whether certificate revocation lists (CRLs) are enabled. You can use this value to enable certificate revocation for a new CA when you call the 'CreateCertificateAuthority' function or for an existing CA when you call the 'UpdateCertificateAuthority' function.+crlConfiguration+    :: Bool -- ^ 'ccEnabled'+    -> CrlConfiguration+crlConfiguration pEnabled_ =+  CrlConfiguration'+    { _ccCustomCname = Nothing+    , _ccExpirationInDays = Nothing+    , _ccS3BucketName = Nothing+    , _ccEnabled = pEnabled_+    }+++-- | Name inserted into the certificate __CRL Distribution Points__ extension that enables the use of an alias for the CRL distribution point. Use this value if you don't want the name of your S3 bucket to be public.+ccCustomCname :: Lens' CrlConfiguration (Maybe Text)+ccCustomCname = lens _ccCustomCname (\ s a -> s{_ccCustomCname = a})++-- | Number of days until a certificate expires.+ccExpirationInDays :: Lens' CrlConfiguration (Maybe Natural)+ccExpirationInDays = lens _ccExpirationInDays (\ s a -> s{_ccExpirationInDays = a}) . mapping _Nat++-- | Name of the S3 bucket that contains the CRL. If you do not provide a value for the __CustomCname__ argument, the name of your S3 bucket is placed into the __CRL Distribution Points__ extension of the issued certificate. You can change the name of your bucket by calling the 'UpdateCertificateAuthority' function. You must specify a bucket policy that allows ACM PCA to write the CRL to your bucket.+ccS3BucketName :: Lens' CrlConfiguration (Maybe Text)+ccS3BucketName = lens _ccS3BucketName (\ s a -> s{_ccS3BucketName = a})++-- | Boolean value that specifies whether certificate revocation lists (CRLs) are enabled. You can use this value to enable certificate revocation for a new CA when you call the 'CreateCertificateAuthority' function or for an existing CA when you call the 'UpdateCertificateAuthority' function.+ccEnabled :: Lens' CrlConfiguration Bool+ccEnabled = lens _ccEnabled (\ s a -> s{_ccEnabled = a})++instance FromJSON CrlConfiguration where+        parseJSON+          = withObject "CrlConfiguration"+              (\ x ->+                 CrlConfiguration' <$>+                   (x .:? "CustomCname") <*> (x .:? "ExpirationInDays")+                     <*> (x .:? "S3BucketName")+                     <*> (x .: "Enabled"))++instance Hashable CrlConfiguration where++instance NFData CrlConfiguration where++instance ToJSON CrlConfiguration where+        toJSON CrlConfiguration'{..}+          = object+              (catMaybes+                 [("CustomCname" .=) <$> _ccCustomCname,+                  ("ExpirationInDays" .=) <$> _ccExpirationInDays,+                  ("S3BucketName" .=) <$> _ccS3BucketName,+                  Just ("Enabled" .= _ccEnabled)])++-- | Certificate revocation information used by the 'CreateCertificateAuthority' and 'UpdateCertificateAuthority' functions. Your private certificate authority (CA) can create and maintain a certificate revocation list (CRL). A CRL contains information about certificates revoked by your CA. For more information, see 'RevokeCertificate' .+--+--+--+-- /See:/ 'revocationConfiguration' smart constructor.+newtype RevocationConfiguration = RevocationConfiguration'+  { _rcCrlConfiguration :: Maybe CrlConfiguration+  } deriving (Eq, Read, Show, Data, Typeable, Generic)+++-- | Creates a value of 'RevocationConfiguration' with the minimum fields required to make a request.+--+-- Use one of the following lenses to modify other fields as desired:+--+-- * 'rcCrlConfiguration' - Configuration of the certificate revocation list (CRL), if any, maintained by your private CA.+revocationConfiguration+    :: RevocationConfiguration+revocationConfiguration =+  RevocationConfiguration' {_rcCrlConfiguration = Nothing}+++-- | Configuration of the certificate revocation list (CRL), if any, maintained by your private CA.+rcCrlConfiguration :: Lens' RevocationConfiguration (Maybe CrlConfiguration)+rcCrlConfiguration = lens _rcCrlConfiguration (\ s a -> s{_rcCrlConfiguration = a})++instance FromJSON RevocationConfiguration where+        parseJSON+          = withObject "RevocationConfiguration"+              (\ x ->+                 RevocationConfiguration' <$>+                   (x .:? "CrlConfiguration"))++instance Hashable RevocationConfiguration where++instance NFData RevocationConfiguration where++instance ToJSON RevocationConfiguration where+        toJSON RevocationConfiguration'{..}+          = object+              (catMaybes+                 [("CrlConfiguration" .=) <$> _rcCrlConfiguration])++-- | Tags are labels that you can use to identify and organize your private CAs. Each tag consists of a key and an optional value. You can associate up to 50 tags with a private CA. To add one or more tags to a private CA, call the 'TagCertificateAuthority' function. To remove a tag, call the 'UntagCertificateAuthority' function.+--+--+--+-- /See:/ 'tag' smart constructor.+data Tag = Tag'+  { _tagValue :: !(Maybe Text)+  , _tagKey   :: !Text+  } deriving (Eq, Read, Show, Data, Typeable, Generic)+++-- | Creates a value of 'Tag' with the minimum fields required to make a request.+--+-- Use one of the following lenses to modify other fields as desired:+--+-- * 'tagValue' - Value of the tag.+--+-- * 'tagKey' - Key (name) of the tag.+tag+    :: Text -- ^ 'tagKey'+    -> Tag+tag pKey_ = Tag' {_tagValue = Nothing, _tagKey = pKey_}+++-- | Value of the tag.+tagValue :: Lens' Tag (Maybe Text)+tagValue = lens _tagValue (\ s a -> s{_tagValue = a})++-- | Key (name) of the tag.+tagKey :: Lens' Tag Text+tagKey = lens _tagKey (\ s a -> s{_tagKey = a})++instance FromJSON Tag where+        parseJSON+          = withObject "Tag"+              (\ x -> Tag' <$> (x .:? "Value") <*> (x .: "Key"))++instance Hashable Tag where++instance NFData Tag where++instance ToJSON Tag where+        toJSON Tag'{..}+          = object+              (catMaybes+                 [("Value" .=) <$> _tagValue,+                  Just ("Key" .= _tagKey)])++-- | Length of time for which the certificate issued by your private certificate authority (CA), or by the private CA itself, is valid in days, months, or years. You can issue a certificate by calling the 'IssueCertificate' function.+--+--+--+-- /See:/ 'validity' smart constructor.+data Validity = Validity'+  { _vValue :: !Nat+  , _vType  :: !ValidityPeriodType+  } deriving (Eq, Read, Show, Data, Typeable, Generic)+++-- | Creates a value of 'Validity' with the minimum fields required to make a request.+--+-- Use one of the following lenses to modify other fields as desired:+--+-- * 'vValue' - Time period.+--+-- * 'vType' - Specifies whether the @Value@ parameter represents days, months, or years.+validity+    :: Natural -- ^ 'vValue'+    -> ValidityPeriodType -- ^ 'vType'+    -> Validity+validity pValue_ pType_ = Validity' {_vValue = _Nat # pValue_, _vType = pType_}+++-- | Time period.+vValue :: Lens' Validity Natural+vValue = lens _vValue (\ s a -> s{_vValue = a}) . _Nat++-- | Specifies whether the @Value@ parameter represents days, months, or years.+vType :: Lens' Validity ValidityPeriodType+vType = lens _vType (\ s a -> s{_vType = a})++instance Hashable Validity where++instance NFData Validity where++instance ToJSON Validity where+        toJSON Validity'{..}+          = object+              (catMaybes+                 [Just ("Value" .= _vValue), Just ("Type" .= _vType)])
+ gen/Network/AWS/CertificateManagerPCA/Types/Sum.hs view
@@ -0,0 +1,335 @@+{-# LANGUAGE DeriveDataTypeable #-}+{-# LANGUAGE DeriveGeneric      #-}+{-# LANGUAGE LambdaCase         #-}+{-# LANGUAGE OverloadedStrings  #-}++{-# OPTIONS_GHC -fno-warn-unused-imports #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module      : Network.AWS.CertificateManagerPCA.Types.Sum+-- Copyright   : (c) 2013-2018 Brendan Hay+-- License     : Mozilla Public License, v. 2.0.+-- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>+-- Stability   : auto-generated+-- Portability : non-portable (GHC extensions)+--+module Network.AWS.CertificateManagerPCA.Types.Sum where++import Network.AWS.Prelude++data AuditReportResponseFormat+  = CSV+  | JSON+  deriving (Eq, Ord, Read, Show, Enum, Bounded, Data, Typeable, Generic)+++instance FromText AuditReportResponseFormat where+    parser = takeLowerText >>= \case+        "csv" -> pure CSV+        "json" -> pure JSON+        e -> fromTextError $ "Failure parsing AuditReportResponseFormat from value: '" <> e+           <> "'. Accepted values: csv, json"++instance ToText AuditReportResponseFormat where+    toText = \case+        CSV -> "CSV"+        JSON -> "JSON"++instance Hashable     AuditReportResponseFormat+instance NFData       AuditReportResponseFormat+instance ToByteString AuditReportResponseFormat+instance ToQuery      AuditReportResponseFormat+instance ToHeader     AuditReportResponseFormat++instance ToJSON AuditReportResponseFormat where+    toJSON = toJSONText++data AuditReportStatus+  = ARSCreating+  | ARSFailed+  | ARSSuccess+  deriving (Eq, Ord, Read, Show, Enum, Bounded, Data, Typeable, Generic)+++instance FromText AuditReportStatus where+    parser = takeLowerText >>= \case+        "creating" -> pure ARSCreating+        "failed" -> pure ARSFailed+        "success" -> pure ARSSuccess+        e -> fromTextError $ "Failure parsing AuditReportStatus from value: '" <> e+           <> "'. Accepted values: creating, failed, success"++instance ToText AuditReportStatus where+    toText = \case+        ARSCreating -> "CREATING"+        ARSFailed -> "FAILED"+        ARSSuccess -> "SUCCESS"++instance Hashable     AuditReportStatus+instance NFData       AuditReportStatus+instance ToByteString AuditReportStatus+instance ToQuery      AuditReportStatus+instance ToHeader     AuditReportStatus++instance FromJSON AuditReportStatus where+    parseJSON = parseJSONText "AuditReportStatus"++data CertificateAuthorityStatus+  = Active+  | Creating+  | Disabled+  | Expired+  | Failed+  | PendingCertificate+  deriving (Eq, Ord, Read, Show, Enum, Bounded, Data, Typeable, Generic)+++instance FromText CertificateAuthorityStatus where+    parser = takeLowerText >>= \case+        "active" -> pure Active+        "creating" -> pure Creating+        "disabled" -> pure Disabled+        "expired" -> pure Expired+        "failed" -> pure Failed+        "pending_certificate" -> pure PendingCertificate+        e -> fromTextError $ "Failure parsing CertificateAuthorityStatus from value: '" <> e+           <> "'. Accepted values: active, creating, disabled, expired, failed, pending_certificate"++instance ToText CertificateAuthorityStatus where+    toText = \case+        Active -> "ACTIVE"+        Creating -> "CREATING"+        Disabled -> "DISABLED"+        Expired -> "EXPIRED"+        Failed -> "FAILED"+        PendingCertificate -> "PENDING_CERTIFICATE"++instance Hashable     CertificateAuthorityStatus+instance NFData       CertificateAuthorityStatus+instance ToByteString CertificateAuthorityStatus+instance ToQuery      CertificateAuthorityStatus+instance ToHeader     CertificateAuthorityStatus++instance ToJSON CertificateAuthorityStatus where+    toJSON = toJSONText++instance FromJSON CertificateAuthorityStatus where+    parseJSON = parseJSONText "CertificateAuthorityStatus"++data CertificateAuthorityType =+  Subordinate+  deriving (Eq, Ord, Read, Show, Enum, Bounded, Data, Typeable, Generic)+++instance FromText CertificateAuthorityType where+    parser = takeLowerText >>= \case+        "subordinate" -> pure Subordinate+        e -> fromTextError $ "Failure parsing CertificateAuthorityType from value: '" <> e+           <> "'. Accepted values: subordinate"++instance ToText CertificateAuthorityType where+    toText = \case+        Subordinate -> "SUBORDINATE"++instance Hashable     CertificateAuthorityType+instance NFData       CertificateAuthorityType+instance ToByteString CertificateAuthorityType+instance ToQuery      CertificateAuthorityType+instance ToHeader     CertificateAuthorityType++instance ToJSON CertificateAuthorityType where+    toJSON = toJSONText++instance FromJSON CertificateAuthorityType where+    parseJSON = parseJSONText "CertificateAuthorityType"++data FailureReason+  = Other+  | RequestTimedOut+  | UnsupportedAlgorithm+  deriving (Eq, Ord, Read, Show, Enum, Bounded, Data, Typeable, Generic)+++instance FromText FailureReason where+    parser = takeLowerText >>= \case+        "other" -> pure Other+        "request_timed_out" -> pure RequestTimedOut+        "unsupported_algorithm" -> pure UnsupportedAlgorithm+        e -> fromTextError $ "Failure parsing FailureReason from value: '" <> e+           <> "'. Accepted values: other, request_timed_out, unsupported_algorithm"++instance ToText FailureReason where+    toText = \case+        Other -> "OTHER"+        RequestTimedOut -> "REQUEST_TIMED_OUT"+        UnsupportedAlgorithm -> "UNSUPPORTED_ALGORITHM"++instance Hashable     FailureReason+instance NFData       FailureReason+instance ToByteString FailureReason+instance ToQuery      FailureReason+instance ToHeader     FailureReason++instance FromJSON FailureReason where+    parseJSON = parseJSONText "FailureReason"++data KeyAlgorithm+  = EcPRIME256V1+  | EcSECP384R1+  | Rsa2048+  | Rsa4096+  deriving (Eq, Ord, Read, Show, Enum, Bounded, Data, Typeable, Generic)+++instance FromText KeyAlgorithm where+    parser = takeLowerText >>= \case+        "ec_prime256v1" -> pure EcPRIME256V1+        "ec_secp384r1" -> pure EcSECP384R1+        "rsa_2048" -> pure Rsa2048+        "rsa_4096" -> pure Rsa4096+        e -> fromTextError $ "Failure parsing KeyAlgorithm from value: '" <> e+           <> "'. Accepted values: ec_prime256v1, ec_secp384r1, rsa_2048, rsa_4096"++instance ToText KeyAlgorithm where+    toText = \case+        EcPRIME256V1 -> "EC_prime256v1"+        EcSECP384R1 -> "EC_secp384r1"+        Rsa2048 -> "RSA_2048"+        Rsa4096 -> "RSA_4096"++instance Hashable     KeyAlgorithm+instance NFData       KeyAlgorithm+instance ToByteString KeyAlgorithm+instance ToQuery      KeyAlgorithm+instance ToHeader     KeyAlgorithm++instance ToJSON KeyAlgorithm where+    toJSON = toJSONText++instance FromJSON KeyAlgorithm where+    parseJSON = parseJSONText "KeyAlgorithm"++data RevocationReason+  = AACompromise+  | AffiliationChanged+  | CertificateAuthorityCompromise+  | CessationOfOperation+  | KeyCompromise+  | PrivilegeWithdrawn+  | Superseded+  | Unspecified+  deriving (Eq, Ord, Read, Show, Enum, Bounded, Data, Typeable, Generic)+++instance FromText RevocationReason where+    parser = takeLowerText >>= \case+        "a_a_compromise" -> pure AACompromise+        "affiliation_changed" -> pure AffiliationChanged+        "certificate_authority_compromise" -> pure CertificateAuthorityCompromise+        "cessation_of_operation" -> pure CessationOfOperation+        "key_compromise" -> pure KeyCompromise+        "privilege_withdrawn" -> pure PrivilegeWithdrawn+        "superseded" -> pure Superseded+        "unspecified" -> pure Unspecified+        e -> fromTextError $ "Failure parsing RevocationReason from value: '" <> e+           <> "'. Accepted values: a_a_compromise, affiliation_changed, certificate_authority_compromise, cessation_of_operation, key_compromise, privilege_withdrawn, superseded, unspecified"++instance ToText RevocationReason where+    toText = \case+        AACompromise -> "A_A_COMPROMISE"+        AffiliationChanged -> "AFFILIATION_CHANGED"+        CertificateAuthorityCompromise -> "CERTIFICATE_AUTHORITY_COMPROMISE"+        CessationOfOperation -> "CESSATION_OF_OPERATION"+        KeyCompromise -> "KEY_COMPROMISE"+        PrivilegeWithdrawn -> "PRIVILEGE_WITHDRAWN"+        Superseded -> "SUPERSEDED"+        Unspecified -> "UNSPECIFIED"++instance Hashable     RevocationReason+instance NFData       RevocationReason+instance ToByteString RevocationReason+instance ToQuery      RevocationReason+instance ToHeader     RevocationReason++instance ToJSON RevocationReason where+    toJSON = toJSONText++data SigningAlgorithm+  = SHA256WITHECDSA+  | SHA256WITHRSA+  | SHA384WITHECDSA+  | SHA384WITHRSA+  | SHA512WITHECDSA+  | SHA512WITHRSA+  deriving (Eq, Ord, Read, Show, Enum, Bounded, Data, Typeable, Generic)+++instance FromText SigningAlgorithm where+    parser = takeLowerText >>= \case+        "sha256withecdsa" -> pure SHA256WITHECDSA+        "sha256withrsa" -> pure SHA256WITHRSA+        "sha384withecdsa" -> pure SHA384WITHECDSA+        "sha384withrsa" -> pure SHA384WITHRSA+        "sha512withecdsa" -> pure SHA512WITHECDSA+        "sha512withrsa" -> pure SHA512WITHRSA+        e -> fromTextError $ "Failure parsing SigningAlgorithm from value: '" <> e+           <> "'. Accepted values: sha256withecdsa, sha256withrsa, sha384withecdsa, sha384withrsa, sha512withecdsa, sha512withrsa"++instance ToText SigningAlgorithm where+    toText = \case+        SHA256WITHECDSA -> "SHA256WITHECDSA"+        SHA256WITHRSA -> "SHA256WITHRSA"+        SHA384WITHECDSA -> "SHA384WITHECDSA"+        SHA384WITHRSA -> "SHA384WITHRSA"+        SHA512WITHECDSA -> "SHA512WITHECDSA"+        SHA512WITHRSA -> "SHA512WITHRSA"++instance Hashable     SigningAlgorithm+instance NFData       SigningAlgorithm+instance ToByteString SigningAlgorithm+instance ToQuery      SigningAlgorithm+instance ToHeader     SigningAlgorithm++instance ToJSON SigningAlgorithm where+    toJSON = toJSONText++instance FromJSON SigningAlgorithm where+    parseJSON = parseJSONText "SigningAlgorithm"++data ValidityPeriodType+  = Absolute+  | Days+  | EndDate+  | Months+  | Years+  deriving (Eq, Ord, Read, Show, Enum, Bounded, Data, Typeable, Generic)+++instance FromText ValidityPeriodType where+    parser = takeLowerText >>= \case+        "absolute" -> pure Absolute+        "days" -> pure Days+        "end_date" -> pure EndDate+        "months" -> pure Months+        "years" -> pure Years+        e -> fromTextError $ "Failure parsing ValidityPeriodType from value: '" <> e+           <> "'. Accepted values: absolute, days, end_date, months, years"++instance ToText ValidityPeriodType where+    toText = \case+        Absolute -> "ABSOLUTE"+        Days -> "DAYS"+        EndDate -> "END_DATE"+        Months -> "MONTHS"+        Years -> "YEARS"++instance Hashable     ValidityPeriodType+instance NFData       ValidityPeriodType+instance ToByteString ValidityPeriodType+instance ToQuery      ValidityPeriodType+instance ToHeader     ValidityPeriodType++instance ToJSON ValidityPeriodType where+    toJSON = toJSONText
+ gen/Network/AWS/CertificateManagerPCA/UntagCertificateAuthority.hs view
@@ -0,0 +1,128 @@+{-# LANGUAGE DeriveDataTypeable #-}+{-# LANGUAGE DeriveGeneric      #-}+{-# LANGUAGE OverloadedStrings  #-}+{-# LANGUAGE RecordWildCards    #-}+{-# LANGUAGE TypeFamilies       #-}++{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-binds   #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module      : Network.AWS.CertificateManagerPCA.UntagCertificateAuthority+-- Copyright   : (c) 2013-2018 Brendan Hay+-- License     : Mozilla Public License, v. 2.0.+-- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>+-- Stability   : auto-generated+-- Portability : non-portable (GHC extensions)+--+-- Remove one or more tags from your private CA. A tag consists of a key-value pair. If you do not specify the value portion of the tag when calling this function, the tag will be removed regardless of value. If you specify a value, the tag is removed only if it is associated with the specified value. To add tags to a private CA, use the 'TagCertificateAuthority' . Call the 'ListTags' function to see what tags are associated with your CA.+--+--+module Network.AWS.CertificateManagerPCA.UntagCertificateAuthority+    (+    -- * Creating a Request+      untagCertificateAuthority+    , UntagCertificateAuthority+    -- * Request Lenses+    , uCertificateAuthorityARN+    , uTags++    -- * Destructuring the Response+    , untagCertificateAuthorityResponse+    , UntagCertificateAuthorityResponse+    ) where++import Network.AWS.CertificateManagerPCA.Types+import Network.AWS.CertificateManagerPCA.Types.Product+import Network.AWS.Lens+import Network.AWS.Prelude+import Network.AWS.Request+import Network.AWS.Response++-- | /See:/ 'untagCertificateAuthority' smart constructor.+data UntagCertificateAuthority = UntagCertificateAuthority'+  { _uCertificateAuthorityARN :: !Text+  , _uTags                    :: !(List1 Tag)+  } deriving (Eq, Read, Show, Data, Typeable, Generic)+++-- | Creates a value of 'UntagCertificateAuthority' with the minimum fields required to make a request.+--+-- Use one of the following lenses to modify other fields as desired:+--+-- * 'uCertificateAuthorityARN' - The Amazon Resource Name (ARN) that was returned when you called 'CreateCertificateAuthority' . This must be of the form:  @arn:aws:acm:/region/ :/account/ :certificate-authority//12345678-1234-1234-1234-123456789012/ @+--+-- * 'uTags' - List of tags to be removed from the CA.+untagCertificateAuthority+    :: Text -- ^ 'uCertificateAuthorityARN'+    -> NonEmpty Tag -- ^ 'uTags'+    -> UntagCertificateAuthority+untagCertificateAuthority pCertificateAuthorityARN_ pTags_ =+  UntagCertificateAuthority'+    { _uCertificateAuthorityARN = pCertificateAuthorityARN_+    , _uTags = _List1 # pTags_+    }+++-- | The Amazon Resource Name (ARN) that was returned when you called 'CreateCertificateAuthority' . This must be of the form:  @arn:aws:acm:/region/ :/account/ :certificate-authority//12345678-1234-1234-1234-123456789012/ @+uCertificateAuthorityARN :: Lens' UntagCertificateAuthority Text+uCertificateAuthorityARN = lens _uCertificateAuthorityARN (\ s a -> s{_uCertificateAuthorityARN = a})++-- | List of tags to be removed from the CA.+uTags :: Lens' UntagCertificateAuthority (NonEmpty Tag)+uTags = lens _uTags (\ s a -> s{_uTags = a}) . _List1++instance AWSRequest UntagCertificateAuthority where+        type Rs UntagCertificateAuthority =+             UntagCertificateAuthorityResponse+        request = postJSON certificateManagerPCA+        response+          = receiveNull UntagCertificateAuthorityResponse'++instance Hashable UntagCertificateAuthority where++instance NFData UntagCertificateAuthority where++instance ToHeaders UntagCertificateAuthority where+        toHeaders+          = const+              (mconcat+                 ["X-Amz-Target" =#+                    ("ACMPrivateCA.UntagCertificateAuthority" ::+                       ByteString),+                  "Content-Type" =#+                    ("application/x-amz-json-1.1" :: ByteString)])++instance ToJSON UntagCertificateAuthority where+        toJSON UntagCertificateAuthority'{..}+          = object+              (catMaybes+                 [Just+                    ("CertificateAuthorityArn" .=+                       _uCertificateAuthorityARN),+                  Just ("Tags" .= _uTags)])++instance ToPath UntagCertificateAuthority where+        toPath = const "/"++instance ToQuery UntagCertificateAuthority where+        toQuery = const mempty++-- | /See:/ 'untagCertificateAuthorityResponse' smart constructor.+data UntagCertificateAuthorityResponse =+  UntagCertificateAuthorityResponse'+  deriving (Eq, Read, Show, Data, Typeable, Generic)+++-- | Creates a value of 'UntagCertificateAuthorityResponse' with the minimum fields required to make a request.+--+untagCertificateAuthorityResponse+    :: UntagCertificateAuthorityResponse+untagCertificateAuthorityResponse = UntagCertificateAuthorityResponse'+++instance NFData UntagCertificateAuthorityResponse+         where
+ gen/Network/AWS/CertificateManagerPCA/UpdateCertificateAuthority.hs view
@@ -0,0 +1,138 @@+{-# LANGUAGE DeriveDataTypeable #-}+{-# LANGUAGE DeriveGeneric      #-}+{-# LANGUAGE OverloadedStrings  #-}+{-# LANGUAGE RecordWildCards    #-}+{-# LANGUAGE TypeFamilies       #-}++{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-binds   #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module      : Network.AWS.CertificateManagerPCA.UpdateCertificateAuthority+-- Copyright   : (c) 2013-2018 Brendan Hay+-- License     : Mozilla Public License, v. 2.0.+-- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>+-- Stability   : auto-generated+-- Portability : non-portable (GHC extensions)+--+-- Updates the status or configuration of a private certificate authority (CA). Your private CA must be in the __@ACTIVE@ __ or __@DISABLED@ __ state before you can update it. You can disable a private CA that is in the __@ACTIVE@ __ state or make a CA that is in the __@DISABLED@ __ state active again.+--+--+module Network.AWS.CertificateManagerPCA.UpdateCertificateAuthority+    (+    -- * Creating a Request+      updateCertificateAuthority+    , UpdateCertificateAuthority+    -- * Request Lenses+    , ucaStatus+    , ucaRevocationConfiguration+    , ucaCertificateAuthorityARN++    -- * Destructuring the Response+    , updateCertificateAuthorityResponse+    , UpdateCertificateAuthorityResponse+    ) where++import Network.AWS.CertificateManagerPCA.Types+import Network.AWS.CertificateManagerPCA.Types.Product+import Network.AWS.Lens+import Network.AWS.Prelude+import Network.AWS.Request+import Network.AWS.Response++-- | /See:/ 'updateCertificateAuthority' smart constructor.+data UpdateCertificateAuthority = UpdateCertificateAuthority'+  { _ucaStatus                  :: !(Maybe CertificateAuthorityStatus)+  , _ucaRevocationConfiguration :: !(Maybe RevocationConfiguration)+  , _ucaCertificateAuthorityARN :: !Text+  } deriving (Eq, Read, Show, Data, Typeable, Generic)+++-- | Creates a value of 'UpdateCertificateAuthority' with the minimum fields required to make a request.+--+-- Use one of the following lenses to modify other fields as desired:+--+-- * 'ucaStatus' - Status of your private CA.+--+-- * 'ucaRevocationConfiguration' - Revocation information for your private CA.+--+-- * 'ucaCertificateAuthorityARN' - Amazon Resource Name (ARN) of the private CA that issued the certificate to be revoked. This must be of the form: @arn:aws:acm:/region/ :/account/ :certificate-authority//12345678-1234-1234-1234-123456789012/ @+updateCertificateAuthority+    :: Text -- ^ 'ucaCertificateAuthorityARN'+    -> UpdateCertificateAuthority+updateCertificateAuthority pCertificateAuthorityARN_ =+  UpdateCertificateAuthority'+    { _ucaStatus = Nothing+    , _ucaRevocationConfiguration = Nothing+    , _ucaCertificateAuthorityARN = pCertificateAuthorityARN_+    }+++-- | Status of your private CA.+ucaStatus :: Lens' UpdateCertificateAuthority (Maybe CertificateAuthorityStatus)+ucaStatus = lens _ucaStatus (\ s a -> s{_ucaStatus = a})++-- | Revocation information for your private CA.+ucaRevocationConfiguration :: Lens' UpdateCertificateAuthority (Maybe RevocationConfiguration)+ucaRevocationConfiguration = lens _ucaRevocationConfiguration (\ s a -> s{_ucaRevocationConfiguration = a})++-- | Amazon Resource Name (ARN) of the private CA that issued the certificate to be revoked. This must be of the form: @arn:aws:acm:/region/ :/account/ :certificate-authority//12345678-1234-1234-1234-123456789012/ @+ucaCertificateAuthorityARN :: Lens' UpdateCertificateAuthority Text+ucaCertificateAuthorityARN = lens _ucaCertificateAuthorityARN (\ s a -> s{_ucaCertificateAuthorityARN = a})++instance AWSRequest UpdateCertificateAuthority where+        type Rs UpdateCertificateAuthority =+             UpdateCertificateAuthorityResponse+        request = postJSON certificateManagerPCA+        response+          = receiveNull UpdateCertificateAuthorityResponse'++instance Hashable UpdateCertificateAuthority where++instance NFData UpdateCertificateAuthority where++instance ToHeaders UpdateCertificateAuthority where+        toHeaders+          = const+              (mconcat+                 ["X-Amz-Target" =#+                    ("ACMPrivateCA.UpdateCertificateAuthority" ::+                       ByteString),+                  "Content-Type" =#+                    ("application/x-amz-json-1.1" :: ByteString)])++instance ToJSON UpdateCertificateAuthority where+        toJSON UpdateCertificateAuthority'{..}+          = object+              (catMaybes+                 [("Status" .=) <$> _ucaStatus,+                  ("RevocationConfiguration" .=) <$>+                    _ucaRevocationConfiguration,+                  Just+                    ("CertificateAuthorityArn" .=+                       _ucaCertificateAuthorityARN)])++instance ToPath UpdateCertificateAuthority where+        toPath = const "/"++instance ToQuery UpdateCertificateAuthority where+        toQuery = const mempty++-- | /See:/ 'updateCertificateAuthorityResponse' smart constructor.+data UpdateCertificateAuthorityResponse =+  UpdateCertificateAuthorityResponse'+  deriving (Eq, Read, Show, Data, Typeable, Generic)+++-- | Creates a value of 'UpdateCertificateAuthorityResponse' with the minimum fields required to make a request.+--+updateCertificateAuthorityResponse+    :: UpdateCertificateAuthorityResponse+updateCertificateAuthorityResponse = UpdateCertificateAuthorityResponse'+++instance NFData UpdateCertificateAuthorityResponse+         where
+ gen/Network/AWS/CertificateManagerPCA/Waiters.hs view
@@ -0,0 +1,21 @@+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE TypeFamilies      #-}++{-# OPTIONS_GHC -fno-warn-unused-imports #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module      : Network.AWS.CertificateManagerPCA.Waiters+-- Copyright   : (c) 2013-2018 Brendan Hay+-- License     : Mozilla Public License, v. 2.0.+-- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>+-- Stability   : auto-generated+-- Portability : non-portable (GHC extensions)+--+module Network.AWS.CertificateManagerPCA.Waiters where++import Network.AWS.CertificateManagerPCA.Types+import Network.AWS.Lens+import Network.AWS.Prelude+import Network.AWS.Waiter
+ src/.gitkeep view
+ test/Main.hs view
@@ -0,0 +1,21 @@+{-# OPTIONS_GHC -fno-warn-unused-imports #-}++-- |+-- Module      : Main+-- Copyright   : (c) 2013-2018 Brendan Hay+-- License     : Mozilla Public License, v. 2.0.+-- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>+-- Stability   : auto-generated+-- Portability : non-portable (GHC extensions)+--+module Main (main) where++import Test.Tasty+import Test.AWS.CertificateManagerPCA+import Test.AWS.CertificateManagerPCA.Internal++main :: IO ()+main = defaultMain $ testGroup "CertificateManagerPCA"+    [ testGroup "tests"    tests+    , testGroup "fixtures" fixtures+    ]
+ test/Test/AWS/CertificateManagerPCA.hs view
@@ -0,0 +1,20 @@+-- |+-- Module      : Test.AWS.CertificateManagerPCA+-- Copyright   : (c) 2013-2018 Brendan Hay+-- License     : Mozilla Public License, v. 2.0.+-- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>+-- Stability   : auto-generated+-- Portability : non-portable (GHC extensions)+--+module Test.AWS.CertificateManagerPCA+    ( tests+    , fixtures+    ) where++import Test.Tasty (TestTree)++tests :: [TestTree]+tests = []++fixtures :: [TestTree]+fixtures = []
+ test/Test/AWS/CertificateManagerPCA/Internal.hs view
@@ -0,0 +1,9 @@+-- |+-- Module      : Test.AWS.CertificateManagerPCA.Internal+-- Copyright   : (c) 2013-2018 Brendan Hay+-- License     : Mozilla Public License, v. 2.0.+-- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>+-- Stability   : auto-generated+-- Portability : non-portable (GHC extensions)+--+module Test.AWS.CertificateManagerPCA.Internal where
+ test/Test/AWS/Gen/CertificateManagerPCA.hs view
@@ -0,0 +1,327 @@+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-orphans        #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module      : Test.AWS.Gen.CertificateManagerPCA+-- Copyright   : (c) 2013-2018 Brendan Hay+-- License     : Mozilla Public License, v. 2.0.+-- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>+-- Stability   : auto-generated+-- Portability : non-portable (GHC extensions)+--+module Test.AWS.Gen.CertificateManagerPCA where++import Data.Proxy+import Network.AWS.CertificateManagerPCA+import Test.AWS.CertificateManagerPCA.Internal+import Test.AWS.Fixture+import Test.AWS.Prelude+import Test.Tasty++-- Auto-generated: the actual test selection needs to be manually placed into+-- the top-level so that real test data can be incrementally added.+--+-- This commented snippet is what the entire set should look like:++-- fixtures :: TestTree+-- fixtures =+--     [ testGroup "request"+--         [ requestImportCertificateAuthorityCertificate $+--             importCertificateAuthorityCertificate+--+--         , requestDescribeCertificateAuthorityAuditReport $+--             describeCertificateAuthorityAuditReport+--+--         , requestRevokeCertificate $+--             revokeCertificate+--+--         , requestUpdateCertificateAuthority $+--             updateCertificateAuthority+--+--         , requestDeleteCertificateAuthority $+--             deleteCertificateAuthority+--+--         , requestGetCertificateAuthorityCSR $+--             getCertificateAuthorityCSR+--+--         , requestCreateCertificateAuthority $+--             createCertificateAuthority+--+--         , requestListCertificateAuthorities $+--             listCertificateAuthorities+--+--         , requestGetCertificate $+--             getCertificate+--+--         , requestTagCertificateAuthority $+--             tagCertificateAuthority+--+--         , requestDescribeCertificateAuthority $+--             describeCertificateAuthority+--+--         , requestIssueCertificate $+--             issueCertificate+--+--         , requestGetCertificateAuthorityCertificate $+--             getCertificateAuthorityCertificate+--+--         , requestUntagCertificateAuthority $+--             untagCertificateAuthority+--+--         , requestCreateCertificateAuthorityAuditReport $+--             createCertificateAuthorityAuditReport+--+--         , requestListTags $+--             listTags+--+--           ]++--     , testGroup "response"+--         [ responseImportCertificateAuthorityCertificate $+--             importCertificateAuthorityCertificateResponse+--+--         , responseDescribeCertificateAuthorityAuditReport $+--             describeCertificateAuthorityAuditReportResponse+--+--         , responseRevokeCertificate $+--             revokeCertificateResponse+--+--         , responseUpdateCertificateAuthority $+--             updateCertificateAuthorityResponse+--+--         , responseDeleteCertificateAuthority $+--             deleteCertificateAuthorityResponse+--+--         , responseGetCertificateAuthorityCSR $+--             getCertificateAuthorityCSRResponse+--+--         , responseCreateCertificateAuthority $+--             createCertificateAuthorityResponse+--+--         , responseListCertificateAuthorities $+--             listCertificateAuthoritiesResponse+--+--         , responseGetCertificate $+--             getCertificateResponse+--+--         , responseTagCertificateAuthority $+--             tagCertificateAuthorityResponse+--+--         , responseDescribeCertificateAuthority $+--             describeCertificateAuthorityResponse+--+--         , responseIssueCertificate $+--             issueCertificateResponse+--+--         , responseGetCertificateAuthorityCertificate $+--             getCertificateAuthorityCertificateResponse+--+--         , responseUntagCertificateAuthority $+--             untagCertificateAuthorityResponse+--+--         , responseCreateCertificateAuthorityAuditReport $+--             createCertificateAuthorityAuditReportResponse+--+--         , responseListTags $+--             listTagsResponse+--+--           ]+--     ]++-- Requests++requestImportCertificateAuthorityCertificate :: ImportCertificateAuthorityCertificate -> TestTree+requestImportCertificateAuthorityCertificate = req+    "ImportCertificateAuthorityCertificate"+    "fixture/ImportCertificateAuthorityCertificate.yaml"++requestDescribeCertificateAuthorityAuditReport :: DescribeCertificateAuthorityAuditReport -> TestTree+requestDescribeCertificateAuthorityAuditReport = req+    "DescribeCertificateAuthorityAuditReport"+    "fixture/DescribeCertificateAuthorityAuditReport.yaml"++requestRevokeCertificate :: RevokeCertificate -> TestTree+requestRevokeCertificate = req+    "RevokeCertificate"+    "fixture/RevokeCertificate.yaml"++requestUpdateCertificateAuthority :: UpdateCertificateAuthority -> TestTree+requestUpdateCertificateAuthority = req+    "UpdateCertificateAuthority"+    "fixture/UpdateCertificateAuthority.yaml"++requestDeleteCertificateAuthority :: DeleteCertificateAuthority -> TestTree+requestDeleteCertificateAuthority = req+    "DeleteCertificateAuthority"+    "fixture/DeleteCertificateAuthority.yaml"++requestGetCertificateAuthorityCSR :: GetCertificateAuthorityCSR -> TestTree+requestGetCertificateAuthorityCSR = req+    "GetCertificateAuthorityCSR"+    "fixture/GetCertificateAuthorityCSR.yaml"++requestCreateCertificateAuthority :: CreateCertificateAuthority -> TestTree+requestCreateCertificateAuthority = req+    "CreateCertificateAuthority"+    "fixture/CreateCertificateAuthority.yaml"++requestListCertificateAuthorities :: ListCertificateAuthorities -> TestTree+requestListCertificateAuthorities = req+    "ListCertificateAuthorities"+    "fixture/ListCertificateAuthorities.yaml"++requestGetCertificate :: GetCertificate -> TestTree+requestGetCertificate = req+    "GetCertificate"+    "fixture/GetCertificate.yaml"++requestTagCertificateAuthority :: TagCertificateAuthority -> TestTree+requestTagCertificateAuthority = req+    "TagCertificateAuthority"+    "fixture/TagCertificateAuthority.yaml"++requestDescribeCertificateAuthority :: DescribeCertificateAuthority -> TestTree+requestDescribeCertificateAuthority = req+    "DescribeCertificateAuthority"+    "fixture/DescribeCertificateAuthority.yaml"++requestIssueCertificate :: IssueCertificate -> TestTree+requestIssueCertificate = req+    "IssueCertificate"+    "fixture/IssueCertificate.yaml"++requestGetCertificateAuthorityCertificate :: GetCertificateAuthorityCertificate -> TestTree+requestGetCertificateAuthorityCertificate = req+    "GetCertificateAuthorityCertificate"+    "fixture/GetCertificateAuthorityCertificate.yaml"++requestUntagCertificateAuthority :: UntagCertificateAuthority -> TestTree+requestUntagCertificateAuthority = req+    "UntagCertificateAuthority"+    "fixture/UntagCertificateAuthority.yaml"++requestCreateCertificateAuthorityAuditReport :: CreateCertificateAuthorityAuditReport -> TestTree+requestCreateCertificateAuthorityAuditReport = req+    "CreateCertificateAuthorityAuditReport"+    "fixture/CreateCertificateAuthorityAuditReport.yaml"++requestListTags :: ListTags -> TestTree+requestListTags = req+    "ListTags"+    "fixture/ListTags.yaml"++-- Responses++responseImportCertificateAuthorityCertificate :: ImportCertificateAuthorityCertificateResponse -> TestTree+responseImportCertificateAuthorityCertificate = res+    "ImportCertificateAuthorityCertificateResponse"+    "fixture/ImportCertificateAuthorityCertificateResponse.proto"+    certificateManagerPCA+    (Proxy :: Proxy ImportCertificateAuthorityCertificate)++responseDescribeCertificateAuthorityAuditReport :: DescribeCertificateAuthorityAuditReportResponse -> TestTree+responseDescribeCertificateAuthorityAuditReport = res+    "DescribeCertificateAuthorityAuditReportResponse"+    "fixture/DescribeCertificateAuthorityAuditReportResponse.proto"+    certificateManagerPCA+    (Proxy :: Proxy DescribeCertificateAuthorityAuditReport)++responseRevokeCertificate :: RevokeCertificateResponse -> TestTree+responseRevokeCertificate = res+    "RevokeCertificateResponse"+    "fixture/RevokeCertificateResponse.proto"+    certificateManagerPCA+    (Proxy :: Proxy RevokeCertificate)++responseUpdateCertificateAuthority :: UpdateCertificateAuthorityResponse -> TestTree+responseUpdateCertificateAuthority = res+    "UpdateCertificateAuthorityResponse"+    "fixture/UpdateCertificateAuthorityResponse.proto"+    certificateManagerPCA+    (Proxy :: Proxy UpdateCertificateAuthority)++responseDeleteCertificateAuthority :: DeleteCertificateAuthorityResponse -> TestTree+responseDeleteCertificateAuthority = res+    "DeleteCertificateAuthorityResponse"+    "fixture/DeleteCertificateAuthorityResponse.proto"+    certificateManagerPCA+    (Proxy :: Proxy DeleteCertificateAuthority)++responseGetCertificateAuthorityCSR :: GetCertificateAuthorityCSRResponse -> TestTree+responseGetCertificateAuthorityCSR = res+    "GetCertificateAuthorityCSRResponse"+    "fixture/GetCertificateAuthorityCSRResponse.proto"+    certificateManagerPCA+    (Proxy :: Proxy GetCertificateAuthorityCSR)++responseCreateCertificateAuthority :: CreateCertificateAuthorityResponse -> TestTree+responseCreateCertificateAuthority = res+    "CreateCertificateAuthorityResponse"+    "fixture/CreateCertificateAuthorityResponse.proto"+    certificateManagerPCA+    (Proxy :: Proxy CreateCertificateAuthority)++responseListCertificateAuthorities :: ListCertificateAuthoritiesResponse -> TestTree+responseListCertificateAuthorities = res+    "ListCertificateAuthoritiesResponse"+    "fixture/ListCertificateAuthoritiesResponse.proto"+    certificateManagerPCA+    (Proxy :: Proxy ListCertificateAuthorities)++responseGetCertificate :: GetCertificateResponse -> TestTree+responseGetCertificate = res+    "GetCertificateResponse"+    "fixture/GetCertificateResponse.proto"+    certificateManagerPCA+    (Proxy :: Proxy GetCertificate)++responseTagCertificateAuthority :: TagCertificateAuthorityResponse -> TestTree+responseTagCertificateAuthority = res+    "TagCertificateAuthorityResponse"+    "fixture/TagCertificateAuthorityResponse.proto"+    certificateManagerPCA+    (Proxy :: Proxy TagCertificateAuthority)++responseDescribeCertificateAuthority :: DescribeCertificateAuthorityResponse -> TestTree+responseDescribeCertificateAuthority = res+    "DescribeCertificateAuthorityResponse"+    "fixture/DescribeCertificateAuthorityResponse.proto"+    certificateManagerPCA+    (Proxy :: Proxy DescribeCertificateAuthority)++responseIssueCertificate :: IssueCertificateResponse -> TestTree+responseIssueCertificate = res+    "IssueCertificateResponse"+    "fixture/IssueCertificateResponse.proto"+    certificateManagerPCA+    (Proxy :: Proxy IssueCertificate)++responseGetCertificateAuthorityCertificate :: GetCertificateAuthorityCertificateResponse -> TestTree+responseGetCertificateAuthorityCertificate = res+    "GetCertificateAuthorityCertificateResponse"+    "fixture/GetCertificateAuthorityCertificateResponse.proto"+    certificateManagerPCA+    (Proxy :: Proxy GetCertificateAuthorityCertificate)++responseUntagCertificateAuthority :: UntagCertificateAuthorityResponse -> TestTree+responseUntagCertificateAuthority = res+    "UntagCertificateAuthorityResponse"+    "fixture/UntagCertificateAuthorityResponse.proto"+    certificateManagerPCA+    (Proxy :: Proxy UntagCertificateAuthority)++responseCreateCertificateAuthorityAuditReport :: CreateCertificateAuthorityAuditReportResponse -> TestTree+responseCreateCertificateAuthorityAuditReport = res+    "CreateCertificateAuthorityAuditReportResponse"+    "fixture/CreateCertificateAuthorityAuditReportResponse.proto"+    certificateManagerPCA+    (Proxy :: Proxy CreateCertificateAuthorityAuditReport)++responseListTags :: ListTagsResponse -> TestTree+responseListTags = res+    "ListTagsResponse"+    "fixture/ListTagsResponse.proto"+    certificateManagerPCA+    (Proxy :: Proxy ListTags)