amazonka-network-firewall (empty) → 2.0
raw patch · 172 files changed
+21368/−0 lines, 172 filesdep +amazonka-coredep +amazonka-network-firewalldep +amazonka-test
Dependencies added: amazonka-core, amazonka-network-firewall, amazonka-test, base, bytestring, case-insensitive, tasty, tasty-hunit, text, time, unordered-containers
Files
- LICENSE +367/−0
- README.md +44/−0
- amazonka-network-firewall.cabal +181/−0
- fixture/AssociateFirewallPolicy.yaml +10/−0
- fixture/AssociateFirewallPolicyResponse.proto +0/−0
- fixture/AssociateSubnets.yaml +10/−0
- fixture/AssociateSubnetsResponse.proto +0/−0
- fixture/CreateFirewall.yaml +10/−0
- fixture/CreateFirewallPolicy.yaml +10/−0
- fixture/CreateFirewallPolicyResponse.proto +0/−0
- fixture/CreateFirewallResponse.proto +0/−0
- fixture/CreateRuleGroup.yaml +10/−0
- fixture/CreateRuleGroupResponse.proto +0/−0
- fixture/DeleteFirewall.yaml +10/−0
- fixture/DeleteFirewallPolicy.yaml +10/−0
- fixture/DeleteFirewallPolicyResponse.proto +0/−0
- fixture/DeleteFirewallResponse.proto +0/−0
- fixture/DeleteResourcePolicy.yaml +10/−0
- fixture/DeleteResourcePolicyResponse.proto +0/−0
- fixture/DeleteRuleGroup.yaml +10/−0
- fixture/DeleteRuleGroupResponse.proto +0/−0
- fixture/DescribeFirewall.yaml +10/−0
- fixture/DescribeFirewallPolicy.yaml +10/−0
- fixture/DescribeFirewallPolicyResponse.proto +0/−0
- fixture/DescribeFirewallResponse.proto +0/−0
- fixture/DescribeLoggingConfiguration.yaml +10/−0
- fixture/DescribeLoggingConfigurationResponse.proto +0/−0
- fixture/DescribeResourcePolicy.yaml +10/−0
- fixture/DescribeResourcePolicyResponse.proto +0/−0
- fixture/DescribeRuleGroup.yaml +10/−0
- fixture/DescribeRuleGroupMetadata.yaml +10/−0
- fixture/DescribeRuleGroupMetadataResponse.proto +0/−0
- fixture/DescribeRuleGroupResponse.proto +0/−0
- fixture/DisassociateSubnets.yaml +10/−0
- fixture/DisassociateSubnetsResponse.proto +0/−0
- fixture/ListFirewallPolicies.yaml +10/−0
- fixture/ListFirewallPoliciesResponse.proto +0/−0
- fixture/ListFirewalls.yaml +10/−0
- fixture/ListFirewallsResponse.proto +0/−0
- fixture/ListRuleGroups.yaml +10/−0
- fixture/ListRuleGroupsResponse.proto +0/−0
- fixture/ListTagsForResource.yaml +10/−0
- fixture/ListTagsForResourceResponse.proto +0/−0
- fixture/PutResourcePolicy.yaml +10/−0
- fixture/PutResourcePolicyResponse.proto +0/−0
- fixture/TagResource.yaml +10/−0
- fixture/TagResourceResponse.proto +0/−0
- fixture/UntagResource.yaml +10/−0
- fixture/UntagResourceResponse.proto +0/−0
- fixture/UpdateFirewallDeleteProtection.yaml +10/−0
- fixture/UpdateFirewallDeleteProtectionResponse.proto +0/−0
- fixture/UpdateFirewallDescription.yaml +10/−0
- fixture/UpdateFirewallDescriptionResponse.proto +0/−0
- fixture/UpdateFirewallEncryptionConfiguration.yaml +10/−0
- fixture/UpdateFirewallEncryptionConfigurationResponse.proto +0/−0
- fixture/UpdateFirewallPolicy.yaml +10/−0
- fixture/UpdateFirewallPolicyChangeProtection.yaml +10/−0
- fixture/UpdateFirewallPolicyChangeProtectionResponse.proto +0/−0
- fixture/UpdateFirewallPolicyResponse.proto +0/−0
- fixture/UpdateLoggingConfiguration.yaml +10/−0
- fixture/UpdateLoggingConfigurationResponse.proto +0/−0
- fixture/UpdateRuleGroup.yaml +10/−0
- fixture/UpdateRuleGroupResponse.proto +0/−0
- fixture/UpdateSubnetChangeProtection.yaml +10/−0
- fixture/UpdateSubnetChangeProtectionResponse.proto +0/−0
- gen/Amazonka/NetworkFirewall.hs +637/−0
- gen/Amazonka/NetworkFirewall/AssociateFirewallPolicy.hs +372/−0
- gen/Amazonka/NetworkFirewall/AssociateSubnets.hs +369/−0
- gen/Amazonka/NetworkFirewall/CreateFirewall.hs +407/−0
- gen/Amazonka/NetworkFirewall/CreateFirewallPolicy.hs +349/−0
- gen/Amazonka/NetworkFirewall/CreateRuleGroup.hs +576/−0
- gen/Amazonka/NetworkFirewall/DeleteFirewall.hs +222/−0
- gen/Amazonka/NetworkFirewall/DeleteFirewallPolicy.hs +210/−0
- gen/Amazonka/NetworkFirewall/DeleteResourcePolicy.hs +161/−0
- gen/Amazonka/NetworkFirewall/DeleteRuleGroup.hs +236/−0
- gen/Amazonka/NetworkFirewall/DescribeFirewall.hs +283/−0
- gen/Amazonka/NetworkFirewall/DescribeFirewallPolicy.hs +273/−0
- gen/Amazonka/NetworkFirewall/DescribeLoggingConfiguration.hs +218/−0
- gen/Amazonka/NetworkFirewall/DescribeResourcePolicy.hs +179/−0
- gen/Amazonka/NetworkFirewall/DescribeRuleGroup.hs +330/−0
- gen/Amazonka/NetworkFirewall/DescribeRuleGroupMetadata.hs +372/−0
- gen/Amazonka/NetworkFirewall/DisassociateSubnets.hs +362/−0
- gen/Amazonka/NetworkFirewall/Lens.hs +616/−0
- gen/Amazonka/NetworkFirewall/ListFirewallPolicies.hs +264/−0
- gen/Amazonka/NetworkFirewall/ListFirewalls.hs +282/−0
- gen/Amazonka/NetworkFirewall/ListRuleGroups.hs +315/−0
- gen/Amazonka/NetworkFirewall/ListTagsForResource.hs +277/−0
- gen/Amazonka/NetworkFirewall/PutResourcePolicy.hs +280/−0
- gen/Amazonka/NetworkFirewall/TagResource.hs +176/−0
- gen/Amazonka/NetworkFirewall/Types.hs +658/−0
- gen/Amazonka/NetworkFirewall/Types/ActionDefinition.hs +107/−0
- gen/Amazonka/NetworkFirewall/Types/Address.hs +118/−0
- gen/Amazonka/NetworkFirewall/Types/Attachment.hs +156/−0
- gen/Amazonka/NetworkFirewall/Types/AttachmentStatus.hs +81/−0
- gen/Amazonka/NetworkFirewall/Types/CIDRSummary.hs +105/−0
- gen/Amazonka/NetworkFirewall/Types/CapacityUsageSummary.hs +73/−0
- gen/Amazonka/NetworkFirewall/Types/ConfigurationSyncState.hs +76/−0
- gen/Amazonka/NetworkFirewall/Types/CustomAction.hs +121/−0
- gen/Amazonka/NetworkFirewall/Types/Dimension.hs +84/−0
- gen/Amazonka/NetworkFirewall/Types/EncryptionConfiguration.hs +124/−0
- gen/Amazonka/NetworkFirewall/Types/EncryptionType.hs +71/−0
- gen/Amazonka/NetworkFirewall/Types/Firewall.hs +275/−0
- gen/Amazonka/NetworkFirewall/Types/FirewallMetadata.hs +89/−0
- gen/Amazonka/NetworkFirewall/Types/FirewallPolicy.hs +333/−0
- gen/Amazonka/NetworkFirewall/Types/FirewallPolicyMetadata.hs +89/−0
- gen/Amazonka/NetworkFirewall/Types/FirewallPolicyResponse.hs +237/−0
- gen/Amazonka/NetworkFirewall/Types/FirewallStatus.hs +191/−0
- gen/Amazonka/NetworkFirewall/Types/FirewallStatusValue.hs +76/−0
- gen/Amazonka/NetworkFirewall/Types/GeneratedRulesType.hs +71/−0
- gen/Amazonka/NetworkFirewall/Types/Header.hs +291/−0
- gen/Amazonka/NetworkFirewall/Types/IPSet.hs +75/−0
- gen/Amazonka/NetworkFirewall/Types/IPSetMetadata.hs +78/−0
- gen/Amazonka/NetworkFirewall/Types/IPSetReference.hs +92/−0
- gen/Amazonka/NetworkFirewall/Types/LogDestinationConfig.hs +200/−0
- gen/Amazonka/NetworkFirewall/Types/LogDestinationType.hs +76/−0
- gen/Amazonka/NetworkFirewall/Types/LogType.hs +68/−0
- gen/Amazonka/NetworkFirewall/Types/LoggingConfiguration.hs +90/−0
- gen/Amazonka/NetworkFirewall/Types/MatchAttributes.hs +201/−0
- gen/Amazonka/NetworkFirewall/Types/OverrideAction.hs +66/−0
- gen/Amazonka/NetworkFirewall/Types/PerObjectStatus.hs +96/−0
- gen/Amazonka/NetworkFirewall/Types/PerObjectSyncStatus.hs +76/−0
- gen/Amazonka/NetworkFirewall/Types/PortRange.hs +105/−0
- gen/Amazonka/NetworkFirewall/Types/PortSet.hs +74/−0
- gen/Amazonka/NetworkFirewall/Types/PublishMetricAction.hs +81/−0
- gen/Amazonka/NetworkFirewall/Types/ReferenceSets.hs +81/−0
- gen/Amazonka/NetworkFirewall/Types/ResourceManagedStatus.hs +71/−0
- gen/Amazonka/NetworkFirewall/Types/ResourceManagedType.hs +71/−0
- gen/Amazonka/NetworkFirewall/Types/ResourceStatus.hs +71/−0
- gen/Amazonka/NetworkFirewall/Types/RuleDefinition.hs +203/−0
- gen/Amazonka/NetworkFirewall/Types/RuleGroup.hs +147/−0
- gen/Amazonka/NetworkFirewall/Types/RuleGroupMetadata.hs +88/−0
- gen/Amazonka/NetworkFirewall/Types/RuleGroupResponse.hs +313/−0
- gen/Amazonka/NetworkFirewall/Types/RuleGroupType.hs +71/−0
- gen/Amazonka/NetworkFirewall/Types/RuleOption.hs +92/−0
- gen/Amazonka/NetworkFirewall/Types/RuleOrder.hs +71/−0
- gen/Amazonka/NetworkFirewall/Types/RuleVariables.hs +96/−0
- gen/Amazonka/NetworkFirewall/Types/RulesSource.hs +159/−0
- gen/Amazonka/NetworkFirewall/Types/RulesSourceList.hs +156/−0
- gen/Amazonka/NetworkFirewall/Types/SourceMetadata.hs +110/−0
- gen/Amazonka/NetworkFirewall/Types/StatefulAction.hs +76/−0
- gen/Amazonka/NetworkFirewall/Types/StatefulEngineOptions.hs +160/−0
- gen/Amazonka/NetworkFirewall/Types/StatefulRule.hs +183/−0
- gen/Amazonka/NetworkFirewall/Types/StatefulRuleDirection.hs +71/−0
- gen/Amazonka/NetworkFirewall/Types/StatefulRuleGroupOverride.hs +84/−0
- gen/Amazonka/NetworkFirewall/Types/StatefulRuleGroupReference.hs +147/−0
- gen/Amazonka/NetworkFirewall/Types/StatefulRuleOptions.hs +95/−0
- gen/Amazonka/NetworkFirewall/Types/StatefulRuleProtocol.hs +156/−0
- gen/Amazonka/NetworkFirewall/Types/StatelessRule.hs +147/−0
- gen/Amazonka/NetworkFirewall/Types/StatelessRuleGroupReference.hs +113/−0
- gen/Amazonka/NetworkFirewall/Types/StatelessRulesAndCustomActions.hs +121/−0
- gen/Amazonka/NetworkFirewall/Types/StreamExceptionPolicy.hs +71/−0
- gen/Amazonka/NetworkFirewall/Types/SubnetMapping.hs +79/−0
- gen/Amazonka/NetworkFirewall/Types/SyncState.hs +124/−0
- gen/Amazonka/NetworkFirewall/Types/TCPFlag.hs +98/−0
- gen/Amazonka/NetworkFirewall/Types/TCPFlagField.hs +133/−0
- gen/Amazonka/NetworkFirewall/Types/Tag.hs +110/−0
- gen/Amazonka/NetworkFirewall/Types/TargetType.hs +71/−0
- gen/Amazonka/NetworkFirewall/UntagResource.hs +180/−0
- gen/Amazonka/NetworkFirewall/UpdateFirewallDeleteProtection.hs +409/−0
- gen/Amazonka/NetworkFirewall/UpdateFirewallDescription.hs +368/−0
- gen/Amazonka/NetworkFirewall/UpdateFirewallEncryptionConfiguration.hs +381/−0
- gen/Amazonka/NetworkFirewall/UpdateFirewallPolicy.hs +400/−0
- gen/Amazonka/NetworkFirewall/UpdateFirewallPolicyChangeProtection.hs +424/−0
- gen/Amazonka/NetworkFirewall/UpdateLoggingConfiguration.hs +269/−0
- gen/Amazonka/NetworkFirewall/UpdateRuleGroup.hs +496/−0
- gen/Amazonka/NetworkFirewall/UpdateSubnetChangeProtection.hs +397/−0
- gen/Amazonka/NetworkFirewall/Waiters.hs +24/−0
- src/.gitkeep +0/−0
- test/Main.hs +23/−0
- test/Test/Amazonka/Gen/NetworkFirewall.hs +658/−0
- test/Test/Amazonka/NetworkFirewall.hs +20/−0
- test/Test/Amazonka/NetworkFirewall/Internal.hs +8/−0
+ LICENSE view
@@ -0,0 +1,367 @@+Mozilla Public License Version 2.0+==================================++1. Definitions+--------------++1.1. "Contributor"+ means each individual or legal entity that creates, contributes to+ the creation of, or owns Covered Software.++1.2. "Contributor Version"+ means the combination of the Contributions of others (if any) used+ by a Contributor and that particular Contributor's Contribution.++1.3. "Contribution"+ means Covered Software of a particular Contributor.++1.4. "Covered Software"+ means Source Code Form to which the initial Contributor has attached+ the notice in Exhibit A, the Executable Form of such Source Code+ Form, and Modifications of such Source Code Form, in each case+ including portions thereof.++1.5. "Incompatible With Secondary Licenses"+ means++ (a) that the initial Contributor has attached the notice described+ in Exhibit B to the Covered Software; or++ (b) that the Covered Software was made available under the terms of+ version 1.1 or earlier of the License, but not also under the+ terms of a Secondary License.++1.6. "Executable Form"+ means any form of the work other than Source Code Form.++1.7. "Larger Work"+ means a work that combines Covered Software with other material, in+ a separate file or files, that is not Covered Software.++1.8. "License"+ means this document.++1.9. "Licensable"+ means having the right to grant, to the maximum extent possible,+ whether at the time of the initial grant or subsequently, any and+ all of the rights conveyed by this License.++1.10. "Modifications"+ means any of the following:++ (a) any file in Source Code Form that results from an addition to,+ deletion from, or modification of the contents of Covered+ Software; or++ (b) any new file in Source Code Form that contains any Covered+ Software.++1.11. "Patent Claims" of a Contributor+ means any patent claim(s), including without limitation, method,+ process, and apparatus claims, in any patent Licensable by such+ Contributor that would be infringed, but for the grant of the+ License, by the making, using, selling, offering for sale, having+ made, import, or transfer of either its Contributions or its+ Contributor Version.++1.12. "Secondary License"+ means either the GNU General Public License, Version 2.0, the GNU+ Lesser General Public License, Version 2.1, the GNU Affero General+ Public License, Version 3.0, or any later versions of those+ licenses.++1.13. "Source Code Form"+ means the form of the work preferred for making modifications.++1.14. "You" (or "Your")+ means an individual or a legal entity exercising rights under this+ License. For legal entities, "You" includes any entity that+ controls, is controlled by, or is under common control with You. For+ purposes of this definition, "control" means (a) the power, direct+ or indirect, to cause the direction or management of such entity,+ whether by contract or otherwise, or (b) ownership of more than+ fifty percent (50%) of the outstanding shares or beneficial+ ownership of such entity.++2. License Grants and Conditions+--------------------------------++2.1. Grants++Each Contributor hereby grants You a world-wide, royalty-free,+non-exclusive license:++(a) under intellectual property rights (other than patent or trademark)+ Licensable by such Contributor to use, reproduce, make available,+ modify, display, perform, distribute, and otherwise exploit its+ Contributions, either on an unmodified basis, with Modifications, or+ as part of a Larger Work; and++(b) under Patent Claims of such Contributor to make, use, sell, offer+ for sale, have made, import, and otherwise transfer either its+ Contributions or its Contributor Version.++2.2. Effective Date++The licenses granted in Section 2.1 with respect to any Contribution+become effective for each Contribution on the date the Contributor first+distributes such Contribution.++2.3. Limitations on Grant Scope++The licenses granted in this Section 2 are the only rights granted under+this License. No additional rights or licenses will be implied from the+distribution or licensing of Covered Software under this License.+Notwithstanding Section 2.1(b) above, no patent license is granted by a+Contributor:++(a) for any code that a Contributor has removed from Covered Software;+ or++(b) for infringements caused by: (i) Your and any other third party's+ modifications of Covered Software, or (ii) the combination of its+ Contributions with other software (except as part of its Contributor+ Version); or++(c) under Patent Claims infringed by Covered Software in the absence of+ its Contributions.++This License does not grant any rights in the trademarks, service marks,+or logos of any Contributor (except as may be necessary to comply with+the notice requirements in Section 3.4).++2.4. Subsequent Licenses++No Contributor makes additional grants as a result of Your choice to+distribute the Covered Software under a subsequent version of this+License (see Section 10.2) or under the terms of a Secondary License (if+permitted under the terms of Section 3.3).++2.5. Representation++Each Contributor represents that the Contributor believes its+Contributions are its original creation(s) or it has sufficient rights+to grant the rights to its Contributions conveyed by this License.++2.6. Fair Use++This License is not intended to limit any rights You have under+applicable copyright doctrines of fair use, fair dealing, or other+equivalents.++2.7. Conditions++Sections 3.1, 3.2, 3.3, and 3.4 are conditions of the licenses granted+in Section 2.1.++3. Responsibilities+-------------------++3.1. Distribution of Source Form++All distribution of Covered Software in Source Code Form, including any+Modifications that You create or to which You contribute, must be under+the terms of this License. You must inform recipients that the Source+Code Form of the Covered Software is governed by the terms of this+License, and how they can obtain a copy of this License. You may not+attempt to alter or restrict the recipients' rights in the Source Code+Form.++3.2. Distribution of Executable Form++If You distribute Covered Software in Executable Form then:++(a) such Covered Software must also be made available in Source Code+ Form, as described in Section 3.1, and You must inform recipients of+ the Executable Form how they can obtain a copy of such Source Code+ Form by reasonable means in a timely manner, at a charge no more+ than the cost of distribution to the recipient; and++(b) You may distribute such Executable Form under the terms of this+ License, or sublicense it under different terms, provided that the+ license for the Executable Form does not attempt to limit or alter+ the recipients' rights in the Source Code Form under this License.++3.3. Distribution of a Larger Work++You may create and distribute a Larger Work under terms of Your choice,+provided that You also comply with the requirements of this License for+the Covered Software. If the Larger Work is a combination of Covered+Software with a work governed by one or more Secondary Licenses, and the+Covered Software is not Incompatible With Secondary Licenses, this+License permits You to additionally distribute such Covered Software+under the terms of such Secondary License(s), so that the recipient of+the Larger Work may, at their option, further distribute the Covered+Software under the terms of either this License or such Secondary+License(s).++3.4. Notices++You may not remove or alter the substance of any license notices+(including copyright notices, patent notices, disclaimers of warranty,+or limitations of liability) contained within the Source Code Form of+the Covered Software, except that You may alter any license notices to+the extent required to remedy known factual inaccuracies.++3.5. Application of Additional Terms++You may choose to offer, and to charge a fee for, warranty, support,+indemnity or liability obligations to one or more recipients of Covered+Software. However, You may do so only on Your own behalf, and not on+behalf of any Contributor. You must make it absolutely clear that any+such warranty, support, indemnity, or liability obligation is offered by+You alone, and You hereby agree to indemnify every Contributor for any+liability incurred by such Contributor as a result of warranty, support,+indemnity or liability terms You offer. You may include additional+disclaimers of warranty and limitations of liability specific to any+jurisdiction.++4. Inability to Comply Due to Statute or Regulation+---------------------------------------------------++If it is impossible for You to comply with any of the terms of this+License with respect to some or all of the Covered Software due to+statute, judicial order, or regulation then You must: (a) comply with+the terms of this License to the maximum extent possible; and (b)+describe the limitations and the code they affect. Such description must+be placed in a text file included with all distributions of the Covered+Software under this License. Except to the extent prohibited by statute+or regulation, such description must be sufficiently detailed for a+recipient of ordinary skill to be able to understand it.++5. Termination+--------------++5.1. The rights granted under this License will terminate automatically+if You fail to comply with any of its terms. However, if You become+compliant, then the rights granted under this License from a particular+Contributor are reinstated (a) provisionally, unless and until such+Contributor explicitly and finally terminates Your grants, and (b) on an+ongoing basis, if such Contributor fails to notify You of the+non-compliance by some reasonable means prior to 60 days after You have+come back into compliance. Moreover, Your grants from a particular+Contributor are reinstated on an ongoing basis if such Contributor+notifies You of the non-compliance by some reasonable means, this is the+first time You have received notice of non-compliance with this License+from such Contributor, and You become compliant prior to 30 days after+Your receipt of the notice.++5.2. If You initiate litigation against any entity by asserting a patent+infringement claim (excluding declaratory judgment actions,+counter-claims, and cross-claims) alleging that a Contributor Version+directly or indirectly infringes any patent, then the rights granted to+You by any and all Contributors for the Covered Software under Section+2.1 of this License shall terminate.++5.3. In the event of termination under Sections 5.1 or 5.2 above, all+end user license agreements (excluding distributors and resellers) which+have been validly granted by You or Your distributors under this License+prior to termination shall survive termination.++************************************************************************+* *+* 6. Disclaimer of Warranty *+* ------------------------- *+* *+* Covered Software is provided under this License on an "as is" *+* basis, without warranty of any kind, either expressed, implied, or *+* statutory, including, without limitation, warranties that the *+* Covered Software is free of defects, merchantable, fit for a *+* particular purpose or non-infringing. The entire risk as to the *+* quality and performance of the Covered Software is with You. *+* Should any Covered Software prove defective in any respect, You *+* (not any Contributor) assume the cost of any necessary servicing, *+* repair, or correction. This disclaimer of warranty constitutes an *+* essential part of this License. No use of any Covered Software is *+* authorized under this License except under this disclaimer. *+* *+************************************************************************++************************************************************************+* *+* 7. Limitation of Liability *+* -------------------------- *+* *+* Under no circumstances and under no legal theory, whether tort *+* (including negligence), contract, or otherwise, shall any *+* Contributor, or anyone who distributes Covered Software as *+* permitted above, be liable to You for any direct, indirect, *+* special, incidental, or consequential damages of any character *+* including, without limitation, damages for lost profits, loss of *+* goodwill, work stoppage, computer failure or malfunction, or any *+* and all other commercial damages or losses, even if such party *+* shall have been informed of the possibility of such damages. This *+* limitation of liability shall not apply to liability for death or *+* personal injury resulting from such party's negligence to the *+* extent applicable law prohibits such limitation. Some *+* jurisdictions do not allow the exclusion or limitation of *+* incidental or consequential damages, so this exclusion and *+* limitation may not apply to You. *+* *+************************************************************************++8. Litigation+-------------++Any litigation relating to this License may be brought only in the+courts of a jurisdiction where the defendant maintains its principal+place of business and such litigation shall be governed by laws of that+jurisdiction, without reference to its conflict-of-law provisions.+Nothing in this Section shall prevent a party's ability to bring+cross-claims or counter-claims.++9. Miscellaneous+----------------++This License represents the complete agreement concerning the subject+matter hereof. If any provision of this License is held to be+unenforceable, such provision shall be reformed only to the extent+necessary to make it enforceable. Any law or regulation which provides+that the language of a contract shall be construed against the drafter+shall not be used to construe this License against a Contributor.++10. Versions of the License+---------------------------++10.1. New Versions++Mozilla Foundation is the license steward. Except as provided in Section+10.3, no one other than the license steward has the right to modify or+publish new versions of this License. Each version will be given a+distinguishing version number.++10.2. Effect of New Versions++You may distribute the Covered Software under the terms of the version+of the License under which You originally received the Covered Software,+or under the terms of any subsequent version published by the license+steward.++10.3. Modified Versions++If you create software not governed by this License, and you want to+create a new license for such software, you may create and use a+modified version of this License if you rename the license and remove+any references to the name of the license steward (except to note that+such modified license differs from this License).++10.4. Distributing Source Code Form that is Incompatible With Secondary+Licenses++If You choose to distribute Source Code Form that is Incompatible With+Secondary Licenses under the terms of this version of the License, the+notice described in Exhibit B of this License must be attached.++Exhibit A - Source Code Form License Notice+-------------------------------------------++ This Source Code Form is subject to the terms of the Mozilla Public+ License, v. 2.0. If a copy of the MPL was not distributed with this+ file, You can obtain one at http://mozilla.org/MPL/2.0/.++If it is not possible or desirable to put the notice in a particular+file, then You may include the notice in a location (such as a LICENSE+file in a relevant directory) where a recipient would be likely to look+for such a notice.++You may add additional accurate notices of copyright ownership.
+ README.md view
@@ -0,0 +1,44 @@+# Amazon Network Firewall SDK++* [Version](#version)+* [Description](#description)+* [Contribute](#contribute)+* [Licence](#licence)+++## Version+ +`2.0` - Derived from API version @2020-11-12@ of the AWS service descriptions, licensed under Apache 2.0.++## Description++Documentation is available via [Hackage](http://hackage.haskell.org/package/amazonka-network-firewall)+and the [AWS API Reference](https://aws.amazon.com/documentation/).++The types from this library are intended to be used with [amazonka](http://hackage.haskell.org/package/amazonka),+which provides mechanisms for specifying AuthN/AuthZ information, sending requests,+and receiving responses.++Lenses are used for constructing and manipulating types,+due to the depth of nesting of AWS types and transparency regarding+de/serialisation into more palatable Haskell values.+The provided lenses should be compatible with any of the major lens libraries+[lens](http://hackage.haskell.org/package/lens) or [lens-family-core](http://hackage.haskell.org/package/lens-family-core).++See [Amazonka.NetworkFirewall](http://hackage.haskell.org/package/amazonka-network-firewall/docs/Amazonka-NetworkFirewall.html)+or [the AWS documentation](https://aws.amazon.com/documentation/) to get started.+++## Contribute++For any problems, comments, or feedback please create an issue [here on GitHub](https://github.com/brendanhay/amazonka/issues).++> _Note:_ this library is an auto-generated Haskell package. Please see `amazonka-gen` for more information.+++## Licence++`amazonka-network-firewall` is released under the [Mozilla Public License Version 2.0](http://www.mozilla.org/MPL/).++Parts of the code are derived from AWS service descriptions, licensed under Apache 2.0.+Source files subject to this contain an additional licensing clause in their header.
+ amazonka-network-firewall.cabal view
@@ -0,0 +1,181 @@+cabal-version: 2.2+name: amazonka-network-firewall+version: 2.0+synopsis: Amazon Network Firewall SDK.+homepage: https://github.com/brendanhay/amazonka+bug-reports: https://github.com/brendanhay/amazonka/issues+license: MPL-2.0+license-file: LICENSE+author: Brendan Hay+maintainer:+ Brendan Hay <brendan.g.hay+amazonka@gmail.com>, Jack Kelly <jack@jackkelly.name>++copyright: Copyright (c) 2013-2023 Brendan Hay+category: AWS+build-type: Simple+extra-source-files:+ fixture/*.proto+ fixture/*.yaml+ README.md+ src/.gitkeep++description:+ Derived from API version @2020-11-12@ of the AWS service descriptions, licensed under Apache 2.0.+ .+ The types from this library are intended to be used with <http://hackage.haskell.org/package/amazonka amazonka>,+ which provides mechanisms for specifying AuthN/AuthZ information, sending requests, and receiving responses.+ .+ It is recommended to use generic lenses or optics from packages such as <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify optional fields and deconstruct responses.+ .+ Generated lenses can be found in "Amazonka.NetworkFirewall.Lens" and are+ suitable for use with a lens package such as <http://hackage.haskell.org/package/lens lens> or <http://hackage.haskell.org/package/lens-family-core lens-family-core>.+ .+ See "Amazonka.NetworkFirewall" and the <https://aws.amazon.com/documentation/ AWS documentation> to get started.++source-repository head+ type: git+ location: git://github.com/brendanhay/amazonka.git+ subdir: amazonka-network-firewall++library+ default-language: Haskell2010+ hs-source-dirs: src gen+ ghc-options:+ -Wall -fwarn-incomplete-uni-patterns+ -fwarn-incomplete-record-updates -funbox-strict-fields++ exposed-modules:+ Amazonka.NetworkFirewall+ Amazonka.NetworkFirewall.AssociateFirewallPolicy+ Amazonka.NetworkFirewall.AssociateSubnets+ Amazonka.NetworkFirewall.CreateFirewall+ Amazonka.NetworkFirewall.CreateFirewallPolicy+ Amazonka.NetworkFirewall.CreateRuleGroup+ Amazonka.NetworkFirewall.DeleteFirewall+ Amazonka.NetworkFirewall.DeleteFirewallPolicy+ Amazonka.NetworkFirewall.DeleteResourcePolicy+ Amazonka.NetworkFirewall.DeleteRuleGroup+ Amazonka.NetworkFirewall.DescribeFirewall+ Amazonka.NetworkFirewall.DescribeFirewallPolicy+ Amazonka.NetworkFirewall.DescribeLoggingConfiguration+ Amazonka.NetworkFirewall.DescribeResourcePolicy+ Amazonka.NetworkFirewall.DescribeRuleGroup+ Amazonka.NetworkFirewall.DescribeRuleGroupMetadata+ Amazonka.NetworkFirewall.DisassociateSubnets+ Amazonka.NetworkFirewall.Lens+ Amazonka.NetworkFirewall.ListFirewallPolicies+ Amazonka.NetworkFirewall.ListFirewalls+ Amazonka.NetworkFirewall.ListRuleGroups+ Amazonka.NetworkFirewall.ListTagsForResource+ Amazonka.NetworkFirewall.PutResourcePolicy+ Amazonka.NetworkFirewall.TagResource+ Amazonka.NetworkFirewall.Types+ Amazonka.NetworkFirewall.Types.ActionDefinition+ Amazonka.NetworkFirewall.Types.Address+ Amazonka.NetworkFirewall.Types.Attachment+ Amazonka.NetworkFirewall.Types.AttachmentStatus+ Amazonka.NetworkFirewall.Types.CapacityUsageSummary+ Amazonka.NetworkFirewall.Types.CIDRSummary+ Amazonka.NetworkFirewall.Types.ConfigurationSyncState+ Amazonka.NetworkFirewall.Types.CustomAction+ Amazonka.NetworkFirewall.Types.Dimension+ Amazonka.NetworkFirewall.Types.EncryptionConfiguration+ Amazonka.NetworkFirewall.Types.EncryptionType+ Amazonka.NetworkFirewall.Types.Firewall+ Amazonka.NetworkFirewall.Types.FirewallMetadata+ Amazonka.NetworkFirewall.Types.FirewallPolicy+ Amazonka.NetworkFirewall.Types.FirewallPolicyMetadata+ Amazonka.NetworkFirewall.Types.FirewallPolicyResponse+ Amazonka.NetworkFirewall.Types.FirewallStatus+ Amazonka.NetworkFirewall.Types.FirewallStatusValue+ Amazonka.NetworkFirewall.Types.GeneratedRulesType+ Amazonka.NetworkFirewall.Types.Header+ Amazonka.NetworkFirewall.Types.IPSet+ Amazonka.NetworkFirewall.Types.IPSetMetadata+ Amazonka.NetworkFirewall.Types.IPSetReference+ Amazonka.NetworkFirewall.Types.LogDestinationConfig+ Amazonka.NetworkFirewall.Types.LogDestinationType+ Amazonka.NetworkFirewall.Types.LoggingConfiguration+ Amazonka.NetworkFirewall.Types.LogType+ Amazonka.NetworkFirewall.Types.MatchAttributes+ Amazonka.NetworkFirewall.Types.OverrideAction+ Amazonka.NetworkFirewall.Types.PerObjectStatus+ Amazonka.NetworkFirewall.Types.PerObjectSyncStatus+ Amazonka.NetworkFirewall.Types.PortRange+ Amazonka.NetworkFirewall.Types.PortSet+ Amazonka.NetworkFirewall.Types.PublishMetricAction+ Amazonka.NetworkFirewall.Types.ReferenceSets+ Amazonka.NetworkFirewall.Types.ResourceManagedStatus+ Amazonka.NetworkFirewall.Types.ResourceManagedType+ Amazonka.NetworkFirewall.Types.ResourceStatus+ Amazonka.NetworkFirewall.Types.RuleDefinition+ Amazonka.NetworkFirewall.Types.RuleGroup+ Amazonka.NetworkFirewall.Types.RuleGroupMetadata+ Amazonka.NetworkFirewall.Types.RuleGroupResponse+ Amazonka.NetworkFirewall.Types.RuleGroupType+ Amazonka.NetworkFirewall.Types.RuleOption+ Amazonka.NetworkFirewall.Types.RuleOrder+ Amazonka.NetworkFirewall.Types.RulesSource+ Amazonka.NetworkFirewall.Types.RulesSourceList+ Amazonka.NetworkFirewall.Types.RuleVariables+ Amazonka.NetworkFirewall.Types.SourceMetadata+ Amazonka.NetworkFirewall.Types.StatefulAction+ Amazonka.NetworkFirewall.Types.StatefulEngineOptions+ Amazonka.NetworkFirewall.Types.StatefulRule+ Amazonka.NetworkFirewall.Types.StatefulRuleDirection+ Amazonka.NetworkFirewall.Types.StatefulRuleGroupOverride+ Amazonka.NetworkFirewall.Types.StatefulRuleGroupReference+ Amazonka.NetworkFirewall.Types.StatefulRuleOptions+ Amazonka.NetworkFirewall.Types.StatefulRuleProtocol+ Amazonka.NetworkFirewall.Types.StatelessRule+ Amazonka.NetworkFirewall.Types.StatelessRuleGroupReference+ Amazonka.NetworkFirewall.Types.StatelessRulesAndCustomActions+ Amazonka.NetworkFirewall.Types.StreamExceptionPolicy+ Amazonka.NetworkFirewall.Types.SubnetMapping+ Amazonka.NetworkFirewall.Types.SyncState+ Amazonka.NetworkFirewall.Types.Tag+ Amazonka.NetworkFirewall.Types.TargetType+ Amazonka.NetworkFirewall.Types.TCPFlag+ Amazonka.NetworkFirewall.Types.TCPFlagField+ Amazonka.NetworkFirewall.UntagResource+ Amazonka.NetworkFirewall.UpdateFirewallDeleteProtection+ Amazonka.NetworkFirewall.UpdateFirewallDescription+ Amazonka.NetworkFirewall.UpdateFirewallEncryptionConfiguration+ Amazonka.NetworkFirewall.UpdateFirewallPolicy+ Amazonka.NetworkFirewall.UpdateFirewallPolicyChangeProtection+ Amazonka.NetworkFirewall.UpdateLoggingConfiguration+ Amazonka.NetworkFirewall.UpdateRuleGroup+ Amazonka.NetworkFirewall.UpdateSubnetChangeProtection+ Amazonka.NetworkFirewall.Waiters++ build-depends:+ , amazonka-core >=2.0 && <2.1+ , base >=4.12 && <5++test-suite amazonka-network-firewall-test+ type: exitcode-stdio-1.0+ default-language: Haskell2010+ hs-source-dirs: test+ main-is: Main.hs+ ghc-options: -Wall -threaded++ -- This section is encoded by the template and any modules added by+ -- hand outside these namespaces will not correctly be added to the+ -- distribution package.+ other-modules:+ Test.Amazonka.Gen.NetworkFirewall+ Test.Amazonka.NetworkFirewall+ Test.Amazonka.NetworkFirewall.Internal++ build-depends:+ , amazonka-core >=2.0 && <2.1+ , amazonka-network-firewall+ , amazonka-test >=2.0 && <2.1+ , base+ , bytestring+ , case-insensitive+ , tasty+ , tasty-hunit+ , text+ , time+ , unordered-containers
+ fixture/AssociateFirewallPolicy.yaml view
@@ -0,0 +1,10 @@+---+method: POST+headers:+ Authorization: AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/network-firewall/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?+ Host: network-firewall.us-east-1.amazonaws.com+ Content-Type: application/x-www-form-urlencoded; charset=utf-8+ X-Amz-Content-SHA256: abcdef+ X-Amz-Date: 20091028T223200Z+body:+ ''
+ fixture/AssociateFirewallPolicyResponse.proto view
+ fixture/AssociateSubnets.yaml view
@@ -0,0 +1,10 @@+---+method: POST+headers:+ Authorization: AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/network-firewall/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?+ Host: network-firewall.us-east-1.amazonaws.com+ Content-Type: application/x-www-form-urlencoded; charset=utf-8+ X-Amz-Content-SHA256: abcdef+ X-Amz-Date: 20091028T223200Z+body:+ ''
+ fixture/AssociateSubnetsResponse.proto view
+ fixture/CreateFirewall.yaml view
@@ -0,0 +1,10 @@+---+method: POST+headers:+ Authorization: AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/network-firewall/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?+ Host: network-firewall.us-east-1.amazonaws.com+ Content-Type: application/x-www-form-urlencoded; charset=utf-8+ X-Amz-Content-SHA256: abcdef+ X-Amz-Date: 20091028T223200Z+body:+ ''
+ fixture/CreateFirewallPolicy.yaml view
@@ -0,0 +1,10 @@+---+method: POST+headers:+ Authorization: AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/network-firewall/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?+ Host: network-firewall.us-east-1.amazonaws.com+ Content-Type: application/x-www-form-urlencoded; charset=utf-8+ X-Amz-Content-SHA256: abcdef+ X-Amz-Date: 20091028T223200Z+body:+ ''
+ fixture/CreateFirewallPolicyResponse.proto view
+ fixture/CreateFirewallResponse.proto view
+ fixture/CreateRuleGroup.yaml view
@@ -0,0 +1,10 @@+---+method: POST+headers:+ Authorization: AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/network-firewall/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?+ Host: network-firewall.us-east-1.amazonaws.com+ Content-Type: application/x-www-form-urlencoded; charset=utf-8+ X-Amz-Content-SHA256: abcdef+ X-Amz-Date: 20091028T223200Z+body:+ ''
+ fixture/CreateRuleGroupResponse.proto view
+ fixture/DeleteFirewall.yaml view
@@ -0,0 +1,10 @@+---+method: POST+headers:+ Authorization: AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/network-firewall/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?+ Host: network-firewall.us-east-1.amazonaws.com+ Content-Type: application/x-www-form-urlencoded; charset=utf-8+ X-Amz-Content-SHA256: abcdef+ X-Amz-Date: 20091028T223200Z+body:+ ''
+ fixture/DeleteFirewallPolicy.yaml view
@@ -0,0 +1,10 @@+---+method: POST+headers:+ Authorization: AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/network-firewall/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?+ Host: network-firewall.us-east-1.amazonaws.com+ Content-Type: application/x-www-form-urlencoded; charset=utf-8+ X-Amz-Content-SHA256: abcdef+ X-Amz-Date: 20091028T223200Z+body:+ ''
+ fixture/DeleteFirewallPolicyResponse.proto view
+ fixture/DeleteFirewallResponse.proto view
+ fixture/DeleteResourcePolicy.yaml view
@@ -0,0 +1,10 @@+---+method: POST+headers:+ Authorization: AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/network-firewall/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?+ Host: network-firewall.us-east-1.amazonaws.com+ Content-Type: application/x-www-form-urlencoded; charset=utf-8+ X-Amz-Content-SHA256: abcdef+ X-Amz-Date: 20091028T223200Z+body:+ ''
+ fixture/DeleteResourcePolicyResponse.proto view
+ fixture/DeleteRuleGroup.yaml view
@@ -0,0 +1,10 @@+---+method: POST+headers:+ Authorization: AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/network-firewall/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?+ Host: network-firewall.us-east-1.amazonaws.com+ Content-Type: application/x-www-form-urlencoded; charset=utf-8+ X-Amz-Content-SHA256: abcdef+ X-Amz-Date: 20091028T223200Z+body:+ ''
+ fixture/DeleteRuleGroupResponse.proto view
+ fixture/DescribeFirewall.yaml view
@@ -0,0 +1,10 @@+---+method: POST+headers:+ Authorization: AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/network-firewall/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?+ Host: network-firewall.us-east-1.amazonaws.com+ Content-Type: application/x-www-form-urlencoded; charset=utf-8+ X-Amz-Content-SHA256: abcdef+ X-Amz-Date: 20091028T223200Z+body:+ ''
+ fixture/DescribeFirewallPolicy.yaml view
@@ -0,0 +1,10 @@+---+method: POST+headers:+ Authorization: AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/network-firewall/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?+ Host: network-firewall.us-east-1.amazonaws.com+ Content-Type: application/x-www-form-urlencoded; charset=utf-8+ X-Amz-Content-SHA256: abcdef+ X-Amz-Date: 20091028T223200Z+body:+ ''
+ fixture/DescribeFirewallPolicyResponse.proto view
+ fixture/DescribeFirewallResponse.proto view
+ fixture/DescribeLoggingConfiguration.yaml view
@@ -0,0 +1,10 @@+---+method: POST+headers:+ Authorization: AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/network-firewall/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?+ Host: network-firewall.us-east-1.amazonaws.com+ Content-Type: application/x-www-form-urlencoded; charset=utf-8+ X-Amz-Content-SHA256: abcdef+ X-Amz-Date: 20091028T223200Z+body:+ ''
+ fixture/DescribeLoggingConfigurationResponse.proto view
+ fixture/DescribeResourcePolicy.yaml view
@@ -0,0 +1,10 @@+---+method: POST+headers:+ Authorization: AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/network-firewall/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?+ Host: network-firewall.us-east-1.amazonaws.com+ Content-Type: application/x-www-form-urlencoded; charset=utf-8+ X-Amz-Content-SHA256: abcdef+ X-Amz-Date: 20091028T223200Z+body:+ ''
+ fixture/DescribeResourcePolicyResponse.proto view
+ fixture/DescribeRuleGroup.yaml view
@@ -0,0 +1,10 @@+---+method: POST+headers:+ Authorization: AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/network-firewall/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?+ Host: network-firewall.us-east-1.amazonaws.com+ Content-Type: application/x-www-form-urlencoded; charset=utf-8+ X-Amz-Content-SHA256: abcdef+ X-Amz-Date: 20091028T223200Z+body:+ ''
+ fixture/DescribeRuleGroupMetadata.yaml view
@@ -0,0 +1,10 @@+---+method: POST+headers:+ Authorization: AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/network-firewall/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?+ Host: network-firewall.us-east-1.amazonaws.com+ Content-Type: application/x-www-form-urlencoded; charset=utf-8+ X-Amz-Content-SHA256: abcdef+ X-Amz-Date: 20091028T223200Z+body:+ ''
+ fixture/DescribeRuleGroupMetadataResponse.proto view
+ fixture/DescribeRuleGroupResponse.proto view
+ fixture/DisassociateSubnets.yaml view
@@ -0,0 +1,10 @@+---+method: POST+headers:+ Authorization: AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/network-firewall/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?+ Host: network-firewall.us-east-1.amazonaws.com+ Content-Type: application/x-www-form-urlencoded; charset=utf-8+ X-Amz-Content-SHA256: abcdef+ X-Amz-Date: 20091028T223200Z+body:+ ''
+ fixture/DisassociateSubnetsResponse.proto view
+ fixture/ListFirewallPolicies.yaml view
@@ -0,0 +1,10 @@+---+method: POST+headers:+ Authorization: AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/network-firewall/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?+ Host: network-firewall.us-east-1.amazonaws.com+ Content-Type: application/x-www-form-urlencoded; charset=utf-8+ X-Amz-Content-SHA256: abcdef+ X-Amz-Date: 20091028T223200Z+body:+ ''
+ fixture/ListFirewallPoliciesResponse.proto view
+ fixture/ListFirewalls.yaml view
@@ -0,0 +1,10 @@+---+method: POST+headers:+ Authorization: AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/network-firewall/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?+ Host: network-firewall.us-east-1.amazonaws.com+ Content-Type: application/x-www-form-urlencoded; charset=utf-8+ X-Amz-Content-SHA256: abcdef+ X-Amz-Date: 20091028T223200Z+body:+ ''
+ fixture/ListFirewallsResponse.proto view
+ fixture/ListRuleGroups.yaml view
@@ -0,0 +1,10 @@+---+method: POST+headers:+ Authorization: AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/network-firewall/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?+ Host: network-firewall.us-east-1.amazonaws.com+ Content-Type: application/x-www-form-urlencoded; charset=utf-8+ X-Amz-Content-SHA256: abcdef+ X-Amz-Date: 20091028T223200Z+body:+ ''
+ fixture/ListRuleGroupsResponse.proto view
+ fixture/ListTagsForResource.yaml view
@@ -0,0 +1,10 @@+---+method: POST+headers:+ Authorization: AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/network-firewall/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?+ Host: network-firewall.us-east-1.amazonaws.com+ Content-Type: application/x-www-form-urlencoded; charset=utf-8+ X-Amz-Content-SHA256: abcdef+ X-Amz-Date: 20091028T223200Z+body:+ ''
+ fixture/ListTagsForResourceResponse.proto view
+ fixture/PutResourcePolicy.yaml view
@@ -0,0 +1,10 @@+---+method: POST+headers:+ Authorization: AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/network-firewall/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?+ Host: network-firewall.us-east-1.amazonaws.com+ Content-Type: application/x-www-form-urlencoded; charset=utf-8+ X-Amz-Content-SHA256: abcdef+ X-Amz-Date: 20091028T223200Z+body:+ ''
+ fixture/PutResourcePolicyResponse.proto view
+ fixture/TagResource.yaml view
@@ -0,0 +1,10 @@+---+method: POST+headers:+ Authorization: AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/network-firewall/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?+ Host: network-firewall.us-east-1.amazonaws.com+ Content-Type: application/x-www-form-urlencoded; charset=utf-8+ X-Amz-Content-SHA256: abcdef+ X-Amz-Date: 20091028T223200Z+body:+ ''
+ fixture/TagResourceResponse.proto view
+ fixture/UntagResource.yaml view
@@ -0,0 +1,10 @@+---+method: POST+headers:+ Authorization: AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/network-firewall/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?+ Host: network-firewall.us-east-1.amazonaws.com+ Content-Type: application/x-www-form-urlencoded; charset=utf-8+ X-Amz-Content-SHA256: abcdef+ X-Amz-Date: 20091028T223200Z+body:+ ''
+ fixture/UntagResourceResponse.proto view
+ fixture/UpdateFirewallDeleteProtection.yaml view
@@ -0,0 +1,10 @@+---+method: POST+headers:+ Authorization: AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/network-firewall/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?+ Host: network-firewall.us-east-1.amazonaws.com+ Content-Type: application/x-www-form-urlencoded; charset=utf-8+ X-Amz-Content-SHA256: abcdef+ X-Amz-Date: 20091028T223200Z+body:+ ''
+ fixture/UpdateFirewallDeleteProtectionResponse.proto view
+ fixture/UpdateFirewallDescription.yaml view
@@ -0,0 +1,10 @@+---+method: POST+headers:+ Authorization: AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/network-firewall/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?+ Host: network-firewall.us-east-1.amazonaws.com+ Content-Type: application/x-www-form-urlencoded; charset=utf-8+ X-Amz-Content-SHA256: abcdef+ X-Amz-Date: 20091028T223200Z+body:+ ''
+ fixture/UpdateFirewallDescriptionResponse.proto view
+ fixture/UpdateFirewallEncryptionConfiguration.yaml view
@@ -0,0 +1,10 @@+---+method: POST+headers:+ Authorization: AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/network-firewall/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?+ Host: network-firewall.us-east-1.amazonaws.com+ Content-Type: application/x-www-form-urlencoded; charset=utf-8+ X-Amz-Content-SHA256: abcdef+ X-Amz-Date: 20091028T223200Z+body:+ ''
+ fixture/UpdateFirewallEncryptionConfigurationResponse.proto view
+ fixture/UpdateFirewallPolicy.yaml view
@@ -0,0 +1,10 @@+---+method: POST+headers:+ Authorization: AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/network-firewall/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?+ Host: network-firewall.us-east-1.amazonaws.com+ Content-Type: application/x-www-form-urlencoded; charset=utf-8+ X-Amz-Content-SHA256: abcdef+ X-Amz-Date: 20091028T223200Z+body:+ ''
+ fixture/UpdateFirewallPolicyChangeProtection.yaml view
@@ -0,0 +1,10 @@+---+method: POST+headers:+ Authorization: AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/network-firewall/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?+ Host: network-firewall.us-east-1.amazonaws.com+ Content-Type: application/x-www-form-urlencoded; charset=utf-8+ X-Amz-Content-SHA256: abcdef+ X-Amz-Date: 20091028T223200Z+body:+ ''
+ fixture/UpdateFirewallPolicyChangeProtectionResponse.proto view
+ fixture/UpdateFirewallPolicyResponse.proto view
+ fixture/UpdateLoggingConfiguration.yaml view
@@ -0,0 +1,10 @@+---+method: POST+headers:+ Authorization: AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/network-firewall/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?+ Host: network-firewall.us-east-1.amazonaws.com+ Content-Type: application/x-www-form-urlencoded; charset=utf-8+ X-Amz-Content-SHA256: abcdef+ X-Amz-Date: 20091028T223200Z+body:+ ''
+ fixture/UpdateLoggingConfigurationResponse.proto view
+ fixture/UpdateRuleGroup.yaml view
@@ -0,0 +1,10 @@+---+method: POST+headers:+ Authorization: AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/network-firewall/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?+ Host: network-firewall.us-east-1.amazonaws.com+ Content-Type: application/x-www-form-urlencoded; charset=utf-8+ X-Amz-Content-SHA256: abcdef+ X-Amz-Date: 20091028T223200Z+body:+ ''
+ fixture/UpdateRuleGroupResponse.proto view
+ fixture/UpdateSubnetChangeProtection.yaml view
@@ -0,0 +1,10 @@+---+method: POST+headers:+ Authorization: AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/network-firewall/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?+ Host: network-firewall.us-east-1.amazonaws.com+ Content-Type: application/x-www-form-urlencoded; charset=utf-8+ X-Amz-Content-SHA256: abcdef+ X-Amz-Date: 20091028T223200Z+body:+ ''
+ fixture/UpdateSubnetChangeProtectionResponse.proto view
+ gen/Amazonka/NetworkFirewall.hs view
@@ -0,0 +1,637 @@+{-# OPTIONS_GHC -fno-warn-duplicate-exports #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}++-- |+-- Module : Amazonka.NetworkFirewall+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+--+-- Derived from API version @2020-11-12@ of the AWS service descriptions, licensed under Apache 2.0.+--+-- This is the API Reference for Network Firewall. This guide is for+-- developers who need detailed information about the Network Firewall API+-- actions, data types, and errors.+--+-- - The REST API requires you to handle connection details, such as+-- calculating signatures, handling request retries, and error+-- handling. For general information about using the Amazon Web+-- Services REST APIs, see+-- <https://docs.aws.amazon.com/general/latest/gr/aws-apis.html Amazon Web Services APIs>.+--+-- To access Network Firewall using the REST API endpoint:+-- @https:\/\/network-firewall.\<region>.amazonaws.com @+--+-- - Alternatively, you can use one of the Amazon Web Services SDKs to+-- access an API that\'s tailored to the programming language or+-- platform that you\'re using. For more information, see+-- <http://aws.amazon.com/tools/#SDKs Amazon Web Services SDKs>.+--+-- - For descriptions of Network Firewall features, including and+-- step-by-step instructions on how to use them through the Network+-- Firewall console, see the+-- <https://docs.aws.amazon.com/network-firewall/latest/developerguide/ Network Firewall Developer Guide>.+--+-- Network Firewall is a stateful, managed, network firewall and intrusion+-- detection and prevention service for Amazon Virtual Private Cloud+-- (Amazon VPC). With Network Firewall, you can filter traffic at the+-- perimeter of your VPC. This includes filtering traffic going to and+-- coming from an internet gateway, NAT gateway, or over VPN or Direct+-- Connect. Network Firewall uses rules that are compatible with Suricata,+-- a free, open source network analysis and threat detection engine.+-- Network Firewall supports Suricata version 5.0.2. For information about+-- Suricata, see the <https://suricata.io/ Suricata website>.+--+-- You can use Network Firewall to monitor and protect your VPC traffic in+-- a number of ways. The following are just a few examples:+--+-- - Allow domains or IP addresses for known Amazon Web Services service+-- endpoints, such as Amazon S3, and block all other forms of traffic.+--+-- - Use custom lists of known bad domains to limit the types of domain+-- names that your applications can access.+--+-- - Perform deep packet inspection on traffic entering or leaving your+-- VPC.+--+-- - Use stateful protocol detection to filter protocols like HTTPS,+-- regardless of the port used.+--+-- To enable Network Firewall for your VPCs, you perform steps in both+-- Amazon VPC and in Network Firewall. For information about using Amazon+-- VPC, see+-- <https://docs.aws.amazon.com/vpc/latest/userguide/ Amazon VPC User Guide>.+--+-- To start using Network Firewall, do the following:+--+-- 1. (Optional) If you don\'t already have a VPC that you want to+-- protect, create it in Amazon VPC.+--+-- 2. In Amazon VPC, in each Availability Zone where you want to have a+-- firewall endpoint, create a subnet for the sole use of Network+-- Firewall.+--+-- 3. In Network Firewall, create stateless and stateful rule groups, to+-- define the components of the network traffic filtering behavior that+-- you want your firewall to have.+--+-- 4. In Network Firewall, create a firewall policy that uses your rule+-- groups and specifies additional default traffic filtering behavior.+--+-- 5. In Network Firewall, create a firewall and specify your new firewall+-- policy and VPC subnets. Network Firewall creates a firewall endpoint+-- in each subnet that you specify, with the behavior that\'s defined+-- in the firewall policy.+--+-- 6. In Amazon VPC, use ingress routing enhancements to route traffic+-- through the new firewall endpoints.+module Amazonka.NetworkFirewall+ ( -- * Service Configuration+ defaultService,++ -- * Errors+ -- $errors++ -- ** InsufficientCapacityException+ _InsufficientCapacityException,++ -- ** InternalServerError+ _InternalServerError,++ -- ** InvalidOperationException+ _InvalidOperationException,++ -- ** InvalidRequestException+ _InvalidRequestException,++ -- ** InvalidResourcePolicyException+ _InvalidResourcePolicyException,++ -- ** InvalidTokenException+ _InvalidTokenException,++ -- ** LimitExceededException+ _LimitExceededException,++ -- ** LogDestinationPermissionException+ _LogDestinationPermissionException,++ -- ** ResourceNotFoundException+ _ResourceNotFoundException,++ -- ** ResourceOwnerCheckException+ _ResourceOwnerCheckException,++ -- ** ThrottlingException+ _ThrottlingException,++ -- ** UnsupportedOperationException+ _UnsupportedOperationException,++ -- * Waiters+ -- $waiters++ -- * Operations+ -- $operations++ -- ** AssociateFirewallPolicy+ AssociateFirewallPolicy (AssociateFirewallPolicy'),+ newAssociateFirewallPolicy,+ AssociateFirewallPolicyResponse (AssociateFirewallPolicyResponse'),+ newAssociateFirewallPolicyResponse,++ -- ** AssociateSubnets+ AssociateSubnets (AssociateSubnets'),+ newAssociateSubnets,+ AssociateSubnetsResponse (AssociateSubnetsResponse'),+ newAssociateSubnetsResponse,++ -- ** CreateFirewall+ CreateFirewall (CreateFirewall'),+ newCreateFirewall,+ CreateFirewallResponse (CreateFirewallResponse'),+ newCreateFirewallResponse,++ -- ** CreateFirewallPolicy+ CreateFirewallPolicy (CreateFirewallPolicy'),+ newCreateFirewallPolicy,+ CreateFirewallPolicyResponse (CreateFirewallPolicyResponse'),+ newCreateFirewallPolicyResponse,++ -- ** CreateRuleGroup+ CreateRuleGroup (CreateRuleGroup'),+ newCreateRuleGroup,+ CreateRuleGroupResponse (CreateRuleGroupResponse'),+ newCreateRuleGroupResponse,++ -- ** DeleteFirewall+ DeleteFirewall (DeleteFirewall'),+ newDeleteFirewall,+ DeleteFirewallResponse (DeleteFirewallResponse'),+ newDeleteFirewallResponse,++ -- ** DeleteFirewallPolicy+ DeleteFirewallPolicy (DeleteFirewallPolicy'),+ newDeleteFirewallPolicy,+ DeleteFirewallPolicyResponse (DeleteFirewallPolicyResponse'),+ newDeleteFirewallPolicyResponse,++ -- ** DeleteResourcePolicy+ DeleteResourcePolicy (DeleteResourcePolicy'),+ newDeleteResourcePolicy,+ DeleteResourcePolicyResponse (DeleteResourcePolicyResponse'),+ newDeleteResourcePolicyResponse,++ -- ** DeleteRuleGroup+ DeleteRuleGroup (DeleteRuleGroup'),+ newDeleteRuleGroup,+ DeleteRuleGroupResponse (DeleteRuleGroupResponse'),+ newDeleteRuleGroupResponse,++ -- ** DescribeFirewall+ DescribeFirewall (DescribeFirewall'),+ newDescribeFirewall,+ DescribeFirewallResponse (DescribeFirewallResponse'),+ newDescribeFirewallResponse,++ -- ** DescribeFirewallPolicy+ DescribeFirewallPolicy (DescribeFirewallPolicy'),+ newDescribeFirewallPolicy,+ DescribeFirewallPolicyResponse (DescribeFirewallPolicyResponse'),+ newDescribeFirewallPolicyResponse,++ -- ** DescribeLoggingConfiguration+ DescribeLoggingConfiguration (DescribeLoggingConfiguration'),+ newDescribeLoggingConfiguration,+ DescribeLoggingConfigurationResponse (DescribeLoggingConfigurationResponse'),+ newDescribeLoggingConfigurationResponse,++ -- ** DescribeResourcePolicy+ DescribeResourcePolicy (DescribeResourcePolicy'),+ newDescribeResourcePolicy,+ DescribeResourcePolicyResponse (DescribeResourcePolicyResponse'),+ newDescribeResourcePolicyResponse,++ -- ** DescribeRuleGroup+ DescribeRuleGroup (DescribeRuleGroup'),+ newDescribeRuleGroup,+ DescribeRuleGroupResponse (DescribeRuleGroupResponse'),+ newDescribeRuleGroupResponse,++ -- ** DescribeRuleGroupMetadata+ DescribeRuleGroupMetadata (DescribeRuleGroupMetadata'),+ newDescribeRuleGroupMetadata,+ DescribeRuleGroupMetadataResponse (DescribeRuleGroupMetadataResponse'),+ newDescribeRuleGroupMetadataResponse,++ -- ** DisassociateSubnets+ DisassociateSubnets (DisassociateSubnets'),+ newDisassociateSubnets,+ DisassociateSubnetsResponse (DisassociateSubnetsResponse'),+ newDisassociateSubnetsResponse,++ -- ** ListFirewallPolicies (Paginated)+ ListFirewallPolicies (ListFirewallPolicies'),+ newListFirewallPolicies,+ ListFirewallPoliciesResponse (ListFirewallPoliciesResponse'),+ newListFirewallPoliciesResponse,++ -- ** ListFirewalls (Paginated)+ ListFirewalls (ListFirewalls'),+ newListFirewalls,+ ListFirewallsResponse (ListFirewallsResponse'),+ newListFirewallsResponse,++ -- ** ListRuleGroups (Paginated)+ ListRuleGroups (ListRuleGroups'),+ newListRuleGroups,+ ListRuleGroupsResponse (ListRuleGroupsResponse'),+ newListRuleGroupsResponse,++ -- ** ListTagsForResource (Paginated)+ ListTagsForResource (ListTagsForResource'),+ newListTagsForResource,+ ListTagsForResourceResponse (ListTagsForResourceResponse'),+ newListTagsForResourceResponse,++ -- ** PutResourcePolicy+ PutResourcePolicy (PutResourcePolicy'),+ newPutResourcePolicy,+ PutResourcePolicyResponse (PutResourcePolicyResponse'),+ newPutResourcePolicyResponse,++ -- ** TagResource+ TagResource (TagResource'),+ newTagResource,+ TagResourceResponse (TagResourceResponse'),+ newTagResourceResponse,++ -- ** UntagResource+ UntagResource (UntagResource'),+ newUntagResource,+ UntagResourceResponse (UntagResourceResponse'),+ newUntagResourceResponse,++ -- ** UpdateFirewallDeleteProtection+ UpdateFirewallDeleteProtection (UpdateFirewallDeleteProtection'),+ newUpdateFirewallDeleteProtection,+ UpdateFirewallDeleteProtectionResponse (UpdateFirewallDeleteProtectionResponse'),+ newUpdateFirewallDeleteProtectionResponse,++ -- ** UpdateFirewallDescription+ UpdateFirewallDescription (UpdateFirewallDescription'),+ newUpdateFirewallDescription,+ UpdateFirewallDescriptionResponse (UpdateFirewallDescriptionResponse'),+ newUpdateFirewallDescriptionResponse,++ -- ** UpdateFirewallEncryptionConfiguration+ UpdateFirewallEncryptionConfiguration (UpdateFirewallEncryptionConfiguration'),+ newUpdateFirewallEncryptionConfiguration,+ UpdateFirewallEncryptionConfigurationResponse (UpdateFirewallEncryptionConfigurationResponse'),+ newUpdateFirewallEncryptionConfigurationResponse,++ -- ** UpdateFirewallPolicy+ UpdateFirewallPolicy (UpdateFirewallPolicy'),+ newUpdateFirewallPolicy,+ UpdateFirewallPolicyResponse (UpdateFirewallPolicyResponse'),+ newUpdateFirewallPolicyResponse,++ -- ** UpdateFirewallPolicyChangeProtection+ UpdateFirewallPolicyChangeProtection (UpdateFirewallPolicyChangeProtection'),+ newUpdateFirewallPolicyChangeProtection,+ UpdateFirewallPolicyChangeProtectionResponse (UpdateFirewallPolicyChangeProtectionResponse'),+ newUpdateFirewallPolicyChangeProtectionResponse,++ -- ** UpdateLoggingConfiguration+ UpdateLoggingConfiguration (UpdateLoggingConfiguration'),+ newUpdateLoggingConfiguration,+ UpdateLoggingConfigurationResponse (UpdateLoggingConfigurationResponse'),+ newUpdateLoggingConfigurationResponse,++ -- ** UpdateRuleGroup+ UpdateRuleGroup (UpdateRuleGroup'),+ newUpdateRuleGroup,+ UpdateRuleGroupResponse (UpdateRuleGroupResponse'),+ newUpdateRuleGroupResponse,++ -- ** UpdateSubnetChangeProtection+ UpdateSubnetChangeProtection (UpdateSubnetChangeProtection'),+ newUpdateSubnetChangeProtection,+ UpdateSubnetChangeProtectionResponse (UpdateSubnetChangeProtectionResponse'),+ newUpdateSubnetChangeProtectionResponse,++ -- * Types++ -- ** AttachmentStatus+ AttachmentStatus (..),++ -- ** ConfigurationSyncState+ ConfigurationSyncState (..),++ -- ** EncryptionType+ EncryptionType (..),++ -- ** FirewallStatusValue+ FirewallStatusValue (..),++ -- ** GeneratedRulesType+ GeneratedRulesType (..),++ -- ** LogDestinationType+ LogDestinationType (..),++ -- ** LogType+ LogType (..),++ -- ** OverrideAction+ OverrideAction (..),++ -- ** PerObjectSyncStatus+ PerObjectSyncStatus (..),++ -- ** ResourceManagedStatus+ ResourceManagedStatus (..),++ -- ** ResourceManagedType+ ResourceManagedType (..),++ -- ** ResourceStatus+ ResourceStatus (..),++ -- ** RuleGroupType+ RuleGroupType (..),++ -- ** RuleOrder+ RuleOrder (..),++ -- ** StatefulAction+ StatefulAction (..),++ -- ** StatefulRuleDirection+ StatefulRuleDirection (..),++ -- ** StatefulRuleProtocol+ StatefulRuleProtocol (..),++ -- ** StreamExceptionPolicy+ StreamExceptionPolicy (..),++ -- ** TCPFlag+ TCPFlag (..),++ -- ** TargetType+ TargetType (..),++ -- ** ActionDefinition+ ActionDefinition (ActionDefinition'),+ newActionDefinition,++ -- ** Address+ Address (Address'),+ newAddress,++ -- ** Attachment+ Attachment (Attachment'),+ newAttachment,++ -- ** CIDRSummary+ CIDRSummary (CIDRSummary'),+ newCIDRSummary,++ -- ** CapacityUsageSummary+ CapacityUsageSummary (CapacityUsageSummary'),+ newCapacityUsageSummary,++ -- ** CustomAction+ CustomAction (CustomAction'),+ newCustomAction,++ -- ** Dimension+ Dimension (Dimension'),+ newDimension,++ -- ** EncryptionConfiguration+ EncryptionConfiguration (EncryptionConfiguration'),+ newEncryptionConfiguration,++ -- ** Firewall+ Firewall (Firewall'),+ newFirewall,++ -- ** FirewallMetadata+ FirewallMetadata (FirewallMetadata'),+ newFirewallMetadata,++ -- ** FirewallPolicy+ FirewallPolicy (FirewallPolicy'),+ newFirewallPolicy,++ -- ** FirewallPolicyMetadata+ FirewallPolicyMetadata (FirewallPolicyMetadata'),+ newFirewallPolicyMetadata,++ -- ** FirewallPolicyResponse+ FirewallPolicyResponse (FirewallPolicyResponse'),+ newFirewallPolicyResponse,++ -- ** FirewallStatus+ FirewallStatus (FirewallStatus'),+ newFirewallStatus,++ -- ** Header+ Header (Header'),+ newHeader,++ -- ** IPSet+ IPSet (IPSet'),+ newIPSet,++ -- ** IPSetMetadata+ IPSetMetadata (IPSetMetadata'),+ newIPSetMetadata,++ -- ** IPSetReference+ IPSetReference (IPSetReference'),+ newIPSetReference,++ -- ** LogDestinationConfig+ LogDestinationConfig (LogDestinationConfig'),+ newLogDestinationConfig,++ -- ** LoggingConfiguration+ LoggingConfiguration (LoggingConfiguration'),+ newLoggingConfiguration,++ -- ** MatchAttributes+ MatchAttributes (MatchAttributes'),+ newMatchAttributes,++ -- ** PerObjectStatus+ PerObjectStatus (PerObjectStatus'),+ newPerObjectStatus,++ -- ** PortRange+ PortRange (PortRange'),+ newPortRange,++ -- ** PortSet+ PortSet (PortSet'),+ newPortSet,++ -- ** PublishMetricAction+ PublishMetricAction (PublishMetricAction'),+ newPublishMetricAction,++ -- ** ReferenceSets+ ReferenceSets (ReferenceSets'),+ newReferenceSets,++ -- ** RuleDefinition+ RuleDefinition (RuleDefinition'),+ newRuleDefinition,++ -- ** RuleGroup+ RuleGroup (RuleGroup'),+ newRuleGroup,++ -- ** RuleGroupMetadata+ RuleGroupMetadata (RuleGroupMetadata'),+ newRuleGroupMetadata,++ -- ** RuleGroupResponse+ RuleGroupResponse (RuleGroupResponse'),+ newRuleGroupResponse,++ -- ** RuleOption+ RuleOption (RuleOption'),+ newRuleOption,++ -- ** RuleVariables+ RuleVariables (RuleVariables'),+ newRuleVariables,++ -- ** RulesSource+ RulesSource (RulesSource'),+ newRulesSource,++ -- ** RulesSourceList+ RulesSourceList (RulesSourceList'),+ newRulesSourceList,++ -- ** SourceMetadata+ SourceMetadata (SourceMetadata'),+ newSourceMetadata,++ -- ** StatefulEngineOptions+ StatefulEngineOptions (StatefulEngineOptions'),+ newStatefulEngineOptions,++ -- ** StatefulRule+ StatefulRule (StatefulRule'),+ newStatefulRule,++ -- ** StatefulRuleGroupOverride+ StatefulRuleGroupOverride (StatefulRuleGroupOverride'),+ newStatefulRuleGroupOverride,++ -- ** StatefulRuleGroupReference+ StatefulRuleGroupReference (StatefulRuleGroupReference'),+ newStatefulRuleGroupReference,++ -- ** StatefulRuleOptions+ StatefulRuleOptions (StatefulRuleOptions'),+ newStatefulRuleOptions,++ -- ** StatelessRule+ StatelessRule (StatelessRule'),+ newStatelessRule,++ -- ** StatelessRuleGroupReference+ StatelessRuleGroupReference (StatelessRuleGroupReference'),+ newStatelessRuleGroupReference,++ -- ** StatelessRulesAndCustomActions+ StatelessRulesAndCustomActions (StatelessRulesAndCustomActions'),+ newStatelessRulesAndCustomActions,++ -- ** SubnetMapping+ SubnetMapping (SubnetMapping'),+ newSubnetMapping,++ -- ** SyncState+ SyncState (SyncState'),+ newSyncState,++ -- ** TCPFlagField+ TCPFlagField (TCPFlagField'),+ newTCPFlagField,++ -- ** Tag+ Tag (Tag'),+ newTag,+ )+where++import Amazonka.NetworkFirewall.AssociateFirewallPolicy+import Amazonka.NetworkFirewall.AssociateSubnets+import Amazonka.NetworkFirewall.CreateFirewall+import Amazonka.NetworkFirewall.CreateFirewallPolicy+import Amazonka.NetworkFirewall.CreateRuleGroup+import Amazonka.NetworkFirewall.DeleteFirewall+import Amazonka.NetworkFirewall.DeleteFirewallPolicy+import Amazonka.NetworkFirewall.DeleteResourcePolicy+import Amazonka.NetworkFirewall.DeleteRuleGroup+import Amazonka.NetworkFirewall.DescribeFirewall+import Amazonka.NetworkFirewall.DescribeFirewallPolicy+import Amazonka.NetworkFirewall.DescribeLoggingConfiguration+import Amazonka.NetworkFirewall.DescribeResourcePolicy+import Amazonka.NetworkFirewall.DescribeRuleGroup+import Amazonka.NetworkFirewall.DescribeRuleGroupMetadata+import Amazonka.NetworkFirewall.DisassociateSubnets+import Amazonka.NetworkFirewall.Lens+import Amazonka.NetworkFirewall.ListFirewallPolicies+import Amazonka.NetworkFirewall.ListFirewalls+import Amazonka.NetworkFirewall.ListRuleGroups+import Amazonka.NetworkFirewall.ListTagsForResource+import Amazonka.NetworkFirewall.PutResourcePolicy+import Amazonka.NetworkFirewall.TagResource+import Amazonka.NetworkFirewall.Types+import Amazonka.NetworkFirewall.UntagResource+import Amazonka.NetworkFirewall.UpdateFirewallDeleteProtection+import Amazonka.NetworkFirewall.UpdateFirewallDescription+import Amazonka.NetworkFirewall.UpdateFirewallEncryptionConfiguration+import Amazonka.NetworkFirewall.UpdateFirewallPolicy+import Amazonka.NetworkFirewall.UpdateFirewallPolicyChangeProtection+import Amazonka.NetworkFirewall.UpdateLoggingConfiguration+import Amazonka.NetworkFirewall.UpdateRuleGroup+import Amazonka.NetworkFirewall.UpdateSubnetChangeProtection+import Amazonka.NetworkFirewall.Waiters++-- $errors+-- Error matchers are designed for use with the functions provided by+-- <http://hackage.haskell.org/package/lens/docs/Control-Exception-Lens.html Control.Exception.Lens>.+-- This allows catching (and rethrowing) service specific errors returned+-- by 'NetworkFirewall'.++-- $operations+-- Some AWS operations return results that are incomplete and require subsequent+-- requests in order to obtain the entire result set. The process of sending+-- subsequent requests to continue where a previous request left off is called+-- pagination. For example, the 'ListObjects' operation of Amazon S3 returns up to+-- 1000 objects at a time, and you must send subsequent requests with the+-- appropriate Marker in order to retrieve the next page of results.+--+-- Operations that have an 'AWSPager' instance can transparently perform subsequent+-- requests, correctly setting Markers and other request facets to iterate through+-- the entire result set of a truncated API operation. Operations which support+-- this have an additional note in the documentation.+--+-- Many operations have the ability to filter results on the server side. See the+-- individual operation parameters for details.++-- $waiters+-- Waiters poll by repeatedly sending a request until some remote success condition+-- configured by the 'Wait' specification is fulfilled. The 'Wait' specification+-- determines how many attempts should be made, in addition to delay and retry strategies.
+ gen/Amazonka/NetworkFirewall/AssociateFirewallPolicy.hs view
@@ -0,0 +1,372 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE TypeFamilies #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-binds #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.AssociateFirewallPolicy+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+--+-- Associates a FirewallPolicy to a Firewall.+--+-- A firewall policy defines how to monitor and manage your VPC network+-- traffic, using a collection of inspection rule groups and other+-- settings. Each firewall requires one firewall policy association, and+-- you can use the same firewall policy for multiple firewalls.+module Amazonka.NetworkFirewall.AssociateFirewallPolicy+ ( -- * Creating a Request+ AssociateFirewallPolicy (..),+ newAssociateFirewallPolicy,++ -- * Request Lenses+ associateFirewallPolicy_firewallArn,+ associateFirewallPolicy_firewallName,+ associateFirewallPolicy_updateToken,+ associateFirewallPolicy_firewallPolicyArn,++ -- * Destructuring the Response+ AssociateFirewallPolicyResponse (..),+ newAssociateFirewallPolicyResponse,++ -- * Response Lenses+ associateFirewallPolicyResponse_firewallArn,+ associateFirewallPolicyResponse_firewallName,+ associateFirewallPolicyResponse_firewallPolicyArn,+ associateFirewallPolicyResponse_updateToken,+ associateFirewallPolicyResponse_httpStatus,+ )+where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import Amazonka.NetworkFirewall.Types+import qualified Amazonka.Prelude as Prelude+import qualified Amazonka.Request as Request+import qualified Amazonka.Response as Response++-- | /See:/ 'newAssociateFirewallPolicy' smart constructor.+data AssociateFirewallPolicy = AssociateFirewallPolicy'+ { -- | The Amazon Resource Name (ARN) of the firewall.+ --+ -- You must specify the ARN or the name, and you can specify both.+ firewallArn :: Prelude.Maybe Prelude.Text,+ -- | The descriptive name of the firewall. You can\'t change the name of a+ -- firewall after you create it.+ --+ -- You must specify the ARN or the name, and you can specify both.+ firewallName :: Prelude.Maybe Prelude.Text,+ -- | An optional token that you can use for optimistic locking. Network+ -- Firewall returns a token to your requests that access the firewall. The+ -- token marks the state of the firewall resource at the time of the+ -- request.+ --+ -- To make an unconditional change to the firewall, omit the token in your+ -- update request. Without the token, Network Firewall performs your+ -- updates regardless of whether the firewall has changed since you last+ -- retrieved it.+ --+ -- To make a conditional change to the firewall, provide the token in your+ -- update request. Network Firewall uses the token to ensure that the+ -- firewall hasn\'t changed since you last retrieved it. If it has changed,+ -- the operation fails with an @InvalidTokenException@. If this happens,+ -- retrieve the firewall again to get a current copy of it with a new+ -- token. Reapply your changes as needed, then try the operation again+ -- using the new token.+ updateToken :: Prelude.Maybe Prelude.Text,+ -- | The Amazon Resource Name (ARN) of the firewall policy.+ firewallPolicyArn :: Prelude.Text+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'AssociateFirewallPolicy' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'firewallArn', 'associateFirewallPolicy_firewallArn' - The Amazon Resource Name (ARN) of the firewall.+--+-- You must specify the ARN or the name, and you can specify both.+--+-- 'firewallName', 'associateFirewallPolicy_firewallName' - The descriptive name of the firewall. You can\'t change the name of a+-- firewall after you create it.+--+-- You must specify the ARN or the name, and you can specify both.+--+-- 'updateToken', 'associateFirewallPolicy_updateToken' - An optional token that you can use for optimistic locking. Network+-- Firewall returns a token to your requests that access the firewall. The+-- token marks the state of the firewall resource at the time of the+-- request.+--+-- To make an unconditional change to the firewall, omit the token in your+-- update request. Without the token, Network Firewall performs your+-- updates regardless of whether the firewall has changed since you last+-- retrieved it.+--+-- To make a conditional change to the firewall, provide the token in your+-- update request. Network Firewall uses the token to ensure that the+-- firewall hasn\'t changed since you last retrieved it. If it has changed,+-- the operation fails with an @InvalidTokenException@. If this happens,+-- retrieve the firewall again to get a current copy of it with a new+-- token. Reapply your changes as needed, then try the operation again+-- using the new token.+--+-- 'firewallPolicyArn', 'associateFirewallPolicy_firewallPolicyArn' - The Amazon Resource Name (ARN) of the firewall policy.+newAssociateFirewallPolicy ::+ -- | 'firewallPolicyArn'+ Prelude.Text ->+ AssociateFirewallPolicy+newAssociateFirewallPolicy pFirewallPolicyArn_ =+ AssociateFirewallPolicy'+ { firewallArn =+ Prelude.Nothing,+ firewallName = Prelude.Nothing,+ updateToken = Prelude.Nothing,+ firewallPolicyArn = pFirewallPolicyArn_+ }++-- | The Amazon Resource Name (ARN) of the firewall.+--+-- You must specify the ARN or the name, and you can specify both.+associateFirewallPolicy_firewallArn :: Lens.Lens' AssociateFirewallPolicy (Prelude.Maybe Prelude.Text)+associateFirewallPolicy_firewallArn = Lens.lens (\AssociateFirewallPolicy' {firewallArn} -> firewallArn) (\s@AssociateFirewallPolicy' {} a -> s {firewallArn = a} :: AssociateFirewallPolicy)++-- | The descriptive name of the firewall. You can\'t change the name of a+-- firewall after you create it.+--+-- You must specify the ARN or the name, and you can specify both.+associateFirewallPolicy_firewallName :: Lens.Lens' AssociateFirewallPolicy (Prelude.Maybe Prelude.Text)+associateFirewallPolicy_firewallName = Lens.lens (\AssociateFirewallPolicy' {firewallName} -> firewallName) (\s@AssociateFirewallPolicy' {} a -> s {firewallName = a} :: AssociateFirewallPolicy)++-- | An optional token that you can use for optimistic locking. Network+-- Firewall returns a token to your requests that access the firewall. The+-- token marks the state of the firewall resource at the time of the+-- request.+--+-- To make an unconditional change to the firewall, omit the token in your+-- update request. Without the token, Network Firewall performs your+-- updates regardless of whether the firewall has changed since you last+-- retrieved it.+--+-- To make a conditional change to the firewall, provide the token in your+-- update request. Network Firewall uses the token to ensure that the+-- firewall hasn\'t changed since you last retrieved it. If it has changed,+-- the operation fails with an @InvalidTokenException@. If this happens,+-- retrieve the firewall again to get a current copy of it with a new+-- token. Reapply your changes as needed, then try the operation again+-- using the new token.+associateFirewallPolicy_updateToken :: Lens.Lens' AssociateFirewallPolicy (Prelude.Maybe Prelude.Text)+associateFirewallPolicy_updateToken = Lens.lens (\AssociateFirewallPolicy' {updateToken} -> updateToken) (\s@AssociateFirewallPolicy' {} a -> s {updateToken = a} :: AssociateFirewallPolicy)++-- | The Amazon Resource Name (ARN) of the firewall policy.+associateFirewallPolicy_firewallPolicyArn :: Lens.Lens' AssociateFirewallPolicy Prelude.Text+associateFirewallPolicy_firewallPolicyArn = Lens.lens (\AssociateFirewallPolicy' {firewallPolicyArn} -> firewallPolicyArn) (\s@AssociateFirewallPolicy' {} a -> s {firewallPolicyArn = a} :: AssociateFirewallPolicy)++instance Core.AWSRequest AssociateFirewallPolicy where+ type+ AWSResponse AssociateFirewallPolicy =+ AssociateFirewallPolicyResponse+ request overrides =+ Request.postJSON (overrides defaultService)+ response =+ Response.receiveJSON+ ( \s h x ->+ AssociateFirewallPolicyResponse'+ Prelude.<$> (x Data..?> "FirewallArn")+ Prelude.<*> (x Data..?> "FirewallName")+ Prelude.<*> (x Data..?> "FirewallPolicyArn")+ Prelude.<*> (x Data..?> "UpdateToken")+ Prelude.<*> (Prelude.pure (Prelude.fromEnum s))+ )++instance Prelude.Hashable AssociateFirewallPolicy where+ hashWithSalt _salt AssociateFirewallPolicy' {..} =+ _salt+ `Prelude.hashWithSalt` firewallArn+ `Prelude.hashWithSalt` firewallName+ `Prelude.hashWithSalt` updateToken+ `Prelude.hashWithSalt` firewallPolicyArn++instance Prelude.NFData AssociateFirewallPolicy where+ rnf AssociateFirewallPolicy' {..} =+ Prelude.rnf firewallArn+ `Prelude.seq` Prelude.rnf firewallName+ `Prelude.seq` Prelude.rnf updateToken+ `Prelude.seq` Prelude.rnf firewallPolicyArn++instance Data.ToHeaders AssociateFirewallPolicy where+ toHeaders =+ Prelude.const+ ( Prelude.mconcat+ [ "X-Amz-Target"+ Data.=# ( "NetworkFirewall_20201112.AssociateFirewallPolicy" ::+ Prelude.ByteString+ ),+ "Content-Type"+ Data.=# ( "application/x-amz-json-1.0" ::+ Prelude.ByteString+ )+ ]+ )++instance Data.ToJSON AssociateFirewallPolicy where+ toJSON AssociateFirewallPolicy' {..} =+ Data.object+ ( Prelude.catMaybes+ [ ("FirewallArn" Data..=) Prelude.<$> firewallArn,+ ("FirewallName" Data..=) Prelude.<$> firewallName,+ ("UpdateToken" Data..=) Prelude.<$> updateToken,+ Prelude.Just+ ("FirewallPolicyArn" Data..= firewallPolicyArn)+ ]+ )++instance Data.ToPath AssociateFirewallPolicy where+ toPath = Prelude.const "/"++instance Data.ToQuery AssociateFirewallPolicy where+ toQuery = Prelude.const Prelude.mempty++-- | /See:/ 'newAssociateFirewallPolicyResponse' smart constructor.+data AssociateFirewallPolicyResponse = AssociateFirewallPolicyResponse'+ { -- | The Amazon Resource Name (ARN) of the firewall.+ firewallArn :: Prelude.Maybe Prelude.Text,+ -- | The descriptive name of the firewall. You can\'t change the name of a+ -- firewall after you create it.+ firewallName :: Prelude.Maybe Prelude.Text,+ -- | The Amazon Resource Name (ARN) of the firewall policy.+ firewallPolicyArn :: Prelude.Maybe Prelude.Text,+ -- | An optional token that you can use for optimistic locking. Network+ -- Firewall returns a token to your requests that access the firewall. The+ -- token marks the state of the firewall resource at the time of the+ -- request.+ --+ -- To make an unconditional change to the firewall, omit the token in your+ -- update request. Without the token, Network Firewall performs your+ -- updates regardless of whether the firewall has changed since you last+ -- retrieved it.+ --+ -- To make a conditional change to the firewall, provide the token in your+ -- update request. Network Firewall uses the token to ensure that the+ -- firewall hasn\'t changed since you last retrieved it. If it has changed,+ -- the operation fails with an @InvalidTokenException@. If this happens,+ -- retrieve the firewall again to get a current copy of it with a new+ -- token. Reapply your changes as needed, then try the operation again+ -- using the new token.+ updateToken :: Prelude.Maybe Prelude.Text,+ -- | The response's http status code.+ httpStatus :: Prelude.Int+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'AssociateFirewallPolicyResponse' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'firewallArn', 'associateFirewallPolicyResponse_firewallArn' - The Amazon Resource Name (ARN) of the firewall.+--+-- 'firewallName', 'associateFirewallPolicyResponse_firewallName' - The descriptive name of the firewall. You can\'t change the name of a+-- firewall after you create it.+--+-- 'firewallPolicyArn', 'associateFirewallPolicyResponse_firewallPolicyArn' - The Amazon Resource Name (ARN) of the firewall policy.+--+-- 'updateToken', 'associateFirewallPolicyResponse_updateToken' - An optional token that you can use for optimistic locking. Network+-- Firewall returns a token to your requests that access the firewall. The+-- token marks the state of the firewall resource at the time of the+-- request.+--+-- To make an unconditional change to the firewall, omit the token in your+-- update request. Without the token, Network Firewall performs your+-- updates regardless of whether the firewall has changed since you last+-- retrieved it.+--+-- To make a conditional change to the firewall, provide the token in your+-- update request. Network Firewall uses the token to ensure that the+-- firewall hasn\'t changed since you last retrieved it. If it has changed,+-- the operation fails with an @InvalidTokenException@. If this happens,+-- retrieve the firewall again to get a current copy of it with a new+-- token. Reapply your changes as needed, then try the operation again+-- using the new token.+--+-- 'httpStatus', 'associateFirewallPolicyResponse_httpStatus' - The response's http status code.+newAssociateFirewallPolicyResponse ::+ -- | 'httpStatus'+ Prelude.Int ->+ AssociateFirewallPolicyResponse+newAssociateFirewallPolicyResponse pHttpStatus_ =+ AssociateFirewallPolicyResponse'+ { firewallArn =+ Prelude.Nothing,+ firewallName = Prelude.Nothing,+ firewallPolicyArn = Prelude.Nothing,+ updateToken = Prelude.Nothing,+ httpStatus = pHttpStatus_+ }++-- | The Amazon Resource Name (ARN) of the firewall.+associateFirewallPolicyResponse_firewallArn :: Lens.Lens' AssociateFirewallPolicyResponse (Prelude.Maybe Prelude.Text)+associateFirewallPolicyResponse_firewallArn = Lens.lens (\AssociateFirewallPolicyResponse' {firewallArn} -> firewallArn) (\s@AssociateFirewallPolicyResponse' {} a -> s {firewallArn = a} :: AssociateFirewallPolicyResponse)++-- | The descriptive name of the firewall. You can\'t change the name of a+-- firewall after you create it.+associateFirewallPolicyResponse_firewallName :: Lens.Lens' AssociateFirewallPolicyResponse (Prelude.Maybe Prelude.Text)+associateFirewallPolicyResponse_firewallName = Lens.lens (\AssociateFirewallPolicyResponse' {firewallName} -> firewallName) (\s@AssociateFirewallPolicyResponse' {} a -> s {firewallName = a} :: AssociateFirewallPolicyResponse)++-- | The Amazon Resource Name (ARN) of the firewall policy.+associateFirewallPolicyResponse_firewallPolicyArn :: Lens.Lens' AssociateFirewallPolicyResponse (Prelude.Maybe Prelude.Text)+associateFirewallPolicyResponse_firewallPolicyArn = Lens.lens (\AssociateFirewallPolicyResponse' {firewallPolicyArn} -> firewallPolicyArn) (\s@AssociateFirewallPolicyResponse' {} a -> s {firewallPolicyArn = a} :: AssociateFirewallPolicyResponse)++-- | An optional token that you can use for optimistic locking. Network+-- Firewall returns a token to your requests that access the firewall. The+-- token marks the state of the firewall resource at the time of the+-- request.+--+-- To make an unconditional change to the firewall, omit the token in your+-- update request. Without the token, Network Firewall performs your+-- updates regardless of whether the firewall has changed since you last+-- retrieved it.+--+-- To make a conditional change to the firewall, provide the token in your+-- update request. Network Firewall uses the token to ensure that the+-- firewall hasn\'t changed since you last retrieved it. If it has changed,+-- the operation fails with an @InvalidTokenException@. If this happens,+-- retrieve the firewall again to get a current copy of it with a new+-- token. Reapply your changes as needed, then try the operation again+-- using the new token.+associateFirewallPolicyResponse_updateToken :: Lens.Lens' AssociateFirewallPolicyResponse (Prelude.Maybe Prelude.Text)+associateFirewallPolicyResponse_updateToken = Lens.lens (\AssociateFirewallPolicyResponse' {updateToken} -> updateToken) (\s@AssociateFirewallPolicyResponse' {} a -> s {updateToken = a} :: AssociateFirewallPolicyResponse)++-- | The response's http status code.+associateFirewallPolicyResponse_httpStatus :: Lens.Lens' AssociateFirewallPolicyResponse Prelude.Int+associateFirewallPolicyResponse_httpStatus = Lens.lens (\AssociateFirewallPolicyResponse' {httpStatus} -> httpStatus) (\s@AssociateFirewallPolicyResponse' {} a -> s {httpStatus = a} :: AssociateFirewallPolicyResponse)++instance+ Prelude.NFData+ AssociateFirewallPolicyResponse+ where+ rnf AssociateFirewallPolicyResponse' {..} =+ Prelude.rnf firewallArn+ `Prelude.seq` Prelude.rnf firewallName+ `Prelude.seq` Prelude.rnf firewallPolicyArn+ `Prelude.seq` Prelude.rnf updateToken+ `Prelude.seq` Prelude.rnf httpStatus
+ gen/Amazonka/NetworkFirewall/AssociateSubnets.hs view
@@ -0,0 +1,369 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE TypeFamilies #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-binds #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.AssociateSubnets+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+--+-- Associates the specified subnets in the Amazon VPC to the firewall. You+-- can specify one subnet for each of the Availability Zones that the VPC+-- spans.+--+-- This request creates an Network Firewall firewall endpoint in each of+-- the subnets. To enable the firewall\'s protections, you must also modify+-- the VPC\'s route tables for each subnet\'s Availability Zone, to+-- redirect the traffic that\'s coming into and going out of the zone+-- through the firewall endpoint.+module Amazonka.NetworkFirewall.AssociateSubnets+ ( -- * Creating a Request+ AssociateSubnets (..),+ newAssociateSubnets,++ -- * Request Lenses+ associateSubnets_firewallArn,+ associateSubnets_firewallName,+ associateSubnets_updateToken,+ associateSubnets_subnetMappings,++ -- * Destructuring the Response+ AssociateSubnetsResponse (..),+ newAssociateSubnetsResponse,++ -- * Response Lenses+ associateSubnetsResponse_firewallArn,+ associateSubnetsResponse_firewallName,+ associateSubnetsResponse_subnetMappings,+ associateSubnetsResponse_updateToken,+ associateSubnetsResponse_httpStatus,+ )+where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import Amazonka.NetworkFirewall.Types+import qualified Amazonka.Prelude as Prelude+import qualified Amazonka.Request as Request+import qualified Amazonka.Response as Response++-- | /See:/ 'newAssociateSubnets' smart constructor.+data AssociateSubnets = AssociateSubnets'+ { -- | The Amazon Resource Name (ARN) of the firewall.+ --+ -- You must specify the ARN or the name, and you can specify both.+ firewallArn :: Prelude.Maybe Prelude.Text,+ -- | The descriptive name of the firewall. You can\'t change the name of a+ -- firewall after you create it.+ --+ -- You must specify the ARN or the name, and you can specify both.+ firewallName :: Prelude.Maybe Prelude.Text,+ -- | An optional token that you can use for optimistic locking. Network+ -- Firewall returns a token to your requests that access the firewall. The+ -- token marks the state of the firewall resource at the time of the+ -- request.+ --+ -- To make an unconditional change to the firewall, omit the token in your+ -- update request. Without the token, Network Firewall performs your+ -- updates regardless of whether the firewall has changed since you last+ -- retrieved it.+ --+ -- To make a conditional change to the firewall, provide the token in your+ -- update request. Network Firewall uses the token to ensure that the+ -- firewall hasn\'t changed since you last retrieved it. If it has changed,+ -- the operation fails with an @InvalidTokenException@. If this happens,+ -- retrieve the firewall again to get a current copy of it with a new+ -- token. Reapply your changes as needed, then try the operation again+ -- using the new token.+ updateToken :: Prelude.Maybe Prelude.Text,+ -- | The IDs of the subnets that you want to associate with the firewall.+ subnetMappings :: [SubnetMapping]+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'AssociateSubnets' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'firewallArn', 'associateSubnets_firewallArn' - The Amazon Resource Name (ARN) of the firewall.+--+-- You must specify the ARN or the name, and you can specify both.+--+-- 'firewallName', 'associateSubnets_firewallName' - The descriptive name of the firewall. You can\'t change the name of a+-- firewall after you create it.+--+-- You must specify the ARN or the name, and you can specify both.+--+-- 'updateToken', 'associateSubnets_updateToken' - An optional token that you can use for optimistic locking. Network+-- Firewall returns a token to your requests that access the firewall. The+-- token marks the state of the firewall resource at the time of the+-- request.+--+-- To make an unconditional change to the firewall, omit the token in your+-- update request. Without the token, Network Firewall performs your+-- updates regardless of whether the firewall has changed since you last+-- retrieved it.+--+-- To make a conditional change to the firewall, provide the token in your+-- update request. Network Firewall uses the token to ensure that the+-- firewall hasn\'t changed since you last retrieved it. If it has changed,+-- the operation fails with an @InvalidTokenException@. If this happens,+-- retrieve the firewall again to get a current copy of it with a new+-- token. Reapply your changes as needed, then try the operation again+-- using the new token.+--+-- 'subnetMappings', 'associateSubnets_subnetMappings' - The IDs of the subnets that you want to associate with the firewall.+newAssociateSubnets ::+ AssociateSubnets+newAssociateSubnets =+ AssociateSubnets'+ { firewallArn = Prelude.Nothing,+ firewallName = Prelude.Nothing,+ updateToken = Prelude.Nothing,+ subnetMappings = Prelude.mempty+ }++-- | The Amazon Resource Name (ARN) of the firewall.+--+-- You must specify the ARN or the name, and you can specify both.+associateSubnets_firewallArn :: Lens.Lens' AssociateSubnets (Prelude.Maybe Prelude.Text)+associateSubnets_firewallArn = Lens.lens (\AssociateSubnets' {firewallArn} -> firewallArn) (\s@AssociateSubnets' {} a -> s {firewallArn = a} :: AssociateSubnets)++-- | The descriptive name of the firewall. You can\'t change the name of a+-- firewall after you create it.+--+-- You must specify the ARN or the name, and you can specify both.+associateSubnets_firewallName :: Lens.Lens' AssociateSubnets (Prelude.Maybe Prelude.Text)+associateSubnets_firewallName = Lens.lens (\AssociateSubnets' {firewallName} -> firewallName) (\s@AssociateSubnets' {} a -> s {firewallName = a} :: AssociateSubnets)++-- | An optional token that you can use for optimistic locking. Network+-- Firewall returns a token to your requests that access the firewall. The+-- token marks the state of the firewall resource at the time of the+-- request.+--+-- To make an unconditional change to the firewall, omit the token in your+-- update request. Without the token, Network Firewall performs your+-- updates regardless of whether the firewall has changed since you last+-- retrieved it.+--+-- To make a conditional change to the firewall, provide the token in your+-- update request. Network Firewall uses the token to ensure that the+-- firewall hasn\'t changed since you last retrieved it. If it has changed,+-- the operation fails with an @InvalidTokenException@. If this happens,+-- retrieve the firewall again to get a current copy of it with a new+-- token. Reapply your changes as needed, then try the operation again+-- using the new token.+associateSubnets_updateToken :: Lens.Lens' AssociateSubnets (Prelude.Maybe Prelude.Text)+associateSubnets_updateToken = Lens.lens (\AssociateSubnets' {updateToken} -> updateToken) (\s@AssociateSubnets' {} a -> s {updateToken = a} :: AssociateSubnets)++-- | The IDs of the subnets that you want to associate with the firewall.+associateSubnets_subnetMappings :: Lens.Lens' AssociateSubnets [SubnetMapping]+associateSubnets_subnetMappings = Lens.lens (\AssociateSubnets' {subnetMappings} -> subnetMappings) (\s@AssociateSubnets' {} a -> s {subnetMappings = a} :: AssociateSubnets) Prelude.. Lens.coerced++instance Core.AWSRequest AssociateSubnets where+ type+ AWSResponse AssociateSubnets =+ AssociateSubnetsResponse+ request overrides =+ Request.postJSON (overrides defaultService)+ response =+ Response.receiveJSON+ ( \s h x ->+ AssociateSubnetsResponse'+ Prelude.<$> (x Data..?> "FirewallArn")+ Prelude.<*> (x Data..?> "FirewallName")+ Prelude.<*> (x Data..?> "SubnetMappings" Core..!@ Prelude.mempty)+ Prelude.<*> (x Data..?> "UpdateToken")+ Prelude.<*> (Prelude.pure (Prelude.fromEnum s))+ )++instance Prelude.Hashable AssociateSubnets where+ hashWithSalt _salt AssociateSubnets' {..} =+ _salt+ `Prelude.hashWithSalt` firewallArn+ `Prelude.hashWithSalt` firewallName+ `Prelude.hashWithSalt` updateToken+ `Prelude.hashWithSalt` subnetMappings++instance Prelude.NFData AssociateSubnets where+ rnf AssociateSubnets' {..} =+ Prelude.rnf firewallArn+ `Prelude.seq` Prelude.rnf firewallName+ `Prelude.seq` Prelude.rnf updateToken+ `Prelude.seq` Prelude.rnf subnetMappings++instance Data.ToHeaders AssociateSubnets where+ toHeaders =+ Prelude.const+ ( Prelude.mconcat+ [ "X-Amz-Target"+ Data.=# ( "NetworkFirewall_20201112.AssociateSubnets" ::+ Prelude.ByteString+ ),+ "Content-Type"+ Data.=# ( "application/x-amz-json-1.0" ::+ Prelude.ByteString+ )+ ]+ )++instance Data.ToJSON AssociateSubnets where+ toJSON AssociateSubnets' {..} =+ Data.object+ ( Prelude.catMaybes+ [ ("FirewallArn" Data..=) Prelude.<$> firewallArn,+ ("FirewallName" Data..=) Prelude.<$> firewallName,+ ("UpdateToken" Data..=) Prelude.<$> updateToken,+ Prelude.Just+ ("SubnetMappings" Data..= subnetMappings)+ ]+ )++instance Data.ToPath AssociateSubnets where+ toPath = Prelude.const "/"++instance Data.ToQuery AssociateSubnets where+ toQuery = Prelude.const Prelude.mempty++-- | /See:/ 'newAssociateSubnetsResponse' smart constructor.+data AssociateSubnetsResponse = AssociateSubnetsResponse'+ { -- | The Amazon Resource Name (ARN) of the firewall.+ firewallArn :: Prelude.Maybe Prelude.Text,+ -- | The descriptive name of the firewall. You can\'t change the name of a+ -- firewall after you create it.+ firewallName :: Prelude.Maybe Prelude.Text,+ -- | The IDs of the subnets that are associated with the firewall.+ subnetMappings :: Prelude.Maybe [SubnetMapping],+ -- | An optional token that you can use for optimistic locking. Network+ -- Firewall returns a token to your requests that access the firewall. The+ -- token marks the state of the firewall resource at the time of the+ -- request.+ --+ -- To make an unconditional change to the firewall, omit the token in your+ -- update request. Without the token, Network Firewall performs your+ -- updates regardless of whether the firewall has changed since you last+ -- retrieved it.+ --+ -- To make a conditional change to the firewall, provide the token in your+ -- update request. Network Firewall uses the token to ensure that the+ -- firewall hasn\'t changed since you last retrieved it. If it has changed,+ -- the operation fails with an @InvalidTokenException@. If this happens,+ -- retrieve the firewall again to get a current copy of it with a new+ -- token. Reapply your changes as needed, then try the operation again+ -- using the new token.+ updateToken :: Prelude.Maybe Prelude.Text,+ -- | The response's http status code.+ httpStatus :: Prelude.Int+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'AssociateSubnetsResponse' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'firewallArn', 'associateSubnetsResponse_firewallArn' - The Amazon Resource Name (ARN) of the firewall.+--+-- 'firewallName', 'associateSubnetsResponse_firewallName' - The descriptive name of the firewall. You can\'t change the name of a+-- firewall after you create it.+--+-- 'subnetMappings', 'associateSubnetsResponse_subnetMappings' - The IDs of the subnets that are associated with the firewall.+--+-- 'updateToken', 'associateSubnetsResponse_updateToken' - An optional token that you can use for optimistic locking. Network+-- Firewall returns a token to your requests that access the firewall. The+-- token marks the state of the firewall resource at the time of the+-- request.+--+-- To make an unconditional change to the firewall, omit the token in your+-- update request. Without the token, Network Firewall performs your+-- updates regardless of whether the firewall has changed since you last+-- retrieved it.+--+-- To make a conditional change to the firewall, provide the token in your+-- update request. Network Firewall uses the token to ensure that the+-- firewall hasn\'t changed since you last retrieved it. If it has changed,+-- the operation fails with an @InvalidTokenException@. If this happens,+-- retrieve the firewall again to get a current copy of it with a new+-- token. Reapply your changes as needed, then try the operation again+-- using the new token.+--+-- 'httpStatus', 'associateSubnetsResponse_httpStatus' - The response's http status code.+newAssociateSubnetsResponse ::+ -- | 'httpStatus'+ Prelude.Int ->+ AssociateSubnetsResponse+newAssociateSubnetsResponse pHttpStatus_ =+ AssociateSubnetsResponse'+ { firewallArn =+ Prelude.Nothing,+ firewallName = Prelude.Nothing,+ subnetMappings = Prelude.Nothing,+ updateToken = Prelude.Nothing,+ httpStatus = pHttpStatus_+ }++-- | The Amazon Resource Name (ARN) of the firewall.+associateSubnetsResponse_firewallArn :: Lens.Lens' AssociateSubnetsResponse (Prelude.Maybe Prelude.Text)+associateSubnetsResponse_firewallArn = Lens.lens (\AssociateSubnetsResponse' {firewallArn} -> firewallArn) (\s@AssociateSubnetsResponse' {} a -> s {firewallArn = a} :: AssociateSubnetsResponse)++-- | The descriptive name of the firewall. You can\'t change the name of a+-- firewall after you create it.+associateSubnetsResponse_firewallName :: Lens.Lens' AssociateSubnetsResponse (Prelude.Maybe Prelude.Text)+associateSubnetsResponse_firewallName = Lens.lens (\AssociateSubnetsResponse' {firewallName} -> firewallName) (\s@AssociateSubnetsResponse' {} a -> s {firewallName = a} :: AssociateSubnetsResponse)++-- | The IDs of the subnets that are associated with the firewall.+associateSubnetsResponse_subnetMappings :: Lens.Lens' AssociateSubnetsResponse (Prelude.Maybe [SubnetMapping])+associateSubnetsResponse_subnetMappings = Lens.lens (\AssociateSubnetsResponse' {subnetMappings} -> subnetMappings) (\s@AssociateSubnetsResponse' {} a -> s {subnetMappings = a} :: AssociateSubnetsResponse) Prelude.. Lens.mapping Lens.coerced++-- | An optional token that you can use for optimistic locking. Network+-- Firewall returns a token to your requests that access the firewall. The+-- token marks the state of the firewall resource at the time of the+-- request.+--+-- To make an unconditional change to the firewall, omit the token in your+-- update request. Without the token, Network Firewall performs your+-- updates regardless of whether the firewall has changed since you last+-- retrieved it.+--+-- To make a conditional change to the firewall, provide the token in your+-- update request. Network Firewall uses the token to ensure that the+-- firewall hasn\'t changed since you last retrieved it. If it has changed,+-- the operation fails with an @InvalidTokenException@. If this happens,+-- retrieve the firewall again to get a current copy of it with a new+-- token. Reapply your changes as needed, then try the operation again+-- using the new token.+associateSubnetsResponse_updateToken :: Lens.Lens' AssociateSubnetsResponse (Prelude.Maybe Prelude.Text)+associateSubnetsResponse_updateToken = Lens.lens (\AssociateSubnetsResponse' {updateToken} -> updateToken) (\s@AssociateSubnetsResponse' {} a -> s {updateToken = a} :: AssociateSubnetsResponse)++-- | The response's http status code.+associateSubnetsResponse_httpStatus :: Lens.Lens' AssociateSubnetsResponse Prelude.Int+associateSubnetsResponse_httpStatus = Lens.lens (\AssociateSubnetsResponse' {httpStatus} -> httpStatus) (\s@AssociateSubnetsResponse' {} a -> s {httpStatus = a} :: AssociateSubnetsResponse)++instance Prelude.NFData AssociateSubnetsResponse where+ rnf AssociateSubnetsResponse' {..} =+ Prelude.rnf firewallArn+ `Prelude.seq` Prelude.rnf firewallName+ `Prelude.seq` Prelude.rnf subnetMappings+ `Prelude.seq` Prelude.rnf updateToken+ `Prelude.seq` Prelude.rnf httpStatus
+ gen/Amazonka/NetworkFirewall/CreateFirewall.hs view
@@ -0,0 +1,407 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE TypeFamilies #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-binds #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.CreateFirewall+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+--+-- Creates an Network Firewall Firewall and accompanying FirewallStatus for+-- a VPC.+--+-- The firewall defines the configuration settings for an Network Firewall+-- firewall. The settings that you can define at creation include the+-- firewall policy, the subnets in your VPC to use for the firewall+-- endpoints, and any tags that are attached to the firewall Amazon Web+-- Services resource.+--+-- After you create a firewall, you can provide additional settings, like+-- the logging configuration.+--+-- To update the settings for a firewall, you use the operations that apply+-- to the settings themselves, for example UpdateLoggingConfiguration,+-- AssociateSubnets, and UpdateFirewallDeleteProtection.+--+-- To manage a firewall\'s tags, use the standard Amazon Web Services+-- resource tagging operations, ListTagsForResource, TagResource, and+-- UntagResource.+--+-- To retrieve information about firewalls, use ListFirewalls and+-- DescribeFirewall.+module Amazonka.NetworkFirewall.CreateFirewall+ ( -- * Creating a Request+ CreateFirewall (..),+ newCreateFirewall,++ -- * Request Lenses+ createFirewall_deleteProtection,+ createFirewall_description,+ createFirewall_encryptionConfiguration,+ createFirewall_firewallPolicyChangeProtection,+ createFirewall_subnetChangeProtection,+ createFirewall_tags,+ createFirewall_firewallName,+ createFirewall_firewallPolicyArn,+ createFirewall_vpcId,+ createFirewall_subnetMappings,++ -- * Destructuring the Response+ CreateFirewallResponse (..),+ newCreateFirewallResponse,++ -- * Response Lenses+ createFirewallResponse_firewall,+ createFirewallResponse_firewallStatus,+ createFirewallResponse_httpStatus,+ )+where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import Amazonka.NetworkFirewall.Types+import qualified Amazonka.Prelude as Prelude+import qualified Amazonka.Request as Request+import qualified Amazonka.Response as Response++-- | /See:/ 'newCreateFirewall' smart constructor.+data CreateFirewall = CreateFirewall'+ { -- | A flag indicating whether it is possible to delete the firewall. A+ -- setting of @TRUE@ indicates that the firewall is protected against+ -- deletion. Use this setting to protect against accidentally deleting a+ -- firewall that is in use. When you create a firewall, the operation+ -- initializes this flag to @TRUE@.+ deleteProtection :: Prelude.Maybe Prelude.Bool,+ -- | A description of the firewall.+ description :: Prelude.Maybe Prelude.Text,+ -- | A complex type that contains settings for encryption of your firewall+ -- resources.+ encryptionConfiguration :: Prelude.Maybe EncryptionConfiguration,+ -- | A setting indicating whether the firewall is protected against a change+ -- to the firewall policy association. Use this setting to protect against+ -- accidentally modifying the firewall policy for a firewall that is in+ -- use. When you create a firewall, the operation initializes this setting+ -- to @TRUE@.+ firewallPolicyChangeProtection :: Prelude.Maybe Prelude.Bool,+ -- | A setting indicating whether the firewall is protected against changes+ -- to the subnet associations. Use this setting to protect against+ -- accidentally modifying the subnet associations for a firewall that is in+ -- use. When you create a firewall, the operation initializes this setting+ -- to @TRUE@.+ subnetChangeProtection :: Prelude.Maybe Prelude.Bool,+ -- | The key:value pairs to associate with the resource.+ tags :: Prelude.Maybe (Prelude.NonEmpty Tag),+ -- | The descriptive name of the firewall. You can\'t change the name of a+ -- firewall after you create it.+ firewallName :: Prelude.Text,+ -- | The Amazon Resource Name (ARN) of the FirewallPolicy that you want to+ -- use for the firewall.+ firewallPolicyArn :: Prelude.Text,+ -- | The unique identifier of the VPC where Network Firewall should create+ -- the firewall.+ --+ -- You can\'t change this setting after you create the firewall.+ vpcId :: Prelude.Text,+ -- | The public subnets to use for your Network Firewall firewalls. Each+ -- subnet must belong to a different Availability Zone in the VPC. Network+ -- Firewall creates a firewall endpoint in each subnet.+ subnetMappings :: [SubnetMapping]+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'CreateFirewall' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'deleteProtection', 'createFirewall_deleteProtection' - A flag indicating whether it is possible to delete the firewall. A+-- setting of @TRUE@ indicates that the firewall is protected against+-- deletion. Use this setting to protect against accidentally deleting a+-- firewall that is in use. When you create a firewall, the operation+-- initializes this flag to @TRUE@.+--+-- 'description', 'createFirewall_description' - A description of the firewall.+--+-- 'encryptionConfiguration', 'createFirewall_encryptionConfiguration' - A complex type that contains settings for encryption of your firewall+-- resources.+--+-- 'firewallPolicyChangeProtection', 'createFirewall_firewallPolicyChangeProtection' - A setting indicating whether the firewall is protected against a change+-- to the firewall policy association. Use this setting to protect against+-- accidentally modifying the firewall policy for a firewall that is in+-- use. When you create a firewall, the operation initializes this setting+-- to @TRUE@.+--+-- 'subnetChangeProtection', 'createFirewall_subnetChangeProtection' - A setting indicating whether the firewall is protected against changes+-- to the subnet associations. Use this setting to protect against+-- accidentally modifying the subnet associations for a firewall that is in+-- use. When you create a firewall, the operation initializes this setting+-- to @TRUE@.+--+-- 'tags', 'createFirewall_tags' - The key:value pairs to associate with the resource.+--+-- 'firewallName', 'createFirewall_firewallName' - The descriptive name of the firewall. You can\'t change the name of a+-- firewall after you create it.+--+-- 'firewallPolicyArn', 'createFirewall_firewallPolicyArn' - The Amazon Resource Name (ARN) of the FirewallPolicy that you want to+-- use for the firewall.+--+-- 'vpcId', 'createFirewall_vpcId' - The unique identifier of the VPC where Network Firewall should create+-- the firewall.+--+-- You can\'t change this setting after you create the firewall.+--+-- 'subnetMappings', 'createFirewall_subnetMappings' - The public subnets to use for your Network Firewall firewalls. Each+-- subnet must belong to a different Availability Zone in the VPC. Network+-- Firewall creates a firewall endpoint in each subnet.+newCreateFirewall ::+ -- | 'firewallName'+ Prelude.Text ->+ -- | 'firewallPolicyArn'+ Prelude.Text ->+ -- | 'vpcId'+ Prelude.Text ->+ CreateFirewall+newCreateFirewall+ pFirewallName_+ pFirewallPolicyArn_+ pVpcId_ =+ CreateFirewall'+ { deleteProtection = Prelude.Nothing,+ description = Prelude.Nothing,+ encryptionConfiguration = Prelude.Nothing,+ firewallPolicyChangeProtection = Prelude.Nothing,+ subnetChangeProtection = Prelude.Nothing,+ tags = Prelude.Nothing,+ firewallName = pFirewallName_,+ firewallPolicyArn = pFirewallPolicyArn_,+ vpcId = pVpcId_,+ subnetMappings = Prelude.mempty+ }++-- | A flag indicating whether it is possible to delete the firewall. A+-- setting of @TRUE@ indicates that the firewall is protected against+-- deletion. Use this setting to protect against accidentally deleting a+-- firewall that is in use. When you create a firewall, the operation+-- initializes this flag to @TRUE@.+createFirewall_deleteProtection :: Lens.Lens' CreateFirewall (Prelude.Maybe Prelude.Bool)+createFirewall_deleteProtection = Lens.lens (\CreateFirewall' {deleteProtection} -> deleteProtection) (\s@CreateFirewall' {} a -> s {deleteProtection = a} :: CreateFirewall)++-- | A description of the firewall.+createFirewall_description :: Lens.Lens' CreateFirewall (Prelude.Maybe Prelude.Text)+createFirewall_description = Lens.lens (\CreateFirewall' {description} -> description) (\s@CreateFirewall' {} a -> s {description = a} :: CreateFirewall)++-- | A complex type that contains settings for encryption of your firewall+-- resources.+createFirewall_encryptionConfiguration :: Lens.Lens' CreateFirewall (Prelude.Maybe EncryptionConfiguration)+createFirewall_encryptionConfiguration = Lens.lens (\CreateFirewall' {encryptionConfiguration} -> encryptionConfiguration) (\s@CreateFirewall' {} a -> s {encryptionConfiguration = a} :: CreateFirewall)++-- | A setting indicating whether the firewall is protected against a change+-- to the firewall policy association. Use this setting to protect against+-- accidentally modifying the firewall policy for a firewall that is in+-- use. When you create a firewall, the operation initializes this setting+-- to @TRUE@.+createFirewall_firewallPolicyChangeProtection :: Lens.Lens' CreateFirewall (Prelude.Maybe Prelude.Bool)+createFirewall_firewallPolicyChangeProtection = Lens.lens (\CreateFirewall' {firewallPolicyChangeProtection} -> firewallPolicyChangeProtection) (\s@CreateFirewall' {} a -> s {firewallPolicyChangeProtection = a} :: CreateFirewall)++-- | A setting indicating whether the firewall is protected against changes+-- to the subnet associations. Use this setting to protect against+-- accidentally modifying the subnet associations for a firewall that is in+-- use. When you create a firewall, the operation initializes this setting+-- to @TRUE@.+createFirewall_subnetChangeProtection :: Lens.Lens' CreateFirewall (Prelude.Maybe Prelude.Bool)+createFirewall_subnetChangeProtection = Lens.lens (\CreateFirewall' {subnetChangeProtection} -> subnetChangeProtection) (\s@CreateFirewall' {} a -> s {subnetChangeProtection = a} :: CreateFirewall)++-- | The key:value pairs to associate with the resource.+createFirewall_tags :: Lens.Lens' CreateFirewall (Prelude.Maybe (Prelude.NonEmpty Tag))+createFirewall_tags = Lens.lens (\CreateFirewall' {tags} -> tags) (\s@CreateFirewall' {} a -> s {tags = a} :: CreateFirewall) Prelude.. Lens.mapping Lens.coerced++-- | The descriptive name of the firewall. You can\'t change the name of a+-- firewall after you create it.+createFirewall_firewallName :: Lens.Lens' CreateFirewall Prelude.Text+createFirewall_firewallName = Lens.lens (\CreateFirewall' {firewallName} -> firewallName) (\s@CreateFirewall' {} a -> s {firewallName = a} :: CreateFirewall)++-- | The Amazon Resource Name (ARN) of the FirewallPolicy that you want to+-- use for the firewall.+createFirewall_firewallPolicyArn :: Lens.Lens' CreateFirewall Prelude.Text+createFirewall_firewallPolicyArn = Lens.lens (\CreateFirewall' {firewallPolicyArn} -> firewallPolicyArn) (\s@CreateFirewall' {} a -> s {firewallPolicyArn = a} :: CreateFirewall)++-- | The unique identifier of the VPC where Network Firewall should create+-- the firewall.+--+-- You can\'t change this setting after you create the firewall.+createFirewall_vpcId :: Lens.Lens' CreateFirewall Prelude.Text+createFirewall_vpcId = Lens.lens (\CreateFirewall' {vpcId} -> vpcId) (\s@CreateFirewall' {} a -> s {vpcId = a} :: CreateFirewall)++-- | The public subnets to use for your Network Firewall firewalls. Each+-- subnet must belong to a different Availability Zone in the VPC. Network+-- Firewall creates a firewall endpoint in each subnet.+createFirewall_subnetMappings :: Lens.Lens' CreateFirewall [SubnetMapping]+createFirewall_subnetMappings = Lens.lens (\CreateFirewall' {subnetMappings} -> subnetMappings) (\s@CreateFirewall' {} a -> s {subnetMappings = a} :: CreateFirewall) Prelude.. Lens.coerced++instance Core.AWSRequest CreateFirewall where+ type+ AWSResponse CreateFirewall =+ CreateFirewallResponse+ request overrides =+ Request.postJSON (overrides defaultService)+ response =+ Response.receiveJSON+ ( \s h x ->+ CreateFirewallResponse'+ Prelude.<$> (x Data..?> "Firewall")+ Prelude.<*> (x Data..?> "FirewallStatus")+ Prelude.<*> (Prelude.pure (Prelude.fromEnum s))+ )++instance Prelude.Hashable CreateFirewall where+ hashWithSalt _salt CreateFirewall' {..} =+ _salt+ `Prelude.hashWithSalt` deleteProtection+ `Prelude.hashWithSalt` description+ `Prelude.hashWithSalt` encryptionConfiguration+ `Prelude.hashWithSalt` firewallPolicyChangeProtection+ `Prelude.hashWithSalt` subnetChangeProtection+ `Prelude.hashWithSalt` tags+ `Prelude.hashWithSalt` firewallName+ `Prelude.hashWithSalt` firewallPolicyArn+ `Prelude.hashWithSalt` vpcId+ `Prelude.hashWithSalt` subnetMappings++instance Prelude.NFData CreateFirewall where+ rnf CreateFirewall' {..} =+ Prelude.rnf deleteProtection+ `Prelude.seq` Prelude.rnf description+ `Prelude.seq` Prelude.rnf encryptionConfiguration+ `Prelude.seq` Prelude.rnf firewallPolicyChangeProtection+ `Prelude.seq` Prelude.rnf subnetChangeProtection+ `Prelude.seq` Prelude.rnf tags+ `Prelude.seq` Prelude.rnf firewallName+ `Prelude.seq` Prelude.rnf firewallPolicyArn+ `Prelude.seq` Prelude.rnf vpcId+ `Prelude.seq` Prelude.rnf subnetMappings++instance Data.ToHeaders CreateFirewall where+ toHeaders =+ Prelude.const+ ( Prelude.mconcat+ [ "X-Amz-Target"+ Data.=# ( "NetworkFirewall_20201112.CreateFirewall" ::+ Prelude.ByteString+ ),+ "Content-Type"+ Data.=# ( "application/x-amz-json-1.0" ::+ Prelude.ByteString+ )+ ]+ )++instance Data.ToJSON CreateFirewall where+ toJSON CreateFirewall' {..} =+ Data.object+ ( Prelude.catMaybes+ [ ("DeleteProtection" Data..=)+ Prelude.<$> deleteProtection,+ ("Description" Data..=) Prelude.<$> description,+ ("EncryptionConfiguration" Data..=)+ Prelude.<$> encryptionConfiguration,+ ("FirewallPolicyChangeProtection" Data..=)+ Prelude.<$> firewallPolicyChangeProtection,+ ("SubnetChangeProtection" Data..=)+ Prelude.<$> subnetChangeProtection,+ ("Tags" Data..=) Prelude.<$> tags,+ Prelude.Just ("FirewallName" Data..= firewallName),+ Prelude.Just+ ("FirewallPolicyArn" Data..= firewallPolicyArn),+ Prelude.Just ("VpcId" Data..= vpcId),+ Prelude.Just+ ("SubnetMappings" Data..= subnetMappings)+ ]+ )++instance Data.ToPath CreateFirewall where+ toPath = Prelude.const "/"++instance Data.ToQuery CreateFirewall where+ toQuery = Prelude.const Prelude.mempty++-- | /See:/ 'newCreateFirewallResponse' smart constructor.+data CreateFirewallResponse = CreateFirewallResponse'+ { -- | The configuration settings for the firewall. These settings include the+ -- firewall policy and the subnets in your VPC to use for the firewall+ -- endpoints.+ firewall :: Prelude.Maybe Firewall,+ -- | Detailed information about the current status of a Firewall. You can+ -- retrieve this for a firewall by calling DescribeFirewall and providing+ -- the firewall name and ARN.+ firewallStatus :: Prelude.Maybe FirewallStatus,+ -- | The response's http status code.+ httpStatus :: Prelude.Int+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'CreateFirewallResponse' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'firewall', 'createFirewallResponse_firewall' - The configuration settings for the firewall. These settings include the+-- firewall policy and the subnets in your VPC to use for the firewall+-- endpoints.+--+-- 'firewallStatus', 'createFirewallResponse_firewallStatus' - Detailed information about the current status of a Firewall. You can+-- retrieve this for a firewall by calling DescribeFirewall and providing+-- the firewall name and ARN.+--+-- 'httpStatus', 'createFirewallResponse_httpStatus' - The response's http status code.+newCreateFirewallResponse ::+ -- | 'httpStatus'+ Prelude.Int ->+ CreateFirewallResponse+newCreateFirewallResponse pHttpStatus_ =+ CreateFirewallResponse'+ { firewall = Prelude.Nothing,+ firewallStatus = Prelude.Nothing,+ httpStatus = pHttpStatus_+ }++-- | The configuration settings for the firewall. These settings include the+-- firewall policy and the subnets in your VPC to use for the firewall+-- endpoints.+createFirewallResponse_firewall :: Lens.Lens' CreateFirewallResponse (Prelude.Maybe Firewall)+createFirewallResponse_firewall = Lens.lens (\CreateFirewallResponse' {firewall} -> firewall) (\s@CreateFirewallResponse' {} a -> s {firewall = a} :: CreateFirewallResponse)++-- | Detailed information about the current status of a Firewall. You can+-- retrieve this for a firewall by calling DescribeFirewall and providing+-- the firewall name and ARN.+createFirewallResponse_firewallStatus :: Lens.Lens' CreateFirewallResponse (Prelude.Maybe FirewallStatus)+createFirewallResponse_firewallStatus = Lens.lens (\CreateFirewallResponse' {firewallStatus} -> firewallStatus) (\s@CreateFirewallResponse' {} a -> s {firewallStatus = a} :: CreateFirewallResponse)++-- | The response's http status code.+createFirewallResponse_httpStatus :: Lens.Lens' CreateFirewallResponse Prelude.Int+createFirewallResponse_httpStatus = Lens.lens (\CreateFirewallResponse' {httpStatus} -> httpStatus) (\s@CreateFirewallResponse' {} a -> s {httpStatus = a} :: CreateFirewallResponse)++instance Prelude.NFData CreateFirewallResponse where+ rnf CreateFirewallResponse' {..} =+ Prelude.rnf firewall+ `Prelude.seq` Prelude.rnf firewallStatus+ `Prelude.seq` Prelude.rnf httpStatus
+ gen/Amazonka/NetworkFirewall/CreateFirewallPolicy.hs view
@@ -0,0 +1,349 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE TypeFamilies #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-binds #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.CreateFirewallPolicy+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+--+-- Creates the firewall policy for the firewall according to the+-- specifications.+--+-- An Network Firewall firewall policy defines the behavior of a firewall,+-- in a collection of stateless and stateful rule groups and other+-- settings. You can use one firewall policy for multiple firewalls.+module Amazonka.NetworkFirewall.CreateFirewallPolicy+ ( -- * Creating a Request+ CreateFirewallPolicy (..),+ newCreateFirewallPolicy,++ -- * Request Lenses+ createFirewallPolicy_description,+ createFirewallPolicy_dryRun,+ createFirewallPolicy_encryptionConfiguration,+ createFirewallPolicy_tags,+ createFirewallPolicy_firewallPolicyName,+ createFirewallPolicy_firewallPolicy,++ -- * Destructuring the Response+ CreateFirewallPolicyResponse (..),+ newCreateFirewallPolicyResponse,++ -- * Response Lenses+ createFirewallPolicyResponse_httpStatus,+ createFirewallPolicyResponse_updateToken,+ createFirewallPolicyResponse_firewallPolicyResponse,+ )+where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import Amazonka.NetworkFirewall.Types+import qualified Amazonka.Prelude as Prelude+import qualified Amazonka.Request as Request+import qualified Amazonka.Response as Response++-- | /See:/ 'newCreateFirewallPolicy' smart constructor.+data CreateFirewallPolicy = CreateFirewallPolicy'+ { -- | A description of the firewall policy.+ description :: Prelude.Maybe Prelude.Text,+ -- | Indicates whether you want Network Firewall to just check the validity+ -- of the request, rather than run the request.+ --+ -- If set to @TRUE@, Network Firewall checks whether the request can run+ -- successfully, but doesn\'t actually make the requested changes. The call+ -- returns the value that the request would return if you ran it with dry+ -- run set to @FALSE@, but doesn\'t make additions or changes to your+ -- resources. This option allows you to make sure that you have the+ -- required permissions to run the request and that your request parameters+ -- are valid.+ --+ -- If set to @FALSE@, Network Firewall makes the requested changes to your+ -- resources.+ dryRun :: Prelude.Maybe Prelude.Bool,+ -- | A complex type that contains settings for encryption of your firewall+ -- policy resources.+ encryptionConfiguration :: Prelude.Maybe EncryptionConfiguration,+ -- | The key:value pairs to associate with the resource.+ tags :: Prelude.Maybe (Prelude.NonEmpty Tag),+ -- | The descriptive name of the firewall policy. You can\'t change the name+ -- of a firewall policy after you create it.+ firewallPolicyName :: Prelude.Text,+ -- | The rule groups and policy actions to use in the firewall policy.+ firewallPolicy :: FirewallPolicy+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'CreateFirewallPolicy' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'description', 'createFirewallPolicy_description' - A description of the firewall policy.+--+-- 'dryRun', 'createFirewallPolicy_dryRun' - Indicates whether you want Network Firewall to just check the validity+-- of the request, rather than run the request.+--+-- If set to @TRUE@, Network Firewall checks whether the request can run+-- successfully, but doesn\'t actually make the requested changes. The call+-- returns the value that the request would return if you ran it with dry+-- run set to @FALSE@, but doesn\'t make additions or changes to your+-- resources. This option allows you to make sure that you have the+-- required permissions to run the request and that your request parameters+-- are valid.+--+-- If set to @FALSE@, Network Firewall makes the requested changes to your+-- resources.+--+-- 'encryptionConfiguration', 'createFirewallPolicy_encryptionConfiguration' - A complex type that contains settings for encryption of your firewall+-- policy resources.+--+-- 'tags', 'createFirewallPolicy_tags' - The key:value pairs to associate with the resource.+--+-- 'firewallPolicyName', 'createFirewallPolicy_firewallPolicyName' - The descriptive name of the firewall policy. You can\'t change the name+-- of a firewall policy after you create it.+--+-- 'firewallPolicy', 'createFirewallPolicy_firewallPolicy' - The rule groups and policy actions to use in the firewall policy.+newCreateFirewallPolicy ::+ -- | 'firewallPolicyName'+ Prelude.Text ->+ -- | 'firewallPolicy'+ FirewallPolicy ->+ CreateFirewallPolicy+newCreateFirewallPolicy+ pFirewallPolicyName_+ pFirewallPolicy_ =+ CreateFirewallPolicy'+ { description =+ Prelude.Nothing,+ dryRun = Prelude.Nothing,+ encryptionConfiguration = Prelude.Nothing,+ tags = Prelude.Nothing,+ firewallPolicyName = pFirewallPolicyName_,+ firewallPolicy = pFirewallPolicy_+ }++-- | A description of the firewall policy.+createFirewallPolicy_description :: Lens.Lens' CreateFirewallPolicy (Prelude.Maybe Prelude.Text)+createFirewallPolicy_description = Lens.lens (\CreateFirewallPolicy' {description} -> description) (\s@CreateFirewallPolicy' {} a -> s {description = a} :: CreateFirewallPolicy)++-- | Indicates whether you want Network Firewall to just check the validity+-- of the request, rather than run the request.+--+-- If set to @TRUE@, Network Firewall checks whether the request can run+-- successfully, but doesn\'t actually make the requested changes. The call+-- returns the value that the request would return if you ran it with dry+-- run set to @FALSE@, but doesn\'t make additions or changes to your+-- resources. This option allows you to make sure that you have the+-- required permissions to run the request and that your request parameters+-- are valid.+--+-- If set to @FALSE@, Network Firewall makes the requested changes to your+-- resources.+createFirewallPolicy_dryRun :: Lens.Lens' CreateFirewallPolicy (Prelude.Maybe Prelude.Bool)+createFirewallPolicy_dryRun = Lens.lens (\CreateFirewallPolicy' {dryRun} -> dryRun) (\s@CreateFirewallPolicy' {} a -> s {dryRun = a} :: CreateFirewallPolicy)++-- | A complex type that contains settings for encryption of your firewall+-- policy resources.+createFirewallPolicy_encryptionConfiguration :: Lens.Lens' CreateFirewallPolicy (Prelude.Maybe EncryptionConfiguration)+createFirewallPolicy_encryptionConfiguration = Lens.lens (\CreateFirewallPolicy' {encryptionConfiguration} -> encryptionConfiguration) (\s@CreateFirewallPolicy' {} a -> s {encryptionConfiguration = a} :: CreateFirewallPolicy)++-- | The key:value pairs to associate with the resource.+createFirewallPolicy_tags :: Lens.Lens' CreateFirewallPolicy (Prelude.Maybe (Prelude.NonEmpty Tag))+createFirewallPolicy_tags = Lens.lens (\CreateFirewallPolicy' {tags} -> tags) (\s@CreateFirewallPolicy' {} a -> s {tags = a} :: CreateFirewallPolicy) Prelude.. Lens.mapping Lens.coerced++-- | The descriptive name of the firewall policy. You can\'t change the name+-- of a firewall policy after you create it.+createFirewallPolicy_firewallPolicyName :: Lens.Lens' CreateFirewallPolicy Prelude.Text+createFirewallPolicy_firewallPolicyName = Lens.lens (\CreateFirewallPolicy' {firewallPolicyName} -> firewallPolicyName) (\s@CreateFirewallPolicy' {} a -> s {firewallPolicyName = a} :: CreateFirewallPolicy)++-- | The rule groups and policy actions to use in the firewall policy.+createFirewallPolicy_firewallPolicy :: Lens.Lens' CreateFirewallPolicy FirewallPolicy+createFirewallPolicy_firewallPolicy = Lens.lens (\CreateFirewallPolicy' {firewallPolicy} -> firewallPolicy) (\s@CreateFirewallPolicy' {} a -> s {firewallPolicy = a} :: CreateFirewallPolicy)++instance Core.AWSRequest CreateFirewallPolicy where+ type+ AWSResponse CreateFirewallPolicy =+ CreateFirewallPolicyResponse+ request overrides =+ Request.postJSON (overrides defaultService)+ response =+ Response.receiveJSON+ ( \s h x ->+ CreateFirewallPolicyResponse'+ Prelude.<$> (Prelude.pure (Prelude.fromEnum s))+ Prelude.<*> (x Data..:> "UpdateToken")+ Prelude.<*> (x Data..:> "FirewallPolicyResponse")+ )++instance Prelude.Hashable CreateFirewallPolicy where+ hashWithSalt _salt CreateFirewallPolicy' {..} =+ _salt+ `Prelude.hashWithSalt` description+ `Prelude.hashWithSalt` dryRun+ `Prelude.hashWithSalt` encryptionConfiguration+ `Prelude.hashWithSalt` tags+ `Prelude.hashWithSalt` firewallPolicyName+ `Prelude.hashWithSalt` firewallPolicy++instance Prelude.NFData CreateFirewallPolicy where+ rnf CreateFirewallPolicy' {..} =+ Prelude.rnf description+ `Prelude.seq` Prelude.rnf dryRun+ `Prelude.seq` Prelude.rnf encryptionConfiguration+ `Prelude.seq` Prelude.rnf tags+ `Prelude.seq` Prelude.rnf firewallPolicyName+ `Prelude.seq` Prelude.rnf firewallPolicy++instance Data.ToHeaders CreateFirewallPolicy where+ toHeaders =+ Prelude.const+ ( Prelude.mconcat+ [ "X-Amz-Target"+ Data.=# ( "NetworkFirewall_20201112.CreateFirewallPolicy" ::+ Prelude.ByteString+ ),+ "Content-Type"+ Data.=# ( "application/x-amz-json-1.0" ::+ Prelude.ByteString+ )+ ]+ )++instance Data.ToJSON CreateFirewallPolicy where+ toJSON CreateFirewallPolicy' {..} =+ Data.object+ ( Prelude.catMaybes+ [ ("Description" Data..=) Prelude.<$> description,+ ("DryRun" Data..=) Prelude.<$> dryRun,+ ("EncryptionConfiguration" Data..=)+ Prelude.<$> encryptionConfiguration,+ ("Tags" Data..=) Prelude.<$> tags,+ Prelude.Just+ ("FirewallPolicyName" Data..= firewallPolicyName),+ Prelude.Just+ ("FirewallPolicy" Data..= firewallPolicy)+ ]+ )++instance Data.ToPath CreateFirewallPolicy where+ toPath = Prelude.const "/"++instance Data.ToQuery CreateFirewallPolicy where+ toQuery = Prelude.const Prelude.mempty++-- | /See:/ 'newCreateFirewallPolicyResponse' smart constructor.+data CreateFirewallPolicyResponse = CreateFirewallPolicyResponse'+ { -- | The response's http status code.+ httpStatus :: Prelude.Int,+ -- | A token used for optimistic locking. Network Firewall returns a token to+ -- your requests that access the firewall policy. The token marks the state+ -- of the policy resource at the time of the request.+ --+ -- To make changes to the policy, you provide the token in your request.+ -- Network Firewall uses the token to ensure that the policy hasn\'t+ -- changed since you last retrieved it. If it has changed, the operation+ -- fails with an @InvalidTokenException@. If this happens, retrieve the+ -- firewall policy again to get a current copy of it with current token.+ -- Reapply your changes as needed, then try the operation again using the+ -- new token.+ updateToken :: Prelude.Text,+ -- | The high-level properties of a firewall policy. This, along with the+ -- FirewallPolicy, define the policy. You can retrieve all objects for a+ -- firewall policy by calling DescribeFirewallPolicy.+ firewallPolicyResponse :: FirewallPolicyResponse+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'CreateFirewallPolicyResponse' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'httpStatus', 'createFirewallPolicyResponse_httpStatus' - The response's http status code.+--+-- 'updateToken', 'createFirewallPolicyResponse_updateToken' - A token used for optimistic locking. Network Firewall returns a token to+-- your requests that access the firewall policy. The token marks the state+-- of the policy resource at the time of the request.+--+-- To make changes to the policy, you provide the token in your request.+-- Network Firewall uses the token to ensure that the policy hasn\'t+-- changed since you last retrieved it. If it has changed, the operation+-- fails with an @InvalidTokenException@. If this happens, retrieve the+-- firewall policy again to get a current copy of it with current token.+-- Reapply your changes as needed, then try the operation again using the+-- new token.+--+-- 'firewallPolicyResponse', 'createFirewallPolicyResponse_firewallPolicyResponse' - The high-level properties of a firewall policy. This, along with the+-- FirewallPolicy, define the policy. You can retrieve all objects for a+-- firewall policy by calling DescribeFirewallPolicy.+newCreateFirewallPolicyResponse ::+ -- | 'httpStatus'+ Prelude.Int ->+ -- | 'updateToken'+ Prelude.Text ->+ -- | 'firewallPolicyResponse'+ FirewallPolicyResponse ->+ CreateFirewallPolicyResponse+newCreateFirewallPolicyResponse+ pHttpStatus_+ pUpdateToken_+ pFirewallPolicyResponse_ =+ CreateFirewallPolicyResponse'+ { httpStatus =+ pHttpStatus_,+ updateToken = pUpdateToken_,+ firewallPolicyResponse =+ pFirewallPolicyResponse_+ }++-- | The response's http status code.+createFirewallPolicyResponse_httpStatus :: Lens.Lens' CreateFirewallPolicyResponse Prelude.Int+createFirewallPolicyResponse_httpStatus = Lens.lens (\CreateFirewallPolicyResponse' {httpStatus} -> httpStatus) (\s@CreateFirewallPolicyResponse' {} a -> s {httpStatus = a} :: CreateFirewallPolicyResponse)++-- | A token used for optimistic locking. Network Firewall returns a token to+-- your requests that access the firewall policy. The token marks the state+-- of the policy resource at the time of the request.+--+-- To make changes to the policy, you provide the token in your request.+-- Network Firewall uses the token to ensure that the policy hasn\'t+-- changed since you last retrieved it. If it has changed, the operation+-- fails with an @InvalidTokenException@. If this happens, retrieve the+-- firewall policy again to get a current copy of it with current token.+-- Reapply your changes as needed, then try the operation again using the+-- new token.+createFirewallPolicyResponse_updateToken :: Lens.Lens' CreateFirewallPolicyResponse Prelude.Text+createFirewallPolicyResponse_updateToken = Lens.lens (\CreateFirewallPolicyResponse' {updateToken} -> updateToken) (\s@CreateFirewallPolicyResponse' {} a -> s {updateToken = a} :: CreateFirewallPolicyResponse)++-- | The high-level properties of a firewall policy. This, along with the+-- FirewallPolicy, define the policy. You can retrieve all objects for a+-- firewall policy by calling DescribeFirewallPolicy.+createFirewallPolicyResponse_firewallPolicyResponse :: Lens.Lens' CreateFirewallPolicyResponse FirewallPolicyResponse+createFirewallPolicyResponse_firewallPolicyResponse = Lens.lens (\CreateFirewallPolicyResponse' {firewallPolicyResponse} -> firewallPolicyResponse) (\s@CreateFirewallPolicyResponse' {} a -> s {firewallPolicyResponse = a} :: CreateFirewallPolicyResponse)++instance Prelude.NFData CreateFirewallPolicyResponse where+ rnf CreateFirewallPolicyResponse' {..} =+ Prelude.rnf httpStatus+ `Prelude.seq` Prelude.rnf updateToken+ `Prelude.seq` Prelude.rnf firewallPolicyResponse
+ gen/Amazonka/NetworkFirewall/CreateRuleGroup.hs view
@@ -0,0 +1,576 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE TypeFamilies #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-binds #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.CreateRuleGroup+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+--+-- Creates the specified stateless or stateful rule group, which includes+-- the rules for network traffic inspection, a capacity setting, and tags.+--+-- You provide your rule group specification in your request using either+-- @RuleGroup@ or @Rules@.+module Amazonka.NetworkFirewall.CreateRuleGroup+ ( -- * Creating a Request+ CreateRuleGroup (..),+ newCreateRuleGroup,++ -- * Request Lenses+ createRuleGroup_description,+ createRuleGroup_dryRun,+ createRuleGroup_encryptionConfiguration,+ createRuleGroup_ruleGroup,+ createRuleGroup_rules,+ createRuleGroup_sourceMetadata,+ createRuleGroup_tags,+ createRuleGroup_ruleGroupName,+ createRuleGroup_type,+ createRuleGroup_capacity,++ -- * Destructuring the Response+ CreateRuleGroupResponse (..),+ newCreateRuleGroupResponse,++ -- * Response Lenses+ createRuleGroupResponse_httpStatus,+ createRuleGroupResponse_updateToken,+ createRuleGroupResponse_ruleGroupResponse,+ )+where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import Amazonka.NetworkFirewall.Types+import qualified Amazonka.Prelude as Prelude+import qualified Amazonka.Request as Request+import qualified Amazonka.Response as Response++-- | /See:/ 'newCreateRuleGroup' smart constructor.+data CreateRuleGroup = CreateRuleGroup'+ { -- | A description of the rule group.+ description :: Prelude.Maybe Prelude.Text,+ -- | Indicates whether you want Network Firewall to just check the validity+ -- of the request, rather than run the request.+ --+ -- If set to @TRUE@, Network Firewall checks whether the request can run+ -- successfully, but doesn\'t actually make the requested changes. The call+ -- returns the value that the request would return if you ran it with dry+ -- run set to @FALSE@, but doesn\'t make additions or changes to your+ -- resources. This option allows you to make sure that you have the+ -- required permissions to run the request and that your request parameters+ -- are valid.+ --+ -- If set to @FALSE@, Network Firewall makes the requested changes to your+ -- resources.+ dryRun :: Prelude.Maybe Prelude.Bool,+ -- | A complex type that contains settings for encryption of your rule group+ -- resources.+ encryptionConfiguration :: Prelude.Maybe EncryptionConfiguration,+ -- | An object that defines the rule group rules.+ --+ -- You must provide either this rule group setting or a @Rules@ setting,+ -- but not both.+ ruleGroup :: Prelude.Maybe RuleGroup,+ -- | A string containing stateful rule group rules specifications in Suricata+ -- flat format, with one rule per line. Use this to import your existing+ -- Suricata compatible rule groups.+ --+ -- You must provide either this rules setting or a populated @RuleGroup@+ -- setting, but not both.+ --+ -- You can provide your rule group specification in Suricata flat format+ -- through this setting when you create or update your rule group. The call+ -- response returns a RuleGroup object that Network Firewall has populated+ -- from your string.+ rules :: Prelude.Maybe Prelude.Text,+ -- | A complex type that contains metadata about the rule group that your own+ -- rule group is copied from. You can use the metadata to keep track of+ -- updates made to the originating rule group.+ sourceMetadata :: Prelude.Maybe SourceMetadata,+ -- | The key:value pairs to associate with the resource.+ tags :: Prelude.Maybe (Prelude.NonEmpty Tag),+ -- | The descriptive name of the rule group. You can\'t change the name of a+ -- rule group after you create it.+ ruleGroupName :: Prelude.Text,+ -- | Indicates whether the rule group is stateless or stateful. If the rule+ -- group is stateless, it contains stateless rules. If it is stateful, it+ -- contains stateful rules.+ type' :: RuleGroupType,+ -- | The maximum operating resources that this rule group can use. Rule group+ -- capacity is fixed at creation. When you update a rule group, you are+ -- limited to this capacity. When you reference a rule group from a+ -- firewall policy, Network Firewall reserves this capacity for the rule+ -- group.+ --+ -- You can retrieve the capacity that would be required for a rule group+ -- before you create the rule group by calling CreateRuleGroup with+ -- @DryRun@ set to @TRUE@.+ --+ -- You can\'t change or exceed this capacity when you update the rule+ -- group, so leave room for your rule group to grow.+ --+ -- __Capacity for a stateless rule group__+ --+ -- For a stateless rule group, the capacity required is the sum of the+ -- capacity requirements of the individual rules that you expect to have in+ -- the rule group.+ --+ -- To calculate the capacity requirement of a single rule, multiply the+ -- capacity requirement values of each of the rule\'s match settings:+ --+ -- - A match setting with no criteria specified has a value of 1.+ --+ -- - A match setting with @Any@ specified has a value of 1.+ --+ -- - All other match settings have a value equal to the number of+ -- elements provided in the setting. For example, a protocol setting+ -- [\"UDP\"] and a source setting [\"10.0.0.0\/24\"] each have a value+ -- of 1. A protocol setting [\"UDP\",\"TCP\"] has a value of 2. A+ -- source setting [\"10.0.0.0\/24\",\"10.0.0.1\/24\",\"10.0.0.2\/24\"]+ -- has a value of 3.+ --+ -- A rule with no criteria specified in any of its match settings has a+ -- capacity requirement of 1. A rule with protocol setting+ -- [\"UDP\",\"TCP\"], source setting+ -- [\"10.0.0.0\/24\",\"10.0.0.1\/24\",\"10.0.0.2\/24\"], and a single+ -- specification or no specification for each of the other match settings+ -- has a capacity requirement of 6.+ --+ -- __Capacity for a stateful rule group__+ --+ -- For a stateful rule group, the minimum capacity required is the number+ -- of individual rules that you expect to have in the rule group.+ capacity :: Prelude.Int+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'CreateRuleGroup' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'description', 'createRuleGroup_description' - A description of the rule group.+--+-- 'dryRun', 'createRuleGroup_dryRun' - Indicates whether you want Network Firewall to just check the validity+-- of the request, rather than run the request.+--+-- If set to @TRUE@, Network Firewall checks whether the request can run+-- successfully, but doesn\'t actually make the requested changes. The call+-- returns the value that the request would return if you ran it with dry+-- run set to @FALSE@, but doesn\'t make additions or changes to your+-- resources. This option allows you to make sure that you have the+-- required permissions to run the request and that your request parameters+-- are valid.+--+-- If set to @FALSE@, Network Firewall makes the requested changes to your+-- resources.+--+-- 'encryptionConfiguration', 'createRuleGroup_encryptionConfiguration' - A complex type that contains settings for encryption of your rule group+-- resources.+--+-- 'ruleGroup', 'createRuleGroup_ruleGroup' - An object that defines the rule group rules.+--+-- You must provide either this rule group setting or a @Rules@ setting,+-- but not both.+--+-- 'rules', 'createRuleGroup_rules' - A string containing stateful rule group rules specifications in Suricata+-- flat format, with one rule per line. Use this to import your existing+-- Suricata compatible rule groups.+--+-- You must provide either this rules setting or a populated @RuleGroup@+-- setting, but not both.+--+-- You can provide your rule group specification in Suricata flat format+-- through this setting when you create or update your rule group. The call+-- response returns a RuleGroup object that Network Firewall has populated+-- from your string.+--+-- 'sourceMetadata', 'createRuleGroup_sourceMetadata' - A complex type that contains metadata about the rule group that your own+-- rule group is copied from. You can use the metadata to keep track of+-- updates made to the originating rule group.+--+-- 'tags', 'createRuleGroup_tags' - The key:value pairs to associate with the resource.+--+-- 'ruleGroupName', 'createRuleGroup_ruleGroupName' - The descriptive name of the rule group. You can\'t change the name of a+-- rule group after you create it.+--+-- 'type'', 'createRuleGroup_type' - Indicates whether the rule group is stateless or stateful. If the rule+-- group is stateless, it contains stateless rules. If it is stateful, it+-- contains stateful rules.+--+-- 'capacity', 'createRuleGroup_capacity' - The maximum operating resources that this rule group can use. Rule group+-- capacity is fixed at creation. When you update a rule group, you are+-- limited to this capacity. When you reference a rule group from a+-- firewall policy, Network Firewall reserves this capacity for the rule+-- group.+--+-- You can retrieve the capacity that would be required for a rule group+-- before you create the rule group by calling CreateRuleGroup with+-- @DryRun@ set to @TRUE@.+--+-- You can\'t change or exceed this capacity when you update the rule+-- group, so leave room for your rule group to grow.+--+-- __Capacity for a stateless rule group__+--+-- For a stateless rule group, the capacity required is the sum of the+-- capacity requirements of the individual rules that you expect to have in+-- the rule group.+--+-- To calculate the capacity requirement of a single rule, multiply the+-- capacity requirement values of each of the rule\'s match settings:+--+-- - A match setting with no criteria specified has a value of 1.+--+-- - A match setting with @Any@ specified has a value of 1.+--+-- - All other match settings have a value equal to the number of+-- elements provided in the setting. For example, a protocol setting+-- [\"UDP\"] and a source setting [\"10.0.0.0\/24\"] each have a value+-- of 1. A protocol setting [\"UDP\",\"TCP\"] has a value of 2. A+-- source setting [\"10.0.0.0\/24\",\"10.0.0.1\/24\",\"10.0.0.2\/24\"]+-- has a value of 3.+--+-- A rule with no criteria specified in any of its match settings has a+-- capacity requirement of 1. A rule with protocol setting+-- [\"UDP\",\"TCP\"], source setting+-- [\"10.0.0.0\/24\",\"10.0.0.1\/24\",\"10.0.0.2\/24\"], and a single+-- specification or no specification for each of the other match settings+-- has a capacity requirement of 6.+--+-- __Capacity for a stateful rule group__+--+-- For a stateful rule group, the minimum capacity required is the number+-- of individual rules that you expect to have in the rule group.+newCreateRuleGroup ::+ -- | 'ruleGroupName'+ Prelude.Text ->+ -- | 'type''+ RuleGroupType ->+ -- | 'capacity'+ Prelude.Int ->+ CreateRuleGroup+newCreateRuleGroup pRuleGroupName_ pType_ pCapacity_ =+ CreateRuleGroup'+ { description = Prelude.Nothing,+ dryRun = Prelude.Nothing,+ encryptionConfiguration = Prelude.Nothing,+ ruleGroup = Prelude.Nothing,+ rules = Prelude.Nothing,+ sourceMetadata = Prelude.Nothing,+ tags = Prelude.Nothing,+ ruleGroupName = pRuleGroupName_,+ type' = pType_,+ capacity = pCapacity_+ }++-- | A description of the rule group.+createRuleGroup_description :: Lens.Lens' CreateRuleGroup (Prelude.Maybe Prelude.Text)+createRuleGroup_description = Lens.lens (\CreateRuleGroup' {description} -> description) (\s@CreateRuleGroup' {} a -> s {description = a} :: CreateRuleGroup)++-- | Indicates whether you want Network Firewall to just check the validity+-- of the request, rather than run the request.+--+-- If set to @TRUE@, Network Firewall checks whether the request can run+-- successfully, but doesn\'t actually make the requested changes. The call+-- returns the value that the request would return if you ran it with dry+-- run set to @FALSE@, but doesn\'t make additions or changes to your+-- resources. This option allows you to make sure that you have the+-- required permissions to run the request and that your request parameters+-- are valid.+--+-- If set to @FALSE@, Network Firewall makes the requested changes to your+-- resources.+createRuleGroup_dryRun :: Lens.Lens' CreateRuleGroup (Prelude.Maybe Prelude.Bool)+createRuleGroup_dryRun = Lens.lens (\CreateRuleGroup' {dryRun} -> dryRun) (\s@CreateRuleGroup' {} a -> s {dryRun = a} :: CreateRuleGroup)++-- | A complex type that contains settings for encryption of your rule group+-- resources.+createRuleGroup_encryptionConfiguration :: Lens.Lens' CreateRuleGroup (Prelude.Maybe EncryptionConfiguration)+createRuleGroup_encryptionConfiguration = Lens.lens (\CreateRuleGroup' {encryptionConfiguration} -> encryptionConfiguration) (\s@CreateRuleGroup' {} a -> s {encryptionConfiguration = a} :: CreateRuleGroup)++-- | An object that defines the rule group rules.+--+-- You must provide either this rule group setting or a @Rules@ setting,+-- but not both.+createRuleGroup_ruleGroup :: Lens.Lens' CreateRuleGroup (Prelude.Maybe RuleGroup)+createRuleGroup_ruleGroup = Lens.lens (\CreateRuleGroup' {ruleGroup} -> ruleGroup) (\s@CreateRuleGroup' {} a -> s {ruleGroup = a} :: CreateRuleGroup)++-- | A string containing stateful rule group rules specifications in Suricata+-- flat format, with one rule per line. Use this to import your existing+-- Suricata compatible rule groups.+--+-- You must provide either this rules setting or a populated @RuleGroup@+-- setting, but not both.+--+-- You can provide your rule group specification in Suricata flat format+-- through this setting when you create or update your rule group. The call+-- response returns a RuleGroup object that Network Firewall has populated+-- from your string.+createRuleGroup_rules :: Lens.Lens' CreateRuleGroup (Prelude.Maybe Prelude.Text)+createRuleGroup_rules = Lens.lens (\CreateRuleGroup' {rules} -> rules) (\s@CreateRuleGroup' {} a -> s {rules = a} :: CreateRuleGroup)++-- | A complex type that contains metadata about the rule group that your own+-- rule group is copied from. You can use the metadata to keep track of+-- updates made to the originating rule group.+createRuleGroup_sourceMetadata :: Lens.Lens' CreateRuleGroup (Prelude.Maybe SourceMetadata)+createRuleGroup_sourceMetadata = Lens.lens (\CreateRuleGroup' {sourceMetadata} -> sourceMetadata) (\s@CreateRuleGroup' {} a -> s {sourceMetadata = a} :: CreateRuleGroup)++-- | The key:value pairs to associate with the resource.+createRuleGroup_tags :: Lens.Lens' CreateRuleGroup (Prelude.Maybe (Prelude.NonEmpty Tag))+createRuleGroup_tags = Lens.lens (\CreateRuleGroup' {tags} -> tags) (\s@CreateRuleGroup' {} a -> s {tags = a} :: CreateRuleGroup) Prelude.. Lens.mapping Lens.coerced++-- | The descriptive name of the rule group. You can\'t change the name of a+-- rule group after you create it.+createRuleGroup_ruleGroupName :: Lens.Lens' CreateRuleGroup Prelude.Text+createRuleGroup_ruleGroupName = Lens.lens (\CreateRuleGroup' {ruleGroupName} -> ruleGroupName) (\s@CreateRuleGroup' {} a -> s {ruleGroupName = a} :: CreateRuleGroup)++-- | Indicates whether the rule group is stateless or stateful. If the rule+-- group is stateless, it contains stateless rules. If it is stateful, it+-- contains stateful rules.+createRuleGroup_type :: Lens.Lens' CreateRuleGroup RuleGroupType+createRuleGroup_type = Lens.lens (\CreateRuleGroup' {type'} -> type') (\s@CreateRuleGroup' {} a -> s {type' = a} :: CreateRuleGroup)++-- | The maximum operating resources that this rule group can use. Rule group+-- capacity is fixed at creation. When you update a rule group, you are+-- limited to this capacity. When you reference a rule group from a+-- firewall policy, Network Firewall reserves this capacity for the rule+-- group.+--+-- You can retrieve the capacity that would be required for a rule group+-- before you create the rule group by calling CreateRuleGroup with+-- @DryRun@ set to @TRUE@.+--+-- You can\'t change or exceed this capacity when you update the rule+-- group, so leave room for your rule group to grow.+--+-- __Capacity for a stateless rule group__+--+-- For a stateless rule group, the capacity required is the sum of the+-- capacity requirements of the individual rules that you expect to have in+-- the rule group.+--+-- To calculate the capacity requirement of a single rule, multiply the+-- capacity requirement values of each of the rule\'s match settings:+--+-- - A match setting with no criteria specified has a value of 1.+--+-- - A match setting with @Any@ specified has a value of 1.+--+-- - All other match settings have a value equal to the number of+-- elements provided in the setting. For example, a protocol setting+-- [\"UDP\"] and a source setting [\"10.0.0.0\/24\"] each have a value+-- of 1. A protocol setting [\"UDP\",\"TCP\"] has a value of 2. A+-- source setting [\"10.0.0.0\/24\",\"10.0.0.1\/24\",\"10.0.0.2\/24\"]+-- has a value of 3.+--+-- A rule with no criteria specified in any of its match settings has a+-- capacity requirement of 1. A rule with protocol setting+-- [\"UDP\",\"TCP\"], source setting+-- [\"10.0.0.0\/24\",\"10.0.0.1\/24\",\"10.0.0.2\/24\"], and a single+-- specification or no specification for each of the other match settings+-- has a capacity requirement of 6.+--+-- __Capacity for a stateful rule group__+--+-- For a stateful rule group, the minimum capacity required is the number+-- of individual rules that you expect to have in the rule group.+createRuleGroup_capacity :: Lens.Lens' CreateRuleGroup Prelude.Int+createRuleGroup_capacity = Lens.lens (\CreateRuleGroup' {capacity} -> capacity) (\s@CreateRuleGroup' {} a -> s {capacity = a} :: CreateRuleGroup)++instance Core.AWSRequest CreateRuleGroup where+ type+ AWSResponse CreateRuleGroup =+ CreateRuleGroupResponse+ request overrides =+ Request.postJSON (overrides defaultService)+ response =+ Response.receiveJSON+ ( \s h x ->+ CreateRuleGroupResponse'+ Prelude.<$> (Prelude.pure (Prelude.fromEnum s))+ Prelude.<*> (x Data..:> "UpdateToken")+ Prelude.<*> (x Data..:> "RuleGroupResponse")+ )++instance Prelude.Hashable CreateRuleGroup where+ hashWithSalt _salt CreateRuleGroup' {..} =+ _salt+ `Prelude.hashWithSalt` description+ `Prelude.hashWithSalt` dryRun+ `Prelude.hashWithSalt` encryptionConfiguration+ `Prelude.hashWithSalt` ruleGroup+ `Prelude.hashWithSalt` rules+ `Prelude.hashWithSalt` sourceMetadata+ `Prelude.hashWithSalt` tags+ `Prelude.hashWithSalt` ruleGroupName+ `Prelude.hashWithSalt` type'+ `Prelude.hashWithSalt` capacity++instance Prelude.NFData CreateRuleGroup where+ rnf CreateRuleGroup' {..} =+ Prelude.rnf description+ `Prelude.seq` Prelude.rnf dryRun+ `Prelude.seq` Prelude.rnf encryptionConfiguration+ `Prelude.seq` Prelude.rnf ruleGroup+ `Prelude.seq` Prelude.rnf rules+ `Prelude.seq` Prelude.rnf sourceMetadata+ `Prelude.seq` Prelude.rnf tags+ `Prelude.seq` Prelude.rnf ruleGroupName+ `Prelude.seq` Prelude.rnf type'+ `Prelude.seq` Prelude.rnf capacity++instance Data.ToHeaders CreateRuleGroup where+ toHeaders =+ Prelude.const+ ( Prelude.mconcat+ [ "X-Amz-Target"+ Data.=# ( "NetworkFirewall_20201112.CreateRuleGroup" ::+ Prelude.ByteString+ ),+ "Content-Type"+ Data.=# ( "application/x-amz-json-1.0" ::+ Prelude.ByteString+ )+ ]+ )++instance Data.ToJSON CreateRuleGroup where+ toJSON CreateRuleGroup' {..} =+ Data.object+ ( Prelude.catMaybes+ [ ("Description" Data..=) Prelude.<$> description,+ ("DryRun" Data..=) Prelude.<$> dryRun,+ ("EncryptionConfiguration" Data..=)+ Prelude.<$> encryptionConfiguration,+ ("RuleGroup" Data..=) Prelude.<$> ruleGroup,+ ("Rules" Data..=) Prelude.<$> rules,+ ("SourceMetadata" Data..=)+ Prelude.<$> sourceMetadata,+ ("Tags" Data..=) Prelude.<$> tags,+ Prelude.Just ("RuleGroupName" Data..= ruleGroupName),+ Prelude.Just ("Type" Data..= type'),+ Prelude.Just ("Capacity" Data..= capacity)+ ]+ )++instance Data.ToPath CreateRuleGroup where+ toPath = Prelude.const "/"++instance Data.ToQuery CreateRuleGroup where+ toQuery = Prelude.const Prelude.mempty++-- | /See:/ 'newCreateRuleGroupResponse' smart constructor.+data CreateRuleGroupResponse = CreateRuleGroupResponse'+ { -- | The response's http status code.+ httpStatus :: Prelude.Int,+ -- | A token used for optimistic locking. Network Firewall returns a token to+ -- your requests that access the rule group. The token marks the state of+ -- the rule group resource at the time of the request.+ --+ -- To make changes to the rule group, you provide the token in your+ -- request. Network Firewall uses the token to ensure that the rule group+ -- hasn\'t changed since you last retrieved it. If it has changed, the+ -- operation fails with an @InvalidTokenException@. If this happens,+ -- retrieve the rule group again to get a current copy of it with a current+ -- token. Reapply your changes as needed, then try the operation again+ -- using the new token.+ updateToken :: Prelude.Text,+ -- | The high-level properties of a rule group. This, along with the+ -- RuleGroup, define the rule group. You can retrieve all objects for a+ -- rule group by calling DescribeRuleGroup.+ ruleGroupResponse :: RuleGroupResponse+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'CreateRuleGroupResponse' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'httpStatus', 'createRuleGroupResponse_httpStatus' - The response's http status code.+--+-- 'updateToken', 'createRuleGroupResponse_updateToken' - A token used for optimistic locking. Network Firewall returns a token to+-- your requests that access the rule group. The token marks the state of+-- the rule group resource at the time of the request.+--+-- To make changes to the rule group, you provide the token in your+-- request. Network Firewall uses the token to ensure that the rule group+-- hasn\'t changed since you last retrieved it. If it has changed, the+-- operation fails with an @InvalidTokenException@. If this happens,+-- retrieve the rule group again to get a current copy of it with a current+-- token. Reapply your changes as needed, then try the operation again+-- using the new token.+--+-- 'ruleGroupResponse', 'createRuleGroupResponse_ruleGroupResponse' - The high-level properties of a rule group. This, along with the+-- RuleGroup, define the rule group. You can retrieve all objects for a+-- rule group by calling DescribeRuleGroup.+newCreateRuleGroupResponse ::+ -- | 'httpStatus'+ Prelude.Int ->+ -- | 'updateToken'+ Prelude.Text ->+ -- | 'ruleGroupResponse'+ RuleGroupResponse ->+ CreateRuleGroupResponse+newCreateRuleGroupResponse+ pHttpStatus_+ pUpdateToken_+ pRuleGroupResponse_ =+ CreateRuleGroupResponse'+ { httpStatus = pHttpStatus_,+ updateToken = pUpdateToken_,+ ruleGroupResponse = pRuleGroupResponse_+ }++-- | The response's http status code.+createRuleGroupResponse_httpStatus :: Lens.Lens' CreateRuleGroupResponse Prelude.Int+createRuleGroupResponse_httpStatus = Lens.lens (\CreateRuleGroupResponse' {httpStatus} -> httpStatus) (\s@CreateRuleGroupResponse' {} a -> s {httpStatus = a} :: CreateRuleGroupResponse)++-- | A token used for optimistic locking. Network Firewall returns a token to+-- your requests that access the rule group. The token marks the state of+-- the rule group resource at the time of the request.+--+-- To make changes to the rule group, you provide the token in your+-- request. Network Firewall uses the token to ensure that the rule group+-- hasn\'t changed since you last retrieved it. If it has changed, the+-- operation fails with an @InvalidTokenException@. If this happens,+-- retrieve the rule group again to get a current copy of it with a current+-- token. Reapply your changes as needed, then try the operation again+-- using the new token.+createRuleGroupResponse_updateToken :: Lens.Lens' CreateRuleGroupResponse Prelude.Text+createRuleGroupResponse_updateToken = Lens.lens (\CreateRuleGroupResponse' {updateToken} -> updateToken) (\s@CreateRuleGroupResponse' {} a -> s {updateToken = a} :: CreateRuleGroupResponse)++-- | The high-level properties of a rule group. This, along with the+-- RuleGroup, define the rule group. You can retrieve all objects for a+-- rule group by calling DescribeRuleGroup.+createRuleGroupResponse_ruleGroupResponse :: Lens.Lens' CreateRuleGroupResponse RuleGroupResponse+createRuleGroupResponse_ruleGroupResponse = Lens.lens (\CreateRuleGroupResponse' {ruleGroupResponse} -> ruleGroupResponse) (\s@CreateRuleGroupResponse' {} a -> s {ruleGroupResponse = a} :: CreateRuleGroupResponse)++instance Prelude.NFData CreateRuleGroupResponse where+ rnf CreateRuleGroupResponse' {..} =+ Prelude.rnf httpStatus+ `Prelude.seq` Prelude.rnf updateToken+ `Prelude.seq` Prelude.rnf ruleGroupResponse
+ gen/Amazonka/NetworkFirewall/DeleteFirewall.hs view
@@ -0,0 +1,222 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE TypeFamilies #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-binds #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.DeleteFirewall+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+--+-- Deletes the specified Firewall and its FirewallStatus. This operation+-- requires the firewall\'s @DeleteProtection@ flag to be @FALSE@. You+-- can\'t revert this operation.+--+-- You can check whether a firewall is in use by reviewing the route tables+-- for the Availability Zones where you have firewall subnet mappings.+-- Retrieve the subnet mappings by calling DescribeFirewall. You define and+-- update the route tables through Amazon VPC. As needed, update the route+-- tables for the zones to remove the firewall endpoints. When the route+-- tables no longer use the firewall endpoints, you can remove the firewall+-- safely.+--+-- To delete a firewall, remove the delete protection if you need to using+-- UpdateFirewallDeleteProtection, then delete the firewall by calling+-- DeleteFirewall.+module Amazonka.NetworkFirewall.DeleteFirewall+ ( -- * Creating a Request+ DeleteFirewall (..),+ newDeleteFirewall,++ -- * Request Lenses+ deleteFirewall_firewallArn,+ deleteFirewall_firewallName,++ -- * Destructuring the Response+ DeleteFirewallResponse (..),+ newDeleteFirewallResponse,++ -- * Response Lenses+ deleteFirewallResponse_firewall,+ deleteFirewallResponse_firewallStatus,+ deleteFirewallResponse_httpStatus,+ )+where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import Amazonka.NetworkFirewall.Types+import qualified Amazonka.Prelude as Prelude+import qualified Amazonka.Request as Request+import qualified Amazonka.Response as Response++-- | /See:/ 'newDeleteFirewall' smart constructor.+data DeleteFirewall = DeleteFirewall'+ { -- | The Amazon Resource Name (ARN) of the firewall.+ --+ -- You must specify the ARN or the name, and you can specify both.+ firewallArn :: Prelude.Maybe Prelude.Text,+ -- | The descriptive name of the firewall. You can\'t change the name of a+ -- firewall after you create it.+ --+ -- You must specify the ARN or the name, and you can specify both.+ firewallName :: Prelude.Maybe Prelude.Text+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'DeleteFirewall' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'firewallArn', 'deleteFirewall_firewallArn' - The Amazon Resource Name (ARN) of the firewall.+--+-- You must specify the ARN or the name, and you can specify both.+--+-- 'firewallName', 'deleteFirewall_firewallName' - The descriptive name of the firewall. You can\'t change the name of a+-- firewall after you create it.+--+-- You must specify the ARN or the name, and you can specify both.+newDeleteFirewall ::+ DeleteFirewall+newDeleteFirewall =+ DeleteFirewall'+ { firewallArn = Prelude.Nothing,+ firewallName = Prelude.Nothing+ }++-- | The Amazon Resource Name (ARN) of the firewall.+--+-- You must specify the ARN or the name, and you can specify both.+deleteFirewall_firewallArn :: Lens.Lens' DeleteFirewall (Prelude.Maybe Prelude.Text)+deleteFirewall_firewallArn = Lens.lens (\DeleteFirewall' {firewallArn} -> firewallArn) (\s@DeleteFirewall' {} a -> s {firewallArn = a} :: DeleteFirewall)++-- | The descriptive name of the firewall. You can\'t change the name of a+-- firewall after you create it.+--+-- You must specify the ARN or the name, and you can specify both.+deleteFirewall_firewallName :: Lens.Lens' DeleteFirewall (Prelude.Maybe Prelude.Text)+deleteFirewall_firewallName = Lens.lens (\DeleteFirewall' {firewallName} -> firewallName) (\s@DeleteFirewall' {} a -> s {firewallName = a} :: DeleteFirewall)++instance Core.AWSRequest DeleteFirewall where+ type+ AWSResponse DeleteFirewall =+ DeleteFirewallResponse+ request overrides =+ Request.postJSON (overrides defaultService)+ response =+ Response.receiveJSON+ ( \s h x ->+ DeleteFirewallResponse'+ Prelude.<$> (x Data..?> "Firewall")+ Prelude.<*> (x Data..?> "FirewallStatus")+ Prelude.<*> (Prelude.pure (Prelude.fromEnum s))+ )++instance Prelude.Hashable DeleteFirewall where+ hashWithSalt _salt DeleteFirewall' {..} =+ _salt+ `Prelude.hashWithSalt` firewallArn+ `Prelude.hashWithSalt` firewallName++instance Prelude.NFData DeleteFirewall where+ rnf DeleteFirewall' {..} =+ Prelude.rnf firewallArn+ `Prelude.seq` Prelude.rnf firewallName++instance Data.ToHeaders DeleteFirewall where+ toHeaders =+ Prelude.const+ ( Prelude.mconcat+ [ "X-Amz-Target"+ Data.=# ( "NetworkFirewall_20201112.DeleteFirewall" ::+ Prelude.ByteString+ ),+ "Content-Type"+ Data.=# ( "application/x-amz-json-1.0" ::+ Prelude.ByteString+ )+ ]+ )++instance Data.ToJSON DeleteFirewall where+ toJSON DeleteFirewall' {..} =+ Data.object+ ( Prelude.catMaybes+ [ ("FirewallArn" Data..=) Prelude.<$> firewallArn,+ ("FirewallName" Data..=) Prelude.<$> firewallName+ ]+ )++instance Data.ToPath DeleteFirewall where+ toPath = Prelude.const "/"++instance Data.ToQuery DeleteFirewall where+ toQuery = Prelude.const Prelude.mempty++-- | /See:/ 'newDeleteFirewallResponse' smart constructor.+data DeleteFirewallResponse = DeleteFirewallResponse'+ { firewall :: Prelude.Maybe Firewall,+ firewallStatus :: Prelude.Maybe FirewallStatus,+ -- | The response's http status code.+ httpStatus :: Prelude.Int+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'DeleteFirewallResponse' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'firewall', 'deleteFirewallResponse_firewall' - Undocumented member.+--+-- 'firewallStatus', 'deleteFirewallResponse_firewallStatus' - Undocumented member.+--+-- 'httpStatus', 'deleteFirewallResponse_httpStatus' - The response's http status code.+newDeleteFirewallResponse ::+ -- | 'httpStatus'+ Prelude.Int ->+ DeleteFirewallResponse+newDeleteFirewallResponse pHttpStatus_ =+ DeleteFirewallResponse'+ { firewall = Prelude.Nothing,+ firewallStatus = Prelude.Nothing,+ httpStatus = pHttpStatus_+ }++-- | Undocumented member.+deleteFirewallResponse_firewall :: Lens.Lens' DeleteFirewallResponse (Prelude.Maybe Firewall)+deleteFirewallResponse_firewall = Lens.lens (\DeleteFirewallResponse' {firewall} -> firewall) (\s@DeleteFirewallResponse' {} a -> s {firewall = a} :: DeleteFirewallResponse)++-- | Undocumented member.+deleteFirewallResponse_firewallStatus :: Lens.Lens' DeleteFirewallResponse (Prelude.Maybe FirewallStatus)+deleteFirewallResponse_firewallStatus = Lens.lens (\DeleteFirewallResponse' {firewallStatus} -> firewallStatus) (\s@DeleteFirewallResponse' {} a -> s {firewallStatus = a} :: DeleteFirewallResponse)++-- | The response's http status code.+deleteFirewallResponse_httpStatus :: Lens.Lens' DeleteFirewallResponse Prelude.Int+deleteFirewallResponse_httpStatus = Lens.lens (\DeleteFirewallResponse' {httpStatus} -> httpStatus) (\s@DeleteFirewallResponse' {} a -> s {httpStatus = a} :: DeleteFirewallResponse)++instance Prelude.NFData DeleteFirewallResponse where+ rnf DeleteFirewallResponse' {..} =+ Prelude.rnf firewall+ `Prelude.seq` Prelude.rnf firewallStatus+ `Prelude.seq` Prelude.rnf httpStatus
+ gen/Amazonka/NetworkFirewall/DeleteFirewallPolicy.hs view
@@ -0,0 +1,210 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE TypeFamilies #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-binds #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.DeleteFirewallPolicy+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+--+-- Deletes the specified FirewallPolicy.+module Amazonka.NetworkFirewall.DeleteFirewallPolicy+ ( -- * Creating a Request+ DeleteFirewallPolicy (..),+ newDeleteFirewallPolicy,++ -- * Request Lenses+ deleteFirewallPolicy_firewallPolicyArn,+ deleteFirewallPolicy_firewallPolicyName,++ -- * Destructuring the Response+ DeleteFirewallPolicyResponse (..),+ newDeleteFirewallPolicyResponse,++ -- * Response Lenses+ deleteFirewallPolicyResponse_httpStatus,+ deleteFirewallPolicyResponse_firewallPolicyResponse,+ )+where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import Amazonka.NetworkFirewall.Types+import qualified Amazonka.Prelude as Prelude+import qualified Amazonka.Request as Request+import qualified Amazonka.Response as Response++-- | /See:/ 'newDeleteFirewallPolicy' smart constructor.+data DeleteFirewallPolicy = DeleteFirewallPolicy'+ { -- | The Amazon Resource Name (ARN) of the firewall policy.+ --+ -- You must specify the ARN or the name, and you can specify both.+ firewallPolicyArn :: Prelude.Maybe Prelude.Text,+ -- | The descriptive name of the firewall policy. You can\'t change the name+ -- of a firewall policy after you create it.+ --+ -- You must specify the ARN or the name, and you can specify both.+ firewallPolicyName :: Prelude.Maybe Prelude.Text+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'DeleteFirewallPolicy' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'firewallPolicyArn', 'deleteFirewallPolicy_firewallPolicyArn' - The Amazon Resource Name (ARN) of the firewall policy.+--+-- You must specify the ARN or the name, and you can specify both.+--+-- 'firewallPolicyName', 'deleteFirewallPolicy_firewallPolicyName' - The descriptive name of the firewall policy. You can\'t change the name+-- of a firewall policy after you create it.+--+-- You must specify the ARN or the name, and you can specify both.+newDeleteFirewallPolicy ::+ DeleteFirewallPolicy+newDeleteFirewallPolicy =+ DeleteFirewallPolicy'+ { firewallPolicyArn =+ Prelude.Nothing,+ firewallPolicyName = Prelude.Nothing+ }++-- | The Amazon Resource Name (ARN) of the firewall policy.+--+-- You must specify the ARN or the name, and you can specify both.+deleteFirewallPolicy_firewallPolicyArn :: Lens.Lens' DeleteFirewallPolicy (Prelude.Maybe Prelude.Text)+deleteFirewallPolicy_firewallPolicyArn = Lens.lens (\DeleteFirewallPolicy' {firewallPolicyArn} -> firewallPolicyArn) (\s@DeleteFirewallPolicy' {} a -> s {firewallPolicyArn = a} :: DeleteFirewallPolicy)++-- | The descriptive name of the firewall policy. You can\'t change the name+-- of a firewall policy after you create it.+--+-- You must specify the ARN or the name, and you can specify both.+deleteFirewallPolicy_firewallPolicyName :: Lens.Lens' DeleteFirewallPolicy (Prelude.Maybe Prelude.Text)+deleteFirewallPolicy_firewallPolicyName = Lens.lens (\DeleteFirewallPolicy' {firewallPolicyName} -> firewallPolicyName) (\s@DeleteFirewallPolicy' {} a -> s {firewallPolicyName = a} :: DeleteFirewallPolicy)++instance Core.AWSRequest DeleteFirewallPolicy where+ type+ AWSResponse DeleteFirewallPolicy =+ DeleteFirewallPolicyResponse+ request overrides =+ Request.postJSON (overrides defaultService)+ response =+ Response.receiveJSON+ ( \s h x ->+ DeleteFirewallPolicyResponse'+ Prelude.<$> (Prelude.pure (Prelude.fromEnum s))+ Prelude.<*> (x Data..:> "FirewallPolicyResponse")+ )++instance Prelude.Hashable DeleteFirewallPolicy where+ hashWithSalt _salt DeleteFirewallPolicy' {..} =+ _salt+ `Prelude.hashWithSalt` firewallPolicyArn+ `Prelude.hashWithSalt` firewallPolicyName++instance Prelude.NFData DeleteFirewallPolicy where+ rnf DeleteFirewallPolicy' {..} =+ Prelude.rnf firewallPolicyArn+ `Prelude.seq` Prelude.rnf firewallPolicyName++instance Data.ToHeaders DeleteFirewallPolicy where+ toHeaders =+ Prelude.const+ ( Prelude.mconcat+ [ "X-Amz-Target"+ Data.=# ( "NetworkFirewall_20201112.DeleteFirewallPolicy" ::+ Prelude.ByteString+ ),+ "Content-Type"+ Data.=# ( "application/x-amz-json-1.0" ::+ Prelude.ByteString+ )+ ]+ )++instance Data.ToJSON DeleteFirewallPolicy where+ toJSON DeleteFirewallPolicy' {..} =+ Data.object+ ( Prelude.catMaybes+ [ ("FirewallPolicyArn" Data..=)+ Prelude.<$> firewallPolicyArn,+ ("FirewallPolicyName" Data..=)+ Prelude.<$> firewallPolicyName+ ]+ )++instance Data.ToPath DeleteFirewallPolicy where+ toPath = Prelude.const "/"++instance Data.ToQuery DeleteFirewallPolicy where+ toQuery = Prelude.const Prelude.mempty++-- | /See:/ 'newDeleteFirewallPolicyResponse' smart constructor.+data DeleteFirewallPolicyResponse = DeleteFirewallPolicyResponse'+ { -- | The response's http status code.+ httpStatus :: Prelude.Int,+ -- | The object containing the definition of the FirewallPolicyResponse that+ -- you asked to delete.+ firewallPolicyResponse :: FirewallPolicyResponse+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'DeleteFirewallPolicyResponse' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'httpStatus', 'deleteFirewallPolicyResponse_httpStatus' - The response's http status code.+--+-- 'firewallPolicyResponse', 'deleteFirewallPolicyResponse_firewallPolicyResponse' - The object containing the definition of the FirewallPolicyResponse that+-- you asked to delete.+newDeleteFirewallPolicyResponse ::+ -- | 'httpStatus'+ Prelude.Int ->+ -- | 'firewallPolicyResponse'+ FirewallPolicyResponse ->+ DeleteFirewallPolicyResponse+newDeleteFirewallPolicyResponse+ pHttpStatus_+ pFirewallPolicyResponse_ =+ DeleteFirewallPolicyResponse'+ { httpStatus =+ pHttpStatus_,+ firewallPolicyResponse =+ pFirewallPolicyResponse_+ }++-- | The response's http status code.+deleteFirewallPolicyResponse_httpStatus :: Lens.Lens' DeleteFirewallPolicyResponse Prelude.Int+deleteFirewallPolicyResponse_httpStatus = Lens.lens (\DeleteFirewallPolicyResponse' {httpStatus} -> httpStatus) (\s@DeleteFirewallPolicyResponse' {} a -> s {httpStatus = a} :: DeleteFirewallPolicyResponse)++-- | The object containing the definition of the FirewallPolicyResponse that+-- you asked to delete.+deleteFirewallPolicyResponse_firewallPolicyResponse :: Lens.Lens' DeleteFirewallPolicyResponse FirewallPolicyResponse+deleteFirewallPolicyResponse_firewallPolicyResponse = Lens.lens (\DeleteFirewallPolicyResponse' {firewallPolicyResponse} -> firewallPolicyResponse) (\s@DeleteFirewallPolicyResponse' {} a -> s {firewallPolicyResponse = a} :: DeleteFirewallPolicyResponse)++instance Prelude.NFData DeleteFirewallPolicyResponse where+ rnf DeleteFirewallPolicyResponse' {..} =+ Prelude.rnf httpStatus+ `Prelude.seq` Prelude.rnf firewallPolicyResponse
+ gen/Amazonka/NetworkFirewall/DeleteResourcePolicy.hs view
@@ -0,0 +1,161 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE TypeFamilies #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-binds #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.DeleteResourcePolicy+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+--+-- Deletes a resource policy that you created in a PutResourcePolicy+-- request.+module Amazonka.NetworkFirewall.DeleteResourcePolicy+ ( -- * Creating a Request+ DeleteResourcePolicy (..),+ newDeleteResourcePolicy,++ -- * Request Lenses+ deleteResourcePolicy_resourceArn,++ -- * Destructuring the Response+ DeleteResourcePolicyResponse (..),+ newDeleteResourcePolicyResponse,++ -- * Response Lenses+ deleteResourcePolicyResponse_httpStatus,+ )+where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import Amazonka.NetworkFirewall.Types+import qualified Amazonka.Prelude as Prelude+import qualified Amazonka.Request as Request+import qualified Amazonka.Response as Response++-- | /See:/ 'newDeleteResourcePolicy' smart constructor.+data DeleteResourcePolicy = DeleteResourcePolicy'+ { -- | The Amazon Resource Name (ARN) of the rule group or firewall policy+ -- whose resource policy you want to delete.+ resourceArn :: Prelude.Text+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'DeleteResourcePolicy' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'resourceArn', 'deleteResourcePolicy_resourceArn' - The Amazon Resource Name (ARN) of the rule group or firewall policy+-- whose resource policy you want to delete.+newDeleteResourcePolicy ::+ -- | 'resourceArn'+ Prelude.Text ->+ DeleteResourcePolicy+newDeleteResourcePolicy pResourceArn_ =+ DeleteResourcePolicy' {resourceArn = pResourceArn_}++-- | The Amazon Resource Name (ARN) of the rule group or firewall policy+-- whose resource policy you want to delete.+deleteResourcePolicy_resourceArn :: Lens.Lens' DeleteResourcePolicy Prelude.Text+deleteResourcePolicy_resourceArn = Lens.lens (\DeleteResourcePolicy' {resourceArn} -> resourceArn) (\s@DeleteResourcePolicy' {} a -> s {resourceArn = a} :: DeleteResourcePolicy)++instance Core.AWSRequest DeleteResourcePolicy where+ type+ AWSResponse DeleteResourcePolicy =+ DeleteResourcePolicyResponse+ request overrides =+ Request.postJSON (overrides defaultService)+ response =+ Response.receiveEmpty+ ( \s h x ->+ DeleteResourcePolicyResponse'+ Prelude.<$> (Prelude.pure (Prelude.fromEnum s))+ )++instance Prelude.Hashable DeleteResourcePolicy where+ hashWithSalt _salt DeleteResourcePolicy' {..} =+ _salt `Prelude.hashWithSalt` resourceArn++instance Prelude.NFData DeleteResourcePolicy where+ rnf DeleteResourcePolicy' {..} =+ Prelude.rnf resourceArn++instance Data.ToHeaders DeleteResourcePolicy where+ toHeaders =+ Prelude.const+ ( Prelude.mconcat+ [ "X-Amz-Target"+ Data.=# ( "NetworkFirewall_20201112.DeleteResourcePolicy" ::+ Prelude.ByteString+ ),+ "Content-Type"+ Data.=# ( "application/x-amz-json-1.0" ::+ Prelude.ByteString+ )+ ]+ )++instance Data.ToJSON DeleteResourcePolicy where+ toJSON DeleteResourcePolicy' {..} =+ Data.object+ ( Prelude.catMaybes+ [Prelude.Just ("ResourceArn" Data..= resourceArn)]+ )++instance Data.ToPath DeleteResourcePolicy where+ toPath = Prelude.const "/"++instance Data.ToQuery DeleteResourcePolicy where+ toQuery = Prelude.const Prelude.mempty++-- | /See:/ 'newDeleteResourcePolicyResponse' smart constructor.+data DeleteResourcePolicyResponse = DeleteResourcePolicyResponse'+ { -- | The response's http status code.+ httpStatus :: Prelude.Int+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'DeleteResourcePolicyResponse' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'httpStatus', 'deleteResourcePolicyResponse_httpStatus' - The response's http status code.+newDeleteResourcePolicyResponse ::+ -- | 'httpStatus'+ Prelude.Int ->+ DeleteResourcePolicyResponse+newDeleteResourcePolicyResponse pHttpStatus_ =+ DeleteResourcePolicyResponse'+ { httpStatus =+ pHttpStatus_+ }++-- | The response's http status code.+deleteResourcePolicyResponse_httpStatus :: Lens.Lens' DeleteResourcePolicyResponse Prelude.Int+deleteResourcePolicyResponse_httpStatus = Lens.lens (\DeleteResourcePolicyResponse' {httpStatus} -> httpStatus) (\s@DeleteResourcePolicyResponse' {} a -> s {httpStatus = a} :: DeleteResourcePolicyResponse)++instance Prelude.NFData DeleteResourcePolicyResponse where+ rnf DeleteResourcePolicyResponse' {..} =+ Prelude.rnf httpStatus
+ gen/Amazonka/NetworkFirewall/DeleteRuleGroup.hs view
@@ -0,0 +1,236 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE TypeFamilies #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-binds #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.DeleteRuleGroup+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+--+-- Deletes the specified RuleGroup.+module Amazonka.NetworkFirewall.DeleteRuleGroup+ ( -- * Creating a Request+ DeleteRuleGroup (..),+ newDeleteRuleGroup,++ -- * Request Lenses+ deleteRuleGroup_ruleGroupArn,+ deleteRuleGroup_ruleGroupName,+ deleteRuleGroup_type,++ -- * Destructuring the Response+ DeleteRuleGroupResponse (..),+ newDeleteRuleGroupResponse,++ -- * Response Lenses+ deleteRuleGroupResponse_httpStatus,+ deleteRuleGroupResponse_ruleGroupResponse,+ )+where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import Amazonka.NetworkFirewall.Types+import qualified Amazonka.Prelude as Prelude+import qualified Amazonka.Request as Request+import qualified Amazonka.Response as Response++-- | /See:/ 'newDeleteRuleGroup' smart constructor.+data DeleteRuleGroup = DeleteRuleGroup'+ { -- | The Amazon Resource Name (ARN) of the rule group.+ --+ -- You must specify the ARN or the name, and you can specify both.+ ruleGroupArn :: Prelude.Maybe Prelude.Text,+ -- | The descriptive name of the rule group. You can\'t change the name of a+ -- rule group after you create it.+ --+ -- You must specify the ARN or the name, and you can specify both.+ ruleGroupName :: Prelude.Maybe Prelude.Text,+ -- | Indicates whether the rule group is stateless or stateful. If the rule+ -- group is stateless, it contains stateless rules. If it is stateful, it+ -- contains stateful rules.+ --+ -- This setting is required for requests that do not include the+ -- @RuleGroupARN@.+ type' :: Prelude.Maybe RuleGroupType+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'DeleteRuleGroup' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'ruleGroupArn', 'deleteRuleGroup_ruleGroupArn' - The Amazon Resource Name (ARN) of the rule group.+--+-- You must specify the ARN or the name, and you can specify both.+--+-- 'ruleGroupName', 'deleteRuleGroup_ruleGroupName' - The descriptive name of the rule group. You can\'t change the name of a+-- rule group after you create it.+--+-- You must specify the ARN or the name, and you can specify both.+--+-- 'type'', 'deleteRuleGroup_type' - Indicates whether the rule group is stateless or stateful. If the rule+-- group is stateless, it contains stateless rules. If it is stateful, it+-- contains stateful rules.+--+-- This setting is required for requests that do not include the+-- @RuleGroupARN@.+newDeleteRuleGroup ::+ DeleteRuleGroup+newDeleteRuleGroup =+ DeleteRuleGroup'+ { ruleGroupArn = Prelude.Nothing,+ ruleGroupName = Prelude.Nothing,+ type' = Prelude.Nothing+ }++-- | The Amazon Resource Name (ARN) of the rule group.+--+-- You must specify the ARN or the name, and you can specify both.+deleteRuleGroup_ruleGroupArn :: Lens.Lens' DeleteRuleGroup (Prelude.Maybe Prelude.Text)+deleteRuleGroup_ruleGroupArn = Lens.lens (\DeleteRuleGroup' {ruleGroupArn} -> ruleGroupArn) (\s@DeleteRuleGroup' {} a -> s {ruleGroupArn = a} :: DeleteRuleGroup)++-- | The descriptive name of the rule group. You can\'t change the name of a+-- rule group after you create it.+--+-- You must specify the ARN or the name, and you can specify both.+deleteRuleGroup_ruleGroupName :: Lens.Lens' DeleteRuleGroup (Prelude.Maybe Prelude.Text)+deleteRuleGroup_ruleGroupName = Lens.lens (\DeleteRuleGroup' {ruleGroupName} -> ruleGroupName) (\s@DeleteRuleGroup' {} a -> s {ruleGroupName = a} :: DeleteRuleGroup)++-- | Indicates whether the rule group is stateless or stateful. If the rule+-- group is stateless, it contains stateless rules. If it is stateful, it+-- contains stateful rules.+--+-- This setting is required for requests that do not include the+-- @RuleGroupARN@.+deleteRuleGroup_type :: Lens.Lens' DeleteRuleGroup (Prelude.Maybe RuleGroupType)+deleteRuleGroup_type = Lens.lens (\DeleteRuleGroup' {type'} -> type') (\s@DeleteRuleGroup' {} a -> s {type' = a} :: DeleteRuleGroup)++instance Core.AWSRequest DeleteRuleGroup where+ type+ AWSResponse DeleteRuleGroup =+ DeleteRuleGroupResponse+ request overrides =+ Request.postJSON (overrides defaultService)+ response =+ Response.receiveJSON+ ( \s h x ->+ DeleteRuleGroupResponse'+ Prelude.<$> (Prelude.pure (Prelude.fromEnum s))+ Prelude.<*> (x Data..:> "RuleGroupResponse")+ )++instance Prelude.Hashable DeleteRuleGroup where+ hashWithSalt _salt DeleteRuleGroup' {..} =+ _salt+ `Prelude.hashWithSalt` ruleGroupArn+ `Prelude.hashWithSalt` ruleGroupName+ `Prelude.hashWithSalt` type'++instance Prelude.NFData DeleteRuleGroup where+ rnf DeleteRuleGroup' {..} =+ Prelude.rnf ruleGroupArn+ `Prelude.seq` Prelude.rnf ruleGroupName+ `Prelude.seq` Prelude.rnf type'++instance Data.ToHeaders DeleteRuleGroup where+ toHeaders =+ Prelude.const+ ( Prelude.mconcat+ [ "X-Amz-Target"+ Data.=# ( "NetworkFirewall_20201112.DeleteRuleGroup" ::+ Prelude.ByteString+ ),+ "Content-Type"+ Data.=# ( "application/x-amz-json-1.0" ::+ Prelude.ByteString+ )+ ]+ )++instance Data.ToJSON DeleteRuleGroup where+ toJSON DeleteRuleGroup' {..} =+ Data.object+ ( Prelude.catMaybes+ [ ("RuleGroupArn" Data..=) Prelude.<$> ruleGroupArn,+ ("RuleGroupName" Data..=) Prelude.<$> ruleGroupName,+ ("Type" Data..=) Prelude.<$> type'+ ]+ )++instance Data.ToPath DeleteRuleGroup where+ toPath = Prelude.const "/"++instance Data.ToQuery DeleteRuleGroup where+ toQuery = Prelude.const Prelude.mempty++-- | /See:/ 'newDeleteRuleGroupResponse' smart constructor.+data DeleteRuleGroupResponse = DeleteRuleGroupResponse'+ { -- | The response's http status code.+ httpStatus :: Prelude.Int,+ -- | The high-level properties of a rule group. This, along with the+ -- RuleGroup, define the rule group. You can retrieve all objects for a+ -- rule group by calling DescribeRuleGroup.+ ruleGroupResponse :: RuleGroupResponse+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'DeleteRuleGroupResponse' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'httpStatus', 'deleteRuleGroupResponse_httpStatus' - The response's http status code.+--+-- 'ruleGroupResponse', 'deleteRuleGroupResponse_ruleGroupResponse' - The high-level properties of a rule group. This, along with the+-- RuleGroup, define the rule group. You can retrieve all objects for a+-- rule group by calling DescribeRuleGroup.+newDeleteRuleGroupResponse ::+ -- | 'httpStatus'+ Prelude.Int ->+ -- | 'ruleGroupResponse'+ RuleGroupResponse ->+ DeleteRuleGroupResponse+newDeleteRuleGroupResponse+ pHttpStatus_+ pRuleGroupResponse_ =+ DeleteRuleGroupResponse'+ { httpStatus = pHttpStatus_,+ ruleGroupResponse = pRuleGroupResponse_+ }++-- | The response's http status code.+deleteRuleGroupResponse_httpStatus :: Lens.Lens' DeleteRuleGroupResponse Prelude.Int+deleteRuleGroupResponse_httpStatus = Lens.lens (\DeleteRuleGroupResponse' {httpStatus} -> httpStatus) (\s@DeleteRuleGroupResponse' {} a -> s {httpStatus = a} :: DeleteRuleGroupResponse)++-- | The high-level properties of a rule group. This, along with the+-- RuleGroup, define the rule group. You can retrieve all objects for a+-- rule group by calling DescribeRuleGroup.+deleteRuleGroupResponse_ruleGroupResponse :: Lens.Lens' DeleteRuleGroupResponse RuleGroupResponse+deleteRuleGroupResponse_ruleGroupResponse = Lens.lens (\DeleteRuleGroupResponse' {ruleGroupResponse} -> ruleGroupResponse) (\s@DeleteRuleGroupResponse' {} a -> s {ruleGroupResponse = a} :: DeleteRuleGroupResponse)++instance Prelude.NFData DeleteRuleGroupResponse where+ rnf DeleteRuleGroupResponse' {..} =+ Prelude.rnf httpStatus+ `Prelude.seq` Prelude.rnf ruleGroupResponse
+ gen/Amazonka/NetworkFirewall/DescribeFirewall.hs view
@@ -0,0 +1,283 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE TypeFamilies #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-binds #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.DescribeFirewall+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+--+-- Returns the data objects for the specified firewall.+module Amazonka.NetworkFirewall.DescribeFirewall+ ( -- * Creating a Request+ DescribeFirewall (..),+ newDescribeFirewall,++ -- * Request Lenses+ describeFirewall_firewallArn,+ describeFirewall_firewallName,++ -- * Destructuring the Response+ DescribeFirewallResponse (..),+ newDescribeFirewallResponse,++ -- * Response Lenses+ describeFirewallResponse_firewall,+ describeFirewallResponse_firewallStatus,+ describeFirewallResponse_updateToken,+ describeFirewallResponse_httpStatus,+ )+where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import Amazonka.NetworkFirewall.Types+import qualified Amazonka.Prelude as Prelude+import qualified Amazonka.Request as Request+import qualified Amazonka.Response as Response++-- | /See:/ 'newDescribeFirewall' smart constructor.+data DescribeFirewall = DescribeFirewall'+ { -- | The Amazon Resource Name (ARN) of the firewall.+ --+ -- You must specify the ARN or the name, and you can specify both.+ firewallArn :: Prelude.Maybe Prelude.Text,+ -- | The descriptive name of the firewall. You can\'t change the name of a+ -- firewall after you create it.+ --+ -- You must specify the ARN or the name, and you can specify both.+ firewallName :: Prelude.Maybe Prelude.Text+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'DescribeFirewall' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'firewallArn', 'describeFirewall_firewallArn' - The Amazon Resource Name (ARN) of the firewall.+--+-- You must specify the ARN or the name, and you can specify both.+--+-- 'firewallName', 'describeFirewall_firewallName' - The descriptive name of the firewall. You can\'t change the name of a+-- firewall after you create it.+--+-- You must specify the ARN or the name, and you can specify both.+newDescribeFirewall ::+ DescribeFirewall+newDescribeFirewall =+ DescribeFirewall'+ { firewallArn = Prelude.Nothing,+ firewallName = Prelude.Nothing+ }++-- | The Amazon Resource Name (ARN) of the firewall.+--+-- You must specify the ARN or the name, and you can specify both.+describeFirewall_firewallArn :: Lens.Lens' DescribeFirewall (Prelude.Maybe Prelude.Text)+describeFirewall_firewallArn = Lens.lens (\DescribeFirewall' {firewallArn} -> firewallArn) (\s@DescribeFirewall' {} a -> s {firewallArn = a} :: DescribeFirewall)++-- | The descriptive name of the firewall. You can\'t change the name of a+-- firewall after you create it.+--+-- You must specify the ARN or the name, and you can specify both.+describeFirewall_firewallName :: Lens.Lens' DescribeFirewall (Prelude.Maybe Prelude.Text)+describeFirewall_firewallName = Lens.lens (\DescribeFirewall' {firewallName} -> firewallName) (\s@DescribeFirewall' {} a -> s {firewallName = a} :: DescribeFirewall)++instance Core.AWSRequest DescribeFirewall where+ type+ AWSResponse DescribeFirewall =+ DescribeFirewallResponse+ request overrides =+ Request.postJSON (overrides defaultService)+ response =+ Response.receiveJSON+ ( \s h x ->+ DescribeFirewallResponse'+ Prelude.<$> (x Data..?> "Firewall")+ Prelude.<*> (x Data..?> "FirewallStatus")+ Prelude.<*> (x Data..?> "UpdateToken")+ Prelude.<*> (Prelude.pure (Prelude.fromEnum s))+ )++instance Prelude.Hashable DescribeFirewall where+ hashWithSalt _salt DescribeFirewall' {..} =+ _salt+ `Prelude.hashWithSalt` firewallArn+ `Prelude.hashWithSalt` firewallName++instance Prelude.NFData DescribeFirewall where+ rnf DescribeFirewall' {..} =+ Prelude.rnf firewallArn+ `Prelude.seq` Prelude.rnf firewallName++instance Data.ToHeaders DescribeFirewall where+ toHeaders =+ Prelude.const+ ( Prelude.mconcat+ [ "X-Amz-Target"+ Data.=# ( "NetworkFirewall_20201112.DescribeFirewall" ::+ Prelude.ByteString+ ),+ "Content-Type"+ Data.=# ( "application/x-amz-json-1.0" ::+ Prelude.ByteString+ )+ ]+ )++instance Data.ToJSON DescribeFirewall where+ toJSON DescribeFirewall' {..} =+ Data.object+ ( Prelude.catMaybes+ [ ("FirewallArn" Data..=) Prelude.<$> firewallArn,+ ("FirewallName" Data..=) Prelude.<$> firewallName+ ]+ )++instance Data.ToPath DescribeFirewall where+ toPath = Prelude.const "/"++instance Data.ToQuery DescribeFirewall where+ toQuery = Prelude.const Prelude.mempty++-- | /See:/ 'newDescribeFirewallResponse' smart constructor.+data DescribeFirewallResponse = DescribeFirewallResponse'+ { -- | The configuration settings for the firewall. These settings include the+ -- firewall policy and the subnets in your VPC to use for the firewall+ -- endpoints.+ firewall :: Prelude.Maybe Firewall,+ -- | Detailed information about the current status of a Firewall. You can+ -- retrieve this for a firewall by calling DescribeFirewall and providing+ -- the firewall name and ARN.+ firewallStatus :: Prelude.Maybe FirewallStatus,+ -- | An optional token that you can use for optimistic locking. Network+ -- Firewall returns a token to your requests that access the firewall. The+ -- token marks the state of the firewall resource at the time of the+ -- request.+ --+ -- To make an unconditional change to the firewall, omit the token in your+ -- update request. Without the token, Network Firewall performs your+ -- updates regardless of whether the firewall has changed since you last+ -- retrieved it.+ --+ -- To make a conditional change to the firewall, provide the token in your+ -- update request. Network Firewall uses the token to ensure that the+ -- firewall hasn\'t changed since you last retrieved it. If it has changed,+ -- the operation fails with an @InvalidTokenException@. If this happens,+ -- retrieve the firewall again to get a current copy of it with a new+ -- token. Reapply your changes as needed, then try the operation again+ -- using the new token.+ updateToken :: Prelude.Maybe Prelude.Text,+ -- | The response's http status code.+ httpStatus :: Prelude.Int+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'DescribeFirewallResponse' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'firewall', 'describeFirewallResponse_firewall' - The configuration settings for the firewall. These settings include the+-- firewall policy and the subnets in your VPC to use for the firewall+-- endpoints.+--+-- 'firewallStatus', 'describeFirewallResponse_firewallStatus' - Detailed information about the current status of a Firewall. You can+-- retrieve this for a firewall by calling DescribeFirewall and providing+-- the firewall name and ARN.+--+-- 'updateToken', 'describeFirewallResponse_updateToken' - An optional token that you can use for optimistic locking. Network+-- Firewall returns a token to your requests that access the firewall. The+-- token marks the state of the firewall resource at the time of the+-- request.+--+-- To make an unconditional change to the firewall, omit the token in your+-- update request. Without the token, Network Firewall performs your+-- updates regardless of whether the firewall has changed since you last+-- retrieved it.+--+-- To make a conditional change to the firewall, provide the token in your+-- update request. Network Firewall uses the token to ensure that the+-- firewall hasn\'t changed since you last retrieved it. If it has changed,+-- the operation fails with an @InvalidTokenException@. If this happens,+-- retrieve the firewall again to get a current copy of it with a new+-- token. Reapply your changes as needed, then try the operation again+-- using the new token.+--+-- 'httpStatus', 'describeFirewallResponse_httpStatus' - The response's http status code.+newDescribeFirewallResponse ::+ -- | 'httpStatus'+ Prelude.Int ->+ DescribeFirewallResponse+newDescribeFirewallResponse pHttpStatus_ =+ DescribeFirewallResponse'+ { firewall =+ Prelude.Nothing,+ firewallStatus = Prelude.Nothing,+ updateToken = Prelude.Nothing,+ httpStatus = pHttpStatus_+ }++-- | The configuration settings for the firewall. These settings include the+-- firewall policy and the subnets in your VPC to use for the firewall+-- endpoints.+describeFirewallResponse_firewall :: Lens.Lens' DescribeFirewallResponse (Prelude.Maybe Firewall)+describeFirewallResponse_firewall = Lens.lens (\DescribeFirewallResponse' {firewall} -> firewall) (\s@DescribeFirewallResponse' {} a -> s {firewall = a} :: DescribeFirewallResponse)++-- | Detailed information about the current status of a Firewall. You can+-- retrieve this for a firewall by calling DescribeFirewall and providing+-- the firewall name and ARN.+describeFirewallResponse_firewallStatus :: Lens.Lens' DescribeFirewallResponse (Prelude.Maybe FirewallStatus)+describeFirewallResponse_firewallStatus = Lens.lens (\DescribeFirewallResponse' {firewallStatus} -> firewallStatus) (\s@DescribeFirewallResponse' {} a -> s {firewallStatus = a} :: DescribeFirewallResponse)++-- | An optional token that you can use for optimistic locking. Network+-- Firewall returns a token to your requests that access the firewall. The+-- token marks the state of the firewall resource at the time of the+-- request.+--+-- To make an unconditional change to the firewall, omit the token in your+-- update request. Without the token, Network Firewall performs your+-- updates regardless of whether the firewall has changed since you last+-- retrieved it.+--+-- To make a conditional change to the firewall, provide the token in your+-- update request. Network Firewall uses the token to ensure that the+-- firewall hasn\'t changed since you last retrieved it. If it has changed,+-- the operation fails with an @InvalidTokenException@. If this happens,+-- retrieve the firewall again to get a current copy of it with a new+-- token. Reapply your changes as needed, then try the operation again+-- using the new token.+describeFirewallResponse_updateToken :: Lens.Lens' DescribeFirewallResponse (Prelude.Maybe Prelude.Text)+describeFirewallResponse_updateToken = Lens.lens (\DescribeFirewallResponse' {updateToken} -> updateToken) (\s@DescribeFirewallResponse' {} a -> s {updateToken = a} :: DescribeFirewallResponse)++-- | The response's http status code.+describeFirewallResponse_httpStatus :: Lens.Lens' DescribeFirewallResponse Prelude.Int+describeFirewallResponse_httpStatus = Lens.lens (\DescribeFirewallResponse' {httpStatus} -> httpStatus) (\s@DescribeFirewallResponse' {} a -> s {httpStatus = a} :: DescribeFirewallResponse)++instance Prelude.NFData DescribeFirewallResponse where+ rnf DescribeFirewallResponse' {..} =+ Prelude.rnf firewall+ `Prelude.seq` Prelude.rnf firewallStatus+ `Prelude.seq` Prelude.rnf updateToken+ `Prelude.seq` Prelude.rnf httpStatus
+ gen/Amazonka/NetworkFirewall/DescribeFirewallPolicy.hs view
@@ -0,0 +1,273 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE TypeFamilies #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-binds #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.DescribeFirewallPolicy+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+--+-- Returns the data objects for the specified firewall policy.+module Amazonka.NetworkFirewall.DescribeFirewallPolicy+ ( -- * Creating a Request+ DescribeFirewallPolicy (..),+ newDescribeFirewallPolicy,++ -- * Request Lenses+ describeFirewallPolicy_firewallPolicyArn,+ describeFirewallPolicy_firewallPolicyName,++ -- * Destructuring the Response+ DescribeFirewallPolicyResponse (..),+ newDescribeFirewallPolicyResponse,++ -- * Response Lenses+ describeFirewallPolicyResponse_firewallPolicy,+ describeFirewallPolicyResponse_httpStatus,+ describeFirewallPolicyResponse_updateToken,+ describeFirewallPolicyResponse_firewallPolicyResponse,+ )+where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import Amazonka.NetworkFirewall.Types+import qualified Amazonka.Prelude as Prelude+import qualified Amazonka.Request as Request+import qualified Amazonka.Response as Response++-- | /See:/ 'newDescribeFirewallPolicy' smart constructor.+data DescribeFirewallPolicy = DescribeFirewallPolicy'+ { -- | The Amazon Resource Name (ARN) of the firewall policy.+ --+ -- You must specify the ARN or the name, and you can specify both.+ firewallPolicyArn :: Prelude.Maybe Prelude.Text,+ -- | The descriptive name of the firewall policy. You can\'t change the name+ -- of a firewall policy after you create it.+ --+ -- You must specify the ARN or the name, and you can specify both.+ firewallPolicyName :: Prelude.Maybe Prelude.Text+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'DescribeFirewallPolicy' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'firewallPolicyArn', 'describeFirewallPolicy_firewallPolicyArn' - The Amazon Resource Name (ARN) of the firewall policy.+--+-- You must specify the ARN or the name, and you can specify both.+--+-- 'firewallPolicyName', 'describeFirewallPolicy_firewallPolicyName' - The descriptive name of the firewall policy. You can\'t change the name+-- of a firewall policy after you create it.+--+-- You must specify the ARN or the name, and you can specify both.+newDescribeFirewallPolicy ::+ DescribeFirewallPolicy+newDescribeFirewallPolicy =+ DescribeFirewallPolicy'+ { firewallPolicyArn =+ Prelude.Nothing,+ firewallPolicyName = Prelude.Nothing+ }++-- | The Amazon Resource Name (ARN) of the firewall policy.+--+-- You must specify the ARN or the name, and you can specify both.+describeFirewallPolicy_firewallPolicyArn :: Lens.Lens' DescribeFirewallPolicy (Prelude.Maybe Prelude.Text)+describeFirewallPolicy_firewallPolicyArn = Lens.lens (\DescribeFirewallPolicy' {firewallPolicyArn} -> firewallPolicyArn) (\s@DescribeFirewallPolicy' {} a -> s {firewallPolicyArn = a} :: DescribeFirewallPolicy)++-- | The descriptive name of the firewall policy. You can\'t change the name+-- of a firewall policy after you create it.+--+-- You must specify the ARN or the name, and you can specify both.+describeFirewallPolicy_firewallPolicyName :: Lens.Lens' DescribeFirewallPolicy (Prelude.Maybe Prelude.Text)+describeFirewallPolicy_firewallPolicyName = Lens.lens (\DescribeFirewallPolicy' {firewallPolicyName} -> firewallPolicyName) (\s@DescribeFirewallPolicy' {} a -> s {firewallPolicyName = a} :: DescribeFirewallPolicy)++instance Core.AWSRequest DescribeFirewallPolicy where+ type+ AWSResponse DescribeFirewallPolicy =+ DescribeFirewallPolicyResponse+ request overrides =+ Request.postJSON (overrides defaultService)+ response =+ Response.receiveJSON+ ( \s h x ->+ DescribeFirewallPolicyResponse'+ Prelude.<$> (x Data..?> "FirewallPolicy")+ Prelude.<*> (Prelude.pure (Prelude.fromEnum s))+ Prelude.<*> (x Data..:> "UpdateToken")+ Prelude.<*> (x Data..:> "FirewallPolicyResponse")+ )++instance Prelude.Hashable DescribeFirewallPolicy where+ hashWithSalt _salt DescribeFirewallPolicy' {..} =+ _salt+ `Prelude.hashWithSalt` firewallPolicyArn+ `Prelude.hashWithSalt` firewallPolicyName++instance Prelude.NFData DescribeFirewallPolicy where+ rnf DescribeFirewallPolicy' {..} =+ Prelude.rnf firewallPolicyArn+ `Prelude.seq` Prelude.rnf firewallPolicyName++instance Data.ToHeaders DescribeFirewallPolicy where+ toHeaders =+ Prelude.const+ ( Prelude.mconcat+ [ "X-Amz-Target"+ Data.=# ( "NetworkFirewall_20201112.DescribeFirewallPolicy" ::+ Prelude.ByteString+ ),+ "Content-Type"+ Data.=# ( "application/x-amz-json-1.0" ::+ Prelude.ByteString+ )+ ]+ )++instance Data.ToJSON DescribeFirewallPolicy where+ toJSON DescribeFirewallPolicy' {..} =+ Data.object+ ( Prelude.catMaybes+ [ ("FirewallPolicyArn" Data..=)+ Prelude.<$> firewallPolicyArn,+ ("FirewallPolicyName" Data..=)+ Prelude.<$> firewallPolicyName+ ]+ )++instance Data.ToPath DescribeFirewallPolicy where+ toPath = Prelude.const "/"++instance Data.ToQuery DescribeFirewallPolicy where+ toQuery = Prelude.const Prelude.mempty++-- | /See:/ 'newDescribeFirewallPolicyResponse' smart constructor.+data DescribeFirewallPolicyResponse = DescribeFirewallPolicyResponse'+ { -- | The policy for the specified firewall policy.+ firewallPolicy :: Prelude.Maybe FirewallPolicy,+ -- | The response's http status code.+ httpStatus :: Prelude.Int,+ -- | A token used for optimistic locking. Network Firewall returns a token to+ -- your requests that access the firewall policy. The token marks the state+ -- of the policy resource at the time of the request.+ --+ -- To make changes to the policy, you provide the token in your request.+ -- Network Firewall uses the token to ensure that the policy hasn\'t+ -- changed since you last retrieved it. If it has changed, the operation+ -- fails with an @InvalidTokenException@. If this happens, retrieve the+ -- firewall policy again to get a current copy of it with current token.+ -- Reapply your changes as needed, then try the operation again using the+ -- new token.+ updateToken :: Prelude.Text,+ -- | The high-level properties of a firewall policy. This, along with the+ -- FirewallPolicy, define the policy. You can retrieve all objects for a+ -- firewall policy by calling DescribeFirewallPolicy.+ firewallPolicyResponse :: FirewallPolicyResponse+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'DescribeFirewallPolicyResponse' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'firewallPolicy', 'describeFirewallPolicyResponse_firewallPolicy' - The policy for the specified firewall policy.+--+-- 'httpStatus', 'describeFirewallPolicyResponse_httpStatus' - The response's http status code.+--+-- 'updateToken', 'describeFirewallPolicyResponse_updateToken' - A token used for optimistic locking. Network Firewall returns a token to+-- your requests that access the firewall policy. The token marks the state+-- of the policy resource at the time of the request.+--+-- To make changes to the policy, you provide the token in your request.+-- Network Firewall uses the token to ensure that the policy hasn\'t+-- changed since you last retrieved it. If it has changed, the operation+-- fails with an @InvalidTokenException@. If this happens, retrieve the+-- firewall policy again to get a current copy of it with current token.+-- Reapply your changes as needed, then try the operation again using the+-- new token.+--+-- 'firewallPolicyResponse', 'describeFirewallPolicyResponse_firewallPolicyResponse' - The high-level properties of a firewall policy. This, along with the+-- FirewallPolicy, define the policy. You can retrieve all objects for a+-- firewall policy by calling DescribeFirewallPolicy.+newDescribeFirewallPolicyResponse ::+ -- | 'httpStatus'+ Prelude.Int ->+ -- | 'updateToken'+ Prelude.Text ->+ -- | 'firewallPolicyResponse'+ FirewallPolicyResponse ->+ DescribeFirewallPolicyResponse+newDescribeFirewallPolicyResponse+ pHttpStatus_+ pUpdateToken_+ pFirewallPolicyResponse_ =+ DescribeFirewallPolicyResponse'+ { firewallPolicy =+ Prelude.Nothing,+ httpStatus = pHttpStatus_,+ updateToken = pUpdateToken_,+ firewallPolicyResponse =+ pFirewallPolicyResponse_+ }++-- | The policy for the specified firewall policy.+describeFirewallPolicyResponse_firewallPolicy :: Lens.Lens' DescribeFirewallPolicyResponse (Prelude.Maybe FirewallPolicy)+describeFirewallPolicyResponse_firewallPolicy = Lens.lens (\DescribeFirewallPolicyResponse' {firewallPolicy} -> firewallPolicy) (\s@DescribeFirewallPolicyResponse' {} a -> s {firewallPolicy = a} :: DescribeFirewallPolicyResponse)++-- | The response's http status code.+describeFirewallPolicyResponse_httpStatus :: Lens.Lens' DescribeFirewallPolicyResponse Prelude.Int+describeFirewallPolicyResponse_httpStatus = Lens.lens (\DescribeFirewallPolicyResponse' {httpStatus} -> httpStatus) (\s@DescribeFirewallPolicyResponse' {} a -> s {httpStatus = a} :: DescribeFirewallPolicyResponse)++-- | A token used for optimistic locking. Network Firewall returns a token to+-- your requests that access the firewall policy. The token marks the state+-- of the policy resource at the time of the request.+--+-- To make changes to the policy, you provide the token in your request.+-- Network Firewall uses the token to ensure that the policy hasn\'t+-- changed since you last retrieved it. If it has changed, the operation+-- fails with an @InvalidTokenException@. If this happens, retrieve the+-- firewall policy again to get a current copy of it with current token.+-- Reapply your changes as needed, then try the operation again using the+-- new token.+describeFirewallPolicyResponse_updateToken :: Lens.Lens' DescribeFirewallPolicyResponse Prelude.Text+describeFirewallPolicyResponse_updateToken = Lens.lens (\DescribeFirewallPolicyResponse' {updateToken} -> updateToken) (\s@DescribeFirewallPolicyResponse' {} a -> s {updateToken = a} :: DescribeFirewallPolicyResponse)++-- | The high-level properties of a firewall policy. This, along with the+-- FirewallPolicy, define the policy. You can retrieve all objects for a+-- firewall policy by calling DescribeFirewallPolicy.+describeFirewallPolicyResponse_firewallPolicyResponse :: Lens.Lens' DescribeFirewallPolicyResponse FirewallPolicyResponse+describeFirewallPolicyResponse_firewallPolicyResponse = Lens.lens (\DescribeFirewallPolicyResponse' {firewallPolicyResponse} -> firewallPolicyResponse) (\s@DescribeFirewallPolicyResponse' {} a -> s {firewallPolicyResponse = a} :: DescribeFirewallPolicyResponse)++instance+ Prelude.NFData+ DescribeFirewallPolicyResponse+ where+ rnf DescribeFirewallPolicyResponse' {..} =+ Prelude.rnf firewallPolicy+ `Prelude.seq` Prelude.rnf httpStatus+ `Prelude.seq` Prelude.rnf updateToken+ `Prelude.seq` Prelude.rnf firewallPolicyResponse
+ gen/Amazonka/NetworkFirewall/DescribeLoggingConfiguration.hs view
@@ -0,0 +1,218 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE TypeFamilies #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-binds #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.DescribeLoggingConfiguration+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+--+-- Returns the logging configuration for the specified firewall.+module Amazonka.NetworkFirewall.DescribeLoggingConfiguration+ ( -- * Creating a Request+ DescribeLoggingConfiguration (..),+ newDescribeLoggingConfiguration,++ -- * Request Lenses+ describeLoggingConfiguration_firewallArn,+ describeLoggingConfiguration_firewallName,++ -- * Destructuring the Response+ DescribeLoggingConfigurationResponse (..),+ newDescribeLoggingConfigurationResponse,++ -- * Response Lenses+ describeLoggingConfigurationResponse_firewallArn,+ describeLoggingConfigurationResponse_loggingConfiguration,+ describeLoggingConfigurationResponse_httpStatus,+ )+where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import Amazonka.NetworkFirewall.Types+import qualified Amazonka.Prelude as Prelude+import qualified Amazonka.Request as Request+import qualified Amazonka.Response as Response++-- | /See:/ 'newDescribeLoggingConfiguration' smart constructor.+data DescribeLoggingConfiguration = DescribeLoggingConfiguration'+ { -- | The Amazon Resource Name (ARN) of the firewall.+ --+ -- You must specify the ARN or the name, and you can specify both.+ firewallArn :: Prelude.Maybe Prelude.Text,+ -- | The descriptive name of the firewall. You can\'t change the name of a+ -- firewall after you create it.+ --+ -- You must specify the ARN or the name, and you can specify both.+ firewallName :: Prelude.Maybe Prelude.Text+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'DescribeLoggingConfiguration' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'firewallArn', 'describeLoggingConfiguration_firewallArn' - The Amazon Resource Name (ARN) of the firewall.+--+-- You must specify the ARN or the name, and you can specify both.+--+-- 'firewallName', 'describeLoggingConfiguration_firewallName' - The descriptive name of the firewall. You can\'t change the name of a+-- firewall after you create it.+--+-- You must specify the ARN or the name, and you can specify both.+newDescribeLoggingConfiguration ::+ DescribeLoggingConfiguration+newDescribeLoggingConfiguration =+ DescribeLoggingConfiguration'+ { firewallArn =+ Prelude.Nothing,+ firewallName = Prelude.Nothing+ }++-- | The Amazon Resource Name (ARN) of the firewall.+--+-- You must specify the ARN or the name, and you can specify both.+describeLoggingConfiguration_firewallArn :: Lens.Lens' DescribeLoggingConfiguration (Prelude.Maybe Prelude.Text)+describeLoggingConfiguration_firewallArn = Lens.lens (\DescribeLoggingConfiguration' {firewallArn} -> firewallArn) (\s@DescribeLoggingConfiguration' {} a -> s {firewallArn = a} :: DescribeLoggingConfiguration)++-- | The descriptive name of the firewall. You can\'t change the name of a+-- firewall after you create it.+--+-- You must specify the ARN or the name, and you can specify both.+describeLoggingConfiguration_firewallName :: Lens.Lens' DescribeLoggingConfiguration (Prelude.Maybe Prelude.Text)+describeLoggingConfiguration_firewallName = Lens.lens (\DescribeLoggingConfiguration' {firewallName} -> firewallName) (\s@DescribeLoggingConfiguration' {} a -> s {firewallName = a} :: DescribeLoggingConfiguration)++instance Core.AWSRequest DescribeLoggingConfiguration where+ type+ AWSResponse DescribeLoggingConfiguration =+ DescribeLoggingConfigurationResponse+ request overrides =+ Request.postJSON (overrides defaultService)+ response =+ Response.receiveJSON+ ( \s h x ->+ DescribeLoggingConfigurationResponse'+ Prelude.<$> (x Data..?> "FirewallArn")+ Prelude.<*> (x Data..?> "LoggingConfiguration")+ Prelude.<*> (Prelude.pure (Prelude.fromEnum s))+ )++instance+ Prelude.Hashable+ DescribeLoggingConfiguration+ where+ hashWithSalt _salt DescribeLoggingConfiguration' {..} =+ _salt+ `Prelude.hashWithSalt` firewallArn+ `Prelude.hashWithSalt` firewallName++instance Prelude.NFData DescribeLoggingConfiguration where+ rnf DescribeLoggingConfiguration' {..} =+ Prelude.rnf firewallArn+ `Prelude.seq` Prelude.rnf firewallName++instance Data.ToHeaders DescribeLoggingConfiguration where+ toHeaders =+ Prelude.const+ ( Prelude.mconcat+ [ "X-Amz-Target"+ Data.=# ( "NetworkFirewall_20201112.DescribeLoggingConfiguration" ::+ Prelude.ByteString+ ),+ "Content-Type"+ Data.=# ( "application/x-amz-json-1.0" ::+ Prelude.ByteString+ )+ ]+ )++instance Data.ToJSON DescribeLoggingConfiguration where+ toJSON DescribeLoggingConfiguration' {..} =+ Data.object+ ( Prelude.catMaybes+ [ ("FirewallArn" Data..=) Prelude.<$> firewallArn,+ ("FirewallName" Data..=) Prelude.<$> firewallName+ ]+ )++instance Data.ToPath DescribeLoggingConfiguration where+ toPath = Prelude.const "/"++instance Data.ToQuery DescribeLoggingConfiguration where+ toQuery = Prelude.const Prelude.mempty++-- | /See:/ 'newDescribeLoggingConfigurationResponse' smart constructor.+data DescribeLoggingConfigurationResponse = DescribeLoggingConfigurationResponse'+ { -- | The Amazon Resource Name (ARN) of the firewall.+ firewallArn :: Prelude.Maybe Prelude.Text,+ loggingConfiguration :: Prelude.Maybe LoggingConfiguration,+ -- | The response's http status code.+ httpStatus :: Prelude.Int+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'DescribeLoggingConfigurationResponse' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'firewallArn', 'describeLoggingConfigurationResponse_firewallArn' - The Amazon Resource Name (ARN) of the firewall.+--+-- 'loggingConfiguration', 'describeLoggingConfigurationResponse_loggingConfiguration' - Undocumented member.+--+-- 'httpStatus', 'describeLoggingConfigurationResponse_httpStatus' - The response's http status code.+newDescribeLoggingConfigurationResponse ::+ -- | 'httpStatus'+ Prelude.Int ->+ DescribeLoggingConfigurationResponse+newDescribeLoggingConfigurationResponse pHttpStatus_ =+ DescribeLoggingConfigurationResponse'+ { firewallArn =+ Prelude.Nothing,+ loggingConfiguration =+ Prelude.Nothing,+ httpStatus = pHttpStatus_+ }++-- | The Amazon Resource Name (ARN) of the firewall.+describeLoggingConfigurationResponse_firewallArn :: Lens.Lens' DescribeLoggingConfigurationResponse (Prelude.Maybe Prelude.Text)+describeLoggingConfigurationResponse_firewallArn = Lens.lens (\DescribeLoggingConfigurationResponse' {firewallArn} -> firewallArn) (\s@DescribeLoggingConfigurationResponse' {} a -> s {firewallArn = a} :: DescribeLoggingConfigurationResponse)++-- | Undocumented member.+describeLoggingConfigurationResponse_loggingConfiguration :: Lens.Lens' DescribeLoggingConfigurationResponse (Prelude.Maybe LoggingConfiguration)+describeLoggingConfigurationResponse_loggingConfiguration = Lens.lens (\DescribeLoggingConfigurationResponse' {loggingConfiguration} -> loggingConfiguration) (\s@DescribeLoggingConfigurationResponse' {} a -> s {loggingConfiguration = a} :: DescribeLoggingConfigurationResponse)++-- | The response's http status code.+describeLoggingConfigurationResponse_httpStatus :: Lens.Lens' DescribeLoggingConfigurationResponse Prelude.Int+describeLoggingConfigurationResponse_httpStatus = Lens.lens (\DescribeLoggingConfigurationResponse' {httpStatus} -> httpStatus) (\s@DescribeLoggingConfigurationResponse' {} a -> s {httpStatus = a} :: DescribeLoggingConfigurationResponse)++instance+ Prelude.NFData+ DescribeLoggingConfigurationResponse+ where+ rnf DescribeLoggingConfigurationResponse' {..} =+ Prelude.rnf firewallArn+ `Prelude.seq` Prelude.rnf loggingConfiguration+ `Prelude.seq` Prelude.rnf httpStatus
+ gen/Amazonka/NetworkFirewall/DescribeResourcePolicy.hs view
@@ -0,0 +1,179 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE TypeFamilies #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-binds #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.DescribeResourcePolicy+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+--+-- Retrieves a resource policy that you created in a PutResourcePolicy+-- request.+module Amazonka.NetworkFirewall.DescribeResourcePolicy+ ( -- * Creating a Request+ DescribeResourcePolicy (..),+ newDescribeResourcePolicy,++ -- * Request Lenses+ describeResourcePolicy_resourceArn,++ -- * Destructuring the Response+ DescribeResourcePolicyResponse (..),+ newDescribeResourcePolicyResponse,++ -- * Response Lenses+ describeResourcePolicyResponse_policy,+ describeResourcePolicyResponse_httpStatus,+ )+where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import Amazonka.NetworkFirewall.Types+import qualified Amazonka.Prelude as Prelude+import qualified Amazonka.Request as Request+import qualified Amazonka.Response as Response++-- | /See:/ 'newDescribeResourcePolicy' smart constructor.+data DescribeResourcePolicy = DescribeResourcePolicy'+ { -- | The Amazon Resource Name (ARN) of the rule group or firewall policy+ -- whose resource policy you want to retrieve.+ resourceArn :: Prelude.Text+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'DescribeResourcePolicy' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'resourceArn', 'describeResourcePolicy_resourceArn' - The Amazon Resource Name (ARN) of the rule group or firewall policy+-- whose resource policy you want to retrieve.+newDescribeResourcePolicy ::+ -- | 'resourceArn'+ Prelude.Text ->+ DescribeResourcePolicy+newDescribeResourcePolicy pResourceArn_ =+ DescribeResourcePolicy'+ { resourceArn =+ pResourceArn_+ }++-- | The Amazon Resource Name (ARN) of the rule group or firewall policy+-- whose resource policy you want to retrieve.+describeResourcePolicy_resourceArn :: Lens.Lens' DescribeResourcePolicy Prelude.Text+describeResourcePolicy_resourceArn = Lens.lens (\DescribeResourcePolicy' {resourceArn} -> resourceArn) (\s@DescribeResourcePolicy' {} a -> s {resourceArn = a} :: DescribeResourcePolicy)++instance Core.AWSRequest DescribeResourcePolicy where+ type+ AWSResponse DescribeResourcePolicy =+ DescribeResourcePolicyResponse+ request overrides =+ Request.postJSON (overrides defaultService)+ response =+ Response.receiveJSON+ ( \s h x ->+ DescribeResourcePolicyResponse'+ Prelude.<$> (x Data..?> "Policy")+ Prelude.<*> (Prelude.pure (Prelude.fromEnum s))+ )++instance Prelude.Hashable DescribeResourcePolicy where+ hashWithSalt _salt DescribeResourcePolicy' {..} =+ _salt `Prelude.hashWithSalt` resourceArn++instance Prelude.NFData DescribeResourcePolicy where+ rnf DescribeResourcePolicy' {..} =+ Prelude.rnf resourceArn++instance Data.ToHeaders DescribeResourcePolicy where+ toHeaders =+ Prelude.const+ ( Prelude.mconcat+ [ "X-Amz-Target"+ Data.=# ( "NetworkFirewall_20201112.DescribeResourcePolicy" ::+ Prelude.ByteString+ ),+ "Content-Type"+ Data.=# ( "application/x-amz-json-1.0" ::+ Prelude.ByteString+ )+ ]+ )++instance Data.ToJSON DescribeResourcePolicy where+ toJSON DescribeResourcePolicy' {..} =+ Data.object+ ( Prelude.catMaybes+ [Prelude.Just ("ResourceArn" Data..= resourceArn)]+ )++instance Data.ToPath DescribeResourcePolicy where+ toPath = Prelude.const "/"++instance Data.ToQuery DescribeResourcePolicy where+ toQuery = Prelude.const Prelude.mempty++-- | /See:/ 'newDescribeResourcePolicyResponse' smart constructor.+data DescribeResourcePolicyResponse = DescribeResourcePolicyResponse'+ { -- | The IAM policy for the resource.+ policy :: Prelude.Maybe Prelude.Text,+ -- | The response's http status code.+ httpStatus :: Prelude.Int+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'DescribeResourcePolicyResponse' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'policy', 'describeResourcePolicyResponse_policy' - The IAM policy for the resource.+--+-- 'httpStatus', 'describeResourcePolicyResponse_httpStatus' - The response's http status code.+newDescribeResourcePolicyResponse ::+ -- | 'httpStatus'+ Prelude.Int ->+ DescribeResourcePolicyResponse+newDescribeResourcePolicyResponse pHttpStatus_ =+ DescribeResourcePolicyResponse'+ { policy =+ Prelude.Nothing,+ httpStatus = pHttpStatus_+ }++-- | The IAM policy for the resource.+describeResourcePolicyResponse_policy :: Lens.Lens' DescribeResourcePolicyResponse (Prelude.Maybe Prelude.Text)+describeResourcePolicyResponse_policy = Lens.lens (\DescribeResourcePolicyResponse' {policy} -> policy) (\s@DescribeResourcePolicyResponse' {} a -> s {policy = a} :: DescribeResourcePolicyResponse)++-- | The response's http status code.+describeResourcePolicyResponse_httpStatus :: Lens.Lens' DescribeResourcePolicyResponse Prelude.Int+describeResourcePolicyResponse_httpStatus = Lens.lens (\DescribeResourcePolicyResponse' {httpStatus} -> httpStatus) (\s@DescribeResourcePolicyResponse' {} a -> s {httpStatus = a} :: DescribeResourcePolicyResponse)++instance+ Prelude.NFData+ DescribeResourcePolicyResponse+ where+ rnf DescribeResourcePolicyResponse' {..} =+ Prelude.rnf policy+ `Prelude.seq` Prelude.rnf httpStatus
+ gen/Amazonka/NetworkFirewall/DescribeRuleGroup.hs view
@@ -0,0 +1,330 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE TypeFamilies #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-binds #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.DescribeRuleGroup+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+--+-- Returns the data objects for the specified rule group.+module Amazonka.NetworkFirewall.DescribeRuleGroup+ ( -- * Creating a Request+ DescribeRuleGroup (..),+ newDescribeRuleGroup,++ -- * Request Lenses+ describeRuleGroup_ruleGroupArn,+ describeRuleGroup_ruleGroupName,+ describeRuleGroup_type,++ -- * Destructuring the Response+ DescribeRuleGroupResponse (..),+ newDescribeRuleGroupResponse,++ -- * Response Lenses+ describeRuleGroupResponse_ruleGroup,+ describeRuleGroupResponse_httpStatus,+ describeRuleGroupResponse_updateToken,+ describeRuleGroupResponse_ruleGroupResponse,+ )+where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import Amazonka.NetworkFirewall.Types+import qualified Amazonka.Prelude as Prelude+import qualified Amazonka.Request as Request+import qualified Amazonka.Response as Response++-- | /See:/ 'newDescribeRuleGroup' smart constructor.+data DescribeRuleGroup = DescribeRuleGroup'+ { -- | The Amazon Resource Name (ARN) of the rule group.+ --+ -- You must specify the ARN or the name, and you can specify both.+ ruleGroupArn :: Prelude.Maybe Prelude.Text,+ -- | The descriptive name of the rule group. You can\'t change the name of a+ -- rule group after you create it.+ --+ -- You must specify the ARN or the name, and you can specify both.+ ruleGroupName :: Prelude.Maybe Prelude.Text,+ -- | Indicates whether the rule group is stateless or stateful. If the rule+ -- group is stateless, it contains stateless rules. If it is stateful, it+ -- contains stateful rules.+ --+ -- This setting is required for requests that do not include the+ -- @RuleGroupARN@.+ type' :: Prelude.Maybe RuleGroupType+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'DescribeRuleGroup' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'ruleGroupArn', 'describeRuleGroup_ruleGroupArn' - The Amazon Resource Name (ARN) of the rule group.+--+-- You must specify the ARN or the name, and you can specify both.+--+-- 'ruleGroupName', 'describeRuleGroup_ruleGroupName' - The descriptive name of the rule group. You can\'t change the name of a+-- rule group after you create it.+--+-- You must specify the ARN or the name, and you can specify both.+--+-- 'type'', 'describeRuleGroup_type' - Indicates whether the rule group is stateless or stateful. If the rule+-- group is stateless, it contains stateless rules. If it is stateful, it+-- contains stateful rules.+--+-- This setting is required for requests that do not include the+-- @RuleGroupARN@.+newDescribeRuleGroup ::+ DescribeRuleGroup+newDescribeRuleGroup =+ DescribeRuleGroup'+ { ruleGroupArn = Prelude.Nothing,+ ruleGroupName = Prelude.Nothing,+ type' = Prelude.Nothing+ }++-- | The Amazon Resource Name (ARN) of the rule group.+--+-- You must specify the ARN or the name, and you can specify both.+describeRuleGroup_ruleGroupArn :: Lens.Lens' DescribeRuleGroup (Prelude.Maybe Prelude.Text)+describeRuleGroup_ruleGroupArn = Lens.lens (\DescribeRuleGroup' {ruleGroupArn} -> ruleGroupArn) (\s@DescribeRuleGroup' {} a -> s {ruleGroupArn = a} :: DescribeRuleGroup)++-- | The descriptive name of the rule group. You can\'t change the name of a+-- rule group after you create it.+--+-- You must specify the ARN or the name, and you can specify both.+describeRuleGroup_ruleGroupName :: Lens.Lens' DescribeRuleGroup (Prelude.Maybe Prelude.Text)+describeRuleGroup_ruleGroupName = Lens.lens (\DescribeRuleGroup' {ruleGroupName} -> ruleGroupName) (\s@DescribeRuleGroup' {} a -> s {ruleGroupName = a} :: DescribeRuleGroup)++-- | Indicates whether the rule group is stateless or stateful. If the rule+-- group is stateless, it contains stateless rules. If it is stateful, it+-- contains stateful rules.+--+-- This setting is required for requests that do not include the+-- @RuleGroupARN@.+describeRuleGroup_type :: Lens.Lens' DescribeRuleGroup (Prelude.Maybe RuleGroupType)+describeRuleGroup_type = Lens.lens (\DescribeRuleGroup' {type'} -> type') (\s@DescribeRuleGroup' {} a -> s {type' = a} :: DescribeRuleGroup)++instance Core.AWSRequest DescribeRuleGroup where+ type+ AWSResponse DescribeRuleGroup =+ DescribeRuleGroupResponse+ request overrides =+ Request.postJSON (overrides defaultService)+ response =+ Response.receiveJSON+ ( \s h x ->+ DescribeRuleGroupResponse'+ Prelude.<$> (x Data..?> "RuleGroup")+ Prelude.<*> (Prelude.pure (Prelude.fromEnum s))+ Prelude.<*> (x Data..:> "UpdateToken")+ Prelude.<*> (x Data..:> "RuleGroupResponse")+ )++instance Prelude.Hashable DescribeRuleGroup where+ hashWithSalt _salt DescribeRuleGroup' {..} =+ _salt+ `Prelude.hashWithSalt` ruleGroupArn+ `Prelude.hashWithSalt` ruleGroupName+ `Prelude.hashWithSalt` type'++instance Prelude.NFData DescribeRuleGroup where+ rnf DescribeRuleGroup' {..} =+ Prelude.rnf ruleGroupArn+ `Prelude.seq` Prelude.rnf ruleGroupName+ `Prelude.seq` Prelude.rnf type'++instance Data.ToHeaders DescribeRuleGroup where+ toHeaders =+ Prelude.const+ ( Prelude.mconcat+ [ "X-Amz-Target"+ Data.=# ( "NetworkFirewall_20201112.DescribeRuleGroup" ::+ Prelude.ByteString+ ),+ "Content-Type"+ Data.=# ( "application/x-amz-json-1.0" ::+ Prelude.ByteString+ )+ ]+ )++instance Data.ToJSON DescribeRuleGroup where+ toJSON DescribeRuleGroup' {..} =+ Data.object+ ( Prelude.catMaybes+ [ ("RuleGroupArn" Data..=) Prelude.<$> ruleGroupArn,+ ("RuleGroupName" Data..=) Prelude.<$> ruleGroupName,+ ("Type" Data..=) Prelude.<$> type'+ ]+ )++instance Data.ToPath DescribeRuleGroup where+ toPath = Prelude.const "/"++instance Data.ToQuery DescribeRuleGroup where+ toQuery = Prelude.const Prelude.mempty++-- | /See:/ 'newDescribeRuleGroupResponse' smart constructor.+data DescribeRuleGroupResponse = DescribeRuleGroupResponse'+ { -- | The object that defines the rules in a rule group. This, along with+ -- RuleGroupResponse, define the rule group. You can retrieve all objects+ -- for a rule group by calling DescribeRuleGroup.+ --+ -- Network Firewall uses a rule group to inspect and control network+ -- traffic. You define stateless rule groups to inspect individual packets+ -- and you define stateful rule groups to inspect packets in the context of+ -- their traffic flow.+ --+ -- To use a rule group, you include it by reference in an Network Firewall+ -- firewall policy, then you use the policy in a firewall. You can+ -- reference a rule group from more than one firewall policy, and you can+ -- use a firewall policy in more than one firewall.+ ruleGroup :: Prelude.Maybe RuleGroup,+ -- | The response's http status code.+ httpStatus :: Prelude.Int,+ -- | A token used for optimistic locking. Network Firewall returns a token to+ -- your requests that access the rule group. The token marks the state of+ -- the rule group resource at the time of the request.+ --+ -- To make changes to the rule group, you provide the token in your+ -- request. Network Firewall uses the token to ensure that the rule group+ -- hasn\'t changed since you last retrieved it. If it has changed, the+ -- operation fails with an @InvalidTokenException@. If this happens,+ -- retrieve the rule group again to get a current copy of it with a current+ -- token. Reapply your changes as needed, then try the operation again+ -- using the new token.+ updateToken :: Prelude.Text,+ -- | The high-level properties of a rule group. This, along with the+ -- RuleGroup, define the rule group. You can retrieve all objects for a+ -- rule group by calling DescribeRuleGroup.+ ruleGroupResponse :: RuleGroupResponse+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'DescribeRuleGroupResponse' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'ruleGroup', 'describeRuleGroupResponse_ruleGroup' - The object that defines the rules in a rule group. This, along with+-- RuleGroupResponse, define the rule group. You can retrieve all objects+-- for a rule group by calling DescribeRuleGroup.+--+-- Network Firewall uses a rule group to inspect and control network+-- traffic. You define stateless rule groups to inspect individual packets+-- and you define stateful rule groups to inspect packets in the context of+-- their traffic flow.+--+-- To use a rule group, you include it by reference in an Network Firewall+-- firewall policy, then you use the policy in a firewall. You can+-- reference a rule group from more than one firewall policy, and you can+-- use a firewall policy in more than one firewall.+--+-- 'httpStatus', 'describeRuleGroupResponse_httpStatus' - The response's http status code.+--+-- 'updateToken', 'describeRuleGroupResponse_updateToken' - A token used for optimistic locking. Network Firewall returns a token to+-- your requests that access the rule group. The token marks the state of+-- the rule group resource at the time of the request.+--+-- To make changes to the rule group, you provide the token in your+-- request. Network Firewall uses the token to ensure that the rule group+-- hasn\'t changed since you last retrieved it. If it has changed, the+-- operation fails with an @InvalidTokenException@. If this happens,+-- retrieve the rule group again to get a current copy of it with a current+-- token. Reapply your changes as needed, then try the operation again+-- using the new token.+--+-- 'ruleGroupResponse', 'describeRuleGroupResponse_ruleGroupResponse' - The high-level properties of a rule group. This, along with the+-- RuleGroup, define the rule group. You can retrieve all objects for a+-- rule group by calling DescribeRuleGroup.+newDescribeRuleGroupResponse ::+ -- | 'httpStatus'+ Prelude.Int ->+ -- | 'updateToken'+ Prelude.Text ->+ -- | 'ruleGroupResponse'+ RuleGroupResponse ->+ DescribeRuleGroupResponse+newDescribeRuleGroupResponse+ pHttpStatus_+ pUpdateToken_+ pRuleGroupResponse_ =+ DescribeRuleGroupResponse'+ { ruleGroup =+ Prelude.Nothing,+ httpStatus = pHttpStatus_,+ updateToken = pUpdateToken_,+ ruleGroupResponse = pRuleGroupResponse_+ }++-- | The object that defines the rules in a rule group. This, along with+-- RuleGroupResponse, define the rule group. You can retrieve all objects+-- for a rule group by calling DescribeRuleGroup.+--+-- Network Firewall uses a rule group to inspect and control network+-- traffic. You define stateless rule groups to inspect individual packets+-- and you define stateful rule groups to inspect packets in the context of+-- their traffic flow.+--+-- To use a rule group, you include it by reference in an Network Firewall+-- firewall policy, then you use the policy in a firewall. You can+-- reference a rule group from more than one firewall policy, and you can+-- use a firewall policy in more than one firewall.+describeRuleGroupResponse_ruleGroup :: Lens.Lens' DescribeRuleGroupResponse (Prelude.Maybe RuleGroup)+describeRuleGroupResponse_ruleGroup = Lens.lens (\DescribeRuleGroupResponse' {ruleGroup} -> ruleGroup) (\s@DescribeRuleGroupResponse' {} a -> s {ruleGroup = a} :: DescribeRuleGroupResponse)++-- | The response's http status code.+describeRuleGroupResponse_httpStatus :: Lens.Lens' DescribeRuleGroupResponse Prelude.Int+describeRuleGroupResponse_httpStatus = Lens.lens (\DescribeRuleGroupResponse' {httpStatus} -> httpStatus) (\s@DescribeRuleGroupResponse' {} a -> s {httpStatus = a} :: DescribeRuleGroupResponse)++-- | A token used for optimistic locking. Network Firewall returns a token to+-- your requests that access the rule group. The token marks the state of+-- the rule group resource at the time of the request.+--+-- To make changes to the rule group, you provide the token in your+-- request. Network Firewall uses the token to ensure that the rule group+-- hasn\'t changed since you last retrieved it. If it has changed, the+-- operation fails with an @InvalidTokenException@. If this happens,+-- retrieve the rule group again to get a current copy of it with a current+-- token. Reapply your changes as needed, then try the operation again+-- using the new token.+describeRuleGroupResponse_updateToken :: Lens.Lens' DescribeRuleGroupResponse Prelude.Text+describeRuleGroupResponse_updateToken = Lens.lens (\DescribeRuleGroupResponse' {updateToken} -> updateToken) (\s@DescribeRuleGroupResponse' {} a -> s {updateToken = a} :: DescribeRuleGroupResponse)++-- | The high-level properties of a rule group. This, along with the+-- RuleGroup, define the rule group. You can retrieve all objects for a+-- rule group by calling DescribeRuleGroup.+describeRuleGroupResponse_ruleGroupResponse :: Lens.Lens' DescribeRuleGroupResponse RuleGroupResponse+describeRuleGroupResponse_ruleGroupResponse = Lens.lens (\DescribeRuleGroupResponse' {ruleGroupResponse} -> ruleGroupResponse) (\s@DescribeRuleGroupResponse' {} a -> s {ruleGroupResponse = a} :: DescribeRuleGroupResponse)++instance Prelude.NFData DescribeRuleGroupResponse where+ rnf DescribeRuleGroupResponse' {..} =+ Prelude.rnf ruleGroup+ `Prelude.seq` Prelude.rnf httpStatus+ `Prelude.seq` Prelude.rnf updateToken+ `Prelude.seq` Prelude.rnf ruleGroupResponse
+ gen/Amazonka/NetworkFirewall/DescribeRuleGroupMetadata.hs view
@@ -0,0 +1,372 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE TypeFamilies #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-binds #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.DescribeRuleGroupMetadata+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+--+-- High-level information about a rule group, returned by operations like+-- create and describe. You can use the information provided in the+-- metadata to retrieve and manage a rule group. You can retrieve all+-- objects for a rule group by calling DescribeRuleGroup.+module Amazonka.NetworkFirewall.DescribeRuleGroupMetadata+ ( -- * Creating a Request+ DescribeRuleGroupMetadata (..),+ newDescribeRuleGroupMetadata,++ -- * Request Lenses+ describeRuleGroupMetadata_ruleGroupArn,+ describeRuleGroupMetadata_ruleGroupName,+ describeRuleGroupMetadata_type,++ -- * Destructuring the Response+ DescribeRuleGroupMetadataResponse (..),+ newDescribeRuleGroupMetadataResponse,++ -- * Response Lenses+ describeRuleGroupMetadataResponse_capacity,+ describeRuleGroupMetadataResponse_description,+ describeRuleGroupMetadataResponse_lastModifiedTime,+ describeRuleGroupMetadataResponse_statefulRuleOptions,+ describeRuleGroupMetadataResponse_type,+ describeRuleGroupMetadataResponse_httpStatus,+ describeRuleGroupMetadataResponse_ruleGroupArn,+ describeRuleGroupMetadataResponse_ruleGroupName,+ )+where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import Amazonka.NetworkFirewall.Types+import qualified Amazonka.Prelude as Prelude+import qualified Amazonka.Request as Request+import qualified Amazonka.Response as Response++-- | /See:/ 'newDescribeRuleGroupMetadata' smart constructor.+data DescribeRuleGroupMetadata = DescribeRuleGroupMetadata'+ { -- | The descriptive name of the rule group. You can\'t change the name of a+ -- rule group after you create it.+ --+ -- You must specify the ARN or the name, and you can specify both.+ ruleGroupArn :: Prelude.Maybe Prelude.Text,+ -- | The descriptive name of the rule group. You can\'t change the name of a+ -- rule group after you create it.+ --+ -- You must specify the ARN or the name, and you can specify both.+ ruleGroupName :: Prelude.Maybe Prelude.Text,+ -- | Indicates whether the rule group is stateless or stateful. If the rule+ -- group is stateless, it contains stateless rules. If it is stateful, it+ -- contains stateful rules.+ --+ -- This setting is required for requests that do not include the+ -- @RuleGroupARN@.+ type' :: Prelude.Maybe RuleGroupType+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'DescribeRuleGroupMetadata' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'ruleGroupArn', 'describeRuleGroupMetadata_ruleGroupArn' - The descriptive name of the rule group. You can\'t change the name of a+-- rule group after you create it.+--+-- You must specify the ARN or the name, and you can specify both.+--+-- 'ruleGroupName', 'describeRuleGroupMetadata_ruleGroupName' - The descriptive name of the rule group. You can\'t change the name of a+-- rule group after you create it.+--+-- You must specify the ARN or the name, and you can specify both.+--+-- 'type'', 'describeRuleGroupMetadata_type' - Indicates whether the rule group is stateless or stateful. If the rule+-- group is stateless, it contains stateless rules. If it is stateful, it+-- contains stateful rules.+--+-- This setting is required for requests that do not include the+-- @RuleGroupARN@.+newDescribeRuleGroupMetadata ::+ DescribeRuleGroupMetadata+newDescribeRuleGroupMetadata =+ DescribeRuleGroupMetadata'+ { ruleGroupArn =+ Prelude.Nothing,+ ruleGroupName = Prelude.Nothing,+ type' = Prelude.Nothing+ }++-- | The descriptive name of the rule group. You can\'t change the name of a+-- rule group after you create it.+--+-- You must specify the ARN or the name, and you can specify both.+describeRuleGroupMetadata_ruleGroupArn :: Lens.Lens' DescribeRuleGroupMetadata (Prelude.Maybe Prelude.Text)+describeRuleGroupMetadata_ruleGroupArn = Lens.lens (\DescribeRuleGroupMetadata' {ruleGroupArn} -> ruleGroupArn) (\s@DescribeRuleGroupMetadata' {} a -> s {ruleGroupArn = a} :: DescribeRuleGroupMetadata)++-- | The descriptive name of the rule group. You can\'t change the name of a+-- rule group after you create it.+--+-- You must specify the ARN or the name, and you can specify both.+describeRuleGroupMetadata_ruleGroupName :: Lens.Lens' DescribeRuleGroupMetadata (Prelude.Maybe Prelude.Text)+describeRuleGroupMetadata_ruleGroupName = Lens.lens (\DescribeRuleGroupMetadata' {ruleGroupName} -> ruleGroupName) (\s@DescribeRuleGroupMetadata' {} a -> s {ruleGroupName = a} :: DescribeRuleGroupMetadata)++-- | Indicates whether the rule group is stateless or stateful. If the rule+-- group is stateless, it contains stateless rules. If it is stateful, it+-- contains stateful rules.+--+-- This setting is required for requests that do not include the+-- @RuleGroupARN@.+describeRuleGroupMetadata_type :: Lens.Lens' DescribeRuleGroupMetadata (Prelude.Maybe RuleGroupType)+describeRuleGroupMetadata_type = Lens.lens (\DescribeRuleGroupMetadata' {type'} -> type') (\s@DescribeRuleGroupMetadata' {} a -> s {type' = a} :: DescribeRuleGroupMetadata)++instance Core.AWSRequest DescribeRuleGroupMetadata where+ type+ AWSResponse DescribeRuleGroupMetadata =+ DescribeRuleGroupMetadataResponse+ request overrides =+ Request.postJSON (overrides defaultService)+ response =+ Response.receiveJSON+ ( \s h x ->+ DescribeRuleGroupMetadataResponse'+ Prelude.<$> (x Data..?> "Capacity")+ Prelude.<*> (x Data..?> "Description")+ Prelude.<*> (x Data..?> "LastModifiedTime")+ Prelude.<*> (x Data..?> "StatefulRuleOptions")+ Prelude.<*> (x Data..?> "Type")+ Prelude.<*> (Prelude.pure (Prelude.fromEnum s))+ Prelude.<*> (x Data..:> "RuleGroupArn")+ Prelude.<*> (x Data..:> "RuleGroupName")+ )++instance Prelude.Hashable DescribeRuleGroupMetadata where+ hashWithSalt _salt DescribeRuleGroupMetadata' {..} =+ _salt+ `Prelude.hashWithSalt` ruleGroupArn+ `Prelude.hashWithSalt` ruleGroupName+ `Prelude.hashWithSalt` type'++instance Prelude.NFData DescribeRuleGroupMetadata where+ rnf DescribeRuleGroupMetadata' {..} =+ Prelude.rnf ruleGroupArn+ `Prelude.seq` Prelude.rnf ruleGroupName+ `Prelude.seq` Prelude.rnf type'++instance Data.ToHeaders DescribeRuleGroupMetadata where+ toHeaders =+ Prelude.const+ ( Prelude.mconcat+ [ "X-Amz-Target"+ Data.=# ( "NetworkFirewall_20201112.DescribeRuleGroupMetadata" ::+ Prelude.ByteString+ ),+ "Content-Type"+ Data.=# ( "application/x-amz-json-1.0" ::+ Prelude.ByteString+ )+ ]+ )++instance Data.ToJSON DescribeRuleGroupMetadata where+ toJSON DescribeRuleGroupMetadata' {..} =+ Data.object+ ( Prelude.catMaybes+ [ ("RuleGroupArn" Data..=) Prelude.<$> ruleGroupArn,+ ("RuleGroupName" Data..=) Prelude.<$> ruleGroupName,+ ("Type" Data..=) Prelude.<$> type'+ ]+ )++instance Data.ToPath DescribeRuleGroupMetadata where+ toPath = Prelude.const "/"++instance Data.ToQuery DescribeRuleGroupMetadata where+ toQuery = Prelude.const Prelude.mempty++-- | /See:/ 'newDescribeRuleGroupMetadataResponse' smart constructor.+data DescribeRuleGroupMetadataResponse = DescribeRuleGroupMetadataResponse'+ { -- | The maximum operating resources that this rule group can use. Rule group+ -- capacity is fixed at creation. When you update a rule group, you are+ -- limited to this capacity. When you reference a rule group from a+ -- firewall policy, Network Firewall reserves this capacity for the rule+ -- group.+ --+ -- You can retrieve the capacity that would be required for a rule group+ -- before you create the rule group by calling CreateRuleGroup with+ -- @DryRun@ set to @TRUE@.+ capacity :: Prelude.Maybe Prelude.Int,+ -- | Returns the metadata objects for the specified rule group.+ description :: Prelude.Maybe Prelude.Text,+ -- | The last time that the rule group was changed.+ lastModifiedTime :: Prelude.Maybe Data.POSIX,+ statefulRuleOptions :: Prelude.Maybe StatefulRuleOptions,+ -- | Indicates whether the rule group is stateless or stateful. If the rule+ -- group is stateless, it contains stateless rules. If it is stateful, it+ -- contains stateful rules.+ --+ -- This setting is required for requests that do not include the+ -- @RuleGroupARN@.+ type' :: Prelude.Maybe RuleGroupType,+ -- | The response's http status code.+ httpStatus :: Prelude.Int,+ -- | The descriptive name of the rule group. You can\'t change the name of a+ -- rule group after you create it.+ --+ -- You must specify the ARN or the name, and you can specify both.+ ruleGroupArn :: Prelude.Text,+ -- | The descriptive name of the rule group. You can\'t change the name of a+ -- rule group after you create it.+ --+ -- You must specify the ARN or the name, and you can specify both.+ ruleGroupName :: Prelude.Text+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'DescribeRuleGroupMetadataResponse' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'capacity', 'describeRuleGroupMetadataResponse_capacity' - The maximum operating resources that this rule group can use. Rule group+-- capacity is fixed at creation. When you update a rule group, you are+-- limited to this capacity. When you reference a rule group from a+-- firewall policy, Network Firewall reserves this capacity for the rule+-- group.+--+-- You can retrieve the capacity that would be required for a rule group+-- before you create the rule group by calling CreateRuleGroup with+-- @DryRun@ set to @TRUE@.+--+-- 'description', 'describeRuleGroupMetadataResponse_description' - Returns the metadata objects for the specified rule group.+--+-- 'lastModifiedTime', 'describeRuleGroupMetadataResponse_lastModifiedTime' - The last time that the rule group was changed.+--+-- 'statefulRuleOptions', 'describeRuleGroupMetadataResponse_statefulRuleOptions' - Undocumented member.+--+-- 'type'', 'describeRuleGroupMetadataResponse_type' - Indicates whether the rule group is stateless or stateful. If the rule+-- group is stateless, it contains stateless rules. If it is stateful, it+-- contains stateful rules.+--+-- This setting is required for requests that do not include the+-- @RuleGroupARN@.+--+-- 'httpStatus', 'describeRuleGroupMetadataResponse_httpStatus' - The response's http status code.+--+-- 'ruleGroupArn', 'describeRuleGroupMetadataResponse_ruleGroupArn' - The descriptive name of the rule group. You can\'t change the name of a+-- rule group after you create it.+--+-- You must specify the ARN or the name, and you can specify both.+--+-- 'ruleGroupName', 'describeRuleGroupMetadataResponse_ruleGroupName' - The descriptive name of the rule group. You can\'t change the name of a+-- rule group after you create it.+--+-- You must specify the ARN or the name, and you can specify both.+newDescribeRuleGroupMetadataResponse ::+ -- | 'httpStatus'+ Prelude.Int ->+ -- | 'ruleGroupArn'+ Prelude.Text ->+ -- | 'ruleGroupName'+ Prelude.Text ->+ DescribeRuleGroupMetadataResponse+newDescribeRuleGroupMetadataResponse+ pHttpStatus_+ pRuleGroupArn_+ pRuleGroupName_ =+ DescribeRuleGroupMetadataResponse'+ { capacity =+ Prelude.Nothing,+ description = Prelude.Nothing,+ lastModifiedTime = Prelude.Nothing,+ statefulRuleOptions = Prelude.Nothing,+ type' = Prelude.Nothing,+ httpStatus = pHttpStatus_,+ ruleGroupArn = pRuleGroupArn_,+ ruleGroupName = pRuleGroupName_+ }++-- | The maximum operating resources that this rule group can use. Rule group+-- capacity is fixed at creation. When you update a rule group, you are+-- limited to this capacity. When you reference a rule group from a+-- firewall policy, Network Firewall reserves this capacity for the rule+-- group.+--+-- You can retrieve the capacity that would be required for a rule group+-- before you create the rule group by calling CreateRuleGroup with+-- @DryRun@ set to @TRUE@.+describeRuleGroupMetadataResponse_capacity :: Lens.Lens' DescribeRuleGroupMetadataResponse (Prelude.Maybe Prelude.Int)+describeRuleGroupMetadataResponse_capacity = Lens.lens (\DescribeRuleGroupMetadataResponse' {capacity} -> capacity) (\s@DescribeRuleGroupMetadataResponse' {} a -> s {capacity = a} :: DescribeRuleGroupMetadataResponse)++-- | Returns the metadata objects for the specified rule group.+describeRuleGroupMetadataResponse_description :: Lens.Lens' DescribeRuleGroupMetadataResponse (Prelude.Maybe Prelude.Text)+describeRuleGroupMetadataResponse_description = Lens.lens (\DescribeRuleGroupMetadataResponse' {description} -> description) (\s@DescribeRuleGroupMetadataResponse' {} a -> s {description = a} :: DescribeRuleGroupMetadataResponse)++-- | The last time that the rule group was changed.+describeRuleGroupMetadataResponse_lastModifiedTime :: Lens.Lens' DescribeRuleGroupMetadataResponse (Prelude.Maybe Prelude.UTCTime)+describeRuleGroupMetadataResponse_lastModifiedTime = Lens.lens (\DescribeRuleGroupMetadataResponse' {lastModifiedTime} -> lastModifiedTime) (\s@DescribeRuleGroupMetadataResponse' {} a -> s {lastModifiedTime = a} :: DescribeRuleGroupMetadataResponse) Prelude.. Lens.mapping Data._Time++-- | Undocumented member.+describeRuleGroupMetadataResponse_statefulRuleOptions :: Lens.Lens' DescribeRuleGroupMetadataResponse (Prelude.Maybe StatefulRuleOptions)+describeRuleGroupMetadataResponse_statefulRuleOptions = Lens.lens (\DescribeRuleGroupMetadataResponse' {statefulRuleOptions} -> statefulRuleOptions) (\s@DescribeRuleGroupMetadataResponse' {} a -> s {statefulRuleOptions = a} :: DescribeRuleGroupMetadataResponse)++-- | Indicates whether the rule group is stateless or stateful. If the rule+-- group is stateless, it contains stateless rules. If it is stateful, it+-- contains stateful rules.+--+-- This setting is required for requests that do not include the+-- @RuleGroupARN@.+describeRuleGroupMetadataResponse_type :: Lens.Lens' DescribeRuleGroupMetadataResponse (Prelude.Maybe RuleGroupType)+describeRuleGroupMetadataResponse_type = Lens.lens (\DescribeRuleGroupMetadataResponse' {type'} -> type') (\s@DescribeRuleGroupMetadataResponse' {} a -> s {type' = a} :: DescribeRuleGroupMetadataResponse)++-- | The response's http status code.+describeRuleGroupMetadataResponse_httpStatus :: Lens.Lens' DescribeRuleGroupMetadataResponse Prelude.Int+describeRuleGroupMetadataResponse_httpStatus = Lens.lens (\DescribeRuleGroupMetadataResponse' {httpStatus} -> httpStatus) (\s@DescribeRuleGroupMetadataResponse' {} a -> s {httpStatus = a} :: DescribeRuleGroupMetadataResponse)++-- | The descriptive name of the rule group. You can\'t change the name of a+-- rule group after you create it.+--+-- You must specify the ARN or the name, and you can specify both.+describeRuleGroupMetadataResponse_ruleGroupArn :: Lens.Lens' DescribeRuleGroupMetadataResponse Prelude.Text+describeRuleGroupMetadataResponse_ruleGroupArn = Lens.lens (\DescribeRuleGroupMetadataResponse' {ruleGroupArn} -> ruleGroupArn) (\s@DescribeRuleGroupMetadataResponse' {} a -> s {ruleGroupArn = a} :: DescribeRuleGroupMetadataResponse)++-- | The descriptive name of the rule group. You can\'t change the name of a+-- rule group after you create it.+--+-- You must specify the ARN or the name, and you can specify both.+describeRuleGroupMetadataResponse_ruleGroupName :: Lens.Lens' DescribeRuleGroupMetadataResponse Prelude.Text+describeRuleGroupMetadataResponse_ruleGroupName = Lens.lens (\DescribeRuleGroupMetadataResponse' {ruleGroupName} -> ruleGroupName) (\s@DescribeRuleGroupMetadataResponse' {} a -> s {ruleGroupName = a} :: DescribeRuleGroupMetadataResponse)++instance+ Prelude.NFData+ DescribeRuleGroupMetadataResponse+ where+ rnf DescribeRuleGroupMetadataResponse' {..} =+ Prelude.rnf capacity+ `Prelude.seq` Prelude.rnf description+ `Prelude.seq` Prelude.rnf lastModifiedTime+ `Prelude.seq` Prelude.rnf statefulRuleOptions+ `Prelude.seq` Prelude.rnf type'+ `Prelude.seq` Prelude.rnf httpStatus+ `Prelude.seq` Prelude.rnf ruleGroupArn+ `Prelude.seq` Prelude.rnf ruleGroupName
+ gen/Amazonka/NetworkFirewall/DisassociateSubnets.hs view
@@ -0,0 +1,362 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE TypeFamilies #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-binds #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.DisassociateSubnets+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+--+-- Removes the specified subnet associations from the firewall. This+-- removes the firewall endpoints from the subnets and removes any network+-- filtering protections that the endpoints were providing.+module Amazonka.NetworkFirewall.DisassociateSubnets+ ( -- * Creating a Request+ DisassociateSubnets (..),+ newDisassociateSubnets,++ -- * Request Lenses+ disassociateSubnets_firewallArn,+ disassociateSubnets_firewallName,+ disassociateSubnets_updateToken,+ disassociateSubnets_subnetIds,++ -- * Destructuring the Response+ DisassociateSubnetsResponse (..),+ newDisassociateSubnetsResponse,++ -- * Response Lenses+ disassociateSubnetsResponse_firewallArn,+ disassociateSubnetsResponse_firewallName,+ disassociateSubnetsResponse_subnetMappings,+ disassociateSubnetsResponse_updateToken,+ disassociateSubnetsResponse_httpStatus,+ )+where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import Amazonka.NetworkFirewall.Types+import qualified Amazonka.Prelude as Prelude+import qualified Amazonka.Request as Request+import qualified Amazonka.Response as Response++-- | /See:/ 'newDisassociateSubnets' smart constructor.+data DisassociateSubnets = DisassociateSubnets'+ { -- | The Amazon Resource Name (ARN) of the firewall.+ --+ -- You must specify the ARN or the name, and you can specify both.+ firewallArn :: Prelude.Maybe Prelude.Text,+ -- | The descriptive name of the firewall. You can\'t change the name of a+ -- firewall after you create it.+ --+ -- You must specify the ARN or the name, and you can specify both.+ firewallName :: Prelude.Maybe Prelude.Text,+ -- | An optional token that you can use for optimistic locking. Network+ -- Firewall returns a token to your requests that access the firewall. The+ -- token marks the state of the firewall resource at the time of the+ -- request.+ --+ -- To make an unconditional change to the firewall, omit the token in your+ -- update request. Without the token, Network Firewall performs your+ -- updates regardless of whether the firewall has changed since you last+ -- retrieved it.+ --+ -- To make a conditional change to the firewall, provide the token in your+ -- update request. Network Firewall uses the token to ensure that the+ -- firewall hasn\'t changed since you last retrieved it. If it has changed,+ -- the operation fails with an @InvalidTokenException@. If this happens,+ -- retrieve the firewall again to get a current copy of it with a new+ -- token. Reapply your changes as needed, then try the operation again+ -- using the new token.+ updateToken :: Prelude.Maybe Prelude.Text,+ -- | The unique identifiers for the subnets that you want to disassociate.+ subnetIds :: [Prelude.Text]+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'DisassociateSubnets' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'firewallArn', 'disassociateSubnets_firewallArn' - The Amazon Resource Name (ARN) of the firewall.+--+-- You must specify the ARN or the name, and you can specify both.+--+-- 'firewallName', 'disassociateSubnets_firewallName' - The descriptive name of the firewall. You can\'t change the name of a+-- firewall after you create it.+--+-- You must specify the ARN or the name, and you can specify both.+--+-- 'updateToken', 'disassociateSubnets_updateToken' - An optional token that you can use for optimistic locking. Network+-- Firewall returns a token to your requests that access the firewall. The+-- token marks the state of the firewall resource at the time of the+-- request.+--+-- To make an unconditional change to the firewall, omit the token in your+-- update request. Without the token, Network Firewall performs your+-- updates regardless of whether the firewall has changed since you last+-- retrieved it.+--+-- To make a conditional change to the firewall, provide the token in your+-- update request. Network Firewall uses the token to ensure that the+-- firewall hasn\'t changed since you last retrieved it. If it has changed,+-- the operation fails with an @InvalidTokenException@. If this happens,+-- retrieve the firewall again to get a current copy of it with a new+-- token. Reapply your changes as needed, then try the operation again+-- using the new token.+--+-- 'subnetIds', 'disassociateSubnets_subnetIds' - The unique identifiers for the subnets that you want to disassociate.+newDisassociateSubnets ::+ DisassociateSubnets+newDisassociateSubnets =+ DisassociateSubnets'+ { firewallArn = Prelude.Nothing,+ firewallName = Prelude.Nothing,+ updateToken = Prelude.Nothing,+ subnetIds = Prelude.mempty+ }++-- | The Amazon Resource Name (ARN) of the firewall.+--+-- You must specify the ARN or the name, and you can specify both.+disassociateSubnets_firewallArn :: Lens.Lens' DisassociateSubnets (Prelude.Maybe Prelude.Text)+disassociateSubnets_firewallArn = Lens.lens (\DisassociateSubnets' {firewallArn} -> firewallArn) (\s@DisassociateSubnets' {} a -> s {firewallArn = a} :: DisassociateSubnets)++-- | The descriptive name of the firewall. You can\'t change the name of a+-- firewall after you create it.+--+-- You must specify the ARN or the name, and you can specify both.+disassociateSubnets_firewallName :: Lens.Lens' DisassociateSubnets (Prelude.Maybe Prelude.Text)+disassociateSubnets_firewallName = Lens.lens (\DisassociateSubnets' {firewallName} -> firewallName) (\s@DisassociateSubnets' {} a -> s {firewallName = a} :: DisassociateSubnets)++-- | An optional token that you can use for optimistic locking. Network+-- Firewall returns a token to your requests that access the firewall. The+-- token marks the state of the firewall resource at the time of the+-- request.+--+-- To make an unconditional change to the firewall, omit the token in your+-- update request. Without the token, Network Firewall performs your+-- updates regardless of whether the firewall has changed since you last+-- retrieved it.+--+-- To make a conditional change to the firewall, provide the token in your+-- update request. Network Firewall uses the token to ensure that the+-- firewall hasn\'t changed since you last retrieved it. If it has changed,+-- the operation fails with an @InvalidTokenException@. If this happens,+-- retrieve the firewall again to get a current copy of it with a new+-- token. Reapply your changes as needed, then try the operation again+-- using the new token.+disassociateSubnets_updateToken :: Lens.Lens' DisassociateSubnets (Prelude.Maybe Prelude.Text)+disassociateSubnets_updateToken = Lens.lens (\DisassociateSubnets' {updateToken} -> updateToken) (\s@DisassociateSubnets' {} a -> s {updateToken = a} :: DisassociateSubnets)++-- | The unique identifiers for the subnets that you want to disassociate.+disassociateSubnets_subnetIds :: Lens.Lens' DisassociateSubnets [Prelude.Text]+disassociateSubnets_subnetIds = Lens.lens (\DisassociateSubnets' {subnetIds} -> subnetIds) (\s@DisassociateSubnets' {} a -> s {subnetIds = a} :: DisassociateSubnets) Prelude.. Lens.coerced++instance Core.AWSRequest DisassociateSubnets where+ type+ AWSResponse DisassociateSubnets =+ DisassociateSubnetsResponse+ request overrides =+ Request.postJSON (overrides defaultService)+ response =+ Response.receiveJSON+ ( \s h x ->+ DisassociateSubnetsResponse'+ Prelude.<$> (x Data..?> "FirewallArn")+ Prelude.<*> (x Data..?> "FirewallName")+ Prelude.<*> (x Data..?> "SubnetMappings" Core..!@ Prelude.mempty)+ Prelude.<*> (x Data..?> "UpdateToken")+ Prelude.<*> (Prelude.pure (Prelude.fromEnum s))+ )++instance Prelude.Hashable DisassociateSubnets where+ hashWithSalt _salt DisassociateSubnets' {..} =+ _salt+ `Prelude.hashWithSalt` firewallArn+ `Prelude.hashWithSalt` firewallName+ `Prelude.hashWithSalt` updateToken+ `Prelude.hashWithSalt` subnetIds++instance Prelude.NFData DisassociateSubnets where+ rnf DisassociateSubnets' {..} =+ Prelude.rnf firewallArn+ `Prelude.seq` Prelude.rnf firewallName+ `Prelude.seq` Prelude.rnf updateToken+ `Prelude.seq` Prelude.rnf subnetIds++instance Data.ToHeaders DisassociateSubnets where+ toHeaders =+ Prelude.const+ ( Prelude.mconcat+ [ "X-Amz-Target"+ Data.=# ( "NetworkFirewall_20201112.DisassociateSubnets" ::+ Prelude.ByteString+ ),+ "Content-Type"+ Data.=# ( "application/x-amz-json-1.0" ::+ Prelude.ByteString+ )+ ]+ )++instance Data.ToJSON DisassociateSubnets where+ toJSON DisassociateSubnets' {..} =+ Data.object+ ( Prelude.catMaybes+ [ ("FirewallArn" Data..=) Prelude.<$> firewallArn,+ ("FirewallName" Data..=) Prelude.<$> firewallName,+ ("UpdateToken" Data..=) Prelude.<$> updateToken,+ Prelude.Just ("SubnetIds" Data..= subnetIds)+ ]+ )++instance Data.ToPath DisassociateSubnets where+ toPath = Prelude.const "/"++instance Data.ToQuery DisassociateSubnets where+ toQuery = Prelude.const Prelude.mempty++-- | /See:/ 'newDisassociateSubnetsResponse' smart constructor.+data DisassociateSubnetsResponse = DisassociateSubnetsResponse'+ { -- | The Amazon Resource Name (ARN) of the firewall.+ firewallArn :: Prelude.Maybe Prelude.Text,+ -- | The descriptive name of the firewall. You can\'t change the name of a+ -- firewall after you create it.+ firewallName :: Prelude.Maybe Prelude.Text,+ -- | The IDs of the subnets that are associated with the firewall.+ subnetMappings :: Prelude.Maybe [SubnetMapping],+ -- | An optional token that you can use for optimistic locking. Network+ -- Firewall returns a token to your requests that access the firewall. The+ -- token marks the state of the firewall resource at the time of the+ -- request.+ --+ -- To make an unconditional change to the firewall, omit the token in your+ -- update request. Without the token, Network Firewall performs your+ -- updates regardless of whether the firewall has changed since you last+ -- retrieved it.+ --+ -- To make a conditional change to the firewall, provide the token in your+ -- update request. Network Firewall uses the token to ensure that the+ -- firewall hasn\'t changed since you last retrieved it. If it has changed,+ -- the operation fails with an @InvalidTokenException@. If this happens,+ -- retrieve the firewall again to get a current copy of it with a new+ -- token. Reapply your changes as needed, then try the operation again+ -- using the new token.+ updateToken :: Prelude.Maybe Prelude.Text,+ -- | The response's http status code.+ httpStatus :: Prelude.Int+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'DisassociateSubnetsResponse' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'firewallArn', 'disassociateSubnetsResponse_firewallArn' - The Amazon Resource Name (ARN) of the firewall.+--+-- 'firewallName', 'disassociateSubnetsResponse_firewallName' - The descriptive name of the firewall. You can\'t change the name of a+-- firewall after you create it.+--+-- 'subnetMappings', 'disassociateSubnetsResponse_subnetMappings' - The IDs of the subnets that are associated with the firewall.+--+-- 'updateToken', 'disassociateSubnetsResponse_updateToken' - An optional token that you can use for optimistic locking. Network+-- Firewall returns a token to your requests that access the firewall. The+-- token marks the state of the firewall resource at the time of the+-- request.+--+-- To make an unconditional change to the firewall, omit the token in your+-- update request. Without the token, Network Firewall performs your+-- updates regardless of whether the firewall has changed since you last+-- retrieved it.+--+-- To make a conditional change to the firewall, provide the token in your+-- update request. Network Firewall uses the token to ensure that the+-- firewall hasn\'t changed since you last retrieved it. If it has changed,+-- the operation fails with an @InvalidTokenException@. If this happens,+-- retrieve the firewall again to get a current copy of it with a new+-- token. Reapply your changes as needed, then try the operation again+-- using the new token.+--+-- 'httpStatus', 'disassociateSubnetsResponse_httpStatus' - The response's http status code.+newDisassociateSubnetsResponse ::+ -- | 'httpStatus'+ Prelude.Int ->+ DisassociateSubnetsResponse+newDisassociateSubnetsResponse pHttpStatus_ =+ DisassociateSubnetsResponse'+ { firewallArn =+ Prelude.Nothing,+ firewallName = Prelude.Nothing,+ subnetMappings = Prelude.Nothing,+ updateToken = Prelude.Nothing,+ httpStatus = pHttpStatus_+ }++-- | The Amazon Resource Name (ARN) of the firewall.+disassociateSubnetsResponse_firewallArn :: Lens.Lens' DisassociateSubnetsResponse (Prelude.Maybe Prelude.Text)+disassociateSubnetsResponse_firewallArn = Lens.lens (\DisassociateSubnetsResponse' {firewallArn} -> firewallArn) (\s@DisassociateSubnetsResponse' {} a -> s {firewallArn = a} :: DisassociateSubnetsResponse)++-- | The descriptive name of the firewall. You can\'t change the name of a+-- firewall after you create it.+disassociateSubnetsResponse_firewallName :: Lens.Lens' DisassociateSubnetsResponse (Prelude.Maybe Prelude.Text)+disassociateSubnetsResponse_firewallName = Lens.lens (\DisassociateSubnetsResponse' {firewallName} -> firewallName) (\s@DisassociateSubnetsResponse' {} a -> s {firewallName = a} :: DisassociateSubnetsResponse)++-- | The IDs of the subnets that are associated with the firewall.+disassociateSubnetsResponse_subnetMappings :: Lens.Lens' DisassociateSubnetsResponse (Prelude.Maybe [SubnetMapping])+disassociateSubnetsResponse_subnetMappings = Lens.lens (\DisassociateSubnetsResponse' {subnetMappings} -> subnetMappings) (\s@DisassociateSubnetsResponse' {} a -> s {subnetMappings = a} :: DisassociateSubnetsResponse) Prelude.. Lens.mapping Lens.coerced++-- | An optional token that you can use for optimistic locking. Network+-- Firewall returns a token to your requests that access the firewall. The+-- token marks the state of the firewall resource at the time of the+-- request.+--+-- To make an unconditional change to the firewall, omit the token in your+-- update request. Without the token, Network Firewall performs your+-- updates regardless of whether the firewall has changed since you last+-- retrieved it.+--+-- To make a conditional change to the firewall, provide the token in your+-- update request. Network Firewall uses the token to ensure that the+-- firewall hasn\'t changed since you last retrieved it. If it has changed,+-- the operation fails with an @InvalidTokenException@. If this happens,+-- retrieve the firewall again to get a current copy of it with a new+-- token. Reapply your changes as needed, then try the operation again+-- using the new token.+disassociateSubnetsResponse_updateToken :: Lens.Lens' DisassociateSubnetsResponse (Prelude.Maybe Prelude.Text)+disassociateSubnetsResponse_updateToken = Lens.lens (\DisassociateSubnetsResponse' {updateToken} -> updateToken) (\s@DisassociateSubnetsResponse' {} a -> s {updateToken = a} :: DisassociateSubnetsResponse)++-- | The response's http status code.+disassociateSubnetsResponse_httpStatus :: Lens.Lens' DisassociateSubnetsResponse Prelude.Int+disassociateSubnetsResponse_httpStatus = Lens.lens (\DisassociateSubnetsResponse' {httpStatus} -> httpStatus) (\s@DisassociateSubnetsResponse' {} a -> s {httpStatus = a} :: DisassociateSubnetsResponse)++instance Prelude.NFData DisassociateSubnetsResponse where+ rnf DisassociateSubnetsResponse' {..} =+ Prelude.rnf firewallArn+ `Prelude.seq` Prelude.rnf firewallName+ `Prelude.seq` Prelude.rnf subnetMappings+ `Prelude.seq` Prelude.rnf updateToken+ `Prelude.seq` Prelude.rnf httpStatus
+ gen/Amazonka/NetworkFirewall/Lens.hs view
@@ -0,0 +1,616 @@+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-duplicate-exports #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.Lens+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.Lens+ ( -- * Operations++ -- ** AssociateFirewallPolicy+ associateFirewallPolicy_firewallArn,+ associateFirewallPolicy_firewallName,+ associateFirewallPolicy_updateToken,+ associateFirewallPolicy_firewallPolicyArn,+ associateFirewallPolicyResponse_firewallArn,+ associateFirewallPolicyResponse_firewallName,+ associateFirewallPolicyResponse_firewallPolicyArn,+ associateFirewallPolicyResponse_updateToken,+ associateFirewallPolicyResponse_httpStatus,++ -- ** AssociateSubnets+ associateSubnets_firewallArn,+ associateSubnets_firewallName,+ associateSubnets_updateToken,+ associateSubnets_subnetMappings,+ associateSubnetsResponse_firewallArn,+ associateSubnetsResponse_firewallName,+ associateSubnetsResponse_subnetMappings,+ associateSubnetsResponse_updateToken,+ associateSubnetsResponse_httpStatus,++ -- ** CreateFirewall+ createFirewall_deleteProtection,+ createFirewall_description,+ createFirewall_encryptionConfiguration,+ createFirewall_firewallPolicyChangeProtection,+ createFirewall_subnetChangeProtection,+ createFirewall_tags,+ createFirewall_firewallName,+ createFirewall_firewallPolicyArn,+ createFirewall_vpcId,+ createFirewall_subnetMappings,+ createFirewallResponse_firewall,+ createFirewallResponse_firewallStatus,+ createFirewallResponse_httpStatus,++ -- ** CreateFirewallPolicy+ createFirewallPolicy_description,+ createFirewallPolicy_dryRun,+ createFirewallPolicy_encryptionConfiguration,+ createFirewallPolicy_tags,+ createFirewallPolicy_firewallPolicyName,+ createFirewallPolicy_firewallPolicy,+ createFirewallPolicyResponse_httpStatus,+ createFirewallPolicyResponse_updateToken,+ createFirewallPolicyResponse_firewallPolicyResponse,++ -- ** CreateRuleGroup+ createRuleGroup_description,+ createRuleGroup_dryRun,+ createRuleGroup_encryptionConfiguration,+ createRuleGroup_ruleGroup,+ createRuleGroup_rules,+ createRuleGroup_sourceMetadata,+ createRuleGroup_tags,+ createRuleGroup_ruleGroupName,+ createRuleGroup_type,+ createRuleGroup_capacity,+ createRuleGroupResponse_httpStatus,+ createRuleGroupResponse_updateToken,+ createRuleGroupResponse_ruleGroupResponse,++ -- ** DeleteFirewall+ deleteFirewall_firewallArn,+ deleteFirewall_firewallName,+ deleteFirewallResponse_firewall,+ deleteFirewallResponse_firewallStatus,+ deleteFirewallResponse_httpStatus,++ -- ** DeleteFirewallPolicy+ deleteFirewallPolicy_firewallPolicyArn,+ deleteFirewallPolicy_firewallPolicyName,+ deleteFirewallPolicyResponse_httpStatus,+ deleteFirewallPolicyResponse_firewallPolicyResponse,++ -- ** DeleteResourcePolicy+ deleteResourcePolicy_resourceArn,+ deleteResourcePolicyResponse_httpStatus,++ -- ** DeleteRuleGroup+ deleteRuleGroup_ruleGroupArn,+ deleteRuleGroup_ruleGroupName,+ deleteRuleGroup_type,+ deleteRuleGroupResponse_httpStatus,+ deleteRuleGroupResponse_ruleGroupResponse,++ -- ** DescribeFirewall+ describeFirewall_firewallArn,+ describeFirewall_firewallName,+ describeFirewallResponse_firewall,+ describeFirewallResponse_firewallStatus,+ describeFirewallResponse_updateToken,+ describeFirewallResponse_httpStatus,++ -- ** DescribeFirewallPolicy+ describeFirewallPolicy_firewallPolicyArn,+ describeFirewallPolicy_firewallPolicyName,+ describeFirewallPolicyResponse_firewallPolicy,+ describeFirewallPolicyResponse_httpStatus,+ describeFirewallPolicyResponse_updateToken,+ describeFirewallPolicyResponse_firewallPolicyResponse,++ -- ** DescribeLoggingConfiguration+ describeLoggingConfiguration_firewallArn,+ describeLoggingConfiguration_firewallName,+ describeLoggingConfigurationResponse_firewallArn,+ describeLoggingConfigurationResponse_loggingConfiguration,+ describeLoggingConfigurationResponse_httpStatus,++ -- ** DescribeResourcePolicy+ describeResourcePolicy_resourceArn,+ describeResourcePolicyResponse_policy,+ describeResourcePolicyResponse_httpStatus,++ -- ** DescribeRuleGroup+ describeRuleGroup_ruleGroupArn,+ describeRuleGroup_ruleGroupName,+ describeRuleGroup_type,+ describeRuleGroupResponse_ruleGroup,+ describeRuleGroupResponse_httpStatus,+ describeRuleGroupResponse_updateToken,+ describeRuleGroupResponse_ruleGroupResponse,++ -- ** DescribeRuleGroupMetadata+ describeRuleGroupMetadata_ruleGroupArn,+ describeRuleGroupMetadata_ruleGroupName,+ describeRuleGroupMetadata_type,+ describeRuleGroupMetadataResponse_capacity,+ describeRuleGroupMetadataResponse_description,+ describeRuleGroupMetadataResponse_lastModifiedTime,+ describeRuleGroupMetadataResponse_statefulRuleOptions,+ describeRuleGroupMetadataResponse_type,+ describeRuleGroupMetadataResponse_httpStatus,+ describeRuleGroupMetadataResponse_ruleGroupArn,+ describeRuleGroupMetadataResponse_ruleGroupName,++ -- ** DisassociateSubnets+ disassociateSubnets_firewallArn,+ disassociateSubnets_firewallName,+ disassociateSubnets_updateToken,+ disassociateSubnets_subnetIds,+ disassociateSubnetsResponse_firewallArn,+ disassociateSubnetsResponse_firewallName,+ disassociateSubnetsResponse_subnetMappings,+ disassociateSubnetsResponse_updateToken,+ disassociateSubnetsResponse_httpStatus,++ -- ** ListFirewallPolicies+ listFirewallPolicies_maxResults,+ listFirewallPolicies_nextToken,+ listFirewallPoliciesResponse_firewallPolicies,+ listFirewallPoliciesResponse_nextToken,+ listFirewallPoliciesResponse_httpStatus,++ -- ** ListFirewalls+ listFirewalls_maxResults,+ listFirewalls_nextToken,+ listFirewalls_vpcIds,+ listFirewallsResponse_firewalls,+ listFirewallsResponse_nextToken,+ listFirewallsResponse_httpStatus,++ -- ** ListRuleGroups+ listRuleGroups_managedType,+ listRuleGroups_maxResults,+ listRuleGroups_nextToken,+ listRuleGroups_scope,+ listRuleGroups_type,+ listRuleGroupsResponse_nextToken,+ listRuleGroupsResponse_ruleGroups,+ listRuleGroupsResponse_httpStatus,++ -- ** ListTagsForResource+ listTagsForResource_maxResults,+ listTagsForResource_nextToken,+ listTagsForResource_resourceArn,+ listTagsForResourceResponse_nextToken,+ listTagsForResourceResponse_tags,+ listTagsForResourceResponse_httpStatus,++ -- ** PutResourcePolicy+ putResourcePolicy_resourceArn,+ putResourcePolicy_policy,+ putResourcePolicyResponse_httpStatus,++ -- ** TagResource+ tagResource_resourceArn,+ tagResource_tags,+ tagResourceResponse_httpStatus,++ -- ** UntagResource+ untagResource_resourceArn,+ untagResource_tagKeys,+ untagResourceResponse_httpStatus,++ -- ** UpdateFirewallDeleteProtection+ updateFirewallDeleteProtection_firewallArn,+ updateFirewallDeleteProtection_firewallName,+ updateFirewallDeleteProtection_updateToken,+ updateFirewallDeleteProtection_deleteProtection,+ updateFirewallDeleteProtectionResponse_deleteProtection,+ updateFirewallDeleteProtectionResponse_firewallArn,+ updateFirewallDeleteProtectionResponse_firewallName,+ updateFirewallDeleteProtectionResponse_updateToken,+ updateFirewallDeleteProtectionResponse_httpStatus,++ -- ** UpdateFirewallDescription+ updateFirewallDescription_description,+ updateFirewallDescription_firewallArn,+ updateFirewallDescription_firewallName,+ updateFirewallDescription_updateToken,+ updateFirewallDescriptionResponse_description,+ updateFirewallDescriptionResponse_firewallArn,+ updateFirewallDescriptionResponse_firewallName,+ updateFirewallDescriptionResponse_updateToken,+ updateFirewallDescriptionResponse_httpStatus,++ -- ** UpdateFirewallEncryptionConfiguration+ updateFirewallEncryptionConfiguration_encryptionConfiguration,+ updateFirewallEncryptionConfiguration_firewallArn,+ updateFirewallEncryptionConfiguration_firewallName,+ updateFirewallEncryptionConfiguration_updateToken,+ updateFirewallEncryptionConfigurationResponse_encryptionConfiguration,+ updateFirewallEncryptionConfigurationResponse_firewallArn,+ updateFirewallEncryptionConfigurationResponse_firewallName,+ updateFirewallEncryptionConfigurationResponse_updateToken,+ updateFirewallEncryptionConfigurationResponse_httpStatus,++ -- ** UpdateFirewallPolicy+ updateFirewallPolicy_description,+ updateFirewallPolicy_dryRun,+ updateFirewallPolicy_encryptionConfiguration,+ updateFirewallPolicy_firewallPolicyArn,+ updateFirewallPolicy_firewallPolicyName,+ updateFirewallPolicy_updateToken,+ updateFirewallPolicy_firewallPolicy,+ updateFirewallPolicyResponse_httpStatus,+ updateFirewallPolicyResponse_updateToken,+ updateFirewallPolicyResponse_firewallPolicyResponse,++ -- ** UpdateFirewallPolicyChangeProtection+ updateFirewallPolicyChangeProtection_firewallArn,+ updateFirewallPolicyChangeProtection_firewallName,+ updateFirewallPolicyChangeProtection_updateToken,+ updateFirewallPolicyChangeProtection_firewallPolicyChangeProtection,+ updateFirewallPolicyChangeProtectionResponse_firewallArn,+ updateFirewallPolicyChangeProtectionResponse_firewallName,+ updateFirewallPolicyChangeProtectionResponse_firewallPolicyChangeProtection,+ updateFirewallPolicyChangeProtectionResponse_updateToken,+ updateFirewallPolicyChangeProtectionResponse_httpStatus,++ -- ** UpdateLoggingConfiguration+ updateLoggingConfiguration_firewallArn,+ updateLoggingConfiguration_firewallName,+ updateLoggingConfiguration_loggingConfiguration,+ updateLoggingConfigurationResponse_firewallArn,+ updateLoggingConfigurationResponse_firewallName,+ updateLoggingConfigurationResponse_loggingConfiguration,+ updateLoggingConfigurationResponse_httpStatus,++ -- ** UpdateRuleGroup+ updateRuleGroup_description,+ updateRuleGroup_dryRun,+ updateRuleGroup_encryptionConfiguration,+ updateRuleGroup_ruleGroup,+ updateRuleGroup_ruleGroupArn,+ updateRuleGroup_ruleGroupName,+ updateRuleGroup_rules,+ updateRuleGroup_sourceMetadata,+ updateRuleGroup_type,+ updateRuleGroup_updateToken,+ updateRuleGroupResponse_httpStatus,+ updateRuleGroupResponse_updateToken,+ updateRuleGroupResponse_ruleGroupResponse,++ -- ** UpdateSubnetChangeProtection+ updateSubnetChangeProtection_firewallArn,+ updateSubnetChangeProtection_firewallName,+ updateSubnetChangeProtection_updateToken,+ updateSubnetChangeProtection_subnetChangeProtection,+ updateSubnetChangeProtectionResponse_firewallArn,+ updateSubnetChangeProtectionResponse_firewallName,+ updateSubnetChangeProtectionResponse_subnetChangeProtection,+ updateSubnetChangeProtectionResponse_updateToken,+ updateSubnetChangeProtectionResponse_httpStatus,++ -- * Types++ -- ** ActionDefinition+ actionDefinition_publishMetricAction,++ -- ** Address+ address_addressDefinition,++ -- ** Attachment+ attachment_endpointId,+ attachment_status,+ attachment_statusMessage,+ attachment_subnetId,++ -- ** CIDRSummary+ cIDRSummary_availableCIDRCount,+ cIDRSummary_iPSetReferences,+ cIDRSummary_utilizedCIDRCount,++ -- ** CapacityUsageSummary+ capacityUsageSummary_cIDRs,++ -- ** CustomAction+ customAction_actionName,+ customAction_actionDefinition,++ -- ** Dimension+ dimension_value,++ -- ** EncryptionConfiguration+ encryptionConfiguration_keyId,+ encryptionConfiguration_type,++ -- ** Firewall+ firewall_deleteProtection,+ firewall_description,+ firewall_encryptionConfiguration,+ firewall_firewallArn,+ firewall_firewallName,+ firewall_firewallPolicyChangeProtection,+ firewall_subnetChangeProtection,+ firewall_tags,+ firewall_firewallPolicyArn,+ firewall_vpcId,+ firewall_subnetMappings,+ firewall_firewallId,++ -- ** FirewallMetadata+ firewallMetadata_firewallArn,+ firewallMetadata_firewallName,++ -- ** FirewallPolicy+ firewallPolicy_statefulDefaultActions,+ firewallPolicy_statefulEngineOptions,+ firewallPolicy_statefulRuleGroupReferences,+ firewallPolicy_statelessCustomActions,+ firewallPolicy_statelessRuleGroupReferences,+ firewallPolicy_statelessDefaultActions,+ firewallPolicy_statelessFragmentDefaultActions,++ -- ** FirewallPolicyMetadata+ firewallPolicyMetadata_arn,+ firewallPolicyMetadata_name,++ -- ** FirewallPolicyResponse+ firewallPolicyResponse_consumedStatefulRuleCapacity,+ firewallPolicyResponse_consumedStatelessRuleCapacity,+ firewallPolicyResponse_description,+ firewallPolicyResponse_encryptionConfiguration,+ firewallPolicyResponse_firewallPolicyStatus,+ firewallPolicyResponse_lastModifiedTime,+ firewallPolicyResponse_numberOfAssociations,+ firewallPolicyResponse_tags,+ firewallPolicyResponse_firewallPolicyName,+ firewallPolicyResponse_firewallPolicyArn,+ firewallPolicyResponse_firewallPolicyId,++ -- ** FirewallStatus+ firewallStatus_capacityUsageSummary,+ firewallStatus_syncStates,+ firewallStatus_status,+ firewallStatus_configurationSyncStateSummary,++ -- ** Header+ header_protocol,+ header_source,+ header_sourcePort,+ header_direction,+ header_destination,+ header_destinationPort,++ -- ** IPSet+ iPSet_definition,++ -- ** IPSetMetadata+ iPSetMetadata_resolvedCIDRCount,++ -- ** IPSetReference+ iPSetReference_referenceArn,++ -- ** LogDestinationConfig+ logDestinationConfig_logType,+ logDestinationConfig_logDestinationType,+ logDestinationConfig_logDestination,++ -- ** LoggingConfiguration+ loggingConfiguration_logDestinationConfigs,++ -- ** MatchAttributes+ matchAttributes_destinationPorts,+ matchAttributes_destinations,+ matchAttributes_protocols,+ matchAttributes_sourcePorts,+ matchAttributes_sources,+ matchAttributes_tCPFlags,++ -- ** PerObjectStatus+ perObjectStatus_syncStatus,+ perObjectStatus_updateToken,++ -- ** PortRange+ portRange_fromPort,+ portRange_toPort,++ -- ** PortSet+ portSet_definition,++ -- ** PublishMetricAction+ publishMetricAction_dimensions,++ -- ** ReferenceSets+ referenceSets_iPSetReferences,++ -- ** RuleDefinition+ ruleDefinition_matchAttributes,+ ruleDefinition_actions,++ -- ** RuleGroup+ ruleGroup_referenceSets,+ ruleGroup_ruleVariables,+ ruleGroup_statefulRuleOptions,+ ruleGroup_rulesSource,++ -- ** RuleGroupMetadata+ ruleGroupMetadata_arn,+ ruleGroupMetadata_name,++ -- ** RuleGroupResponse+ ruleGroupResponse_capacity,+ ruleGroupResponse_consumedCapacity,+ ruleGroupResponse_description,+ ruleGroupResponse_encryptionConfiguration,+ ruleGroupResponse_lastModifiedTime,+ ruleGroupResponse_numberOfAssociations,+ ruleGroupResponse_ruleGroupStatus,+ ruleGroupResponse_snsTopic,+ ruleGroupResponse_sourceMetadata,+ ruleGroupResponse_tags,+ ruleGroupResponse_type,+ ruleGroupResponse_ruleGroupArn,+ ruleGroupResponse_ruleGroupName,+ ruleGroupResponse_ruleGroupId,++ -- ** RuleOption+ ruleOption_settings,+ ruleOption_keyword,++ -- ** RuleVariables+ ruleVariables_iPSets,+ ruleVariables_portSets,++ -- ** RulesSource+ rulesSource_rulesSourceList,+ rulesSource_rulesString,+ rulesSource_statefulRules,+ rulesSource_statelessRulesAndCustomActions,++ -- ** RulesSourceList+ rulesSourceList_targets,+ rulesSourceList_targetTypes,+ rulesSourceList_generatedRulesType,++ -- ** SourceMetadata+ sourceMetadata_sourceArn,+ sourceMetadata_sourceUpdateToken,++ -- ** StatefulEngineOptions+ statefulEngineOptions_ruleOrder,+ statefulEngineOptions_streamExceptionPolicy,++ -- ** StatefulRule+ statefulRule_action,+ statefulRule_header,+ statefulRule_ruleOptions,++ -- ** StatefulRuleGroupOverride+ statefulRuleGroupOverride_action,++ -- ** StatefulRuleGroupReference+ statefulRuleGroupReference_override,+ statefulRuleGroupReference_priority,+ statefulRuleGroupReference_resourceArn,++ -- ** StatefulRuleOptions+ statefulRuleOptions_ruleOrder,++ -- ** StatelessRule+ statelessRule_ruleDefinition,+ statelessRule_priority,++ -- ** StatelessRuleGroupReference+ statelessRuleGroupReference_resourceArn,+ statelessRuleGroupReference_priority,++ -- ** StatelessRulesAndCustomActions+ statelessRulesAndCustomActions_customActions,+ statelessRulesAndCustomActions_statelessRules,++ -- ** SubnetMapping+ subnetMapping_subnetId,++ -- ** SyncState+ syncState_attachment,+ syncState_config,++ -- ** TCPFlagField+ tCPFlagField_masks,+ tCPFlagField_flags,++ -- ** Tag+ tag_key,+ tag_value,+ )+where++import Amazonka.NetworkFirewall.AssociateFirewallPolicy+import Amazonka.NetworkFirewall.AssociateSubnets+import Amazonka.NetworkFirewall.CreateFirewall+import Amazonka.NetworkFirewall.CreateFirewallPolicy+import Amazonka.NetworkFirewall.CreateRuleGroup+import Amazonka.NetworkFirewall.DeleteFirewall+import Amazonka.NetworkFirewall.DeleteFirewallPolicy+import Amazonka.NetworkFirewall.DeleteResourcePolicy+import Amazonka.NetworkFirewall.DeleteRuleGroup+import Amazonka.NetworkFirewall.DescribeFirewall+import Amazonka.NetworkFirewall.DescribeFirewallPolicy+import Amazonka.NetworkFirewall.DescribeLoggingConfiguration+import Amazonka.NetworkFirewall.DescribeResourcePolicy+import Amazonka.NetworkFirewall.DescribeRuleGroup+import Amazonka.NetworkFirewall.DescribeRuleGroupMetadata+import Amazonka.NetworkFirewall.DisassociateSubnets+import Amazonka.NetworkFirewall.ListFirewallPolicies+import Amazonka.NetworkFirewall.ListFirewalls+import Amazonka.NetworkFirewall.ListRuleGroups+import Amazonka.NetworkFirewall.ListTagsForResource+import Amazonka.NetworkFirewall.PutResourcePolicy+import Amazonka.NetworkFirewall.TagResource+import Amazonka.NetworkFirewall.Types.ActionDefinition+import Amazonka.NetworkFirewall.Types.Address+import Amazonka.NetworkFirewall.Types.Attachment+import Amazonka.NetworkFirewall.Types.CIDRSummary+import Amazonka.NetworkFirewall.Types.CapacityUsageSummary+import Amazonka.NetworkFirewall.Types.CustomAction+import Amazonka.NetworkFirewall.Types.Dimension+import Amazonka.NetworkFirewall.Types.EncryptionConfiguration+import Amazonka.NetworkFirewall.Types.Firewall+import Amazonka.NetworkFirewall.Types.FirewallMetadata+import Amazonka.NetworkFirewall.Types.FirewallPolicy+import Amazonka.NetworkFirewall.Types.FirewallPolicyMetadata+import Amazonka.NetworkFirewall.Types.FirewallPolicyResponse+import Amazonka.NetworkFirewall.Types.FirewallStatus+import Amazonka.NetworkFirewall.Types.Header+import Amazonka.NetworkFirewall.Types.IPSet+import Amazonka.NetworkFirewall.Types.IPSetMetadata+import Amazonka.NetworkFirewall.Types.IPSetReference+import Amazonka.NetworkFirewall.Types.LogDestinationConfig+import Amazonka.NetworkFirewall.Types.LoggingConfiguration+import Amazonka.NetworkFirewall.Types.MatchAttributes+import Amazonka.NetworkFirewall.Types.PerObjectStatus+import Amazonka.NetworkFirewall.Types.PortRange+import Amazonka.NetworkFirewall.Types.PortSet+import Amazonka.NetworkFirewall.Types.PublishMetricAction+import Amazonka.NetworkFirewall.Types.ReferenceSets+import Amazonka.NetworkFirewall.Types.RuleDefinition+import Amazonka.NetworkFirewall.Types.RuleGroup+import Amazonka.NetworkFirewall.Types.RuleGroupMetadata+import Amazonka.NetworkFirewall.Types.RuleGroupResponse+import Amazonka.NetworkFirewall.Types.RuleOption+import Amazonka.NetworkFirewall.Types.RuleVariables+import Amazonka.NetworkFirewall.Types.RulesSource+import Amazonka.NetworkFirewall.Types.RulesSourceList+import Amazonka.NetworkFirewall.Types.SourceMetadata+import Amazonka.NetworkFirewall.Types.StatefulEngineOptions+import Amazonka.NetworkFirewall.Types.StatefulRule+import Amazonka.NetworkFirewall.Types.StatefulRuleGroupOverride+import Amazonka.NetworkFirewall.Types.StatefulRuleGroupReference+import Amazonka.NetworkFirewall.Types.StatefulRuleOptions+import Amazonka.NetworkFirewall.Types.StatelessRule+import Amazonka.NetworkFirewall.Types.StatelessRuleGroupReference+import Amazonka.NetworkFirewall.Types.StatelessRulesAndCustomActions+import Amazonka.NetworkFirewall.Types.SubnetMapping+import Amazonka.NetworkFirewall.Types.SyncState+import Amazonka.NetworkFirewall.Types.TCPFlagField+import Amazonka.NetworkFirewall.Types.Tag+import Amazonka.NetworkFirewall.UntagResource+import Amazonka.NetworkFirewall.UpdateFirewallDeleteProtection+import Amazonka.NetworkFirewall.UpdateFirewallDescription+import Amazonka.NetworkFirewall.UpdateFirewallEncryptionConfiguration+import Amazonka.NetworkFirewall.UpdateFirewallPolicy+import Amazonka.NetworkFirewall.UpdateFirewallPolicyChangeProtection+import Amazonka.NetworkFirewall.UpdateLoggingConfiguration+import Amazonka.NetworkFirewall.UpdateRuleGroup+import Amazonka.NetworkFirewall.UpdateSubnetChangeProtection
+ gen/Amazonka/NetworkFirewall/ListFirewallPolicies.hs view
@@ -0,0 +1,264 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE TypeFamilies #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-binds #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.ListFirewallPolicies+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+--+-- Retrieves the metadata for the firewall policies that you have defined.+-- Depending on your setting for max results and the number of firewall+-- policies, a single call might not return the full list.+--+-- This operation returns paginated results.+module Amazonka.NetworkFirewall.ListFirewallPolicies+ ( -- * Creating a Request+ ListFirewallPolicies (..),+ newListFirewallPolicies,++ -- * Request Lenses+ listFirewallPolicies_maxResults,+ listFirewallPolicies_nextToken,++ -- * Destructuring the Response+ ListFirewallPoliciesResponse (..),+ newListFirewallPoliciesResponse,++ -- * Response Lenses+ listFirewallPoliciesResponse_firewallPolicies,+ listFirewallPoliciesResponse_nextToken,+ listFirewallPoliciesResponse_httpStatus,+ )+where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import Amazonka.NetworkFirewall.Types+import qualified Amazonka.Prelude as Prelude+import qualified Amazonka.Request as Request+import qualified Amazonka.Response as Response++-- | /See:/ 'newListFirewallPolicies' smart constructor.+data ListFirewallPolicies = ListFirewallPolicies'+ { -- | The maximum number of objects that you want Network Firewall to return+ -- for this request. If more objects are available, in the response,+ -- Network Firewall provides a @NextToken@ value that you can use in a+ -- subsequent call to get the next batch of objects.+ maxResults :: Prelude.Maybe Prelude.Natural,+ -- | When you request a list of objects with a @MaxResults@ setting, if the+ -- number of objects that are still available for retrieval exceeds the+ -- maximum you requested, Network Firewall returns a @NextToken@ value in+ -- the response. To retrieve the next batch of objects, use the token+ -- returned from the prior request in your next request.+ nextToken :: Prelude.Maybe Prelude.Text+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'ListFirewallPolicies' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'maxResults', 'listFirewallPolicies_maxResults' - The maximum number of objects that you want Network Firewall to return+-- for this request. If more objects are available, in the response,+-- Network Firewall provides a @NextToken@ value that you can use in a+-- subsequent call to get the next batch of objects.+--+-- 'nextToken', 'listFirewallPolicies_nextToken' - When you request a list of objects with a @MaxResults@ setting, if the+-- number of objects that are still available for retrieval exceeds the+-- maximum you requested, Network Firewall returns a @NextToken@ value in+-- the response. To retrieve the next batch of objects, use the token+-- returned from the prior request in your next request.+newListFirewallPolicies ::+ ListFirewallPolicies+newListFirewallPolicies =+ ListFirewallPolicies'+ { maxResults = Prelude.Nothing,+ nextToken = Prelude.Nothing+ }++-- | The maximum number of objects that you want Network Firewall to return+-- for this request. If more objects are available, in the response,+-- Network Firewall provides a @NextToken@ value that you can use in a+-- subsequent call to get the next batch of objects.+listFirewallPolicies_maxResults :: Lens.Lens' ListFirewallPolicies (Prelude.Maybe Prelude.Natural)+listFirewallPolicies_maxResults = Lens.lens (\ListFirewallPolicies' {maxResults} -> maxResults) (\s@ListFirewallPolicies' {} a -> s {maxResults = a} :: ListFirewallPolicies)++-- | When you request a list of objects with a @MaxResults@ setting, if the+-- number of objects that are still available for retrieval exceeds the+-- maximum you requested, Network Firewall returns a @NextToken@ value in+-- the response. To retrieve the next batch of objects, use the token+-- returned from the prior request in your next request.+listFirewallPolicies_nextToken :: Lens.Lens' ListFirewallPolicies (Prelude.Maybe Prelude.Text)+listFirewallPolicies_nextToken = Lens.lens (\ListFirewallPolicies' {nextToken} -> nextToken) (\s@ListFirewallPolicies' {} a -> s {nextToken = a} :: ListFirewallPolicies)++instance Core.AWSPager ListFirewallPolicies where+ page rq rs+ | Core.stop+ ( rs+ Lens.^? listFirewallPoliciesResponse_nextToken+ Prelude.. Lens._Just+ ) =+ Prelude.Nothing+ | Core.stop+ ( rs+ Lens.^? listFirewallPoliciesResponse_firewallPolicies+ Prelude.. Lens._Just+ ) =+ Prelude.Nothing+ | Prelude.otherwise =+ Prelude.Just+ Prelude.$ rq+ Prelude.& listFirewallPolicies_nextToken+ Lens..~ rs+ Lens.^? listFirewallPoliciesResponse_nextToken+ Prelude.. Lens._Just++instance Core.AWSRequest ListFirewallPolicies where+ type+ AWSResponse ListFirewallPolicies =+ ListFirewallPoliciesResponse+ request overrides =+ Request.postJSON (overrides defaultService)+ response =+ Response.receiveJSON+ ( \s h x ->+ ListFirewallPoliciesResponse'+ Prelude.<$> ( x+ Data..?> "FirewallPolicies"+ Core..!@ Prelude.mempty+ )+ Prelude.<*> (x Data..?> "NextToken")+ Prelude.<*> (Prelude.pure (Prelude.fromEnum s))+ )++instance Prelude.Hashable ListFirewallPolicies where+ hashWithSalt _salt ListFirewallPolicies' {..} =+ _salt+ `Prelude.hashWithSalt` maxResults+ `Prelude.hashWithSalt` nextToken++instance Prelude.NFData ListFirewallPolicies where+ rnf ListFirewallPolicies' {..} =+ Prelude.rnf maxResults+ `Prelude.seq` Prelude.rnf nextToken++instance Data.ToHeaders ListFirewallPolicies where+ toHeaders =+ Prelude.const+ ( Prelude.mconcat+ [ "X-Amz-Target"+ Data.=# ( "NetworkFirewall_20201112.ListFirewallPolicies" ::+ Prelude.ByteString+ ),+ "Content-Type"+ Data.=# ( "application/x-amz-json-1.0" ::+ Prelude.ByteString+ )+ ]+ )++instance Data.ToJSON ListFirewallPolicies where+ toJSON ListFirewallPolicies' {..} =+ Data.object+ ( Prelude.catMaybes+ [ ("MaxResults" Data..=) Prelude.<$> maxResults,+ ("NextToken" Data..=) Prelude.<$> nextToken+ ]+ )++instance Data.ToPath ListFirewallPolicies where+ toPath = Prelude.const "/"++instance Data.ToQuery ListFirewallPolicies where+ toQuery = Prelude.const Prelude.mempty++-- | /See:/ 'newListFirewallPoliciesResponse' smart constructor.+data ListFirewallPoliciesResponse = ListFirewallPoliciesResponse'+ { -- | The metadata for the firewall policies. Depending on your setting for+ -- max results and the number of firewall policies that you have, this+ -- might not be the full list.+ firewallPolicies :: Prelude.Maybe [FirewallPolicyMetadata],+ -- | When you request a list of objects with a @MaxResults@ setting, if the+ -- number of objects that are still available for retrieval exceeds the+ -- maximum you requested, Network Firewall returns a @NextToken@ value in+ -- the response. To retrieve the next batch of objects, use the token+ -- returned from the prior request in your next request.+ nextToken :: Prelude.Maybe Prelude.Text,+ -- | The response's http status code.+ httpStatus :: Prelude.Int+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'ListFirewallPoliciesResponse' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'firewallPolicies', 'listFirewallPoliciesResponse_firewallPolicies' - The metadata for the firewall policies. Depending on your setting for+-- max results and the number of firewall policies that you have, this+-- might not be the full list.+--+-- 'nextToken', 'listFirewallPoliciesResponse_nextToken' - When you request a list of objects with a @MaxResults@ setting, if the+-- number of objects that are still available for retrieval exceeds the+-- maximum you requested, Network Firewall returns a @NextToken@ value in+-- the response. To retrieve the next batch of objects, use the token+-- returned from the prior request in your next request.+--+-- 'httpStatus', 'listFirewallPoliciesResponse_httpStatus' - The response's http status code.+newListFirewallPoliciesResponse ::+ -- | 'httpStatus'+ Prelude.Int ->+ ListFirewallPoliciesResponse+newListFirewallPoliciesResponse pHttpStatus_ =+ ListFirewallPoliciesResponse'+ { firewallPolicies =+ Prelude.Nothing,+ nextToken = Prelude.Nothing,+ httpStatus = pHttpStatus_+ }++-- | The metadata for the firewall policies. Depending on your setting for+-- max results and the number of firewall policies that you have, this+-- might not be the full list.+listFirewallPoliciesResponse_firewallPolicies :: Lens.Lens' ListFirewallPoliciesResponse (Prelude.Maybe [FirewallPolicyMetadata])+listFirewallPoliciesResponse_firewallPolicies = Lens.lens (\ListFirewallPoliciesResponse' {firewallPolicies} -> firewallPolicies) (\s@ListFirewallPoliciesResponse' {} a -> s {firewallPolicies = a} :: ListFirewallPoliciesResponse) Prelude.. Lens.mapping Lens.coerced++-- | When you request a list of objects with a @MaxResults@ setting, if the+-- number of objects that are still available for retrieval exceeds the+-- maximum you requested, Network Firewall returns a @NextToken@ value in+-- the response. To retrieve the next batch of objects, use the token+-- returned from the prior request in your next request.+listFirewallPoliciesResponse_nextToken :: Lens.Lens' ListFirewallPoliciesResponse (Prelude.Maybe Prelude.Text)+listFirewallPoliciesResponse_nextToken = Lens.lens (\ListFirewallPoliciesResponse' {nextToken} -> nextToken) (\s@ListFirewallPoliciesResponse' {} a -> s {nextToken = a} :: ListFirewallPoliciesResponse)++-- | The response's http status code.+listFirewallPoliciesResponse_httpStatus :: Lens.Lens' ListFirewallPoliciesResponse Prelude.Int+listFirewallPoliciesResponse_httpStatus = Lens.lens (\ListFirewallPoliciesResponse' {httpStatus} -> httpStatus) (\s@ListFirewallPoliciesResponse' {} a -> s {httpStatus = a} :: ListFirewallPoliciesResponse)++instance Prelude.NFData ListFirewallPoliciesResponse where+ rnf ListFirewallPoliciesResponse' {..} =+ Prelude.rnf firewallPolicies+ `Prelude.seq` Prelude.rnf nextToken+ `Prelude.seq` Prelude.rnf httpStatus
+ gen/Amazonka/NetworkFirewall/ListFirewalls.hs view
@@ -0,0 +1,282 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE TypeFamilies #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-binds #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.ListFirewalls+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+--+-- Retrieves the metadata for the firewalls that you have defined. If you+-- provide VPC identifiers in your request, this returns only the firewalls+-- for those VPCs.+--+-- Depending on your setting for max results and the number of firewalls, a+-- single call might not return the full list.+--+-- This operation returns paginated results.+module Amazonka.NetworkFirewall.ListFirewalls+ ( -- * Creating a Request+ ListFirewalls (..),+ newListFirewalls,++ -- * Request Lenses+ listFirewalls_maxResults,+ listFirewalls_nextToken,+ listFirewalls_vpcIds,++ -- * Destructuring the Response+ ListFirewallsResponse (..),+ newListFirewallsResponse,++ -- * Response Lenses+ listFirewallsResponse_firewalls,+ listFirewallsResponse_nextToken,+ listFirewallsResponse_httpStatus,+ )+where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import Amazonka.NetworkFirewall.Types+import qualified Amazonka.Prelude as Prelude+import qualified Amazonka.Request as Request+import qualified Amazonka.Response as Response++-- | /See:/ 'newListFirewalls' smart constructor.+data ListFirewalls = ListFirewalls'+ { -- | The maximum number of objects that you want Network Firewall to return+ -- for this request. If more objects are available, in the response,+ -- Network Firewall provides a @NextToken@ value that you can use in a+ -- subsequent call to get the next batch of objects.+ maxResults :: Prelude.Maybe Prelude.Natural,+ -- | When you request a list of objects with a @MaxResults@ setting, if the+ -- number of objects that are still available for retrieval exceeds the+ -- maximum you requested, Network Firewall returns a @NextToken@ value in+ -- the response. To retrieve the next batch of objects, use the token+ -- returned from the prior request in your next request.+ nextToken :: Prelude.Maybe Prelude.Text,+ -- | The unique identifiers of the VPCs that you want Network Firewall to+ -- retrieve the firewalls for. Leave this blank to retrieve all firewalls+ -- that you have defined.+ vpcIds :: Prelude.Maybe [Prelude.Text]+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'ListFirewalls' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'maxResults', 'listFirewalls_maxResults' - The maximum number of objects that you want Network Firewall to return+-- for this request. If more objects are available, in the response,+-- Network Firewall provides a @NextToken@ value that you can use in a+-- subsequent call to get the next batch of objects.+--+-- 'nextToken', 'listFirewalls_nextToken' - When you request a list of objects with a @MaxResults@ setting, if the+-- number of objects that are still available for retrieval exceeds the+-- maximum you requested, Network Firewall returns a @NextToken@ value in+-- the response. To retrieve the next batch of objects, use the token+-- returned from the prior request in your next request.+--+-- 'vpcIds', 'listFirewalls_vpcIds' - The unique identifiers of the VPCs that you want Network Firewall to+-- retrieve the firewalls for. Leave this blank to retrieve all firewalls+-- that you have defined.+newListFirewalls ::+ ListFirewalls+newListFirewalls =+ ListFirewalls'+ { maxResults = Prelude.Nothing,+ nextToken = Prelude.Nothing,+ vpcIds = Prelude.Nothing+ }++-- | The maximum number of objects that you want Network Firewall to return+-- for this request. If more objects are available, in the response,+-- Network Firewall provides a @NextToken@ value that you can use in a+-- subsequent call to get the next batch of objects.+listFirewalls_maxResults :: Lens.Lens' ListFirewalls (Prelude.Maybe Prelude.Natural)+listFirewalls_maxResults = Lens.lens (\ListFirewalls' {maxResults} -> maxResults) (\s@ListFirewalls' {} a -> s {maxResults = a} :: ListFirewalls)++-- | When you request a list of objects with a @MaxResults@ setting, if the+-- number of objects that are still available for retrieval exceeds the+-- maximum you requested, Network Firewall returns a @NextToken@ value in+-- the response. To retrieve the next batch of objects, use the token+-- returned from the prior request in your next request.+listFirewalls_nextToken :: Lens.Lens' ListFirewalls (Prelude.Maybe Prelude.Text)+listFirewalls_nextToken = Lens.lens (\ListFirewalls' {nextToken} -> nextToken) (\s@ListFirewalls' {} a -> s {nextToken = a} :: ListFirewalls)++-- | The unique identifiers of the VPCs that you want Network Firewall to+-- retrieve the firewalls for. Leave this blank to retrieve all firewalls+-- that you have defined.+listFirewalls_vpcIds :: Lens.Lens' ListFirewalls (Prelude.Maybe [Prelude.Text])+listFirewalls_vpcIds = Lens.lens (\ListFirewalls' {vpcIds} -> vpcIds) (\s@ListFirewalls' {} a -> s {vpcIds = a} :: ListFirewalls) Prelude.. Lens.mapping Lens.coerced++instance Core.AWSPager ListFirewalls where+ page rq rs+ | Core.stop+ ( rs+ Lens.^? listFirewallsResponse_nextToken+ Prelude.. Lens._Just+ ) =+ Prelude.Nothing+ | Core.stop+ ( rs+ Lens.^? listFirewallsResponse_firewalls+ Prelude.. Lens._Just+ ) =+ Prelude.Nothing+ | Prelude.otherwise =+ Prelude.Just+ Prelude.$ rq+ Prelude.& listFirewalls_nextToken+ Lens..~ rs+ Lens.^? listFirewallsResponse_nextToken+ Prelude.. Lens._Just++instance Core.AWSRequest ListFirewalls where+ type+ AWSResponse ListFirewalls =+ ListFirewallsResponse+ request overrides =+ Request.postJSON (overrides defaultService)+ response =+ Response.receiveJSON+ ( \s h x ->+ ListFirewallsResponse'+ Prelude.<$> (x Data..?> "Firewalls" Core..!@ Prelude.mempty)+ Prelude.<*> (x Data..?> "NextToken")+ Prelude.<*> (Prelude.pure (Prelude.fromEnum s))+ )++instance Prelude.Hashable ListFirewalls where+ hashWithSalt _salt ListFirewalls' {..} =+ _salt+ `Prelude.hashWithSalt` maxResults+ `Prelude.hashWithSalt` nextToken+ `Prelude.hashWithSalt` vpcIds++instance Prelude.NFData ListFirewalls where+ rnf ListFirewalls' {..} =+ Prelude.rnf maxResults+ `Prelude.seq` Prelude.rnf nextToken+ `Prelude.seq` Prelude.rnf vpcIds++instance Data.ToHeaders ListFirewalls where+ toHeaders =+ Prelude.const+ ( Prelude.mconcat+ [ "X-Amz-Target"+ Data.=# ( "NetworkFirewall_20201112.ListFirewalls" ::+ Prelude.ByteString+ ),+ "Content-Type"+ Data.=# ( "application/x-amz-json-1.0" ::+ Prelude.ByteString+ )+ ]+ )++instance Data.ToJSON ListFirewalls where+ toJSON ListFirewalls' {..} =+ Data.object+ ( Prelude.catMaybes+ [ ("MaxResults" Data..=) Prelude.<$> maxResults,+ ("NextToken" Data..=) Prelude.<$> nextToken,+ ("VpcIds" Data..=) Prelude.<$> vpcIds+ ]+ )++instance Data.ToPath ListFirewalls where+ toPath = Prelude.const "/"++instance Data.ToQuery ListFirewalls where+ toQuery = Prelude.const Prelude.mempty++-- | /See:/ 'newListFirewallsResponse' smart constructor.+data ListFirewallsResponse = ListFirewallsResponse'+ { -- | The firewall metadata objects for the VPCs that you specified. Depending+ -- on your setting for max results and the number of firewalls you have, a+ -- single call might not be the full list.+ firewalls :: Prelude.Maybe [FirewallMetadata],+ -- | When you request a list of objects with a @MaxResults@ setting, if the+ -- number of objects that are still available for retrieval exceeds the+ -- maximum you requested, Network Firewall returns a @NextToken@ value in+ -- the response. To retrieve the next batch of objects, use the token+ -- returned from the prior request in your next request.+ nextToken :: Prelude.Maybe Prelude.Text,+ -- | The response's http status code.+ httpStatus :: Prelude.Int+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'ListFirewallsResponse' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'firewalls', 'listFirewallsResponse_firewalls' - The firewall metadata objects for the VPCs that you specified. Depending+-- on your setting for max results and the number of firewalls you have, a+-- single call might not be the full list.+--+-- 'nextToken', 'listFirewallsResponse_nextToken' - When you request a list of objects with a @MaxResults@ setting, if the+-- number of objects that are still available for retrieval exceeds the+-- maximum you requested, Network Firewall returns a @NextToken@ value in+-- the response. To retrieve the next batch of objects, use the token+-- returned from the prior request in your next request.+--+-- 'httpStatus', 'listFirewallsResponse_httpStatus' - The response's http status code.+newListFirewallsResponse ::+ -- | 'httpStatus'+ Prelude.Int ->+ ListFirewallsResponse+newListFirewallsResponse pHttpStatus_ =+ ListFirewallsResponse'+ { firewalls = Prelude.Nothing,+ nextToken = Prelude.Nothing,+ httpStatus = pHttpStatus_+ }++-- | The firewall metadata objects for the VPCs that you specified. Depending+-- on your setting for max results and the number of firewalls you have, a+-- single call might not be the full list.+listFirewallsResponse_firewalls :: Lens.Lens' ListFirewallsResponse (Prelude.Maybe [FirewallMetadata])+listFirewallsResponse_firewalls = Lens.lens (\ListFirewallsResponse' {firewalls} -> firewalls) (\s@ListFirewallsResponse' {} a -> s {firewalls = a} :: ListFirewallsResponse) Prelude.. Lens.mapping Lens.coerced++-- | When you request a list of objects with a @MaxResults@ setting, if the+-- number of objects that are still available for retrieval exceeds the+-- maximum you requested, Network Firewall returns a @NextToken@ value in+-- the response. To retrieve the next batch of objects, use the token+-- returned from the prior request in your next request.+listFirewallsResponse_nextToken :: Lens.Lens' ListFirewallsResponse (Prelude.Maybe Prelude.Text)+listFirewallsResponse_nextToken = Lens.lens (\ListFirewallsResponse' {nextToken} -> nextToken) (\s@ListFirewallsResponse' {} a -> s {nextToken = a} :: ListFirewallsResponse)++-- | The response's http status code.+listFirewallsResponse_httpStatus :: Lens.Lens' ListFirewallsResponse Prelude.Int+listFirewallsResponse_httpStatus = Lens.lens (\ListFirewallsResponse' {httpStatus} -> httpStatus) (\s@ListFirewallsResponse' {} a -> s {httpStatus = a} :: ListFirewallsResponse)++instance Prelude.NFData ListFirewallsResponse where+ rnf ListFirewallsResponse' {..} =+ Prelude.rnf firewalls+ `Prelude.seq` Prelude.rnf nextToken+ `Prelude.seq` Prelude.rnf httpStatus
+ gen/Amazonka/NetworkFirewall/ListRuleGroups.hs view
@@ -0,0 +1,315 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE TypeFamilies #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-binds #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.ListRuleGroups+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+--+-- Retrieves the metadata for the rule groups that you have defined.+-- Depending on your setting for max results and the number of rule groups,+-- a single call might not return the full list.+--+-- This operation returns paginated results.+module Amazonka.NetworkFirewall.ListRuleGroups+ ( -- * Creating a Request+ ListRuleGroups (..),+ newListRuleGroups,++ -- * Request Lenses+ listRuleGroups_managedType,+ listRuleGroups_maxResults,+ listRuleGroups_nextToken,+ listRuleGroups_scope,+ listRuleGroups_type,++ -- * Destructuring the Response+ ListRuleGroupsResponse (..),+ newListRuleGroupsResponse,++ -- * Response Lenses+ listRuleGroupsResponse_nextToken,+ listRuleGroupsResponse_ruleGroups,+ listRuleGroupsResponse_httpStatus,+ )+where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import Amazonka.NetworkFirewall.Types+import qualified Amazonka.Prelude as Prelude+import qualified Amazonka.Request as Request+import qualified Amazonka.Response as Response++-- | /See:/ 'newListRuleGroups' smart constructor.+data ListRuleGroups = ListRuleGroups'+ { -- | Indicates the general category of the Amazon Web Services managed rule+ -- group.+ managedType :: Prelude.Maybe ResourceManagedType,+ -- | The maximum number of objects that you want Network Firewall to return+ -- for this request. If more objects are available, in the response,+ -- Network Firewall provides a @NextToken@ value that you can use in a+ -- subsequent call to get the next batch of objects.+ maxResults :: Prelude.Maybe Prelude.Natural,+ -- | When you request a list of objects with a @MaxResults@ setting, if the+ -- number of objects that are still available for retrieval exceeds the+ -- maximum you requested, Network Firewall returns a @NextToken@ value in+ -- the response. To retrieve the next batch of objects, use the token+ -- returned from the prior request in your next request.+ nextToken :: Prelude.Maybe Prelude.Text,+ -- | The scope of the request. The default setting of @ACCOUNT@ or a setting+ -- of @NULL@ returns all of the rule groups in your account. A setting of+ -- @MANAGED@ returns all available managed rule groups.+ scope :: Prelude.Maybe ResourceManagedStatus,+ -- | Indicates whether the rule group is stateless or stateful. If the rule+ -- group is stateless, it contains stateless rules. If it is stateful, it+ -- contains stateful rules.+ type' :: Prelude.Maybe RuleGroupType+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'ListRuleGroups' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'managedType', 'listRuleGroups_managedType' - Indicates the general category of the Amazon Web Services managed rule+-- group.+--+-- 'maxResults', 'listRuleGroups_maxResults' - The maximum number of objects that you want Network Firewall to return+-- for this request. If more objects are available, in the response,+-- Network Firewall provides a @NextToken@ value that you can use in a+-- subsequent call to get the next batch of objects.+--+-- 'nextToken', 'listRuleGroups_nextToken' - When you request a list of objects with a @MaxResults@ setting, if the+-- number of objects that are still available for retrieval exceeds the+-- maximum you requested, Network Firewall returns a @NextToken@ value in+-- the response. To retrieve the next batch of objects, use the token+-- returned from the prior request in your next request.+--+-- 'scope', 'listRuleGroups_scope' - The scope of the request. The default setting of @ACCOUNT@ or a setting+-- of @NULL@ returns all of the rule groups in your account. A setting of+-- @MANAGED@ returns all available managed rule groups.+--+-- 'type'', 'listRuleGroups_type' - Indicates whether the rule group is stateless or stateful. If the rule+-- group is stateless, it contains stateless rules. If it is stateful, it+-- contains stateful rules.+newListRuleGroups ::+ ListRuleGroups+newListRuleGroups =+ ListRuleGroups'+ { managedType = Prelude.Nothing,+ maxResults = Prelude.Nothing,+ nextToken = Prelude.Nothing,+ scope = Prelude.Nothing,+ type' = Prelude.Nothing+ }++-- | Indicates the general category of the Amazon Web Services managed rule+-- group.+listRuleGroups_managedType :: Lens.Lens' ListRuleGroups (Prelude.Maybe ResourceManagedType)+listRuleGroups_managedType = Lens.lens (\ListRuleGroups' {managedType} -> managedType) (\s@ListRuleGroups' {} a -> s {managedType = a} :: ListRuleGroups)++-- | The maximum number of objects that you want Network Firewall to return+-- for this request. If more objects are available, in the response,+-- Network Firewall provides a @NextToken@ value that you can use in a+-- subsequent call to get the next batch of objects.+listRuleGroups_maxResults :: Lens.Lens' ListRuleGroups (Prelude.Maybe Prelude.Natural)+listRuleGroups_maxResults = Lens.lens (\ListRuleGroups' {maxResults} -> maxResults) (\s@ListRuleGroups' {} a -> s {maxResults = a} :: ListRuleGroups)++-- | When you request a list of objects with a @MaxResults@ setting, if the+-- number of objects that are still available for retrieval exceeds the+-- maximum you requested, Network Firewall returns a @NextToken@ value in+-- the response. To retrieve the next batch of objects, use the token+-- returned from the prior request in your next request.+listRuleGroups_nextToken :: Lens.Lens' ListRuleGroups (Prelude.Maybe Prelude.Text)+listRuleGroups_nextToken = Lens.lens (\ListRuleGroups' {nextToken} -> nextToken) (\s@ListRuleGroups' {} a -> s {nextToken = a} :: ListRuleGroups)++-- | The scope of the request. The default setting of @ACCOUNT@ or a setting+-- of @NULL@ returns all of the rule groups in your account. A setting of+-- @MANAGED@ returns all available managed rule groups.+listRuleGroups_scope :: Lens.Lens' ListRuleGroups (Prelude.Maybe ResourceManagedStatus)+listRuleGroups_scope = Lens.lens (\ListRuleGroups' {scope} -> scope) (\s@ListRuleGroups' {} a -> s {scope = a} :: ListRuleGroups)++-- | Indicates whether the rule group is stateless or stateful. If the rule+-- group is stateless, it contains stateless rules. If it is stateful, it+-- contains stateful rules.+listRuleGroups_type :: Lens.Lens' ListRuleGroups (Prelude.Maybe RuleGroupType)+listRuleGroups_type = Lens.lens (\ListRuleGroups' {type'} -> type') (\s@ListRuleGroups' {} a -> s {type' = a} :: ListRuleGroups)++instance Core.AWSPager ListRuleGroups where+ page rq rs+ | Core.stop+ ( rs+ Lens.^? listRuleGroupsResponse_nextToken+ Prelude.. Lens._Just+ ) =+ Prelude.Nothing+ | Core.stop+ ( rs+ Lens.^? listRuleGroupsResponse_ruleGroups+ Prelude.. Lens._Just+ ) =+ Prelude.Nothing+ | Prelude.otherwise =+ Prelude.Just+ Prelude.$ rq+ Prelude.& listRuleGroups_nextToken+ Lens..~ rs+ Lens.^? listRuleGroupsResponse_nextToken+ Prelude.. Lens._Just++instance Core.AWSRequest ListRuleGroups where+ type+ AWSResponse ListRuleGroups =+ ListRuleGroupsResponse+ request overrides =+ Request.postJSON (overrides defaultService)+ response =+ Response.receiveJSON+ ( \s h x ->+ ListRuleGroupsResponse'+ Prelude.<$> (x Data..?> "NextToken")+ Prelude.<*> (x Data..?> "RuleGroups" Core..!@ Prelude.mempty)+ Prelude.<*> (Prelude.pure (Prelude.fromEnum s))+ )++instance Prelude.Hashable ListRuleGroups where+ hashWithSalt _salt ListRuleGroups' {..} =+ _salt+ `Prelude.hashWithSalt` managedType+ `Prelude.hashWithSalt` maxResults+ `Prelude.hashWithSalt` nextToken+ `Prelude.hashWithSalt` scope+ `Prelude.hashWithSalt` type'++instance Prelude.NFData ListRuleGroups where+ rnf ListRuleGroups' {..} =+ Prelude.rnf managedType+ `Prelude.seq` Prelude.rnf maxResults+ `Prelude.seq` Prelude.rnf nextToken+ `Prelude.seq` Prelude.rnf scope+ `Prelude.seq` Prelude.rnf type'++instance Data.ToHeaders ListRuleGroups where+ toHeaders =+ Prelude.const+ ( Prelude.mconcat+ [ "X-Amz-Target"+ Data.=# ( "NetworkFirewall_20201112.ListRuleGroups" ::+ Prelude.ByteString+ ),+ "Content-Type"+ Data.=# ( "application/x-amz-json-1.0" ::+ Prelude.ByteString+ )+ ]+ )++instance Data.ToJSON ListRuleGroups where+ toJSON ListRuleGroups' {..} =+ Data.object+ ( Prelude.catMaybes+ [ ("ManagedType" Data..=) Prelude.<$> managedType,+ ("MaxResults" Data..=) Prelude.<$> maxResults,+ ("NextToken" Data..=) Prelude.<$> nextToken,+ ("Scope" Data..=) Prelude.<$> scope,+ ("Type" Data..=) Prelude.<$> type'+ ]+ )++instance Data.ToPath ListRuleGroups where+ toPath = Prelude.const "/"++instance Data.ToQuery ListRuleGroups where+ toQuery = Prelude.const Prelude.mempty++-- | /See:/ 'newListRuleGroupsResponse' smart constructor.+data ListRuleGroupsResponse = ListRuleGroupsResponse'+ { -- | When you request a list of objects with a @MaxResults@ setting, if the+ -- number of objects that are still available for retrieval exceeds the+ -- maximum you requested, Network Firewall returns a @NextToken@ value in+ -- the response. To retrieve the next batch of objects, use the token+ -- returned from the prior request in your next request.+ nextToken :: Prelude.Maybe Prelude.Text,+ -- | The rule group metadata objects that you\'ve defined. Depending on your+ -- setting for max results and the number of rule groups, this might not be+ -- the full list.+ ruleGroups :: Prelude.Maybe [RuleGroupMetadata],+ -- | The response's http status code.+ httpStatus :: Prelude.Int+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'ListRuleGroupsResponse' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'nextToken', 'listRuleGroupsResponse_nextToken' - When you request a list of objects with a @MaxResults@ setting, if the+-- number of objects that are still available for retrieval exceeds the+-- maximum you requested, Network Firewall returns a @NextToken@ value in+-- the response. To retrieve the next batch of objects, use the token+-- returned from the prior request in your next request.+--+-- 'ruleGroups', 'listRuleGroupsResponse_ruleGroups' - The rule group metadata objects that you\'ve defined. Depending on your+-- setting for max results and the number of rule groups, this might not be+-- the full list.+--+-- 'httpStatus', 'listRuleGroupsResponse_httpStatus' - The response's http status code.+newListRuleGroupsResponse ::+ -- | 'httpStatus'+ Prelude.Int ->+ ListRuleGroupsResponse+newListRuleGroupsResponse pHttpStatus_ =+ ListRuleGroupsResponse'+ { nextToken =+ Prelude.Nothing,+ ruleGroups = Prelude.Nothing,+ httpStatus = pHttpStatus_+ }++-- | When you request a list of objects with a @MaxResults@ setting, if the+-- number of objects that are still available for retrieval exceeds the+-- maximum you requested, Network Firewall returns a @NextToken@ value in+-- the response. To retrieve the next batch of objects, use the token+-- returned from the prior request in your next request.+listRuleGroupsResponse_nextToken :: Lens.Lens' ListRuleGroupsResponse (Prelude.Maybe Prelude.Text)+listRuleGroupsResponse_nextToken = Lens.lens (\ListRuleGroupsResponse' {nextToken} -> nextToken) (\s@ListRuleGroupsResponse' {} a -> s {nextToken = a} :: ListRuleGroupsResponse)++-- | The rule group metadata objects that you\'ve defined. Depending on your+-- setting for max results and the number of rule groups, this might not be+-- the full list.+listRuleGroupsResponse_ruleGroups :: Lens.Lens' ListRuleGroupsResponse (Prelude.Maybe [RuleGroupMetadata])+listRuleGroupsResponse_ruleGroups = Lens.lens (\ListRuleGroupsResponse' {ruleGroups} -> ruleGroups) (\s@ListRuleGroupsResponse' {} a -> s {ruleGroups = a} :: ListRuleGroupsResponse) Prelude.. Lens.mapping Lens.coerced++-- | The response's http status code.+listRuleGroupsResponse_httpStatus :: Lens.Lens' ListRuleGroupsResponse Prelude.Int+listRuleGroupsResponse_httpStatus = Lens.lens (\ListRuleGroupsResponse' {httpStatus} -> httpStatus) (\s@ListRuleGroupsResponse' {} a -> s {httpStatus = a} :: ListRuleGroupsResponse)++instance Prelude.NFData ListRuleGroupsResponse where+ rnf ListRuleGroupsResponse' {..} =+ Prelude.rnf nextToken+ `Prelude.seq` Prelude.rnf ruleGroups+ `Prelude.seq` Prelude.rnf httpStatus
+ gen/Amazonka/NetworkFirewall/ListTagsForResource.hs view
@@ -0,0 +1,277 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE TypeFamilies #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-binds #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.ListTagsForResource+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+--+-- Retrieves the tags associated with the specified resource. Tags are+-- key:value pairs that you can use to categorize and manage your+-- resources, for purposes like billing. For example, you might set the tag+-- key to \"customer\" and the value to the customer name or ID. You can+-- specify one or more tags to add to each Amazon Web Services resource, up+-- to 50 tags for a resource.+--+-- You can tag the Amazon Web Services resources that you manage through+-- Network Firewall: firewalls, firewall policies, and rule groups.+--+-- This operation returns paginated results.+module Amazonka.NetworkFirewall.ListTagsForResource+ ( -- * Creating a Request+ ListTagsForResource (..),+ newListTagsForResource,++ -- * Request Lenses+ listTagsForResource_maxResults,+ listTagsForResource_nextToken,+ listTagsForResource_resourceArn,++ -- * Destructuring the Response+ ListTagsForResourceResponse (..),+ newListTagsForResourceResponse,++ -- * Response Lenses+ listTagsForResourceResponse_nextToken,+ listTagsForResourceResponse_tags,+ listTagsForResourceResponse_httpStatus,+ )+where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import Amazonka.NetworkFirewall.Types+import qualified Amazonka.Prelude as Prelude+import qualified Amazonka.Request as Request+import qualified Amazonka.Response as Response++-- | /See:/ 'newListTagsForResource' smart constructor.+data ListTagsForResource = ListTagsForResource'+ { -- | The maximum number of objects that you want Network Firewall to return+ -- for this request. If more objects are available, in the response,+ -- Network Firewall provides a @NextToken@ value that you can use in a+ -- subsequent call to get the next batch of objects.+ maxResults :: Prelude.Maybe Prelude.Natural,+ -- | When you request a list of objects with a @MaxResults@ setting, if the+ -- number of objects that are still available for retrieval exceeds the+ -- maximum you requested, Network Firewall returns a @NextToken@ value in+ -- the response. To retrieve the next batch of objects, use the token+ -- returned from the prior request in your next request.+ nextToken :: Prelude.Maybe Prelude.Text,+ -- | The Amazon Resource Name (ARN) of the resource.+ resourceArn :: Prelude.Text+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'ListTagsForResource' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'maxResults', 'listTagsForResource_maxResults' - The maximum number of objects that you want Network Firewall to return+-- for this request. If more objects are available, in the response,+-- Network Firewall provides a @NextToken@ value that you can use in a+-- subsequent call to get the next batch of objects.+--+-- 'nextToken', 'listTagsForResource_nextToken' - When you request a list of objects with a @MaxResults@ setting, if the+-- number of objects that are still available for retrieval exceeds the+-- maximum you requested, Network Firewall returns a @NextToken@ value in+-- the response. To retrieve the next batch of objects, use the token+-- returned from the prior request in your next request.+--+-- 'resourceArn', 'listTagsForResource_resourceArn' - The Amazon Resource Name (ARN) of the resource.+newListTagsForResource ::+ -- | 'resourceArn'+ Prelude.Text ->+ ListTagsForResource+newListTagsForResource pResourceArn_ =+ ListTagsForResource'+ { maxResults = Prelude.Nothing,+ nextToken = Prelude.Nothing,+ resourceArn = pResourceArn_+ }++-- | The maximum number of objects that you want Network Firewall to return+-- for this request. If more objects are available, in the response,+-- Network Firewall provides a @NextToken@ value that you can use in a+-- subsequent call to get the next batch of objects.+listTagsForResource_maxResults :: Lens.Lens' ListTagsForResource (Prelude.Maybe Prelude.Natural)+listTagsForResource_maxResults = Lens.lens (\ListTagsForResource' {maxResults} -> maxResults) (\s@ListTagsForResource' {} a -> s {maxResults = a} :: ListTagsForResource)++-- | When you request a list of objects with a @MaxResults@ setting, if the+-- number of objects that are still available for retrieval exceeds the+-- maximum you requested, Network Firewall returns a @NextToken@ value in+-- the response. To retrieve the next batch of objects, use the token+-- returned from the prior request in your next request.+listTagsForResource_nextToken :: Lens.Lens' ListTagsForResource (Prelude.Maybe Prelude.Text)+listTagsForResource_nextToken = Lens.lens (\ListTagsForResource' {nextToken} -> nextToken) (\s@ListTagsForResource' {} a -> s {nextToken = a} :: ListTagsForResource)++-- | The Amazon Resource Name (ARN) of the resource.+listTagsForResource_resourceArn :: Lens.Lens' ListTagsForResource Prelude.Text+listTagsForResource_resourceArn = Lens.lens (\ListTagsForResource' {resourceArn} -> resourceArn) (\s@ListTagsForResource' {} a -> s {resourceArn = a} :: ListTagsForResource)++instance Core.AWSPager ListTagsForResource where+ page rq rs+ | Core.stop+ ( rs+ Lens.^? listTagsForResourceResponse_nextToken+ Prelude.. Lens._Just+ ) =+ Prelude.Nothing+ | Core.stop+ ( rs+ Lens.^? listTagsForResourceResponse_tags+ Prelude.. Lens._Just+ Prelude.. Lens.to Prelude.toList+ ) =+ Prelude.Nothing+ | Prelude.otherwise =+ Prelude.Just+ Prelude.$ rq+ Prelude.& listTagsForResource_nextToken+ Lens..~ rs+ Lens.^? listTagsForResourceResponse_nextToken+ Prelude.. Lens._Just++instance Core.AWSRequest ListTagsForResource where+ type+ AWSResponse ListTagsForResource =+ ListTagsForResourceResponse+ request overrides =+ Request.postJSON (overrides defaultService)+ response =+ Response.receiveJSON+ ( \s h x ->+ ListTagsForResourceResponse'+ Prelude.<$> (x Data..?> "NextToken")+ Prelude.<*> (x Data..?> "Tags")+ Prelude.<*> (Prelude.pure (Prelude.fromEnum s))+ )++instance Prelude.Hashable ListTagsForResource where+ hashWithSalt _salt ListTagsForResource' {..} =+ _salt+ `Prelude.hashWithSalt` maxResults+ `Prelude.hashWithSalt` nextToken+ `Prelude.hashWithSalt` resourceArn++instance Prelude.NFData ListTagsForResource where+ rnf ListTagsForResource' {..} =+ Prelude.rnf maxResults+ `Prelude.seq` Prelude.rnf nextToken+ `Prelude.seq` Prelude.rnf resourceArn++instance Data.ToHeaders ListTagsForResource where+ toHeaders =+ Prelude.const+ ( Prelude.mconcat+ [ "X-Amz-Target"+ Data.=# ( "NetworkFirewall_20201112.ListTagsForResource" ::+ Prelude.ByteString+ ),+ "Content-Type"+ Data.=# ( "application/x-amz-json-1.0" ::+ Prelude.ByteString+ )+ ]+ )++instance Data.ToJSON ListTagsForResource where+ toJSON ListTagsForResource' {..} =+ Data.object+ ( Prelude.catMaybes+ [ ("MaxResults" Data..=) Prelude.<$> maxResults,+ ("NextToken" Data..=) Prelude.<$> nextToken,+ Prelude.Just ("ResourceArn" Data..= resourceArn)+ ]+ )++instance Data.ToPath ListTagsForResource where+ toPath = Prelude.const "/"++instance Data.ToQuery ListTagsForResource where+ toQuery = Prelude.const Prelude.mempty++-- | /See:/ 'newListTagsForResourceResponse' smart constructor.+data ListTagsForResourceResponse = ListTagsForResourceResponse'+ { -- | When you request a list of objects with a @MaxResults@ setting, if the+ -- number of objects that are still available for retrieval exceeds the+ -- maximum you requested, Network Firewall returns a @NextToken@ value in+ -- the response. To retrieve the next batch of objects, use the token+ -- returned from the prior request in your next request.+ nextToken :: Prelude.Maybe Prelude.Text,+ -- | The tags that are associated with the resource.+ tags :: Prelude.Maybe (Prelude.NonEmpty Tag),+ -- | The response's http status code.+ httpStatus :: Prelude.Int+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'ListTagsForResourceResponse' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'nextToken', 'listTagsForResourceResponse_nextToken' - When you request a list of objects with a @MaxResults@ setting, if the+-- number of objects that are still available for retrieval exceeds the+-- maximum you requested, Network Firewall returns a @NextToken@ value in+-- the response. To retrieve the next batch of objects, use the token+-- returned from the prior request in your next request.+--+-- 'tags', 'listTagsForResourceResponse_tags' - The tags that are associated with the resource.+--+-- 'httpStatus', 'listTagsForResourceResponse_httpStatus' - The response's http status code.+newListTagsForResourceResponse ::+ -- | 'httpStatus'+ Prelude.Int ->+ ListTagsForResourceResponse+newListTagsForResourceResponse pHttpStatus_ =+ ListTagsForResourceResponse'+ { nextToken =+ Prelude.Nothing,+ tags = Prelude.Nothing,+ httpStatus = pHttpStatus_+ }++-- | When you request a list of objects with a @MaxResults@ setting, if the+-- number of objects that are still available for retrieval exceeds the+-- maximum you requested, Network Firewall returns a @NextToken@ value in+-- the response. To retrieve the next batch of objects, use the token+-- returned from the prior request in your next request.+listTagsForResourceResponse_nextToken :: Lens.Lens' ListTagsForResourceResponse (Prelude.Maybe Prelude.Text)+listTagsForResourceResponse_nextToken = Lens.lens (\ListTagsForResourceResponse' {nextToken} -> nextToken) (\s@ListTagsForResourceResponse' {} a -> s {nextToken = a} :: ListTagsForResourceResponse)++-- | The tags that are associated with the resource.+listTagsForResourceResponse_tags :: Lens.Lens' ListTagsForResourceResponse (Prelude.Maybe (Prelude.NonEmpty Tag))+listTagsForResourceResponse_tags = Lens.lens (\ListTagsForResourceResponse' {tags} -> tags) (\s@ListTagsForResourceResponse' {} a -> s {tags = a} :: ListTagsForResourceResponse) Prelude.. Lens.mapping Lens.coerced++-- | The response's http status code.+listTagsForResourceResponse_httpStatus :: Lens.Lens' ListTagsForResourceResponse Prelude.Int+listTagsForResourceResponse_httpStatus = Lens.lens (\ListTagsForResourceResponse' {httpStatus} -> httpStatus) (\s@ListTagsForResourceResponse' {} a -> s {httpStatus = a} :: ListTagsForResourceResponse)++instance Prelude.NFData ListTagsForResourceResponse where+ rnf ListTagsForResourceResponse' {..} =+ Prelude.rnf nextToken+ `Prelude.seq` Prelude.rnf tags+ `Prelude.seq` Prelude.rnf httpStatus
+ gen/Amazonka/NetworkFirewall/PutResourcePolicy.hs view
@@ -0,0 +1,280 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE TypeFamilies #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-binds #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.PutResourcePolicy+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+--+-- Creates or updates an IAM policy for your rule group or firewall policy.+-- Use this to share rule groups and firewall policies between accounts.+-- This operation works in conjunction with the Amazon Web Services+-- Resource Access Manager (RAM) service to manage resource sharing for+-- Network Firewall.+--+-- Use this operation to create or update a resource policy for your rule+-- group or firewall policy. In the policy, you specify the accounts that+-- you want to share the resource with and the operations that you want the+-- accounts to be able to perform.+--+-- When you add an account in the resource policy, you then run the+-- following Resource Access Manager (RAM) operations to access and accept+-- the shared rule group or firewall policy.+--+-- - <https://docs.aws.amazon.com/ram/latest/APIReference/API_GetResourceShareInvitations.html GetResourceShareInvitations>+-- - Returns the Amazon Resource Names (ARNs) of the resource share+-- invitations.+--+-- - <https://docs.aws.amazon.com/ram/latest/APIReference/API_AcceptResourceShareInvitation.html AcceptResourceShareInvitation>+-- - Accepts the share invitation for a specified resource share.+--+-- For additional information about resource sharing using RAM, see+-- <https://docs.aws.amazon.com/ram/latest/userguide/what-is.html Resource Access Manager User Guide>.+module Amazonka.NetworkFirewall.PutResourcePolicy+ ( -- * Creating a Request+ PutResourcePolicy (..),+ newPutResourcePolicy,++ -- * Request Lenses+ putResourcePolicy_resourceArn,+ putResourcePolicy_policy,++ -- * Destructuring the Response+ PutResourcePolicyResponse (..),+ newPutResourcePolicyResponse,++ -- * Response Lenses+ putResourcePolicyResponse_httpStatus,+ )+where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import Amazonka.NetworkFirewall.Types+import qualified Amazonka.Prelude as Prelude+import qualified Amazonka.Request as Request+import qualified Amazonka.Response as Response++-- | /See:/ 'newPutResourcePolicy' smart constructor.+data PutResourcePolicy = PutResourcePolicy'+ { -- | The Amazon Resource Name (ARN) of the account that you want to share+ -- rule groups and firewall policies with.+ resourceArn :: Prelude.Text,+ -- | The IAM policy statement that lists the accounts that you want to share+ -- your rule group or firewall policy with and the operations that you want+ -- the accounts to be able to perform.+ --+ -- For a rule group resource, you can specify the following operations in+ -- the Actions section of the statement:+ --+ -- - network-firewall:CreateFirewallPolicy+ --+ -- - network-firewall:UpdateFirewallPolicy+ --+ -- - network-firewall:ListRuleGroups+ --+ -- For a firewall policy resource, you can specify the following operations+ -- in the Actions section of the statement:+ --+ -- - network-firewall:CreateFirewall+ --+ -- - network-firewall:UpdateFirewall+ --+ -- - network-firewall:AssociateFirewallPolicy+ --+ -- - network-firewall:ListFirewallPolicies+ --+ -- In the Resource section of the statement, you specify the ARNs for the+ -- rule groups and firewall policies that you want to share with the+ -- account that you specified in @Arn@.+ policy :: Prelude.Text+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'PutResourcePolicy' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'resourceArn', 'putResourcePolicy_resourceArn' - The Amazon Resource Name (ARN) of the account that you want to share+-- rule groups and firewall policies with.+--+-- 'policy', 'putResourcePolicy_policy' - The IAM policy statement that lists the accounts that you want to share+-- your rule group or firewall policy with and the operations that you want+-- the accounts to be able to perform.+--+-- For a rule group resource, you can specify the following operations in+-- the Actions section of the statement:+--+-- - network-firewall:CreateFirewallPolicy+--+-- - network-firewall:UpdateFirewallPolicy+--+-- - network-firewall:ListRuleGroups+--+-- For a firewall policy resource, you can specify the following operations+-- in the Actions section of the statement:+--+-- - network-firewall:CreateFirewall+--+-- - network-firewall:UpdateFirewall+--+-- - network-firewall:AssociateFirewallPolicy+--+-- - network-firewall:ListFirewallPolicies+--+-- In the Resource section of the statement, you specify the ARNs for the+-- rule groups and firewall policies that you want to share with the+-- account that you specified in @Arn@.+newPutResourcePolicy ::+ -- | 'resourceArn'+ Prelude.Text ->+ -- | 'policy'+ Prelude.Text ->+ PutResourcePolicy+newPutResourcePolicy pResourceArn_ pPolicy_ =+ PutResourcePolicy'+ { resourceArn = pResourceArn_,+ policy = pPolicy_+ }++-- | The Amazon Resource Name (ARN) of the account that you want to share+-- rule groups and firewall policies with.+putResourcePolicy_resourceArn :: Lens.Lens' PutResourcePolicy Prelude.Text+putResourcePolicy_resourceArn = Lens.lens (\PutResourcePolicy' {resourceArn} -> resourceArn) (\s@PutResourcePolicy' {} a -> s {resourceArn = a} :: PutResourcePolicy)++-- | The IAM policy statement that lists the accounts that you want to share+-- your rule group or firewall policy with and the operations that you want+-- the accounts to be able to perform.+--+-- For a rule group resource, you can specify the following operations in+-- the Actions section of the statement:+--+-- - network-firewall:CreateFirewallPolicy+--+-- - network-firewall:UpdateFirewallPolicy+--+-- - network-firewall:ListRuleGroups+--+-- For a firewall policy resource, you can specify the following operations+-- in the Actions section of the statement:+--+-- - network-firewall:CreateFirewall+--+-- - network-firewall:UpdateFirewall+--+-- - network-firewall:AssociateFirewallPolicy+--+-- - network-firewall:ListFirewallPolicies+--+-- In the Resource section of the statement, you specify the ARNs for the+-- rule groups and firewall policies that you want to share with the+-- account that you specified in @Arn@.+putResourcePolicy_policy :: Lens.Lens' PutResourcePolicy Prelude.Text+putResourcePolicy_policy = Lens.lens (\PutResourcePolicy' {policy} -> policy) (\s@PutResourcePolicy' {} a -> s {policy = a} :: PutResourcePolicy)++instance Core.AWSRequest PutResourcePolicy where+ type+ AWSResponse PutResourcePolicy =+ PutResourcePolicyResponse+ request overrides =+ Request.postJSON (overrides defaultService)+ response =+ Response.receiveEmpty+ ( \s h x ->+ PutResourcePolicyResponse'+ Prelude.<$> (Prelude.pure (Prelude.fromEnum s))+ )++instance Prelude.Hashable PutResourcePolicy where+ hashWithSalt _salt PutResourcePolicy' {..} =+ _salt+ `Prelude.hashWithSalt` resourceArn+ `Prelude.hashWithSalt` policy++instance Prelude.NFData PutResourcePolicy where+ rnf PutResourcePolicy' {..} =+ Prelude.rnf resourceArn+ `Prelude.seq` Prelude.rnf policy++instance Data.ToHeaders PutResourcePolicy where+ toHeaders =+ Prelude.const+ ( Prelude.mconcat+ [ "X-Amz-Target"+ Data.=# ( "NetworkFirewall_20201112.PutResourcePolicy" ::+ Prelude.ByteString+ ),+ "Content-Type"+ Data.=# ( "application/x-amz-json-1.0" ::+ Prelude.ByteString+ )+ ]+ )++instance Data.ToJSON PutResourcePolicy where+ toJSON PutResourcePolicy' {..} =+ Data.object+ ( Prelude.catMaybes+ [ Prelude.Just ("ResourceArn" Data..= resourceArn),+ Prelude.Just ("Policy" Data..= policy)+ ]+ )++instance Data.ToPath PutResourcePolicy where+ toPath = Prelude.const "/"++instance Data.ToQuery PutResourcePolicy where+ toQuery = Prelude.const Prelude.mempty++-- | /See:/ 'newPutResourcePolicyResponse' smart constructor.+data PutResourcePolicyResponse = PutResourcePolicyResponse'+ { -- | The response's http status code.+ httpStatus :: Prelude.Int+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'PutResourcePolicyResponse' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'httpStatus', 'putResourcePolicyResponse_httpStatus' - The response's http status code.+newPutResourcePolicyResponse ::+ -- | 'httpStatus'+ Prelude.Int ->+ PutResourcePolicyResponse+newPutResourcePolicyResponse pHttpStatus_ =+ PutResourcePolicyResponse'+ { httpStatus =+ pHttpStatus_+ }++-- | The response's http status code.+putResourcePolicyResponse_httpStatus :: Lens.Lens' PutResourcePolicyResponse Prelude.Int+putResourcePolicyResponse_httpStatus = Lens.lens (\PutResourcePolicyResponse' {httpStatus} -> httpStatus) (\s@PutResourcePolicyResponse' {} a -> s {httpStatus = a} :: PutResourcePolicyResponse)++instance Prelude.NFData PutResourcePolicyResponse where+ rnf PutResourcePolicyResponse' {..} =+ Prelude.rnf httpStatus
+ gen/Amazonka/NetworkFirewall/TagResource.hs view
@@ -0,0 +1,176 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE TypeFamilies #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-binds #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.TagResource+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+--+-- Adds the specified tags to the specified resource. Tags are key:value+-- pairs that you can use to categorize and manage your resources, for+-- purposes like billing. For example, you might set the tag key to+-- \"customer\" and the value to the customer name or ID. You can specify+-- one or more tags to add to each Amazon Web Services resource, up to 50+-- tags for a resource.+--+-- You can tag the Amazon Web Services resources that you manage through+-- Network Firewall: firewalls, firewall policies, and rule groups.+module Amazonka.NetworkFirewall.TagResource+ ( -- * Creating a Request+ TagResource (..),+ newTagResource,++ -- * Request Lenses+ tagResource_resourceArn,+ tagResource_tags,++ -- * Destructuring the Response+ TagResourceResponse (..),+ newTagResourceResponse,++ -- * Response Lenses+ tagResourceResponse_httpStatus,+ )+where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import Amazonka.NetworkFirewall.Types+import qualified Amazonka.Prelude as Prelude+import qualified Amazonka.Request as Request+import qualified Amazonka.Response as Response++-- | /See:/ 'newTagResource' smart constructor.+data TagResource = TagResource'+ { -- | The Amazon Resource Name (ARN) of the resource.+ resourceArn :: Prelude.Text,+ tags :: Prelude.NonEmpty Tag+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'TagResource' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'resourceArn', 'tagResource_resourceArn' - The Amazon Resource Name (ARN) of the resource.+--+-- 'tags', 'tagResource_tags' -+newTagResource ::+ -- | 'resourceArn'+ Prelude.Text ->+ -- | 'tags'+ Prelude.NonEmpty Tag ->+ TagResource+newTagResource pResourceArn_ pTags_ =+ TagResource'+ { resourceArn = pResourceArn_,+ tags = Lens.coerced Lens.# pTags_+ }++-- | The Amazon Resource Name (ARN) of the resource.+tagResource_resourceArn :: Lens.Lens' TagResource Prelude.Text+tagResource_resourceArn = Lens.lens (\TagResource' {resourceArn} -> resourceArn) (\s@TagResource' {} a -> s {resourceArn = a} :: TagResource)++tagResource_tags :: Lens.Lens' TagResource (Prelude.NonEmpty Tag)+tagResource_tags = Lens.lens (\TagResource' {tags} -> tags) (\s@TagResource' {} a -> s {tags = a} :: TagResource) Prelude.. Lens.coerced++instance Core.AWSRequest TagResource where+ type AWSResponse TagResource = TagResourceResponse+ request overrides =+ Request.postJSON (overrides defaultService)+ response =+ Response.receiveEmpty+ ( \s h x ->+ TagResourceResponse'+ Prelude.<$> (Prelude.pure (Prelude.fromEnum s))+ )++instance Prelude.Hashable TagResource where+ hashWithSalt _salt TagResource' {..} =+ _salt+ `Prelude.hashWithSalt` resourceArn+ `Prelude.hashWithSalt` tags++instance Prelude.NFData TagResource where+ rnf TagResource' {..} =+ Prelude.rnf resourceArn+ `Prelude.seq` Prelude.rnf tags++instance Data.ToHeaders TagResource where+ toHeaders =+ Prelude.const+ ( Prelude.mconcat+ [ "X-Amz-Target"+ Data.=# ( "NetworkFirewall_20201112.TagResource" ::+ Prelude.ByteString+ ),+ "Content-Type"+ Data.=# ( "application/x-amz-json-1.0" ::+ Prelude.ByteString+ )+ ]+ )++instance Data.ToJSON TagResource where+ toJSON TagResource' {..} =+ Data.object+ ( Prelude.catMaybes+ [ Prelude.Just ("ResourceArn" Data..= resourceArn),+ Prelude.Just ("Tags" Data..= tags)+ ]+ )++instance Data.ToPath TagResource where+ toPath = Prelude.const "/"++instance Data.ToQuery TagResource where+ toQuery = Prelude.const Prelude.mempty++-- | /See:/ 'newTagResourceResponse' smart constructor.+data TagResourceResponse = TagResourceResponse'+ { -- | The response's http status code.+ httpStatus :: Prelude.Int+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'TagResourceResponse' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'httpStatus', 'tagResourceResponse_httpStatus' - The response's http status code.+newTagResourceResponse ::+ -- | 'httpStatus'+ Prelude.Int ->+ TagResourceResponse+newTagResourceResponse pHttpStatus_ =+ TagResourceResponse' {httpStatus = pHttpStatus_}++-- | The response's http status code.+tagResourceResponse_httpStatus :: Lens.Lens' TagResourceResponse Prelude.Int+tagResourceResponse_httpStatus = Lens.lens (\TagResourceResponse' {httpStatus} -> httpStatus) (\s@TagResourceResponse' {} a -> s {httpStatus = a} :: TagResourceResponse)++instance Prelude.NFData TagResourceResponse where+ rnf TagResourceResponse' {..} = Prelude.rnf httpStatus
+ gen/Amazonka/NetworkFirewall/Types.hs view
@@ -0,0 +1,658 @@+{-# LANGUAGE DisambiguateRecordFields #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.Types+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.Types+ ( -- * Service Configuration+ defaultService,++ -- * Errors+ _InsufficientCapacityException,+ _InternalServerError,+ _InvalidOperationException,+ _InvalidRequestException,+ _InvalidResourcePolicyException,+ _InvalidTokenException,+ _LimitExceededException,+ _LogDestinationPermissionException,+ _ResourceNotFoundException,+ _ResourceOwnerCheckException,+ _ThrottlingException,+ _UnsupportedOperationException,++ -- * AttachmentStatus+ AttachmentStatus (..),++ -- * ConfigurationSyncState+ ConfigurationSyncState (..),++ -- * EncryptionType+ EncryptionType (..),++ -- * FirewallStatusValue+ FirewallStatusValue (..),++ -- * GeneratedRulesType+ GeneratedRulesType (..),++ -- * LogDestinationType+ LogDestinationType (..),++ -- * LogType+ LogType (..),++ -- * OverrideAction+ OverrideAction (..),++ -- * PerObjectSyncStatus+ PerObjectSyncStatus (..),++ -- * ResourceManagedStatus+ ResourceManagedStatus (..),++ -- * ResourceManagedType+ ResourceManagedType (..),++ -- * ResourceStatus+ ResourceStatus (..),++ -- * RuleGroupType+ RuleGroupType (..),++ -- * RuleOrder+ RuleOrder (..),++ -- * StatefulAction+ StatefulAction (..),++ -- * StatefulRuleDirection+ StatefulRuleDirection (..),++ -- * StatefulRuleProtocol+ StatefulRuleProtocol (..),++ -- * StreamExceptionPolicy+ StreamExceptionPolicy (..),++ -- * TCPFlag+ TCPFlag (..),++ -- * TargetType+ TargetType (..),++ -- * ActionDefinition+ ActionDefinition (..),+ newActionDefinition,+ actionDefinition_publishMetricAction,++ -- * Address+ Address (..),+ newAddress,+ address_addressDefinition,++ -- * Attachment+ Attachment (..),+ newAttachment,+ attachment_endpointId,+ attachment_status,+ attachment_statusMessage,+ attachment_subnetId,++ -- * CIDRSummary+ CIDRSummary (..),+ newCIDRSummary,+ cIDRSummary_availableCIDRCount,+ cIDRSummary_iPSetReferences,+ cIDRSummary_utilizedCIDRCount,++ -- * CapacityUsageSummary+ CapacityUsageSummary (..),+ newCapacityUsageSummary,+ capacityUsageSummary_cIDRs,++ -- * CustomAction+ CustomAction (..),+ newCustomAction,+ customAction_actionName,+ customAction_actionDefinition,++ -- * Dimension+ Dimension (..),+ newDimension,+ dimension_value,++ -- * EncryptionConfiguration+ EncryptionConfiguration (..),+ newEncryptionConfiguration,+ encryptionConfiguration_keyId,+ encryptionConfiguration_type,++ -- * Firewall+ Firewall (..),+ newFirewall,+ firewall_deleteProtection,+ firewall_description,+ firewall_encryptionConfiguration,+ firewall_firewallArn,+ firewall_firewallName,+ firewall_firewallPolicyChangeProtection,+ firewall_subnetChangeProtection,+ firewall_tags,+ firewall_firewallPolicyArn,+ firewall_vpcId,+ firewall_subnetMappings,+ firewall_firewallId,++ -- * FirewallMetadata+ FirewallMetadata (..),+ newFirewallMetadata,+ firewallMetadata_firewallArn,+ firewallMetadata_firewallName,++ -- * FirewallPolicy+ FirewallPolicy (..),+ newFirewallPolicy,+ firewallPolicy_statefulDefaultActions,+ firewallPolicy_statefulEngineOptions,+ firewallPolicy_statefulRuleGroupReferences,+ firewallPolicy_statelessCustomActions,+ firewallPolicy_statelessRuleGroupReferences,+ firewallPolicy_statelessDefaultActions,+ firewallPolicy_statelessFragmentDefaultActions,++ -- * FirewallPolicyMetadata+ FirewallPolicyMetadata (..),+ newFirewallPolicyMetadata,+ firewallPolicyMetadata_arn,+ firewallPolicyMetadata_name,++ -- * FirewallPolicyResponse+ FirewallPolicyResponse (..),+ newFirewallPolicyResponse,+ firewallPolicyResponse_consumedStatefulRuleCapacity,+ firewallPolicyResponse_consumedStatelessRuleCapacity,+ firewallPolicyResponse_description,+ firewallPolicyResponse_encryptionConfiguration,+ firewallPolicyResponse_firewallPolicyStatus,+ firewallPolicyResponse_lastModifiedTime,+ firewallPolicyResponse_numberOfAssociations,+ firewallPolicyResponse_tags,+ firewallPolicyResponse_firewallPolicyName,+ firewallPolicyResponse_firewallPolicyArn,+ firewallPolicyResponse_firewallPolicyId,++ -- * FirewallStatus+ FirewallStatus (..),+ newFirewallStatus,+ firewallStatus_capacityUsageSummary,+ firewallStatus_syncStates,+ firewallStatus_status,+ firewallStatus_configurationSyncStateSummary,++ -- * Header+ Header (..),+ newHeader,+ header_protocol,+ header_source,+ header_sourcePort,+ header_direction,+ header_destination,+ header_destinationPort,++ -- * IPSet+ IPSet (..),+ newIPSet,+ iPSet_definition,++ -- * IPSetMetadata+ IPSetMetadata (..),+ newIPSetMetadata,+ iPSetMetadata_resolvedCIDRCount,++ -- * IPSetReference+ IPSetReference (..),+ newIPSetReference,+ iPSetReference_referenceArn,++ -- * LogDestinationConfig+ LogDestinationConfig (..),+ newLogDestinationConfig,+ logDestinationConfig_logType,+ logDestinationConfig_logDestinationType,+ logDestinationConfig_logDestination,++ -- * LoggingConfiguration+ LoggingConfiguration (..),+ newLoggingConfiguration,+ loggingConfiguration_logDestinationConfigs,++ -- * MatchAttributes+ MatchAttributes (..),+ newMatchAttributes,+ matchAttributes_destinationPorts,+ matchAttributes_destinations,+ matchAttributes_protocols,+ matchAttributes_sourcePorts,+ matchAttributes_sources,+ matchAttributes_tCPFlags,++ -- * PerObjectStatus+ PerObjectStatus (..),+ newPerObjectStatus,+ perObjectStatus_syncStatus,+ perObjectStatus_updateToken,++ -- * PortRange+ PortRange (..),+ newPortRange,+ portRange_fromPort,+ portRange_toPort,++ -- * PortSet+ PortSet (..),+ newPortSet,+ portSet_definition,++ -- * PublishMetricAction+ PublishMetricAction (..),+ newPublishMetricAction,+ publishMetricAction_dimensions,++ -- * ReferenceSets+ ReferenceSets (..),+ newReferenceSets,+ referenceSets_iPSetReferences,++ -- * RuleDefinition+ RuleDefinition (..),+ newRuleDefinition,+ ruleDefinition_matchAttributes,+ ruleDefinition_actions,++ -- * RuleGroup+ RuleGroup (..),+ newRuleGroup,+ ruleGroup_referenceSets,+ ruleGroup_ruleVariables,+ ruleGroup_statefulRuleOptions,+ ruleGroup_rulesSource,++ -- * RuleGroupMetadata+ RuleGroupMetadata (..),+ newRuleGroupMetadata,+ ruleGroupMetadata_arn,+ ruleGroupMetadata_name,++ -- * RuleGroupResponse+ RuleGroupResponse (..),+ newRuleGroupResponse,+ ruleGroupResponse_capacity,+ ruleGroupResponse_consumedCapacity,+ ruleGroupResponse_description,+ ruleGroupResponse_encryptionConfiguration,+ ruleGroupResponse_lastModifiedTime,+ ruleGroupResponse_numberOfAssociations,+ ruleGroupResponse_ruleGroupStatus,+ ruleGroupResponse_snsTopic,+ ruleGroupResponse_sourceMetadata,+ ruleGroupResponse_tags,+ ruleGroupResponse_type,+ ruleGroupResponse_ruleGroupArn,+ ruleGroupResponse_ruleGroupName,+ ruleGroupResponse_ruleGroupId,++ -- * RuleOption+ RuleOption (..),+ newRuleOption,+ ruleOption_settings,+ ruleOption_keyword,++ -- * RuleVariables+ RuleVariables (..),+ newRuleVariables,+ ruleVariables_iPSets,+ ruleVariables_portSets,++ -- * RulesSource+ RulesSource (..),+ newRulesSource,+ rulesSource_rulesSourceList,+ rulesSource_rulesString,+ rulesSource_statefulRules,+ rulesSource_statelessRulesAndCustomActions,++ -- * RulesSourceList+ RulesSourceList (..),+ newRulesSourceList,+ rulesSourceList_targets,+ rulesSourceList_targetTypes,+ rulesSourceList_generatedRulesType,++ -- * SourceMetadata+ SourceMetadata (..),+ newSourceMetadata,+ sourceMetadata_sourceArn,+ sourceMetadata_sourceUpdateToken,++ -- * StatefulEngineOptions+ StatefulEngineOptions (..),+ newStatefulEngineOptions,+ statefulEngineOptions_ruleOrder,+ statefulEngineOptions_streamExceptionPolicy,++ -- * StatefulRule+ StatefulRule (..),+ newStatefulRule,+ statefulRule_action,+ statefulRule_header,+ statefulRule_ruleOptions,++ -- * StatefulRuleGroupOverride+ StatefulRuleGroupOverride (..),+ newStatefulRuleGroupOverride,+ statefulRuleGroupOverride_action,++ -- * StatefulRuleGroupReference+ StatefulRuleGroupReference (..),+ newStatefulRuleGroupReference,+ statefulRuleGroupReference_override,+ statefulRuleGroupReference_priority,+ statefulRuleGroupReference_resourceArn,++ -- * StatefulRuleOptions+ StatefulRuleOptions (..),+ newStatefulRuleOptions,+ statefulRuleOptions_ruleOrder,++ -- * StatelessRule+ StatelessRule (..),+ newStatelessRule,+ statelessRule_ruleDefinition,+ statelessRule_priority,++ -- * StatelessRuleGroupReference+ StatelessRuleGroupReference (..),+ newStatelessRuleGroupReference,+ statelessRuleGroupReference_resourceArn,+ statelessRuleGroupReference_priority,++ -- * StatelessRulesAndCustomActions+ StatelessRulesAndCustomActions (..),+ newStatelessRulesAndCustomActions,+ statelessRulesAndCustomActions_customActions,+ statelessRulesAndCustomActions_statelessRules,++ -- * SubnetMapping+ SubnetMapping (..),+ newSubnetMapping,+ subnetMapping_subnetId,++ -- * SyncState+ SyncState (..),+ newSyncState,+ syncState_attachment,+ syncState_config,++ -- * TCPFlagField+ TCPFlagField (..),+ newTCPFlagField,+ tCPFlagField_masks,+ tCPFlagField_flags,++ -- * Tag+ Tag (..),+ newTag,+ tag_key,+ tag_value,+ )+where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import Amazonka.NetworkFirewall.Types.ActionDefinition+import Amazonka.NetworkFirewall.Types.Address+import Amazonka.NetworkFirewall.Types.Attachment+import Amazonka.NetworkFirewall.Types.AttachmentStatus+import Amazonka.NetworkFirewall.Types.CIDRSummary+import Amazonka.NetworkFirewall.Types.CapacityUsageSummary+import Amazonka.NetworkFirewall.Types.ConfigurationSyncState+import Amazonka.NetworkFirewall.Types.CustomAction+import Amazonka.NetworkFirewall.Types.Dimension+import Amazonka.NetworkFirewall.Types.EncryptionConfiguration+import Amazonka.NetworkFirewall.Types.EncryptionType+import Amazonka.NetworkFirewall.Types.Firewall+import Amazonka.NetworkFirewall.Types.FirewallMetadata+import Amazonka.NetworkFirewall.Types.FirewallPolicy+import Amazonka.NetworkFirewall.Types.FirewallPolicyMetadata+import Amazonka.NetworkFirewall.Types.FirewallPolicyResponse+import Amazonka.NetworkFirewall.Types.FirewallStatus+import Amazonka.NetworkFirewall.Types.FirewallStatusValue+import Amazonka.NetworkFirewall.Types.GeneratedRulesType+import Amazonka.NetworkFirewall.Types.Header+import Amazonka.NetworkFirewall.Types.IPSet+import Amazonka.NetworkFirewall.Types.IPSetMetadata+import Amazonka.NetworkFirewall.Types.IPSetReference+import Amazonka.NetworkFirewall.Types.LogDestinationConfig+import Amazonka.NetworkFirewall.Types.LogDestinationType+import Amazonka.NetworkFirewall.Types.LogType+import Amazonka.NetworkFirewall.Types.LoggingConfiguration+import Amazonka.NetworkFirewall.Types.MatchAttributes+import Amazonka.NetworkFirewall.Types.OverrideAction+import Amazonka.NetworkFirewall.Types.PerObjectStatus+import Amazonka.NetworkFirewall.Types.PerObjectSyncStatus+import Amazonka.NetworkFirewall.Types.PortRange+import Amazonka.NetworkFirewall.Types.PortSet+import Amazonka.NetworkFirewall.Types.PublishMetricAction+import Amazonka.NetworkFirewall.Types.ReferenceSets+import Amazonka.NetworkFirewall.Types.ResourceManagedStatus+import Amazonka.NetworkFirewall.Types.ResourceManagedType+import Amazonka.NetworkFirewall.Types.ResourceStatus+import Amazonka.NetworkFirewall.Types.RuleDefinition+import Amazonka.NetworkFirewall.Types.RuleGroup+import Amazonka.NetworkFirewall.Types.RuleGroupMetadata+import Amazonka.NetworkFirewall.Types.RuleGroupResponse+import Amazonka.NetworkFirewall.Types.RuleGroupType+import Amazonka.NetworkFirewall.Types.RuleOption+import Amazonka.NetworkFirewall.Types.RuleOrder+import Amazonka.NetworkFirewall.Types.RuleVariables+import Amazonka.NetworkFirewall.Types.RulesSource+import Amazonka.NetworkFirewall.Types.RulesSourceList+import Amazonka.NetworkFirewall.Types.SourceMetadata+import Amazonka.NetworkFirewall.Types.StatefulAction+import Amazonka.NetworkFirewall.Types.StatefulEngineOptions+import Amazonka.NetworkFirewall.Types.StatefulRule+import Amazonka.NetworkFirewall.Types.StatefulRuleDirection+import Amazonka.NetworkFirewall.Types.StatefulRuleGroupOverride+import Amazonka.NetworkFirewall.Types.StatefulRuleGroupReference+import Amazonka.NetworkFirewall.Types.StatefulRuleOptions+import Amazonka.NetworkFirewall.Types.StatefulRuleProtocol+import Amazonka.NetworkFirewall.Types.StatelessRule+import Amazonka.NetworkFirewall.Types.StatelessRuleGroupReference+import Amazonka.NetworkFirewall.Types.StatelessRulesAndCustomActions+import Amazonka.NetworkFirewall.Types.StreamExceptionPolicy+import Amazonka.NetworkFirewall.Types.SubnetMapping+import Amazonka.NetworkFirewall.Types.SyncState+import Amazonka.NetworkFirewall.Types.TCPFlag+import Amazonka.NetworkFirewall.Types.TCPFlagField+import Amazonka.NetworkFirewall.Types.Tag+import Amazonka.NetworkFirewall.Types.TargetType+import qualified Amazonka.Prelude as Prelude+import qualified Amazonka.Sign.V4 as Sign++-- | API version @2020-11-12@ of the Amazon Network Firewall SDK configuration.+defaultService :: Core.Service+defaultService =+ Core.Service+ { Core.abbrev = "NetworkFirewall",+ Core.signer = Sign.v4,+ Core.endpointPrefix = "network-firewall",+ Core.signingName = "network-firewall",+ Core.version = "2020-11-12",+ Core.s3AddressingStyle = Core.S3AddressingStyleAuto,+ Core.endpoint = Core.defaultEndpoint defaultService,+ Core.timeout = Prelude.Just 70,+ Core.check = Core.statusSuccess,+ Core.error = Core.parseJSONError "NetworkFirewall",+ Core.retry = retry+ }+ where+ retry =+ Core.Exponential+ { Core.base = 5.0e-2,+ Core.growth = 2,+ Core.attempts = 5,+ Core.check = check+ }+ check e+ | Lens.has (Core.hasStatus 502) e =+ Prelude.Just "bad_gateway"+ | Lens.has (Core.hasStatus 504) e =+ Prelude.Just "gateway_timeout"+ | Lens.has (Core.hasStatus 500) e =+ Prelude.Just "general_server_error"+ | Lens.has (Core.hasStatus 509) e =+ Prelude.Just "limit_exceeded"+ | Lens.has+ ( Core.hasCode "RequestThrottledException"+ Prelude.. Core.hasStatus 400+ )+ e =+ Prelude.Just "request_throttled_exception"+ | Lens.has (Core.hasStatus 503) e =+ Prelude.Just "service_unavailable"+ | Lens.has+ ( Core.hasCode "ThrottledException"+ Prelude.. Core.hasStatus 400+ )+ e =+ Prelude.Just "throttled_exception"+ | Lens.has+ ( Core.hasCode "Throttling"+ Prelude.. Core.hasStatus 400+ )+ e =+ Prelude.Just "throttling"+ | Lens.has+ ( Core.hasCode "ThrottlingException"+ Prelude.. Core.hasStatus 400+ )+ e =+ Prelude.Just "throttling_exception"+ | Lens.has+ ( Core.hasCode+ "ProvisionedThroughputExceededException"+ Prelude.. Core.hasStatus 400+ )+ e =+ Prelude.Just "throughput_exceeded"+ | Lens.has (Core.hasStatus 429) e =+ Prelude.Just "too_many_requests"+ | Prelude.otherwise = Prelude.Nothing++-- | Amazon Web Services doesn\'t currently have enough available capacity to+-- fulfill your request. Try your request later.+_InsufficientCapacityException :: (Core.AsError a) => Lens.Fold a Core.ServiceError+_InsufficientCapacityException =+ Core._MatchServiceError+ defaultService+ "InsufficientCapacityException"++-- | Your request is valid, but Network Firewall couldn’t perform the+-- operation because of a system problem. Retry your request.+_InternalServerError :: (Core.AsError a) => Lens.Fold a Core.ServiceError+_InternalServerError =+ Core._MatchServiceError+ defaultService+ "InternalServerError"++-- | The operation failed because it\'s not valid. For example, you might+-- have tried to delete a rule group or firewall policy that\'s in use.+_InvalidOperationException :: (Core.AsError a) => Lens.Fold a Core.ServiceError+_InvalidOperationException =+ Core._MatchServiceError+ defaultService+ "InvalidOperationException"++-- | The operation failed because of a problem with your request. Examples+-- include:+--+-- - You specified an unsupported parameter name or value.+--+-- - You tried to update a property with a value that isn\'t among the+-- available types.+--+-- - Your request references an ARN that is malformed, or corresponds to+-- a resource that isn\'t valid in the context of the request.+_InvalidRequestException :: (Core.AsError a) => Lens.Fold a Core.ServiceError+_InvalidRequestException =+ Core._MatchServiceError+ defaultService+ "InvalidRequestException"++-- | The policy statement failed validation.+_InvalidResourcePolicyException :: (Core.AsError a) => Lens.Fold a Core.ServiceError+_InvalidResourcePolicyException =+ Core._MatchServiceError+ defaultService+ "InvalidResourcePolicyException"++-- | The token you provided is stale or isn\'t valid for the operation.+_InvalidTokenException :: (Core.AsError a) => Lens.Fold a Core.ServiceError+_InvalidTokenException =+ Core._MatchServiceError+ defaultService+ "InvalidTokenException"++-- | Unable to perform the operation because doing so would violate a limit+-- setting.+_LimitExceededException :: (Core.AsError a) => Lens.Fold a Core.ServiceError+_LimitExceededException =+ Core._MatchServiceError+ defaultService+ "LimitExceededException"++-- | Unable to send logs to a configured logging destination.+_LogDestinationPermissionException :: (Core.AsError a) => Lens.Fold a Core.ServiceError+_LogDestinationPermissionException =+ Core._MatchServiceError+ defaultService+ "LogDestinationPermissionException"++-- | Unable to locate a resource using the parameters that you provided.+_ResourceNotFoundException :: (Core.AsError a) => Lens.Fold a Core.ServiceError+_ResourceNotFoundException =+ Core._MatchServiceError+ defaultService+ "ResourceNotFoundException"++-- | Unable to change the resource because your account doesn\'t own it.+_ResourceOwnerCheckException :: (Core.AsError a) => Lens.Fold a Core.ServiceError+_ResourceOwnerCheckException =+ Core._MatchServiceError+ defaultService+ "ResourceOwnerCheckException"++-- | Unable to process the request due to throttling limitations.+_ThrottlingException :: (Core.AsError a) => Lens.Fold a Core.ServiceError+_ThrottlingException =+ Core._MatchServiceError+ defaultService+ "ThrottlingException"++-- | The operation you requested isn\'t supported by Network Firewall.+_UnsupportedOperationException :: (Core.AsError a) => Lens.Fold a Core.ServiceError+_UnsupportedOperationException =+ Core._MatchServiceError+ defaultService+ "UnsupportedOperationException"
+ gen/Amazonka/NetworkFirewall/Types/ActionDefinition.hs view
@@ -0,0 +1,107 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.Types.ActionDefinition+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.Types.ActionDefinition where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import Amazonka.NetworkFirewall.Types.PublishMetricAction+import qualified Amazonka.Prelude as Prelude++-- | A custom action to use in stateless rule actions settings. This is used+-- in CustomAction.+--+-- /See:/ 'newActionDefinition' smart constructor.+data ActionDefinition = ActionDefinition'+ { -- | Stateless inspection criteria that publishes the specified metrics to+ -- Amazon CloudWatch for the matching packet. This setting defines a+ -- CloudWatch dimension value to be published.+ --+ -- You can pair this custom action with any of the standard stateless rule+ -- actions. For example, you could pair this in a rule action with the+ -- standard action that forwards the packet for stateful inspection. Then,+ -- when a packet matches the rule, Network Firewall publishes metrics for+ -- the packet and forwards it.+ publishMetricAction :: Prelude.Maybe PublishMetricAction+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'ActionDefinition' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'publishMetricAction', 'actionDefinition_publishMetricAction' - Stateless inspection criteria that publishes the specified metrics to+-- Amazon CloudWatch for the matching packet. This setting defines a+-- CloudWatch dimension value to be published.+--+-- You can pair this custom action with any of the standard stateless rule+-- actions. For example, you could pair this in a rule action with the+-- standard action that forwards the packet for stateful inspection. Then,+-- when a packet matches the rule, Network Firewall publishes metrics for+-- the packet and forwards it.+newActionDefinition ::+ ActionDefinition+newActionDefinition =+ ActionDefinition'+ { publishMetricAction =+ Prelude.Nothing+ }++-- | Stateless inspection criteria that publishes the specified metrics to+-- Amazon CloudWatch for the matching packet. This setting defines a+-- CloudWatch dimension value to be published.+--+-- You can pair this custom action with any of the standard stateless rule+-- actions. For example, you could pair this in a rule action with the+-- standard action that forwards the packet for stateful inspection. Then,+-- when a packet matches the rule, Network Firewall publishes metrics for+-- the packet and forwards it.+actionDefinition_publishMetricAction :: Lens.Lens' ActionDefinition (Prelude.Maybe PublishMetricAction)+actionDefinition_publishMetricAction = Lens.lens (\ActionDefinition' {publishMetricAction} -> publishMetricAction) (\s@ActionDefinition' {} a -> s {publishMetricAction = a} :: ActionDefinition)++instance Data.FromJSON ActionDefinition where+ parseJSON =+ Data.withObject+ "ActionDefinition"+ ( \x ->+ ActionDefinition'+ Prelude.<$> (x Data..:? "PublishMetricAction")+ )++instance Prelude.Hashable ActionDefinition where+ hashWithSalt _salt ActionDefinition' {..} =+ _salt `Prelude.hashWithSalt` publishMetricAction++instance Prelude.NFData ActionDefinition where+ rnf ActionDefinition' {..} =+ Prelude.rnf publishMetricAction++instance Data.ToJSON ActionDefinition where+ toJSON ActionDefinition' {..} =+ Data.object+ ( Prelude.catMaybes+ [ ("PublishMetricAction" Data..=)+ Prelude.<$> publishMetricAction+ ]+ )
+ gen/Amazonka/NetworkFirewall/Types/Address.hs view
@@ -0,0 +1,118 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.Types.Address+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.Types.Address where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import qualified Amazonka.Prelude as Prelude++-- | A single IP address specification. This is used in the MatchAttributes+-- source and destination specifications.+--+-- /See:/ 'newAddress' smart constructor.+data Address = Address'+ { -- | Specify an IP address or a block of IP addresses in Classless+ -- Inter-Domain Routing (CIDR) notation. Network Firewall supports all+ -- address ranges for IPv4.+ --+ -- Examples:+ --+ -- - To configure Network Firewall to inspect for the IP address+ -- 192.0.2.44, specify @192.0.2.44\/32@.+ --+ -- - To configure Network Firewall to inspect for IP addresses from+ -- 192.0.2.0 to 192.0.2.255, specify @192.0.2.0\/24@.+ --+ -- For more information about CIDR notation, see the Wikipedia entry+ -- <https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing Classless Inter-Domain Routing>.+ addressDefinition :: Prelude.Text+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'Address' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'addressDefinition', 'address_addressDefinition' - Specify an IP address or a block of IP addresses in Classless+-- Inter-Domain Routing (CIDR) notation. Network Firewall supports all+-- address ranges for IPv4.+--+-- Examples:+--+-- - To configure Network Firewall to inspect for the IP address+-- 192.0.2.44, specify @192.0.2.44\/32@.+--+-- - To configure Network Firewall to inspect for IP addresses from+-- 192.0.2.0 to 192.0.2.255, specify @192.0.2.0\/24@.+--+-- For more information about CIDR notation, see the Wikipedia entry+-- <https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing Classless Inter-Domain Routing>.+newAddress ::+ -- | 'addressDefinition'+ Prelude.Text ->+ Address+newAddress pAddressDefinition_ =+ Address' {addressDefinition = pAddressDefinition_}++-- | Specify an IP address or a block of IP addresses in Classless+-- Inter-Domain Routing (CIDR) notation. Network Firewall supports all+-- address ranges for IPv4.+--+-- Examples:+--+-- - To configure Network Firewall to inspect for the IP address+-- 192.0.2.44, specify @192.0.2.44\/32@.+--+-- - To configure Network Firewall to inspect for IP addresses from+-- 192.0.2.0 to 192.0.2.255, specify @192.0.2.0\/24@.+--+-- For more information about CIDR notation, see the Wikipedia entry+-- <https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing Classless Inter-Domain Routing>.+address_addressDefinition :: Lens.Lens' Address Prelude.Text+address_addressDefinition = Lens.lens (\Address' {addressDefinition} -> addressDefinition) (\s@Address' {} a -> s {addressDefinition = a} :: Address)++instance Data.FromJSON Address where+ parseJSON =+ Data.withObject+ "Address"+ ( \x ->+ Address' Prelude.<$> (x Data..: "AddressDefinition")+ )++instance Prelude.Hashable Address where+ hashWithSalt _salt Address' {..} =+ _salt `Prelude.hashWithSalt` addressDefinition++instance Prelude.NFData Address where+ rnf Address' {..} = Prelude.rnf addressDefinition++instance Data.ToJSON Address where+ toJSON Address' {..} =+ Data.object+ ( Prelude.catMaybes+ [ Prelude.Just+ ("AddressDefinition" Data..= addressDefinition)+ ]+ )
+ gen/Amazonka/NetworkFirewall/Types/Attachment.hs view
@@ -0,0 +1,156 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.Types.Attachment+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.Types.Attachment where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import Amazonka.NetworkFirewall.Types.AttachmentStatus+import qualified Amazonka.Prelude as Prelude++-- | The configuration and status for a single subnet that you\'ve specified+-- for use by the Network Firewall firewall. This is part of the+-- FirewallStatus.+--+-- /See:/ 'newAttachment' smart constructor.+data Attachment = Attachment'+ { -- | The identifier of the firewall endpoint that Network Firewall has+ -- instantiated in the subnet. You use this to identify the firewall+ -- endpoint in the VPC route tables, when you redirect the VPC traffic+ -- through the endpoint.+ endpointId :: Prelude.Maybe Prelude.Text,+ -- | The current status of the firewall endpoint in the subnet. This value+ -- reflects both the instantiation of the endpoint in the VPC subnet and+ -- the sync states that are reported in the @Config@ settings. When this+ -- value is @READY@, the endpoint is available and configured properly to+ -- handle network traffic. When the endpoint isn\'t available for traffic,+ -- this value will reflect its state, for example @CREATING@ or @DELETING@.+ status :: Prelude.Maybe AttachmentStatus,+ -- | If Network Firewall fails to create or delete the firewall endpoint in+ -- the subnet, it populates this with the reason for the failure and how to+ -- resolve it. Depending on the error, it can take as many as 15 minutes to+ -- populate this field. For more information about the errors and solutions+ -- available for this field, see+ -- <https://docs.aws.amazon.com/network-firewall/latest/developerguide/firewall-troubleshooting-endpoint-failures.html Troubleshooting firewall endpoint failures>+ -- in the /Network Firewall Developer Guide/.+ statusMessage :: Prelude.Maybe Prelude.Text,+ -- | The unique identifier of the subnet that you\'ve specified to be used+ -- for a firewall endpoint.+ subnetId :: Prelude.Maybe Prelude.Text+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'Attachment' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'endpointId', 'attachment_endpointId' - The identifier of the firewall endpoint that Network Firewall has+-- instantiated in the subnet. You use this to identify the firewall+-- endpoint in the VPC route tables, when you redirect the VPC traffic+-- through the endpoint.+--+-- 'status', 'attachment_status' - The current status of the firewall endpoint in the subnet. This value+-- reflects both the instantiation of the endpoint in the VPC subnet and+-- the sync states that are reported in the @Config@ settings. When this+-- value is @READY@, the endpoint is available and configured properly to+-- handle network traffic. When the endpoint isn\'t available for traffic,+-- this value will reflect its state, for example @CREATING@ or @DELETING@.+--+-- 'statusMessage', 'attachment_statusMessage' - If Network Firewall fails to create or delete the firewall endpoint in+-- the subnet, it populates this with the reason for the failure and how to+-- resolve it. Depending on the error, it can take as many as 15 minutes to+-- populate this field. For more information about the errors and solutions+-- available for this field, see+-- <https://docs.aws.amazon.com/network-firewall/latest/developerguide/firewall-troubleshooting-endpoint-failures.html Troubleshooting firewall endpoint failures>+-- in the /Network Firewall Developer Guide/.+--+-- 'subnetId', 'attachment_subnetId' - The unique identifier of the subnet that you\'ve specified to be used+-- for a firewall endpoint.+newAttachment ::+ Attachment+newAttachment =+ Attachment'+ { endpointId = Prelude.Nothing,+ status = Prelude.Nothing,+ statusMessage = Prelude.Nothing,+ subnetId = Prelude.Nothing+ }++-- | The identifier of the firewall endpoint that Network Firewall has+-- instantiated in the subnet. You use this to identify the firewall+-- endpoint in the VPC route tables, when you redirect the VPC traffic+-- through the endpoint.+attachment_endpointId :: Lens.Lens' Attachment (Prelude.Maybe Prelude.Text)+attachment_endpointId = Lens.lens (\Attachment' {endpointId} -> endpointId) (\s@Attachment' {} a -> s {endpointId = a} :: Attachment)++-- | The current status of the firewall endpoint in the subnet. This value+-- reflects both the instantiation of the endpoint in the VPC subnet and+-- the sync states that are reported in the @Config@ settings. When this+-- value is @READY@, the endpoint is available and configured properly to+-- handle network traffic. When the endpoint isn\'t available for traffic,+-- this value will reflect its state, for example @CREATING@ or @DELETING@.+attachment_status :: Lens.Lens' Attachment (Prelude.Maybe AttachmentStatus)+attachment_status = Lens.lens (\Attachment' {status} -> status) (\s@Attachment' {} a -> s {status = a} :: Attachment)++-- | If Network Firewall fails to create or delete the firewall endpoint in+-- the subnet, it populates this with the reason for the failure and how to+-- resolve it. Depending on the error, it can take as many as 15 minutes to+-- populate this field. For more information about the errors and solutions+-- available for this field, see+-- <https://docs.aws.amazon.com/network-firewall/latest/developerguide/firewall-troubleshooting-endpoint-failures.html Troubleshooting firewall endpoint failures>+-- in the /Network Firewall Developer Guide/.+attachment_statusMessage :: Lens.Lens' Attachment (Prelude.Maybe Prelude.Text)+attachment_statusMessage = Lens.lens (\Attachment' {statusMessage} -> statusMessage) (\s@Attachment' {} a -> s {statusMessage = a} :: Attachment)++-- | The unique identifier of the subnet that you\'ve specified to be used+-- for a firewall endpoint.+attachment_subnetId :: Lens.Lens' Attachment (Prelude.Maybe Prelude.Text)+attachment_subnetId = Lens.lens (\Attachment' {subnetId} -> subnetId) (\s@Attachment' {} a -> s {subnetId = a} :: Attachment)++instance Data.FromJSON Attachment where+ parseJSON =+ Data.withObject+ "Attachment"+ ( \x ->+ Attachment'+ Prelude.<$> (x Data..:? "EndpointId")+ Prelude.<*> (x Data..:? "Status")+ Prelude.<*> (x Data..:? "StatusMessage")+ Prelude.<*> (x Data..:? "SubnetId")+ )++instance Prelude.Hashable Attachment where+ hashWithSalt _salt Attachment' {..} =+ _salt+ `Prelude.hashWithSalt` endpointId+ `Prelude.hashWithSalt` status+ `Prelude.hashWithSalt` statusMessage+ `Prelude.hashWithSalt` subnetId++instance Prelude.NFData Attachment where+ rnf Attachment' {..} =+ Prelude.rnf endpointId+ `Prelude.seq` Prelude.rnf status+ `Prelude.seq` Prelude.rnf statusMessage+ `Prelude.seq` Prelude.rnf subnetId
+ gen/Amazonka/NetworkFirewall/Types/AttachmentStatus.hs view
@@ -0,0 +1,81 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DerivingStrategies #-}+{-# LANGUAGE GeneralizedNewtypeDeriving #-}+{-# LANGUAGE LambdaCase #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE PatternSynonyms #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.Types.AttachmentStatus+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.Types.AttachmentStatus+ ( AttachmentStatus+ ( ..,+ AttachmentStatus_CREATING,+ AttachmentStatus_DELETING,+ AttachmentStatus_READY,+ AttachmentStatus_SCALING+ ),+ )+where++import qualified Amazonka.Core as Core+import qualified Amazonka.Data as Data+import qualified Amazonka.Prelude as Prelude++newtype AttachmentStatus = AttachmentStatus'+ { fromAttachmentStatus ::+ Data.Text+ }+ deriving stock+ ( Prelude.Show,+ Prelude.Read,+ Prelude.Eq,+ Prelude.Ord,+ Prelude.Generic+ )+ deriving newtype+ ( Prelude.Hashable,+ Prelude.NFData,+ Data.FromText,+ Data.ToText,+ Data.ToByteString,+ Data.ToLog,+ Data.ToHeader,+ Data.ToQuery,+ Data.FromJSON,+ Data.FromJSONKey,+ Data.ToJSON,+ Data.ToJSONKey,+ Data.FromXML,+ Data.ToXML+ )++pattern AttachmentStatus_CREATING :: AttachmentStatus+pattern AttachmentStatus_CREATING = AttachmentStatus' "CREATING"++pattern AttachmentStatus_DELETING :: AttachmentStatus+pattern AttachmentStatus_DELETING = AttachmentStatus' "DELETING"++pattern AttachmentStatus_READY :: AttachmentStatus+pattern AttachmentStatus_READY = AttachmentStatus' "READY"++pattern AttachmentStatus_SCALING :: AttachmentStatus+pattern AttachmentStatus_SCALING = AttachmentStatus' "SCALING"++{-# COMPLETE+ AttachmentStatus_CREATING,+ AttachmentStatus_DELETING,+ AttachmentStatus_READY,+ AttachmentStatus_SCALING,+ AttachmentStatus'+ #-}
+ gen/Amazonka/NetworkFirewall/Types/CIDRSummary.hs view
@@ -0,0 +1,105 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.Types.CIDRSummary+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.Types.CIDRSummary where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import Amazonka.NetworkFirewall.Types.IPSetMetadata+import qualified Amazonka.Prelude as Prelude++-- | Summarizes the CIDR blocks used by the IP set references in a firewall.+-- Network Firewall calculates the number of CIDRs by taking an aggregated+-- count of all CIDRs used by the IP sets you are referencing.+--+-- /See:/ 'newCIDRSummary' smart constructor.+data CIDRSummary = CIDRSummary'+ { -- | The number of CIDR blocks available for use by the IP set references in+ -- a firewall.+ availableCIDRCount :: Prelude.Maybe Prelude.Natural,+ -- | The list of the IP set references used by a firewall.+ iPSetReferences :: Prelude.Maybe (Prelude.HashMap Prelude.Text IPSetMetadata),+ -- | The number of CIDR blocks used by the IP set references in a firewall.+ utilizedCIDRCount :: Prelude.Maybe Prelude.Natural+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'CIDRSummary' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'availableCIDRCount', 'cIDRSummary_availableCIDRCount' - The number of CIDR blocks available for use by the IP set references in+-- a firewall.+--+-- 'iPSetReferences', 'cIDRSummary_iPSetReferences' - The list of the IP set references used by a firewall.+--+-- 'utilizedCIDRCount', 'cIDRSummary_utilizedCIDRCount' - The number of CIDR blocks used by the IP set references in a firewall.+newCIDRSummary ::+ CIDRSummary+newCIDRSummary =+ CIDRSummary'+ { availableCIDRCount = Prelude.Nothing,+ iPSetReferences = Prelude.Nothing,+ utilizedCIDRCount = Prelude.Nothing+ }++-- | The number of CIDR blocks available for use by the IP set references in+-- a firewall.+cIDRSummary_availableCIDRCount :: Lens.Lens' CIDRSummary (Prelude.Maybe Prelude.Natural)+cIDRSummary_availableCIDRCount = Lens.lens (\CIDRSummary' {availableCIDRCount} -> availableCIDRCount) (\s@CIDRSummary' {} a -> s {availableCIDRCount = a} :: CIDRSummary)++-- | The list of the IP set references used by a firewall.+cIDRSummary_iPSetReferences :: Lens.Lens' CIDRSummary (Prelude.Maybe (Prelude.HashMap Prelude.Text IPSetMetadata))+cIDRSummary_iPSetReferences = Lens.lens (\CIDRSummary' {iPSetReferences} -> iPSetReferences) (\s@CIDRSummary' {} a -> s {iPSetReferences = a} :: CIDRSummary) Prelude.. Lens.mapping Lens.coerced++-- | The number of CIDR blocks used by the IP set references in a firewall.+cIDRSummary_utilizedCIDRCount :: Lens.Lens' CIDRSummary (Prelude.Maybe Prelude.Natural)+cIDRSummary_utilizedCIDRCount = Lens.lens (\CIDRSummary' {utilizedCIDRCount} -> utilizedCIDRCount) (\s@CIDRSummary' {} a -> s {utilizedCIDRCount = a} :: CIDRSummary)++instance Data.FromJSON CIDRSummary where+ parseJSON =+ Data.withObject+ "CIDRSummary"+ ( \x ->+ CIDRSummary'+ Prelude.<$> (x Data..:? "AvailableCIDRCount")+ Prelude.<*> ( x+ Data..:? "IPSetReferences"+ Data..!= Prelude.mempty+ )+ Prelude.<*> (x Data..:? "UtilizedCIDRCount")+ )++instance Prelude.Hashable CIDRSummary where+ hashWithSalt _salt CIDRSummary' {..} =+ _salt+ `Prelude.hashWithSalt` availableCIDRCount+ `Prelude.hashWithSalt` iPSetReferences+ `Prelude.hashWithSalt` utilizedCIDRCount++instance Prelude.NFData CIDRSummary where+ rnf CIDRSummary' {..} =+ Prelude.rnf availableCIDRCount+ `Prelude.seq` Prelude.rnf iPSetReferences+ `Prelude.seq` Prelude.rnf utilizedCIDRCount
+ gen/Amazonka/NetworkFirewall/Types/CapacityUsageSummary.hs view
@@ -0,0 +1,73 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.Types.CapacityUsageSummary+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.Types.CapacityUsageSummary where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import Amazonka.NetworkFirewall.Types.CIDRSummary+import qualified Amazonka.Prelude as Prelude++-- | The capacity usage summary of the resources used by the ReferenceSets in+-- a firewall.+--+-- /See:/ 'newCapacityUsageSummary' smart constructor.+data CapacityUsageSummary = CapacityUsageSummary'+ { -- | Describes the capacity usage of the CIDR blocks used by the IP set+ -- references in a firewall.+ cIDRs :: Prelude.Maybe CIDRSummary+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'CapacityUsageSummary' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'cIDRs', 'capacityUsageSummary_cIDRs' - Describes the capacity usage of the CIDR blocks used by the IP set+-- references in a firewall.+newCapacityUsageSummary ::+ CapacityUsageSummary+newCapacityUsageSummary =+ CapacityUsageSummary' {cIDRs = Prelude.Nothing}++-- | Describes the capacity usage of the CIDR blocks used by the IP set+-- references in a firewall.+capacityUsageSummary_cIDRs :: Lens.Lens' CapacityUsageSummary (Prelude.Maybe CIDRSummary)+capacityUsageSummary_cIDRs = Lens.lens (\CapacityUsageSummary' {cIDRs} -> cIDRs) (\s@CapacityUsageSummary' {} a -> s {cIDRs = a} :: CapacityUsageSummary)++instance Data.FromJSON CapacityUsageSummary where+ parseJSON =+ Data.withObject+ "CapacityUsageSummary"+ ( \x ->+ CapacityUsageSummary'+ Prelude.<$> (x Data..:? "CIDRs")+ )++instance Prelude.Hashable CapacityUsageSummary where+ hashWithSalt _salt CapacityUsageSummary' {..} =+ _salt `Prelude.hashWithSalt` cIDRs++instance Prelude.NFData CapacityUsageSummary where+ rnf CapacityUsageSummary' {..} = Prelude.rnf cIDRs
+ gen/Amazonka/NetworkFirewall/Types/ConfigurationSyncState.hs view
@@ -0,0 +1,76 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DerivingStrategies #-}+{-# LANGUAGE GeneralizedNewtypeDeriving #-}+{-# LANGUAGE LambdaCase #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE PatternSynonyms #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.Types.ConfigurationSyncState+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.Types.ConfigurationSyncState+ ( ConfigurationSyncState+ ( ..,+ ConfigurationSyncState_CAPACITY_CONSTRAINED,+ ConfigurationSyncState_IN_SYNC,+ ConfigurationSyncState_PENDING+ ),+ )+where++import qualified Amazonka.Core as Core+import qualified Amazonka.Data as Data+import qualified Amazonka.Prelude as Prelude++newtype ConfigurationSyncState = ConfigurationSyncState'+ { fromConfigurationSyncState ::+ Data.Text+ }+ deriving stock+ ( Prelude.Show,+ Prelude.Read,+ Prelude.Eq,+ Prelude.Ord,+ Prelude.Generic+ )+ deriving newtype+ ( Prelude.Hashable,+ Prelude.NFData,+ Data.FromText,+ Data.ToText,+ Data.ToByteString,+ Data.ToLog,+ Data.ToHeader,+ Data.ToQuery,+ Data.FromJSON,+ Data.FromJSONKey,+ Data.ToJSON,+ Data.ToJSONKey,+ Data.FromXML,+ Data.ToXML+ )++pattern ConfigurationSyncState_CAPACITY_CONSTRAINED :: ConfigurationSyncState+pattern ConfigurationSyncState_CAPACITY_CONSTRAINED = ConfigurationSyncState' "CAPACITY_CONSTRAINED"++pattern ConfigurationSyncState_IN_SYNC :: ConfigurationSyncState+pattern ConfigurationSyncState_IN_SYNC = ConfigurationSyncState' "IN_SYNC"++pattern ConfigurationSyncState_PENDING :: ConfigurationSyncState+pattern ConfigurationSyncState_PENDING = ConfigurationSyncState' "PENDING"++{-# COMPLETE+ ConfigurationSyncState_CAPACITY_CONSTRAINED,+ ConfigurationSyncState_IN_SYNC,+ ConfigurationSyncState_PENDING,+ ConfigurationSyncState'+ #-}
+ gen/Amazonka/NetworkFirewall/Types/CustomAction.hs view
@@ -0,0 +1,121 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.Types.CustomAction+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.Types.CustomAction where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import Amazonka.NetworkFirewall.Types.ActionDefinition+import qualified Amazonka.Prelude as Prelude++-- | An optional, non-standard action to use for stateless packet handling.+-- You can define this in addition to the standard action that you must+-- specify.+--+-- You define and name the custom actions that you want to be able to use,+-- and then you reference them by name in your actions settings.+--+-- You can use custom actions in the following places:+--+-- - In a rule group\'s StatelessRulesAndCustomActions specification. The+-- custom actions are available for use by name inside the+-- @StatelessRulesAndCustomActions@ where you define them. You can use+-- them for your stateless rule actions to specify what to do with a+-- packet that matches the rule\'s match attributes.+--+-- - In a FirewallPolicy specification, in @StatelessCustomActions@. The+-- custom actions are available for use inside the policy where you+-- define them. You can use them for the policy\'s default stateless+-- actions settings to specify what to do with packets that don\'t+-- match any of the policy\'s stateless rules.+--+-- /See:/ 'newCustomAction' smart constructor.+data CustomAction = CustomAction'+ { -- | The descriptive name of the custom action. You can\'t change the name of+ -- a custom action after you create it.+ actionName :: Prelude.Text,+ -- | The custom action associated with the action name.+ actionDefinition :: ActionDefinition+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'CustomAction' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'actionName', 'customAction_actionName' - The descriptive name of the custom action. You can\'t change the name of+-- a custom action after you create it.+--+-- 'actionDefinition', 'customAction_actionDefinition' - The custom action associated with the action name.+newCustomAction ::+ -- | 'actionName'+ Prelude.Text ->+ -- | 'actionDefinition'+ ActionDefinition ->+ CustomAction+newCustomAction pActionName_ pActionDefinition_ =+ CustomAction'+ { actionName = pActionName_,+ actionDefinition = pActionDefinition_+ }++-- | The descriptive name of the custom action. You can\'t change the name of+-- a custom action after you create it.+customAction_actionName :: Lens.Lens' CustomAction Prelude.Text+customAction_actionName = Lens.lens (\CustomAction' {actionName} -> actionName) (\s@CustomAction' {} a -> s {actionName = a} :: CustomAction)++-- | The custom action associated with the action name.+customAction_actionDefinition :: Lens.Lens' CustomAction ActionDefinition+customAction_actionDefinition = Lens.lens (\CustomAction' {actionDefinition} -> actionDefinition) (\s@CustomAction' {} a -> s {actionDefinition = a} :: CustomAction)++instance Data.FromJSON CustomAction where+ parseJSON =+ Data.withObject+ "CustomAction"+ ( \x ->+ CustomAction'+ Prelude.<$> (x Data..: "ActionName")+ Prelude.<*> (x Data..: "ActionDefinition")+ )++instance Prelude.Hashable CustomAction where+ hashWithSalt _salt CustomAction' {..} =+ _salt+ `Prelude.hashWithSalt` actionName+ `Prelude.hashWithSalt` actionDefinition++instance Prelude.NFData CustomAction where+ rnf CustomAction' {..} =+ Prelude.rnf actionName+ `Prelude.seq` Prelude.rnf actionDefinition++instance Data.ToJSON CustomAction where+ toJSON CustomAction' {..} =+ Data.object+ ( Prelude.catMaybes+ [ Prelude.Just ("ActionName" Data..= actionName),+ Prelude.Just+ ("ActionDefinition" Data..= actionDefinition)+ ]+ )
+ gen/Amazonka/NetworkFirewall/Types/Dimension.hs view
@@ -0,0 +1,84 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.Types.Dimension+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.Types.Dimension where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import qualified Amazonka.Prelude as Prelude++-- | The value to use in an Amazon CloudWatch custom metric dimension. This+-- is used in the @PublishMetrics@ CustomAction. A CloudWatch custom metric+-- dimension is a name\/value pair that\'s part of the identity of a+-- metric.+--+-- Network Firewall sets the dimension name to @CustomAction@ and you+-- provide the dimension value.+--+-- For more information about CloudWatch custom metric dimensions, see+-- <https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/publishingMetrics.html#usingDimensions Publishing Custom Metrics>+-- in the+-- <https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/WhatIsCloudWatch.html Amazon CloudWatch User Guide>.+--+-- /See:/ 'newDimension' smart constructor.+data Dimension = Dimension'+ { -- | The value to use in the custom metric dimension.+ value :: Prelude.Text+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'Dimension' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'value', 'dimension_value' - The value to use in the custom metric dimension.+newDimension ::+ -- | 'value'+ Prelude.Text ->+ Dimension+newDimension pValue_ = Dimension' {value = pValue_}++-- | The value to use in the custom metric dimension.+dimension_value :: Lens.Lens' Dimension Prelude.Text+dimension_value = Lens.lens (\Dimension' {value} -> value) (\s@Dimension' {} a -> s {value = a} :: Dimension)++instance Data.FromJSON Dimension where+ parseJSON =+ Data.withObject+ "Dimension"+ (\x -> Dimension' Prelude.<$> (x Data..: "Value"))++instance Prelude.Hashable Dimension where+ hashWithSalt _salt Dimension' {..} =+ _salt `Prelude.hashWithSalt` value++instance Prelude.NFData Dimension where+ rnf Dimension' {..} = Prelude.rnf value++instance Data.ToJSON Dimension where+ toJSON Dimension' {..} =+ Data.object+ ( Prelude.catMaybes+ [Prelude.Just ("Value" Data..= value)]+ )
+ gen/Amazonka/NetworkFirewall/Types/EncryptionConfiguration.hs view
@@ -0,0 +1,124 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.Types.EncryptionConfiguration+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.Types.EncryptionConfiguration where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import Amazonka.NetworkFirewall.Types.EncryptionType+import qualified Amazonka.Prelude as Prelude++-- | A complex type that contains optional Amazon Web Services Key Management+-- Service (KMS) encryption settings for your Network Firewall resources.+-- Your data is encrypted by default with an Amazon Web Services owned key+-- that Amazon Web Services owns and manages for you. You can use either+-- the Amazon Web Services owned key, or provide your own customer managed+-- key. To learn more about KMS encryption of your Network Firewall+-- resources, see+-- <https://docs.aws.amazon.com/kms/latest/developerguide/kms-encryption-at-rest.html Encryption at rest with Amazon Web Services Key Managment Service>+-- in the /Network Firewall Developer Guide/.+--+-- /See:/ 'newEncryptionConfiguration' smart constructor.+data EncryptionConfiguration = EncryptionConfiguration'+ { -- | The ID of the Amazon Web Services Key Management Service (KMS) customer+ -- managed key. You can use any of the key identifiers that KMS supports,+ -- unless you\'re using a key that\'s managed by another account. If+ -- you\'re using a key managed by another account, then specify the key+ -- ARN. For more information, see+ -- <https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id Key ID>+ -- in the /Amazon Web Services KMS Developer Guide/.+ keyId :: Prelude.Maybe Prelude.Text,+ -- | The type of Amazon Web Services KMS key to use for encryption of your+ -- Network Firewall resources.+ type' :: EncryptionType+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'EncryptionConfiguration' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'keyId', 'encryptionConfiguration_keyId' - The ID of the Amazon Web Services Key Management Service (KMS) customer+-- managed key. You can use any of the key identifiers that KMS supports,+-- unless you\'re using a key that\'s managed by another account. If+-- you\'re using a key managed by another account, then specify the key+-- ARN. For more information, see+-- <https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id Key ID>+-- in the /Amazon Web Services KMS Developer Guide/.+--+-- 'type'', 'encryptionConfiguration_type' - The type of Amazon Web Services KMS key to use for encryption of your+-- Network Firewall resources.+newEncryptionConfiguration ::+ -- | 'type''+ EncryptionType ->+ EncryptionConfiguration+newEncryptionConfiguration pType_ =+ EncryptionConfiguration'+ { keyId = Prelude.Nothing,+ type' = pType_+ }++-- | The ID of the Amazon Web Services Key Management Service (KMS) customer+-- managed key. You can use any of the key identifiers that KMS supports,+-- unless you\'re using a key that\'s managed by another account. If+-- you\'re using a key managed by another account, then specify the key+-- ARN. For more information, see+-- <https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id Key ID>+-- in the /Amazon Web Services KMS Developer Guide/.+encryptionConfiguration_keyId :: Lens.Lens' EncryptionConfiguration (Prelude.Maybe Prelude.Text)+encryptionConfiguration_keyId = Lens.lens (\EncryptionConfiguration' {keyId} -> keyId) (\s@EncryptionConfiguration' {} a -> s {keyId = a} :: EncryptionConfiguration)++-- | The type of Amazon Web Services KMS key to use for encryption of your+-- Network Firewall resources.+encryptionConfiguration_type :: Lens.Lens' EncryptionConfiguration EncryptionType+encryptionConfiguration_type = Lens.lens (\EncryptionConfiguration' {type'} -> type') (\s@EncryptionConfiguration' {} a -> s {type' = a} :: EncryptionConfiguration)++instance Data.FromJSON EncryptionConfiguration where+ parseJSON =+ Data.withObject+ "EncryptionConfiguration"+ ( \x ->+ EncryptionConfiguration'+ Prelude.<$> (x Data..:? "KeyId")+ Prelude.<*> (x Data..: "Type")+ )++instance Prelude.Hashable EncryptionConfiguration where+ hashWithSalt _salt EncryptionConfiguration' {..} =+ _salt+ `Prelude.hashWithSalt` keyId+ `Prelude.hashWithSalt` type'++instance Prelude.NFData EncryptionConfiguration where+ rnf EncryptionConfiguration' {..} =+ Prelude.rnf keyId `Prelude.seq` Prelude.rnf type'++instance Data.ToJSON EncryptionConfiguration where+ toJSON EncryptionConfiguration' {..} =+ Data.object+ ( Prelude.catMaybes+ [ ("KeyId" Data..=) Prelude.<$> keyId,+ Prelude.Just ("Type" Data..= type')+ ]+ )
+ gen/Amazonka/NetworkFirewall/Types/EncryptionType.hs view
@@ -0,0 +1,71 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DerivingStrategies #-}+{-# LANGUAGE GeneralizedNewtypeDeriving #-}+{-# LANGUAGE LambdaCase #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE PatternSynonyms #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.Types.EncryptionType+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.Types.EncryptionType+ ( EncryptionType+ ( ..,+ EncryptionType_AWS_OWNED_KMS_KEY,+ EncryptionType_CUSTOMER_KMS+ ),+ )+where++import qualified Amazonka.Core as Core+import qualified Amazonka.Data as Data+import qualified Amazonka.Prelude as Prelude++newtype EncryptionType = EncryptionType'+ { fromEncryptionType ::+ Data.Text+ }+ deriving stock+ ( Prelude.Show,+ Prelude.Read,+ Prelude.Eq,+ Prelude.Ord,+ Prelude.Generic+ )+ deriving newtype+ ( Prelude.Hashable,+ Prelude.NFData,+ Data.FromText,+ Data.ToText,+ Data.ToByteString,+ Data.ToLog,+ Data.ToHeader,+ Data.ToQuery,+ Data.FromJSON,+ Data.FromJSONKey,+ Data.ToJSON,+ Data.ToJSONKey,+ Data.FromXML,+ Data.ToXML+ )++pattern EncryptionType_AWS_OWNED_KMS_KEY :: EncryptionType+pattern EncryptionType_AWS_OWNED_KMS_KEY = EncryptionType' "AWS_OWNED_KMS_KEY"++pattern EncryptionType_CUSTOMER_KMS :: EncryptionType+pattern EncryptionType_CUSTOMER_KMS = EncryptionType' "CUSTOMER_KMS"++{-# COMPLETE+ EncryptionType_AWS_OWNED_KMS_KEY,+ EncryptionType_CUSTOMER_KMS,+ EncryptionType'+ #-}
+ gen/Amazonka/NetworkFirewall/Types/Firewall.hs view
@@ -0,0 +1,275 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.Types.Firewall+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.Types.Firewall where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import Amazonka.NetworkFirewall.Types.EncryptionConfiguration+import Amazonka.NetworkFirewall.Types.SubnetMapping+import Amazonka.NetworkFirewall.Types.Tag+import qualified Amazonka.Prelude as Prelude++-- | The firewall defines the configuration settings for an Network Firewall+-- firewall. These settings include the firewall policy, the subnets in+-- your VPC to use for the firewall endpoints, and any tags that are+-- attached to the firewall Amazon Web Services resource.+--+-- The status of the firewall, for example whether it\'s ready to filter+-- network traffic, is provided in the corresponding FirewallStatus. You+-- can retrieve both objects by calling DescribeFirewall.+--+-- /See:/ 'newFirewall' smart constructor.+data Firewall = Firewall'+ { -- | A flag indicating whether it is possible to delete the firewall. A+ -- setting of @TRUE@ indicates that the firewall is protected against+ -- deletion. Use this setting to protect against accidentally deleting a+ -- firewall that is in use. When you create a firewall, the operation+ -- initializes this flag to @TRUE@.+ deleteProtection :: Prelude.Maybe Prelude.Bool,+ -- | A description of the firewall.+ description :: Prelude.Maybe Prelude.Text,+ -- | A complex type that contains the Amazon Web Services KMS encryption+ -- configuration settings for your firewall.+ encryptionConfiguration :: Prelude.Maybe EncryptionConfiguration,+ -- | The Amazon Resource Name (ARN) of the firewall.+ firewallArn :: Prelude.Maybe Prelude.Text,+ -- | The descriptive name of the firewall. You can\'t change the name of a+ -- firewall after you create it.+ firewallName :: Prelude.Maybe Prelude.Text,+ -- | A setting indicating whether the firewall is protected against a change+ -- to the firewall policy association. Use this setting to protect against+ -- accidentally modifying the firewall policy for a firewall that is in+ -- use. When you create a firewall, the operation initializes this setting+ -- to @TRUE@.+ firewallPolicyChangeProtection :: Prelude.Maybe Prelude.Bool,+ -- | A setting indicating whether the firewall is protected against changes+ -- to the subnet associations. Use this setting to protect against+ -- accidentally modifying the subnet associations for a firewall that is in+ -- use. When you create a firewall, the operation initializes this setting+ -- to @TRUE@.+ subnetChangeProtection :: Prelude.Maybe Prelude.Bool,+ tags :: Prelude.Maybe (Prelude.NonEmpty Tag),+ -- | The Amazon Resource Name (ARN) of the firewall policy.+ --+ -- The relationship of firewall to firewall policy is many to one. Each+ -- firewall requires one firewall policy association, and you can use the+ -- same firewall policy for multiple firewalls.+ firewallPolicyArn :: Prelude.Text,+ -- | The unique identifier of the VPC where the firewall is in use.+ vpcId :: Prelude.Text,+ -- | The public subnets that Network Firewall is using for the firewall. Each+ -- subnet must belong to a different Availability Zone.+ subnetMappings :: [SubnetMapping],+ -- | The unique identifier for the firewall.+ firewallId :: Prelude.Text+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'Firewall' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'deleteProtection', 'firewall_deleteProtection' - A flag indicating whether it is possible to delete the firewall. A+-- setting of @TRUE@ indicates that the firewall is protected against+-- deletion. Use this setting to protect against accidentally deleting a+-- firewall that is in use. When you create a firewall, the operation+-- initializes this flag to @TRUE@.+--+-- 'description', 'firewall_description' - A description of the firewall.+--+-- 'encryptionConfiguration', 'firewall_encryptionConfiguration' - A complex type that contains the Amazon Web Services KMS encryption+-- configuration settings for your firewall.+--+-- 'firewallArn', 'firewall_firewallArn' - The Amazon Resource Name (ARN) of the firewall.+--+-- 'firewallName', 'firewall_firewallName' - The descriptive name of the firewall. You can\'t change the name of a+-- firewall after you create it.+--+-- 'firewallPolicyChangeProtection', 'firewall_firewallPolicyChangeProtection' - A setting indicating whether the firewall is protected against a change+-- to the firewall policy association. Use this setting to protect against+-- accidentally modifying the firewall policy for a firewall that is in+-- use. When you create a firewall, the operation initializes this setting+-- to @TRUE@.+--+-- 'subnetChangeProtection', 'firewall_subnetChangeProtection' - A setting indicating whether the firewall is protected against changes+-- to the subnet associations. Use this setting to protect against+-- accidentally modifying the subnet associations for a firewall that is in+-- use. When you create a firewall, the operation initializes this setting+-- to @TRUE@.+--+-- 'tags', 'firewall_tags' -+--+-- 'firewallPolicyArn', 'firewall_firewallPolicyArn' - The Amazon Resource Name (ARN) of the firewall policy.+--+-- The relationship of firewall to firewall policy is many to one. Each+-- firewall requires one firewall policy association, and you can use the+-- same firewall policy for multiple firewalls.+--+-- 'vpcId', 'firewall_vpcId' - The unique identifier of the VPC where the firewall is in use.+--+-- 'subnetMappings', 'firewall_subnetMappings' - The public subnets that Network Firewall is using for the firewall. Each+-- subnet must belong to a different Availability Zone.+--+-- 'firewallId', 'firewall_firewallId' - The unique identifier for the firewall.+newFirewall ::+ -- | 'firewallPolicyArn'+ Prelude.Text ->+ -- | 'vpcId'+ Prelude.Text ->+ -- | 'firewallId'+ Prelude.Text ->+ Firewall+newFirewall pFirewallPolicyArn_ pVpcId_ pFirewallId_ =+ Firewall'+ { deleteProtection = Prelude.Nothing,+ description = Prelude.Nothing,+ encryptionConfiguration = Prelude.Nothing,+ firewallArn = Prelude.Nothing,+ firewallName = Prelude.Nothing,+ firewallPolicyChangeProtection = Prelude.Nothing,+ subnetChangeProtection = Prelude.Nothing,+ tags = Prelude.Nothing,+ firewallPolicyArn = pFirewallPolicyArn_,+ vpcId = pVpcId_,+ subnetMappings = Prelude.mempty,+ firewallId = pFirewallId_+ }++-- | A flag indicating whether it is possible to delete the firewall. A+-- setting of @TRUE@ indicates that the firewall is protected against+-- deletion. Use this setting to protect against accidentally deleting a+-- firewall that is in use. When you create a firewall, the operation+-- initializes this flag to @TRUE@.+firewall_deleteProtection :: Lens.Lens' Firewall (Prelude.Maybe Prelude.Bool)+firewall_deleteProtection = Lens.lens (\Firewall' {deleteProtection} -> deleteProtection) (\s@Firewall' {} a -> s {deleteProtection = a} :: Firewall)++-- | A description of the firewall.+firewall_description :: Lens.Lens' Firewall (Prelude.Maybe Prelude.Text)+firewall_description = Lens.lens (\Firewall' {description} -> description) (\s@Firewall' {} a -> s {description = a} :: Firewall)++-- | A complex type that contains the Amazon Web Services KMS encryption+-- configuration settings for your firewall.+firewall_encryptionConfiguration :: Lens.Lens' Firewall (Prelude.Maybe EncryptionConfiguration)+firewall_encryptionConfiguration = Lens.lens (\Firewall' {encryptionConfiguration} -> encryptionConfiguration) (\s@Firewall' {} a -> s {encryptionConfiguration = a} :: Firewall)++-- | The Amazon Resource Name (ARN) of the firewall.+firewall_firewallArn :: Lens.Lens' Firewall (Prelude.Maybe Prelude.Text)+firewall_firewallArn = Lens.lens (\Firewall' {firewallArn} -> firewallArn) (\s@Firewall' {} a -> s {firewallArn = a} :: Firewall)++-- | The descriptive name of the firewall. You can\'t change the name of a+-- firewall after you create it.+firewall_firewallName :: Lens.Lens' Firewall (Prelude.Maybe Prelude.Text)+firewall_firewallName = Lens.lens (\Firewall' {firewallName} -> firewallName) (\s@Firewall' {} a -> s {firewallName = a} :: Firewall)++-- | A setting indicating whether the firewall is protected against a change+-- to the firewall policy association. Use this setting to protect against+-- accidentally modifying the firewall policy for a firewall that is in+-- use. When you create a firewall, the operation initializes this setting+-- to @TRUE@.+firewall_firewallPolicyChangeProtection :: Lens.Lens' Firewall (Prelude.Maybe Prelude.Bool)+firewall_firewallPolicyChangeProtection = Lens.lens (\Firewall' {firewallPolicyChangeProtection} -> firewallPolicyChangeProtection) (\s@Firewall' {} a -> s {firewallPolicyChangeProtection = a} :: Firewall)++-- | A setting indicating whether the firewall is protected against changes+-- to the subnet associations. Use this setting to protect against+-- accidentally modifying the subnet associations for a firewall that is in+-- use. When you create a firewall, the operation initializes this setting+-- to @TRUE@.+firewall_subnetChangeProtection :: Lens.Lens' Firewall (Prelude.Maybe Prelude.Bool)+firewall_subnetChangeProtection = Lens.lens (\Firewall' {subnetChangeProtection} -> subnetChangeProtection) (\s@Firewall' {} a -> s {subnetChangeProtection = a} :: Firewall)++firewall_tags :: Lens.Lens' Firewall (Prelude.Maybe (Prelude.NonEmpty Tag))+firewall_tags = Lens.lens (\Firewall' {tags} -> tags) (\s@Firewall' {} a -> s {tags = a} :: Firewall) Prelude.. Lens.mapping Lens.coerced++-- | The Amazon Resource Name (ARN) of the firewall policy.+--+-- The relationship of firewall to firewall policy is many to one. Each+-- firewall requires one firewall policy association, and you can use the+-- same firewall policy for multiple firewalls.+firewall_firewallPolicyArn :: Lens.Lens' Firewall Prelude.Text+firewall_firewallPolicyArn = Lens.lens (\Firewall' {firewallPolicyArn} -> firewallPolicyArn) (\s@Firewall' {} a -> s {firewallPolicyArn = a} :: Firewall)++-- | The unique identifier of the VPC where the firewall is in use.+firewall_vpcId :: Lens.Lens' Firewall Prelude.Text+firewall_vpcId = Lens.lens (\Firewall' {vpcId} -> vpcId) (\s@Firewall' {} a -> s {vpcId = a} :: Firewall)++-- | The public subnets that Network Firewall is using for the firewall. Each+-- subnet must belong to a different Availability Zone.+firewall_subnetMappings :: Lens.Lens' Firewall [SubnetMapping]+firewall_subnetMappings = Lens.lens (\Firewall' {subnetMappings} -> subnetMappings) (\s@Firewall' {} a -> s {subnetMappings = a} :: Firewall) Prelude.. Lens.coerced++-- | The unique identifier for the firewall.+firewall_firewallId :: Lens.Lens' Firewall Prelude.Text+firewall_firewallId = Lens.lens (\Firewall' {firewallId} -> firewallId) (\s@Firewall' {} a -> s {firewallId = a} :: Firewall)++instance Data.FromJSON Firewall where+ parseJSON =+ Data.withObject+ "Firewall"+ ( \x ->+ Firewall'+ Prelude.<$> (x Data..:? "DeleteProtection")+ Prelude.<*> (x Data..:? "Description")+ Prelude.<*> (x Data..:? "EncryptionConfiguration")+ Prelude.<*> (x Data..:? "FirewallArn")+ Prelude.<*> (x Data..:? "FirewallName")+ Prelude.<*> (x Data..:? "FirewallPolicyChangeProtection")+ Prelude.<*> (x Data..:? "SubnetChangeProtection")+ Prelude.<*> (x Data..:? "Tags")+ Prelude.<*> (x Data..: "FirewallPolicyArn")+ Prelude.<*> (x Data..: "VpcId")+ Prelude.<*> (x Data..:? "SubnetMappings" Data..!= Prelude.mempty)+ Prelude.<*> (x Data..: "FirewallId")+ )++instance Prelude.Hashable Firewall where+ hashWithSalt _salt Firewall' {..} =+ _salt+ `Prelude.hashWithSalt` deleteProtection+ `Prelude.hashWithSalt` description+ `Prelude.hashWithSalt` encryptionConfiguration+ `Prelude.hashWithSalt` firewallArn+ `Prelude.hashWithSalt` firewallName+ `Prelude.hashWithSalt` firewallPolicyChangeProtection+ `Prelude.hashWithSalt` subnetChangeProtection+ `Prelude.hashWithSalt` tags+ `Prelude.hashWithSalt` firewallPolicyArn+ `Prelude.hashWithSalt` vpcId+ `Prelude.hashWithSalt` subnetMappings+ `Prelude.hashWithSalt` firewallId++instance Prelude.NFData Firewall where+ rnf Firewall' {..} =+ Prelude.rnf deleteProtection+ `Prelude.seq` Prelude.rnf description+ `Prelude.seq` Prelude.rnf encryptionConfiguration+ `Prelude.seq` Prelude.rnf firewallArn+ `Prelude.seq` Prelude.rnf firewallName+ `Prelude.seq` Prelude.rnf firewallPolicyChangeProtection+ `Prelude.seq` Prelude.rnf subnetChangeProtection+ `Prelude.seq` Prelude.rnf tags+ `Prelude.seq` Prelude.rnf firewallPolicyArn+ `Prelude.seq` Prelude.rnf vpcId+ `Prelude.seq` Prelude.rnf subnetMappings+ `Prelude.seq` Prelude.rnf firewallId
+ gen/Amazonka/NetworkFirewall/Types/FirewallMetadata.hs view
@@ -0,0 +1,89 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.Types.FirewallMetadata+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.Types.FirewallMetadata where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import qualified Amazonka.Prelude as Prelude++-- | High-level information about a firewall, returned by operations like+-- create and describe. You can use the information provided in the+-- metadata to retrieve and manage a firewall.+--+-- /See:/ 'newFirewallMetadata' smart constructor.+data FirewallMetadata = FirewallMetadata'+ { -- | The Amazon Resource Name (ARN) of the firewall.+ firewallArn :: Prelude.Maybe Prelude.Text,+ -- | The descriptive name of the firewall. You can\'t change the name of a+ -- firewall after you create it.+ firewallName :: Prelude.Maybe Prelude.Text+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'FirewallMetadata' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'firewallArn', 'firewallMetadata_firewallArn' - The Amazon Resource Name (ARN) of the firewall.+--+-- 'firewallName', 'firewallMetadata_firewallName' - The descriptive name of the firewall. You can\'t change the name of a+-- firewall after you create it.+newFirewallMetadata ::+ FirewallMetadata+newFirewallMetadata =+ FirewallMetadata'+ { firewallArn = Prelude.Nothing,+ firewallName = Prelude.Nothing+ }++-- | The Amazon Resource Name (ARN) of the firewall.+firewallMetadata_firewallArn :: Lens.Lens' FirewallMetadata (Prelude.Maybe Prelude.Text)+firewallMetadata_firewallArn = Lens.lens (\FirewallMetadata' {firewallArn} -> firewallArn) (\s@FirewallMetadata' {} a -> s {firewallArn = a} :: FirewallMetadata)++-- | The descriptive name of the firewall. You can\'t change the name of a+-- firewall after you create it.+firewallMetadata_firewallName :: Lens.Lens' FirewallMetadata (Prelude.Maybe Prelude.Text)+firewallMetadata_firewallName = Lens.lens (\FirewallMetadata' {firewallName} -> firewallName) (\s@FirewallMetadata' {} a -> s {firewallName = a} :: FirewallMetadata)++instance Data.FromJSON FirewallMetadata where+ parseJSON =+ Data.withObject+ "FirewallMetadata"+ ( \x ->+ FirewallMetadata'+ Prelude.<$> (x Data..:? "FirewallArn")+ Prelude.<*> (x Data..:? "FirewallName")+ )++instance Prelude.Hashable FirewallMetadata where+ hashWithSalt _salt FirewallMetadata' {..} =+ _salt+ `Prelude.hashWithSalt` firewallArn+ `Prelude.hashWithSalt` firewallName++instance Prelude.NFData FirewallMetadata where+ rnf FirewallMetadata' {..} =+ Prelude.rnf firewallArn+ `Prelude.seq` Prelude.rnf firewallName
+ gen/Amazonka/NetworkFirewall/Types/FirewallPolicy.hs view
@@ -0,0 +1,333 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.Types.FirewallPolicy+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.Types.FirewallPolicy where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import Amazonka.NetworkFirewall.Types.CustomAction+import Amazonka.NetworkFirewall.Types.StatefulEngineOptions+import Amazonka.NetworkFirewall.Types.StatefulRuleGroupReference+import Amazonka.NetworkFirewall.Types.StatelessRuleGroupReference+import qualified Amazonka.Prelude as Prelude++-- | The firewall policy defines the behavior of a firewall using a+-- collection of stateless and stateful rule groups and other settings. You+-- can use one firewall policy for multiple firewalls.+--+-- This, along with FirewallPolicyResponse, define the policy. You can+-- retrieve all objects for a firewall policy by calling+-- DescribeFirewallPolicy.+--+-- /See:/ 'newFirewallPolicy' smart constructor.+data FirewallPolicy = FirewallPolicy'+ { -- | The default actions to take on a packet that doesn\'t match any stateful+ -- rules. The stateful default action is optional, and is only valid when+ -- using the strict rule order.+ --+ -- Valid values of the stateful default action:+ --+ -- - aws:drop_strict+ --+ -- - aws:drop_established+ --+ -- - aws:alert_strict+ --+ -- - aws:alert_established+ --+ -- For more information, see+ -- <https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-rule-evaluation-order.html#suricata-strict-rule-evaluation-order.html Strict evaluation order>+ -- in the /Network Firewall Developer Guide/.+ statefulDefaultActions :: Prelude.Maybe [Prelude.Text],+ -- | Additional options governing how Network Firewall handles stateful+ -- rules. The stateful rule groups that you use in your policy must have+ -- stateful rule options settings that are compatible with these settings.+ statefulEngineOptions :: Prelude.Maybe StatefulEngineOptions,+ -- | References to the stateful rule groups that are used in the policy.+ -- These define the inspection criteria in stateful rules.+ statefulRuleGroupReferences :: Prelude.Maybe [StatefulRuleGroupReference],+ -- | The custom action definitions that are available for use in the firewall+ -- policy\'s @StatelessDefaultActions@ setting. You name each custom action+ -- that you define, and then you can use it by name in your default actions+ -- specifications.+ statelessCustomActions :: Prelude.Maybe [CustomAction],+ -- | References to the stateless rule groups that are used in the policy.+ -- These define the matching criteria in stateless rules.+ statelessRuleGroupReferences :: Prelude.Maybe [StatelessRuleGroupReference],+ -- | The actions to take on a packet if it doesn\'t match any of the+ -- stateless rules in the policy. If you want non-matching packets to be+ -- forwarded for stateful inspection, specify @aws:forward_to_sfe@.+ --+ -- You must specify one of the standard actions: @aws:pass@, @aws:drop@, or+ -- @aws:forward_to_sfe@. In addition, you can specify custom actions that+ -- are compatible with your standard section choice.+ --+ -- For example, you could specify @[\"aws:pass\"]@ or you could specify+ -- @[\"aws:pass\", “customActionName”]@. For information about+ -- compatibility, see the custom action descriptions under CustomAction.+ statelessDefaultActions :: [Prelude.Text],+ -- | The actions to take on a fragmented UDP packet if it doesn\'t match any+ -- of the stateless rules in the policy. Network Firewall only manages UDP+ -- packet fragments and silently drops packet fragments for other+ -- protocols. If you want non-matching fragmented UDP packets to be+ -- forwarded for stateful inspection, specify @aws:forward_to_sfe@.+ --+ -- You must specify one of the standard actions: @aws:pass@, @aws:drop@, or+ -- @aws:forward_to_sfe@. In addition, you can specify custom actions that+ -- are compatible with your standard section choice.+ --+ -- For example, you could specify @[\"aws:pass\"]@ or you could specify+ -- @[\"aws:pass\", “customActionName”]@. For information about+ -- compatibility, see the custom action descriptions under CustomAction.+ statelessFragmentDefaultActions :: [Prelude.Text]+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'FirewallPolicy' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'statefulDefaultActions', 'firewallPolicy_statefulDefaultActions' - The default actions to take on a packet that doesn\'t match any stateful+-- rules. The stateful default action is optional, and is only valid when+-- using the strict rule order.+--+-- Valid values of the stateful default action:+--+-- - aws:drop_strict+--+-- - aws:drop_established+--+-- - aws:alert_strict+--+-- - aws:alert_established+--+-- For more information, see+-- <https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-rule-evaluation-order.html#suricata-strict-rule-evaluation-order.html Strict evaluation order>+-- in the /Network Firewall Developer Guide/.+--+-- 'statefulEngineOptions', 'firewallPolicy_statefulEngineOptions' - Additional options governing how Network Firewall handles stateful+-- rules. The stateful rule groups that you use in your policy must have+-- stateful rule options settings that are compatible with these settings.+--+-- 'statefulRuleGroupReferences', 'firewallPolicy_statefulRuleGroupReferences' - References to the stateful rule groups that are used in the policy.+-- These define the inspection criteria in stateful rules.+--+-- 'statelessCustomActions', 'firewallPolicy_statelessCustomActions' - The custom action definitions that are available for use in the firewall+-- policy\'s @StatelessDefaultActions@ setting. You name each custom action+-- that you define, and then you can use it by name in your default actions+-- specifications.+--+-- 'statelessRuleGroupReferences', 'firewallPolicy_statelessRuleGroupReferences' - References to the stateless rule groups that are used in the policy.+-- These define the matching criteria in stateless rules.+--+-- 'statelessDefaultActions', 'firewallPolicy_statelessDefaultActions' - The actions to take on a packet if it doesn\'t match any of the+-- stateless rules in the policy. If you want non-matching packets to be+-- forwarded for stateful inspection, specify @aws:forward_to_sfe@.+--+-- You must specify one of the standard actions: @aws:pass@, @aws:drop@, or+-- @aws:forward_to_sfe@. In addition, you can specify custom actions that+-- are compatible with your standard section choice.+--+-- For example, you could specify @[\"aws:pass\"]@ or you could specify+-- @[\"aws:pass\", “customActionName”]@. For information about+-- compatibility, see the custom action descriptions under CustomAction.+--+-- 'statelessFragmentDefaultActions', 'firewallPolicy_statelessFragmentDefaultActions' - The actions to take on a fragmented UDP packet if it doesn\'t match any+-- of the stateless rules in the policy. Network Firewall only manages UDP+-- packet fragments and silently drops packet fragments for other+-- protocols. If you want non-matching fragmented UDP packets to be+-- forwarded for stateful inspection, specify @aws:forward_to_sfe@.+--+-- You must specify one of the standard actions: @aws:pass@, @aws:drop@, or+-- @aws:forward_to_sfe@. In addition, you can specify custom actions that+-- are compatible with your standard section choice.+--+-- For example, you could specify @[\"aws:pass\"]@ or you could specify+-- @[\"aws:pass\", “customActionName”]@. For information about+-- compatibility, see the custom action descriptions under CustomAction.+newFirewallPolicy ::+ FirewallPolicy+newFirewallPolicy =+ FirewallPolicy'+ { statefulDefaultActions =+ Prelude.Nothing,+ statefulEngineOptions = Prelude.Nothing,+ statefulRuleGroupReferences = Prelude.Nothing,+ statelessCustomActions = Prelude.Nothing,+ statelessRuleGroupReferences = Prelude.Nothing,+ statelessDefaultActions = Prelude.mempty,+ statelessFragmentDefaultActions = Prelude.mempty+ }++-- | The default actions to take on a packet that doesn\'t match any stateful+-- rules. The stateful default action is optional, and is only valid when+-- using the strict rule order.+--+-- Valid values of the stateful default action:+--+-- - aws:drop_strict+--+-- - aws:drop_established+--+-- - aws:alert_strict+--+-- - aws:alert_established+--+-- For more information, see+-- <https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-rule-evaluation-order.html#suricata-strict-rule-evaluation-order.html Strict evaluation order>+-- in the /Network Firewall Developer Guide/.+firewallPolicy_statefulDefaultActions :: Lens.Lens' FirewallPolicy (Prelude.Maybe [Prelude.Text])+firewallPolicy_statefulDefaultActions = Lens.lens (\FirewallPolicy' {statefulDefaultActions} -> statefulDefaultActions) (\s@FirewallPolicy' {} a -> s {statefulDefaultActions = a} :: FirewallPolicy) Prelude.. Lens.mapping Lens.coerced++-- | Additional options governing how Network Firewall handles stateful+-- rules. The stateful rule groups that you use in your policy must have+-- stateful rule options settings that are compatible with these settings.+firewallPolicy_statefulEngineOptions :: Lens.Lens' FirewallPolicy (Prelude.Maybe StatefulEngineOptions)+firewallPolicy_statefulEngineOptions = Lens.lens (\FirewallPolicy' {statefulEngineOptions} -> statefulEngineOptions) (\s@FirewallPolicy' {} a -> s {statefulEngineOptions = a} :: FirewallPolicy)++-- | References to the stateful rule groups that are used in the policy.+-- These define the inspection criteria in stateful rules.+firewallPolicy_statefulRuleGroupReferences :: Lens.Lens' FirewallPolicy (Prelude.Maybe [StatefulRuleGroupReference])+firewallPolicy_statefulRuleGroupReferences = Lens.lens (\FirewallPolicy' {statefulRuleGroupReferences} -> statefulRuleGroupReferences) (\s@FirewallPolicy' {} a -> s {statefulRuleGroupReferences = a} :: FirewallPolicy) Prelude.. Lens.mapping Lens.coerced++-- | The custom action definitions that are available for use in the firewall+-- policy\'s @StatelessDefaultActions@ setting. You name each custom action+-- that you define, and then you can use it by name in your default actions+-- specifications.+firewallPolicy_statelessCustomActions :: Lens.Lens' FirewallPolicy (Prelude.Maybe [CustomAction])+firewallPolicy_statelessCustomActions = Lens.lens (\FirewallPolicy' {statelessCustomActions} -> statelessCustomActions) (\s@FirewallPolicy' {} a -> s {statelessCustomActions = a} :: FirewallPolicy) Prelude.. Lens.mapping Lens.coerced++-- | References to the stateless rule groups that are used in the policy.+-- These define the matching criteria in stateless rules.+firewallPolicy_statelessRuleGroupReferences :: Lens.Lens' FirewallPolicy (Prelude.Maybe [StatelessRuleGroupReference])+firewallPolicy_statelessRuleGroupReferences = Lens.lens (\FirewallPolicy' {statelessRuleGroupReferences} -> statelessRuleGroupReferences) (\s@FirewallPolicy' {} a -> s {statelessRuleGroupReferences = a} :: FirewallPolicy) Prelude.. Lens.mapping Lens.coerced++-- | The actions to take on a packet if it doesn\'t match any of the+-- stateless rules in the policy. If you want non-matching packets to be+-- forwarded for stateful inspection, specify @aws:forward_to_sfe@.+--+-- You must specify one of the standard actions: @aws:pass@, @aws:drop@, or+-- @aws:forward_to_sfe@. In addition, you can specify custom actions that+-- are compatible with your standard section choice.+--+-- For example, you could specify @[\"aws:pass\"]@ or you could specify+-- @[\"aws:pass\", “customActionName”]@. For information about+-- compatibility, see the custom action descriptions under CustomAction.+firewallPolicy_statelessDefaultActions :: Lens.Lens' FirewallPolicy [Prelude.Text]+firewallPolicy_statelessDefaultActions = Lens.lens (\FirewallPolicy' {statelessDefaultActions} -> statelessDefaultActions) (\s@FirewallPolicy' {} a -> s {statelessDefaultActions = a} :: FirewallPolicy) Prelude.. Lens.coerced++-- | The actions to take on a fragmented UDP packet if it doesn\'t match any+-- of the stateless rules in the policy. Network Firewall only manages UDP+-- packet fragments and silently drops packet fragments for other+-- protocols. If you want non-matching fragmented UDP packets to be+-- forwarded for stateful inspection, specify @aws:forward_to_sfe@.+--+-- You must specify one of the standard actions: @aws:pass@, @aws:drop@, or+-- @aws:forward_to_sfe@. In addition, you can specify custom actions that+-- are compatible with your standard section choice.+--+-- For example, you could specify @[\"aws:pass\"]@ or you could specify+-- @[\"aws:pass\", “customActionName”]@. For information about+-- compatibility, see the custom action descriptions under CustomAction.+firewallPolicy_statelessFragmentDefaultActions :: Lens.Lens' FirewallPolicy [Prelude.Text]+firewallPolicy_statelessFragmentDefaultActions = Lens.lens (\FirewallPolicy' {statelessFragmentDefaultActions} -> statelessFragmentDefaultActions) (\s@FirewallPolicy' {} a -> s {statelessFragmentDefaultActions = a} :: FirewallPolicy) Prelude.. Lens.coerced++instance Data.FromJSON FirewallPolicy where+ parseJSON =+ Data.withObject+ "FirewallPolicy"+ ( \x ->+ FirewallPolicy'+ Prelude.<$> ( x+ Data..:? "StatefulDefaultActions"+ Data..!= Prelude.mempty+ )+ Prelude.<*> (x Data..:? "StatefulEngineOptions")+ Prelude.<*> ( x+ Data..:? "StatefulRuleGroupReferences"+ Data..!= Prelude.mempty+ )+ Prelude.<*> ( x+ Data..:? "StatelessCustomActions"+ Data..!= Prelude.mempty+ )+ Prelude.<*> ( x+ Data..:? "StatelessRuleGroupReferences"+ Data..!= Prelude.mempty+ )+ Prelude.<*> ( x+ Data..:? "StatelessDefaultActions"+ Data..!= Prelude.mempty+ )+ Prelude.<*> ( x+ Data..:? "StatelessFragmentDefaultActions"+ Data..!= Prelude.mempty+ )+ )++instance Prelude.Hashable FirewallPolicy where+ hashWithSalt _salt FirewallPolicy' {..} =+ _salt+ `Prelude.hashWithSalt` statefulDefaultActions+ `Prelude.hashWithSalt` statefulEngineOptions+ `Prelude.hashWithSalt` statefulRuleGroupReferences+ `Prelude.hashWithSalt` statelessCustomActions+ `Prelude.hashWithSalt` statelessRuleGroupReferences+ `Prelude.hashWithSalt` statelessDefaultActions+ `Prelude.hashWithSalt` statelessFragmentDefaultActions++instance Prelude.NFData FirewallPolicy where+ rnf FirewallPolicy' {..} =+ Prelude.rnf statefulDefaultActions+ `Prelude.seq` Prelude.rnf statefulEngineOptions+ `Prelude.seq` Prelude.rnf statefulRuleGroupReferences+ `Prelude.seq` Prelude.rnf statelessCustomActions+ `Prelude.seq` Prelude.rnf statelessRuleGroupReferences+ `Prelude.seq` Prelude.rnf statelessDefaultActions+ `Prelude.seq` Prelude.rnf statelessFragmentDefaultActions++instance Data.ToJSON FirewallPolicy where+ toJSON FirewallPolicy' {..} =+ Data.object+ ( Prelude.catMaybes+ [ ("StatefulDefaultActions" Data..=)+ Prelude.<$> statefulDefaultActions,+ ("StatefulEngineOptions" Data..=)+ Prelude.<$> statefulEngineOptions,+ ("StatefulRuleGroupReferences" Data..=)+ Prelude.<$> statefulRuleGroupReferences,+ ("StatelessCustomActions" Data..=)+ Prelude.<$> statelessCustomActions,+ ("StatelessRuleGroupReferences" Data..=)+ Prelude.<$> statelessRuleGroupReferences,+ Prelude.Just+ ( "StatelessDefaultActions"+ Data..= statelessDefaultActions+ ),+ Prelude.Just+ ( "StatelessFragmentDefaultActions"+ Data..= statelessFragmentDefaultActions+ )+ ]+ )
+ gen/Amazonka/NetworkFirewall/Types/FirewallPolicyMetadata.hs view
@@ -0,0 +1,89 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.Types.FirewallPolicyMetadata+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.Types.FirewallPolicyMetadata where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import qualified Amazonka.Prelude as Prelude++-- | High-level information about a firewall policy, returned by operations+-- like create and describe. You can use the information provided in the+-- metadata to retrieve and manage a firewall policy. You can retrieve all+-- objects for a firewall policy by calling DescribeFirewallPolicy.+--+-- /See:/ 'newFirewallPolicyMetadata' smart constructor.+data FirewallPolicyMetadata = FirewallPolicyMetadata'+ { -- | The Amazon Resource Name (ARN) of the firewall policy.+ arn :: Prelude.Maybe Prelude.Text,+ -- | The descriptive name of the firewall policy. You can\'t change the name+ -- of a firewall policy after you create it.+ name :: Prelude.Maybe Prelude.Text+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'FirewallPolicyMetadata' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'arn', 'firewallPolicyMetadata_arn' - The Amazon Resource Name (ARN) of the firewall policy.+--+-- 'name', 'firewallPolicyMetadata_name' - The descriptive name of the firewall policy. You can\'t change the name+-- of a firewall policy after you create it.+newFirewallPolicyMetadata ::+ FirewallPolicyMetadata+newFirewallPolicyMetadata =+ FirewallPolicyMetadata'+ { arn = Prelude.Nothing,+ name = Prelude.Nothing+ }++-- | The Amazon Resource Name (ARN) of the firewall policy.+firewallPolicyMetadata_arn :: Lens.Lens' FirewallPolicyMetadata (Prelude.Maybe Prelude.Text)+firewallPolicyMetadata_arn = Lens.lens (\FirewallPolicyMetadata' {arn} -> arn) (\s@FirewallPolicyMetadata' {} a -> s {arn = a} :: FirewallPolicyMetadata)++-- | The descriptive name of the firewall policy. You can\'t change the name+-- of a firewall policy after you create it.+firewallPolicyMetadata_name :: Lens.Lens' FirewallPolicyMetadata (Prelude.Maybe Prelude.Text)+firewallPolicyMetadata_name = Lens.lens (\FirewallPolicyMetadata' {name} -> name) (\s@FirewallPolicyMetadata' {} a -> s {name = a} :: FirewallPolicyMetadata)++instance Data.FromJSON FirewallPolicyMetadata where+ parseJSON =+ Data.withObject+ "FirewallPolicyMetadata"+ ( \x ->+ FirewallPolicyMetadata'+ Prelude.<$> (x Data..:? "Arn")+ Prelude.<*> (x Data..:? "Name")+ )++instance Prelude.Hashable FirewallPolicyMetadata where+ hashWithSalt _salt FirewallPolicyMetadata' {..} =+ _salt+ `Prelude.hashWithSalt` arn+ `Prelude.hashWithSalt` name++instance Prelude.NFData FirewallPolicyMetadata where+ rnf FirewallPolicyMetadata' {..} =+ Prelude.rnf arn `Prelude.seq` Prelude.rnf name
+ gen/Amazonka/NetworkFirewall/Types/FirewallPolicyResponse.hs view
@@ -0,0 +1,237 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.Types.FirewallPolicyResponse+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.Types.FirewallPolicyResponse where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import Amazonka.NetworkFirewall.Types.EncryptionConfiguration+import Amazonka.NetworkFirewall.Types.ResourceStatus+import Amazonka.NetworkFirewall.Types.Tag+import qualified Amazonka.Prelude as Prelude++-- | The high-level properties of a firewall policy. This, along with the+-- FirewallPolicy, define the policy. You can retrieve all objects for a+-- firewall policy by calling DescribeFirewallPolicy.+--+-- /See:/ 'newFirewallPolicyResponse' smart constructor.+data FirewallPolicyResponse = FirewallPolicyResponse'+ { -- | The number of capacity units currently consumed by the policy\'s+ -- stateful rules.+ consumedStatefulRuleCapacity :: Prelude.Maybe Prelude.Int,+ -- | The number of capacity units currently consumed by the policy\'s+ -- stateless rules.+ consumedStatelessRuleCapacity :: Prelude.Maybe Prelude.Int,+ -- | A description of the firewall policy.+ description :: Prelude.Maybe Prelude.Text,+ -- | A complex type that contains the Amazon Web Services KMS encryption+ -- configuration settings for your firewall policy.+ encryptionConfiguration :: Prelude.Maybe EncryptionConfiguration,+ -- | The current status of the firewall policy. You can retrieve this for a+ -- firewall policy by calling DescribeFirewallPolicy and providing the+ -- firewall policy\'s name or ARN.+ firewallPolicyStatus :: Prelude.Maybe ResourceStatus,+ -- | The last time that the firewall policy was changed.+ lastModifiedTime :: Prelude.Maybe Data.POSIX,+ -- | The number of firewalls that are associated with this firewall policy.+ numberOfAssociations :: Prelude.Maybe Prelude.Int,+ -- | The key:value pairs to associate with the resource.+ tags :: Prelude.Maybe (Prelude.NonEmpty Tag),+ -- | The descriptive name of the firewall policy. You can\'t change the name+ -- of a firewall policy after you create it.+ firewallPolicyName :: Prelude.Text,+ -- | The Amazon Resource Name (ARN) of the firewall policy.+ --+ -- If this response is for a create request that had @DryRun@ set to+ -- @TRUE@, then this ARN is a placeholder that isn\'t attached to a valid+ -- resource.+ firewallPolicyArn :: Prelude.Text,+ -- | The unique identifier for the firewall policy.+ firewallPolicyId :: Prelude.Text+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'FirewallPolicyResponse' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'consumedStatefulRuleCapacity', 'firewallPolicyResponse_consumedStatefulRuleCapacity' - The number of capacity units currently consumed by the policy\'s+-- stateful rules.+--+-- 'consumedStatelessRuleCapacity', 'firewallPolicyResponse_consumedStatelessRuleCapacity' - The number of capacity units currently consumed by the policy\'s+-- stateless rules.+--+-- 'description', 'firewallPolicyResponse_description' - A description of the firewall policy.+--+-- 'encryptionConfiguration', 'firewallPolicyResponse_encryptionConfiguration' - A complex type that contains the Amazon Web Services KMS encryption+-- configuration settings for your firewall policy.+--+-- 'firewallPolicyStatus', 'firewallPolicyResponse_firewallPolicyStatus' - The current status of the firewall policy. You can retrieve this for a+-- firewall policy by calling DescribeFirewallPolicy and providing the+-- firewall policy\'s name or ARN.+--+-- 'lastModifiedTime', 'firewallPolicyResponse_lastModifiedTime' - The last time that the firewall policy was changed.+--+-- 'numberOfAssociations', 'firewallPolicyResponse_numberOfAssociations' - The number of firewalls that are associated with this firewall policy.+--+-- 'tags', 'firewallPolicyResponse_tags' - The key:value pairs to associate with the resource.+--+-- 'firewallPolicyName', 'firewallPolicyResponse_firewallPolicyName' - The descriptive name of the firewall policy. You can\'t change the name+-- of a firewall policy after you create it.+--+-- 'firewallPolicyArn', 'firewallPolicyResponse_firewallPolicyArn' - The Amazon Resource Name (ARN) of the firewall policy.+--+-- If this response is for a create request that had @DryRun@ set to+-- @TRUE@, then this ARN is a placeholder that isn\'t attached to a valid+-- resource.+--+-- 'firewallPolicyId', 'firewallPolicyResponse_firewallPolicyId' - The unique identifier for the firewall policy.+newFirewallPolicyResponse ::+ -- | 'firewallPolicyName'+ Prelude.Text ->+ -- | 'firewallPolicyArn'+ Prelude.Text ->+ -- | 'firewallPolicyId'+ Prelude.Text ->+ FirewallPolicyResponse+newFirewallPolicyResponse+ pFirewallPolicyName_+ pFirewallPolicyArn_+ pFirewallPolicyId_ =+ FirewallPolicyResponse'+ { consumedStatefulRuleCapacity =+ Prelude.Nothing,+ consumedStatelessRuleCapacity = Prelude.Nothing,+ description = Prelude.Nothing,+ encryptionConfiguration = Prelude.Nothing,+ firewallPolicyStatus = Prelude.Nothing,+ lastModifiedTime = Prelude.Nothing,+ numberOfAssociations = Prelude.Nothing,+ tags = Prelude.Nothing,+ firewallPolicyName = pFirewallPolicyName_,+ firewallPolicyArn = pFirewallPolicyArn_,+ firewallPolicyId = pFirewallPolicyId_+ }++-- | The number of capacity units currently consumed by the policy\'s+-- stateful rules.+firewallPolicyResponse_consumedStatefulRuleCapacity :: Lens.Lens' FirewallPolicyResponse (Prelude.Maybe Prelude.Int)+firewallPolicyResponse_consumedStatefulRuleCapacity = Lens.lens (\FirewallPolicyResponse' {consumedStatefulRuleCapacity} -> consumedStatefulRuleCapacity) (\s@FirewallPolicyResponse' {} a -> s {consumedStatefulRuleCapacity = a} :: FirewallPolicyResponse)++-- | The number of capacity units currently consumed by the policy\'s+-- stateless rules.+firewallPolicyResponse_consumedStatelessRuleCapacity :: Lens.Lens' FirewallPolicyResponse (Prelude.Maybe Prelude.Int)+firewallPolicyResponse_consumedStatelessRuleCapacity = Lens.lens (\FirewallPolicyResponse' {consumedStatelessRuleCapacity} -> consumedStatelessRuleCapacity) (\s@FirewallPolicyResponse' {} a -> s {consumedStatelessRuleCapacity = a} :: FirewallPolicyResponse)++-- | A description of the firewall policy.+firewallPolicyResponse_description :: Lens.Lens' FirewallPolicyResponse (Prelude.Maybe Prelude.Text)+firewallPolicyResponse_description = Lens.lens (\FirewallPolicyResponse' {description} -> description) (\s@FirewallPolicyResponse' {} a -> s {description = a} :: FirewallPolicyResponse)++-- | A complex type that contains the Amazon Web Services KMS encryption+-- configuration settings for your firewall policy.+firewallPolicyResponse_encryptionConfiguration :: Lens.Lens' FirewallPolicyResponse (Prelude.Maybe EncryptionConfiguration)+firewallPolicyResponse_encryptionConfiguration = Lens.lens (\FirewallPolicyResponse' {encryptionConfiguration} -> encryptionConfiguration) (\s@FirewallPolicyResponse' {} a -> s {encryptionConfiguration = a} :: FirewallPolicyResponse)++-- | The current status of the firewall policy. You can retrieve this for a+-- firewall policy by calling DescribeFirewallPolicy and providing the+-- firewall policy\'s name or ARN.+firewallPolicyResponse_firewallPolicyStatus :: Lens.Lens' FirewallPolicyResponse (Prelude.Maybe ResourceStatus)+firewallPolicyResponse_firewallPolicyStatus = Lens.lens (\FirewallPolicyResponse' {firewallPolicyStatus} -> firewallPolicyStatus) (\s@FirewallPolicyResponse' {} a -> s {firewallPolicyStatus = a} :: FirewallPolicyResponse)++-- | The last time that the firewall policy was changed.+firewallPolicyResponse_lastModifiedTime :: Lens.Lens' FirewallPolicyResponse (Prelude.Maybe Prelude.UTCTime)+firewallPolicyResponse_lastModifiedTime = Lens.lens (\FirewallPolicyResponse' {lastModifiedTime} -> lastModifiedTime) (\s@FirewallPolicyResponse' {} a -> s {lastModifiedTime = a} :: FirewallPolicyResponse) Prelude.. Lens.mapping Data._Time++-- | The number of firewalls that are associated with this firewall policy.+firewallPolicyResponse_numberOfAssociations :: Lens.Lens' FirewallPolicyResponse (Prelude.Maybe Prelude.Int)+firewallPolicyResponse_numberOfAssociations = Lens.lens (\FirewallPolicyResponse' {numberOfAssociations} -> numberOfAssociations) (\s@FirewallPolicyResponse' {} a -> s {numberOfAssociations = a} :: FirewallPolicyResponse)++-- | The key:value pairs to associate with the resource.+firewallPolicyResponse_tags :: Lens.Lens' FirewallPolicyResponse (Prelude.Maybe (Prelude.NonEmpty Tag))+firewallPolicyResponse_tags = Lens.lens (\FirewallPolicyResponse' {tags} -> tags) (\s@FirewallPolicyResponse' {} a -> s {tags = a} :: FirewallPolicyResponse) Prelude.. Lens.mapping Lens.coerced++-- | The descriptive name of the firewall policy. You can\'t change the name+-- of a firewall policy after you create it.+firewallPolicyResponse_firewallPolicyName :: Lens.Lens' FirewallPolicyResponse Prelude.Text+firewallPolicyResponse_firewallPolicyName = Lens.lens (\FirewallPolicyResponse' {firewallPolicyName} -> firewallPolicyName) (\s@FirewallPolicyResponse' {} a -> s {firewallPolicyName = a} :: FirewallPolicyResponse)++-- | The Amazon Resource Name (ARN) of the firewall policy.+--+-- If this response is for a create request that had @DryRun@ set to+-- @TRUE@, then this ARN is a placeholder that isn\'t attached to a valid+-- resource.+firewallPolicyResponse_firewallPolicyArn :: Lens.Lens' FirewallPolicyResponse Prelude.Text+firewallPolicyResponse_firewallPolicyArn = Lens.lens (\FirewallPolicyResponse' {firewallPolicyArn} -> firewallPolicyArn) (\s@FirewallPolicyResponse' {} a -> s {firewallPolicyArn = a} :: FirewallPolicyResponse)++-- | The unique identifier for the firewall policy.+firewallPolicyResponse_firewallPolicyId :: Lens.Lens' FirewallPolicyResponse Prelude.Text+firewallPolicyResponse_firewallPolicyId = Lens.lens (\FirewallPolicyResponse' {firewallPolicyId} -> firewallPolicyId) (\s@FirewallPolicyResponse' {} a -> s {firewallPolicyId = a} :: FirewallPolicyResponse)++instance Data.FromJSON FirewallPolicyResponse where+ parseJSON =+ Data.withObject+ "FirewallPolicyResponse"+ ( \x ->+ FirewallPolicyResponse'+ Prelude.<$> (x Data..:? "ConsumedStatefulRuleCapacity")+ Prelude.<*> (x Data..:? "ConsumedStatelessRuleCapacity")+ Prelude.<*> (x Data..:? "Description")+ Prelude.<*> (x Data..:? "EncryptionConfiguration")+ Prelude.<*> (x Data..:? "FirewallPolicyStatus")+ Prelude.<*> (x Data..:? "LastModifiedTime")+ Prelude.<*> (x Data..:? "NumberOfAssociations")+ Prelude.<*> (x Data..:? "Tags")+ Prelude.<*> (x Data..: "FirewallPolicyName")+ Prelude.<*> (x Data..: "FirewallPolicyArn")+ Prelude.<*> (x Data..: "FirewallPolicyId")+ )++instance Prelude.Hashable FirewallPolicyResponse where+ hashWithSalt _salt FirewallPolicyResponse' {..} =+ _salt+ `Prelude.hashWithSalt` consumedStatefulRuleCapacity+ `Prelude.hashWithSalt` consumedStatelessRuleCapacity+ `Prelude.hashWithSalt` description+ `Prelude.hashWithSalt` encryptionConfiguration+ `Prelude.hashWithSalt` firewallPolicyStatus+ `Prelude.hashWithSalt` lastModifiedTime+ `Prelude.hashWithSalt` numberOfAssociations+ `Prelude.hashWithSalt` tags+ `Prelude.hashWithSalt` firewallPolicyName+ `Prelude.hashWithSalt` firewallPolicyArn+ `Prelude.hashWithSalt` firewallPolicyId++instance Prelude.NFData FirewallPolicyResponse where+ rnf FirewallPolicyResponse' {..} =+ Prelude.rnf consumedStatefulRuleCapacity+ `Prelude.seq` Prelude.rnf consumedStatelessRuleCapacity+ `Prelude.seq` Prelude.rnf description+ `Prelude.seq` Prelude.rnf encryptionConfiguration+ `Prelude.seq` Prelude.rnf firewallPolicyStatus+ `Prelude.seq` Prelude.rnf lastModifiedTime+ `Prelude.seq` Prelude.rnf numberOfAssociations+ `Prelude.seq` Prelude.rnf tags+ `Prelude.seq` Prelude.rnf firewallPolicyName+ `Prelude.seq` Prelude.rnf firewallPolicyArn+ `Prelude.seq` Prelude.rnf firewallPolicyId
+ gen/Amazonka/NetworkFirewall/Types/FirewallStatus.hs view
@@ -0,0 +1,191 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.Types.FirewallStatus+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.Types.FirewallStatus where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import Amazonka.NetworkFirewall.Types.CapacityUsageSummary+import Amazonka.NetworkFirewall.Types.ConfigurationSyncState+import Amazonka.NetworkFirewall.Types.FirewallStatusValue+import Amazonka.NetworkFirewall.Types.SyncState+import qualified Amazonka.Prelude as Prelude++-- | Detailed information about the current status of a Firewall. You can+-- retrieve this for a firewall by calling DescribeFirewall and providing+-- the firewall name and ARN.+--+-- /See:/ 'newFirewallStatus' smart constructor.+data FirewallStatus = FirewallStatus'+ { -- | Describes the capacity usage of the resources contained in a firewall\'s+ -- reference sets. Network Firewall calclulates the capacity usage by+ -- taking an aggregated count of all of the resources used by all of the+ -- reference sets in a firewall.+ capacityUsageSummary :: Prelude.Maybe CapacityUsageSummary,+ -- | The subnets that you\'ve configured for use by the Network Firewall+ -- firewall. This contains one array element per Availability Zone where+ -- you\'ve configured a subnet. These objects provide details of the+ -- information that is summarized in the @ConfigurationSyncStateSummary@+ -- and @Status@, broken down by zone and configuration object.+ syncStates :: Prelude.Maybe (Prelude.HashMap Prelude.Text SyncState),+ -- | The readiness of the configured firewall to handle network traffic+ -- across all of the Availability Zones where you\'ve configured it. This+ -- setting is @READY@ only when the @ConfigurationSyncStateSummary@ value+ -- is @IN_SYNC@ and the @Attachment@ @Status@ values for all of the+ -- configured subnets are @READY@.+ status :: FirewallStatusValue,+ -- | The configuration sync state for the firewall. This summarizes the sync+ -- states reported in the @Config@ settings for all of the Availability+ -- Zones where you have configured the firewall.+ --+ -- When you create a firewall or update its configuration, for example by+ -- adding a rule group to its firewall policy, Network Firewall distributes+ -- the configuration changes to all zones where the firewall is in use.+ -- This summary indicates whether the configuration changes have been+ -- applied everywhere.+ --+ -- This status must be @IN_SYNC@ for the firewall to be ready for use, but+ -- it doesn\'t indicate that the firewall is ready. The @Status@ setting+ -- indicates firewall readiness.+ configurationSyncStateSummary :: ConfigurationSyncState+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'FirewallStatus' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'capacityUsageSummary', 'firewallStatus_capacityUsageSummary' - Describes the capacity usage of the resources contained in a firewall\'s+-- reference sets. Network Firewall calclulates the capacity usage by+-- taking an aggregated count of all of the resources used by all of the+-- reference sets in a firewall.+--+-- 'syncStates', 'firewallStatus_syncStates' - The subnets that you\'ve configured for use by the Network Firewall+-- firewall. This contains one array element per Availability Zone where+-- you\'ve configured a subnet. These objects provide details of the+-- information that is summarized in the @ConfigurationSyncStateSummary@+-- and @Status@, broken down by zone and configuration object.+--+-- 'status', 'firewallStatus_status' - The readiness of the configured firewall to handle network traffic+-- across all of the Availability Zones where you\'ve configured it. This+-- setting is @READY@ only when the @ConfigurationSyncStateSummary@ value+-- is @IN_SYNC@ and the @Attachment@ @Status@ values for all of the+-- configured subnets are @READY@.+--+-- 'configurationSyncStateSummary', 'firewallStatus_configurationSyncStateSummary' - The configuration sync state for the firewall. This summarizes the sync+-- states reported in the @Config@ settings for all of the Availability+-- Zones where you have configured the firewall.+--+-- When you create a firewall or update its configuration, for example by+-- adding a rule group to its firewall policy, Network Firewall distributes+-- the configuration changes to all zones where the firewall is in use.+-- This summary indicates whether the configuration changes have been+-- applied everywhere.+--+-- This status must be @IN_SYNC@ for the firewall to be ready for use, but+-- it doesn\'t indicate that the firewall is ready. The @Status@ setting+-- indicates firewall readiness.+newFirewallStatus ::+ -- | 'status'+ FirewallStatusValue ->+ -- | 'configurationSyncStateSummary'+ ConfigurationSyncState ->+ FirewallStatus+newFirewallStatus+ pStatus_+ pConfigurationSyncStateSummary_ =+ FirewallStatus'+ { capacityUsageSummary =+ Prelude.Nothing,+ syncStates = Prelude.Nothing,+ status = pStatus_,+ configurationSyncStateSummary =+ pConfigurationSyncStateSummary_+ }++-- | Describes the capacity usage of the resources contained in a firewall\'s+-- reference sets. Network Firewall calclulates the capacity usage by+-- taking an aggregated count of all of the resources used by all of the+-- reference sets in a firewall.+firewallStatus_capacityUsageSummary :: Lens.Lens' FirewallStatus (Prelude.Maybe CapacityUsageSummary)+firewallStatus_capacityUsageSummary = Lens.lens (\FirewallStatus' {capacityUsageSummary} -> capacityUsageSummary) (\s@FirewallStatus' {} a -> s {capacityUsageSummary = a} :: FirewallStatus)++-- | The subnets that you\'ve configured for use by the Network Firewall+-- firewall. This contains one array element per Availability Zone where+-- you\'ve configured a subnet. These objects provide details of the+-- information that is summarized in the @ConfigurationSyncStateSummary@+-- and @Status@, broken down by zone and configuration object.+firewallStatus_syncStates :: Lens.Lens' FirewallStatus (Prelude.Maybe (Prelude.HashMap Prelude.Text SyncState))+firewallStatus_syncStates = Lens.lens (\FirewallStatus' {syncStates} -> syncStates) (\s@FirewallStatus' {} a -> s {syncStates = a} :: FirewallStatus) Prelude.. Lens.mapping Lens.coerced++-- | The readiness of the configured firewall to handle network traffic+-- across all of the Availability Zones where you\'ve configured it. This+-- setting is @READY@ only when the @ConfigurationSyncStateSummary@ value+-- is @IN_SYNC@ and the @Attachment@ @Status@ values for all of the+-- configured subnets are @READY@.+firewallStatus_status :: Lens.Lens' FirewallStatus FirewallStatusValue+firewallStatus_status = Lens.lens (\FirewallStatus' {status} -> status) (\s@FirewallStatus' {} a -> s {status = a} :: FirewallStatus)++-- | The configuration sync state for the firewall. This summarizes the sync+-- states reported in the @Config@ settings for all of the Availability+-- Zones where you have configured the firewall.+--+-- When you create a firewall or update its configuration, for example by+-- adding a rule group to its firewall policy, Network Firewall distributes+-- the configuration changes to all zones where the firewall is in use.+-- This summary indicates whether the configuration changes have been+-- applied everywhere.+--+-- This status must be @IN_SYNC@ for the firewall to be ready for use, but+-- it doesn\'t indicate that the firewall is ready. The @Status@ setting+-- indicates firewall readiness.+firewallStatus_configurationSyncStateSummary :: Lens.Lens' FirewallStatus ConfigurationSyncState+firewallStatus_configurationSyncStateSummary = Lens.lens (\FirewallStatus' {configurationSyncStateSummary} -> configurationSyncStateSummary) (\s@FirewallStatus' {} a -> s {configurationSyncStateSummary = a} :: FirewallStatus)++instance Data.FromJSON FirewallStatus where+ parseJSON =+ Data.withObject+ "FirewallStatus"+ ( \x ->+ FirewallStatus'+ Prelude.<$> (x Data..:? "CapacityUsageSummary")+ Prelude.<*> (x Data..:? "SyncStates" Data..!= Prelude.mempty)+ Prelude.<*> (x Data..: "Status")+ Prelude.<*> (x Data..: "ConfigurationSyncStateSummary")+ )++instance Prelude.Hashable FirewallStatus where+ hashWithSalt _salt FirewallStatus' {..} =+ _salt+ `Prelude.hashWithSalt` capacityUsageSummary+ `Prelude.hashWithSalt` syncStates+ `Prelude.hashWithSalt` status+ `Prelude.hashWithSalt` configurationSyncStateSummary++instance Prelude.NFData FirewallStatus where+ rnf FirewallStatus' {..} =+ Prelude.rnf capacityUsageSummary+ `Prelude.seq` Prelude.rnf syncStates+ `Prelude.seq` Prelude.rnf status+ `Prelude.seq` Prelude.rnf configurationSyncStateSummary
+ gen/Amazonka/NetworkFirewall/Types/FirewallStatusValue.hs view
@@ -0,0 +1,76 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DerivingStrategies #-}+{-# LANGUAGE GeneralizedNewtypeDeriving #-}+{-# LANGUAGE LambdaCase #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE PatternSynonyms #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.Types.FirewallStatusValue+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.Types.FirewallStatusValue+ ( FirewallStatusValue+ ( ..,+ FirewallStatusValue_DELETING,+ FirewallStatusValue_PROVISIONING,+ FirewallStatusValue_READY+ ),+ )+where++import qualified Amazonka.Core as Core+import qualified Amazonka.Data as Data+import qualified Amazonka.Prelude as Prelude++newtype FirewallStatusValue = FirewallStatusValue'+ { fromFirewallStatusValue ::+ Data.Text+ }+ deriving stock+ ( Prelude.Show,+ Prelude.Read,+ Prelude.Eq,+ Prelude.Ord,+ Prelude.Generic+ )+ deriving newtype+ ( Prelude.Hashable,+ Prelude.NFData,+ Data.FromText,+ Data.ToText,+ Data.ToByteString,+ Data.ToLog,+ Data.ToHeader,+ Data.ToQuery,+ Data.FromJSON,+ Data.FromJSONKey,+ Data.ToJSON,+ Data.ToJSONKey,+ Data.FromXML,+ Data.ToXML+ )++pattern FirewallStatusValue_DELETING :: FirewallStatusValue+pattern FirewallStatusValue_DELETING = FirewallStatusValue' "DELETING"++pattern FirewallStatusValue_PROVISIONING :: FirewallStatusValue+pattern FirewallStatusValue_PROVISIONING = FirewallStatusValue' "PROVISIONING"++pattern FirewallStatusValue_READY :: FirewallStatusValue+pattern FirewallStatusValue_READY = FirewallStatusValue' "READY"++{-# COMPLETE+ FirewallStatusValue_DELETING,+ FirewallStatusValue_PROVISIONING,+ FirewallStatusValue_READY,+ FirewallStatusValue'+ #-}
+ gen/Amazonka/NetworkFirewall/Types/GeneratedRulesType.hs view
@@ -0,0 +1,71 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DerivingStrategies #-}+{-# LANGUAGE GeneralizedNewtypeDeriving #-}+{-# LANGUAGE LambdaCase #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE PatternSynonyms #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.Types.GeneratedRulesType+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.Types.GeneratedRulesType+ ( GeneratedRulesType+ ( ..,+ GeneratedRulesType_ALLOWLIST,+ GeneratedRulesType_DENYLIST+ ),+ )+where++import qualified Amazonka.Core as Core+import qualified Amazonka.Data as Data+import qualified Amazonka.Prelude as Prelude++newtype GeneratedRulesType = GeneratedRulesType'+ { fromGeneratedRulesType ::+ Data.Text+ }+ deriving stock+ ( Prelude.Show,+ Prelude.Read,+ Prelude.Eq,+ Prelude.Ord,+ Prelude.Generic+ )+ deriving newtype+ ( Prelude.Hashable,+ Prelude.NFData,+ Data.FromText,+ Data.ToText,+ Data.ToByteString,+ Data.ToLog,+ Data.ToHeader,+ Data.ToQuery,+ Data.FromJSON,+ Data.FromJSONKey,+ Data.ToJSON,+ Data.ToJSONKey,+ Data.FromXML,+ Data.ToXML+ )++pattern GeneratedRulesType_ALLOWLIST :: GeneratedRulesType+pattern GeneratedRulesType_ALLOWLIST = GeneratedRulesType' "ALLOWLIST"++pattern GeneratedRulesType_DENYLIST :: GeneratedRulesType+pattern GeneratedRulesType_DENYLIST = GeneratedRulesType' "DENYLIST"++{-# COMPLETE+ GeneratedRulesType_ALLOWLIST,+ GeneratedRulesType_DENYLIST,+ GeneratedRulesType'+ #-}
+ gen/Amazonka/NetworkFirewall/Types/Header.hs view
@@ -0,0 +1,291 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.Types.Header+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.Types.Header where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import Amazonka.NetworkFirewall.Types.StatefulRuleDirection+import Amazonka.NetworkFirewall.Types.StatefulRuleProtocol+import qualified Amazonka.Prelude as Prelude++-- | The basic rule criteria for Network Firewall to use to inspect packet+-- headers in stateful traffic flow inspection. Traffic flows that match+-- the criteria are a match for the corresponding StatefulRule.+--+-- /See:/ 'newHeader' smart constructor.+data Header = Header'+ { -- | The protocol to inspect for. To specify all, you can use @IP@, because+ -- all traffic on Amazon Web Services and on the internet is IP.+ protocol :: StatefulRuleProtocol,+ -- | The source IP address or address range to inspect for, in CIDR notation.+ -- To match with any address, specify @ANY@.+ --+ -- Specify an IP address or a block of IP addresses in Classless+ -- Inter-Domain Routing (CIDR) notation. Network Firewall supports all+ -- address ranges for IPv4.+ --+ -- Examples:+ --+ -- - To configure Network Firewall to inspect for the IP address+ -- 192.0.2.44, specify @192.0.2.44\/32@.+ --+ -- - To configure Network Firewall to inspect for IP addresses from+ -- 192.0.2.0 to 192.0.2.255, specify @192.0.2.0\/24@.+ --+ -- For more information about CIDR notation, see the Wikipedia entry+ -- <https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing Classless Inter-Domain Routing>.+ source :: Prelude.Text,+ -- | The source port to inspect for. You can specify an individual port, for+ -- example @1994@ and you can specify a port range, for example+ -- @1990:1994@. To match with any port, specify @ANY@.+ sourcePort :: Prelude.Text,+ -- | The direction of traffic flow to inspect. If set to @ANY@, the+ -- inspection matches bidirectional traffic, both from the source to the+ -- destination and from the destination to the source. If set to @FORWARD@,+ -- the inspection only matches traffic going from the source to the+ -- destination.+ direction :: StatefulRuleDirection,+ -- | The destination IP address or address range to inspect for, in CIDR+ -- notation. To match with any address, specify @ANY@.+ --+ -- Specify an IP address or a block of IP addresses in Classless+ -- Inter-Domain Routing (CIDR) notation. Network Firewall supports all+ -- address ranges for IPv4.+ --+ -- Examples:+ --+ -- - To configure Network Firewall to inspect for the IP address+ -- 192.0.2.44, specify @192.0.2.44\/32@.+ --+ -- - To configure Network Firewall to inspect for IP addresses from+ -- 192.0.2.0 to 192.0.2.255, specify @192.0.2.0\/24@.+ --+ -- For more information about CIDR notation, see the Wikipedia entry+ -- <https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing Classless Inter-Domain Routing>.+ destination :: Prelude.Text,+ -- | The destination port to inspect for. You can specify an individual port,+ -- for example @1994@ and you can specify a port range, for example+ -- @1990:1994@. To match with any port, specify @ANY@.+ destinationPort :: Prelude.Text+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'Header' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'protocol', 'header_protocol' - The protocol to inspect for. To specify all, you can use @IP@, because+-- all traffic on Amazon Web Services and on the internet is IP.+--+-- 'source', 'header_source' - The source IP address or address range to inspect for, in CIDR notation.+-- To match with any address, specify @ANY@.+--+-- Specify an IP address or a block of IP addresses in Classless+-- Inter-Domain Routing (CIDR) notation. Network Firewall supports all+-- address ranges for IPv4.+--+-- Examples:+--+-- - To configure Network Firewall to inspect for the IP address+-- 192.0.2.44, specify @192.0.2.44\/32@.+--+-- - To configure Network Firewall to inspect for IP addresses from+-- 192.0.2.0 to 192.0.2.255, specify @192.0.2.0\/24@.+--+-- For more information about CIDR notation, see the Wikipedia entry+-- <https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing Classless Inter-Domain Routing>.+--+-- 'sourcePort', 'header_sourcePort' - The source port to inspect for. You can specify an individual port, for+-- example @1994@ and you can specify a port range, for example+-- @1990:1994@. To match with any port, specify @ANY@.+--+-- 'direction', 'header_direction' - The direction of traffic flow to inspect. If set to @ANY@, the+-- inspection matches bidirectional traffic, both from the source to the+-- destination and from the destination to the source. If set to @FORWARD@,+-- the inspection only matches traffic going from the source to the+-- destination.+--+-- 'destination', 'header_destination' - The destination IP address or address range to inspect for, in CIDR+-- notation. To match with any address, specify @ANY@.+--+-- Specify an IP address or a block of IP addresses in Classless+-- Inter-Domain Routing (CIDR) notation. Network Firewall supports all+-- address ranges for IPv4.+--+-- Examples:+--+-- - To configure Network Firewall to inspect for the IP address+-- 192.0.2.44, specify @192.0.2.44\/32@.+--+-- - To configure Network Firewall to inspect for IP addresses from+-- 192.0.2.0 to 192.0.2.255, specify @192.0.2.0\/24@.+--+-- For more information about CIDR notation, see the Wikipedia entry+-- <https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing Classless Inter-Domain Routing>.+--+-- 'destinationPort', 'header_destinationPort' - The destination port to inspect for. You can specify an individual port,+-- for example @1994@ and you can specify a port range, for example+-- @1990:1994@. To match with any port, specify @ANY@.+newHeader ::+ -- | 'protocol'+ StatefulRuleProtocol ->+ -- | 'source'+ Prelude.Text ->+ -- | 'sourcePort'+ Prelude.Text ->+ -- | 'direction'+ StatefulRuleDirection ->+ -- | 'destination'+ Prelude.Text ->+ -- | 'destinationPort'+ Prelude.Text ->+ Header+newHeader+ pProtocol_+ pSource_+ pSourcePort_+ pDirection_+ pDestination_+ pDestinationPort_ =+ Header'+ { protocol = pProtocol_,+ source = pSource_,+ sourcePort = pSourcePort_,+ direction = pDirection_,+ destination = pDestination_,+ destinationPort = pDestinationPort_+ }++-- | The protocol to inspect for. To specify all, you can use @IP@, because+-- all traffic on Amazon Web Services and on the internet is IP.+header_protocol :: Lens.Lens' Header StatefulRuleProtocol+header_protocol = Lens.lens (\Header' {protocol} -> protocol) (\s@Header' {} a -> s {protocol = a} :: Header)++-- | The source IP address or address range to inspect for, in CIDR notation.+-- To match with any address, specify @ANY@.+--+-- Specify an IP address or a block of IP addresses in Classless+-- Inter-Domain Routing (CIDR) notation. Network Firewall supports all+-- address ranges for IPv4.+--+-- Examples:+--+-- - To configure Network Firewall to inspect for the IP address+-- 192.0.2.44, specify @192.0.2.44\/32@.+--+-- - To configure Network Firewall to inspect for IP addresses from+-- 192.0.2.0 to 192.0.2.255, specify @192.0.2.0\/24@.+--+-- For more information about CIDR notation, see the Wikipedia entry+-- <https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing Classless Inter-Domain Routing>.+header_source :: Lens.Lens' Header Prelude.Text+header_source = Lens.lens (\Header' {source} -> source) (\s@Header' {} a -> s {source = a} :: Header)++-- | The source port to inspect for. You can specify an individual port, for+-- example @1994@ and you can specify a port range, for example+-- @1990:1994@. To match with any port, specify @ANY@.+header_sourcePort :: Lens.Lens' Header Prelude.Text+header_sourcePort = Lens.lens (\Header' {sourcePort} -> sourcePort) (\s@Header' {} a -> s {sourcePort = a} :: Header)++-- | The direction of traffic flow to inspect. If set to @ANY@, the+-- inspection matches bidirectional traffic, both from the source to the+-- destination and from the destination to the source. If set to @FORWARD@,+-- the inspection only matches traffic going from the source to the+-- destination.+header_direction :: Lens.Lens' Header StatefulRuleDirection+header_direction = Lens.lens (\Header' {direction} -> direction) (\s@Header' {} a -> s {direction = a} :: Header)++-- | The destination IP address or address range to inspect for, in CIDR+-- notation. To match with any address, specify @ANY@.+--+-- Specify an IP address or a block of IP addresses in Classless+-- Inter-Domain Routing (CIDR) notation. Network Firewall supports all+-- address ranges for IPv4.+--+-- Examples:+--+-- - To configure Network Firewall to inspect for the IP address+-- 192.0.2.44, specify @192.0.2.44\/32@.+--+-- - To configure Network Firewall to inspect for IP addresses from+-- 192.0.2.0 to 192.0.2.255, specify @192.0.2.0\/24@.+--+-- For more information about CIDR notation, see the Wikipedia entry+-- <https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing Classless Inter-Domain Routing>.+header_destination :: Lens.Lens' Header Prelude.Text+header_destination = Lens.lens (\Header' {destination} -> destination) (\s@Header' {} a -> s {destination = a} :: Header)++-- | The destination port to inspect for. You can specify an individual port,+-- for example @1994@ and you can specify a port range, for example+-- @1990:1994@. To match with any port, specify @ANY@.+header_destinationPort :: Lens.Lens' Header Prelude.Text+header_destinationPort = Lens.lens (\Header' {destinationPort} -> destinationPort) (\s@Header' {} a -> s {destinationPort = a} :: Header)++instance Data.FromJSON Header where+ parseJSON =+ Data.withObject+ "Header"+ ( \x ->+ Header'+ Prelude.<$> (x Data..: "Protocol")+ Prelude.<*> (x Data..: "Source")+ Prelude.<*> (x Data..: "SourcePort")+ Prelude.<*> (x Data..: "Direction")+ Prelude.<*> (x Data..: "Destination")+ Prelude.<*> (x Data..: "DestinationPort")+ )++instance Prelude.Hashable Header where+ hashWithSalt _salt Header' {..} =+ _salt+ `Prelude.hashWithSalt` protocol+ `Prelude.hashWithSalt` source+ `Prelude.hashWithSalt` sourcePort+ `Prelude.hashWithSalt` direction+ `Prelude.hashWithSalt` destination+ `Prelude.hashWithSalt` destinationPort++instance Prelude.NFData Header where+ rnf Header' {..} =+ Prelude.rnf protocol+ `Prelude.seq` Prelude.rnf source+ `Prelude.seq` Prelude.rnf sourcePort+ `Prelude.seq` Prelude.rnf direction+ `Prelude.seq` Prelude.rnf destination+ `Prelude.seq` Prelude.rnf destinationPort++instance Data.ToJSON Header where+ toJSON Header' {..} =+ Data.object+ ( Prelude.catMaybes+ [ Prelude.Just ("Protocol" Data..= protocol),+ Prelude.Just ("Source" Data..= source),+ Prelude.Just ("SourcePort" Data..= sourcePort),+ Prelude.Just ("Direction" Data..= direction),+ Prelude.Just ("Destination" Data..= destination),+ Prelude.Just+ ("DestinationPort" Data..= destinationPort)+ ]+ )
+ gen/Amazonka/NetworkFirewall/Types/IPSet.hs view
@@ -0,0 +1,75 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.Types.IPSet+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.Types.IPSet where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import qualified Amazonka.Prelude as Prelude++-- | A list of IP addresses and address ranges, in CIDR notation. This is+-- part of a RuleVariables.+--+-- /See:/ 'newIPSet' smart constructor.+data IPSet = IPSet'+ { -- | The list of IP addresses and address ranges, in CIDR notation.+ definition :: [Prelude.Text]+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'IPSet' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'definition', 'iPSet_definition' - The list of IP addresses and address ranges, in CIDR notation.+newIPSet ::+ IPSet+newIPSet = IPSet' {definition = Prelude.mempty}++-- | The list of IP addresses and address ranges, in CIDR notation.+iPSet_definition :: Lens.Lens' IPSet [Prelude.Text]+iPSet_definition = Lens.lens (\IPSet' {definition} -> definition) (\s@IPSet' {} a -> s {definition = a} :: IPSet) Prelude.. Lens.coerced++instance Data.FromJSON IPSet where+ parseJSON =+ Data.withObject+ "IPSet"+ ( \x ->+ IPSet'+ Prelude.<$> (x Data..:? "Definition" Data..!= Prelude.mempty)+ )++instance Prelude.Hashable IPSet where+ hashWithSalt _salt IPSet' {..} =+ _salt `Prelude.hashWithSalt` definition++instance Prelude.NFData IPSet where+ rnf IPSet' {..} = Prelude.rnf definition++instance Data.ToJSON IPSet where+ toJSON IPSet' {..} =+ Data.object+ ( Prelude.catMaybes+ [Prelude.Just ("Definition" Data..= definition)]+ )
+ gen/Amazonka/NetworkFirewall/Types/IPSetMetadata.hs view
@@ -0,0 +1,78 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.Types.IPSetMetadata+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.Types.IPSetMetadata where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import qualified Amazonka.Prelude as Prelude++-- | General information about the IP set.+--+-- /See:/ 'newIPSetMetadata' smart constructor.+data IPSetMetadata = IPSetMetadata'+ { -- | Describes the total number of CIDR blocks currently in use by the IP set+ -- references in a firewall. To determine how many CIDR blocks are+ -- available for you to use in a firewall, you can call+ -- @AvailableCIDRCount@.+ resolvedCIDRCount :: Prelude.Maybe Prelude.Natural+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'IPSetMetadata' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'resolvedCIDRCount', 'iPSetMetadata_resolvedCIDRCount' - Describes the total number of CIDR blocks currently in use by the IP set+-- references in a firewall. To determine how many CIDR blocks are+-- available for you to use in a firewall, you can call+-- @AvailableCIDRCount@.+newIPSetMetadata ::+ IPSetMetadata+newIPSetMetadata =+ IPSetMetadata' {resolvedCIDRCount = Prelude.Nothing}++-- | Describes the total number of CIDR blocks currently in use by the IP set+-- references in a firewall. To determine how many CIDR blocks are+-- available for you to use in a firewall, you can call+-- @AvailableCIDRCount@.+iPSetMetadata_resolvedCIDRCount :: Lens.Lens' IPSetMetadata (Prelude.Maybe Prelude.Natural)+iPSetMetadata_resolvedCIDRCount = Lens.lens (\IPSetMetadata' {resolvedCIDRCount} -> resolvedCIDRCount) (\s@IPSetMetadata' {} a -> s {resolvedCIDRCount = a} :: IPSetMetadata)++instance Data.FromJSON IPSetMetadata where+ parseJSON =+ Data.withObject+ "IPSetMetadata"+ ( \x ->+ IPSetMetadata'+ Prelude.<$> (x Data..:? "ResolvedCIDRCount")+ )++instance Prelude.Hashable IPSetMetadata where+ hashWithSalt _salt IPSetMetadata' {..} =+ _salt `Prelude.hashWithSalt` resolvedCIDRCount++instance Prelude.NFData IPSetMetadata where+ rnf IPSetMetadata' {..} =+ Prelude.rnf resolvedCIDRCount
+ gen/Amazonka/NetworkFirewall/Types/IPSetReference.hs view
@@ -0,0 +1,92 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.Types.IPSetReference+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.Types.IPSetReference where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import qualified Amazonka.Prelude as Prelude++-- | Configures one or more IP set references for a Suricata-compatible rule+-- group. This is used in CreateRuleGroup or UpdateRuleGroup. An IP set+-- reference is a rule variable that references a resource that you create+-- and manage in another Amazon Web Services service, such as an Amazon VPC+-- prefix list. Network Firewall IP set references enable you to+-- dynamically update the contents of your rules. When you create, update,+-- or delete the IP set you are referencing in your rule, Network Firewall+-- automatically updates the rule\'s content with the changes. For more+-- information about IP set references in Network Firewall, see+-- <https://docs.aws.amazon.com/network-firewall/latest/developerguide/rule-groups-ip-set-references Using IP set references>+-- in the /Network Firewall Developer Guide/.+--+-- Network Firewall currently supports only+-- <https://docs.aws.amazon.com/vpc/latest/userguide/managed-prefix-lists.html Amazon VPC prefix lists>+-- as IP set references.+--+-- /See:/ 'newIPSetReference' smart constructor.+data IPSetReference = IPSetReference'+ { -- | The Amazon Resource Name (ARN) of the resource that you are referencing+ -- in your rule group.+ referenceArn :: Prelude.Maybe Prelude.Text+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'IPSetReference' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'referenceArn', 'iPSetReference_referenceArn' - The Amazon Resource Name (ARN) of the resource that you are referencing+-- in your rule group.+newIPSetReference ::+ IPSetReference+newIPSetReference =+ IPSetReference' {referenceArn = Prelude.Nothing}++-- | The Amazon Resource Name (ARN) of the resource that you are referencing+-- in your rule group.+iPSetReference_referenceArn :: Lens.Lens' IPSetReference (Prelude.Maybe Prelude.Text)+iPSetReference_referenceArn = Lens.lens (\IPSetReference' {referenceArn} -> referenceArn) (\s@IPSetReference' {} a -> s {referenceArn = a} :: IPSetReference)++instance Data.FromJSON IPSetReference where+ parseJSON =+ Data.withObject+ "IPSetReference"+ ( \x ->+ IPSetReference'+ Prelude.<$> (x Data..:? "ReferenceArn")+ )++instance Prelude.Hashable IPSetReference where+ hashWithSalt _salt IPSetReference' {..} =+ _salt `Prelude.hashWithSalt` referenceArn++instance Prelude.NFData IPSetReference where+ rnf IPSetReference' {..} = Prelude.rnf referenceArn++instance Data.ToJSON IPSetReference where+ toJSON IPSetReference' {..} =+ Data.object+ ( Prelude.catMaybes+ [("ReferenceArn" Data..=) Prelude.<$> referenceArn]+ )
+ gen/Amazonka/NetworkFirewall/Types/LogDestinationConfig.hs view
@@ -0,0 +1,200 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.Types.LogDestinationConfig+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.Types.LogDestinationConfig where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import Amazonka.NetworkFirewall.Types.LogDestinationType+import Amazonka.NetworkFirewall.Types.LogType+import qualified Amazonka.Prelude as Prelude++-- | Defines where Network Firewall sends logs for the firewall for one log+-- type. This is used in LoggingConfiguration. You can send each type of+-- log to an Amazon S3 bucket, a CloudWatch log group, or a Kinesis Data+-- Firehose delivery stream.+--+-- Network Firewall generates logs for stateful rule groups. You can save+-- alert and flow log types. The stateful rules engine records flow logs+-- for all network traffic that it receives. It records alert logs for+-- traffic that matches stateful rules that have the rule action set to+-- @DROP@ or @ALERT@.+--+-- /See:/ 'newLogDestinationConfig' smart constructor.+data LogDestinationConfig = LogDestinationConfig'+ { -- | The type of log to send. Alert logs report traffic that matches a+ -- StatefulRule with an action setting that sends an alert log message.+ -- Flow logs are standard network traffic flow logs.+ logType :: LogType,+ -- | The type of storage destination to send these logs to. You can send logs+ -- to an Amazon S3 bucket, a CloudWatch log group, or a Kinesis Data+ -- Firehose delivery stream.+ logDestinationType :: LogDestinationType,+ -- | The named location for the logs, provided in a key:value mapping that is+ -- specific to the chosen destination type.+ --+ -- - For an Amazon S3 bucket, provide the name of the bucket, with key+ -- @bucketName@, and optionally provide a prefix, with key @prefix@.+ -- The following example specifies an Amazon S3 bucket named+ -- @DOC-EXAMPLE-BUCKET@ and the prefix @alerts@:+ --+ -- @\"LogDestination\": { \"bucketName\": \"DOC-EXAMPLE-BUCKET\", \"prefix\": \"alerts\" }@+ --+ -- - For a CloudWatch log group, provide the name of the CloudWatch log+ -- group, with key @logGroup@. The following example specifies a log+ -- group named @alert-log-group@:+ --+ -- @\"LogDestination\": { \"logGroup\": \"alert-log-group\" }@+ --+ -- - For a Kinesis Data Firehose delivery stream, provide the name of the+ -- delivery stream, with key @deliveryStream@. The following example+ -- specifies a delivery stream named @alert-delivery-stream@:+ --+ -- @\"LogDestination\": { \"deliveryStream\": \"alert-delivery-stream\" }@+ logDestination :: Prelude.HashMap Prelude.Text Prelude.Text+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'LogDestinationConfig' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'logType', 'logDestinationConfig_logType' - The type of log to send. Alert logs report traffic that matches a+-- StatefulRule with an action setting that sends an alert log message.+-- Flow logs are standard network traffic flow logs.+--+-- 'logDestinationType', 'logDestinationConfig_logDestinationType' - The type of storage destination to send these logs to. You can send logs+-- to an Amazon S3 bucket, a CloudWatch log group, or a Kinesis Data+-- Firehose delivery stream.+--+-- 'logDestination', 'logDestinationConfig_logDestination' - The named location for the logs, provided in a key:value mapping that is+-- specific to the chosen destination type.+--+-- - For an Amazon S3 bucket, provide the name of the bucket, with key+-- @bucketName@, and optionally provide a prefix, with key @prefix@.+-- The following example specifies an Amazon S3 bucket named+-- @DOC-EXAMPLE-BUCKET@ and the prefix @alerts@:+--+-- @\"LogDestination\": { \"bucketName\": \"DOC-EXAMPLE-BUCKET\", \"prefix\": \"alerts\" }@+--+-- - For a CloudWatch log group, provide the name of the CloudWatch log+-- group, with key @logGroup@. The following example specifies a log+-- group named @alert-log-group@:+--+-- @\"LogDestination\": { \"logGroup\": \"alert-log-group\" }@+--+-- - For a Kinesis Data Firehose delivery stream, provide the name of the+-- delivery stream, with key @deliveryStream@. The following example+-- specifies a delivery stream named @alert-delivery-stream@:+--+-- @\"LogDestination\": { \"deliveryStream\": \"alert-delivery-stream\" }@+newLogDestinationConfig ::+ -- | 'logType'+ LogType ->+ -- | 'logDestinationType'+ LogDestinationType ->+ LogDestinationConfig+newLogDestinationConfig+ pLogType_+ pLogDestinationType_ =+ LogDestinationConfig'+ { logType = pLogType_,+ logDestinationType = pLogDestinationType_,+ logDestination = Prelude.mempty+ }++-- | The type of log to send. Alert logs report traffic that matches a+-- StatefulRule with an action setting that sends an alert log message.+-- Flow logs are standard network traffic flow logs.+logDestinationConfig_logType :: Lens.Lens' LogDestinationConfig LogType+logDestinationConfig_logType = Lens.lens (\LogDestinationConfig' {logType} -> logType) (\s@LogDestinationConfig' {} a -> s {logType = a} :: LogDestinationConfig)++-- | The type of storage destination to send these logs to. You can send logs+-- to an Amazon S3 bucket, a CloudWatch log group, or a Kinesis Data+-- Firehose delivery stream.+logDestinationConfig_logDestinationType :: Lens.Lens' LogDestinationConfig LogDestinationType+logDestinationConfig_logDestinationType = Lens.lens (\LogDestinationConfig' {logDestinationType} -> logDestinationType) (\s@LogDestinationConfig' {} a -> s {logDestinationType = a} :: LogDestinationConfig)++-- | The named location for the logs, provided in a key:value mapping that is+-- specific to the chosen destination type.+--+-- - For an Amazon S3 bucket, provide the name of the bucket, with key+-- @bucketName@, and optionally provide a prefix, with key @prefix@.+-- The following example specifies an Amazon S3 bucket named+-- @DOC-EXAMPLE-BUCKET@ and the prefix @alerts@:+--+-- @\"LogDestination\": { \"bucketName\": \"DOC-EXAMPLE-BUCKET\", \"prefix\": \"alerts\" }@+--+-- - For a CloudWatch log group, provide the name of the CloudWatch log+-- group, with key @logGroup@. The following example specifies a log+-- group named @alert-log-group@:+--+-- @\"LogDestination\": { \"logGroup\": \"alert-log-group\" }@+--+-- - For a Kinesis Data Firehose delivery stream, provide the name of the+-- delivery stream, with key @deliveryStream@. The following example+-- specifies a delivery stream named @alert-delivery-stream@:+--+-- @\"LogDestination\": { \"deliveryStream\": \"alert-delivery-stream\" }@+logDestinationConfig_logDestination :: Lens.Lens' LogDestinationConfig (Prelude.HashMap Prelude.Text Prelude.Text)+logDestinationConfig_logDestination = Lens.lens (\LogDestinationConfig' {logDestination} -> logDestination) (\s@LogDestinationConfig' {} a -> s {logDestination = a} :: LogDestinationConfig) Prelude.. Lens.coerced++instance Data.FromJSON LogDestinationConfig where+ parseJSON =+ Data.withObject+ "LogDestinationConfig"+ ( \x ->+ LogDestinationConfig'+ Prelude.<$> (x Data..: "LogType")+ Prelude.<*> (x Data..: "LogDestinationType")+ Prelude.<*> ( x+ Data..:? "LogDestination"+ Data..!= Prelude.mempty+ )+ )++instance Prelude.Hashable LogDestinationConfig where+ hashWithSalt _salt LogDestinationConfig' {..} =+ _salt+ `Prelude.hashWithSalt` logType+ `Prelude.hashWithSalt` logDestinationType+ `Prelude.hashWithSalt` logDestination++instance Prelude.NFData LogDestinationConfig where+ rnf LogDestinationConfig' {..} =+ Prelude.rnf logType+ `Prelude.seq` Prelude.rnf logDestinationType+ `Prelude.seq` Prelude.rnf logDestination++instance Data.ToJSON LogDestinationConfig where+ toJSON LogDestinationConfig' {..} =+ Data.object+ ( Prelude.catMaybes+ [ Prelude.Just ("LogType" Data..= logType),+ Prelude.Just+ ("LogDestinationType" Data..= logDestinationType),+ Prelude.Just+ ("LogDestination" Data..= logDestination)+ ]+ )
+ gen/Amazonka/NetworkFirewall/Types/LogDestinationType.hs view
@@ -0,0 +1,76 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DerivingStrategies #-}+{-# LANGUAGE GeneralizedNewtypeDeriving #-}+{-# LANGUAGE LambdaCase #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE PatternSynonyms #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.Types.LogDestinationType+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.Types.LogDestinationType+ ( LogDestinationType+ ( ..,+ LogDestinationType_CloudWatchLogs,+ LogDestinationType_KinesisDataFirehose,+ LogDestinationType_S3+ ),+ )+where++import qualified Amazonka.Core as Core+import qualified Amazonka.Data as Data+import qualified Amazonka.Prelude as Prelude++newtype LogDestinationType = LogDestinationType'+ { fromLogDestinationType ::+ Data.Text+ }+ deriving stock+ ( Prelude.Show,+ Prelude.Read,+ Prelude.Eq,+ Prelude.Ord,+ Prelude.Generic+ )+ deriving newtype+ ( Prelude.Hashable,+ Prelude.NFData,+ Data.FromText,+ Data.ToText,+ Data.ToByteString,+ Data.ToLog,+ Data.ToHeader,+ Data.ToQuery,+ Data.FromJSON,+ Data.FromJSONKey,+ Data.ToJSON,+ Data.ToJSONKey,+ Data.FromXML,+ Data.ToXML+ )++pattern LogDestinationType_CloudWatchLogs :: LogDestinationType+pattern LogDestinationType_CloudWatchLogs = LogDestinationType' "CloudWatchLogs"++pattern LogDestinationType_KinesisDataFirehose :: LogDestinationType+pattern LogDestinationType_KinesisDataFirehose = LogDestinationType' "KinesisDataFirehose"++pattern LogDestinationType_S3 :: LogDestinationType+pattern LogDestinationType_S3 = LogDestinationType' "S3"++{-# COMPLETE+ LogDestinationType_CloudWatchLogs,+ LogDestinationType_KinesisDataFirehose,+ LogDestinationType_S3,+ LogDestinationType'+ #-}
+ gen/Amazonka/NetworkFirewall/Types/LogType.hs view
@@ -0,0 +1,68 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DerivingStrategies #-}+{-# LANGUAGE GeneralizedNewtypeDeriving #-}+{-# LANGUAGE LambdaCase #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE PatternSynonyms #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.Types.LogType+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.Types.LogType+ ( LogType+ ( ..,+ LogType_ALERT,+ LogType_FLOW+ ),+ )+where++import qualified Amazonka.Core as Core+import qualified Amazonka.Data as Data+import qualified Amazonka.Prelude as Prelude++newtype LogType = LogType' {fromLogType :: Data.Text}+ deriving stock+ ( Prelude.Show,+ Prelude.Read,+ Prelude.Eq,+ Prelude.Ord,+ Prelude.Generic+ )+ deriving newtype+ ( Prelude.Hashable,+ Prelude.NFData,+ Data.FromText,+ Data.ToText,+ Data.ToByteString,+ Data.ToLog,+ Data.ToHeader,+ Data.ToQuery,+ Data.FromJSON,+ Data.FromJSONKey,+ Data.ToJSON,+ Data.ToJSONKey,+ Data.FromXML,+ Data.ToXML+ )++pattern LogType_ALERT :: LogType+pattern LogType_ALERT = LogType' "ALERT"++pattern LogType_FLOW :: LogType+pattern LogType_FLOW = LogType' "FLOW"++{-# COMPLETE+ LogType_ALERT,+ LogType_FLOW,+ LogType'+ #-}
+ gen/Amazonka/NetworkFirewall/Types/LoggingConfiguration.hs view
@@ -0,0 +1,90 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.Types.LoggingConfiguration+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.Types.LoggingConfiguration where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import Amazonka.NetworkFirewall.Types.LogDestinationConfig+import qualified Amazonka.Prelude as Prelude++-- | Defines how Network Firewall performs logging for a Firewall.+--+-- /See:/ 'newLoggingConfiguration' smart constructor.+data LoggingConfiguration = LoggingConfiguration'+ { -- | Defines the logging destinations for the logs for a firewall. Network+ -- Firewall generates logs for stateful rule groups.+ logDestinationConfigs :: [LogDestinationConfig]+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'LoggingConfiguration' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'logDestinationConfigs', 'loggingConfiguration_logDestinationConfigs' - Defines the logging destinations for the logs for a firewall. Network+-- Firewall generates logs for stateful rule groups.+newLoggingConfiguration ::+ LoggingConfiguration+newLoggingConfiguration =+ LoggingConfiguration'+ { logDestinationConfigs =+ Prelude.mempty+ }++-- | Defines the logging destinations for the logs for a firewall. Network+-- Firewall generates logs for stateful rule groups.+loggingConfiguration_logDestinationConfigs :: Lens.Lens' LoggingConfiguration [LogDestinationConfig]+loggingConfiguration_logDestinationConfigs = Lens.lens (\LoggingConfiguration' {logDestinationConfigs} -> logDestinationConfigs) (\s@LoggingConfiguration' {} a -> s {logDestinationConfigs = a} :: LoggingConfiguration) Prelude.. Lens.coerced++instance Data.FromJSON LoggingConfiguration where+ parseJSON =+ Data.withObject+ "LoggingConfiguration"+ ( \x ->+ LoggingConfiguration'+ Prelude.<$> ( x+ Data..:? "LogDestinationConfigs"+ Data..!= Prelude.mempty+ )+ )++instance Prelude.Hashable LoggingConfiguration where+ hashWithSalt _salt LoggingConfiguration' {..} =+ _salt `Prelude.hashWithSalt` logDestinationConfigs++instance Prelude.NFData LoggingConfiguration where+ rnf LoggingConfiguration' {..} =+ Prelude.rnf logDestinationConfigs++instance Data.ToJSON LoggingConfiguration where+ toJSON LoggingConfiguration' {..} =+ Data.object+ ( Prelude.catMaybes+ [ Prelude.Just+ ( "LogDestinationConfigs"+ Data..= logDestinationConfigs+ )+ ]+ )
+ gen/Amazonka/NetworkFirewall/Types/MatchAttributes.hs view
@@ -0,0 +1,201 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.Types.MatchAttributes+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.Types.MatchAttributes where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import Amazonka.NetworkFirewall.Types.Address+import Amazonka.NetworkFirewall.Types.PortRange+import Amazonka.NetworkFirewall.Types.TCPFlagField+import qualified Amazonka.Prelude as Prelude++-- | Criteria for Network Firewall to use to inspect an individual packet in+-- stateless rule inspection. Each match attributes set can include one or+-- more items such as IP address, CIDR range, port number, protocol, and+-- TCP flags.+--+-- /See:/ 'newMatchAttributes' smart constructor.+data MatchAttributes = MatchAttributes'+ { -- | The destination ports to inspect for. If not specified, this matches+ -- with any destination port. This setting is only used for protocols 6+ -- (TCP) and 17 (UDP).+ --+ -- You can specify individual ports, for example @1994@ and you can specify+ -- port ranges, for example @1990:1994@.+ destinationPorts :: Prelude.Maybe [PortRange],+ -- | The destination IP addresses and address ranges to inspect for, in CIDR+ -- notation. If not specified, this matches with any destination address.+ destinations :: Prelude.Maybe [Address],+ -- | The protocols to inspect for, specified using each protocol\'s assigned+ -- internet protocol number (IANA). If not specified, this matches with any+ -- protocol.+ protocols :: Prelude.Maybe [Prelude.Natural],+ -- | The source ports to inspect for. If not specified, this matches with any+ -- source port. This setting is only used for protocols 6 (TCP) and 17+ -- (UDP).+ --+ -- You can specify individual ports, for example @1994@ and you can specify+ -- port ranges, for example @1990:1994@.+ sourcePorts :: Prelude.Maybe [PortRange],+ -- | The source IP addresses and address ranges to inspect for, in CIDR+ -- notation. If not specified, this matches with any source address.+ sources :: Prelude.Maybe [Address],+ -- | The TCP flags and masks to inspect for. If not specified, this matches+ -- with any settings. This setting is only used for protocol 6 (TCP).+ tCPFlags :: Prelude.Maybe [TCPFlagField]+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'MatchAttributes' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'destinationPorts', 'matchAttributes_destinationPorts' - The destination ports to inspect for. If not specified, this matches+-- with any destination port. This setting is only used for protocols 6+-- (TCP) and 17 (UDP).+--+-- You can specify individual ports, for example @1994@ and you can specify+-- port ranges, for example @1990:1994@.+--+-- 'destinations', 'matchAttributes_destinations' - The destination IP addresses and address ranges to inspect for, in CIDR+-- notation. If not specified, this matches with any destination address.+--+-- 'protocols', 'matchAttributes_protocols' - The protocols to inspect for, specified using each protocol\'s assigned+-- internet protocol number (IANA). If not specified, this matches with any+-- protocol.+--+-- 'sourcePorts', 'matchAttributes_sourcePorts' - The source ports to inspect for. If not specified, this matches with any+-- source port. This setting is only used for protocols 6 (TCP) and 17+-- (UDP).+--+-- You can specify individual ports, for example @1994@ and you can specify+-- port ranges, for example @1990:1994@.+--+-- 'sources', 'matchAttributes_sources' - The source IP addresses and address ranges to inspect for, in CIDR+-- notation. If not specified, this matches with any source address.+--+-- 'tCPFlags', 'matchAttributes_tCPFlags' - The TCP flags and masks to inspect for. If not specified, this matches+-- with any settings. This setting is only used for protocol 6 (TCP).+newMatchAttributes ::+ MatchAttributes+newMatchAttributes =+ MatchAttributes'+ { destinationPorts =+ Prelude.Nothing,+ destinations = Prelude.Nothing,+ protocols = Prelude.Nothing,+ sourcePorts = Prelude.Nothing,+ sources = Prelude.Nothing,+ tCPFlags = Prelude.Nothing+ }++-- | The destination ports to inspect for. If not specified, this matches+-- with any destination port. This setting is only used for protocols 6+-- (TCP) and 17 (UDP).+--+-- You can specify individual ports, for example @1994@ and you can specify+-- port ranges, for example @1990:1994@.+matchAttributes_destinationPorts :: Lens.Lens' MatchAttributes (Prelude.Maybe [PortRange])+matchAttributes_destinationPorts = Lens.lens (\MatchAttributes' {destinationPorts} -> destinationPorts) (\s@MatchAttributes' {} a -> s {destinationPorts = a} :: MatchAttributes) Prelude.. Lens.mapping Lens.coerced++-- | The destination IP addresses and address ranges to inspect for, in CIDR+-- notation. If not specified, this matches with any destination address.+matchAttributes_destinations :: Lens.Lens' MatchAttributes (Prelude.Maybe [Address])+matchAttributes_destinations = Lens.lens (\MatchAttributes' {destinations} -> destinations) (\s@MatchAttributes' {} a -> s {destinations = a} :: MatchAttributes) Prelude.. Lens.mapping Lens.coerced++-- | The protocols to inspect for, specified using each protocol\'s assigned+-- internet protocol number (IANA). If not specified, this matches with any+-- protocol.+matchAttributes_protocols :: Lens.Lens' MatchAttributes (Prelude.Maybe [Prelude.Natural])+matchAttributes_protocols = Lens.lens (\MatchAttributes' {protocols} -> protocols) (\s@MatchAttributes' {} a -> s {protocols = a} :: MatchAttributes) Prelude.. Lens.mapping Lens.coerced++-- | The source ports to inspect for. If not specified, this matches with any+-- source port. This setting is only used for protocols 6 (TCP) and 17+-- (UDP).+--+-- You can specify individual ports, for example @1994@ and you can specify+-- port ranges, for example @1990:1994@.+matchAttributes_sourcePorts :: Lens.Lens' MatchAttributes (Prelude.Maybe [PortRange])+matchAttributes_sourcePorts = Lens.lens (\MatchAttributes' {sourcePorts} -> sourcePorts) (\s@MatchAttributes' {} a -> s {sourcePorts = a} :: MatchAttributes) Prelude.. Lens.mapping Lens.coerced++-- | The source IP addresses and address ranges to inspect for, in CIDR+-- notation. If not specified, this matches with any source address.+matchAttributes_sources :: Lens.Lens' MatchAttributes (Prelude.Maybe [Address])+matchAttributes_sources = Lens.lens (\MatchAttributes' {sources} -> sources) (\s@MatchAttributes' {} a -> s {sources = a} :: MatchAttributes) Prelude.. Lens.mapping Lens.coerced++-- | The TCP flags and masks to inspect for. If not specified, this matches+-- with any settings. This setting is only used for protocol 6 (TCP).+matchAttributes_tCPFlags :: Lens.Lens' MatchAttributes (Prelude.Maybe [TCPFlagField])+matchAttributes_tCPFlags = Lens.lens (\MatchAttributes' {tCPFlags} -> tCPFlags) (\s@MatchAttributes' {} a -> s {tCPFlags = a} :: MatchAttributes) Prelude.. Lens.mapping Lens.coerced++instance Data.FromJSON MatchAttributes where+ parseJSON =+ Data.withObject+ "MatchAttributes"+ ( \x ->+ MatchAttributes'+ Prelude.<$> ( x+ Data..:? "DestinationPorts"+ Data..!= Prelude.mempty+ )+ Prelude.<*> (x Data..:? "Destinations" Data..!= Prelude.mempty)+ Prelude.<*> (x Data..:? "Protocols" Data..!= Prelude.mempty)+ Prelude.<*> (x Data..:? "SourcePorts" Data..!= Prelude.mempty)+ Prelude.<*> (x Data..:? "Sources" Data..!= Prelude.mempty)+ Prelude.<*> (x Data..:? "TCPFlags" Data..!= Prelude.mempty)+ )++instance Prelude.Hashable MatchAttributes where+ hashWithSalt _salt MatchAttributes' {..} =+ _salt+ `Prelude.hashWithSalt` destinationPorts+ `Prelude.hashWithSalt` destinations+ `Prelude.hashWithSalt` protocols+ `Prelude.hashWithSalt` sourcePorts+ `Prelude.hashWithSalt` sources+ `Prelude.hashWithSalt` tCPFlags++instance Prelude.NFData MatchAttributes where+ rnf MatchAttributes' {..} =+ Prelude.rnf destinationPorts+ `Prelude.seq` Prelude.rnf destinations+ `Prelude.seq` Prelude.rnf protocols+ `Prelude.seq` Prelude.rnf sourcePorts+ `Prelude.seq` Prelude.rnf sources+ `Prelude.seq` Prelude.rnf tCPFlags++instance Data.ToJSON MatchAttributes where+ toJSON MatchAttributes' {..} =+ Data.object+ ( Prelude.catMaybes+ [ ("DestinationPorts" Data..=)+ Prelude.<$> destinationPorts,+ ("Destinations" Data..=) Prelude.<$> destinations,+ ("Protocols" Data..=) Prelude.<$> protocols,+ ("SourcePorts" Data..=) Prelude.<$> sourcePorts,+ ("Sources" Data..=) Prelude.<$> sources,+ ("TCPFlags" Data..=) Prelude.<$> tCPFlags+ ]+ )
+ gen/Amazonka/NetworkFirewall/Types/OverrideAction.hs view
@@ -0,0 +1,66 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DerivingStrategies #-}+{-# LANGUAGE GeneralizedNewtypeDeriving #-}+{-# LANGUAGE LambdaCase #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE PatternSynonyms #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.Types.OverrideAction+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.Types.OverrideAction+ ( OverrideAction+ ( ..,+ OverrideAction_DROP_TO_ALERT+ ),+ )+where++import qualified Amazonka.Core as Core+import qualified Amazonka.Data as Data+import qualified Amazonka.Prelude as Prelude++newtype OverrideAction = OverrideAction'+ { fromOverrideAction ::+ Data.Text+ }+ deriving stock+ ( Prelude.Show,+ Prelude.Read,+ Prelude.Eq,+ Prelude.Ord,+ Prelude.Generic+ )+ deriving newtype+ ( Prelude.Hashable,+ Prelude.NFData,+ Data.FromText,+ Data.ToText,+ Data.ToByteString,+ Data.ToLog,+ Data.ToHeader,+ Data.ToQuery,+ Data.FromJSON,+ Data.FromJSONKey,+ Data.ToJSON,+ Data.ToJSONKey,+ Data.FromXML,+ Data.ToXML+ )++pattern OverrideAction_DROP_TO_ALERT :: OverrideAction+pattern OverrideAction_DROP_TO_ALERT = OverrideAction' "DROP_TO_ALERT"++{-# COMPLETE+ OverrideAction_DROP_TO_ALERT,+ OverrideAction'+ #-}
+ gen/Amazonka/NetworkFirewall/Types/PerObjectStatus.hs view
@@ -0,0 +1,96 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.Types.PerObjectStatus+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.Types.PerObjectStatus where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import Amazonka.NetworkFirewall.Types.PerObjectSyncStatus+import qualified Amazonka.Prelude as Prelude++-- | Provides configuration status for a single policy or rule group that is+-- used for a firewall endpoint. Network Firewall provides each endpoint+-- with the rules that are configured in the firewall policy. Each time you+-- add a subnet or modify the associated firewall policy, Network Firewall+-- synchronizes the rules in the endpoint, so it can properly filter+-- network traffic. This is part of a SyncState for a firewall.+--+-- /See:/ 'newPerObjectStatus' smart constructor.+data PerObjectStatus = PerObjectStatus'+ { -- | Indicates whether this object is in sync with the version indicated in+ -- the update token.+ syncStatus :: Prelude.Maybe PerObjectSyncStatus,+ -- | The current version of the object that is either in sync or pending+ -- synchronization.+ updateToken :: Prelude.Maybe Prelude.Text+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'PerObjectStatus' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'syncStatus', 'perObjectStatus_syncStatus' - Indicates whether this object is in sync with the version indicated in+-- the update token.+--+-- 'updateToken', 'perObjectStatus_updateToken' - The current version of the object that is either in sync or pending+-- synchronization.+newPerObjectStatus ::+ PerObjectStatus+newPerObjectStatus =+ PerObjectStatus'+ { syncStatus = Prelude.Nothing,+ updateToken = Prelude.Nothing+ }++-- | Indicates whether this object is in sync with the version indicated in+-- the update token.+perObjectStatus_syncStatus :: Lens.Lens' PerObjectStatus (Prelude.Maybe PerObjectSyncStatus)+perObjectStatus_syncStatus = Lens.lens (\PerObjectStatus' {syncStatus} -> syncStatus) (\s@PerObjectStatus' {} a -> s {syncStatus = a} :: PerObjectStatus)++-- | The current version of the object that is either in sync or pending+-- synchronization.+perObjectStatus_updateToken :: Lens.Lens' PerObjectStatus (Prelude.Maybe Prelude.Text)+perObjectStatus_updateToken = Lens.lens (\PerObjectStatus' {updateToken} -> updateToken) (\s@PerObjectStatus' {} a -> s {updateToken = a} :: PerObjectStatus)++instance Data.FromJSON PerObjectStatus where+ parseJSON =+ Data.withObject+ "PerObjectStatus"+ ( \x ->+ PerObjectStatus'+ Prelude.<$> (x Data..:? "SyncStatus")+ Prelude.<*> (x Data..:? "UpdateToken")+ )++instance Prelude.Hashable PerObjectStatus where+ hashWithSalt _salt PerObjectStatus' {..} =+ _salt+ `Prelude.hashWithSalt` syncStatus+ `Prelude.hashWithSalt` updateToken++instance Prelude.NFData PerObjectStatus where+ rnf PerObjectStatus' {..} =+ Prelude.rnf syncStatus+ `Prelude.seq` Prelude.rnf updateToken
+ gen/Amazonka/NetworkFirewall/Types/PerObjectSyncStatus.hs view
@@ -0,0 +1,76 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DerivingStrategies #-}+{-# LANGUAGE GeneralizedNewtypeDeriving #-}+{-# LANGUAGE LambdaCase #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE PatternSynonyms #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.Types.PerObjectSyncStatus+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.Types.PerObjectSyncStatus+ ( PerObjectSyncStatus+ ( ..,+ PerObjectSyncStatus_CAPACITY_CONSTRAINED,+ PerObjectSyncStatus_IN_SYNC,+ PerObjectSyncStatus_PENDING+ ),+ )+where++import qualified Amazonka.Core as Core+import qualified Amazonka.Data as Data+import qualified Amazonka.Prelude as Prelude++newtype PerObjectSyncStatus = PerObjectSyncStatus'+ { fromPerObjectSyncStatus ::+ Data.Text+ }+ deriving stock+ ( Prelude.Show,+ Prelude.Read,+ Prelude.Eq,+ Prelude.Ord,+ Prelude.Generic+ )+ deriving newtype+ ( Prelude.Hashable,+ Prelude.NFData,+ Data.FromText,+ Data.ToText,+ Data.ToByteString,+ Data.ToLog,+ Data.ToHeader,+ Data.ToQuery,+ Data.FromJSON,+ Data.FromJSONKey,+ Data.ToJSON,+ Data.ToJSONKey,+ Data.FromXML,+ Data.ToXML+ )++pattern PerObjectSyncStatus_CAPACITY_CONSTRAINED :: PerObjectSyncStatus+pattern PerObjectSyncStatus_CAPACITY_CONSTRAINED = PerObjectSyncStatus' "CAPACITY_CONSTRAINED"++pattern PerObjectSyncStatus_IN_SYNC :: PerObjectSyncStatus+pattern PerObjectSyncStatus_IN_SYNC = PerObjectSyncStatus' "IN_SYNC"++pattern PerObjectSyncStatus_PENDING :: PerObjectSyncStatus+pattern PerObjectSyncStatus_PENDING = PerObjectSyncStatus' "PENDING"++{-# COMPLETE+ PerObjectSyncStatus_CAPACITY_CONSTRAINED,+ PerObjectSyncStatus_IN_SYNC,+ PerObjectSyncStatus_PENDING,+ PerObjectSyncStatus'+ #-}
+ gen/Amazonka/NetworkFirewall/Types/PortRange.hs view
@@ -0,0 +1,105 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.Types.PortRange+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.Types.PortRange where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import qualified Amazonka.Prelude as Prelude++-- | A single port range specification. This is used for source and+-- destination port ranges in the stateless rule MatchAttributes,+-- @SourcePorts@, and @DestinationPorts@ settings.+--+-- /See:/ 'newPortRange' smart constructor.+data PortRange = PortRange'+ { -- | The lower limit of the port range. This must be less than or equal to+ -- the @ToPort@ specification.+ fromPort :: Prelude.Natural,+ -- | The upper limit of the port range. This must be greater than or equal to+ -- the @FromPort@ specification.+ toPort :: Prelude.Natural+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'PortRange' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'fromPort', 'portRange_fromPort' - The lower limit of the port range. This must be less than or equal to+-- the @ToPort@ specification.+--+-- 'toPort', 'portRange_toPort' - The upper limit of the port range. This must be greater than or equal to+-- the @FromPort@ specification.+newPortRange ::+ -- | 'fromPort'+ Prelude.Natural ->+ -- | 'toPort'+ Prelude.Natural ->+ PortRange+newPortRange pFromPort_ pToPort_ =+ PortRange'+ { fromPort = pFromPort_,+ toPort = pToPort_+ }++-- | The lower limit of the port range. This must be less than or equal to+-- the @ToPort@ specification.+portRange_fromPort :: Lens.Lens' PortRange Prelude.Natural+portRange_fromPort = Lens.lens (\PortRange' {fromPort} -> fromPort) (\s@PortRange' {} a -> s {fromPort = a} :: PortRange)++-- | The upper limit of the port range. This must be greater than or equal to+-- the @FromPort@ specification.+portRange_toPort :: Lens.Lens' PortRange Prelude.Natural+portRange_toPort = Lens.lens (\PortRange' {toPort} -> toPort) (\s@PortRange' {} a -> s {toPort = a} :: PortRange)++instance Data.FromJSON PortRange where+ parseJSON =+ Data.withObject+ "PortRange"+ ( \x ->+ PortRange'+ Prelude.<$> (x Data..: "FromPort")+ Prelude.<*> (x Data..: "ToPort")+ )++instance Prelude.Hashable PortRange where+ hashWithSalt _salt PortRange' {..} =+ _salt+ `Prelude.hashWithSalt` fromPort+ `Prelude.hashWithSalt` toPort++instance Prelude.NFData PortRange where+ rnf PortRange' {..} =+ Prelude.rnf fromPort+ `Prelude.seq` Prelude.rnf toPort++instance Data.ToJSON PortRange where+ toJSON PortRange' {..} =+ Data.object+ ( Prelude.catMaybes+ [ Prelude.Just ("FromPort" Data..= fromPort),+ Prelude.Just ("ToPort" Data..= toPort)+ ]+ )
+ gen/Amazonka/NetworkFirewall/Types/PortSet.hs view
@@ -0,0 +1,74 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.Types.PortSet+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.Types.PortSet where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import qualified Amazonka.Prelude as Prelude++-- | A set of port ranges for use in the rules in a rule group.+--+-- /See:/ 'newPortSet' smart constructor.+data PortSet = PortSet'+ { -- | The set of port ranges.+ definition :: Prelude.Maybe [Prelude.Text]+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'PortSet' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'definition', 'portSet_definition' - The set of port ranges.+newPortSet ::+ PortSet+newPortSet = PortSet' {definition = Prelude.Nothing}++-- | The set of port ranges.+portSet_definition :: Lens.Lens' PortSet (Prelude.Maybe [Prelude.Text])+portSet_definition = Lens.lens (\PortSet' {definition} -> definition) (\s@PortSet' {} a -> s {definition = a} :: PortSet) Prelude.. Lens.mapping Lens.coerced++instance Data.FromJSON PortSet where+ parseJSON =+ Data.withObject+ "PortSet"+ ( \x ->+ PortSet'+ Prelude.<$> (x Data..:? "Definition" Data..!= Prelude.mempty)+ )++instance Prelude.Hashable PortSet where+ hashWithSalt _salt PortSet' {..} =+ _salt `Prelude.hashWithSalt` definition++instance Prelude.NFData PortSet where+ rnf PortSet' {..} = Prelude.rnf definition++instance Data.ToJSON PortSet where+ toJSON PortSet' {..} =+ Data.object+ ( Prelude.catMaybes+ [("Definition" Data..=) Prelude.<$> definition]+ )
+ gen/Amazonka/NetworkFirewall/Types/PublishMetricAction.hs view
@@ -0,0 +1,81 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.Types.PublishMetricAction+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.Types.PublishMetricAction where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import Amazonka.NetworkFirewall.Types.Dimension+import qualified Amazonka.Prelude as Prelude++-- | Stateless inspection criteria that publishes the specified metrics to+-- Amazon CloudWatch for the matching packet. This setting defines a+-- CloudWatch dimension value to be published.+--+-- /See:/ 'newPublishMetricAction' smart constructor.+data PublishMetricAction = PublishMetricAction'+ { dimensions :: Prelude.NonEmpty Dimension+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'PublishMetricAction' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'dimensions', 'publishMetricAction_dimensions' -+newPublishMetricAction ::+ -- | 'dimensions'+ Prelude.NonEmpty Dimension ->+ PublishMetricAction+newPublishMetricAction pDimensions_ =+ PublishMetricAction'+ { dimensions =+ Lens.coerced Lens.# pDimensions_+ }++publishMetricAction_dimensions :: Lens.Lens' PublishMetricAction (Prelude.NonEmpty Dimension)+publishMetricAction_dimensions = Lens.lens (\PublishMetricAction' {dimensions} -> dimensions) (\s@PublishMetricAction' {} a -> s {dimensions = a} :: PublishMetricAction) Prelude.. Lens.coerced++instance Data.FromJSON PublishMetricAction where+ parseJSON =+ Data.withObject+ "PublishMetricAction"+ ( \x ->+ PublishMetricAction'+ Prelude.<$> (x Data..: "Dimensions")+ )++instance Prelude.Hashable PublishMetricAction where+ hashWithSalt _salt PublishMetricAction' {..} =+ _salt `Prelude.hashWithSalt` dimensions++instance Prelude.NFData PublishMetricAction where+ rnf PublishMetricAction' {..} = Prelude.rnf dimensions++instance Data.ToJSON PublishMetricAction where+ toJSON PublishMetricAction' {..} =+ Data.object+ ( Prelude.catMaybes+ [Prelude.Just ("Dimensions" Data..= dimensions)]+ )
+ gen/Amazonka/NetworkFirewall/Types/ReferenceSets.hs view
@@ -0,0 +1,81 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.Types.ReferenceSets+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.Types.ReferenceSets where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import Amazonka.NetworkFirewall.Types.IPSetReference+import qualified Amazonka.Prelude as Prelude++-- | Contains a set of IP set references.+--+-- /See:/ 'newReferenceSets' smart constructor.+data ReferenceSets = ReferenceSets'+ { -- | The list of IP set references.+ iPSetReferences :: Prelude.Maybe (Prelude.HashMap Prelude.Text IPSetReference)+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'ReferenceSets' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'iPSetReferences', 'referenceSets_iPSetReferences' - The list of IP set references.+newReferenceSets ::+ ReferenceSets+newReferenceSets =+ ReferenceSets' {iPSetReferences = Prelude.Nothing}++-- | The list of IP set references.+referenceSets_iPSetReferences :: Lens.Lens' ReferenceSets (Prelude.Maybe (Prelude.HashMap Prelude.Text IPSetReference))+referenceSets_iPSetReferences = Lens.lens (\ReferenceSets' {iPSetReferences} -> iPSetReferences) (\s@ReferenceSets' {} a -> s {iPSetReferences = a} :: ReferenceSets) Prelude.. Lens.mapping Lens.coerced++instance Data.FromJSON ReferenceSets where+ parseJSON =+ Data.withObject+ "ReferenceSets"+ ( \x ->+ ReferenceSets'+ Prelude.<$> ( x+ Data..:? "IPSetReferences"+ Data..!= Prelude.mempty+ )+ )++instance Prelude.Hashable ReferenceSets where+ hashWithSalt _salt ReferenceSets' {..} =+ _salt `Prelude.hashWithSalt` iPSetReferences++instance Prelude.NFData ReferenceSets where+ rnf ReferenceSets' {..} = Prelude.rnf iPSetReferences++instance Data.ToJSON ReferenceSets where+ toJSON ReferenceSets' {..} =+ Data.object+ ( Prelude.catMaybes+ [ ("IPSetReferences" Data..=)+ Prelude.<$> iPSetReferences+ ]+ )
+ gen/Amazonka/NetworkFirewall/Types/ResourceManagedStatus.hs view
@@ -0,0 +1,71 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DerivingStrategies #-}+{-# LANGUAGE GeneralizedNewtypeDeriving #-}+{-# LANGUAGE LambdaCase #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE PatternSynonyms #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.Types.ResourceManagedStatus+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.Types.ResourceManagedStatus+ ( ResourceManagedStatus+ ( ..,+ ResourceManagedStatus_ACCOUNT,+ ResourceManagedStatus_MANAGED+ ),+ )+where++import qualified Amazonka.Core as Core+import qualified Amazonka.Data as Data+import qualified Amazonka.Prelude as Prelude++newtype ResourceManagedStatus = ResourceManagedStatus'+ { fromResourceManagedStatus ::+ Data.Text+ }+ deriving stock+ ( Prelude.Show,+ Prelude.Read,+ Prelude.Eq,+ Prelude.Ord,+ Prelude.Generic+ )+ deriving newtype+ ( Prelude.Hashable,+ Prelude.NFData,+ Data.FromText,+ Data.ToText,+ Data.ToByteString,+ Data.ToLog,+ Data.ToHeader,+ Data.ToQuery,+ Data.FromJSON,+ Data.FromJSONKey,+ Data.ToJSON,+ Data.ToJSONKey,+ Data.FromXML,+ Data.ToXML+ )++pattern ResourceManagedStatus_ACCOUNT :: ResourceManagedStatus+pattern ResourceManagedStatus_ACCOUNT = ResourceManagedStatus' "ACCOUNT"++pattern ResourceManagedStatus_MANAGED :: ResourceManagedStatus+pattern ResourceManagedStatus_MANAGED = ResourceManagedStatus' "MANAGED"++{-# COMPLETE+ ResourceManagedStatus_ACCOUNT,+ ResourceManagedStatus_MANAGED,+ ResourceManagedStatus'+ #-}
+ gen/Amazonka/NetworkFirewall/Types/ResourceManagedType.hs view
@@ -0,0 +1,71 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DerivingStrategies #-}+{-# LANGUAGE GeneralizedNewtypeDeriving #-}+{-# LANGUAGE LambdaCase #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE PatternSynonyms #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.Types.ResourceManagedType+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.Types.ResourceManagedType+ ( ResourceManagedType+ ( ..,+ ResourceManagedType_AWS_MANAGED_DOMAIN_LISTS,+ ResourceManagedType_AWS_MANAGED_THREAT_SIGNATURES+ ),+ )+where++import qualified Amazonka.Core as Core+import qualified Amazonka.Data as Data+import qualified Amazonka.Prelude as Prelude++newtype ResourceManagedType = ResourceManagedType'+ { fromResourceManagedType ::+ Data.Text+ }+ deriving stock+ ( Prelude.Show,+ Prelude.Read,+ Prelude.Eq,+ Prelude.Ord,+ Prelude.Generic+ )+ deriving newtype+ ( Prelude.Hashable,+ Prelude.NFData,+ Data.FromText,+ Data.ToText,+ Data.ToByteString,+ Data.ToLog,+ Data.ToHeader,+ Data.ToQuery,+ Data.FromJSON,+ Data.FromJSONKey,+ Data.ToJSON,+ Data.ToJSONKey,+ Data.FromXML,+ Data.ToXML+ )++pattern ResourceManagedType_AWS_MANAGED_DOMAIN_LISTS :: ResourceManagedType+pattern ResourceManagedType_AWS_MANAGED_DOMAIN_LISTS = ResourceManagedType' "AWS_MANAGED_DOMAIN_LISTS"++pattern ResourceManagedType_AWS_MANAGED_THREAT_SIGNATURES :: ResourceManagedType+pattern ResourceManagedType_AWS_MANAGED_THREAT_SIGNATURES = ResourceManagedType' "AWS_MANAGED_THREAT_SIGNATURES"++{-# COMPLETE+ ResourceManagedType_AWS_MANAGED_DOMAIN_LISTS,+ ResourceManagedType_AWS_MANAGED_THREAT_SIGNATURES,+ ResourceManagedType'+ #-}
+ gen/Amazonka/NetworkFirewall/Types/ResourceStatus.hs view
@@ -0,0 +1,71 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DerivingStrategies #-}+{-# LANGUAGE GeneralizedNewtypeDeriving #-}+{-# LANGUAGE LambdaCase #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE PatternSynonyms #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.Types.ResourceStatus+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.Types.ResourceStatus+ ( ResourceStatus+ ( ..,+ ResourceStatus_ACTIVE,+ ResourceStatus_DELETING+ ),+ )+where++import qualified Amazonka.Core as Core+import qualified Amazonka.Data as Data+import qualified Amazonka.Prelude as Prelude++newtype ResourceStatus = ResourceStatus'+ { fromResourceStatus ::+ Data.Text+ }+ deriving stock+ ( Prelude.Show,+ Prelude.Read,+ Prelude.Eq,+ Prelude.Ord,+ Prelude.Generic+ )+ deriving newtype+ ( Prelude.Hashable,+ Prelude.NFData,+ Data.FromText,+ Data.ToText,+ Data.ToByteString,+ Data.ToLog,+ Data.ToHeader,+ Data.ToQuery,+ Data.FromJSON,+ Data.FromJSONKey,+ Data.ToJSON,+ Data.ToJSONKey,+ Data.FromXML,+ Data.ToXML+ )++pattern ResourceStatus_ACTIVE :: ResourceStatus+pattern ResourceStatus_ACTIVE = ResourceStatus' "ACTIVE"++pattern ResourceStatus_DELETING :: ResourceStatus+pattern ResourceStatus_DELETING = ResourceStatus' "DELETING"++{-# COMPLETE+ ResourceStatus_ACTIVE,+ ResourceStatus_DELETING,+ ResourceStatus'+ #-}
+ gen/Amazonka/NetworkFirewall/Types/RuleDefinition.hs view
@@ -0,0 +1,203 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.Types.RuleDefinition+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.Types.RuleDefinition where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import Amazonka.NetworkFirewall.Types.MatchAttributes+import qualified Amazonka.Prelude as Prelude++-- | The inspection criteria and action for a single stateless rule. Network+-- Firewall inspects each packet for the specified matching criteria. When+-- a packet matches the criteria, Network Firewall performs the rule\'s+-- actions on the packet.+--+-- /See:/ 'newRuleDefinition' smart constructor.+data RuleDefinition = RuleDefinition'+ { -- | Criteria for Network Firewall to use to inspect an individual packet in+ -- stateless rule inspection. Each match attributes set can include one or+ -- more items such as IP address, CIDR range, port number, protocol, and+ -- TCP flags.+ matchAttributes :: MatchAttributes,+ -- | The actions to take on a packet that matches one of the stateless rule+ -- definition\'s match attributes. You must specify a standard action and+ -- you can add custom actions.+ --+ -- Network Firewall only forwards a packet for stateful rule inspection if+ -- you specify @aws:forward_to_sfe@ for a rule that the packet matches, or+ -- if the packet doesn\'t match any stateless rule and you specify+ -- @aws:forward_to_sfe@ for the @StatelessDefaultActions@ setting for the+ -- FirewallPolicy.+ --+ -- For every rule, you must specify exactly one of the following standard+ -- actions.+ --+ -- - __aws:pass__ - Discontinues all inspection of the packet and permits+ -- it to go to its intended destination.+ --+ -- - __aws:drop__ - Discontinues all inspection of the packet and blocks+ -- it from going to its intended destination.+ --+ -- - __aws:forward_to_sfe__ - Discontinues stateless inspection of the+ -- packet and forwards it to the stateful rule engine for inspection.+ --+ -- Additionally, you can specify a custom action. To do this, you define a+ -- custom action by name and type, then provide the name you\'ve assigned+ -- to the action in this @Actions@ setting. For information about the+ -- options, see CustomAction.+ --+ -- To provide more than one action in this setting, separate the settings+ -- with a comma. For example, if you have a custom @PublishMetrics@ action+ -- that you\'ve named @MyMetricsAction@, then you could specify the+ -- standard action @aws:pass@ and the custom action with+ -- @[“aws:pass”, “MyMetricsAction”]@.+ actions :: [Prelude.Text]+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'RuleDefinition' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'matchAttributes', 'ruleDefinition_matchAttributes' - Criteria for Network Firewall to use to inspect an individual packet in+-- stateless rule inspection. Each match attributes set can include one or+-- more items such as IP address, CIDR range, port number, protocol, and+-- TCP flags.+--+-- 'actions', 'ruleDefinition_actions' - The actions to take on a packet that matches one of the stateless rule+-- definition\'s match attributes. You must specify a standard action and+-- you can add custom actions.+--+-- Network Firewall only forwards a packet for stateful rule inspection if+-- you specify @aws:forward_to_sfe@ for a rule that the packet matches, or+-- if the packet doesn\'t match any stateless rule and you specify+-- @aws:forward_to_sfe@ for the @StatelessDefaultActions@ setting for the+-- FirewallPolicy.+--+-- For every rule, you must specify exactly one of the following standard+-- actions.+--+-- - __aws:pass__ - Discontinues all inspection of the packet and permits+-- it to go to its intended destination.+--+-- - __aws:drop__ - Discontinues all inspection of the packet and blocks+-- it from going to its intended destination.+--+-- - __aws:forward_to_sfe__ - Discontinues stateless inspection of the+-- packet and forwards it to the stateful rule engine for inspection.+--+-- Additionally, you can specify a custom action. To do this, you define a+-- custom action by name and type, then provide the name you\'ve assigned+-- to the action in this @Actions@ setting. For information about the+-- options, see CustomAction.+--+-- To provide more than one action in this setting, separate the settings+-- with a comma. For example, if you have a custom @PublishMetrics@ action+-- that you\'ve named @MyMetricsAction@, then you could specify the+-- standard action @aws:pass@ and the custom action with+-- @[“aws:pass”, “MyMetricsAction”]@.+newRuleDefinition ::+ -- | 'matchAttributes'+ MatchAttributes ->+ RuleDefinition+newRuleDefinition pMatchAttributes_ =+ RuleDefinition'+ { matchAttributes =+ pMatchAttributes_,+ actions = Prelude.mempty+ }++-- | Criteria for Network Firewall to use to inspect an individual packet in+-- stateless rule inspection. Each match attributes set can include one or+-- more items such as IP address, CIDR range, port number, protocol, and+-- TCP flags.+ruleDefinition_matchAttributes :: Lens.Lens' RuleDefinition MatchAttributes+ruleDefinition_matchAttributes = Lens.lens (\RuleDefinition' {matchAttributes} -> matchAttributes) (\s@RuleDefinition' {} a -> s {matchAttributes = a} :: RuleDefinition)++-- | The actions to take on a packet that matches one of the stateless rule+-- definition\'s match attributes. You must specify a standard action and+-- you can add custom actions.+--+-- Network Firewall only forwards a packet for stateful rule inspection if+-- you specify @aws:forward_to_sfe@ for a rule that the packet matches, or+-- if the packet doesn\'t match any stateless rule and you specify+-- @aws:forward_to_sfe@ for the @StatelessDefaultActions@ setting for the+-- FirewallPolicy.+--+-- For every rule, you must specify exactly one of the following standard+-- actions.+--+-- - __aws:pass__ - Discontinues all inspection of the packet and permits+-- it to go to its intended destination.+--+-- - __aws:drop__ - Discontinues all inspection of the packet and blocks+-- it from going to its intended destination.+--+-- - __aws:forward_to_sfe__ - Discontinues stateless inspection of the+-- packet and forwards it to the stateful rule engine for inspection.+--+-- Additionally, you can specify a custom action. To do this, you define a+-- custom action by name and type, then provide the name you\'ve assigned+-- to the action in this @Actions@ setting. For information about the+-- options, see CustomAction.+--+-- To provide more than one action in this setting, separate the settings+-- with a comma. For example, if you have a custom @PublishMetrics@ action+-- that you\'ve named @MyMetricsAction@, then you could specify the+-- standard action @aws:pass@ and the custom action with+-- @[“aws:pass”, “MyMetricsAction”]@.+ruleDefinition_actions :: Lens.Lens' RuleDefinition [Prelude.Text]+ruleDefinition_actions = Lens.lens (\RuleDefinition' {actions} -> actions) (\s@RuleDefinition' {} a -> s {actions = a} :: RuleDefinition) Prelude.. Lens.coerced++instance Data.FromJSON RuleDefinition where+ parseJSON =+ Data.withObject+ "RuleDefinition"+ ( \x ->+ RuleDefinition'+ Prelude.<$> (x Data..: "MatchAttributes")+ Prelude.<*> (x Data..:? "Actions" Data..!= Prelude.mempty)+ )++instance Prelude.Hashable RuleDefinition where+ hashWithSalt _salt RuleDefinition' {..} =+ _salt+ `Prelude.hashWithSalt` matchAttributes+ `Prelude.hashWithSalt` actions++instance Prelude.NFData RuleDefinition where+ rnf RuleDefinition' {..} =+ Prelude.rnf matchAttributes+ `Prelude.seq` Prelude.rnf actions++instance Data.ToJSON RuleDefinition where+ toJSON RuleDefinition' {..} =+ Data.object+ ( Prelude.catMaybes+ [ Prelude.Just+ ("MatchAttributes" Data..= matchAttributes),+ Prelude.Just ("Actions" Data..= actions)+ ]+ )
+ gen/Amazonka/NetworkFirewall/Types/RuleGroup.hs view
@@ -0,0 +1,147 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.Types.RuleGroup+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.Types.RuleGroup where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import Amazonka.NetworkFirewall.Types.ReferenceSets+import Amazonka.NetworkFirewall.Types.RuleVariables+import Amazonka.NetworkFirewall.Types.RulesSource+import Amazonka.NetworkFirewall.Types.StatefulRuleOptions+import qualified Amazonka.Prelude as Prelude++-- | The object that defines the rules in a rule group. This, along with+-- RuleGroupResponse, define the rule group. You can retrieve all objects+-- for a rule group by calling DescribeRuleGroup.+--+-- Network Firewall uses a rule group to inspect and control network+-- traffic. You define stateless rule groups to inspect individual packets+-- and you define stateful rule groups to inspect packets in the context of+-- their traffic flow.+--+-- To use a rule group, you include it by reference in an Network Firewall+-- firewall policy, then you use the policy in a firewall. You can+-- reference a rule group from more than one firewall policy, and you can+-- use a firewall policy in more than one firewall.+--+-- /See:/ 'newRuleGroup' smart constructor.+data RuleGroup = RuleGroup'+ { -- | The list of a rule group\'s reference sets.+ referenceSets :: Prelude.Maybe ReferenceSets,+ -- | Settings that are available for use in the rules in the rule group. You+ -- can only use these for stateful rule groups.+ ruleVariables :: Prelude.Maybe RuleVariables,+ -- | Additional options governing how Network Firewall handles stateful+ -- rules. The policies where you use your stateful rule group must have+ -- stateful rule options settings that are compatible with these settings.+ statefulRuleOptions :: Prelude.Maybe StatefulRuleOptions,+ -- | The stateful rules or stateless rules for the rule group.+ rulesSource :: RulesSource+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'RuleGroup' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'referenceSets', 'ruleGroup_referenceSets' - The list of a rule group\'s reference sets.+--+-- 'ruleVariables', 'ruleGroup_ruleVariables' - Settings that are available for use in the rules in the rule group. You+-- can only use these for stateful rule groups.+--+-- 'statefulRuleOptions', 'ruleGroup_statefulRuleOptions' - Additional options governing how Network Firewall handles stateful+-- rules. The policies where you use your stateful rule group must have+-- stateful rule options settings that are compatible with these settings.+--+-- 'rulesSource', 'ruleGroup_rulesSource' - The stateful rules or stateless rules for the rule group.+newRuleGroup ::+ -- | 'rulesSource'+ RulesSource ->+ RuleGroup+newRuleGroup pRulesSource_ =+ RuleGroup'+ { referenceSets = Prelude.Nothing,+ ruleVariables = Prelude.Nothing,+ statefulRuleOptions = Prelude.Nothing,+ rulesSource = pRulesSource_+ }++-- | The list of a rule group\'s reference sets.+ruleGroup_referenceSets :: Lens.Lens' RuleGroup (Prelude.Maybe ReferenceSets)+ruleGroup_referenceSets = Lens.lens (\RuleGroup' {referenceSets} -> referenceSets) (\s@RuleGroup' {} a -> s {referenceSets = a} :: RuleGroup)++-- | Settings that are available for use in the rules in the rule group. You+-- can only use these for stateful rule groups.+ruleGroup_ruleVariables :: Lens.Lens' RuleGroup (Prelude.Maybe RuleVariables)+ruleGroup_ruleVariables = Lens.lens (\RuleGroup' {ruleVariables} -> ruleVariables) (\s@RuleGroup' {} a -> s {ruleVariables = a} :: RuleGroup)++-- | Additional options governing how Network Firewall handles stateful+-- rules. The policies where you use your stateful rule group must have+-- stateful rule options settings that are compatible with these settings.+ruleGroup_statefulRuleOptions :: Lens.Lens' RuleGroup (Prelude.Maybe StatefulRuleOptions)+ruleGroup_statefulRuleOptions = Lens.lens (\RuleGroup' {statefulRuleOptions} -> statefulRuleOptions) (\s@RuleGroup' {} a -> s {statefulRuleOptions = a} :: RuleGroup)++-- | The stateful rules or stateless rules for the rule group.+ruleGroup_rulesSource :: Lens.Lens' RuleGroup RulesSource+ruleGroup_rulesSource = Lens.lens (\RuleGroup' {rulesSource} -> rulesSource) (\s@RuleGroup' {} a -> s {rulesSource = a} :: RuleGroup)++instance Data.FromJSON RuleGroup where+ parseJSON =+ Data.withObject+ "RuleGroup"+ ( \x ->+ RuleGroup'+ Prelude.<$> (x Data..:? "ReferenceSets")+ Prelude.<*> (x Data..:? "RuleVariables")+ Prelude.<*> (x Data..:? "StatefulRuleOptions")+ Prelude.<*> (x Data..: "RulesSource")+ )++instance Prelude.Hashable RuleGroup where+ hashWithSalt _salt RuleGroup' {..} =+ _salt+ `Prelude.hashWithSalt` referenceSets+ `Prelude.hashWithSalt` ruleVariables+ `Prelude.hashWithSalt` statefulRuleOptions+ `Prelude.hashWithSalt` rulesSource++instance Prelude.NFData RuleGroup where+ rnf RuleGroup' {..} =+ Prelude.rnf referenceSets+ `Prelude.seq` Prelude.rnf ruleVariables+ `Prelude.seq` Prelude.rnf statefulRuleOptions+ `Prelude.seq` Prelude.rnf rulesSource++instance Data.ToJSON RuleGroup where+ toJSON RuleGroup' {..} =+ Data.object+ ( Prelude.catMaybes+ [ ("ReferenceSets" Data..=) Prelude.<$> referenceSets,+ ("RuleVariables" Data..=) Prelude.<$> ruleVariables,+ ("StatefulRuleOptions" Data..=)+ Prelude.<$> statefulRuleOptions,+ Prelude.Just ("RulesSource" Data..= rulesSource)+ ]+ )
+ gen/Amazonka/NetworkFirewall/Types/RuleGroupMetadata.hs view
@@ -0,0 +1,88 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.Types.RuleGroupMetadata+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.Types.RuleGroupMetadata where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import qualified Amazonka.Prelude as Prelude++-- | High-level information about a rule group, returned by ListRuleGroups.+-- You can use the information provided in the metadata to retrieve and+-- manage a rule group.+--+-- /See:/ 'newRuleGroupMetadata' smart constructor.+data RuleGroupMetadata = RuleGroupMetadata'+ { -- | The Amazon Resource Name (ARN) of the rule group.+ arn :: Prelude.Maybe Prelude.Text,+ -- | The descriptive name of the rule group. You can\'t change the name of a+ -- rule group after you create it.+ name :: Prelude.Maybe Prelude.Text+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'RuleGroupMetadata' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'arn', 'ruleGroupMetadata_arn' - The Amazon Resource Name (ARN) of the rule group.+--+-- 'name', 'ruleGroupMetadata_name' - The descriptive name of the rule group. You can\'t change the name of a+-- rule group after you create it.+newRuleGroupMetadata ::+ RuleGroupMetadata+newRuleGroupMetadata =+ RuleGroupMetadata'+ { arn = Prelude.Nothing,+ name = Prelude.Nothing+ }++-- | The Amazon Resource Name (ARN) of the rule group.+ruleGroupMetadata_arn :: Lens.Lens' RuleGroupMetadata (Prelude.Maybe Prelude.Text)+ruleGroupMetadata_arn = Lens.lens (\RuleGroupMetadata' {arn} -> arn) (\s@RuleGroupMetadata' {} a -> s {arn = a} :: RuleGroupMetadata)++-- | The descriptive name of the rule group. You can\'t change the name of a+-- rule group after you create it.+ruleGroupMetadata_name :: Lens.Lens' RuleGroupMetadata (Prelude.Maybe Prelude.Text)+ruleGroupMetadata_name = Lens.lens (\RuleGroupMetadata' {name} -> name) (\s@RuleGroupMetadata' {} a -> s {name = a} :: RuleGroupMetadata)++instance Data.FromJSON RuleGroupMetadata where+ parseJSON =+ Data.withObject+ "RuleGroupMetadata"+ ( \x ->+ RuleGroupMetadata'+ Prelude.<$> (x Data..:? "Arn")+ Prelude.<*> (x Data..:? "Name")+ )++instance Prelude.Hashable RuleGroupMetadata where+ hashWithSalt _salt RuleGroupMetadata' {..} =+ _salt+ `Prelude.hashWithSalt` arn+ `Prelude.hashWithSalt` name++instance Prelude.NFData RuleGroupMetadata where+ rnf RuleGroupMetadata' {..} =+ Prelude.rnf arn `Prelude.seq` Prelude.rnf name
+ gen/Amazonka/NetworkFirewall/Types/RuleGroupResponse.hs view
@@ -0,0 +1,313 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.Types.RuleGroupResponse+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.Types.RuleGroupResponse where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import Amazonka.NetworkFirewall.Types.EncryptionConfiguration+import Amazonka.NetworkFirewall.Types.ResourceStatus+import Amazonka.NetworkFirewall.Types.RuleGroupType+import Amazonka.NetworkFirewall.Types.SourceMetadata+import Amazonka.NetworkFirewall.Types.Tag+import qualified Amazonka.Prelude as Prelude++-- | The high-level properties of a rule group. This, along with the+-- RuleGroup, define the rule group. You can retrieve all objects for a+-- rule group by calling DescribeRuleGroup.+--+-- /See:/ 'newRuleGroupResponse' smart constructor.+data RuleGroupResponse = RuleGroupResponse'+ { -- | The maximum operating resources that this rule group can use. Rule group+ -- capacity is fixed at creation. When you update a rule group, you are+ -- limited to this capacity. When you reference a rule group from a+ -- firewall policy, Network Firewall reserves this capacity for the rule+ -- group.+ --+ -- You can retrieve the capacity that would be required for a rule group+ -- before you create the rule group by calling CreateRuleGroup with+ -- @DryRun@ set to @TRUE@.+ capacity :: Prelude.Maybe Prelude.Int,+ -- | The number of capacity units currently consumed by the rule group rules.+ consumedCapacity :: Prelude.Maybe Prelude.Int,+ -- | A description of the rule group.+ description :: Prelude.Maybe Prelude.Text,+ -- | A complex type that contains the Amazon Web Services KMS encryption+ -- configuration settings for your rule group.+ encryptionConfiguration :: Prelude.Maybe EncryptionConfiguration,+ -- | The last time that the rule group was changed.+ lastModifiedTime :: Prelude.Maybe Data.POSIX,+ -- | The number of firewall policies that use this rule group.+ numberOfAssociations :: Prelude.Maybe Prelude.Int,+ -- | Detailed information about the current status of a rule group.+ ruleGroupStatus :: Prelude.Maybe ResourceStatus,+ -- | The Amazon resource name (ARN) of the Amazon Simple Notification Service+ -- SNS topic that\'s used to record changes to the managed rule group. You+ -- can subscribe to the SNS topic to receive notifications when the managed+ -- rule group is modified, such as for new versions and for version+ -- expiration. For more information, see the+ -- <https://docs.aws.amazon.com/sns/latest/dg/welcome.html Amazon Simple Notification Service Developer Guide.>.+ snsTopic :: Prelude.Maybe Prelude.Text,+ -- | A complex type that contains metadata about the rule group that your own+ -- rule group is copied from. You can use the metadata to track the version+ -- updates made to the originating rule group.+ sourceMetadata :: Prelude.Maybe SourceMetadata,+ -- | The key:value pairs to associate with the resource.+ tags :: Prelude.Maybe (Prelude.NonEmpty Tag),+ -- | Indicates whether the rule group is stateless or stateful. If the rule+ -- group is stateless, it contains stateless rules. If it is stateful, it+ -- contains stateful rules.+ type' :: Prelude.Maybe RuleGroupType,+ -- | The Amazon Resource Name (ARN) of the rule group.+ --+ -- If this response is for a create request that had @DryRun@ set to+ -- @TRUE@, then this ARN is a placeholder that isn\'t attached to a valid+ -- resource.+ ruleGroupArn :: Prelude.Text,+ -- | The descriptive name of the rule group. You can\'t change the name of a+ -- rule group after you create it.+ ruleGroupName :: Prelude.Text,+ -- | The unique identifier for the rule group.+ ruleGroupId :: Prelude.Text+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'RuleGroupResponse' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'capacity', 'ruleGroupResponse_capacity' - The maximum operating resources that this rule group can use. Rule group+-- capacity is fixed at creation. When you update a rule group, you are+-- limited to this capacity. When you reference a rule group from a+-- firewall policy, Network Firewall reserves this capacity for the rule+-- group.+--+-- You can retrieve the capacity that would be required for a rule group+-- before you create the rule group by calling CreateRuleGroup with+-- @DryRun@ set to @TRUE@.+--+-- 'consumedCapacity', 'ruleGroupResponse_consumedCapacity' - The number of capacity units currently consumed by the rule group rules.+--+-- 'description', 'ruleGroupResponse_description' - A description of the rule group.+--+-- 'encryptionConfiguration', 'ruleGroupResponse_encryptionConfiguration' - A complex type that contains the Amazon Web Services KMS encryption+-- configuration settings for your rule group.+--+-- 'lastModifiedTime', 'ruleGroupResponse_lastModifiedTime' - The last time that the rule group was changed.+--+-- 'numberOfAssociations', 'ruleGroupResponse_numberOfAssociations' - The number of firewall policies that use this rule group.+--+-- 'ruleGroupStatus', 'ruleGroupResponse_ruleGroupStatus' - Detailed information about the current status of a rule group.+--+-- 'snsTopic', 'ruleGroupResponse_snsTopic' - The Amazon resource name (ARN) of the Amazon Simple Notification Service+-- SNS topic that\'s used to record changes to the managed rule group. You+-- can subscribe to the SNS topic to receive notifications when the managed+-- rule group is modified, such as for new versions and for version+-- expiration. For more information, see the+-- <https://docs.aws.amazon.com/sns/latest/dg/welcome.html Amazon Simple Notification Service Developer Guide.>.+--+-- 'sourceMetadata', 'ruleGroupResponse_sourceMetadata' - A complex type that contains metadata about the rule group that your own+-- rule group is copied from. You can use the metadata to track the version+-- updates made to the originating rule group.+--+-- 'tags', 'ruleGroupResponse_tags' - The key:value pairs to associate with the resource.+--+-- 'type'', 'ruleGroupResponse_type' - Indicates whether the rule group is stateless or stateful. If the rule+-- group is stateless, it contains stateless rules. If it is stateful, it+-- contains stateful rules.+--+-- 'ruleGroupArn', 'ruleGroupResponse_ruleGroupArn' - The Amazon Resource Name (ARN) of the rule group.+--+-- If this response is for a create request that had @DryRun@ set to+-- @TRUE@, then this ARN is a placeholder that isn\'t attached to a valid+-- resource.+--+-- 'ruleGroupName', 'ruleGroupResponse_ruleGroupName' - The descriptive name of the rule group. You can\'t change the name of a+-- rule group after you create it.+--+-- 'ruleGroupId', 'ruleGroupResponse_ruleGroupId' - The unique identifier for the rule group.+newRuleGroupResponse ::+ -- | 'ruleGroupArn'+ Prelude.Text ->+ -- | 'ruleGroupName'+ Prelude.Text ->+ -- | 'ruleGroupId'+ Prelude.Text ->+ RuleGroupResponse+newRuleGroupResponse+ pRuleGroupArn_+ pRuleGroupName_+ pRuleGroupId_ =+ RuleGroupResponse'+ { capacity = Prelude.Nothing,+ consumedCapacity = Prelude.Nothing,+ description = Prelude.Nothing,+ encryptionConfiguration = Prelude.Nothing,+ lastModifiedTime = Prelude.Nothing,+ numberOfAssociations = Prelude.Nothing,+ ruleGroupStatus = Prelude.Nothing,+ snsTopic = Prelude.Nothing,+ sourceMetadata = Prelude.Nothing,+ tags = Prelude.Nothing,+ type' = Prelude.Nothing,+ ruleGroupArn = pRuleGroupArn_,+ ruleGroupName = pRuleGroupName_,+ ruleGroupId = pRuleGroupId_+ }++-- | The maximum operating resources that this rule group can use. Rule group+-- capacity is fixed at creation. When you update a rule group, you are+-- limited to this capacity. When you reference a rule group from a+-- firewall policy, Network Firewall reserves this capacity for the rule+-- group.+--+-- You can retrieve the capacity that would be required for a rule group+-- before you create the rule group by calling CreateRuleGroup with+-- @DryRun@ set to @TRUE@.+ruleGroupResponse_capacity :: Lens.Lens' RuleGroupResponse (Prelude.Maybe Prelude.Int)+ruleGroupResponse_capacity = Lens.lens (\RuleGroupResponse' {capacity} -> capacity) (\s@RuleGroupResponse' {} a -> s {capacity = a} :: RuleGroupResponse)++-- | The number of capacity units currently consumed by the rule group rules.+ruleGroupResponse_consumedCapacity :: Lens.Lens' RuleGroupResponse (Prelude.Maybe Prelude.Int)+ruleGroupResponse_consumedCapacity = Lens.lens (\RuleGroupResponse' {consumedCapacity} -> consumedCapacity) (\s@RuleGroupResponse' {} a -> s {consumedCapacity = a} :: RuleGroupResponse)++-- | A description of the rule group.+ruleGroupResponse_description :: Lens.Lens' RuleGroupResponse (Prelude.Maybe Prelude.Text)+ruleGroupResponse_description = Lens.lens (\RuleGroupResponse' {description} -> description) (\s@RuleGroupResponse' {} a -> s {description = a} :: RuleGroupResponse)++-- | A complex type that contains the Amazon Web Services KMS encryption+-- configuration settings for your rule group.+ruleGroupResponse_encryptionConfiguration :: Lens.Lens' RuleGroupResponse (Prelude.Maybe EncryptionConfiguration)+ruleGroupResponse_encryptionConfiguration = Lens.lens (\RuleGroupResponse' {encryptionConfiguration} -> encryptionConfiguration) (\s@RuleGroupResponse' {} a -> s {encryptionConfiguration = a} :: RuleGroupResponse)++-- | The last time that the rule group was changed.+ruleGroupResponse_lastModifiedTime :: Lens.Lens' RuleGroupResponse (Prelude.Maybe Prelude.UTCTime)+ruleGroupResponse_lastModifiedTime = Lens.lens (\RuleGroupResponse' {lastModifiedTime} -> lastModifiedTime) (\s@RuleGroupResponse' {} a -> s {lastModifiedTime = a} :: RuleGroupResponse) Prelude.. Lens.mapping Data._Time++-- | The number of firewall policies that use this rule group.+ruleGroupResponse_numberOfAssociations :: Lens.Lens' RuleGroupResponse (Prelude.Maybe Prelude.Int)+ruleGroupResponse_numberOfAssociations = Lens.lens (\RuleGroupResponse' {numberOfAssociations} -> numberOfAssociations) (\s@RuleGroupResponse' {} a -> s {numberOfAssociations = a} :: RuleGroupResponse)++-- | Detailed information about the current status of a rule group.+ruleGroupResponse_ruleGroupStatus :: Lens.Lens' RuleGroupResponse (Prelude.Maybe ResourceStatus)+ruleGroupResponse_ruleGroupStatus = Lens.lens (\RuleGroupResponse' {ruleGroupStatus} -> ruleGroupStatus) (\s@RuleGroupResponse' {} a -> s {ruleGroupStatus = a} :: RuleGroupResponse)++-- | The Amazon resource name (ARN) of the Amazon Simple Notification Service+-- SNS topic that\'s used to record changes to the managed rule group. You+-- can subscribe to the SNS topic to receive notifications when the managed+-- rule group is modified, such as for new versions and for version+-- expiration. For more information, see the+-- <https://docs.aws.amazon.com/sns/latest/dg/welcome.html Amazon Simple Notification Service Developer Guide.>.+ruleGroupResponse_snsTopic :: Lens.Lens' RuleGroupResponse (Prelude.Maybe Prelude.Text)+ruleGroupResponse_snsTopic = Lens.lens (\RuleGroupResponse' {snsTopic} -> snsTopic) (\s@RuleGroupResponse' {} a -> s {snsTopic = a} :: RuleGroupResponse)++-- | A complex type that contains metadata about the rule group that your own+-- rule group is copied from. You can use the metadata to track the version+-- updates made to the originating rule group.+ruleGroupResponse_sourceMetadata :: Lens.Lens' RuleGroupResponse (Prelude.Maybe SourceMetadata)+ruleGroupResponse_sourceMetadata = Lens.lens (\RuleGroupResponse' {sourceMetadata} -> sourceMetadata) (\s@RuleGroupResponse' {} a -> s {sourceMetadata = a} :: RuleGroupResponse)++-- | The key:value pairs to associate with the resource.+ruleGroupResponse_tags :: Lens.Lens' RuleGroupResponse (Prelude.Maybe (Prelude.NonEmpty Tag))+ruleGroupResponse_tags = Lens.lens (\RuleGroupResponse' {tags} -> tags) (\s@RuleGroupResponse' {} a -> s {tags = a} :: RuleGroupResponse) Prelude.. Lens.mapping Lens.coerced++-- | Indicates whether the rule group is stateless or stateful. If the rule+-- group is stateless, it contains stateless rules. If it is stateful, it+-- contains stateful rules.+ruleGroupResponse_type :: Lens.Lens' RuleGroupResponse (Prelude.Maybe RuleGroupType)+ruleGroupResponse_type = Lens.lens (\RuleGroupResponse' {type'} -> type') (\s@RuleGroupResponse' {} a -> s {type' = a} :: RuleGroupResponse)++-- | The Amazon Resource Name (ARN) of the rule group.+--+-- If this response is for a create request that had @DryRun@ set to+-- @TRUE@, then this ARN is a placeholder that isn\'t attached to a valid+-- resource.+ruleGroupResponse_ruleGroupArn :: Lens.Lens' RuleGroupResponse Prelude.Text+ruleGroupResponse_ruleGroupArn = Lens.lens (\RuleGroupResponse' {ruleGroupArn} -> ruleGroupArn) (\s@RuleGroupResponse' {} a -> s {ruleGroupArn = a} :: RuleGroupResponse)++-- | The descriptive name of the rule group. You can\'t change the name of a+-- rule group after you create it.+ruleGroupResponse_ruleGroupName :: Lens.Lens' RuleGroupResponse Prelude.Text+ruleGroupResponse_ruleGroupName = Lens.lens (\RuleGroupResponse' {ruleGroupName} -> ruleGroupName) (\s@RuleGroupResponse' {} a -> s {ruleGroupName = a} :: RuleGroupResponse)++-- | The unique identifier for the rule group.+ruleGroupResponse_ruleGroupId :: Lens.Lens' RuleGroupResponse Prelude.Text+ruleGroupResponse_ruleGroupId = Lens.lens (\RuleGroupResponse' {ruleGroupId} -> ruleGroupId) (\s@RuleGroupResponse' {} a -> s {ruleGroupId = a} :: RuleGroupResponse)++instance Data.FromJSON RuleGroupResponse where+ parseJSON =+ Data.withObject+ "RuleGroupResponse"+ ( \x ->+ RuleGroupResponse'+ Prelude.<$> (x Data..:? "Capacity")+ Prelude.<*> (x Data..:? "ConsumedCapacity")+ Prelude.<*> (x Data..:? "Description")+ Prelude.<*> (x Data..:? "EncryptionConfiguration")+ Prelude.<*> (x Data..:? "LastModifiedTime")+ Prelude.<*> (x Data..:? "NumberOfAssociations")+ Prelude.<*> (x Data..:? "RuleGroupStatus")+ Prelude.<*> (x Data..:? "SnsTopic")+ Prelude.<*> (x Data..:? "SourceMetadata")+ Prelude.<*> (x Data..:? "Tags")+ Prelude.<*> (x Data..:? "Type")+ Prelude.<*> (x Data..: "RuleGroupArn")+ Prelude.<*> (x Data..: "RuleGroupName")+ Prelude.<*> (x Data..: "RuleGroupId")+ )++instance Prelude.Hashable RuleGroupResponse where+ hashWithSalt _salt RuleGroupResponse' {..} =+ _salt+ `Prelude.hashWithSalt` capacity+ `Prelude.hashWithSalt` consumedCapacity+ `Prelude.hashWithSalt` description+ `Prelude.hashWithSalt` encryptionConfiguration+ `Prelude.hashWithSalt` lastModifiedTime+ `Prelude.hashWithSalt` numberOfAssociations+ `Prelude.hashWithSalt` ruleGroupStatus+ `Prelude.hashWithSalt` snsTopic+ `Prelude.hashWithSalt` sourceMetadata+ `Prelude.hashWithSalt` tags+ `Prelude.hashWithSalt` type'+ `Prelude.hashWithSalt` ruleGroupArn+ `Prelude.hashWithSalt` ruleGroupName+ `Prelude.hashWithSalt` ruleGroupId++instance Prelude.NFData RuleGroupResponse where+ rnf RuleGroupResponse' {..} =+ Prelude.rnf capacity+ `Prelude.seq` Prelude.rnf consumedCapacity+ `Prelude.seq` Prelude.rnf description+ `Prelude.seq` Prelude.rnf encryptionConfiguration+ `Prelude.seq` Prelude.rnf lastModifiedTime+ `Prelude.seq` Prelude.rnf numberOfAssociations+ `Prelude.seq` Prelude.rnf ruleGroupStatus+ `Prelude.seq` Prelude.rnf snsTopic+ `Prelude.seq` Prelude.rnf sourceMetadata+ `Prelude.seq` Prelude.rnf tags+ `Prelude.seq` Prelude.rnf type'+ `Prelude.seq` Prelude.rnf ruleGroupArn+ `Prelude.seq` Prelude.rnf ruleGroupName+ `Prelude.seq` Prelude.rnf ruleGroupId
+ gen/Amazonka/NetworkFirewall/Types/RuleGroupType.hs view
@@ -0,0 +1,71 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DerivingStrategies #-}+{-# LANGUAGE GeneralizedNewtypeDeriving #-}+{-# LANGUAGE LambdaCase #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE PatternSynonyms #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.Types.RuleGroupType+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.Types.RuleGroupType+ ( RuleGroupType+ ( ..,+ RuleGroupType_STATEFUL,+ RuleGroupType_STATELESS+ ),+ )+where++import qualified Amazonka.Core as Core+import qualified Amazonka.Data as Data+import qualified Amazonka.Prelude as Prelude++newtype RuleGroupType = RuleGroupType'+ { fromRuleGroupType ::+ Data.Text+ }+ deriving stock+ ( Prelude.Show,+ Prelude.Read,+ Prelude.Eq,+ Prelude.Ord,+ Prelude.Generic+ )+ deriving newtype+ ( Prelude.Hashable,+ Prelude.NFData,+ Data.FromText,+ Data.ToText,+ Data.ToByteString,+ Data.ToLog,+ Data.ToHeader,+ Data.ToQuery,+ Data.FromJSON,+ Data.FromJSONKey,+ Data.ToJSON,+ Data.ToJSONKey,+ Data.FromXML,+ Data.ToXML+ )++pattern RuleGroupType_STATEFUL :: RuleGroupType+pattern RuleGroupType_STATEFUL = RuleGroupType' "STATEFUL"++pattern RuleGroupType_STATELESS :: RuleGroupType+pattern RuleGroupType_STATELESS = RuleGroupType' "STATELESS"++{-# COMPLETE+ RuleGroupType_STATEFUL,+ RuleGroupType_STATELESS,+ RuleGroupType'+ #-}
+ gen/Amazonka/NetworkFirewall/Types/RuleOption.hs view
@@ -0,0 +1,92 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.Types.RuleOption+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.Types.RuleOption where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import qualified Amazonka.Prelude as Prelude++-- | Additional settings for a stateful rule. This is part of the+-- StatefulRule configuration.+--+-- /See:/ 'newRuleOption' smart constructor.+data RuleOption = RuleOption'+ { settings :: Prelude.Maybe [Prelude.Text],+ keyword :: Prelude.Text+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'RuleOption' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'settings', 'ruleOption_settings' -+--+-- 'keyword', 'ruleOption_keyword' -+newRuleOption ::+ -- | 'keyword'+ Prelude.Text ->+ RuleOption+newRuleOption pKeyword_ =+ RuleOption'+ { settings = Prelude.Nothing,+ keyword = pKeyword_+ }++ruleOption_settings :: Lens.Lens' RuleOption (Prelude.Maybe [Prelude.Text])+ruleOption_settings = Lens.lens (\RuleOption' {settings} -> settings) (\s@RuleOption' {} a -> s {settings = a} :: RuleOption) Prelude.. Lens.mapping Lens.coerced++ruleOption_keyword :: Lens.Lens' RuleOption Prelude.Text+ruleOption_keyword = Lens.lens (\RuleOption' {keyword} -> keyword) (\s@RuleOption' {} a -> s {keyword = a} :: RuleOption)++instance Data.FromJSON RuleOption where+ parseJSON =+ Data.withObject+ "RuleOption"+ ( \x ->+ RuleOption'+ Prelude.<$> (x Data..:? "Settings" Data..!= Prelude.mempty)+ Prelude.<*> (x Data..: "Keyword")+ )++instance Prelude.Hashable RuleOption where+ hashWithSalt _salt RuleOption' {..} =+ _salt+ `Prelude.hashWithSalt` settings+ `Prelude.hashWithSalt` keyword++instance Prelude.NFData RuleOption where+ rnf RuleOption' {..} =+ Prelude.rnf settings+ `Prelude.seq` Prelude.rnf keyword++instance Data.ToJSON RuleOption where+ toJSON RuleOption' {..} =+ Data.object+ ( Prelude.catMaybes+ [ ("Settings" Data..=) Prelude.<$> settings,+ Prelude.Just ("Keyword" Data..= keyword)+ ]+ )
+ gen/Amazonka/NetworkFirewall/Types/RuleOrder.hs view
@@ -0,0 +1,71 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DerivingStrategies #-}+{-# LANGUAGE GeneralizedNewtypeDeriving #-}+{-# LANGUAGE LambdaCase #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE PatternSynonyms #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.Types.RuleOrder+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.Types.RuleOrder+ ( RuleOrder+ ( ..,+ RuleOrder_DEFAULT_ACTION_ORDER,+ RuleOrder_STRICT_ORDER+ ),+ )+where++import qualified Amazonka.Core as Core+import qualified Amazonka.Data as Data+import qualified Amazonka.Prelude as Prelude++newtype RuleOrder = RuleOrder'+ { fromRuleOrder ::+ Data.Text+ }+ deriving stock+ ( Prelude.Show,+ Prelude.Read,+ Prelude.Eq,+ Prelude.Ord,+ Prelude.Generic+ )+ deriving newtype+ ( Prelude.Hashable,+ Prelude.NFData,+ Data.FromText,+ Data.ToText,+ Data.ToByteString,+ Data.ToLog,+ Data.ToHeader,+ Data.ToQuery,+ Data.FromJSON,+ Data.FromJSONKey,+ Data.ToJSON,+ Data.ToJSONKey,+ Data.FromXML,+ Data.ToXML+ )++pattern RuleOrder_DEFAULT_ACTION_ORDER :: RuleOrder+pattern RuleOrder_DEFAULT_ACTION_ORDER = RuleOrder' "DEFAULT_ACTION_ORDER"++pattern RuleOrder_STRICT_ORDER :: RuleOrder+pattern RuleOrder_STRICT_ORDER = RuleOrder' "STRICT_ORDER"++{-# COMPLETE+ RuleOrder_DEFAULT_ACTION_ORDER,+ RuleOrder_STRICT_ORDER,+ RuleOrder'+ #-}
+ gen/Amazonka/NetworkFirewall/Types/RuleVariables.hs view
@@ -0,0 +1,96 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.Types.RuleVariables+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.Types.RuleVariables where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import Amazonka.NetworkFirewall.Types.IPSet+import Amazonka.NetworkFirewall.Types.PortSet+import qualified Amazonka.Prelude as Prelude++-- | Settings that are available for use in the rules in the RuleGroup where+-- this is defined.+--+-- /See:/ 'newRuleVariables' smart constructor.+data RuleVariables = RuleVariables'+ { -- | A list of IP addresses and address ranges, in CIDR notation.+ iPSets :: Prelude.Maybe (Prelude.HashMap Prelude.Text IPSet),+ -- | A list of port ranges.+ portSets :: Prelude.Maybe (Prelude.HashMap Prelude.Text PortSet)+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'RuleVariables' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'iPSets', 'ruleVariables_iPSets' - A list of IP addresses and address ranges, in CIDR notation.+--+-- 'portSets', 'ruleVariables_portSets' - A list of port ranges.+newRuleVariables ::+ RuleVariables+newRuleVariables =+ RuleVariables'+ { iPSets = Prelude.Nothing,+ portSets = Prelude.Nothing+ }++-- | A list of IP addresses and address ranges, in CIDR notation.+ruleVariables_iPSets :: Lens.Lens' RuleVariables (Prelude.Maybe (Prelude.HashMap Prelude.Text IPSet))+ruleVariables_iPSets = Lens.lens (\RuleVariables' {iPSets} -> iPSets) (\s@RuleVariables' {} a -> s {iPSets = a} :: RuleVariables) Prelude.. Lens.mapping Lens.coerced++-- | A list of port ranges.+ruleVariables_portSets :: Lens.Lens' RuleVariables (Prelude.Maybe (Prelude.HashMap Prelude.Text PortSet))+ruleVariables_portSets = Lens.lens (\RuleVariables' {portSets} -> portSets) (\s@RuleVariables' {} a -> s {portSets = a} :: RuleVariables) Prelude.. Lens.mapping Lens.coerced++instance Data.FromJSON RuleVariables where+ parseJSON =+ Data.withObject+ "RuleVariables"+ ( \x ->+ RuleVariables'+ Prelude.<$> (x Data..:? "IPSets" Data..!= Prelude.mempty)+ Prelude.<*> (x Data..:? "PortSets" Data..!= Prelude.mempty)+ )++instance Prelude.Hashable RuleVariables where+ hashWithSalt _salt RuleVariables' {..} =+ _salt+ `Prelude.hashWithSalt` iPSets+ `Prelude.hashWithSalt` portSets++instance Prelude.NFData RuleVariables where+ rnf RuleVariables' {..} =+ Prelude.rnf iPSets+ `Prelude.seq` Prelude.rnf portSets++instance Data.ToJSON RuleVariables where+ toJSON RuleVariables' {..} =+ Data.object+ ( Prelude.catMaybes+ [ ("IPSets" Data..=) Prelude.<$> iPSets,+ ("PortSets" Data..=) Prelude.<$> portSets+ ]+ )
+ gen/Amazonka/NetworkFirewall/Types/RulesSource.hs view
@@ -0,0 +1,159 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.Types.RulesSource+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.Types.RulesSource where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import Amazonka.NetworkFirewall.Types.RulesSourceList+import Amazonka.NetworkFirewall.Types.StatefulRule+import Amazonka.NetworkFirewall.Types.StatelessRulesAndCustomActions+import qualified Amazonka.Prelude as Prelude++-- | The stateless or stateful rules definitions for use in a single rule+-- group. Each rule group requires a single @RulesSource@. You can use an+-- instance of this for either stateless rules or stateful rules.+--+-- /See:/ 'newRulesSource' smart constructor.+data RulesSource = RulesSource'+ { -- | Stateful inspection criteria for a domain list rule group.+ rulesSourceList :: Prelude.Maybe RulesSourceList,+ -- | Stateful inspection criteria, provided in Suricata compatible intrusion+ -- prevention system (IPS) rules. Suricata is an open-source network IPS+ -- that includes a standard rule-based language for network traffic+ -- inspection.+ --+ -- These rules contain the inspection criteria and the action to take for+ -- traffic that matches the criteria, so this type of rule group doesn\'t+ -- have a separate action setting.+ rulesString :: Prelude.Maybe Prelude.Text,+ -- | An array of individual stateful rules inspection criteria to be used+ -- together in a stateful rule group. Use this option to specify simple+ -- Suricata rules with protocol, source and destination, ports, direction,+ -- and rule options. For information about the Suricata @Rules@ format, see+ -- <https://suricata.readthedocs.io/rules/intro.html# Rules Format>.+ statefulRules :: Prelude.Maybe [StatefulRule],+ -- | Stateless inspection criteria to be used in a stateless rule group.+ statelessRulesAndCustomActions :: Prelude.Maybe StatelessRulesAndCustomActions+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'RulesSource' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'rulesSourceList', 'rulesSource_rulesSourceList' - Stateful inspection criteria for a domain list rule group.+--+-- 'rulesString', 'rulesSource_rulesString' - Stateful inspection criteria, provided in Suricata compatible intrusion+-- prevention system (IPS) rules. Suricata is an open-source network IPS+-- that includes a standard rule-based language for network traffic+-- inspection.+--+-- These rules contain the inspection criteria and the action to take for+-- traffic that matches the criteria, so this type of rule group doesn\'t+-- have a separate action setting.+--+-- 'statefulRules', 'rulesSource_statefulRules' - An array of individual stateful rules inspection criteria to be used+-- together in a stateful rule group. Use this option to specify simple+-- Suricata rules with protocol, source and destination, ports, direction,+-- and rule options. For information about the Suricata @Rules@ format, see+-- <https://suricata.readthedocs.io/rules/intro.html# Rules Format>.+--+-- 'statelessRulesAndCustomActions', 'rulesSource_statelessRulesAndCustomActions' - Stateless inspection criteria to be used in a stateless rule group.+newRulesSource ::+ RulesSource+newRulesSource =+ RulesSource'+ { rulesSourceList = Prelude.Nothing,+ rulesString = Prelude.Nothing,+ statefulRules = Prelude.Nothing,+ statelessRulesAndCustomActions = Prelude.Nothing+ }++-- | Stateful inspection criteria for a domain list rule group.+rulesSource_rulesSourceList :: Lens.Lens' RulesSource (Prelude.Maybe RulesSourceList)+rulesSource_rulesSourceList = Lens.lens (\RulesSource' {rulesSourceList} -> rulesSourceList) (\s@RulesSource' {} a -> s {rulesSourceList = a} :: RulesSource)++-- | Stateful inspection criteria, provided in Suricata compatible intrusion+-- prevention system (IPS) rules. Suricata is an open-source network IPS+-- that includes a standard rule-based language for network traffic+-- inspection.+--+-- These rules contain the inspection criteria and the action to take for+-- traffic that matches the criteria, so this type of rule group doesn\'t+-- have a separate action setting.+rulesSource_rulesString :: Lens.Lens' RulesSource (Prelude.Maybe Prelude.Text)+rulesSource_rulesString = Lens.lens (\RulesSource' {rulesString} -> rulesString) (\s@RulesSource' {} a -> s {rulesString = a} :: RulesSource)++-- | An array of individual stateful rules inspection criteria to be used+-- together in a stateful rule group. Use this option to specify simple+-- Suricata rules with protocol, source and destination, ports, direction,+-- and rule options. For information about the Suricata @Rules@ format, see+-- <https://suricata.readthedocs.io/rules/intro.html# Rules Format>.+rulesSource_statefulRules :: Lens.Lens' RulesSource (Prelude.Maybe [StatefulRule])+rulesSource_statefulRules = Lens.lens (\RulesSource' {statefulRules} -> statefulRules) (\s@RulesSource' {} a -> s {statefulRules = a} :: RulesSource) Prelude.. Lens.mapping Lens.coerced++-- | Stateless inspection criteria to be used in a stateless rule group.+rulesSource_statelessRulesAndCustomActions :: Lens.Lens' RulesSource (Prelude.Maybe StatelessRulesAndCustomActions)+rulesSource_statelessRulesAndCustomActions = Lens.lens (\RulesSource' {statelessRulesAndCustomActions} -> statelessRulesAndCustomActions) (\s@RulesSource' {} a -> s {statelessRulesAndCustomActions = a} :: RulesSource)++instance Data.FromJSON RulesSource where+ parseJSON =+ Data.withObject+ "RulesSource"+ ( \x ->+ RulesSource'+ Prelude.<$> (x Data..:? "RulesSourceList")+ Prelude.<*> (x Data..:? "RulesString")+ Prelude.<*> (x Data..:? "StatefulRules" Data..!= Prelude.mempty)+ Prelude.<*> (x Data..:? "StatelessRulesAndCustomActions")+ )++instance Prelude.Hashable RulesSource where+ hashWithSalt _salt RulesSource' {..} =+ _salt+ `Prelude.hashWithSalt` rulesSourceList+ `Prelude.hashWithSalt` rulesString+ `Prelude.hashWithSalt` statefulRules+ `Prelude.hashWithSalt` statelessRulesAndCustomActions++instance Prelude.NFData RulesSource where+ rnf RulesSource' {..} =+ Prelude.rnf rulesSourceList+ `Prelude.seq` Prelude.rnf rulesString+ `Prelude.seq` Prelude.rnf statefulRules+ `Prelude.seq` Prelude.rnf statelessRulesAndCustomActions++instance Data.ToJSON RulesSource where+ toJSON RulesSource' {..} =+ Data.object+ ( Prelude.catMaybes+ [ ("RulesSourceList" Data..=)+ Prelude.<$> rulesSourceList,+ ("RulesString" Data..=) Prelude.<$> rulesString,+ ("StatefulRules" Data..=) Prelude.<$> statefulRules,+ ("StatelessRulesAndCustomActions" Data..=)+ Prelude.<$> statelessRulesAndCustomActions+ ]+ )
+ gen/Amazonka/NetworkFirewall/Types/RulesSourceList.hs view
@@ -0,0 +1,156 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.Types.RulesSourceList+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.Types.RulesSourceList where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import Amazonka.NetworkFirewall.Types.GeneratedRulesType+import Amazonka.NetworkFirewall.Types.TargetType+import qualified Amazonka.Prelude as Prelude++-- | Stateful inspection criteria for a domain list rule group.+--+-- For HTTPS traffic, domain filtering is SNI-based. It uses the server+-- name indicator extension of the TLS handshake.+--+-- By default, Network Firewall domain list inspection only includes+-- traffic coming from the VPC where you deploy the firewall. To inspect+-- traffic from IP addresses outside of the deployment VPC, you set the+-- @HOME_NET@ rule variable to include the CIDR range of the deployment VPC+-- plus the other CIDR ranges. For more information, see RuleVariables in+-- this guide and+-- <https://docs.aws.amazon.com/network-firewall/latest/developerguide/stateful-rule-groups-domain-names.html Stateful domain list rule groups in Network Firewall>+-- in the /Network Firewall Developer Guide/.+--+-- /See:/ 'newRulesSourceList' smart constructor.+data RulesSourceList = RulesSourceList'+ { -- | The domains that you want to inspect for in your traffic flows. Valid+ -- domain specifications are the following:+ --+ -- - Explicit names. For example, @abc.example.com@ matches only the+ -- domain @abc.example.com@.+ --+ -- - Names that use a domain wildcard, which you indicate with an initial+ -- \'@.@\'. For example,@.example.com@ matches @example.com@ and+ -- matches all subdomains of @example.com@, such as @abc.example.com@+ -- and @www.example.com@.+ targets :: [Prelude.Text],+ -- | The protocols you want to inspect. Specify @TLS_SNI@ for @HTTPS@.+ -- Specify @HTTP_HOST@ for @HTTP@. You can specify either or both.+ targetTypes :: [TargetType],+ -- | Whether you want to allow or deny access to the domains in your target+ -- list.+ generatedRulesType :: GeneratedRulesType+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'RulesSourceList' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'targets', 'rulesSourceList_targets' - The domains that you want to inspect for in your traffic flows. Valid+-- domain specifications are the following:+--+-- - Explicit names. For example, @abc.example.com@ matches only the+-- domain @abc.example.com@.+--+-- - Names that use a domain wildcard, which you indicate with an initial+-- \'@.@\'. For example,@.example.com@ matches @example.com@ and+-- matches all subdomains of @example.com@, such as @abc.example.com@+-- and @www.example.com@.+--+-- 'targetTypes', 'rulesSourceList_targetTypes' - The protocols you want to inspect. Specify @TLS_SNI@ for @HTTPS@.+-- Specify @HTTP_HOST@ for @HTTP@. You can specify either or both.+--+-- 'generatedRulesType', 'rulesSourceList_generatedRulesType' - Whether you want to allow or deny access to the domains in your target+-- list.+newRulesSourceList ::+ -- | 'generatedRulesType'+ GeneratedRulesType ->+ RulesSourceList+newRulesSourceList pGeneratedRulesType_ =+ RulesSourceList'+ { targets = Prelude.mempty,+ targetTypes = Prelude.mempty,+ generatedRulesType = pGeneratedRulesType_+ }++-- | The domains that you want to inspect for in your traffic flows. Valid+-- domain specifications are the following:+--+-- - Explicit names. For example, @abc.example.com@ matches only the+-- domain @abc.example.com@.+--+-- - Names that use a domain wildcard, which you indicate with an initial+-- \'@.@\'. For example,@.example.com@ matches @example.com@ and+-- matches all subdomains of @example.com@, such as @abc.example.com@+-- and @www.example.com@.+rulesSourceList_targets :: Lens.Lens' RulesSourceList [Prelude.Text]+rulesSourceList_targets = Lens.lens (\RulesSourceList' {targets} -> targets) (\s@RulesSourceList' {} a -> s {targets = a} :: RulesSourceList) Prelude.. Lens.coerced++-- | The protocols you want to inspect. Specify @TLS_SNI@ for @HTTPS@.+-- Specify @HTTP_HOST@ for @HTTP@. You can specify either or both.+rulesSourceList_targetTypes :: Lens.Lens' RulesSourceList [TargetType]+rulesSourceList_targetTypes = Lens.lens (\RulesSourceList' {targetTypes} -> targetTypes) (\s@RulesSourceList' {} a -> s {targetTypes = a} :: RulesSourceList) Prelude.. Lens.coerced++-- | Whether you want to allow or deny access to the domains in your target+-- list.+rulesSourceList_generatedRulesType :: Lens.Lens' RulesSourceList GeneratedRulesType+rulesSourceList_generatedRulesType = Lens.lens (\RulesSourceList' {generatedRulesType} -> generatedRulesType) (\s@RulesSourceList' {} a -> s {generatedRulesType = a} :: RulesSourceList)++instance Data.FromJSON RulesSourceList where+ parseJSON =+ Data.withObject+ "RulesSourceList"+ ( \x ->+ RulesSourceList'+ Prelude.<$> (x Data..:? "Targets" Data..!= Prelude.mempty)+ Prelude.<*> (x Data..:? "TargetTypes" Data..!= Prelude.mempty)+ Prelude.<*> (x Data..: "GeneratedRulesType")+ )++instance Prelude.Hashable RulesSourceList where+ hashWithSalt _salt RulesSourceList' {..} =+ _salt+ `Prelude.hashWithSalt` targets+ `Prelude.hashWithSalt` targetTypes+ `Prelude.hashWithSalt` generatedRulesType++instance Prelude.NFData RulesSourceList where+ rnf RulesSourceList' {..} =+ Prelude.rnf targets+ `Prelude.seq` Prelude.rnf targetTypes+ `Prelude.seq` Prelude.rnf generatedRulesType++instance Data.ToJSON RulesSourceList where+ toJSON RulesSourceList' {..} =+ Data.object+ ( Prelude.catMaybes+ [ Prelude.Just ("Targets" Data..= targets),+ Prelude.Just ("TargetTypes" Data..= targetTypes),+ Prelude.Just+ ("GeneratedRulesType" Data..= generatedRulesType)+ ]+ )
+ gen/Amazonka/NetworkFirewall/Types/SourceMetadata.hs view
@@ -0,0 +1,110 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.Types.SourceMetadata+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.Types.SourceMetadata where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import qualified Amazonka.Prelude as Prelude++-- | High-level information about the managed rule group that your own rule+-- group is copied from. You can use the the metadata to track version+-- updates made to the originating rule group. You can retrieve all objects+-- for a rule group by calling+-- <https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DescribeRuleGroup.html DescribeRuleGroup>.+--+-- /See:/ 'newSourceMetadata' smart constructor.+data SourceMetadata = SourceMetadata'+ { -- | The Amazon Resource Name (ARN) of the rule group that your own rule+ -- group is copied from.+ sourceArn :: Prelude.Maybe Prelude.Text,+ -- | The update token of the Amazon Web Services managed rule group that your+ -- own rule group is copied from. To determine the update token for the+ -- managed rule group, call+ -- <https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DescribeRuleGroup.html#networkfirewall-DescribeRuleGroup-response-UpdateToken DescribeRuleGroup>.+ sourceUpdateToken :: Prelude.Maybe Prelude.Text+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'SourceMetadata' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'sourceArn', 'sourceMetadata_sourceArn' - The Amazon Resource Name (ARN) of the rule group that your own rule+-- group is copied from.+--+-- 'sourceUpdateToken', 'sourceMetadata_sourceUpdateToken' - The update token of the Amazon Web Services managed rule group that your+-- own rule group is copied from. To determine the update token for the+-- managed rule group, call+-- <https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DescribeRuleGroup.html#networkfirewall-DescribeRuleGroup-response-UpdateToken DescribeRuleGroup>.+newSourceMetadata ::+ SourceMetadata+newSourceMetadata =+ SourceMetadata'+ { sourceArn = Prelude.Nothing,+ sourceUpdateToken = Prelude.Nothing+ }++-- | The Amazon Resource Name (ARN) of the rule group that your own rule+-- group is copied from.+sourceMetadata_sourceArn :: Lens.Lens' SourceMetadata (Prelude.Maybe Prelude.Text)+sourceMetadata_sourceArn = Lens.lens (\SourceMetadata' {sourceArn} -> sourceArn) (\s@SourceMetadata' {} a -> s {sourceArn = a} :: SourceMetadata)++-- | The update token of the Amazon Web Services managed rule group that your+-- own rule group is copied from. To determine the update token for the+-- managed rule group, call+-- <https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DescribeRuleGroup.html#networkfirewall-DescribeRuleGroup-response-UpdateToken DescribeRuleGroup>.+sourceMetadata_sourceUpdateToken :: Lens.Lens' SourceMetadata (Prelude.Maybe Prelude.Text)+sourceMetadata_sourceUpdateToken = Lens.lens (\SourceMetadata' {sourceUpdateToken} -> sourceUpdateToken) (\s@SourceMetadata' {} a -> s {sourceUpdateToken = a} :: SourceMetadata)++instance Data.FromJSON SourceMetadata where+ parseJSON =+ Data.withObject+ "SourceMetadata"+ ( \x ->+ SourceMetadata'+ Prelude.<$> (x Data..:? "SourceArn")+ Prelude.<*> (x Data..:? "SourceUpdateToken")+ )++instance Prelude.Hashable SourceMetadata where+ hashWithSalt _salt SourceMetadata' {..} =+ _salt+ `Prelude.hashWithSalt` sourceArn+ `Prelude.hashWithSalt` sourceUpdateToken++instance Prelude.NFData SourceMetadata where+ rnf SourceMetadata' {..} =+ Prelude.rnf sourceArn+ `Prelude.seq` Prelude.rnf sourceUpdateToken++instance Data.ToJSON SourceMetadata where+ toJSON SourceMetadata' {..} =+ Data.object+ ( Prelude.catMaybes+ [ ("SourceArn" Data..=) Prelude.<$> sourceArn,+ ("SourceUpdateToken" Data..=)+ Prelude.<$> sourceUpdateToken+ ]+ )
+ gen/Amazonka/NetworkFirewall/Types/StatefulAction.hs view
@@ -0,0 +1,76 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DerivingStrategies #-}+{-# LANGUAGE GeneralizedNewtypeDeriving #-}+{-# LANGUAGE LambdaCase #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE PatternSynonyms #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.Types.StatefulAction+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.Types.StatefulAction+ ( StatefulAction+ ( ..,+ StatefulAction_ALERT,+ StatefulAction_DROP,+ StatefulAction_PASS+ ),+ )+where++import qualified Amazonka.Core as Core+import qualified Amazonka.Data as Data+import qualified Amazonka.Prelude as Prelude++newtype StatefulAction = StatefulAction'+ { fromStatefulAction ::+ Data.Text+ }+ deriving stock+ ( Prelude.Show,+ Prelude.Read,+ Prelude.Eq,+ Prelude.Ord,+ Prelude.Generic+ )+ deriving newtype+ ( Prelude.Hashable,+ Prelude.NFData,+ Data.FromText,+ Data.ToText,+ Data.ToByteString,+ Data.ToLog,+ Data.ToHeader,+ Data.ToQuery,+ Data.FromJSON,+ Data.FromJSONKey,+ Data.ToJSON,+ Data.ToJSONKey,+ Data.FromXML,+ Data.ToXML+ )++pattern StatefulAction_ALERT :: StatefulAction+pattern StatefulAction_ALERT = StatefulAction' "ALERT"++pattern StatefulAction_DROP :: StatefulAction+pattern StatefulAction_DROP = StatefulAction' "DROP"++pattern StatefulAction_PASS :: StatefulAction+pattern StatefulAction_PASS = StatefulAction' "PASS"++{-# COMPLETE+ StatefulAction_ALERT,+ StatefulAction_DROP,+ StatefulAction_PASS,+ StatefulAction'+ #-}
+ gen/Amazonka/NetworkFirewall/Types/StatefulEngineOptions.hs view
@@ -0,0 +1,160 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.Types.StatefulEngineOptions+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.Types.StatefulEngineOptions where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import Amazonka.NetworkFirewall.Types.RuleOrder+import Amazonka.NetworkFirewall.Types.StreamExceptionPolicy+import qualified Amazonka.Prelude as Prelude++-- | Configuration settings for the handling of the stateful rule groups in a+-- firewall policy.+--+-- /See:/ 'newStatefulEngineOptions' smart constructor.+data StatefulEngineOptions = StatefulEngineOptions'+ { -- | Indicates how to manage the order of stateful rule evaluation for the+ -- policy. @DEFAULT_ACTION_ORDER@ is the default behavior. Stateful rules+ -- are provided to the rule engine as Suricata compatible strings, and+ -- Suricata evaluates them based on certain settings. For more information,+ -- see+ -- <https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-rule-evaluation-order.html Evaluation order for stateful rules>+ -- in the /Network Firewall Developer Guide/.+ ruleOrder :: Prelude.Maybe RuleOrder,+ -- | Configures how Network Firewall processes traffic when a network+ -- connection breaks midstream. Network connections can break due to+ -- disruptions in external networks or within the firewall itself.+ --+ -- - @DROP@ - Network Firewall fails closed and drops all subsequent+ -- traffic going to the firewall. This is the default behavior.+ --+ -- - @CONTINUE@ - Network Firewall continues to apply rules to the+ -- subsequent traffic without context from traffic before the break.+ -- This impacts the behavior of rules that depend on this context. For+ -- example, if you have a stateful rule to @drop http@ traffic, Network+ -- Firewall won\'t match the traffic for this rule because the service+ -- won\'t have the context from session initialization defining the+ -- application layer protocol as HTTP. However, this behavior is rule+ -- dependent—a TCP-layer rule using a @flow:stateless@ rule would still+ -- match, as would the @aws:drop_strict@ default action.+ streamExceptionPolicy :: Prelude.Maybe StreamExceptionPolicy+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'StatefulEngineOptions' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'ruleOrder', 'statefulEngineOptions_ruleOrder' - Indicates how to manage the order of stateful rule evaluation for the+-- policy. @DEFAULT_ACTION_ORDER@ is the default behavior. Stateful rules+-- are provided to the rule engine as Suricata compatible strings, and+-- Suricata evaluates them based on certain settings. For more information,+-- see+-- <https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-rule-evaluation-order.html Evaluation order for stateful rules>+-- in the /Network Firewall Developer Guide/.+--+-- 'streamExceptionPolicy', 'statefulEngineOptions_streamExceptionPolicy' - Configures how Network Firewall processes traffic when a network+-- connection breaks midstream. Network connections can break due to+-- disruptions in external networks or within the firewall itself.+--+-- - @DROP@ - Network Firewall fails closed and drops all subsequent+-- traffic going to the firewall. This is the default behavior.+--+-- - @CONTINUE@ - Network Firewall continues to apply rules to the+-- subsequent traffic without context from traffic before the break.+-- This impacts the behavior of rules that depend on this context. For+-- example, if you have a stateful rule to @drop http@ traffic, Network+-- Firewall won\'t match the traffic for this rule because the service+-- won\'t have the context from session initialization defining the+-- application layer protocol as HTTP. However, this behavior is rule+-- dependent—a TCP-layer rule using a @flow:stateless@ rule would still+-- match, as would the @aws:drop_strict@ default action.+newStatefulEngineOptions ::+ StatefulEngineOptions+newStatefulEngineOptions =+ StatefulEngineOptions'+ { ruleOrder = Prelude.Nothing,+ streamExceptionPolicy = Prelude.Nothing+ }++-- | Indicates how to manage the order of stateful rule evaluation for the+-- policy. @DEFAULT_ACTION_ORDER@ is the default behavior. Stateful rules+-- are provided to the rule engine as Suricata compatible strings, and+-- Suricata evaluates them based on certain settings. For more information,+-- see+-- <https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-rule-evaluation-order.html Evaluation order for stateful rules>+-- in the /Network Firewall Developer Guide/.+statefulEngineOptions_ruleOrder :: Lens.Lens' StatefulEngineOptions (Prelude.Maybe RuleOrder)+statefulEngineOptions_ruleOrder = Lens.lens (\StatefulEngineOptions' {ruleOrder} -> ruleOrder) (\s@StatefulEngineOptions' {} a -> s {ruleOrder = a} :: StatefulEngineOptions)++-- | Configures how Network Firewall processes traffic when a network+-- connection breaks midstream. Network connections can break due to+-- disruptions in external networks or within the firewall itself.+--+-- - @DROP@ - Network Firewall fails closed and drops all subsequent+-- traffic going to the firewall. This is the default behavior.+--+-- - @CONTINUE@ - Network Firewall continues to apply rules to the+-- subsequent traffic without context from traffic before the break.+-- This impacts the behavior of rules that depend on this context. For+-- example, if you have a stateful rule to @drop http@ traffic, Network+-- Firewall won\'t match the traffic for this rule because the service+-- won\'t have the context from session initialization defining the+-- application layer protocol as HTTP. However, this behavior is rule+-- dependent—a TCP-layer rule using a @flow:stateless@ rule would still+-- match, as would the @aws:drop_strict@ default action.+statefulEngineOptions_streamExceptionPolicy :: Lens.Lens' StatefulEngineOptions (Prelude.Maybe StreamExceptionPolicy)+statefulEngineOptions_streamExceptionPolicy = Lens.lens (\StatefulEngineOptions' {streamExceptionPolicy} -> streamExceptionPolicy) (\s@StatefulEngineOptions' {} a -> s {streamExceptionPolicy = a} :: StatefulEngineOptions)++instance Data.FromJSON StatefulEngineOptions where+ parseJSON =+ Data.withObject+ "StatefulEngineOptions"+ ( \x ->+ StatefulEngineOptions'+ Prelude.<$> (x Data..:? "RuleOrder")+ Prelude.<*> (x Data..:? "StreamExceptionPolicy")+ )++instance Prelude.Hashable StatefulEngineOptions where+ hashWithSalt _salt StatefulEngineOptions' {..} =+ _salt+ `Prelude.hashWithSalt` ruleOrder+ `Prelude.hashWithSalt` streamExceptionPolicy++instance Prelude.NFData StatefulEngineOptions where+ rnf StatefulEngineOptions' {..} =+ Prelude.rnf ruleOrder+ `Prelude.seq` Prelude.rnf streamExceptionPolicy++instance Data.ToJSON StatefulEngineOptions where+ toJSON StatefulEngineOptions' {..} =+ Data.object+ ( Prelude.catMaybes+ [ ("RuleOrder" Data..=) Prelude.<$> ruleOrder,+ ("StreamExceptionPolicy" Data..=)+ Prelude.<$> streamExceptionPolicy+ ]+ )
+ gen/Amazonka/NetworkFirewall/Types/StatefulRule.hs view
@@ -0,0 +1,183 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.Types.StatefulRule+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.Types.StatefulRule where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import Amazonka.NetworkFirewall.Types.Header+import Amazonka.NetworkFirewall.Types.RuleOption+import Amazonka.NetworkFirewall.Types.StatefulAction+import qualified Amazonka.Prelude as Prelude++-- | A single Suricata rules specification, for use in a stateful rule group.+-- Use this option to specify a simple Suricata rule with protocol, source+-- and destination, ports, direction, and rule options. For information+-- about the Suricata @Rules@ format, see+-- <https://suricata.readthedocs.io/rules/intro.html# Rules Format>.+--+-- /See:/ 'newStatefulRule' smart constructor.+data StatefulRule = StatefulRule'+ { -- | Defines what Network Firewall should do with the packets in a traffic+ -- flow when the flow matches the stateful rule criteria. For all actions,+ -- Network Firewall performs the specified action and discontinues stateful+ -- inspection of the traffic flow.+ --+ -- The actions for a stateful rule are defined as follows:+ --+ -- - __PASS__ - Permits the packets to go to the intended destination.+ --+ -- - __DROP__ - Blocks the packets from going to the intended destination+ -- and sends an alert log message, if alert logging is configured in+ -- the Firewall LoggingConfiguration.+ --+ -- - __ALERT__ - Permits the packets to go to the intended destination+ -- and sends an alert log message, if alert logging is configured in+ -- the Firewall LoggingConfiguration.+ --+ -- You can use this action to test a rule that you intend to use to+ -- drop traffic. You can enable the rule with @ALERT@ action, verify in+ -- the logs that the rule is filtering as you want, then change the+ -- action to @DROP@.+ action :: StatefulAction,+ -- | The stateful inspection criteria for this rule, used to inspect traffic+ -- flows.+ header :: Header,+ -- | Additional options for the rule. These are the Suricata @RuleOptions@+ -- settings.+ ruleOptions :: [RuleOption]+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'StatefulRule' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'action', 'statefulRule_action' - Defines what Network Firewall should do with the packets in a traffic+-- flow when the flow matches the stateful rule criteria. For all actions,+-- Network Firewall performs the specified action and discontinues stateful+-- inspection of the traffic flow.+--+-- The actions for a stateful rule are defined as follows:+--+-- - __PASS__ - Permits the packets to go to the intended destination.+--+-- - __DROP__ - Blocks the packets from going to the intended destination+-- and sends an alert log message, if alert logging is configured in+-- the Firewall LoggingConfiguration.+--+-- - __ALERT__ - Permits the packets to go to the intended destination+-- and sends an alert log message, if alert logging is configured in+-- the Firewall LoggingConfiguration.+--+-- You can use this action to test a rule that you intend to use to+-- drop traffic. You can enable the rule with @ALERT@ action, verify in+-- the logs that the rule is filtering as you want, then change the+-- action to @DROP@.+--+-- 'header', 'statefulRule_header' - The stateful inspection criteria for this rule, used to inspect traffic+-- flows.+--+-- 'ruleOptions', 'statefulRule_ruleOptions' - Additional options for the rule. These are the Suricata @RuleOptions@+-- settings.+newStatefulRule ::+ -- | 'action'+ StatefulAction ->+ -- | 'header'+ Header ->+ StatefulRule+newStatefulRule pAction_ pHeader_ =+ StatefulRule'+ { action = pAction_,+ header = pHeader_,+ ruleOptions = Prelude.mempty+ }++-- | Defines what Network Firewall should do with the packets in a traffic+-- flow when the flow matches the stateful rule criteria. For all actions,+-- Network Firewall performs the specified action and discontinues stateful+-- inspection of the traffic flow.+--+-- The actions for a stateful rule are defined as follows:+--+-- - __PASS__ - Permits the packets to go to the intended destination.+--+-- - __DROP__ - Blocks the packets from going to the intended destination+-- and sends an alert log message, if alert logging is configured in+-- the Firewall LoggingConfiguration.+--+-- - __ALERT__ - Permits the packets to go to the intended destination+-- and sends an alert log message, if alert logging is configured in+-- the Firewall LoggingConfiguration.+--+-- You can use this action to test a rule that you intend to use to+-- drop traffic. You can enable the rule with @ALERT@ action, verify in+-- the logs that the rule is filtering as you want, then change the+-- action to @DROP@.+statefulRule_action :: Lens.Lens' StatefulRule StatefulAction+statefulRule_action = Lens.lens (\StatefulRule' {action} -> action) (\s@StatefulRule' {} a -> s {action = a} :: StatefulRule)++-- | The stateful inspection criteria for this rule, used to inspect traffic+-- flows.+statefulRule_header :: Lens.Lens' StatefulRule Header+statefulRule_header = Lens.lens (\StatefulRule' {header} -> header) (\s@StatefulRule' {} a -> s {header = a} :: StatefulRule)++-- | Additional options for the rule. These are the Suricata @RuleOptions@+-- settings.+statefulRule_ruleOptions :: Lens.Lens' StatefulRule [RuleOption]+statefulRule_ruleOptions = Lens.lens (\StatefulRule' {ruleOptions} -> ruleOptions) (\s@StatefulRule' {} a -> s {ruleOptions = a} :: StatefulRule) Prelude.. Lens.coerced++instance Data.FromJSON StatefulRule where+ parseJSON =+ Data.withObject+ "StatefulRule"+ ( \x ->+ StatefulRule'+ Prelude.<$> (x Data..: "Action")+ Prelude.<*> (x Data..: "Header")+ Prelude.<*> (x Data..:? "RuleOptions" Data..!= Prelude.mempty)+ )++instance Prelude.Hashable StatefulRule where+ hashWithSalt _salt StatefulRule' {..} =+ _salt+ `Prelude.hashWithSalt` action+ `Prelude.hashWithSalt` header+ `Prelude.hashWithSalt` ruleOptions++instance Prelude.NFData StatefulRule where+ rnf StatefulRule' {..} =+ Prelude.rnf action+ `Prelude.seq` Prelude.rnf header+ `Prelude.seq` Prelude.rnf ruleOptions++instance Data.ToJSON StatefulRule where+ toJSON StatefulRule' {..} =+ Data.object+ ( Prelude.catMaybes+ [ Prelude.Just ("Action" Data..= action),+ Prelude.Just ("Header" Data..= header),+ Prelude.Just ("RuleOptions" Data..= ruleOptions)+ ]+ )
+ gen/Amazonka/NetworkFirewall/Types/StatefulRuleDirection.hs view
@@ -0,0 +1,71 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DerivingStrategies #-}+{-# LANGUAGE GeneralizedNewtypeDeriving #-}+{-# LANGUAGE LambdaCase #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE PatternSynonyms #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.Types.StatefulRuleDirection+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.Types.StatefulRuleDirection+ ( StatefulRuleDirection+ ( ..,+ StatefulRuleDirection_ANY,+ StatefulRuleDirection_FORWARD+ ),+ )+where++import qualified Amazonka.Core as Core+import qualified Amazonka.Data as Data+import qualified Amazonka.Prelude as Prelude++newtype StatefulRuleDirection = StatefulRuleDirection'+ { fromStatefulRuleDirection ::+ Data.Text+ }+ deriving stock+ ( Prelude.Show,+ Prelude.Read,+ Prelude.Eq,+ Prelude.Ord,+ Prelude.Generic+ )+ deriving newtype+ ( Prelude.Hashable,+ Prelude.NFData,+ Data.FromText,+ Data.ToText,+ Data.ToByteString,+ Data.ToLog,+ Data.ToHeader,+ Data.ToQuery,+ Data.FromJSON,+ Data.FromJSONKey,+ Data.ToJSON,+ Data.ToJSONKey,+ Data.FromXML,+ Data.ToXML+ )++pattern StatefulRuleDirection_ANY :: StatefulRuleDirection+pattern StatefulRuleDirection_ANY = StatefulRuleDirection' "ANY"++pattern StatefulRuleDirection_FORWARD :: StatefulRuleDirection+pattern StatefulRuleDirection_FORWARD = StatefulRuleDirection' "FORWARD"++{-# COMPLETE+ StatefulRuleDirection_ANY,+ StatefulRuleDirection_FORWARD,+ StatefulRuleDirection'+ #-}
+ gen/Amazonka/NetworkFirewall/Types/StatefulRuleGroupOverride.hs view
@@ -0,0 +1,84 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.Types.StatefulRuleGroupOverride+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.Types.StatefulRuleGroupOverride where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import Amazonka.NetworkFirewall.Types.OverrideAction+import qualified Amazonka.Prelude as Prelude++-- | The setting that allows the policy owner to change the behavior of the+-- rule group within a policy.+--+-- /See:/ 'newStatefulRuleGroupOverride' smart constructor.+data StatefulRuleGroupOverride = StatefulRuleGroupOverride'+ { -- | The action that changes the rule group from @DROP@ to @ALERT@. This only+ -- applies to managed rule groups.+ action :: Prelude.Maybe OverrideAction+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'StatefulRuleGroupOverride' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'action', 'statefulRuleGroupOverride_action' - The action that changes the rule group from @DROP@ to @ALERT@. This only+-- applies to managed rule groups.+newStatefulRuleGroupOverride ::+ StatefulRuleGroupOverride+newStatefulRuleGroupOverride =+ StatefulRuleGroupOverride'+ { action =+ Prelude.Nothing+ }++-- | The action that changes the rule group from @DROP@ to @ALERT@. This only+-- applies to managed rule groups.+statefulRuleGroupOverride_action :: Lens.Lens' StatefulRuleGroupOverride (Prelude.Maybe OverrideAction)+statefulRuleGroupOverride_action = Lens.lens (\StatefulRuleGroupOverride' {action} -> action) (\s@StatefulRuleGroupOverride' {} a -> s {action = a} :: StatefulRuleGroupOverride)++instance Data.FromJSON StatefulRuleGroupOverride where+ parseJSON =+ Data.withObject+ "StatefulRuleGroupOverride"+ ( \x ->+ StatefulRuleGroupOverride'+ Prelude.<$> (x Data..:? "Action")+ )++instance Prelude.Hashable StatefulRuleGroupOverride where+ hashWithSalt _salt StatefulRuleGroupOverride' {..} =+ _salt `Prelude.hashWithSalt` action++instance Prelude.NFData StatefulRuleGroupOverride where+ rnf StatefulRuleGroupOverride' {..} =+ Prelude.rnf action++instance Data.ToJSON StatefulRuleGroupOverride where+ toJSON StatefulRuleGroupOverride' {..} =+ Data.object+ ( Prelude.catMaybes+ [("Action" Data..=) Prelude.<$> action]+ )
+ gen/Amazonka/NetworkFirewall/Types/StatefulRuleGroupReference.hs view
@@ -0,0 +1,147 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.Types.StatefulRuleGroupReference+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.Types.StatefulRuleGroupReference where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import Amazonka.NetworkFirewall.Types.StatefulRuleGroupOverride+import qualified Amazonka.Prelude as Prelude++-- | Identifier for a single stateful rule group, used in a firewall policy+-- to refer to a rule group.+--+-- /See:/ 'newStatefulRuleGroupReference' smart constructor.+data StatefulRuleGroupReference = StatefulRuleGroupReference'+ { -- | The action that allows the policy owner to override the behavior of the+ -- rule group within a policy.+ override :: Prelude.Maybe StatefulRuleGroupOverride,+ -- | An integer setting that indicates the order in which to run the stateful+ -- rule groups in a single FirewallPolicy. This setting only applies to+ -- firewall policies that specify the @STRICT_ORDER@ rule order in the+ -- stateful engine options settings.+ --+ -- Network Firewall evalutes each stateful rule group against a packet+ -- starting with the group that has the lowest priority setting. You must+ -- ensure that the priority settings are unique within each policy.+ --+ -- You can change the priority settings of your rule groups at any time. To+ -- make it easier to insert rule groups later, number them so there\'s a+ -- wide range in between, for example use 100, 200, and so on.+ priority :: Prelude.Maybe Prelude.Natural,+ -- | The Amazon Resource Name (ARN) of the stateful rule group.+ resourceArn :: Prelude.Text+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'StatefulRuleGroupReference' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'override', 'statefulRuleGroupReference_override' - The action that allows the policy owner to override the behavior of the+-- rule group within a policy.+--+-- 'priority', 'statefulRuleGroupReference_priority' - An integer setting that indicates the order in which to run the stateful+-- rule groups in a single FirewallPolicy. This setting only applies to+-- firewall policies that specify the @STRICT_ORDER@ rule order in the+-- stateful engine options settings.+--+-- Network Firewall evalutes each stateful rule group against a packet+-- starting with the group that has the lowest priority setting. You must+-- ensure that the priority settings are unique within each policy.+--+-- You can change the priority settings of your rule groups at any time. To+-- make it easier to insert rule groups later, number them so there\'s a+-- wide range in between, for example use 100, 200, and so on.+--+-- 'resourceArn', 'statefulRuleGroupReference_resourceArn' - The Amazon Resource Name (ARN) of the stateful rule group.+newStatefulRuleGroupReference ::+ -- | 'resourceArn'+ Prelude.Text ->+ StatefulRuleGroupReference+newStatefulRuleGroupReference pResourceArn_ =+ StatefulRuleGroupReference'+ { override =+ Prelude.Nothing,+ priority = Prelude.Nothing,+ resourceArn = pResourceArn_+ }++-- | The action that allows the policy owner to override the behavior of the+-- rule group within a policy.+statefulRuleGroupReference_override :: Lens.Lens' StatefulRuleGroupReference (Prelude.Maybe StatefulRuleGroupOverride)+statefulRuleGroupReference_override = Lens.lens (\StatefulRuleGroupReference' {override} -> override) (\s@StatefulRuleGroupReference' {} a -> s {override = a} :: StatefulRuleGroupReference)++-- | An integer setting that indicates the order in which to run the stateful+-- rule groups in a single FirewallPolicy. This setting only applies to+-- firewall policies that specify the @STRICT_ORDER@ rule order in the+-- stateful engine options settings.+--+-- Network Firewall evalutes each stateful rule group against a packet+-- starting with the group that has the lowest priority setting. You must+-- ensure that the priority settings are unique within each policy.+--+-- You can change the priority settings of your rule groups at any time. To+-- make it easier to insert rule groups later, number them so there\'s a+-- wide range in between, for example use 100, 200, and so on.+statefulRuleGroupReference_priority :: Lens.Lens' StatefulRuleGroupReference (Prelude.Maybe Prelude.Natural)+statefulRuleGroupReference_priority = Lens.lens (\StatefulRuleGroupReference' {priority} -> priority) (\s@StatefulRuleGroupReference' {} a -> s {priority = a} :: StatefulRuleGroupReference)++-- | The Amazon Resource Name (ARN) of the stateful rule group.+statefulRuleGroupReference_resourceArn :: Lens.Lens' StatefulRuleGroupReference Prelude.Text+statefulRuleGroupReference_resourceArn = Lens.lens (\StatefulRuleGroupReference' {resourceArn} -> resourceArn) (\s@StatefulRuleGroupReference' {} a -> s {resourceArn = a} :: StatefulRuleGroupReference)++instance Data.FromJSON StatefulRuleGroupReference where+ parseJSON =+ Data.withObject+ "StatefulRuleGroupReference"+ ( \x ->+ StatefulRuleGroupReference'+ Prelude.<$> (x Data..:? "Override")+ Prelude.<*> (x Data..:? "Priority")+ Prelude.<*> (x Data..: "ResourceArn")+ )++instance Prelude.Hashable StatefulRuleGroupReference where+ hashWithSalt _salt StatefulRuleGroupReference' {..} =+ _salt+ `Prelude.hashWithSalt` override+ `Prelude.hashWithSalt` priority+ `Prelude.hashWithSalt` resourceArn++instance Prelude.NFData StatefulRuleGroupReference where+ rnf StatefulRuleGroupReference' {..} =+ Prelude.rnf override+ `Prelude.seq` Prelude.rnf priority+ `Prelude.seq` Prelude.rnf resourceArn++instance Data.ToJSON StatefulRuleGroupReference where+ toJSON StatefulRuleGroupReference' {..} =+ Data.object+ ( Prelude.catMaybes+ [ ("Override" Data..=) Prelude.<$> override,+ ("Priority" Data..=) Prelude.<$> priority,+ Prelude.Just ("ResourceArn" Data..= resourceArn)+ ]+ )
+ gen/Amazonka/NetworkFirewall/Types/StatefulRuleOptions.hs view
@@ -0,0 +1,95 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.Types.StatefulRuleOptions+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.Types.StatefulRuleOptions where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import Amazonka.NetworkFirewall.Types.RuleOrder+import qualified Amazonka.Prelude as Prelude++-- | Additional options governing how Network Firewall handles the rule+-- group. You can only use these for stateful rule groups.+--+-- /See:/ 'newStatefulRuleOptions' smart constructor.+data StatefulRuleOptions = StatefulRuleOptions'+ { -- | Indicates how to manage the order of the rule evaluation for the rule+ -- group. @DEFAULT_ACTION_ORDER@ is the default behavior. Stateful rules+ -- are provided to the rule engine as Suricata compatible strings, and+ -- Suricata evaluates them based on certain settings. For more information,+ -- see+ -- <https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-rule-evaluation-order.html Evaluation order for stateful rules>+ -- in the /Network Firewall Developer Guide/.+ ruleOrder :: Prelude.Maybe RuleOrder+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'StatefulRuleOptions' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'ruleOrder', 'statefulRuleOptions_ruleOrder' - Indicates how to manage the order of the rule evaluation for the rule+-- group. @DEFAULT_ACTION_ORDER@ is the default behavior. Stateful rules+-- are provided to the rule engine as Suricata compatible strings, and+-- Suricata evaluates them based on certain settings. For more information,+-- see+-- <https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-rule-evaluation-order.html Evaluation order for stateful rules>+-- in the /Network Firewall Developer Guide/.+newStatefulRuleOptions ::+ StatefulRuleOptions+newStatefulRuleOptions =+ StatefulRuleOptions' {ruleOrder = Prelude.Nothing}++-- | Indicates how to manage the order of the rule evaluation for the rule+-- group. @DEFAULT_ACTION_ORDER@ is the default behavior. Stateful rules+-- are provided to the rule engine as Suricata compatible strings, and+-- Suricata evaluates them based on certain settings. For more information,+-- see+-- <https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-rule-evaluation-order.html Evaluation order for stateful rules>+-- in the /Network Firewall Developer Guide/.+statefulRuleOptions_ruleOrder :: Lens.Lens' StatefulRuleOptions (Prelude.Maybe RuleOrder)+statefulRuleOptions_ruleOrder = Lens.lens (\StatefulRuleOptions' {ruleOrder} -> ruleOrder) (\s@StatefulRuleOptions' {} a -> s {ruleOrder = a} :: StatefulRuleOptions)++instance Data.FromJSON StatefulRuleOptions where+ parseJSON =+ Data.withObject+ "StatefulRuleOptions"+ ( \x ->+ StatefulRuleOptions'+ Prelude.<$> (x Data..:? "RuleOrder")+ )++instance Prelude.Hashable StatefulRuleOptions where+ hashWithSalt _salt StatefulRuleOptions' {..} =+ _salt `Prelude.hashWithSalt` ruleOrder++instance Prelude.NFData StatefulRuleOptions where+ rnf StatefulRuleOptions' {..} = Prelude.rnf ruleOrder++instance Data.ToJSON StatefulRuleOptions where+ toJSON StatefulRuleOptions' {..} =+ Data.object+ ( Prelude.catMaybes+ [("RuleOrder" Data..=) Prelude.<$> ruleOrder]+ )
+ gen/Amazonka/NetworkFirewall/Types/StatefulRuleProtocol.hs view
@@ -0,0 +1,156 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DerivingStrategies #-}+{-# LANGUAGE GeneralizedNewtypeDeriving #-}+{-# LANGUAGE LambdaCase #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE PatternSynonyms #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.Types.StatefulRuleProtocol+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.Types.StatefulRuleProtocol+ ( StatefulRuleProtocol+ ( ..,+ StatefulRuleProtocol_DCERPC,+ StatefulRuleProtocol_DHCP,+ StatefulRuleProtocol_DNS,+ StatefulRuleProtocol_FTP,+ StatefulRuleProtocol_HTTP,+ StatefulRuleProtocol_ICMP,+ StatefulRuleProtocol_IKEV2,+ StatefulRuleProtocol_IMAP,+ StatefulRuleProtocol_IP,+ StatefulRuleProtocol_KRB5,+ StatefulRuleProtocol_MSN,+ StatefulRuleProtocol_NTP,+ StatefulRuleProtocol_SMB,+ StatefulRuleProtocol_SMTP,+ StatefulRuleProtocol_SSH,+ StatefulRuleProtocol_TCP,+ StatefulRuleProtocol_TFTP,+ StatefulRuleProtocol_TLS,+ StatefulRuleProtocol_UDP+ ),+ )+where++import qualified Amazonka.Core as Core+import qualified Amazonka.Data as Data+import qualified Amazonka.Prelude as Prelude++newtype StatefulRuleProtocol = StatefulRuleProtocol'+ { fromStatefulRuleProtocol ::+ Data.Text+ }+ deriving stock+ ( Prelude.Show,+ Prelude.Read,+ Prelude.Eq,+ Prelude.Ord,+ Prelude.Generic+ )+ deriving newtype+ ( Prelude.Hashable,+ Prelude.NFData,+ Data.FromText,+ Data.ToText,+ Data.ToByteString,+ Data.ToLog,+ Data.ToHeader,+ Data.ToQuery,+ Data.FromJSON,+ Data.FromJSONKey,+ Data.ToJSON,+ Data.ToJSONKey,+ Data.FromXML,+ Data.ToXML+ )++pattern StatefulRuleProtocol_DCERPC :: StatefulRuleProtocol+pattern StatefulRuleProtocol_DCERPC = StatefulRuleProtocol' "DCERPC"++pattern StatefulRuleProtocol_DHCP :: StatefulRuleProtocol+pattern StatefulRuleProtocol_DHCP = StatefulRuleProtocol' "DHCP"++pattern StatefulRuleProtocol_DNS :: StatefulRuleProtocol+pattern StatefulRuleProtocol_DNS = StatefulRuleProtocol' "DNS"++pattern StatefulRuleProtocol_FTP :: StatefulRuleProtocol+pattern StatefulRuleProtocol_FTP = StatefulRuleProtocol' "FTP"++pattern StatefulRuleProtocol_HTTP :: StatefulRuleProtocol+pattern StatefulRuleProtocol_HTTP = StatefulRuleProtocol' "HTTP"++pattern StatefulRuleProtocol_ICMP :: StatefulRuleProtocol+pattern StatefulRuleProtocol_ICMP = StatefulRuleProtocol' "ICMP"++pattern StatefulRuleProtocol_IKEV2 :: StatefulRuleProtocol+pattern StatefulRuleProtocol_IKEV2 = StatefulRuleProtocol' "IKEV2"++pattern StatefulRuleProtocol_IMAP :: StatefulRuleProtocol+pattern StatefulRuleProtocol_IMAP = StatefulRuleProtocol' "IMAP"++pattern StatefulRuleProtocol_IP :: StatefulRuleProtocol+pattern StatefulRuleProtocol_IP = StatefulRuleProtocol' "IP"++pattern StatefulRuleProtocol_KRB5 :: StatefulRuleProtocol+pattern StatefulRuleProtocol_KRB5 = StatefulRuleProtocol' "KRB5"++pattern StatefulRuleProtocol_MSN :: StatefulRuleProtocol+pattern StatefulRuleProtocol_MSN = StatefulRuleProtocol' "MSN"++pattern StatefulRuleProtocol_NTP :: StatefulRuleProtocol+pattern StatefulRuleProtocol_NTP = StatefulRuleProtocol' "NTP"++pattern StatefulRuleProtocol_SMB :: StatefulRuleProtocol+pattern StatefulRuleProtocol_SMB = StatefulRuleProtocol' "SMB"++pattern StatefulRuleProtocol_SMTP :: StatefulRuleProtocol+pattern StatefulRuleProtocol_SMTP = StatefulRuleProtocol' "SMTP"++pattern StatefulRuleProtocol_SSH :: StatefulRuleProtocol+pattern StatefulRuleProtocol_SSH = StatefulRuleProtocol' "SSH"++pattern StatefulRuleProtocol_TCP :: StatefulRuleProtocol+pattern StatefulRuleProtocol_TCP = StatefulRuleProtocol' "TCP"++pattern StatefulRuleProtocol_TFTP :: StatefulRuleProtocol+pattern StatefulRuleProtocol_TFTP = StatefulRuleProtocol' "TFTP"++pattern StatefulRuleProtocol_TLS :: StatefulRuleProtocol+pattern StatefulRuleProtocol_TLS = StatefulRuleProtocol' "TLS"++pattern StatefulRuleProtocol_UDP :: StatefulRuleProtocol+pattern StatefulRuleProtocol_UDP = StatefulRuleProtocol' "UDP"++{-# COMPLETE+ StatefulRuleProtocol_DCERPC,+ StatefulRuleProtocol_DHCP,+ StatefulRuleProtocol_DNS,+ StatefulRuleProtocol_FTP,+ StatefulRuleProtocol_HTTP,+ StatefulRuleProtocol_ICMP,+ StatefulRuleProtocol_IKEV2,+ StatefulRuleProtocol_IMAP,+ StatefulRuleProtocol_IP,+ StatefulRuleProtocol_KRB5,+ StatefulRuleProtocol_MSN,+ StatefulRuleProtocol_NTP,+ StatefulRuleProtocol_SMB,+ StatefulRuleProtocol_SMTP,+ StatefulRuleProtocol_SSH,+ StatefulRuleProtocol_TCP,+ StatefulRuleProtocol_TFTP,+ StatefulRuleProtocol_TLS,+ StatefulRuleProtocol_UDP,+ StatefulRuleProtocol'+ #-}
+ gen/Amazonka/NetworkFirewall/Types/StatelessRule.hs view
@@ -0,0 +1,147 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.Types.StatelessRule+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.Types.StatelessRule where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import Amazonka.NetworkFirewall.Types.RuleDefinition+import qualified Amazonka.Prelude as Prelude++-- | A single stateless rule. This is used in StatelessRulesAndCustomActions.+--+-- /See:/ 'newStatelessRule' smart constructor.+data StatelessRule = StatelessRule'+ { -- | Defines the stateless 5-tuple packet inspection criteria and the action+ -- to take on a packet that matches the criteria.+ ruleDefinition :: RuleDefinition,+ -- | Indicates the order in which to run this rule relative to all of the+ -- rules that are defined for a stateless rule group. Network Firewall+ -- evaluates the rules in a rule group starting with the lowest priority+ -- setting. You must ensure that the priority settings are unique for the+ -- rule group.+ --+ -- Each stateless rule group uses exactly one+ -- @StatelessRulesAndCustomActions@ object, and each+ -- @StatelessRulesAndCustomActions@ contains exactly one @StatelessRules@+ -- object. To ensure unique priority settings for your rule groups, set+ -- unique priorities for the stateless rules that you define inside any+ -- single @StatelessRules@ object.+ --+ -- You can change the priority settings of your rules at any time. To make+ -- it easier to insert rules later, number them so there\'s a wide range in+ -- between, for example use 100, 200, and so on.+ priority :: Prelude.Natural+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'StatelessRule' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'ruleDefinition', 'statelessRule_ruleDefinition' - Defines the stateless 5-tuple packet inspection criteria and the action+-- to take on a packet that matches the criteria.+--+-- 'priority', 'statelessRule_priority' - Indicates the order in which to run this rule relative to all of the+-- rules that are defined for a stateless rule group. Network Firewall+-- evaluates the rules in a rule group starting with the lowest priority+-- setting. You must ensure that the priority settings are unique for the+-- rule group.+--+-- Each stateless rule group uses exactly one+-- @StatelessRulesAndCustomActions@ object, and each+-- @StatelessRulesAndCustomActions@ contains exactly one @StatelessRules@+-- object. To ensure unique priority settings for your rule groups, set+-- unique priorities for the stateless rules that you define inside any+-- single @StatelessRules@ object.+--+-- You can change the priority settings of your rules at any time. To make+-- it easier to insert rules later, number them so there\'s a wide range in+-- between, for example use 100, 200, and so on.+newStatelessRule ::+ -- | 'ruleDefinition'+ RuleDefinition ->+ -- | 'priority'+ Prelude.Natural ->+ StatelessRule+newStatelessRule pRuleDefinition_ pPriority_ =+ StatelessRule'+ { ruleDefinition = pRuleDefinition_,+ priority = pPriority_+ }++-- | Defines the stateless 5-tuple packet inspection criteria and the action+-- to take on a packet that matches the criteria.+statelessRule_ruleDefinition :: Lens.Lens' StatelessRule RuleDefinition+statelessRule_ruleDefinition = Lens.lens (\StatelessRule' {ruleDefinition} -> ruleDefinition) (\s@StatelessRule' {} a -> s {ruleDefinition = a} :: StatelessRule)++-- | Indicates the order in which to run this rule relative to all of the+-- rules that are defined for a stateless rule group. Network Firewall+-- evaluates the rules in a rule group starting with the lowest priority+-- setting. You must ensure that the priority settings are unique for the+-- rule group.+--+-- Each stateless rule group uses exactly one+-- @StatelessRulesAndCustomActions@ object, and each+-- @StatelessRulesAndCustomActions@ contains exactly one @StatelessRules@+-- object. To ensure unique priority settings for your rule groups, set+-- unique priorities for the stateless rules that you define inside any+-- single @StatelessRules@ object.+--+-- You can change the priority settings of your rules at any time. To make+-- it easier to insert rules later, number them so there\'s a wide range in+-- between, for example use 100, 200, and so on.+statelessRule_priority :: Lens.Lens' StatelessRule Prelude.Natural+statelessRule_priority = Lens.lens (\StatelessRule' {priority} -> priority) (\s@StatelessRule' {} a -> s {priority = a} :: StatelessRule)++instance Data.FromJSON StatelessRule where+ parseJSON =+ Data.withObject+ "StatelessRule"+ ( \x ->+ StatelessRule'+ Prelude.<$> (x Data..: "RuleDefinition")+ Prelude.<*> (x Data..: "Priority")+ )++instance Prelude.Hashable StatelessRule where+ hashWithSalt _salt StatelessRule' {..} =+ _salt+ `Prelude.hashWithSalt` ruleDefinition+ `Prelude.hashWithSalt` priority++instance Prelude.NFData StatelessRule where+ rnf StatelessRule' {..} =+ Prelude.rnf ruleDefinition+ `Prelude.seq` Prelude.rnf priority++instance Data.ToJSON StatelessRule where+ toJSON StatelessRule' {..} =+ Data.object+ ( Prelude.catMaybes+ [ Prelude.Just+ ("RuleDefinition" Data..= ruleDefinition),+ Prelude.Just ("Priority" Data..= priority)+ ]+ )
+ gen/Amazonka/NetworkFirewall/Types/StatelessRuleGroupReference.hs view
@@ -0,0 +1,113 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.Types.StatelessRuleGroupReference+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.Types.StatelessRuleGroupReference where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import qualified Amazonka.Prelude as Prelude++-- | Identifier for a single stateless rule group, used in a firewall policy+-- to refer to the rule group.+--+-- /See:/ 'newStatelessRuleGroupReference' smart constructor.+data StatelessRuleGroupReference = StatelessRuleGroupReference'+ { -- | The Amazon Resource Name (ARN) of the stateless rule group.+ resourceArn :: Prelude.Text,+ -- | An integer setting that indicates the order in which to run the+ -- stateless rule groups in a single FirewallPolicy. Network Firewall+ -- applies each stateless rule group to a packet starting with the group+ -- that has the lowest priority setting. You must ensure that the priority+ -- settings are unique within each policy.+ priority :: Prelude.Natural+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'StatelessRuleGroupReference' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'resourceArn', 'statelessRuleGroupReference_resourceArn' - The Amazon Resource Name (ARN) of the stateless rule group.+--+-- 'priority', 'statelessRuleGroupReference_priority' - An integer setting that indicates the order in which to run the+-- stateless rule groups in a single FirewallPolicy. Network Firewall+-- applies each stateless rule group to a packet starting with the group+-- that has the lowest priority setting. You must ensure that the priority+-- settings are unique within each policy.+newStatelessRuleGroupReference ::+ -- | 'resourceArn'+ Prelude.Text ->+ -- | 'priority'+ Prelude.Natural ->+ StatelessRuleGroupReference+newStatelessRuleGroupReference+ pResourceArn_+ pPriority_ =+ StatelessRuleGroupReference'+ { resourceArn =+ pResourceArn_,+ priority = pPriority_+ }++-- | The Amazon Resource Name (ARN) of the stateless rule group.+statelessRuleGroupReference_resourceArn :: Lens.Lens' StatelessRuleGroupReference Prelude.Text+statelessRuleGroupReference_resourceArn = Lens.lens (\StatelessRuleGroupReference' {resourceArn} -> resourceArn) (\s@StatelessRuleGroupReference' {} a -> s {resourceArn = a} :: StatelessRuleGroupReference)++-- | An integer setting that indicates the order in which to run the+-- stateless rule groups in a single FirewallPolicy. Network Firewall+-- applies each stateless rule group to a packet starting with the group+-- that has the lowest priority setting. You must ensure that the priority+-- settings are unique within each policy.+statelessRuleGroupReference_priority :: Lens.Lens' StatelessRuleGroupReference Prelude.Natural+statelessRuleGroupReference_priority = Lens.lens (\StatelessRuleGroupReference' {priority} -> priority) (\s@StatelessRuleGroupReference' {} a -> s {priority = a} :: StatelessRuleGroupReference)++instance Data.FromJSON StatelessRuleGroupReference where+ parseJSON =+ Data.withObject+ "StatelessRuleGroupReference"+ ( \x ->+ StatelessRuleGroupReference'+ Prelude.<$> (x Data..: "ResourceArn")+ Prelude.<*> (x Data..: "Priority")+ )++instance Prelude.Hashable StatelessRuleGroupReference where+ hashWithSalt _salt StatelessRuleGroupReference' {..} =+ _salt+ `Prelude.hashWithSalt` resourceArn+ `Prelude.hashWithSalt` priority++instance Prelude.NFData StatelessRuleGroupReference where+ rnf StatelessRuleGroupReference' {..} =+ Prelude.rnf resourceArn+ `Prelude.seq` Prelude.rnf priority++instance Data.ToJSON StatelessRuleGroupReference where+ toJSON StatelessRuleGroupReference' {..} =+ Data.object+ ( Prelude.catMaybes+ [ Prelude.Just ("ResourceArn" Data..= resourceArn),+ Prelude.Just ("Priority" Data..= priority)+ ]+ )
+ gen/Amazonka/NetworkFirewall/Types/StatelessRulesAndCustomActions.hs view
@@ -0,0 +1,121 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.Types.StatelessRulesAndCustomActions+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.Types.StatelessRulesAndCustomActions where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import Amazonka.NetworkFirewall.Types.CustomAction+import Amazonka.NetworkFirewall.Types.StatelessRule+import qualified Amazonka.Prelude as Prelude++-- | Stateless inspection criteria. Each stateless rule group uses exactly+-- one of these data types to define its stateless rules.+--+-- /See:/ 'newStatelessRulesAndCustomActions' smart constructor.+data StatelessRulesAndCustomActions = StatelessRulesAndCustomActions'+ { -- | Defines an array of individual custom action definitions that are+ -- available for use by the stateless rules in this+ -- @StatelessRulesAndCustomActions@ specification. You name each custom+ -- action that you define, and then you can use it by name in your+ -- StatelessRule RuleDefinition @Actions@ specification.+ customActions :: Prelude.Maybe [CustomAction],+ -- | Defines the set of stateless rules for use in a stateless rule group.+ statelessRules :: [StatelessRule]+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'StatelessRulesAndCustomActions' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'customActions', 'statelessRulesAndCustomActions_customActions' - Defines an array of individual custom action definitions that are+-- available for use by the stateless rules in this+-- @StatelessRulesAndCustomActions@ specification. You name each custom+-- action that you define, and then you can use it by name in your+-- StatelessRule RuleDefinition @Actions@ specification.+--+-- 'statelessRules', 'statelessRulesAndCustomActions_statelessRules' - Defines the set of stateless rules for use in a stateless rule group.+newStatelessRulesAndCustomActions ::+ StatelessRulesAndCustomActions+newStatelessRulesAndCustomActions =+ StatelessRulesAndCustomActions'+ { customActions =+ Prelude.Nothing,+ statelessRules = Prelude.mempty+ }++-- | Defines an array of individual custom action definitions that are+-- available for use by the stateless rules in this+-- @StatelessRulesAndCustomActions@ specification. You name each custom+-- action that you define, and then you can use it by name in your+-- StatelessRule RuleDefinition @Actions@ specification.+statelessRulesAndCustomActions_customActions :: Lens.Lens' StatelessRulesAndCustomActions (Prelude.Maybe [CustomAction])+statelessRulesAndCustomActions_customActions = Lens.lens (\StatelessRulesAndCustomActions' {customActions} -> customActions) (\s@StatelessRulesAndCustomActions' {} a -> s {customActions = a} :: StatelessRulesAndCustomActions) Prelude.. Lens.mapping Lens.coerced++-- | Defines the set of stateless rules for use in a stateless rule group.+statelessRulesAndCustomActions_statelessRules :: Lens.Lens' StatelessRulesAndCustomActions [StatelessRule]+statelessRulesAndCustomActions_statelessRules = Lens.lens (\StatelessRulesAndCustomActions' {statelessRules} -> statelessRules) (\s@StatelessRulesAndCustomActions' {} a -> s {statelessRules = a} :: StatelessRulesAndCustomActions) Prelude.. Lens.coerced++instance Data.FromJSON StatelessRulesAndCustomActions where+ parseJSON =+ Data.withObject+ "StatelessRulesAndCustomActions"+ ( \x ->+ StatelessRulesAndCustomActions'+ Prelude.<$> (x Data..:? "CustomActions" Data..!= Prelude.mempty)+ Prelude.<*> ( x+ Data..:? "StatelessRules"+ Data..!= Prelude.mempty+ )+ )++instance+ Prelude.Hashable+ StatelessRulesAndCustomActions+ where+ hashWithSalt+ _salt+ StatelessRulesAndCustomActions' {..} =+ _salt+ `Prelude.hashWithSalt` customActions+ `Prelude.hashWithSalt` statelessRules++instance+ Prelude.NFData+ StatelessRulesAndCustomActions+ where+ rnf StatelessRulesAndCustomActions' {..} =+ Prelude.rnf customActions+ `Prelude.seq` Prelude.rnf statelessRules++instance Data.ToJSON StatelessRulesAndCustomActions where+ toJSON StatelessRulesAndCustomActions' {..} =+ Data.object+ ( Prelude.catMaybes+ [ ("CustomActions" Data..=) Prelude.<$> customActions,+ Prelude.Just+ ("StatelessRules" Data..= statelessRules)+ ]+ )
+ gen/Amazonka/NetworkFirewall/Types/StreamExceptionPolicy.hs view
@@ -0,0 +1,71 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DerivingStrategies #-}+{-# LANGUAGE GeneralizedNewtypeDeriving #-}+{-# LANGUAGE LambdaCase #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE PatternSynonyms #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.Types.StreamExceptionPolicy+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.Types.StreamExceptionPolicy+ ( StreamExceptionPolicy+ ( ..,+ StreamExceptionPolicy_CONTINUE,+ StreamExceptionPolicy_DROP+ ),+ )+where++import qualified Amazonka.Core as Core+import qualified Amazonka.Data as Data+import qualified Amazonka.Prelude as Prelude++newtype StreamExceptionPolicy = StreamExceptionPolicy'+ { fromStreamExceptionPolicy ::+ Data.Text+ }+ deriving stock+ ( Prelude.Show,+ Prelude.Read,+ Prelude.Eq,+ Prelude.Ord,+ Prelude.Generic+ )+ deriving newtype+ ( Prelude.Hashable,+ Prelude.NFData,+ Data.FromText,+ Data.ToText,+ Data.ToByteString,+ Data.ToLog,+ Data.ToHeader,+ Data.ToQuery,+ Data.FromJSON,+ Data.FromJSONKey,+ Data.ToJSON,+ Data.ToJSONKey,+ Data.FromXML,+ Data.ToXML+ )++pattern StreamExceptionPolicy_CONTINUE :: StreamExceptionPolicy+pattern StreamExceptionPolicy_CONTINUE = StreamExceptionPolicy' "CONTINUE"++pattern StreamExceptionPolicy_DROP :: StreamExceptionPolicy+pattern StreamExceptionPolicy_DROP = StreamExceptionPolicy' "DROP"++{-# COMPLETE+ StreamExceptionPolicy_CONTINUE,+ StreamExceptionPolicy_DROP,+ StreamExceptionPolicy'+ #-}
+ gen/Amazonka/NetworkFirewall/Types/SubnetMapping.hs view
@@ -0,0 +1,79 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.Types.SubnetMapping+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.Types.SubnetMapping where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import qualified Amazonka.Prelude as Prelude++-- | The ID for a subnet that you want to associate with the firewall. This+-- is used with CreateFirewall and AssociateSubnets. Network Firewall+-- creates an instance of the associated firewall in each subnet that you+-- specify, to filter traffic in the subnet\'s Availability Zone.+--+-- /See:/ 'newSubnetMapping' smart constructor.+data SubnetMapping = SubnetMapping'+ { -- | The unique identifier for the subnet.+ subnetId :: Prelude.Text+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'SubnetMapping' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'subnetId', 'subnetMapping_subnetId' - The unique identifier for the subnet.+newSubnetMapping ::+ -- | 'subnetId'+ Prelude.Text ->+ SubnetMapping+newSubnetMapping pSubnetId_ =+ SubnetMapping' {subnetId = pSubnetId_}++-- | The unique identifier for the subnet.+subnetMapping_subnetId :: Lens.Lens' SubnetMapping Prelude.Text+subnetMapping_subnetId = Lens.lens (\SubnetMapping' {subnetId} -> subnetId) (\s@SubnetMapping' {} a -> s {subnetId = a} :: SubnetMapping)++instance Data.FromJSON SubnetMapping where+ parseJSON =+ Data.withObject+ "SubnetMapping"+ ( \x ->+ SubnetMapping' Prelude.<$> (x Data..: "SubnetId")+ )++instance Prelude.Hashable SubnetMapping where+ hashWithSalt _salt SubnetMapping' {..} =+ _salt `Prelude.hashWithSalt` subnetId++instance Prelude.NFData SubnetMapping where+ rnf SubnetMapping' {..} = Prelude.rnf subnetId++instance Data.ToJSON SubnetMapping where+ toJSON SubnetMapping' {..} =+ Data.object+ ( Prelude.catMaybes+ [Prelude.Just ("SubnetId" Data..= subnetId)]+ )
+ gen/Amazonka/NetworkFirewall/Types/SyncState.hs view
@@ -0,0 +1,124 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.Types.SyncState+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.Types.SyncState where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import Amazonka.NetworkFirewall.Types.Attachment+import Amazonka.NetworkFirewall.Types.PerObjectStatus+import qualified Amazonka.Prelude as Prelude++-- | The status of the firewall endpoint and firewall policy configuration+-- for a single VPC subnet.+--+-- For each VPC subnet that you associate with a firewall, Network Firewall+-- does the following:+--+-- - Instantiates a firewall endpoint in the subnet, ready to take+-- traffic.+--+-- - Configures the endpoint with the current firewall policy settings,+-- to provide the filtering behavior for the endpoint.+--+-- When you update a firewall, for example to add a subnet association or+-- change a rule group in the firewall policy, the affected sync states+-- reflect out-of-sync or not ready status until the changes are complete.+--+-- /See:/ 'newSyncState' smart constructor.+data SyncState = SyncState'+ { -- | The attachment status of the firewall\'s association with a single VPC+ -- subnet. For each configured subnet, Network Firewall creates the+ -- attachment by instantiating the firewall endpoint in the subnet so that+ -- it\'s ready to take traffic. This is part of the FirewallStatus.+ attachment :: Prelude.Maybe Attachment,+ -- | The configuration status of the firewall endpoint in a single VPC+ -- subnet. Network Firewall provides each endpoint with the rules that are+ -- configured in the firewall policy. Each time you add a subnet or modify+ -- the associated firewall policy, Network Firewall synchronizes the rules+ -- in the endpoint, so it can properly filter network traffic. This is part+ -- of the FirewallStatus.+ config :: Prelude.Maybe (Prelude.HashMap Prelude.Text PerObjectStatus)+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'SyncState' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'attachment', 'syncState_attachment' - The attachment status of the firewall\'s association with a single VPC+-- subnet. For each configured subnet, Network Firewall creates the+-- attachment by instantiating the firewall endpoint in the subnet so that+-- it\'s ready to take traffic. This is part of the FirewallStatus.+--+-- 'config', 'syncState_config' - The configuration status of the firewall endpoint in a single VPC+-- subnet. Network Firewall provides each endpoint with the rules that are+-- configured in the firewall policy. Each time you add a subnet or modify+-- the associated firewall policy, Network Firewall synchronizes the rules+-- in the endpoint, so it can properly filter network traffic. This is part+-- of the FirewallStatus.+newSyncState ::+ SyncState+newSyncState =+ SyncState'+ { attachment = Prelude.Nothing,+ config = Prelude.Nothing+ }++-- | The attachment status of the firewall\'s association with a single VPC+-- subnet. For each configured subnet, Network Firewall creates the+-- attachment by instantiating the firewall endpoint in the subnet so that+-- it\'s ready to take traffic. This is part of the FirewallStatus.+syncState_attachment :: Lens.Lens' SyncState (Prelude.Maybe Attachment)+syncState_attachment = Lens.lens (\SyncState' {attachment} -> attachment) (\s@SyncState' {} a -> s {attachment = a} :: SyncState)++-- | The configuration status of the firewall endpoint in a single VPC+-- subnet. Network Firewall provides each endpoint with the rules that are+-- configured in the firewall policy. Each time you add a subnet or modify+-- the associated firewall policy, Network Firewall synchronizes the rules+-- in the endpoint, so it can properly filter network traffic. This is part+-- of the FirewallStatus.+syncState_config :: Lens.Lens' SyncState (Prelude.Maybe (Prelude.HashMap Prelude.Text PerObjectStatus))+syncState_config = Lens.lens (\SyncState' {config} -> config) (\s@SyncState' {} a -> s {config = a} :: SyncState) Prelude.. Lens.mapping Lens.coerced++instance Data.FromJSON SyncState where+ parseJSON =+ Data.withObject+ "SyncState"+ ( \x ->+ SyncState'+ Prelude.<$> (x Data..:? "Attachment")+ Prelude.<*> (x Data..:? "Config" Data..!= Prelude.mempty)+ )++instance Prelude.Hashable SyncState where+ hashWithSalt _salt SyncState' {..} =+ _salt+ `Prelude.hashWithSalt` attachment+ `Prelude.hashWithSalt` config++instance Prelude.NFData SyncState where+ rnf SyncState' {..} =+ Prelude.rnf attachment+ `Prelude.seq` Prelude.rnf config
+ gen/Amazonka/NetworkFirewall/Types/TCPFlag.hs view
@@ -0,0 +1,98 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DerivingStrategies #-}+{-# LANGUAGE GeneralizedNewtypeDeriving #-}+{-# LANGUAGE LambdaCase #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE PatternSynonyms #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.Types.TCPFlag+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.Types.TCPFlag+ ( TCPFlag+ ( ..,+ TCPFlag_ACK,+ TCPFlag_CWR,+ TCPFlag_ECE,+ TCPFlag_FIN,+ TCPFlag_PSH,+ TCPFlag_RST,+ TCPFlag_SYN,+ TCPFlag_URG+ ),+ )+where++import qualified Amazonka.Core as Core+import qualified Amazonka.Data as Data+import qualified Amazonka.Prelude as Prelude++newtype TCPFlag = TCPFlag' {fromTCPFlag :: Data.Text}+ deriving stock+ ( Prelude.Show,+ Prelude.Read,+ Prelude.Eq,+ Prelude.Ord,+ Prelude.Generic+ )+ deriving newtype+ ( Prelude.Hashable,+ Prelude.NFData,+ Data.FromText,+ Data.ToText,+ Data.ToByteString,+ Data.ToLog,+ Data.ToHeader,+ Data.ToQuery,+ Data.FromJSON,+ Data.FromJSONKey,+ Data.ToJSON,+ Data.ToJSONKey,+ Data.FromXML,+ Data.ToXML+ )++pattern TCPFlag_ACK :: TCPFlag+pattern TCPFlag_ACK = TCPFlag' "ACK"++pattern TCPFlag_CWR :: TCPFlag+pattern TCPFlag_CWR = TCPFlag' "CWR"++pattern TCPFlag_ECE :: TCPFlag+pattern TCPFlag_ECE = TCPFlag' "ECE"++pattern TCPFlag_FIN :: TCPFlag+pattern TCPFlag_FIN = TCPFlag' "FIN"++pattern TCPFlag_PSH :: TCPFlag+pattern TCPFlag_PSH = TCPFlag' "PSH"++pattern TCPFlag_RST :: TCPFlag+pattern TCPFlag_RST = TCPFlag' "RST"++pattern TCPFlag_SYN :: TCPFlag+pattern TCPFlag_SYN = TCPFlag' "SYN"++pattern TCPFlag_URG :: TCPFlag+pattern TCPFlag_URG = TCPFlag' "URG"++{-# COMPLETE+ TCPFlag_ACK,+ TCPFlag_CWR,+ TCPFlag_ECE,+ TCPFlag_FIN,+ TCPFlag_PSH,+ TCPFlag_RST,+ TCPFlag_SYN,+ TCPFlag_URG,+ TCPFlag'+ #-}
+ gen/Amazonka/NetworkFirewall/Types/TCPFlagField.hs view
@@ -0,0 +1,133 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.Types.TCPFlagField+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.Types.TCPFlagField where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import Amazonka.NetworkFirewall.Types.TCPFlag+import qualified Amazonka.Prelude as Prelude++-- | TCP flags and masks to inspect packets for, used in stateless rules+-- MatchAttributes settings.+--+-- /See:/ 'newTCPFlagField' smart constructor.+data TCPFlagField = TCPFlagField'+ { -- | The set of flags to consider in the inspection. To inspect all flags in+ -- the valid values list, leave this with no setting.+ masks :: Prelude.Maybe [TCPFlag],+ -- | Used in conjunction with the @Masks@ setting to define the flags that+ -- must be set and flags that must not be set in order for the packet to+ -- match. This setting can only specify values that are also specified in+ -- the @Masks@ setting.+ --+ -- For the flags that are specified in the masks setting, the following+ -- must be true for the packet to match:+ --+ -- - The ones that are set in this flags setting must be set in the+ -- packet.+ --+ -- - The ones that are not set in this flags setting must also not be set+ -- in the packet.+ flags :: [TCPFlag]+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'TCPFlagField' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'masks', 'tCPFlagField_masks' - The set of flags to consider in the inspection. To inspect all flags in+-- the valid values list, leave this with no setting.+--+-- 'flags', 'tCPFlagField_flags' - Used in conjunction with the @Masks@ setting to define the flags that+-- must be set and flags that must not be set in order for the packet to+-- match. This setting can only specify values that are also specified in+-- the @Masks@ setting.+--+-- For the flags that are specified in the masks setting, the following+-- must be true for the packet to match:+--+-- - The ones that are set in this flags setting must be set in the+-- packet.+--+-- - The ones that are not set in this flags setting must also not be set+-- in the packet.+newTCPFlagField ::+ TCPFlagField+newTCPFlagField =+ TCPFlagField'+ { masks = Prelude.Nothing,+ flags = Prelude.mempty+ }++-- | The set of flags to consider in the inspection. To inspect all flags in+-- the valid values list, leave this with no setting.+tCPFlagField_masks :: Lens.Lens' TCPFlagField (Prelude.Maybe [TCPFlag])+tCPFlagField_masks = Lens.lens (\TCPFlagField' {masks} -> masks) (\s@TCPFlagField' {} a -> s {masks = a} :: TCPFlagField) Prelude.. Lens.mapping Lens.coerced++-- | Used in conjunction with the @Masks@ setting to define the flags that+-- must be set and flags that must not be set in order for the packet to+-- match. This setting can only specify values that are also specified in+-- the @Masks@ setting.+--+-- For the flags that are specified in the masks setting, the following+-- must be true for the packet to match:+--+-- - The ones that are set in this flags setting must be set in the+-- packet.+--+-- - The ones that are not set in this flags setting must also not be set+-- in the packet.+tCPFlagField_flags :: Lens.Lens' TCPFlagField [TCPFlag]+tCPFlagField_flags = Lens.lens (\TCPFlagField' {flags} -> flags) (\s@TCPFlagField' {} a -> s {flags = a} :: TCPFlagField) Prelude.. Lens.coerced++instance Data.FromJSON TCPFlagField where+ parseJSON =+ Data.withObject+ "TCPFlagField"+ ( \x ->+ TCPFlagField'+ Prelude.<$> (x Data..:? "Masks" Data..!= Prelude.mempty)+ Prelude.<*> (x Data..:? "Flags" Data..!= Prelude.mempty)+ )++instance Prelude.Hashable TCPFlagField where+ hashWithSalt _salt TCPFlagField' {..} =+ _salt+ `Prelude.hashWithSalt` masks+ `Prelude.hashWithSalt` flags++instance Prelude.NFData TCPFlagField where+ rnf TCPFlagField' {..} =+ Prelude.rnf masks `Prelude.seq` Prelude.rnf flags++instance Data.ToJSON TCPFlagField where+ toJSON TCPFlagField' {..} =+ Data.object+ ( Prelude.catMaybes+ [ ("Masks" Data..=) Prelude.<$> masks,+ Prelude.Just ("Flags" Data..= flags)+ ]+ )
+ gen/Amazonka/NetworkFirewall/Types/Tag.hs view
@@ -0,0 +1,110 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.Types.Tag+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.Types.Tag where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import qualified Amazonka.Prelude as Prelude++-- | A key:value pair associated with an Amazon Web Services resource. The+-- key:value pair can be anything you define. Typically, the tag key+-- represents a category (such as \"environment\") and the tag value+-- represents a specific value within that category (such as \"test,\"+-- \"development,\" or \"production\"). You can add up to 50 tags to each+-- Amazon Web Services resource.+--+-- /See:/ 'newTag' smart constructor.+data Tag = Tag'+ { -- | The part of the key:value pair that defines a tag. You can use a tag key+ -- to describe a category of information, such as \"customer.\" Tag keys+ -- are case-sensitive.+ key :: Prelude.Text,+ -- | The part of the key:value pair that defines a tag. You can use a tag+ -- value to describe a specific value within a category, such as+ -- \"companyA\" or \"companyB.\" Tag values are case-sensitive.+ value :: Prelude.Text+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'Tag' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'key', 'tag_key' - The part of the key:value pair that defines a tag. You can use a tag key+-- to describe a category of information, such as \"customer.\" Tag keys+-- are case-sensitive.+--+-- 'value', 'tag_value' - The part of the key:value pair that defines a tag. You can use a tag+-- value to describe a specific value within a category, such as+-- \"companyA\" or \"companyB.\" Tag values are case-sensitive.+newTag ::+ -- | 'key'+ Prelude.Text ->+ -- | 'value'+ Prelude.Text ->+ Tag+newTag pKey_ pValue_ =+ Tag' {key = pKey_, value = pValue_}++-- | The part of the key:value pair that defines a tag. You can use a tag key+-- to describe a category of information, such as \"customer.\" Tag keys+-- are case-sensitive.+tag_key :: Lens.Lens' Tag Prelude.Text+tag_key = Lens.lens (\Tag' {key} -> key) (\s@Tag' {} a -> s {key = a} :: Tag)++-- | The part of the key:value pair that defines a tag. You can use a tag+-- value to describe a specific value within a category, such as+-- \"companyA\" or \"companyB.\" Tag values are case-sensitive.+tag_value :: Lens.Lens' Tag Prelude.Text+tag_value = Lens.lens (\Tag' {value} -> value) (\s@Tag' {} a -> s {value = a} :: Tag)++instance Data.FromJSON Tag where+ parseJSON =+ Data.withObject+ "Tag"+ ( \x ->+ Tag'+ Prelude.<$> (x Data..: "Key")+ Prelude.<*> (x Data..: "Value")+ )++instance Prelude.Hashable Tag where+ hashWithSalt _salt Tag' {..} =+ _salt+ `Prelude.hashWithSalt` key+ `Prelude.hashWithSalt` value++instance Prelude.NFData Tag where+ rnf Tag' {..} =+ Prelude.rnf key `Prelude.seq` Prelude.rnf value++instance Data.ToJSON Tag where+ toJSON Tag' {..} =+ Data.object+ ( Prelude.catMaybes+ [ Prelude.Just ("Key" Data..= key),+ Prelude.Just ("Value" Data..= value)+ ]+ )
+ gen/Amazonka/NetworkFirewall/Types/TargetType.hs view
@@ -0,0 +1,71 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DerivingStrategies #-}+{-# LANGUAGE GeneralizedNewtypeDeriving #-}+{-# LANGUAGE LambdaCase #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE PatternSynonyms #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.Types.TargetType+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.Types.TargetType+ ( TargetType+ ( ..,+ TargetType_HTTP_HOST,+ TargetType_TLS_SNI+ ),+ )+where++import qualified Amazonka.Core as Core+import qualified Amazonka.Data as Data+import qualified Amazonka.Prelude as Prelude++newtype TargetType = TargetType'+ { fromTargetType ::+ Data.Text+ }+ deriving stock+ ( Prelude.Show,+ Prelude.Read,+ Prelude.Eq,+ Prelude.Ord,+ Prelude.Generic+ )+ deriving newtype+ ( Prelude.Hashable,+ Prelude.NFData,+ Data.FromText,+ Data.ToText,+ Data.ToByteString,+ Data.ToLog,+ Data.ToHeader,+ Data.ToQuery,+ Data.FromJSON,+ Data.FromJSONKey,+ Data.ToJSON,+ Data.ToJSONKey,+ Data.FromXML,+ Data.ToXML+ )++pattern TargetType_HTTP_HOST :: TargetType+pattern TargetType_HTTP_HOST = TargetType' "HTTP_HOST"++pattern TargetType_TLS_SNI :: TargetType+pattern TargetType_TLS_SNI = TargetType' "TLS_SNI"++{-# COMPLETE+ TargetType_HTTP_HOST,+ TargetType_TLS_SNI,+ TargetType'+ #-}
+ gen/Amazonka/NetworkFirewall/UntagResource.hs view
@@ -0,0 +1,180 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE TypeFamilies #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-binds #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.UntagResource+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+--+-- Removes the tags with the specified keys from the specified resource.+-- Tags are key:value pairs that you can use to categorize and manage your+-- resources, for purposes like billing. For example, you might set the tag+-- key to \"customer\" and the value to the customer name or ID. You can+-- specify one or more tags to add to each Amazon Web Services resource, up+-- to 50 tags for a resource.+--+-- You can manage tags for the Amazon Web Services resources that you+-- manage through Network Firewall: firewalls, firewall policies, and rule+-- groups.+module Amazonka.NetworkFirewall.UntagResource+ ( -- * Creating a Request+ UntagResource (..),+ newUntagResource,++ -- * Request Lenses+ untagResource_resourceArn,+ untagResource_tagKeys,++ -- * Destructuring the Response+ UntagResourceResponse (..),+ newUntagResourceResponse,++ -- * Response Lenses+ untagResourceResponse_httpStatus,+ )+where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import Amazonka.NetworkFirewall.Types+import qualified Amazonka.Prelude as Prelude+import qualified Amazonka.Request as Request+import qualified Amazonka.Response as Response++-- | /See:/ 'newUntagResource' smart constructor.+data UntagResource = UntagResource'+ { -- | The Amazon Resource Name (ARN) of the resource.+ resourceArn :: Prelude.Text,+ tagKeys :: Prelude.NonEmpty Prelude.Text+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'UntagResource' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'resourceArn', 'untagResource_resourceArn' - The Amazon Resource Name (ARN) of the resource.+--+-- 'tagKeys', 'untagResource_tagKeys' -+newUntagResource ::+ -- | 'resourceArn'+ Prelude.Text ->+ -- | 'tagKeys'+ Prelude.NonEmpty Prelude.Text ->+ UntagResource+newUntagResource pResourceArn_ pTagKeys_ =+ UntagResource'+ { resourceArn = pResourceArn_,+ tagKeys = Lens.coerced Lens.# pTagKeys_+ }++-- | The Amazon Resource Name (ARN) of the resource.+untagResource_resourceArn :: Lens.Lens' UntagResource Prelude.Text+untagResource_resourceArn = Lens.lens (\UntagResource' {resourceArn} -> resourceArn) (\s@UntagResource' {} a -> s {resourceArn = a} :: UntagResource)++untagResource_tagKeys :: Lens.Lens' UntagResource (Prelude.NonEmpty Prelude.Text)+untagResource_tagKeys = Lens.lens (\UntagResource' {tagKeys} -> tagKeys) (\s@UntagResource' {} a -> s {tagKeys = a} :: UntagResource) Prelude.. Lens.coerced++instance Core.AWSRequest UntagResource where+ type+ AWSResponse UntagResource =+ UntagResourceResponse+ request overrides =+ Request.postJSON (overrides defaultService)+ response =+ Response.receiveEmpty+ ( \s h x ->+ UntagResourceResponse'+ Prelude.<$> (Prelude.pure (Prelude.fromEnum s))+ )++instance Prelude.Hashable UntagResource where+ hashWithSalt _salt UntagResource' {..} =+ _salt+ `Prelude.hashWithSalt` resourceArn+ `Prelude.hashWithSalt` tagKeys++instance Prelude.NFData UntagResource where+ rnf UntagResource' {..} =+ Prelude.rnf resourceArn+ `Prelude.seq` Prelude.rnf tagKeys++instance Data.ToHeaders UntagResource where+ toHeaders =+ Prelude.const+ ( Prelude.mconcat+ [ "X-Amz-Target"+ Data.=# ( "NetworkFirewall_20201112.UntagResource" ::+ Prelude.ByteString+ ),+ "Content-Type"+ Data.=# ( "application/x-amz-json-1.0" ::+ Prelude.ByteString+ )+ ]+ )++instance Data.ToJSON UntagResource where+ toJSON UntagResource' {..} =+ Data.object+ ( Prelude.catMaybes+ [ Prelude.Just ("ResourceArn" Data..= resourceArn),+ Prelude.Just ("TagKeys" Data..= tagKeys)+ ]+ )++instance Data.ToPath UntagResource where+ toPath = Prelude.const "/"++instance Data.ToQuery UntagResource where+ toQuery = Prelude.const Prelude.mempty++-- | /See:/ 'newUntagResourceResponse' smart constructor.+data UntagResourceResponse = UntagResourceResponse'+ { -- | The response's http status code.+ httpStatus :: Prelude.Int+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'UntagResourceResponse' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'httpStatus', 'untagResourceResponse_httpStatus' - The response's http status code.+newUntagResourceResponse ::+ -- | 'httpStatus'+ Prelude.Int ->+ UntagResourceResponse+newUntagResourceResponse pHttpStatus_ =+ UntagResourceResponse' {httpStatus = pHttpStatus_}++-- | The response's http status code.+untagResourceResponse_httpStatus :: Lens.Lens' UntagResourceResponse Prelude.Int+untagResourceResponse_httpStatus = Lens.lens (\UntagResourceResponse' {httpStatus} -> httpStatus) (\s@UntagResourceResponse' {} a -> s {httpStatus = a} :: UntagResourceResponse)++instance Prelude.NFData UntagResourceResponse where+ rnf UntagResourceResponse' {..} =+ Prelude.rnf httpStatus
+ gen/Amazonka/NetworkFirewall/UpdateFirewallDeleteProtection.hs view
@@ -0,0 +1,409 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE TypeFamilies #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-binds #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.UpdateFirewallDeleteProtection+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+--+-- Modifies the flag, @DeleteProtection@, which indicates whether it is+-- possible to delete the firewall. If the flag is set to @TRUE@, the+-- firewall is protected against deletion. This setting helps protect+-- against accidentally deleting a firewall that\'s in use.+module Amazonka.NetworkFirewall.UpdateFirewallDeleteProtection+ ( -- * Creating a Request+ UpdateFirewallDeleteProtection (..),+ newUpdateFirewallDeleteProtection,++ -- * Request Lenses+ updateFirewallDeleteProtection_firewallArn,+ updateFirewallDeleteProtection_firewallName,+ updateFirewallDeleteProtection_updateToken,+ updateFirewallDeleteProtection_deleteProtection,++ -- * Destructuring the Response+ UpdateFirewallDeleteProtectionResponse (..),+ newUpdateFirewallDeleteProtectionResponse,++ -- * Response Lenses+ updateFirewallDeleteProtectionResponse_deleteProtection,+ updateFirewallDeleteProtectionResponse_firewallArn,+ updateFirewallDeleteProtectionResponse_firewallName,+ updateFirewallDeleteProtectionResponse_updateToken,+ updateFirewallDeleteProtectionResponse_httpStatus,+ )+where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import Amazonka.NetworkFirewall.Types+import qualified Amazonka.Prelude as Prelude+import qualified Amazonka.Request as Request+import qualified Amazonka.Response as Response++-- | /See:/ 'newUpdateFirewallDeleteProtection' smart constructor.+data UpdateFirewallDeleteProtection = UpdateFirewallDeleteProtection'+ { -- | The Amazon Resource Name (ARN) of the firewall.+ --+ -- You must specify the ARN or the name, and you can specify both.+ firewallArn :: Prelude.Maybe Prelude.Text,+ -- | The descriptive name of the firewall. You can\'t change the name of a+ -- firewall after you create it.+ --+ -- You must specify the ARN or the name, and you can specify both.+ firewallName :: Prelude.Maybe Prelude.Text,+ -- | An optional token that you can use for optimistic locking. Network+ -- Firewall returns a token to your requests that access the firewall. The+ -- token marks the state of the firewall resource at the time of the+ -- request.+ --+ -- To make an unconditional change to the firewall, omit the token in your+ -- update request. Without the token, Network Firewall performs your+ -- updates regardless of whether the firewall has changed since you last+ -- retrieved it.+ --+ -- To make a conditional change to the firewall, provide the token in your+ -- update request. Network Firewall uses the token to ensure that the+ -- firewall hasn\'t changed since you last retrieved it. If it has changed,+ -- the operation fails with an @InvalidTokenException@. If this happens,+ -- retrieve the firewall again to get a current copy of it with a new+ -- token. Reapply your changes as needed, then try the operation again+ -- using the new token.+ updateToken :: Prelude.Maybe Prelude.Text,+ -- | A flag indicating whether it is possible to delete the firewall. A+ -- setting of @TRUE@ indicates that the firewall is protected against+ -- deletion. Use this setting to protect against accidentally deleting a+ -- firewall that is in use. When you create a firewall, the operation+ -- initializes this flag to @TRUE@.+ deleteProtection :: Prelude.Bool+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'UpdateFirewallDeleteProtection' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'firewallArn', 'updateFirewallDeleteProtection_firewallArn' - The Amazon Resource Name (ARN) of the firewall.+--+-- You must specify the ARN or the name, and you can specify both.+--+-- 'firewallName', 'updateFirewallDeleteProtection_firewallName' - The descriptive name of the firewall. You can\'t change the name of a+-- firewall after you create it.+--+-- You must specify the ARN or the name, and you can specify both.+--+-- 'updateToken', 'updateFirewallDeleteProtection_updateToken' - An optional token that you can use for optimistic locking. Network+-- Firewall returns a token to your requests that access the firewall. The+-- token marks the state of the firewall resource at the time of the+-- request.+--+-- To make an unconditional change to the firewall, omit the token in your+-- update request. Without the token, Network Firewall performs your+-- updates regardless of whether the firewall has changed since you last+-- retrieved it.+--+-- To make a conditional change to the firewall, provide the token in your+-- update request. Network Firewall uses the token to ensure that the+-- firewall hasn\'t changed since you last retrieved it. If it has changed,+-- the operation fails with an @InvalidTokenException@. If this happens,+-- retrieve the firewall again to get a current copy of it with a new+-- token. Reapply your changes as needed, then try the operation again+-- using the new token.+--+-- 'deleteProtection', 'updateFirewallDeleteProtection_deleteProtection' - A flag indicating whether it is possible to delete the firewall. A+-- setting of @TRUE@ indicates that the firewall is protected against+-- deletion. Use this setting to protect against accidentally deleting a+-- firewall that is in use. When you create a firewall, the operation+-- initializes this flag to @TRUE@.+newUpdateFirewallDeleteProtection ::+ -- | 'deleteProtection'+ Prelude.Bool ->+ UpdateFirewallDeleteProtection+newUpdateFirewallDeleteProtection pDeleteProtection_ =+ UpdateFirewallDeleteProtection'+ { firewallArn =+ Prelude.Nothing,+ firewallName = Prelude.Nothing,+ updateToken = Prelude.Nothing,+ deleteProtection = pDeleteProtection_+ }++-- | The Amazon Resource Name (ARN) of the firewall.+--+-- You must specify the ARN or the name, and you can specify both.+updateFirewallDeleteProtection_firewallArn :: Lens.Lens' UpdateFirewallDeleteProtection (Prelude.Maybe Prelude.Text)+updateFirewallDeleteProtection_firewallArn = Lens.lens (\UpdateFirewallDeleteProtection' {firewallArn} -> firewallArn) (\s@UpdateFirewallDeleteProtection' {} a -> s {firewallArn = a} :: UpdateFirewallDeleteProtection)++-- | The descriptive name of the firewall. You can\'t change the name of a+-- firewall after you create it.+--+-- You must specify the ARN or the name, and you can specify both.+updateFirewallDeleteProtection_firewallName :: Lens.Lens' UpdateFirewallDeleteProtection (Prelude.Maybe Prelude.Text)+updateFirewallDeleteProtection_firewallName = Lens.lens (\UpdateFirewallDeleteProtection' {firewallName} -> firewallName) (\s@UpdateFirewallDeleteProtection' {} a -> s {firewallName = a} :: UpdateFirewallDeleteProtection)++-- | An optional token that you can use for optimistic locking. Network+-- Firewall returns a token to your requests that access the firewall. The+-- token marks the state of the firewall resource at the time of the+-- request.+--+-- To make an unconditional change to the firewall, omit the token in your+-- update request. Without the token, Network Firewall performs your+-- updates regardless of whether the firewall has changed since you last+-- retrieved it.+--+-- To make a conditional change to the firewall, provide the token in your+-- update request. Network Firewall uses the token to ensure that the+-- firewall hasn\'t changed since you last retrieved it. If it has changed,+-- the operation fails with an @InvalidTokenException@. If this happens,+-- retrieve the firewall again to get a current copy of it with a new+-- token. Reapply your changes as needed, then try the operation again+-- using the new token.+updateFirewallDeleteProtection_updateToken :: Lens.Lens' UpdateFirewallDeleteProtection (Prelude.Maybe Prelude.Text)+updateFirewallDeleteProtection_updateToken = Lens.lens (\UpdateFirewallDeleteProtection' {updateToken} -> updateToken) (\s@UpdateFirewallDeleteProtection' {} a -> s {updateToken = a} :: UpdateFirewallDeleteProtection)++-- | A flag indicating whether it is possible to delete the firewall. A+-- setting of @TRUE@ indicates that the firewall is protected against+-- deletion. Use this setting to protect against accidentally deleting a+-- firewall that is in use. When you create a firewall, the operation+-- initializes this flag to @TRUE@.+updateFirewallDeleteProtection_deleteProtection :: Lens.Lens' UpdateFirewallDeleteProtection Prelude.Bool+updateFirewallDeleteProtection_deleteProtection = Lens.lens (\UpdateFirewallDeleteProtection' {deleteProtection} -> deleteProtection) (\s@UpdateFirewallDeleteProtection' {} a -> s {deleteProtection = a} :: UpdateFirewallDeleteProtection)++instance+ Core.AWSRequest+ UpdateFirewallDeleteProtection+ where+ type+ AWSResponse UpdateFirewallDeleteProtection =+ UpdateFirewallDeleteProtectionResponse+ request overrides =+ Request.postJSON (overrides defaultService)+ response =+ Response.receiveJSON+ ( \s h x ->+ UpdateFirewallDeleteProtectionResponse'+ Prelude.<$> (x Data..?> "DeleteProtection")+ Prelude.<*> (x Data..?> "FirewallArn")+ Prelude.<*> (x Data..?> "FirewallName")+ Prelude.<*> (x Data..?> "UpdateToken")+ Prelude.<*> (Prelude.pure (Prelude.fromEnum s))+ )++instance+ Prelude.Hashable+ UpdateFirewallDeleteProtection+ where+ hashWithSalt+ _salt+ UpdateFirewallDeleteProtection' {..} =+ _salt+ `Prelude.hashWithSalt` firewallArn+ `Prelude.hashWithSalt` firewallName+ `Prelude.hashWithSalt` updateToken+ `Prelude.hashWithSalt` deleteProtection++instance+ Prelude.NFData+ UpdateFirewallDeleteProtection+ where+ rnf UpdateFirewallDeleteProtection' {..} =+ Prelude.rnf firewallArn+ `Prelude.seq` Prelude.rnf firewallName+ `Prelude.seq` Prelude.rnf updateToken+ `Prelude.seq` Prelude.rnf deleteProtection++instance+ Data.ToHeaders+ UpdateFirewallDeleteProtection+ where+ toHeaders =+ Prelude.const+ ( Prelude.mconcat+ [ "X-Amz-Target"+ Data.=# ( "NetworkFirewall_20201112.UpdateFirewallDeleteProtection" ::+ Prelude.ByteString+ ),+ "Content-Type"+ Data.=# ( "application/x-amz-json-1.0" ::+ Prelude.ByteString+ )+ ]+ )++instance Data.ToJSON UpdateFirewallDeleteProtection where+ toJSON UpdateFirewallDeleteProtection' {..} =+ Data.object+ ( Prelude.catMaybes+ [ ("FirewallArn" Data..=) Prelude.<$> firewallArn,+ ("FirewallName" Data..=) Prelude.<$> firewallName,+ ("UpdateToken" Data..=) Prelude.<$> updateToken,+ Prelude.Just+ ("DeleteProtection" Data..= deleteProtection)+ ]+ )++instance Data.ToPath UpdateFirewallDeleteProtection where+ toPath = Prelude.const "/"++instance Data.ToQuery UpdateFirewallDeleteProtection where+ toQuery = Prelude.const Prelude.mempty++-- | /See:/ 'newUpdateFirewallDeleteProtectionResponse' smart constructor.+data UpdateFirewallDeleteProtectionResponse = UpdateFirewallDeleteProtectionResponse'+ { -- | A flag indicating whether it is possible to delete the firewall. A+ -- setting of @TRUE@ indicates that the firewall is protected against+ -- deletion. Use this setting to protect against accidentally deleting a+ -- firewall that is in use. When you create a firewall, the operation+ -- initializes this flag to @TRUE@.+ deleteProtection :: Prelude.Maybe Prelude.Bool,+ -- | The Amazon Resource Name (ARN) of the firewall.+ firewallArn :: Prelude.Maybe Prelude.Text,+ -- | The descriptive name of the firewall. You can\'t change the name of a+ -- firewall after you create it.+ firewallName :: Prelude.Maybe Prelude.Text,+ -- | An optional token that you can use for optimistic locking. Network+ -- Firewall returns a token to your requests that access the firewall. The+ -- token marks the state of the firewall resource at the time of the+ -- request.+ --+ -- To make an unconditional change to the firewall, omit the token in your+ -- update request. Without the token, Network Firewall performs your+ -- updates regardless of whether the firewall has changed since you last+ -- retrieved it.+ --+ -- To make a conditional change to the firewall, provide the token in your+ -- update request. Network Firewall uses the token to ensure that the+ -- firewall hasn\'t changed since you last retrieved it. If it has changed,+ -- the operation fails with an @InvalidTokenException@. If this happens,+ -- retrieve the firewall again to get a current copy of it with a new+ -- token. Reapply your changes as needed, then try the operation again+ -- using the new token.+ updateToken :: Prelude.Maybe Prelude.Text,+ -- | The response's http status code.+ httpStatus :: Prelude.Int+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'UpdateFirewallDeleteProtectionResponse' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'deleteProtection', 'updateFirewallDeleteProtectionResponse_deleteProtection' - A flag indicating whether it is possible to delete the firewall. A+-- setting of @TRUE@ indicates that the firewall is protected against+-- deletion. Use this setting to protect against accidentally deleting a+-- firewall that is in use. When you create a firewall, the operation+-- initializes this flag to @TRUE@.+--+-- 'firewallArn', 'updateFirewallDeleteProtectionResponse_firewallArn' - The Amazon Resource Name (ARN) of the firewall.+--+-- 'firewallName', 'updateFirewallDeleteProtectionResponse_firewallName' - The descriptive name of the firewall. You can\'t change the name of a+-- firewall after you create it.+--+-- 'updateToken', 'updateFirewallDeleteProtectionResponse_updateToken' - An optional token that you can use for optimistic locking. Network+-- Firewall returns a token to your requests that access the firewall. The+-- token marks the state of the firewall resource at the time of the+-- request.+--+-- To make an unconditional change to the firewall, omit the token in your+-- update request. Without the token, Network Firewall performs your+-- updates regardless of whether the firewall has changed since you last+-- retrieved it.+--+-- To make a conditional change to the firewall, provide the token in your+-- update request. Network Firewall uses the token to ensure that the+-- firewall hasn\'t changed since you last retrieved it. If it has changed,+-- the operation fails with an @InvalidTokenException@. If this happens,+-- retrieve the firewall again to get a current copy of it with a new+-- token. Reapply your changes as needed, then try the operation again+-- using the new token.+--+-- 'httpStatus', 'updateFirewallDeleteProtectionResponse_httpStatus' - The response's http status code.+newUpdateFirewallDeleteProtectionResponse ::+ -- | 'httpStatus'+ Prelude.Int ->+ UpdateFirewallDeleteProtectionResponse+newUpdateFirewallDeleteProtectionResponse+ pHttpStatus_ =+ UpdateFirewallDeleteProtectionResponse'+ { deleteProtection =+ Prelude.Nothing,+ firewallArn = Prelude.Nothing,+ firewallName = Prelude.Nothing,+ updateToken = Prelude.Nothing,+ httpStatus = pHttpStatus_+ }++-- | A flag indicating whether it is possible to delete the firewall. A+-- setting of @TRUE@ indicates that the firewall is protected against+-- deletion. Use this setting to protect against accidentally deleting a+-- firewall that is in use. When you create a firewall, the operation+-- initializes this flag to @TRUE@.+updateFirewallDeleteProtectionResponse_deleteProtection :: Lens.Lens' UpdateFirewallDeleteProtectionResponse (Prelude.Maybe Prelude.Bool)+updateFirewallDeleteProtectionResponse_deleteProtection = Lens.lens (\UpdateFirewallDeleteProtectionResponse' {deleteProtection} -> deleteProtection) (\s@UpdateFirewallDeleteProtectionResponse' {} a -> s {deleteProtection = a} :: UpdateFirewallDeleteProtectionResponse)++-- | The Amazon Resource Name (ARN) of the firewall.+updateFirewallDeleteProtectionResponse_firewallArn :: Lens.Lens' UpdateFirewallDeleteProtectionResponse (Prelude.Maybe Prelude.Text)+updateFirewallDeleteProtectionResponse_firewallArn = Lens.lens (\UpdateFirewallDeleteProtectionResponse' {firewallArn} -> firewallArn) (\s@UpdateFirewallDeleteProtectionResponse' {} a -> s {firewallArn = a} :: UpdateFirewallDeleteProtectionResponse)++-- | The descriptive name of the firewall. You can\'t change the name of a+-- firewall after you create it.+updateFirewallDeleteProtectionResponse_firewallName :: Lens.Lens' UpdateFirewallDeleteProtectionResponse (Prelude.Maybe Prelude.Text)+updateFirewallDeleteProtectionResponse_firewallName = Lens.lens (\UpdateFirewallDeleteProtectionResponse' {firewallName} -> firewallName) (\s@UpdateFirewallDeleteProtectionResponse' {} a -> s {firewallName = a} :: UpdateFirewallDeleteProtectionResponse)++-- | An optional token that you can use for optimistic locking. Network+-- Firewall returns a token to your requests that access the firewall. The+-- token marks the state of the firewall resource at the time of the+-- request.+--+-- To make an unconditional change to the firewall, omit the token in your+-- update request. Without the token, Network Firewall performs your+-- updates regardless of whether the firewall has changed since you last+-- retrieved it.+--+-- To make a conditional change to the firewall, provide the token in your+-- update request. Network Firewall uses the token to ensure that the+-- firewall hasn\'t changed since you last retrieved it. If it has changed,+-- the operation fails with an @InvalidTokenException@. If this happens,+-- retrieve the firewall again to get a current copy of it with a new+-- token. Reapply your changes as needed, then try the operation again+-- using the new token.+updateFirewallDeleteProtectionResponse_updateToken :: Lens.Lens' UpdateFirewallDeleteProtectionResponse (Prelude.Maybe Prelude.Text)+updateFirewallDeleteProtectionResponse_updateToken = Lens.lens (\UpdateFirewallDeleteProtectionResponse' {updateToken} -> updateToken) (\s@UpdateFirewallDeleteProtectionResponse' {} a -> s {updateToken = a} :: UpdateFirewallDeleteProtectionResponse)++-- | The response's http status code.+updateFirewallDeleteProtectionResponse_httpStatus :: Lens.Lens' UpdateFirewallDeleteProtectionResponse Prelude.Int+updateFirewallDeleteProtectionResponse_httpStatus = Lens.lens (\UpdateFirewallDeleteProtectionResponse' {httpStatus} -> httpStatus) (\s@UpdateFirewallDeleteProtectionResponse' {} a -> s {httpStatus = a} :: UpdateFirewallDeleteProtectionResponse)++instance+ Prelude.NFData+ UpdateFirewallDeleteProtectionResponse+ where+ rnf UpdateFirewallDeleteProtectionResponse' {..} =+ Prelude.rnf deleteProtection+ `Prelude.seq` Prelude.rnf firewallArn+ `Prelude.seq` Prelude.rnf firewallName+ `Prelude.seq` Prelude.rnf updateToken+ `Prelude.seq` Prelude.rnf httpStatus
+ gen/Amazonka/NetworkFirewall/UpdateFirewallDescription.hs view
@@ -0,0 +1,368 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE TypeFamilies #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-binds #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.UpdateFirewallDescription+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+--+-- Modifies the description for the specified firewall. Use the description+-- to help you identify the firewall when you\'re working with it.+module Amazonka.NetworkFirewall.UpdateFirewallDescription+ ( -- * Creating a Request+ UpdateFirewallDescription (..),+ newUpdateFirewallDescription,++ -- * Request Lenses+ updateFirewallDescription_description,+ updateFirewallDescription_firewallArn,+ updateFirewallDescription_firewallName,+ updateFirewallDescription_updateToken,++ -- * Destructuring the Response+ UpdateFirewallDescriptionResponse (..),+ newUpdateFirewallDescriptionResponse,++ -- * Response Lenses+ updateFirewallDescriptionResponse_description,+ updateFirewallDescriptionResponse_firewallArn,+ updateFirewallDescriptionResponse_firewallName,+ updateFirewallDescriptionResponse_updateToken,+ updateFirewallDescriptionResponse_httpStatus,+ )+where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import Amazonka.NetworkFirewall.Types+import qualified Amazonka.Prelude as Prelude+import qualified Amazonka.Request as Request+import qualified Amazonka.Response as Response++-- | /See:/ 'newUpdateFirewallDescription' smart constructor.+data UpdateFirewallDescription = UpdateFirewallDescription'+ { -- | The new description for the firewall. If you omit this setting, Network+ -- Firewall removes the description for the firewall.+ description :: Prelude.Maybe Prelude.Text,+ -- | The Amazon Resource Name (ARN) of the firewall.+ --+ -- You must specify the ARN or the name, and you can specify both.+ firewallArn :: Prelude.Maybe Prelude.Text,+ -- | The descriptive name of the firewall. You can\'t change the name of a+ -- firewall after you create it.+ --+ -- You must specify the ARN or the name, and you can specify both.+ firewallName :: Prelude.Maybe Prelude.Text,+ -- | An optional token that you can use for optimistic locking. Network+ -- Firewall returns a token to your requests that access the firewall. The+ -- token marks the state of the firewall resource at the time of the+ -- request.+ --+ -- To make an unconditional change to the firewall, omit the token in your+ -- update request. Without the token, Network Firewall performs your+ -- updates regardless of whether the firewall has changed since you last+ -- retrieved it.+ --+ -- To make a conditional change to the firewall, provide the token in your+ -- update request. Network Firewall uses the token to ensure that the+ -- firewall hasn\'t changed since you last retrieved it. If it has changed,+ -- the operation fails with an @InvalidTokenException@. If this happens,+ -- retrieve the firewall again to get a current copy of it with a new+ -- token. Reapply your changes as needed, then try the operation again+ -- using the new token.+ updateToken :: Prelude.Maybe Prelude.Text+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'UpdateFirewallDescription' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'description', 'updateFirewallDescription_description' - The new description for the firewall. If you omit this setting, Network+-- Firewall removes the description for the firewall.+--+-- 'firewallArn', 'updateFirewallDescription_firewallArn' - The Amazon Resource Name (ARN) of the firewall.+--+-- You must specify the ARN or the name, and you can specify both.+--+-- 'firewallName', 'updateFirewallDescription_firewallName' - The descriptive name of the firewall. You can\'t change the name of a+-- firewall after you create it.+--+-- You must specify the ARN or the name, and you can specify both.+--+-- 'updateToken', 'updateFirewallDescription_updateToken' - An optional token that you can use for optimistic locking. Network+-- Firewall returns a token to your requests that access the firewall. The+-- token marks the state of the firewall resource at the time of the+-- request.+--+-- To make an unconditional change to the firewall, omit the token in your+-- update request. Without the token, Network Firewall performs your+-- updates regardless of whether the firewall has changed since you last+-- retrieved it.+--+-- To make a conditional change to the firewall, provide the token in your+-- update request. Network Firewall uses the token to ensure that the+-- firewall hasn\'t changed since you last retrieved it. If it has changed,+-- the operation fails with an @InvalidTokenException@. If this happens,+-- retrieve the firewall again to get a current copy of it with a new+-- token. Reapply your changes as needed, then try the operation again+-- using the new token.+newUpdateFirewallDescription ::+ UpdateFirewallDescription+newUpdateFirewallDescription =+ UpdateFirewallDescription'+ { description =+ Prelude.Nothing,+ firewallArn = Prelude.Nothing,+ firewallName = Prelude.Nothing,+ updateToken = Prelude.Nothing+ }++-- | The new description for the firewall. If you omit this setting, Network+-- Firewall removes the description for the firewall.+updateFirewallDescription_description :: Lens.Lens' UpdateFirewallDescription (Prelude.Maybe Prelude.Text)+updateFirewallDescription_description = Lens.lens (\UpdateFirewallDescription' {description} -> description) (\s@UpdateFirewallDescription' {} a -> s {description = a} :: UpdateFirewallDescription)++-- | The Amazon Resource Name (ARN) of the firewall.+--+-- You must specify the ARN or the name, and you can specify both.+updateFirewallDescription_firewallArn :: Lens.Lens' UpdateFirewallDescription (Prelude.Maybe Prelude.Text)+updateFirewallDescription_firewallArn = Lens.lens (\UpdateFirewallDescription' {firewallArn} -> firewallArn) (\s@UpdateFirewallDescription' {} a -> s {firewallArn = a} :: UpdateFirewallDescription)++-- | The descriptive name of the firewall. You can\'t change the name of a+-- firewall after you create it.+--+-- You must specify the ARN or the name, and you can specify both.+updateFirewallDescription_firewallName :: Lens.Lens' UpdateFirewallDescription (Prelude.Maybe Prelude.Text)+updateFirewallDescription_firewallName = Lens.lens (\UpdateFirewallDescription' {firewallName} -> firewallName) (\s@UpdateFirewallDescription' {} a -> s {firewallName = a} :: UpdateFirewallDescription)++-- | An optional token that you can use for optimistic locking. Network+-- Firewall returns a token to your requests that access the firewall. The+-- token marks the state of the firewall resource at the time of the+-- request.+--+-- To make an unconditional change to the firewall, omit the token in your+-- update request. Without the token, Network Firewall performs your+-- updates regardless of whether the firewall has changed since you last+-- retrieved it.+--+-- To make a conditional change to the firewall, provide the token in your+-- update request. Network Firewall uses the token to ensure that the+-- firewall hasn\'t changed since you last retrieved it. If it has changed,+-- the operation fails with an @InvalidTokenException@. If this happens,+-- retrieve the firewall again to get a current copy of it with a new+-- token. Reapply your changes as needed, then try the operation again+-- using the new token.+updateFirewallDescription_updateToken :: Lens.Lens' UpdateFirewallDescription (Prelude.Maybe Prelude.Text)+updateFirewallDescription_updateToken = Lens.lens (\UpdateFirewallDescription' {updateToken} -> updateToken) (\s@UpdateFirewallDescription' {} a -> s {updateToken = a} :: UpdateFirewallDescription)++instance Core.AWSRequest UpdateFirewallDescription where+ type+ AWSResponse UpdateFirewallDescription =+ UpdateFirewallDescriptionResponse+ request overrides =+ Request.postJSON (overrides defaultService)+ response =+ Response.receiveJSON+ ( \s h x ->+ UpdateFirewallDescriptionResponse'+ Prelude.<$> (x Data..?> "Description")+ Prelude.<*> (x Data..?> "FirewallArn")+ Prelude.<*> (x Data..?> "FirewallName")+ Prelude.<*> (x Data..?> "UpdateToken")+ Prelude.<*> (Prelude.pure (Prelude.fromEnum s))+ )++instance Prelude.Hashable UpdateFirewallDescription where+ hashWithSalt _salt UpdateFirewallDescription' {..} =+ _salt+ `Prelude.hashWithSalt` description+ `Prelude.hashWithSalt` firewallArn+ `Prelude.hashWithSalt` firewallName+ `Prelude.hashWithSalt` updateToken++instance Prelude.NFData UpdateFirewallDescription where+ rnf UpdateFirewallDescription' {..} =+ Prelude.rnf description+ `Prelude.seq` Prelude.rnf firewallArn+ `Prelude.seq` Prelude.rnf firewallName+ `Prelude.seq` Prelude.rnf updateToken++instance Data.ToHeaders UpdateFirewallDescription where+ toHeaders =+ Prelude.const+ ( Prelude.mconcat+ [ "X-Amz-Target"+ Data.=# ( "NetworkFirewall_20201112.UpdateFirewallDescription" ::+ Prelude.ByteString+ ),+ "Content-Type"+ Data.=# ( "application/x-amz-json-1.0" ::+ Prelude.ByteString+ )+ ]+ )++instance Data.ToJSON UpdateFirewallDescription where+ toJSON UpdateFirewallDescription' {..} =+ Data.object+ ( Prelude.catMaybes+ [ ("Description" Data..=) Prelude.<$> description,+ ("FirewallArn" Data..=) Prelude.<$> firewallArn,+ ("FirewallName" Data..=) Prelude.<$> firewallName,+ ("UpdateToken" Data..=) Prelude.<$> updateToken+ ]+ )++instance Data.ToPath UpdateFirewallDescription where+ toPath = Prelude.const "/"++instance Data.ToQuery UpdateFirewallDescription where+ toQuery = Prelude.const Prelude.mempty++-- | /See:/ 'newUpdateFirewallDescriptionResponse' smart constructor.+data UpdateFirewallDescriptionResponse = UpdateFirewallDescriptionResponse'+ { -- | A description of the firewall.+ description :: Prelude.Maybe Prelude.Text,+ -- | The Amazon Resource Name (ARN) of the firewall.+ firewallArn :: Prelude.Maybe Prelude.Text,+ -- | The descriptive name of the firewall. You can\'t change the name of a+ -- firewall after you create it.+ firewallName :: Prelude.Maybe Prelude.Text,+ -- | An optional token that you can use for optimistic locking. Network+ -- Firewall returns a token to your requests that access the firewall. The+ -- token marks the state of the firewall resource at the time of the+ -- request.+ --+ -- To make an unconditional change to the firewall, omit the token in your+ -- update request. Without the token, Network Firewall performs your+ -- updates regardless of whether the firewall has changed since you last+ -- retrieved it.+ --+ -- To make a conditional change to the firewall, provide the token in your+ -- update request. Network Firewall uses the token to ensure that the+ -- firewall hasn\'t changed since you last retrieved it. If it has changed,+ -- the operation fails with an @InvalidTokenException@. If this happens,+ -- retrieve the firewall again to get a current copy of it with a new+ -- token. Reapply your changes as needed, then try the operation again+ -- using the new token.+ updateToken :: Prelude.Maybe Prelude.Text,+ -- | The response's http status code.+ httpStatus :: Prelude.Int+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'UpdateFirewallDescriptionResponse' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'description', 'updateFirewallDescriptionResponse_description' - A description of the firewall.+--+-- 'firewallArn', 'updateFirewallDescriptionResponse_firewallArn' - The Amazon Resource Name (ARN) of the firewall.+--+-- 'firewallName', 'updateFirewallDescriptionResponse_firewallName' - The descriptive name of the firewall. You can\'t change the name of a+-- firewall after you create it.+--+-- 'updateToken', 'updateFirewallDescriptionResponse_updateToken' - An optional token that you can use for optimistic locking. Network+-- Firewall returns a token to your requests that access the firewall. The+-- token marks the state of the firewall resource at the time of the+-- request.+--+-- To make an unconditional change to the firewall, omit the token in your+-- update request. Without the token, Network Firewall performs your+-- updates regardless of whether the firewall has changed since you last+-- retrieved it.+--+-- To make a conditional change to the firewall, provide the token in your+-- update request. Network Firewall uses the token to ensure that the+-- firewall hasn\'t changed since you last retrieved it. If it has changed,+-- the operation fails with an @InvalidTokenException@. If this happens,+-- retrieve the firewall again to get a current copy of it with a new+-- token. Reapply your changes as needed, then try the operation again+-- using the new token.+--+-- 'httpStatus', 'updateFirewallDescriptionResponse_httpStatus' - The response's http status code.+newUpdateFirewallDescriptionResponse ::+ -- | 'httpStatus'+ Prelude.Int ->+ UpdateFirewallDescriptionResponse+newUpdateFirewallDescriptionResponse pHttpStatus_ =+ UpdateFirewallDescriptionResponse'+ { description =+ Prelude.Nothing,+ firewallArn = Prelude.Nothing,+ firewallName = Prelude.Nothing,+ updateToken = Prelude.Nothing,+ httpStatus = pHttpStatus_+ }++-- | A description of the firewall.+updateFirewallDescriptionResponse_description :: Lens.Lens' UpdateFirewallDescriptionResponse (Prelude.Maybe Prelude.Text)+updateFirewallDescriptionResponse_description = Lens.lens (\UpdateFirewallDescriptionResponse' {description} -> description) (\s@UpdateFirewallDescriptionResponse' {} a -> s {description = a} :: UpdateFirewallDescriptionResponse)++-- | The Amazon Resource Name (ARN) of the firewall.+updateFirewallDescriptionResponse_firewallArn :: Lens.Lens' UpdateFirewallDescriptionResponse (Prelude.Maybe Prelude.Text)+updateFirewallDescriptionResponse_firewallArn = Lens.lens (\UpdateFirewallDescriptionResponse' {firewallArn} -> firewallArn) (\s@UpdateFirewallDescriptionResponse' {} a -> s {firewallArn = a} :: UpdateFirewallDescriptionResponse)++-- | The descriptive name of the firewall. You can\'t change the name of a+-- firewall after you create it.+updateFirewallDescriptionResponse_firewallName :: Lens.Lens' UpdateFirewallDescriptionResponse (Prelude.Maybe Prelude.Text)+updateFirewallDescriptionResponse_firewallName = Lens.lens (\UpdateFirewallDescriptionResponse' {firewallName} -> firewallName) (\s@UpdateFirewallDescriptionResponse' {} a -> s {firewallName = a} :: UpdateFirewallDescriptionResponse)++-- | An optional token that you can use for optimistic locking. Network+-- Firewall returns a token to your requests that access the firewall. The+-- token marks the state of the firewall resource at the time of the+-- request.+--+-- To make an unconditional change to the firewall, omit the token in your+-- update request. Without the token, Network Firewall performs your+-- updates regardless of whether the firewall has changed since you last+-- retrieved it.+--+-- To make a conditional change to the firewall, provide the token in your+-- update request. Network Firewall uses the token to ensure that the+-- firewall hasn\'t changed since you last retrieved it. If it has changed,+-- the operation fails with an @InvalidTokenException@. If this happens,+-- retrieve the firewall again to get a current copy of it with a new+-- token. Reapply your changes as needed, then try the operation again+-- using the new token.+updateFirewallDescriptionResponse_updateToken :: Lens.Lens' UpdateFirewallDescriptionResponse (Prelude.Maybe Prelude.Text)+updateFirewallDescriptionResponse_updateToken = Lens.lens (\UpdateFirewallDescriptionResponse' {updateToken} -> updateToken) (\s@UpdateFirewallDescriptionResponse' {} a -> s {updateToken = a} :: UpdateFirewallDescriptionResponse)++-- | The response's http status code.+updateFirewallDescriptionResponse_httpStatus :: Lens.Lens' UpdateFirewallDescriptionResponse Prelude.Int+updateFirewallDescriptionResponse_httpStatus = Lens.lens (\UpdateFirewallDescriptionResponse' {httpStatus} -> httpStatus) (\s@UpdateFirewallDescriptionResponse' {} a -> s {httpStatus = a} :: UpdateFirewallDescriptionResponse)++instance+ Prelude.NFData+ UpdateFirewallDescriptionResponse+ where+ rnf UpdateFirewallDescriptionResponse' {..} =+ Prelude.rnf description+ `Prelude.seq` Prelude.rnf firewallArn+ `Prelude.seq` Prelude.rnf firewallName+ `Prelude.seq` Prelude.rnf updateToken+ `Prelude.seq` Prelude.rnf httpStatus
+ gen/Amazonka/NetworkFirewall/UpdateFirewallEncryptionConfiguration.hs view
@@ -0,0 +1,381 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE TypeFamilies #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-binds #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.UpdateFirewallEncryptionConfiguration+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+--+-- A complex type that contains settings for encryption of your firewall+-- resources.+module Amazonka.NetworkFirewall.UpdateFirewallEncryptionConfiguration+ ( -- * Creating a Request+ UpdateFirewallEncryptionConfiguration (..),+ newUpdateFirewallEncryptionConfiguration,++ -- * Request Lenses+ updateFirewallEncryptionConfiguration_encryptionConfiguration,+ updateFirewallEncryptionConfiguration_firewallArn,+ updateFirewallEncryptionConfiguration_firewallName,+ updateFirewallEncryptionConfiguration_updateToken,++ -- * Destructuring the Response+ UpdateFirewallEncryptionConfigurationResponse (..),+ newUpdateFirewallEncryptionConfigurationResponse,++ -- * Response Lenses+ updateFirewallEncryptionConfigurationResponse_encryptionConfiguration,+ updateFirewallEncryptionConfigurationResponse_firewallArn,+ updateFirewallEncryptionConfigurationResponse_firewallName,+ updateFirewallEncryptionConfigurationResponse_updateToken,+ updateFirewallEncryptionConfigurationResponse_httpStatus,+ )+where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import Amazonka.NetworkFirewall.Types+import qualified Amazonka.Prelude as Prelude+import qualified Amazonka.Request as Request+import qualified Amazonka.Response as Response++-- | /See:/ 'newUpdateFirewallEncryptionConfiguration' smart constructor.+data UpdateFirewallEncryptionConfiguration = UpdateFirewallEncryptionConfiguration'+ { encryptionConfiguration :: Prelude.Maybe EncryptionConfiguration,+ -- | The Amazon Resource Name (ARN) of the firewall.+ firewallArn :: Prelude.Maybe Prelude.Text,+ -- | The descriptive name of the firewall. You can\'t change the name of a+ -- firewall after you create it.+ firewallName :: Prelude.Maybe Prelude.Text,+ -- | An optional token that you can use for optimistic locking. Network+ -- Firewall returns a token to your requests that access the firewall. The+ -- token marks the state of the firewall resource at the time of the+ -- request.+ --+ -- To make an unconditional change to the firewall, omit the token in your+ -- update request. Without the token, Network Firewall performs your+ -- updates regardless of whether the firewall has changed since you last+ -- retrieved it.+ --+ -- To make a conditional change to the firewall, provide the token in your+ -- update request. Network Firewall uses the token to ensure that the+ -- firewall hasn\'t changed since you last retrieved it. If it has changed,+ -- the operation fails with an @InvalidTokenException@. If this happens,+ -- retrieve the firewall again to get a current copy of it with a new+ -- token. Reapply your changes as needed, then try the operation again+ -- using the new token.+ updateToken :: Prelude.Maybe Prelude.Text+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'UpdateFirewallEncryptionConfiguration' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'encryptionConfiguration', 'updateFirewallEncryptionConfiguration_encryptionConfiguration' - Undocumented member.+--+-- 'firewallArn', 'updateFirewallEncryptionConfiguration_firewallArn' - The Amazon Resource Name (ARN) of the firewall.+--+-- 'firewallName', 'updateFirewallEncryptionConfiguration_firewallName' - The descriptive name of the firewall. You can\'t change the name of a+-- firewall after you create it.+--+-- 'updateToken', 'updateFirewallEncryptionConfiguration_updateToken' - An optional token that you can use for optimistic locking. Network+-- Firewall returns a token to your requests that access the firewall. The+-- token marks the state of the firewall resource at the time of the+-- request.+--+-- To make an unconditional change to the firewall, omit the token in your+-- update request. Without the token, Network Firewall performs your+-- updates regardless of whether the firewall has changed since you last+-- retrieved it.+--+-- To make a conditional change to the firewall, provide the token in your+-- update request. Network Firewall uses the token to ensure that the+-- firewall hasn\'t changed since you last retrieved it. If it has changed,+-- the operation fails with an @InvalidTokenException@. If this happens,+-- retrieve the firewall again to get a current copy of it with a new+-- token. Reapply your changes as needed, then try the operation again+-- using the new token.+newUpdateFirewallEncryptionConfiguration ::+ UpdateFirewallEncryptionConfiguration+newUpdateFirewallEncryptionConfiguration =+ UpdateFirewallEncryptionConfiguration'+ { encryptionConfiguration =+ Prelude.Nothing,+ firewallArn = Prelude.Nothing,+ firewallName = Prelude.Nothing,+ updateToken = Prelude.Nothing+ }++-- | Undocumented member.+updateFirewallEncryptionConfiguration_encryptionConfiguration :: Lens.Lens' UpdateFirewallEncryptionConfiguration (Prelude.Maybe EncryptionConfiguration)+updateFirewallEncryptionConfiguration_encryptionConfiguration = Lens.lens (\UpdateFirewallEncryptionConfiguration' {encryptionConfiguration} -> encryptionConfiguration) (\s@UpdateFirewallEncryptionConfiguration' {} a -> s {encryptionConfiguration = a} :: UpdateFirewallEncryptionConfiguration)++-- | The Amazon Resource Name (ARN) of the firewall.+updateFirewallEncryptionConfiguration_firewallArn :: Lens.Lens' UpdateFirewallEncryptionConfiguration (Prelude.Maybe Prelude.Text)+updateFirewallEncryptionConfiguration_firewallArn = Lens.lens (\UpdateFirewallEncryptionConfiguration' {firewallArn} -> firewallArn) (\s@UpdateFirewallEncryptionConfiguration' {} a -> s {firewallArn = a} :: UpdateFirewallEncryptionConfiguration)++-- | The descriptive name of the firewall. You can\'t change the name of a+-- firewall after you create it.+updateFirewallEncryptionConfiguration_firewallName :: Lens.Lens' UpdateFirewallEncryptionConfiguration (Prelude.Maybe Prelude.Text)+updateFirewallEncryptionConfiguration_firewallName = Lens.lens (\UpdateFirewallEncryptionConfiguration' {firewallName} -> firewallName) (\s@UpdateFirewallEncryptionConfiguration' {} a -> s {firewallName = a} :: UpdateFirewallEncryptionConfiguration)++-- | An optional token that you can use for optimistic locking. Network+-- Firewall returns a token to your requests that access the firewall. The+-- token marks the state of the firewall resource at the time of the+-- request.+--+-- To make an unconditional change to the firewall, omit the token in your+-- update request. Without the token, Network Firewall performs your+-- updates regardless of whether the firewall has changed since you last+-- retrieved it.+--+-- To make a conditional change to the firewall, provide the token in your+-- update request. Network Firewall uses the token to ensure that the+-- firewall hasn\'t changed since you last retrieved it. If it has changed,+-- the operation fails with an @InvalidTokenException@. If this happens,+-- retrieve the firewall again to get a current copy of it with a new+-- token. Reapply your changes as needed, then try the operation again+-- using the new token.+updateFirewallEncryptionConfiguration_updateToken :: Lens.Lens' UpdateFirewallEncryptionConfiguration (Prelude.Maybe Prelude.Text)+updateFirewallEncryptionConfiguration_updateToken = Lens.lens (\UpdateFirewallEncryptionConfiguration' {updateToken} -> updateToken) (\s@UpdateFirewallEncryptionConfiguration' {} a -> s {updateToken = a} :: UpdateFirewallEncryptionConfiguration)++instance+ Core.AWSRequest+ UpdateFirewallEncryptionConfiguration+ where+ type+ AWSResponse+ UpdateFirewallEncryptionConfiguration =+ UpdateFirewallEncryptionConfigurationResponse+ request overrides =+ Request.postJSON (overrides defaultService)+ response =+ Response.receiveJSON+ ( \s h x ->+ UpdateFirewallEncryptionConfigurationResponse'+ Prelude.<$> (x Data..?> "EncryptionConfiguration")+ Prelude.<*> (x Data..?> "FirewallArn")+ Prelude.<*> (x Data..?> "FirewallName")+ Prelude.<*> (x Data..?> "UpdateToken")+ Prelude.<*> (Prelude.pure (Prelude.fromEnum s))+ )++instance+ Prelude.Hashable+ UpdateFirewallEncryptionConfiguration+ where+ hashWithSalt+ _salt+ UpdateFirewallEncryptionConfiguration' {..} =+ _salt+ `Prelude.hashWithSalt` encryptionConfiguration+ `Prelude.hashWithSalt` firewallArn+ `Prelude.hashWithSalt` firewallName+ `Prelude.hashWithSalt` updateToken++instance+ Prelude.NFData+ UpdateFirewallEncryptionConfiguration+ where+ rnf UpdateFirewallEncryptionConfiguration' {..} =+ Prelude.rnf encryptionConfiguration+ `Prelude.seq` Prelude.rnf firewallArn+ `Prelude.seq` Prelude.rnf firewallName+ `Prelude.seq` Prelude.rnf updateToken++instance+ Data.ToHeaders+ UpdateFirewallEncryptionConfiguration+ where+ toHeaders =+ Prelude.const+ ( Prelude.mconcat+ [ "X-Amz-Target"+ Data.=# ( "NetworkFirewall_20201112.UpdateFirewallEncryptionConfiguration" ::+ Prelude.ByteString+ ),+ "Content-Type"+ Data.=# ( "application/x-amz-json-1.0" ::+ Prelude.ByteString+ )+ ]+ )++instance+ Data.ToJSON+ UpdateFirewallEncryptionConfiguration+ where+ toJSON UpdateFirewallEncryptionConfiguration' {..} =+ Data.object+ ( Prelude.catMaybes+ [ ("EncryptionConfiguration" Data..=)+ Prelude.<$> encryptionConfiguration,+ ("FirewallArn" Data..=) Prelude.<$> firewallArn,+ ("FirewallName" Data..=) Prelude.<$> firewallName,+ ("UpdateToken" Data..=) Prelude.<$> updateToken+ ]+ )++instance+ Data.ToPath+ UpdateFirewallEncryptionConfiguration+ where+ toPath = Prelude.const "/"++instance+ Data.ToQuery+ UpdateFirewallEncryptionConfiguration+ where+ toQuery = Prelude.const Prelude.mempty++-- | /See:/ 'newUpdateFirewallEncryptionConfigurationResponse' smart constructor.+data UpdateFirewallEncryptionConfigurationResponse = UpdateFirewallEncryptionConfigurationResponse'+ { encryptionConfiguration :: Prelude.Maybe EncryptionConfiguration,+ -- | The Amazon Resource Name (ARN) of the firewall.+ firewallArn :: Prelude.Maybe Prelude.Text,+ -- | The descriptive name of the firewall. You can\'t change the name of a+ -- firewall after you create it.+ firewallName :: Prelude.Maybe Prelude.Text,+ -- | An optional token that you can use for optimistic locking. Network+ -- Firewall returns a token to your requests that access the firewall. The+ -- token marks the state of the firewall resource at the time of the+ -- request.+ --+ -- To make an unconditional change to the firewall, omit the token in your+ -- update request. Without the token, Network Firewall performs your+ -- updates regardless of whether the firewall has changed since you last+ -- retrieved it.+ --+ -- To make a conditional change to the firewall, provide the token in your+ -- update request. Network Firewall uses the token to ensure that the+ -- firewall hasn\'t changed since you last retrieved it. If it has changed,+ -- the operation fails with an @InvalidTokenException@. If this happens,+ -- retrieve the firewall again to get a current copy of it with a new+ -- token. Reapply your changes as needed, then try the operation again+ -- using the new token.+ updateToken :: Prelude.Maybe Prelude.Text,+ -- | The response's http status code.+ httpStatus :: Prelude.Int+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'UpdateFirewallEncryptionConfigurationResponse' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'encryptionConfiguration', 'updateFirewallEncryptionConfigurationResponse_encryptionConfiguration' - Undocumented member.+--+-- 'firewallArn', 'updateFirewallEncryptionConfigurationResponse_firewallArn' - The Amazon Resource Name (ARN) of the firewall.+--+-- 'firewallName', 'updateFirewallEncryptionConfigurationResponse_firewallName' - The descriptive name of the firewall. You can\'t change the name of a+-- firewall after you create it.+--+-- 'updateToken', 'updateFirewallEncryptionConfigurationResponse_updateToken' - An optional token that you can use for optimistic locking. Network+-- Firewall returns a token to your requests that access the firewall. The+-- token marks the state of the firewall resource at the time of the+-- request.+--+-- To make an unconditional change to the firewall, omit the token in your+-- update request. Without the token, Network Firewall performs your+-- updates regardless of whether the firewall has changed since you last+-- retrieved it.+--+-- To make a conditional change to the firewall, provide the token in your+-- update request. Network Firewall uses the token to ensure that the+-- firewall hasn\'t changed since you last retrieved it. If it has changed,+-- the operation fails with an @InvalidTokenException@. If this happens,+-- retrieve the firewall again to get a current copy of it with a new+-- token. Reapply your changes as needed, then try the operation again+-- using the new token.+--+-- 'httpStatus', 'updateFirewallEncryptionConfigurationResponse_httpStatus' - The response's http status code.+newUpdateFirewallEncryptionConfigurationResponse ::+ -- | 'httpStatus'+ Prelude.Int ->+ UpdateFirewallEncryptionConfigurationResponse+newUpdateFirewallEncryptionConfigurationResponse+ pHttpStatus_ =+ UpdateFirewallEncryptionConfigurationResponse'+ { encryptionConfiguration =+ Prelude.Nothing,+ firewallArn =+ Prelude.Nothing,+ firewallName =+ Prelude.Nothing,+ updateToken =+ Prelude.Nothing,+ httpStatus = pHttpStatus_+ }++-- | Undocumented member.+updateFirewallEncryptionConfigurationResponse_encryptionConfiguration :: Lens.Lens' UpdateFirewallEncryptionConfigurationResponse (Prelude.Maybe EncryptionConfiguration)+updateFirewallEncryptionConfigurationResponse_encryptionConfiguration = Lens.lens (\UpdateFirewallEncryptionConfigurationResponse' {encryptionConfiguration} -> encryptionConfiguration) (\s@UpdateFirewallEncryptionConfigurationResponse' {} a -> s {encryptionConfiguration = a} :: UpdateFirewallEncryptionConfigurationResponse)++-- | The Amazon Resource Name (ARN) of the firewall.+updateFirewallEncryptionConfigurationResponse_firewallArn :: Lens.Lens' UpdateFirewallEncryptionConfigurationResponse (Prelude.Maybe Prelude.Text)+updateFirewallEncryptionConfigurationResponse_firewallArn = Lens.lens (\UpdateFirewallEncryptionConfigurationResponse' {firewallArn} -> firewallArn) (\s@UpdateFirewallEncryptionConfigurationResponse' {} a -> s {firewallArn = a} :: UpdateFirewallEncryptionConfigurationResponse)++-- | The descriptive name of the firewall. You can\'t change the name of a+-- firewall after you create it.+updateFirewallEncryptionConfigurationResponse_firewallName :: Lens.Lens' UpdateFirewallEncryptionConfigurationResponse (Prelude.Maybe Prelude.Text)+updateFirewallEncryptionConfigurationResponse_firewallName = Lens.lens (\UpdateFirewallEncryptionConfigurationResponse' {firewallName} -> firewallName) (\s@UpdateFirewallEncryptionConfigurationResponse' {} a -> s {firewallName = a} :: UpdateFirewallEncryptionConfigurationResponse)++-- | An optional token that you can use for optimistic locking. Network+-- Firewall returns a token to your requests that access the firewall. The+-- token marks the state of the firewall resource at the time of the+-- request.+--+-- To make an unconditional change to the firewall, omit the token in your+-- update request. Without the token, Network Firewall performs your+-- updates regardless of whether the firewall has changed since you last+-- retrieved it.+--+-- To make a conditional change to the firewall, provide the token in your+-- update request. Network Firewall uses the token to ensure that the+-- firewall hasn\'t changed since you last retrieved it. If it has changed,+-- the operation fails with an @InvalidTokenException@. If this happens,+-- retrieve the firewall again to get a current copy of it with a new+-- token. Reapply your changes as needed, then try the operation again+-- using the new token.+updateFirewallEncryptionConfigurationResponse_updateToken :: Lens.Lens' UpdateFirewallEncryptionConfigurationResponse (Prelude.Maybe Prelude.Text)+updateFirewallEncryptionConfigurationResponse_updateToken = Lens.lens (\UpdateFirewallEncryptionConfigurationResponse' {updateToken} -> updateToken) (\s@UpdateFirewallEncryptionConfigurationResponse' {} a -> s {updateToken = a} :: UpdateFirewallEncryptionConfigurationResponse)++-- | The response's http status code.+updateFirewallEncryptionConfigurationResponse_httpStatus :: Lens.Lens' UpdateFirewallEncryptionConfigurationResponse Prelude.Int+updateFirewallEncryptionConfigurationResponse_httpStatus = Lens.lens (\UpdateFirewallEncryptionConfigurationResponse' {httpStatus} -> httpStatus) (\s@UpdateFirewallEncryptionConfigurationResponse' {} a -> s {httpStatus = a} :: UpdateFirewallEncryptionConfigurationResponse)++instance+ Prelude.NFData+ UpdateFirewallEncryptionConfigurationResponse+ where+ rnf+ UpdateFirewallEncryptionConfigurationResponse' {..} =+ Prelude.rnf encryptionConfiguration+ `Prelude.seq` Prelude.rnf firewallArn+ `Prelude.seq` Prelude.rnf firewallName+ `Prelude.seq` Prelude.rnf updateToken+ `Prelude.seq` Prelude.rnf httpStatus
+ gen/Amazonka/NetworkFirewall/UpdateFirewallPolicy.hs view
@@ -0,0 +1,400 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE TypeFamilies #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-binds #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.UpdateFirewallPolicy+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+--+-- Updates the properties of the specified firewall policy.+module Amazonka.NetworkFirewall.UpdateFirewallPolicy+ ( -- * Creating a Request+ UpdateFirewallPolicy (..),+ newUpdateFirewallPolicy,++ -- * Request Lenses+ updateFirewallPolicy_description,+ updateFirewallPolicy_dryRun,+ updateFirewallPolicy_encryptionConfiguration,+ updateFirewallPolicy_firewallPolicyArn,+ updateFirewallPolicy_firewallPolicyName,+ updateFirewallPolicy_updateToken,+ updateFirewallPolicy_firewallPolicy,++ -- * Destructuring the Response+ UpdateFirewallPolicyResponse (..),+ newUpdateFirewallPolicyResponse,++ -- * Response Lenses+ updateFirewallPolicyResponse_httpStatus,+ updateFirewallPolicyResponse_updateToken,+ updateFirewallPolicyResponse_firewallPolicyResponse,+ )+where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import Amazonka.NetworkFirewall.Types+import qualified Amazonka.Prelude as Prelude+import qualified Amazonka.Request as Request+import qualified Amazonka.Response as Response++-- | /See:/ 'newUpdateFirewallPolicy' smart constructor.+data UpdateFirewallPolicy = UpdateFirewallPolicy'+ { -- | A description of the firewall policy.+ description :: Prelude.Maybe Prelude.Text,+ -- | Indicates whether you want Network Firewall to just check the validity+ -- of the request, rather than run the request.+ --+ -- If set to @TRUE@, Network Firewall checks whether the request can run+ -- successfully, but doesn\'t actually make the requested changes. The call+ -- returns the value that the request would return if you ran it with dry+ -- run set to @FALSE@, but doesn\'t make additions or changes to your+ -- resources. This option allows you to make sure that you have the+ -- required permissions to run the request and that your request parameters+ -- are valid.+ --+ -- If set to @FALSE@, Network Firewall makes the requested changes to your+ -- resources.+ dryRun :: Prelude.Maybe Prelude.Bool,+ -- | A complex type that contains settings for encryption of your firewall+ -- policy resources.+ encryptionConfiguration :: Prelude.Maybe EncryptionConfiguration,+ -- | The Amazon Resource Name (ARN) of the firewall policy.+ --+ -- You must specify the ARN or the name, and you can specify both.+ firewallPolicyArn :: Prelude.Maybe Prelude.Text,+ -- | The descriptive name of the firewall policy. You can\'t change the name+ -- of a firewall policy after you create it.+ --+ -- You must specify the ARN or the name, and you can specify both.+ firewallPolicyName :: Prelude.Maybe Prelude.Text,+ -- | A token used for optimistic locking. Network Firewall returns a token to+ -- your requests that access the firewall policy. The token marks the state+ -- of the policy resource at the time of the request.+ --+ -- To make changes to the policy, you provide the token in your request.+ -- Network Firewall uses the token to ensure that the policy hasn\'t+ -- changed since you last retrieved it. If it has changed, the operation+ -- fails with an @InvalidTokenException@. If this happens, retrieve the+ -- firewall policy again to get a current copy of it with current token.+ -- Reapply your changes as needed, then try the operation again using the+ -- new token.+ updateToken :: Prelude.Text,+ -- | The updated firewall policy to use for the firewall.+ firewallPolicy :: FirewallPolicy+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'UpdateFirewallPolicy' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'description', 'updateFirewallPolicy_description' - A description of the firewall policy.+--+-- 'dryRun', 'updateFirewallPolicy_dryRun' - Indicates whether you want Network Firewall to just check the validity+-- of the request, rather than run the request.+--+-- If set to @TRUE@, Network Firewall checks whether the request can run+-- successfully, but doesn\'t actually make the requested changes. The call+-- returns the value that the request would return if you ran it with dry+-- run set to @FALSE@, but doesn\'t make additions or changes to your+-- resources. This option allows you to make sure that you have the+-- required permissions to run the request and that your request parameters+-- are valid.+--+-- If set to @FALSE@, Network Firewall makes the requested changes to your+-- resources.+--+-- 'encryptionConfiguration', 'updateFirewallPolicy_encryptionConfiguration' - A complex type that contains settings for encryption of your firewall+-- policy resources.+--+-- 'firewallPolicyArn', 'updateFirewallPolicy_firewallPolicyArn' - The Amazon Resource Name (ARN) of the firewall policy.+--+-- You must specify the ARN or the name, and you can specify both.+--+-- 'firewallPolicyName', 'updateFirewallPolicy_firewallPolicyName' - The descriptive name of the firewall policy. You can\'t change the name+-- of a firewall policy after you create it.+--+-- You must specify the ARN or the name, and you can specify both.+--+-- 'updateToken', 'updateFirewallPolicy_updateToken' - A token used for optimistic locking. Network Firewall returns a token to+-- your requests that access the firewall policy. The token marks the state+-- of the policy resource at the time of the request.+--+-- To make changes to the policy, you provide the token in your request.+-- Network Firewall uses the token to ensure that the policy hasn\'t+-- changed since you last retrieved it. If it has changed, the operation+-- fails with an @InvalidTokenException@. If this happens, retrieve the+-- firewall policy again to get a current copy of it with current token.+-- Reapply your changes as needed, then try the operation again using the+-- new token.+--+-- 'firewallPolicy', 'updateFirewallPolicy_firewallPolicy' - The updated firewall policy to use for the firewall.+newUpdateFirewallPolicy ::+ -- | 'updateToken'+ Prelude.Text ->+ -- | 'firewallPolicy'+ FirewallPolicy ->+ UpdateFirewallPolicy+newUpdateFirewallPolicy+ pUpdateToken_+ pFirewallPolicy_ =+ UpdateFirewallPolicy'+ { description =+ Prelude.Nothing,+ dryRun = Prelude.Nothing,+ encryptionConfiguration = Prelude.Nothing,+ firewallPolicyArn = Prelude.Nothing,+ firewallPolicyName = Prelude.Nothing,+ updateToken = pUpdateToken_,+ firewallPolicy = pFirewallPolicy_+ }++-- | A description of the firewall policy.+updateFirewallPolicy_description :: Lens.Lens' UpdateFirewallPolicy (Prelude.Maybe Prelude.Text)+updateFirewallPolicy_description = Lens.lens (\UpdateFirewallPolicy' {description} -> description) (\s@UpdateFirewallPolicy' {} a -> s {description = a} :: UpdateFirewallPolicy)++-- | Indicates whether you want Network Firewall to just check the validity+-- of the request, rather than run the request.+--+-- If set to @TRUE@, Network Firewall checks whether the request can run+-- successfully, but doesn\'t actually make the requested changes. The call+-- returns the value that the request would return if you ran it with dry+-- run set to @FALSE@, but doesn\'t make additions or changes to your+-- resources. This option allows you to make sure that you have the+-- required permissions to run the request and that your request parameters+-- are valid.+--+-- If set to @FALSE@, Network Firewall makes the requested changes to your+-- resources.+updateFirewallPolicy_dryRun :: Lens.Lens' UpdateFirewallPolicy (Prelude.Maybe Prelude.Bool)+updateFirewallPolicy_dryRun = Lens.lens (\UpdateFirewallPolicy' {dryRun} -> dryRun) (\s@UpdateFirewallPolicy' {} a -> s {dryRun = a} :: UpdateFirewallPolicy)++-- | A complex type that contains settings for encryption of your firewall+-- policy resources.+updateFirewallPolicy_encryptionConfiguration :: Lens.Lens' UpdateFirewallPolicy (Prelude.Maybe EncryptionConfiguration)+updateFirewallPolicy_encryptionConfiguration = Lens.lens (\UpdateFirewallPolicy' {encryptionConfiguration} -> encryptionConfiguration) (\s@UpdateFirewallPolicy' {} a -> s {encryptionConfiguration = a} :: UpdateFirewallPolicy)++-- | The Amazon Resource Name (ARN) of the firewall policy.+--+-- You must specify the ARN or the name, and you can specify both.+updateFirewallPolicy_firewallPolicyArn :: Lens.Lens' UpdateFirewallPolicy (Prelude.Maybe Prelude.Text)+updateFirewallPolicy_firewallPolicyArn = Lens.lens (\UpdateFirewallPolicy' {firewallPolicyArn} -> firewallPolicyArn) (\s@UpdateFirewallPolicy' {} a -> s {firewallPolicyArn = a} :: UpdateFirewallPolicy)++-- | The descriptive name of the firewall policy. You can\'t change the name+-- of a firewall policy after you create it.+--+-- You must specify the ARN or the name, and you can specify both.+updateFirewallPolicy_firewallPolicyName :: Lens.Lens' UpdateFirewallPolicy (Prelude.Maybe Prelude.Text)+updateFirewallPolicy_firewallPolicyName = Lens.lens (\UpdateFirewallPolicy' {firewallPolicyName} -> firewallPolicyName) (\s@UpdateFirewallPolicy' {} a -> s {firewallPolicyName = a} :: UpdateFirewallPolicy)++-- | A token used for optimistic locking. Network Firewall returns a token to+-- your requests that access the firewall policy. The token marks the state+-- of the policy resource at the time of the request.+--+-- To make changes to the policy, you provide the token in your request.+-- Network Firewall uses the token to ensure that the policy hasn\'t+-- changed since you last retrieved it. If it has changed, the operation+-- fails with an @InvalidTokenException@. If this happens, retrieve the+-- firewall policy again to get a current copy of it with current token.+-- Reapply your changes as needed, then try the operation again using the+-- new token.+updateFirewallPolicy_updateToken :: Lens.Lens' UpdateFirewallPolicy Prelude.Text+updateFirewallPolicy_updateToken = Lens.lens (\UpdateFirewallPolicy' {updateToken} -> updateToken) (\s@UpdateFirewallPolicy' {} a -> s {updateToken = a} :: UpdateFirewallPolicy)++-- | The updated firewall policy to use for the firewall.+updateFirewallPolicy_firewallPolicy :: Lens.Lens' UpdateFirewallPolicy FirewallPolicy+updateFirewallPolicy_firewallPolicy = Lens.lens (\UpdateFirewallPolicy' {firewallPolicy} -> firewallPolicy) (\s@UpdateFirewallPolicy' {} a -> s {firewallPolicy = a} :: UpdateFirewallPolicy)++instance Core.AWSRequest UpdateFirewallPolicy where+ type+ AWSResponse UpdateFirewallPolicy =+ UpdateFirewallPolicyResponse+ request overrides =+ Request.postJSON (overrides defaultService)+ response =+ Response.receiveJSON+ ( \s h x ->+ UpdateFirewallPolicyResponse'+ Prelude.<$> (Prelude.pure (Prelude.fromEnum s))+ Prelude.<*> (x Data..:> "UpdateToken")+ Prelude.<*> (x Data..:> "FirewallPolicyResponse")+ )++instance Prelude.Hashable UpdateFirewallPolicy where+ hashWithSalt _salt UpdateFirewallPolicy' {..} =+ _salt+ `Prelude.hashWithSalt` description+ `Prelude.hashWithSalt` dryRun+ `Prelude.hashWithSalt` encryptionConfiguration+ `Prelude.hashWithSalt` firewallPolicyArn+ `Prelude.hashWithSalt` firewallPolicyName+ `Prelude.hashWithSalt` updateToken+ `Prelude.hashWithSalt` firewallPolicy++instance Prelude.NFData UpdateFirewallPolicy where+ rnf UpdateFirewallPolicy' {..} =+ Prelude.rnf description+ `Prelude.seq` Prelude.rnf dryRun+ `Prelude.seq` Prelude.rnf encryptionConfiguration+ `Prelude.seq` Prelude.rnf firewallPolicyArn+ `Prelude.seq` Prelude.rnf firewallPolicyName+ `Prelude.seq` Prelude.rnf updateToken+ `Prelude.seq` Prelude.rnf firewallPolicy++instance Data.ToHeaders UpdateFirewallPolicy where+ toHeaders =+ Prelude.const+ ( Prelude.mconcat+ [ "X-Amz-Target"+ Data.=# ( "NetworkFirewall_20201112.UpdateFirewallPolicy" ::+ Prelude.ByteString+ ),+ "Content-Type"+ Data.=# ( "application/x-amz-json-1.0" ::+ Prelude.ByteString+ )+ ]+ )++instance Data.ToJSON UpdateFirewallPolicy where+ toJSON UpdateFirewallPolicy' {..} =+ Data.object+ ( Prelude.catMaybes+ [ ("Description" Data..=) Prelude.<$> description,+ ("DryRun" Data..=) Prelude.<$> dryRun,+ ("EncryptionConfiguration" Data..=)+ Prelude.<$> encryptionConfiguration,+ ("FirewallPolicyArn" Data..=)+ Prelude.<$> firewallPolicyArn,+ ("FirewallPolicyName" Data..=)+ Prelude.<$> firewallPolicyName,+ Prelude.Just ("UpdateToken" Data..= updateToken),+ Prelude.Just+ ("FirewallPolicy" Data..= firewallPolicy)+ ]+ )++instance Data.ToPath UpdateFirewallPolicy where+ toPath = Prelude.const "/"++instance Data.ToQuery UpdateFirewallPolicy where+ toQuery = Prelude.const Prelude.mempty++-- | /See:/ 'newUpdateFirewallPolicyResponse' smart constructor.+data UpdateFirewallPolicyResponse = UpdateFirewallPolicyResponse'+ { -- | The response's http status code.+ httpStatus :: Prelude.Int,+ -- | A token used for optimistic locking. Network Firewall returns a token to+ -- your requests that access the firewall policy. The token marks the state+ -- of the policy resource at the time of the request.+ --+ -- To make changes to the policy, you provide the token in your request.+ -- Network Firewall uses the token to ensure that the policy hasn\'t+ -- changed since you last retrieved it. If it has changed, the operation+ -- fails with an @InvalidTokenException@. If this happens, retrieve the+ -- firewall policy again to get a current copy of it with current token.+ -- Reapply your changes as needed, then try the operation again using the+ -- new token.+ updateToken :: Prelude.Text,+ -- | The high-level properties of a firewall policy. This, along with the+ -- FirewallPolicy, define the policy. You can retrieve all objects for a+ -- firewall policy by calling DescribeFirewallPolicy.+ firewallPolicyResponse :: FirewallPolicyResponse+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'UpdateFirewallPolicyResponse' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'httpStatus', 'updateFirewallPolicyResponse_httpStatus' - The response's http status code.+--+-- 'updateToken', 'updateFirewallPolicyResponse_updateToken' - A token used for optimistic locking. Network Firewall returns a token to+-- your requests that access the firewall policy. The token marks the state+-- of the policy resource at the time of the request.+--+-- To make changes to the policy, you provide the token in your request.+-- Network Firewall uses the token to ensure that the policy hasn\'t+-- changed since you last retrieved it. If it has changed, the operation+-- fails with an @InvalidTokenException@. If this happens, retrieve the+-- firewall policy again to get a current copy of it with current token.+-- Reapply your changes as needed, then try the operation again using the+-- new token.+--+-- 'firewallPolicyResponse', 'updateFirewallPolicyResponse_firewallPolicyResponse' - The high-level properties of a firewall policy. This, along with the+-- FirewallPolicy, define the policy. You can retrieve all objects for a+-- firewall policy by calling DescribeFirewallPolicy.+newUpdateFirewallPolicyResponse ::+ -- | 'httpStatus'+ Prelude.Int ->+ -- | 'updateToken'+ Prelude.Text ->+ -- | 'firewallPolicyResponse'+ FirewallPolicyResponse ->+ UpdateFirewallPolicyResponse+newUpdateFirewallPolicyResponse+ pHttpStatus_+ pUpdateToken_+ pFirewallPolicyResponse_ =+ UpdateFirewallPolicyResponse'+ { httpStatus =+ pHttpStatus_,+ updateToken = pUpdateToken_,+ firewallPolicyResponse =+ pFirewallPolicyResponse_+ }++-- | The response's http status code.+updateFirewallPolicyResponse_httpStatus :: Lens.Lens' UpdateFirewallPolicyResponse Prelude.Int+updateFirewallPolicyResponse_httpStatus = Lens.lens (\UpdateFirewallPolicyResponse' {httpStatus} -> httpStatus) (\s@UpdateFirewallPolicyResponse' {} a -> s {httpStatus = a} :: UpdateFirewallPolicyResponse)++-- | A token used for optimistic locking. Network Firewall returns a token to+-- your requests that access the firewall policy. The token marks the state+-- of the policy resource at the time of the request.+--+-- To make changes to the policy, you provide the token in your request.+-- Network Firewall uses the token to ensure that the policy hasn\'t+-- changed since you last retrieved it. If it has changed, the operation+-- fails with an @InvalidTokenException@. If this happens, retrieve the+-- firewall policy again to get a current copy of it with current token.+-- Reapply your changes as needed, then try the operation again using the+-- new token.+updateFirewallPolicyResponse_updateToken :: Lens.Lens' UpdateFirewallPolicyResponse Prelude.Text+updateFirewallPolicyResponse_updateToken = Lens.lens (\UpdateFirewallPolicyResponse' {updateToken} -> updateToken) (\s@UpdateFirewallPolicyResponse' {} a -> s {updateToken = a} :: UpdateFirewallPolicyResponse)++-- | The high-level properties of a firewall policy. This, along with the+-- FirewallPolicy, define the policy. You can retrieve all objects for a+-- firewall policy by calling DescribeFirewallPolicy.+updateFirewallPolicyResponse_firewallPolicyResponse :: Lens.Lens' UpdateFirewallPolicyResponse FirewallPolicyResponse+updateFirewallPolicyResponse_firewallPolicyResponse = Lens.lens (\UpdateFirewallPolicyResponse' {firewallPolicyResponse} -> firewallPolicyResponse) (\s@UpdateFirewallPolicyResponse' {} a -> s {firewallPolicyResponse = a} :: UpdateFirewallPolicyResponse)++instance Prelude.NFData UpdateFirewallPolicyResponse where+ rnf UpdateFirewallPolicyResponse' {..} =+ Prelude.rnf httpStatus+ `Prelude.seq` Prelude.rnf updateToken+ `Prelude.seq` Prelude.rnf firewallPolicyResponse
+ gen/Amazonka/NetworkFirewall/UpdateFirewallPolicyChangeProtection.hs view
@@ -0,0 +1,424 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE TypeFamilies #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-binds #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.UpdateFirewallPolicyChangeProtection+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+--+-- Modifies the flag, @ChangeProtection@, which indicates whether it is+-- possible to change the firewall. If the flag is set to @TRUE@, the+-- firewall is protected from changes. This setting helps protect against+-- accidentally changing a firewall that\'s in use.+module Amazonka.NetworkFirewall.UpdateFirewallPolicyChangeProtection+ ( -- * Creating a Request+ UpdateFirewallPolicyChangeProtection (..),+ newUpdateFirewallPolicyChangeProtection,++ -- * Request Lenses+ updateFirewallPolicyChangeProtection_firewallArn,+ updateFirewallPolicyChangeProtection_firewallName,+ updateFirewallPolicyChangeProtection_updateToken,+ updateFirewallPolicyChangeProtection_firewallPolicyChangeProtection,++ -- * Destructuring the Response+ UpdateFirewallPolicyChangeProtectionResponse (..),+ newUpdateFirewallPolicyChangeProtectionResponse,++ -- * Response Lenses+ updateFirewallPolicyChangeProtectionResponse_firewallArn,+ updateFirewallPolicyChangeProtectionResponse_firewallName,+ updateFirewallPolicyChangeProtectionResponse_firewallPolicyChangeProtection,+ updateFirewallPolicyChangeProtectionResponse_updateToken,+ updateFirewallPolicyChangeProtectionResponse_httpStatus,+ )+where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import Amazonka.NetworkFirewall.Types+import qualified Amazonka.Prelude as Prelude+import qualified Amazonka.Request as Request+import qualified Amazonka.Response as Response++-- | /See:/ 'newUpdateFirewallPolicyChangeProtection' smart constructor.+data UpdateFirewallPolicyChangeProtection = UpdateFirewallPolicyChangeProtection'+ { -- | The Amazon Resource Name (ARN) of the firewall.+ --+ -- You must specify the ARN or the name, and you can specify both.+ firewallArn :: Prelude.Maybe Prelude.Text,+ -- | The descriptive name of the firewall. You can\'t change the name of a+ -- firewall after you create it.+ --+ -- You must specify the ARN or the name, and you can specify both.+ firewallName :: Prelude.Maybe Prelude.Text,+ -- | An optional token that you can use for optimistic locking. Network+ -- Firewall returns a token to your requests that access the firewall. The+ -- token marks the state of the firewall resource at the time of the+ -- request.+ --+ -- To make an unconditional change to the firewall, omit the token in your+ -- update request. Without the token, Network Firewall performs your+ -- updates regardless of whether the firewall has changed since you last+ -- retrieved it.+ --+ -- To make a conditional change to the firewall, provide the token in your+ -- update request. Network Firewall uses the token to ensure that the+ -- firewall hasn\'t changed since you last retrieved it. If it has changed,+ -- the operation fails with an @InvalidTokenException@. If this happens,+ -- retrieve the firewall again to get a current copy of it with a new+ -- token. Reapply your changes as needed, then try the operation again+ -- using the new token.+ updateToken :: Prelude.Maybe Prelude.Text,+ -- | A setting indicating whether the firewall is protected against a change+ -- to the firewall policy association. Use this setting to protect against+ -- accidentally modifying the firewall policy for a firewall that is in+ -- use. When you create a firewall, the operation initializes this setting+ -- to @TRUE@.+ firewallPolicyChangeProtection :: Prelude.Bool+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'UpdateFirewallPolicyChangeProtection' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'firewallArn', 'updateFirewallPolicyChangeProtection_firewallArn' - The Amazon Resource Name (ARN) of the firewall.+--+-- You must specify the ARN or the name, and you can specify both.+--+-- 'firewallName', 'updateFirewallPolicyChangeProtection_firewallName' - The descriptive name of the firewall. You can\'t change the name of a+-- firewall after you create it.+--+-- You must specify the ARN or the name, and you can specify both.+--+-- 'updateToken', 'updateFirewallPolicyChangeProtection_updateToken' - An optional token that you can use for optimistic locking. Network+-- Firewall returns a token to your requests that access the firewall. The+-- token marks the state of the firewall resource at the time of the+-- request.+--+-- To make an unconditional change to the firewall, omit the token in your+-- update request. Without the token, Network Firewall performs your+-- updates regardless of whether the firewall has changed since you last+-- retrieved it.+--+-- To make a conditional change to the firewall, provide the token in your+-- update request. Network Firewall uses the token to ensure that the+-- firewall hasn\'t changed since you last retrieved it. If it has changed,+-- the operation fails with an @InvalidTokenException@. If this happens,+-- retrieve the firewall again to get a current copy of it with a new+-- token. Reapply your changes as needed, then try the operation again+-- using the new token.+--+-- 'firewallPolicyChangeProtection', 'updateFirewallPolicyChangeProtection_firewallPolicyChangeProtection' - A setting indicating whether the firewall is protected against a change+-- to the firewall policy association. Use this setting to protect against+-- accidentally modifying the firewall policy for a firewall that is in+-- use. When you create a firewall, the operation initializes this setting+-- to @TRUE@.+newUpdateFirewallPolicyChangeProtection ::+ -- | 'firewallPolicyChangeProtection'+ Prelude.Bool ->+ UpdateFirewallPolicyChangeProtection+newUpdateFirewallPolicyChangeProtection+ pFirewallPolicyChangeProtection_ =+ UpdateFirewallPolicyChangeProtection'+ { firewallArn =+ Prelude.Nothing,+ firewallName = Prelude.Nothing,+ updateToken = Prelude.Nothing,+ firewallPolicyChangeProtection =+ pFirewallPolicyChangeProtection_+ }++-- | The Amazon Resource Name (ARN) of the firewall.+--+-- You must specify the ARN or the name, and you can specify both.+updateFirewallPolicyChangeProtection_firewallArn :: Lens.Lens' UpdateFirewallPolicyChangeProtection (Prelude.Maybe Prelude.Text)+updateFirewallPolicyChangeProtection_firewallArn = Lens.lens (\UpdateFirewallPolicyChangeProtection' {firewallArn} -> firewallArn) (\s@UpdateFirewallPolicyChangeProtection' {} a -> s {firewallArn = a} :: UpdateFirewallPolicyChangeProtection)++-- | The descriptive name of the firewall. You can\'t change the name of a+-- firewall after you create it.+--+-- You must specify the ARN or the name, and you can specify both.+updateFirewallPolicyChangeProtection_firewallName :: Lens.Lens' UpdateFirewallPolicyChangeProtection (Prelude.Maybe Prelude.Text)+updateFirewallPolicyChangeProtection_firewallName = Lens.lens (\UpdateFirewallPolicyChangeProtection' {firewallName} -> firewallName) (\s@UpdateFirewallPolicyChangeProtection' {} a -> s {firewallName = a} :: UpdateFirewallPolicyChangeProtection)++-- | An optional token that you can use for optimistic locking. Network+-- Firewall returns a token to your requests that access the firewall. The+-- token marks the state of the firewall resource at the time of the+-- request.+--+-- To make an unconditional change to the firewall, omit the token in your+-- update request. Without the token, Network Firewall performs your+-- updates regardless of whether the firewall has changed since you last+-- retrieved it.+--+-- To make a conditional change to the firewall, provide the token in your+-- update request. Network Firewall uses the token to ensure that the+-- firewall hasn\'t changed since you last retrieved it. If it has changed,+-- the operation fails with an @InvalidTokenException@. If this happens,+-- retrieve the firewall again to get a current copy of it with a new+-- token. Reapply your changes as needed, then try the operation again+-- using the new token.+updateFirewallPolicyChangeProtection_updateToken :: Lens.Lens' UpdateFirewallPolicyChangeProtection (Prelude.Maybe Prelude.Text)+updateFirewallPolicyChangeProtection_updateToken = Lens.lens (\UpdateFirewallPolicyChangeProtection' {updateToken} -> updateToken) (\s@UpdateFirewallPolicyChangeProtection' {} a -> s {updateToken = a} :: UpdateFirewallPolicyChangeProtection)++-- | A setting indicating whether the firewall is protected against a change+-- to the firewall policy association. Use this setting to protect against+-- accidentally modifying the firewall policy for a firewall that is in+-- use. When you create a firewall, the operation initializes this setting+-- to @TRUE@.+updateFirewallPolicyChangeProtection_firewallPolicyChangeProtection :: Lens.Lens' UpdateFirewallPolicyChangeProtection Prelude.Bool+updateFirewallPolicyChangeProtection_firewallPolicyChangeProtection = Lens.lens (\UpdateFirewallPolicyChangeProtection' {firewallPolicyChangeProtection} -> firewallPolicyChangeProtection) (\s@UpdateFirewallPolicyChangeProtection' {} a -> s {firewallPolicyChangeProtection = a} :: UpdateFirewallPolicyChangeProtection)++instance+ Core.AWSRequest+ UpdateFirewallPolicyChangeProtection+ where+ type+ AWSResponse UpdateFirewallPolicyChangeProtection =+ UpdateFirewallPolicyChangeProtectionResponse+ request overrides =+ Request.postJSON (overrides defaultService)+ response =+ Response.receiveJSON+ ( \s h x ->+ UpdateFirewallPolicyChangeProtectionResponse'+ Prelude.<$> (x Data..?> "FirewallArn")+ Prelude.<*> (x Data..?> "FirewallName")+ Prelude.<*> (x Data..?> "FirewallPolicyChangeProtection")+ Prelude.<*> (x Data..?> "UpdateToken")+ Prelude.<*> (Prelude.pure (Prelude.fromEnum s))+ )++instance+ Prelude.Hashable+ UpdateFirewallPolicyChangeProtection+ where+ hashWithSalt+ _salt+ UpdateFirewallPolicyChangeProtection' {..} =+ _salt+ `Prelude.hashWithSalt` firewallArn+ `Prelude.hashWithSalt` firewallName+ `Prelude.hashWithSalt` updateToken+ `Prelude.hashWithSalt` firewallPolicyChangeProtection++instance+ Prelude.NFData+ UpdateFirewallPolicyChangeProtection+ where+ rnf UpdateFirewallPolicyChangeProtection' {..} =+ Prelude.rnf firewallArn+ `Prelude.seq` Prelude.rnf firewallName+ `Prelude.seq` Prelude.rnf updateToken+ `Prelude.seq` Prelude.rnf firewallPolicyChangeProtection++instance+ Data.ToHeaders+ UpdateFirewallPolicyChangeProtection+ where+ toHeaders =+ Prelude.const+ ( Prelude.mconcat+ [ "X-Amz-Target"+ Data.=# ( "NetworkFirewall_20201112.UpdateFirewallPolicyChangeProtection" ::+ Prelude.ByteString+ ),+ "Content-Type"+ Data.=# ( "application/x-amz-json-1.0" ::+ Prelude.ByteString+ )+ ]+ )++instance+ Data.ToJSON+ UpdateFirewallPolicyChangeProtection+ where+ toJSON UpdateFirewallPolicyChangeProtection' {..} =+ Data.object+ ( Prelude.catMaybes+ [ ("FirewallArn" Data..=) Prelude.<$> firewallArn,+ ("FirewallName" Data..=) Prelude.<$> firewallName,+ ("UpdateToken" Data..=) Prelude.<$> updateToken,+ Prelude.Just+ ( "FirewallPolicyChangeProtection"+ Data..= firewallPolicyChangeProtection+ )+ ]+ )++instance+ Data.ToPath+ UpdateFirewallPolicyChangeProtection+ where+ toPath = Prelude.const "/"++instance+ Data.ToQuery+ UpdateFirewallPolicyChangeProtection+ where+ toQuery = Prelude.const Prelude.mempty++-- | /See:/ 'newUpdateFirewallPolicyChangeProtectionResponse' smart constructor.+data UpdateFirewallPolicyChangeProtectionResponse = UpdateFirewallPolicyChangeProtectionResponse'+ { -- | The Amazon Resource Name (ARN) of the firewall.+ firewallArn :: Prelude.Maybe Prelude.Text,+ -- | The descriptive name of the firewall. You can\'t change the name of a+ -- firewall after you create it.+ firewallName :: Prelude.Maybe Prelude.Text,+ -- | A setting indicating whether the firewall is protected against a change+ -- to the firewall policy association. Use this setting to protect against+ -- accidentally modifying the firewall policy for a firewall that is in+ -- use. When you create a firewall, the operation initializes this setting+ -- to @TRUE@.+ firewallPolicyChangeProtection :: Prelude.Maybe Prelude.Bool,+ -- | An optional token that you can use for optimistic locking. Network+ -- Firewall returns a token to your requests that access the firewall. The+ -- token marks the state of the firewall resource at the time of the+ -- request.+ --+ -- To make an unconditional change to the firewall, omit the token in your+ -- update request. Without the token, Network Firewall performs your+ -- updates regardless of whether the firewall has changed since you last+ -- retrieved it.+ --+ -- To make a conditional change to the firewall, provide the token in your+ -- update request. Network Firewall uses the token to ensure that the+ -- firewall hasn\'t changed since you last retrieved it. If it has changed,+ -- the operation fails with an @InvalidTokenException@. If this happens,+ -- retrieve the firewall again to get a current copy of it with a new+ -- token. Reapply your changes as needed, then try the operation again+ -- using the new token.+ updateToken :: Prelude.Maybe Prelude.Text,+ -- | The response's http status code.+ httpStatus :: Prelude.Int+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'UpdateFirewallPolicyChangeProtectionResponse' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'firewallArn', 'updateFirewallPolicyChangeProtectionResponse_firewallArn' - The Amazon Resource Name (ARN) of the firewall.+--+-- 'firewallName', 'updateFirewallPolicyChangeProtectionResponse_firewallName' - The descriptive name of the firewall. You can\'t change the name of a+-- firewall after you create it.+--+-- 'firewallPolicyChangeProtection', 'updateFirewallPolicyChangeProtectionResponse_firewallPolicyChangeProtection' - A setting indicating whether the firewall is protected against a change+-- to the firewall policy association. Use this setting to protect against+-- accidentally modifying the firewall policy for a firewall that is in+-- use. When you create a firewall, the operation initializes this setting+-- to @TRUE@.+--+-- 'updateToken', 'updateFirewallPolicyChangeProtectionResponse_updateToken' - An optional token that you can use for optimistic locking. Network+-- Firewall returns a token to your requests that access the firewall. The+-- token marks the state of the firewall resource at the time of the+-- request.+--+-- To make an unconditional change to the firewall, omit the token in your+-- update request. Without the token, Network Firewall performs your+-- updates regardless of whether the firewall has changed since you last+-- retrieved it.+--+-- To make a conditional change to the firewall, provide the token in your+-- update request. Network Firewall uses the token to ensure that the+-- firewall hasn\'t changed since you last retrieved it. If it has changed,+-- the operation fails with an @InvalidTokenException@. If this happens,+-- retrieve the firewall again to get a current copy of it with a new+-- token. Reapply your changes as needed, then try the operation again+-- using the new token.+--+-- 'httpStatus', 'updateFirewallPolicyChangeProtectionResponse_httpStatus' - The response's http status code.+newUpdateFirewallPolicyChangeProtectionResponse ::+ -- | 'httpStatus'+ Prelude.Int ->+ UpdateFirewallPolicyChangeProtectionResponse+newUpdateFirewallPolicyChangeProtectionResponse+ pHttpStatus_ =+ UpdateFirewallPolicyChangeProtectionResponse'+ { firewallArn =+ Prelude.Nothing,+ firewallName =+ Prelude.Nothing,+ firewallPolicyChangeProtection =+ Prelude.Nothing,+ updateToken = Prelude.Nothing,+ httpStatus = pHttpStatus_+ }++-- | The Amazon Resource Name (ARN) of the firewall.+updateFirewallPolicyChangeProtectionResponse_firewallArn :: Lens.Lens' UpdateFirewallPolicyChangeProtectionResponse (Prelude.Maybe Prelude.Text)+updateFirewallPolicyChangeProtectionResponse_firewallArn = Lens.lens (\UpdateFirewallPolicyChangeProtectionResponse' {firewallArn} -> firewallArn) (\s@UpdateFirewallPolicyChangeProtectionResponse' {} a -> s {firewallArn = a} :: UpdateFirewallPolicyChangeProtectionResponse)++-- | The descriptive name of the firewall. You can\'t change the name of a+-- firewall after you create it.+updateFirewallPolicyChangeProtectionResponse_firewallName :: Lens.Lens' UpdateFirewallPolicyChangeProtectionResponse (Prelude.Maybe Prelude.Text)+updateFirewallPolicyChangeProtectionResponse_firewallName = Lens.lens (\UpdateFirewallPolicyChangeProtectionResponse' {firewallName} -> firewallName) (\s@UpdateFirewallPolicyChangeProtectionResponse' {} a -> s {firewallName = a} :: UpdateFirewallPolicyChangeProtectionResponse)++-- | A setting indicating whether the firewall is protected against a change+-- to the firewall policy association. Use this setting to protect against+-- accidentally modifying the firewall policy for a firewall that is in+-- use. When you create a firewall, the operation initializes this setting+-- to @TRUE@.+updateFirewallPolicyChangeProtectionResponse_firewallPolicyChangeProtection :: Lens.Lens' UpdateFirewallPolicyChangeProtectionResponse (Prelude.Maybe Prelude.Bool)+updateFirewallPolicyChangeProtectionResponse_firewallPolicyChangeProtection = Lens.lens (\UpdateFirewallPolicyChangeProtectionResponse' {firewallPolicyChangeProtection} -> firewallPolicyChangeProtection) (\s@UpdateFirewallPolicyChangeProtectionResponse' {} a -> s {firewallPolicyChangeProtection = a} :: UpdateFirewallPolicyChangeProtectionResponse)++-- | An optional token that you can use for optimistic locking. Network+-- Firewall returns a token to your requests that access the firewall. The+-- token marks the state of the firewall resource at the time of the+-- request.+--+-- To make an unconditional change to the firewall, omit the token in your+-- update request. Without the token, Network Firewall performs your+-- updates regardless of whether the firewall has changed since you last+-- retrieved it.+--+-- To make a conditional change to the firewall, provide the token in your+-- update request. Network Firewall uses the token to ensure that the+-- firewall hasn\'t changed since you last retrieved it. If it has changed,+-- the operation fails with an @InvalidTokenException@. If this happens,+-- retrieve the firewall again to get a current copy of it with a new+-- token. Reapply your changes as needed, then try the operation again+-- using the new token.+updateFirewallPolicyChangeProtectionResponse_updateToken :: Lens.Lens' UpdateFirewallPolicyChangeProtectionResponse (Prelude.Maybe Prelude.Text)+updateFirewallPolicyChangeProtectionResponse_updateToken = Lens.lens (\UpdateFirewallPolicyChangeProtectionResponse' {updateToken} -> updateToken) (\s@UpdateFirewallPolicyChangeProtectionResponse' {} a -> s {updateToken = a} :: UpdateFirewallPolicyChangeProtectionResponse)++-- | The response's http status code.+updateFirewallPolicyChangeProtectionResponse_httpStatus :: Lens.Lens' UpdateFirewallPolicyChangeProtectionResponse Prelude.Int+updateFirewallPolicyChangeProtectionResponse_httpStatus = Lens.lens (\UpdateFirewallPolicyChangeProtectionResponse' {httpStatus} -> httpStatus) (\s@UpdateFirewallPolicyChangeProtectionResponse' {} a -> s {httpStatus = a} :: UpdateFirewallPolicyChangeProtectionResponse)++instance+ Prelude.NFData+ UpdateFirewallPolicyChangeProtectionResponse+ where+ rnf UpdateFirewallPolicyChangeProtectionResponse' {..} =+ Prelude.rnf firewallArn+ `Prelude.seq` Prelude.rnf firewallName+ `Prelude.seq` Prelude.rnf firewallPolicyChangeProtection+ `Prelude.seq` Prelude.rnf updateToken+ `Prelude.seq` Prelude.rnf httpStatus
+ gen/Amazonka/NetworkFirewall/UpdateLoggingConfiguration.hs view
@@ -0,0 +1,269 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE TypeFamilies #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-binds #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.UpdateLoggingConfiguration+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+--+-- Sets the logging configuration for the specified firewall.+--+-- To change the logging configuration, retrieve the LoggingConfiguration+-- by calling DescribeLoggingConfiguration, then change it and provide the+-- modified object to this update call. You must change the logging+-- configuration one LogDestinationConfig at a time inside the retrieved+-- LoggingConfiguration object.+--+-- You can perform only one of the following actions in any call to+-- @UpdateLoggingConfiguration@:+--+-- - Create a new log destination object by adding a single+-- @LogDestinationConfig@ array element to @LogDestinationConfigs@.+--+-- - Delete a log destination object by removing a single+-- @LogDestinationConfig@ array element from @LogDestinationConfigs@.+--+-- - Change the @LogDestination@ setting in a single+-- @LogDestinationConfig@ array element.+--+-- You can\'t change the @LogDestinationType@ or @LogType@ in a+-- @LogDestinationConfig@. To change these settings, delete the existing+-- @LogDestinationConfig@ object and create a new one, using two separate+-- calls to this update operation.+module Amazonka.NetworkFirewall.UpdateLoggingConfiguration+ ( -- * Creating a Request+ UpdateLoggingConfiguration (..),+ newUpdateLoggingConfiguration,++ -- * Request Lenses+ updateLoggingConfiguration_firewallArn,+ updateLoggingConfiguration_firewallName,+ updateLoggingConfiguration_loggingConfiguration,++ -- * Destructuring the Response+ UpdateLoggingConfigurationResponse (..),+ newUpdateLoggingConfigurationResponse,++ -- * Response Lenses+ updateLoggingConfigurationResponse_firewallArn,+ updateLoggingConfigurationResponse_firewallName,+ updateLoggingConfigurationResponse_loggingConfiguration,+ updateLoggingConfigurationResponse_httpStatus,+ )+where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import Amazonka.NetworkFirewall.Types+import qualified Amazonka.Prelude as Prelude+import qualified Amazonka.Request as Request+import qualified Amazonka.Response as Response++-- | /See:/ 'newUpdateLoggingConfiguration' smart constructor.+data UpdateLoggingConfiguration = UpdateLoggingConfiguration'+ { -- | The Amazon Resource Name (ARN) of the firewall.+ --+ -- You must specify the ARN or the name, and you can specify both.+ firewallArn :: Prelude.Maybe Prelude.Text,+ -- | The descriptive name of the firewall. You can\'t change the name of a+ -- firewall after you create it.+ --+ -- You must specify the ARN or the name, and you can specify both.+ firewallName :: Prelude.Maybe Prelude.Text,+ -- | Defines how Network Firewall performs logging for a firewall. If you+ -- omit this setting, Network Firewall disables logging for the firewall.+ loggingConfiguration :: Prelude.Maybe LoggingConfiguration+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'UpdateLoggingConfiguration' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'firewallArn', 'updateLoggingConfiguration_firewallArn' - The Amazon Resource Name (ARN) of the firewall.+--+-- You must specify the ARN or the name, and you can specify both.+--+-- 'firewallName', 'updateLoggingConfiguration_firewallName' - The descriptive name of the firewall. You can\'t change the name of a+-- firewall after you create it.+--+-- You must specify the ARN or the name, and you can specify both.+--+-- 'loggingConfiguration', 'updateLoggingConfiguration_loggingConfiguration' - Defines how Network Firewall performs logging for a firewall. If you+-- omit this setting, Network Firewall disables logging for the firewall.+newUpdateLoggingConfiguration ::+ UpdateLoggingConfiguration+newUpdateLoggingConfiguration =+ UpdateLoggingConfiguration'+ { firewallArn =+ Prelude.Nothing,+ firewallName = Prelude.Nothing,+ loggingConfiguration = Prelude.Nothing+ }++-- | The Amazon Resource Name (ARN) of the firewall.+--+-- You must specify the ARN or the name, and you can specify both.+updateLoggingConfiguration_firewallArn :: Lens.Lens' UpdateLoggingConfiguration (Prelude.Maybe Prelude.Text)+updateLoggingConfiguration_firewallArn = Lens.lens (\UpdateLoggingConfiguration' {firewallArn} -> firewallArn) (\s@UpdateLoggingConfiguration' {} a -> s {firewallArn = a} :: UpdateLoggingConfiguration)++-- | The descriptive name of the firewall. You can\'t change the name of a+-- firewall after you create it.+--+-- You must specify the ARN or the name, and you can specify both.+updateLoggingConfiguration_firewallName :: Lens.Lens' UpdateLoggingConfiguration (Prelude.Maybe Prelude.Text)+updateLoggingConfiguration_firewallName = Lens.lens (\UpdateLoggingConfiguration' {firewallName} -> firewallName) (\s@UpdateLoggingConfiguration' {} a -> s {firewallName = a} :: UpdateLoggingConfiguration)++-- | Defines how Network Firewall performs logging for a firewall. If you+-- omit this setting, Network Firewall disables logging for the firewall.+updateLoggingConfiguration_loggingConfiguration :: Lens.Lens' UpdateLoggingConfiguration (Prelude.Maybe LoggingConfiguration)+updateLoggingConfiguration_loggingConfiguration = Lens.lens (\UpdateLoggingConfiguration' {loggingConfiguration} -> loggingConfiguration) (\s@UpdateLoggingConfiguration' {} a -> s {loggingConfiguration = a} :: UpdateLoggingConfiguration)++instance Core.AWSRequest UpdateLoggingConfiguration where+ type+ AWSResponse UpdateLoggingConfiguration =+ UpdateLoggingConfigurationResponse+ request overrides =+ Request.postJSON (overrides defaultService)+ response =+ Response.receiveJSON+ ( \s h x ->+ UpdateLoggingConfigurationResponse'+ Prelude.<$> (x Data..?> "FirewallArn")+ Prelude.<*> (x Data..?> "FirewallName")+ Prelude.<*> (x Data..?> "LoggingConfiguration")+ Prelude.<*> (Prelude.pure (Prelude.fromEnum s))+ )++instance Prelude.Hashable UpdateLoggingConfiguration where+ hashWithSalt _salt UpdateLoggingConfiguration' {..} =+ _salt+ `Prelude.hashWithSalt` firewallArn+ `Prelude.hashWithSalt` firewallName+ `Prelude.hashWithSalt` loggingConfiguration++instance Prelude.NFData UpdateLoggingConfiguration where+ rnf UpdateLoggingConfiguration' {..} =+ Prelude.rnf firewallArn+ `Prelude.seq` Prelude.rnf firewallName+ `Prelude.seq` Prelude.rnf loggingConfiguration++instance Data.ToHeaders UpdateLoggingConfiguration where+ toHeaders =+ Prelude.const+ ( Prelude.mconcat+ [ "X-Amz-Target"+ Data.=# ( "NetworkFirewall_20201112.UpdateLoggingConfiguration" ::+ Prelude.ByteString+ ),+ "Content-Type"+ Data.=# ( "application/x-amz-json-1.0" ::+ Prelude.ByteString+ )+ ]+ )++instance Data.ToJSON UpdateLoggingConfiguration where+ toJSON UpdateLoggingConfiguration' {..} =+ Data.object+ ( Prelude.catMaybes+ [ ("FirewallArn" Data..=) Prelude.<$> firewallArn,+ ("FirewallName" Data..=) Prelude.<$> firewallName,+ ("LoggingConfiguration" Data..=)+ Prelude.<$> loggingConfiguration+ ]+ )++instance Data.ToPath UpdateLoggingConfiguration where+ toPath = Prelude.const "/"++instance Data.ToQuery UpdateLoggingConfiguration where+ toQuery = Prelude.const Prelude.mempty++-- | /See:/ 'newUpdateLoggingConfigurationResponse' smart constructor.+data UpdateLoggingConfigurationResponse = UpdateLoggingConfigurationResponse'+ { -- | The Amazon Resource Name (ARN) of the firewall.+ firewallArn :: Prelude.Maybe Prelude.Text,+ -- | The descriptive name of the firewall. You can\'t change the name of a+ -- firewall after you create it.+ firewallName :: Prelude.Maybe Prelude.Text,+ loggingConfiguration :: Prelude.Maybe LoggingConfiguration,+ -- | The response's http status code.+ httpStatus :: Prelude.Int+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'UpdateLoggingConfigurationResponse' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'firewallArn', 'updateLoggingConfigurationResponse_firewallArn' - The Amazon Resource Name (ARN) of the firewall.+--+-- 'firewallName', 'updateLoggingConfigurationResponse_firewallName' - The descriptive name of the firewall. You can\'t change the name of a+-- firewall after you create it.+--+-- 'loggingConfiguration', 'updateLoggingConfigurationResponse_loggingConfiguration' - Undocumented member.+--+-- 'httpStatus', 'updateLoggingConfigurationResponse_httpStatus' - The response's http status code.+newUpdateLoggingConfigurationResponse ::+ -- | 'httpStatus'+ Prelude.Int ->+ UpdateLoggingConfigurationResponse+newUpdateLoggingConfigurationResponse pHttpStatus_ =+ UpdateLoggingConfigurationResponse'+ { firewallArn =+ Prelude.Nothing,+ firewallName = Prelude.Nothing,+ loggingConfiguration = Prelude.Nothing,+ httpStatus = pHttpStatus_+ }++-- | The Amazon Resource Name (ARN) of the firewall.+updateLoggingConfigurationResponse_firewallArn :: Lens.Lens' UpdateLoggingConfigurationResponse (Prelude.Maybe Prelude.Text)+updateLoggingConfigurationResponse_firewallArn = Lens.lens (\UpdateLoggingConfigurationResponse' {firewallArn} -> firewallArn) (\s@UpdateLoggingConfigurationResponse' {} a -> s {firewallArn = a} :: UpdateLoggingConfigurationResponse)++-- | The descriptive name of the firewall. You can\'t change the name of a+-- firewall after you create it.+updateLoggingConfigurationResponse_firewallName :: Lens.Lens' UpdateLoggingConfigurationResponse (Prelude.Maybe Prelude.Text)+updateLoggingConfigurationResponse_firewallName = Lens.lens (\UpdateLoggingConfigurationResponse' {firewallName} -> firewallName) (\s@UpdateLoggingConfigurationResponse' {} a -> s {firewallName = a} :: UpdateLoggingConfigurationResponse)++-- | Undocumented member.+updateLoggingConfigurationResponse_loggingConfiguration :: Lens.Lens' UpdateLoggingConfigurationResponse (Prelude.Maybe LoggingConfiguration)+updateLoggingConfigurationResponse_loggingConfiguration = Lens.lens (\UpdateLoggingConfigurationResponse' {loggingConfiguration} -> loggingConfiguration) (\s@UpdateLoggingConfigurationResponse' {} a -> s {loggingConfiguration = a} :: UpdateLoggingConfigurationResponse)++-- | The response's http status code.+updateLoggingConfigurationResponse_httpStatus :: Lens.Lens' UpdateLoggingConfigurationResponse Prelude.Int+updateLoggingConfigurationResponse_httpStatus = Lens.lens (\UpdateLoggingConfigurationResponse' {httpStatus} -> httpStatus) (\s@UpdateLoggingConfigurationResponse' {} a -> s {httpStatus = a} :: UpdateLoggingConfigurationResponse)++instance+ Prelude.NFData+ UpdateLoggingConfigurationResponse+ where+ rnf UpdateLoggingConfigurationResponse' {..} =+ Prelude.rnf firewallArn+ `Prelude.seq` Prelude.rnf firewallName+ `Prelude.seq` Prelude.rnf loggingConfiguration+ `Prelude.seq` Prelude.rnf httpStatus
+ gen/Amazonka/NetworkFirewall/UpdateRuleGroup.hs view
@@ -0,0 +1,496 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE TypeFamilies #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-binds #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.UpdateRuleGroup+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+--+-- Updates the rule settings for the specified rule group. You use a rule+-- group by reference in one or more firewall policies. When you modify a+-- rule group, you modify all firewall policies that use the rule group.+--+-- To update a rule group, first call DescribeRuleGroup to retrieve the+-- current RuleGroup object, update the object as needed, and then provide+-- the updated object to this call.+module Amazonka.NetworkFirewall.UpdateRuleGroup+ ( -- * Creating a Request+ UpdateRuleGroup (..),+ newUpdateRuleGroup,++ -- * Request Lenses+ updateRuleGroup_description,+ updateRuleGroup_dryRun,+ updateRuleGroup_encryptionConfiguration,+ updateRuleGroup_ruleGroup,+ updateRuleGroup_ruleGroupArn,+ updateRuleGroup_ruleGroupName,+ updateRuleGroup_rules,+ updateRuleGroup_sourceMetadata,+ updateRuleGroup_type,+ updateRuleGroup_updateToken,++ -- * Destructuring the Response+ UpdateRuleGroupResponse (..),+ newUpdateRuleGroupResponse,++ -- * Response Lenses+ updateRuleGroupResponse_httpStatus,+ updateRuleGroupResponse_updateToken,+ updateRuleGroupResponse_ruleGroupResponse,+ )+where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import Amazonka.NetworkFirewall.Types+import qualified Amazonka.Prelude as Prelude+import qualified Amazonka.Request as Request+import qualified Amazonka.Response as Response++-- | /See:/ 'newUpdateRuleGroup' smart constructor.+data UpdateRuleGroup = UpdateRuleGroup'+ { -- | A description of the rule group.+ description :: Prelude.Maybe Prelude.Text,+ -- | Indicates whether you want Network Firewall to just check the validity+ -- of the request, rather than run the request.+ --+ -- If set to @TRUE@, Network Firewall checks whether the request can run+ -- successfully, but doesn\'t actually make the requested changes. The call+ -- returns the value that the request would return if you ran it with dry+ -- run set to @FALSE@, but doesn\'t make additions or changes to your+ -- resources. This option allows you to make sure that you have the+ -- required permissions to run the request and that your request parameters+ -- are valid.+ --+ -- If set to @FALSE@, Network Firewall makes the requested changes to your+ -- resources.+ dryRun :: Prelude.Maybe Prelude.Bool,+ -- | A complex type that contains settings for encryption of your rule group+ -- resources.+ encryptionConfiguration :: Prelude.Maybe EncryptionConfiguration,+ -- | An object that defines the rule group rules.+ --+ -- You must provide either this rule group setting or a @Rules@ setting,+ -- but not both.+ ruleGroup :: Prelude.Maybe RuleGroup,+ -- | The Amazon Resource Name (ARN) of the rule group.+ --+ -- You must specify the ARN or the name, and you can specify both.+ ruleGroupArn :: Prelude.Maybe Prelude.Text,+ -- | The descriptive name of the rule group. You can\'t change the name of a+ -- rule group after you create it.+ --+ -- You must specify the ARN or the name, and you can specify both.+ ruleGroupName :: Prelude.Maybe Prelude.Text,+ -- | A string containing stateful rule group rules specifications in Suricata+ -- flat format, with one rule per line. Use this to import your existing+ -- Suricata compatible rule groups.+ --+ -- You must provide either this rules setting or a populated @RuleGroup@+ -- setting, but not both.+ --+ -- You can provide your rule group specification in Suricata flat format+ -- through this setting when you create or update your rule group. The call+ -- response returns a RuleGroup object that Network Firewall has populated+ -- from your string.+ rules :: Prelude.Maybe Prelude.Text,+ -- | A complex type that contains metadata about the rule group that your own+ -- rule group is copied from. You can use the metadata to keep track of+ -- updates made to the originating rule group.+ sourceMetadata :: Prelude.Maybe SourceMetadata,+ -- | Indicates whether the rule group is stateless or stateful. If the rule+ -- group is stateless, it contains stateless rules. If it is stateful, it+ -- contains stateful rules.+ --+ -- This setting is required for requests that do not include the+ -- @RuleGroupARN@.+ type' :: Prelude.Maybe RuleGroupType,+ -- | A token used for optimistic locking. Network Firewall returns a token to+ -- your requests that access the rule group. The token marks the state of+ -- the rule group resource at the time of the request.+ --+ -- To make changes to the rule group, you provide the token in your+ -- request. Network Firewall uses the token to ensure that the rule group+ -- hasn\'t changed since you last retrieved it. If it has changed, the+ -- operation fails with an @InvalidTokenException@. If this happens,+ -- retrieve the rule group again to get a current copy of it with a current+ -- token. Reapply your changes as needed, then try the operation again+ -- using the new token.+ updateToken :: Prelude.Text+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'UpdateRuleGroup' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'description', 'updateRuleGroup_description' - A description of the rule group.+--+-- 'dryRun', 'updateRuleGroup_dryRun' - Indicates whether you want Network Firewall to just check the validity+-- of the request, rather than run the request.+--+-- If set to @TRUE@, Network Firewall checks whether the request can run+-- successfully, but doesn\'t actually make the requested changes. The call+-- returns the value that the request would return if you ran it with dry+-- run set to @FALSE@, but doesn\'t make additions or changes to your+-- resources. This option allows you to make sure that you have the+-- required permissions to run the request and that your request parameters+-- are valid.+--+-- If set to @FALSE@, Network Firewall makes the requested changes to your+-- resources.+--+-- 'encryptionConfiguration', 'updateRuleGroup_encryptionConfiguration' - A complex type that contains settings for encryption of your rule group+-- resources.+--+-- 'ruleGroup', 'updateRuleGroup_ruleGroup' - An object that defines the rule group rules.+--+-- You must provide either this rule group setting or a @Rules@ setting,+-- but not both.+--+-- 'ruleGroupArn', 'updateRuleGroup_ruleGroupArn' - The Amazon Resource Name (ARN) of the rule group.+--+-- You must specify the ARN or the name, and you can specify both.+--+-- 'ruleGroupName', 'updateRuleGroup_ruleGroupName' - The descriptive name of the rule group. You can\'t change the name of a+-- rule group after you create it.+--+-- You must specify the ARN or the name, and you can specify both.+--+-- 'rules', 'updateRuleGroup_rules' - A string containing stateful rule group rules specifications in Suricata+-- flat format, with one rule per line. Use this to import your existing+-- Suricata compatible rule groups.+--+-- You must provide either this rules setting or a populated @RuleGroup@+-- setting, but not both.+--+-- You can provide your rule group specification in Suricata flat format+-- through this setting when you create or update your rule group. The call+-- response returns a RuleGroup object that Network Firewall has populated+-- from your string.+--+-- 'sourceMetadata', 'updateRuleGroup_sourceMetadata' - A complex type that contains metadata about the rule group that your own+-- rule group is copied from. You can use the metadata to keep track of+-- updates made to the originating rule group.+--+-- 'type'', 'updateRuleGroup_type' - Indicates whether the rule group is stateless or stateful. If the rule+-- group is stateless, it contains stateless rules. If it is stateful, it+-- contains stateful rules.+--+-- This setting is required for requests that do not include the+-- @RuleGroupARN@.+--+-- 'updateToken', 'updateRuleGroup_updateToken' - A token used for optimistic locking. Network Firewall returns a token to+-- your requests that access the rule group. The token marks the state of+-- the rule group resource at the time of the request.+--+-- To make changes to the rule group, you provide the token in your+-- request. Network Firewall uses the token to ensure that the rule group+-- hasn\'t changed since you last retrieved it. If it has changed, the+-- operation fails with an @InvalidTokenException@. If this happens,+-- retrieve the rule group again to get a current copy of it with a current+-- token. Reapply your changes as needed, then try the operation again+-- using the new token.+newUpdateRuleGroup ::+ -- | 'updateToken'+ Prelude.Text ->+ UpdateRuleGroup+newUpdateRuleGroup pUpdateToken_ =+ UpdateRuleGroup'+ { description = Prelude.Nothing,+ dryRun = Prelude.Nothing,+ encryptionConfiguration = Prelude.Nothing,+ ruleGroup = Prelude.Nothing,+ ruleGroupArn = Prelude.Nothing,+ ruleGroupName = Prelude.Nothing,+ rules = Prelude.Nothing,+ sourceMetadata = Prelude.Nothing,+ type' = Prelude.Nothing,+ updateToken = pUpdateToken_+ }++-- | A description of the rule group.+updateRuleGroup_description :: Lens.Lens' UpdateRuleGroup (Prelude.Maybe Prelude.Text)+updateRuleGroup_description = Lens.lens (\UpdateRuleGroup' {description} -> description) (\s@UpdateRuleGroup' {} a -> s {description = a} :: UpdateRuleGroup)++-- | Indicates whether you want Network Firewall to just check the validity+-- of the request, rather than run the request.+--+-- If set to @TRUE@, Network Firewall checks whether the request can run+-- successfully, but doesn\'t actually make the requested changes. The call+-- returns the value that the request would return if you ran it with dry+-- run set to @FALSE@, but doesn\'t make additions or changes to your+-- resources. This option allows you to make sure that you have the+-- required permissions to run the request and that your request parameters+-- are valid.+--+-- If set to @FALSE@, Network Firewall makes the requested changes to your+-- resources.+updateRuleGroup_dryRun :: Lens.Lens' UpdateRuleGroup (Prelude.Maybe Prelude.Bool)+updateRuleGroup_dryRun = Lens.lens (\UpdateRuleGroup' {dryRun} -> dryRun) (\s@UpdateRuleGroup' {} a -> s {dryRun = a} :: UpdateRuleGroup)++-- | A complex type that contains settings for encryption of your rule group+-- resources.+updateRuleGroup_encryptionConfiguration :: Lens.Lens' UpdateRuleGroup (Prelude.Maybe EncryptionConfiguration)+updateRuleGroup_encryptionConfiguration = Lens.lens (\UpdateRuleGroup' {encryptionConfiguration} -> encryptionConfiguration) (\s@UpdateRuleGroup' {} a -> s {encryptionConfiguration = a} :: UpdateRuleGroup)++-- | An object that defines the rule group rules.+--+-- You must provide either this rule group setting or a @Rules@ setting,+-- but not both.+updateRuleGroup_ruleGroup :: Lens.Lens' UpdateRuleGroup (Prelude.Maybe RuleGroup)+updateRuleGroup_ruleGroup = Lens.lens (\UpdateRuleGroup' {ruleGroup} -> ruleGroup) (\s@UpdateRuleGroup' {} a -> s {ruleGroup = a} :: UpdateRuleGroup)++-- | The Amazon Resource Name (ARN) of the rule group.+--+-- You must specify the ARN or the name, and you can specify both.+updateRuleGroup_ruleGroupArn :: Lens.Lens' UpdateRuleGroup (Prelude.Maybe Prelude.Text)+updateRuleGroup_ruleGroupArn = Lens.lens (\UpdateRuleGroup' {ruleGroupArn} -> ruleGroupArn) (\s@UpdateRuleGroup' {} a -> s {ruleGroupArn = a} :: UpdateRuleGroup)++-- | The descriptive name of the rule group. You can\'t change the name of a+-- rule group after you create it.+--+-- You must specify the ARN or the name, and you can specify both.+updateRuleGroup_ruleGroupName :: Lens.Lens' UpdateRuleGroup (Prelude.Maybe Prelude.Text)+updateRuleGroup_ruleGroupName = Lens.lens (\UpdateRuleGroup' {ruleGroupName} -> ruleGroupName) (\s@UpdateRuleGroup' {} a -> s {ruleGroupName = a} :: UpdateRuleGroup)++-- | A string containing stateful rule group rules specifications in Suricata+-- flat format, with one rule per line. Use this to import your existing+-- Suricata compatible rule groups.+--+-- You must provide either this rules setting or a populated @RuleGroup@+-- setting, but not both.+--+-- You can provide your rule group specification in Suricata flat format+-- through this setting when you create or update your rule group. The call+-- response returns a RuleGroup object that Network Firewall has populated+-- from your string.+updateRuleGroup_rules :: Lens.Lens' UpdateRuleGroup (Prelude.Maybe Prelude.Text)+updateRuleGroup_rules = Lens.lens (\UpdateRuleGroup' {rules} -> rules) (\s@UpdateRuleGroup' {} a -> s {rules = a} :: UpdateRuleGroup)++-- | A complex type that contains metadata about the rule group that your own+-- rule group is copied from. You can use the metadata to keep track of+-- updates made to the originating rule group.+updateRuleGroup_sourceMetadata :: Lens.Lens' UpdateRuleGroup (Prelude.Maybe SourceMetadata)+updateRuleGroup_sourceMetadata = Lens.lens (\UpdateRuleGroup' {sourceMetadata} -> sourceMetadata) (\s@UpdateRuleGroup' {} a -> s {sourceMetadata = a} :: UpdateRuleGroup)++-- | Indicates whether the rule group is stateless or stateful. If the rule+-- group is stateless, it contains stateless rules. If it is stateful, it+-- contains stateful rules.+--+-- This setting is required for requests that do not include the+-- @RuleGroupARN@.+updateRuleGroup_type :: Lens.Lens' UpdateRuleGroup (Prelude.Maybe RuleGroupType)+updateRuleGroup_type = Lens.lens (\UpdateRuleGroup' {type'} -> type') (\s@UpdateRuleGroup' {} a -> s {type' = a} :: UpdateRuleGroup)++-- | A token used for optimistic locking. Network Firewall returns a token to+-- your requests that access the rule group. The token marks the state of+-- the rule group resource at the time of the request.+--+-- To make changes to the rule group, you provide the token in your+-- request. Network Firewall uses the token to ensure that the rule group+-- hasn\'t changed since you last retrieved it. If it has changed, the+-- operation fails with an @InvalidTokenException@. If this happens,+-- retrieve the rule group again to get a current copy of it with a current+-- token. Reapply your changes as needed, then try the operation again+-- using the new token.+updateRuleGroup_updateToken :: Lens.Lens' UpdateRuleGroup Prelude.Text+updateRuleGroup_updateToken = Lens.lens (\UpdateRuleGroup' {updateToken} -> updateToken) (\s@UpdateRuleGroup' {} a -> s {updateToken = a} :: UpdateRuleGroup)++instance Core.AWSRequest UpdateRuleGroup where+ type+ AWSResponse UpdateRuleGroup =+ UpdateRuleGroupResponse+ request overrides =+ Request.postJSON (overrides defaultService)+ response =+ Response.receiveJSON+ ( \s h x ->+ UpdateRuleGroupResponse'+ Prelude.<$> (Prelude.pure (Prelude.fromEnum s))+ Prelude.<*> (x Data..:> "UpdateToken")+ Prelude.<*> (x Data..:> "RuleGroupResponse")+ )++instance Prelude.Hashable UpdateRuleGroup where+ hashWithSalt _salt UpdateRuleGroup' {..} =+ _salt+ `Prelude.hashWithSalt` description+ `Prelude.hashWithSalt` dryRun+ `Prelude.hashWithSalt` encryptionConfiguration+ `Prelude.hashWithSalt` ruleGroup+ `Prelude.hashWithSalt` ruleGroupArn+ `Prelude.hashWithSalt` ruleGroupName+ `Prelude.hashWithSalt` rules+ `Prelude.hashWithSalt` sourceMetadata+ `Prelude.hashWithSalt` type'+ `Prelude.hashWithSalt` updateToken++instance Prelude.NFData UpdateRuleGroup where+ rnf UpdateRuleGroup' {..} =+ Prelude.rnf description+ `Prelude.seq` Prelude.rnf dryRun+ `Prelude.seq` Prelude.rnf encryptionConfiguration+ `Prelude.seq` Prelude.rnf ruleGroup+ `Prelude.seq` Prelude.rnf ruleGroupArn+ `Prelude.seq` Prelude.rnf ruleGroupName+ `Prelude.seq` Prelude.rnf rules+ `Prelude.seq` Prelude.rnf sourceMetadata+ `Prelude.seq` Prelude.rnf type'+ `Prelude.seq` Prelude.rnf updateToken++instance Data.ToHeaders UpdateRuleGroup where+ toHeaders =+ Prelude.const+ ( Prelude.mconcat+ [ "X-Amz-Target"+ Data.=# ( "NetworkFirewall_20201112.UpdateRuleGroup" ::+ Prelude.ByteString+ ),+ "Content-Type"+ Data.=# ( "application/x-amz-json-1.0" ::+ Prelude.ByteString+ )+ ]+ )++instance Data.ToJSON UpdateRuleGroup where+ toJSON UpdateRuleGroup' {..} =+ Data.object+ ( Prelude.catMaybes+ [ ("Description" Data..=) Prelude.<$> description,+ ("DryRun" Data..=) Prelude.<$> dryRun,+ ("EncryptionConfiguration" Data..=)+ Prelude.<$> encryptionConfiguration,+ ("RuleGroup" Data..=) Prelude.<$> ruleGroup,+ ("RuleGroupArn" Data..=) Prelude.<$> ruleGroupArn,+ ("RuleGroupName" Data..=) Prelude.<$> ruleGroupName,+ ("Rules" Data..=) Prelude.<$> rules,+ ("SourceMetadata" Data..=)+ Prelude.<$> sourceMetadata,+ ("Type" Data..=) Prelude.<$> type',+ Prelude.Just ("UpdateToken" Data..= updateToken)+ ]+ )++instance Data.ToPath UpdateRuleGroup where+ toPath = Prelude.const "/"++instance Data.ToQuery UpdateRuleGroup where+ toQuery = Prelude.const Prelude.mempty++-- | /See:/ 'newUpdateRuleGroupResponse' smart constructor.+data UpdateRuleGroupResponse = UpdateRuleGroupResponse'+ { -- | The response's http status code.+ httpStatus :: Prelude.Int,+ -- | A token used for optimistic locking. Network Firewall returns a token to+ -- your requests that access the rule group. The token marks the state of+ -- the rule group resource at the time of the request.+ --+ -- To make changes to the rule group, you provide the token in your+ -- request. Network Firewall uses the token to ensure that the rule group+ -- hasn\'t changed since you last retrieved it. If it has changed, the+ -- operation fails with an @InvalidTokenException@. If this happens,+ -- retrieve the rule group again to get a current copy of it with a current+ -- token. Reapply your changes as needed, then try the operation again+ -- using the new token.+ updateToken :: Prelude.Text,+ -- | The high-level properties of a rule group. This, along with the+ -- RuleGroup, define the rule group. You can retrieve all objects for a+ -- rule group by calling DescribeRuleGroup.+ ruleGroupResponse :: RuleGroupResponse+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'UpdateRuleGroupResponse' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'httpStatus', 'updateRuleGroupResponse_httpStatus' - The response's http status code.+--+-- 'updateToken', 'updateRuleGroupResponse_updateToken' - A token used for optimistic locking. Network Firewall returns a token to+-- your requests that access the rule group. The token marks the state of+-- the rule group resource at the time of the request.+--+-- To make changes to the rule group, you provide the token in your+-- request. Network Firewall uses the token to ensure that the rule group+-- hasn\'t changed since you last retrieved it. If it has changed, the+-- operation fails with an @InvalidTokenException@. If this happens,+-- retrieve the rule group again to get a current copy of it with a current+-- token. Reapply your changes as needed, then try the operation again+-- using the new token.+--+-- 'ruleGroupResponse', 'updateRuleGroupResponse_ruleGroupResponse' - The high-level properties of a rule group. This, along with the+-- RuleGroup, define the rule group. You can retrieve all objects for a+-- rule group by calling DescribeRuleGroup.+newUpdateRuleGroupResponse ::+ -- | 'httpStatus'+ Prelude.Int ->+ -- | 'updateToken'+ Prelude.Text ->+ -- | 'ruleGroupResponse'+ RuleGroupResponse ->+ UpdateRuleGroupResponse+newUpdateRuleGroupResponse+ pHttpStatus_+ pUpdateToken_+ pRuleGroupResponse_ =+ UpdateRuleGroupResponse'+ { httpStatus = pHttpStatus_,+ updateToken = pUpdateToken_,+ ruleGroupResponse = pRuleGroupResponse_+ }++-- | The response's http status code.+updateRuleGroupResponse_httpStatus :: Lens.Lens' UpdateRuleGroupResponse Prelude.Int+updateRuleGroupResponse_httpStatus = Lens.lens (\UpdateRuleGroupResponse' {httpStatus} -> httpStatus) (\s@UpdateRuleGroupResponse' {} a -> s {httpStatus = a} :: UpdateRuleGroupResponse)++-- | A token used for optimistic locking. Network Firewall returns a token to+-- your requests that access the rule group. The token marks the state of+-- the rule group resource at the time of the request.+--+-- To make changes to the rule group, you provide the token in your+-- request. Network Firewall uses the token to ensure that the rule group+-- hasn\'t changed since you last retrieved it. If it has changed, the+-- operation fails with an @InvalidTokenException@. If this happens,+-- retrieve the rule group again to get a current copy of it with a current+-- token. Reapply your changes as needed, then try the operation again+-- using the new token.+updateRuleGroupResponse_updateToken :: Lens.Lens' UpdateRuleGroupResponse Prelude.Text+updateRuleGroupResponse_updateToken = Lens.lens (\UpdateRuleGroupResponse' {updateToken} -> updateToken) (\s@UpdateRuleGroupResponse' {} a -> s {updateToken = a} :: UpdateRuleGroupResponse)++-- | The high-level properties of a rule group. This, along with the+-- RuleGroup, define the rule group. You can retrieve all objects for a+-- rule group by calling DescribeRuleGroup.+updateRuleGroupResponse_ruleGroupResponse :: Lens.Lens' UpdateRuleGroupResponse RuleGroupResponse+updateRuleGroupResponse_ruleGroupResponse = Lens.lens (\UpdateRuleGroupResponse' {ruleGroupResponse} -> ruleGroupResponse) (\s@UpdateRuleGroupResponse' {} a -> s {ruleGroupResponse = a} :: UpdateRuleGroupResponse)++instance Prelude.NFData UpdateRuleGroupResponse where+ rnf UpdateRuleGroupResponse' {..} =+ Prelude.rnf httpStatus+ `Prelude.seq` Prelude.rnf updateToken+ `Prelude.seq` Prelude.rnf ruleGroupResponse
+ gen/Amazonka/NetworkFirewall/UpdateSubnetChangeProtection.hs view
@@ -0,0 +1,397 @@+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE DuplicateRecordFields #-}+{-# LANGUAGE NamedFieldPuns #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE TypeFamilies #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-binds #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.UpdateSubnetChangeProtection+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.UpdateSubnetChangeProtection+ ( -- * Creating a Request+ UpdateSubnetChangeProtection (..),+ newUpdateSubnetChangeProtection,++ -- * Request Lenses+ updateSubnetChangeProtection_firewallArn,+ updateSubnetChangeProtection_firewallName,+ updateSubnetChangeProtection_updateToken,+ updateSubnetChangeProtection_subnetChangeProtection,++ -- * Destructuring the Response+ UpdateSubnetChangeProtectionResponse (..),+ newUpdateSubnetChangeProtectionResponse,++ -- * Response Lenses+ updateSubnetChangeProtectionResponse_firewallArn,+ updateSubnetChangeProtectionResponse_firewallName,+ updateSubnetChangeProtectionResponse_subnetChangeProtection,+ updateSubnetChangeProtectionResponse_updateToken,+ updateSubnetChangeProtectionResponse_httpStatus,+ )+where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import Amazonka.NetworkFirewall.Types+import qualified Amazonka.Prelude as Prelude+import qualified Amazonka.Request as Request+import qualified Amazonka.Response as Response++-- | /See:/ 'newUpdateSubnetChangeProtection' smart constructor.+data UpdateSubnetChangeProtection = UpdateSubnetChangeProtection'+ { -- | The Amazon Resource Name (ARN) of the firewall.+ --+ -- You must specify the ARN or the name, and you can specify both.+ firewallArn :: Prelude.Maybe Prelude.Text,+ -- | The descriptive name of the firewall. You can\'t change the name of a+ -- firewall after you create it.+ --+ -- You must specify the ARN or the name, and you can specify both.+ firewallName :: Prelude.Maybe Prelude.Text,+ -- | An optional token that you can use for optimistic locking. Network+ -- Firewall returns a token to your requests that access the firewall. The+ -- token marks the state of the firewall resource at the time of the+ -- request.+ --+ -- To make an unconditional change to the firewall, omit the token in your+ -- update request. Without the token, Network Firewall performs your+ -- updates regardless of whether the firewall has changed since you last+ -- retrieved it.+ --+ -- To make a conditional change to the firewall, provide the token in your+ -- update request. Network Firewall uses the token to ensure that the+ -- firewall hasn\'t changed since you last retrieved it. If it has changed,+ -- the operation fails with an @InvalidTokenException@. If this happens,+ -- retrieve the firewall again to get a current copy of it with a new+ -- token. Reapply your changes as needed, then try the operation again+ -- using the new token.+ updateToken :: Prelude.Maybe Prelude.Text,+ -- | A setting indicating whether the firewall is protected against changes+ -- to the subnet associations. Use this setting to protect against+ -- accidentally modifying the subnet associations for a firewall that is in+ -- use. When you create a firewall, the operation initializes this setting+ -- to @TRUE@.+ subnetChangeProtection :: Prelude.Bool+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'UpdateSubnetChangeProtection' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'firewallArn', 'updateSubnetChangeProtection_firewallArn' - The Amazon Resource Name (ARN) of the firewall.+--+-- You must specify the ARN or the name, and you can specify both.+--+-- 'firewallName', 'updateSubnetChangeProtection_firewallName' - The descriptive name of the firewall. You can\'t change the name of a+-- firewall after you create it.+--+-- You must specify the ARN or the name, and you can specify both.+--+-- 'updateToken', 'updateSubnetChangeProtection_updateToken' - An optional token that you can use for optimistic locking. Network+-- Firewall returns a token to your requests that access the firewall. The+-- token marks the state of the firewall resource at the time of the+-- request.+--+-- To make an unconditional change to the firewall, omit the token in your+-- update request. Without the token, Network Firewall performs your+-- updates regardless of whether the firewall has changed since you last+-- retrieved it.+--+-- To make a conditional change to the firewall, provide the token in your+-- update request. Network Firewall uses the token to ensure that the+-- firewall hasn\'t changed since you last retrieved it. If it has changed,+-- the operation fails with an @InvalidTokenException@. If this happens,+-- retrieve the firewall again to get a current copy of it with a new+-- token. Reapply your changes as needed, then try the operation again+-- using the new token.+--+-- 'subnetChangeProtection', 'updateSubnetChangeProtection_subnetChangeProtection' - A setting indicating whether the firewall is protected against changes+-- to the subnet associations. Use this setting to protect against+-- accidentally modifying the subnet associations for a firewall that is in+-- use. When you create a firewall, the operation initializes this setting+-- to @TRUE@.+newUpdateSubnetChangeProtection ::+ -- | 'subnetChangeProtection'+ Prelude.Bool ->+ UpdateSubnetChangeProtection+newUpdateSubnetChangeProtection+ pSubnetChangeProtection_ =+ UpdateSubnetChangeProtection'+ { firewallArn =+ Prelude.Nothing,+ firewallName = Prelude.Nothing,+ updateToken = Prelude.Nothing,+ subnetChangeProtection =+ pSubnetChangeProtection_+ }++-- | The Amazon Resource Name (ARN) of the firewall.+--+-- You must specify the ARN or the name, and you can specify both.+updateSubnetChangeProtection_firewallArn :: Lens.Lens' UpdateSubnetChangeProtection (Prelude.Maybe Prelude.Text)+updateSubnetChangeProtection_firewallArn = Lens.lens (\UpdateSubnetChangeProtection' {firewallArn} -> firewallArn) (\s@UpdateSubnetChangeProtection' {} a -> s {firewallArn = a} :: UpdateSubnetChangeProtection)++-- | The descriptive name of the firewall. You can\'t change the name of a+-- firewall after you create it.+--+-- You must specify the ARN or the name, and you can specify both.+updateSubnetChangeProtection_firewallName :: Lens.Lens' UpdateSubnetChangeProtection (Prelude.Maybe Prelude.Text)+updateSubnetChangeProtection_firewallName = Lens.lens (\UpdateSubnetChangeProtection' {firewallName} -> firewallName) (\s@UpdateSubnetChangeProtection' {} a -> s {firewallName = a} :: UpdateSubnetChangeProtection)++-- | An optional token that you can use for optimistic locking. Network+-- Firewall returns a token to your requests that access the firewall. The+-- token marks the state of the firewall resource at the time of the+-- request.+--+-- To make an unconditional change to the firewall, omit the token in your+-- update request. Without the token, Network Firewall performs your+-- updates regardless of whether the firewall has changed since you last+-- retrieved it.+--+-- To make a conditional change to the firewall, provide the token in your+-- update request. Network Firewall uses the token to ensure that the+-- firewall hasn\'t changed since you last retrieved it. If it has changed,+-- the operation fails with an @InvalidTokenException@. If this happens,+-- retrieve the firewall again to get a current copy of it with a new+-- token. Reapply your changes as needed, then try the operation again+-- using the new token.+updateSubnetChangeProtection_updateToken :: Lens.Lens' UpdateSubnetChangeProtection (Prelude.Maybe Prelude.Text)+updateSubnetChangeProtection_updateToken = Lens.lens (\UpdateSubnetChangeProtection' {updateToken} -> updateToken) (\s@UpdateSubnetChangeProtection' {} a -> s {updateToken = a} :: UpdateSubnetChangeProtection)++-- | A setting indicating whether the firewall is protected against changes+-- to the subnet associations. Use this setting to protect against+-- accidentally modifying the subnet associations for a firewall that is in+-- use. When you create a firewall, the operation initializes this setting+-- to @TRUE@.+updateSubnetChangeProtection_subnetChangeProtection :: Lens.Lens' UpdateSubnetChangeProtection Prelude.Bool+updateSubnetChangeProtection_subnetChangeProtection = Lens.lens (\UpdateSubnetChangeProtection' {subnetChangeProtection} -> subnetChangeProtection) (\s@UpdateSubnetChangeProtection' {} a -> s {subnetChangeProtection = a} :: UpdateSubnetChangeProtection)++instance Core.AWSRequest UpdateSubnetChangeProtection where+ type+ AWSResponse UpdateSubnetChangeProtection =+ UpdateSubnetChangeProtectionResponse+ request overrides =+ Request.postJSON (overrides defaultService)+ response =+ Response.receiveJSON+ ( \s h x ->+ UpdateSubnetChangeProtectionResponse'+ Prelude.<$> (x Data..?> "FirewallArn")+ Prelude.<*> (x Data..?> "FirewallName")+ Prelude.<*> (x Data..?> "SubnetChangeProtection")+ Prelude.<*> (x Data..?> "UpdateToken")+ Prelude.<*> (Prelude.pure (Prelude.fromEnum s))+ )++instance+ Prelude.Hashable+ UpdateSubnetChangeProtection+ where+ hashWithSalt _salt UpdateSubnetChangeProtection' {..} =+ _salt+ `Prelude.hashWithSalt` firewallArn+ `Prelude.hashWithSalt` firewallName+ `Prelude.hashWithSalt` updateToken+ `Prelude.hashWithSalt` subnetChangeProtection++instance Prelude.NFData UpdateSubnetChangeProtection where+ rnf UpdateSubnetChangeProtection' {..} =+ Prelude.rnf firewallArn+ `Prelude.seq` Prelude.rnf firewallName+ `Prelude.seq` Prelude.rnf updateToken+ `Prelude.seq` Prelude.rnf subnetChangeProtection++instance Data.ToHeaders UpdateSubnetChangeProtection where+ toHeaders =+ Prelude.const+ ( Prelude.mconcat+ [ "X-Amz-Target"+ Data.=# ( "NetworkFirewall_20201112.UpdateSubnetChangeProtection" ::+ Prelude.ByteString+ ),+ "Content-Type"+ Data.=# ( "application/x-amz-json-1.0" ::+ Prelude.ByteString+ )+ ]+ )++instance Data.ToJSON UpdateSubnetChangeProtection where+ toJSON UpdateSubnetChangeProtection' {..} =+ Data.object+ ( Prelude.catMaybes+ [ ("FirewallArn" Data..=) Prelude.<$> firewallArn,+ ("FirewallName" Data..=) Prelude.<$> firewallName,+ ("UpdateToken" Data..=) Prelude.<$> updateToken,+ Prelude.Just+ ( "SubnetChangeProtection"+ Data..= subnetChangeProtection+ )+ ]+ )++instance Data.ToPath UpdateSubnetChangeProtection where+ toPath = Prelude.const "/"++instance Data.ToQuery UpdateSubnetChangeProtection where+ toQuery = Prelude.const Prelude.mempty++-- | /See:/ 'newUpdateSubnetChangeProtectionResponse' smart constructor.+data UpdateSubnetChangeProtectionResponse = UpdateSubnetChangeProtectionResponse'+ { -- | The Amazon Resource Name (ARN) of the firewall.+ firewallArn :: Prelude.Maybe Prelude.Text,+ -- | The descriptive name of the firewall. You can\'t change the name of a+ -- firewall after you create it.+ firewallName :: Prelude.Maybe Prelude.Text,+ -- | A setting indicating whether the firewall is protected against changes+ -- to the subnet associations. Use this setting to protect against+ -- accidentally modifying the subnet associations for a firewall that is in+ -- use. When you create a firewall, the operation initializes this setting+ -- to @TRUE@.+ subnetChangeProtection :: Prelude.Maybe Prelude.Bool,+ -- | An optional token that you can use for optimistic locking. Network+ -- Firewall returns a token to your requests that access the firewall. The+ -- token marks the state of the firewall resource at the time of the+ -- request.+ --+ -- To make an unconditional change to the firewall, omit the token in your+ -- update request. Without the token, Network Firewall performs your+ -- updates regardless of whether the firewall has changed since you last+ -- retrieved it.+ --+ -- To make a conditional change to the firewall, provide the token in your+ -- update request. Network Firewall uses the token to ensure that the+ -- firewall hasn\'t changed since you last retrieved it. If it has changed,+ -- the operation fails with an @InvalidTokenException@. If this happens,+ -- retrieve the firewall again to get a current copy of it with a new+ -- token. Reapply your changes as needed, then try the operation again+ -- using the new token.+ updateToken :: Prelude.Maybe Prelude.Text,+ -- | The response's http status code.+ httpStatus :: Prelude.Int+ }+ deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)++-- |+-- Create a value of 'UpdateSubnetChangeProtectionResponse' with all optional fields omitted.+--+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.+--+-- The following record fields are available, with the corresponding lenses provided+-- for backwards compatibility:+--+-- 'firewallArn', 'updateSubnetChangeProtectionResponse_firewallArn' - The Amazon Resource Name (ARN) of the firewall.+--+-- 'firewallName', 'updateSubnetChangeProtectionResponse_firewallName' - The descriptive name of the firewall. You can\'t change the name of a+-- firewall after you create it.+--+-- 'subnetChangeProtection', 'updateSubnetChangeProtectionResponse_subnetChangeProtection' - A setting indicating whether the firewall is protected against changes+-- to the subnet associations. Use this setting to protect against+-- accidentally modifying the subnet associations for a firewall that is in+-- use. When you create a firewall, the operation initializes this setting+-- to @TRUE@.+--+-- 'updateToken', 'updateSubnetChangeProtectionResponse_updateToken' - An optional token that you can use for optimistic locking. Network+-- Firewall returns a token to your requests that access the firewall. The+-- token marks the state of the firewall resource at the time of the+-- request.+--+-- To make an unconditional change to the firewall, omit the token in your+-- update request. Without the token, Network Firewall performs your+-- updates regardless of whether the firewall has changed since you last+-- retrieved it.+--+-- To make a conditional change to the firewall, provide the token in your+-- update request. Network Firewall uses the token to ensure that the+-- firewall hasn\'t changed since you last retrieved it. If it has changed,+-- the operation fails with an @InvalidTokenException@. If this happens,+-- retrieve the firewall again to get a current copy of it with a new+-- token. Reapply your changes as needed, then try the operation again+-- using the new token.+--+-- 'httpStatus', 'updateSubnetChangeProtectionResponse_httpStatus' - The response's http status code.+newUpdateSubnetChangeProtectionResponse ::+ -- | 'httpStatus'+ Prelude.Int ->+ UpdateSubnetChangeProtectionResponse+newUpdateSubnetChangeProtectionResponse pHttpStatus_ =+ UpdateSubnetChangeProtectionResponse'+ { firewallArn =+ Prelude.Nothing,+ firewallName = Prelude.Nothing,+ subnetChangeProtection =+ Prelude.Nothing,+ updateToken = Prelude.Nothing,+ httpStatus = pHttpStatus_+ }++-- | The Amazon Resource Name (ARN) of the firewall.+updateSubnetChangeProtectionResponse_firewallArn :: Lens.Lens' UpdateSubnetChangeProtectionResponse (Prelude.Maybe Prelude.Text)+updateSubnetChangeProtectionResponse_firewallArn = Lens.lens (\UpdateSubnetChangeProtectionResponse' {firewallArn} -> firewallArn) (\s@UpdateSubnetChangeProtectionResponse' {} a -> s {firewallArn = a} :: UpdateSubnetChangeProtectionResponse)++-- | The descriptive name of the firewall. You can\'t change the name of a+-- firewall after you create it.+updateSubnetChangeProtectionResponse_firewallName :: Lens.Lens' UpdateSubnetChangeProtectionResponse (Prelude.Maybe Prelude.Text)+updateSubnetChangeProtectionResponse_firewallName = Lens.lens (\UpdateSubnetChangeProtectionResponse' {firewallName} -> firewallName) (\s@UpdateSubnetChangeProtectionResponse' {} a -> s {firewallName = a} :: UpdateSubnetChangeProtectionResponse)++-- | A setting indicating whether the firewall is protected against changes+-- to the subnet associations. Use this setting to protect against+-- accidentally modifying the subnet associations for a firewall that is in+-- use. When you create a firewall, the operation initializes this setting+-- to @TRUE@.+updateSubnetChangeProtectionResponse_subnetChangeProtection :: Lens.Lens' UpdateSubnetChangeProtectionResponse (Prelude.Maybe Prelude.Bool)+updateSubnetChangeProtectionResponse_subnetChangeProtection = Lens.lens (\UpdateSubnetChangeProtectionResponse' {subnetChangeProtection} -> subnetChangeProtection) (\s@UpdateSubnetChangeProtectionResponse' {} a -> s {subnetChangeProtection = a} :: UpdateSubnetChangeProtectionResponse)++-- | An optional token that you can use for optimistic locking. Network+-- Firewall returns a token to your requests that access the firewall. The+-- token marks the state of the firewall resource at the time of the+-- request.+--+-- To make an unconditional change to the firewall, omit the token in your+-- update request. Without the token, Network Firewall performs your+-- updates regardless of whether the firewall has changed since you last+-- retrieved it.+--+-- To make a conditional change to the firewall, provide the token in your+-- update request. Network Firewall uses the token to ensure that the+-- firewall hasn\'t changed since you last retrieved it. If it has changed,+-- the operation fails with an @InvalidTokenException@. If this happens,+-- retrieve the firewall again to get a current copy of it with a new+-- token. Reapply your changes as needed, then try the operation again+-- using the new token.+updateSubnetChangeProtectionResponse_updateToken :: Lens.Lens' UpdateSubnetChangeProtectionResponse (Prelude.Maybe Prelude.Text)+updateSubnetChangeProtectionResponse_updateToken = Lens.lens (\UpdateSubnetChangeProtectionResponse' {updateToken} -> updateToken) (\s@UpdateSubnetChangeProtectionResponse' {} a -> s {updateToken = a} :: UpdateSubnetChangeProtectionResponse)++-- | The response's http status code.+updateSubnetChangeProtectionResponse_httpStatus :: Lens.Lens' UpdateSubnetChangeProtectionResponse Prelude.Int+updateSubnetChangeProtectionResponse_httpStatus = Lens.lens (\UpdateSubnetChangeProtectionResponse' {httpStatus} -> httpStatus) (\s@UpdateSubnetChangeProtectionResponse' {} a -> s {httpStatus = a} :: UpdateSubnetChangeProtectionResponse)++instance+ Prelude.NFData+ UpdateSubnetChangeProtectionResponse+ where+ rnf UpdateSubnetChangeProtectionResponse' {..} =+ Prelude.rnf firewallArn+ `Prelude.seq` Prelude.rnf firewallName+ `Prelude.seq` Prelude.rnf subnetChangeProtection+ `Prelude.seq` Prelude.rnf updateToken+ `Prelude.seq` Prelude.rnf httpStatus
+ gen/Amazonka/NetworkFirewall/Waiters.hs view
@@ -0,0 +1,24 @@+{-# LANGUAGE DisambiguateRecordFields #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE StrictData #-}+{-# LANGUAGE TypeFamilies #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Amazonka.NetworkFirewall.Waiters+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Amazonka.NetworkFirewall.Waiters where++import qualified Amazonka.Core as Core+import qualified Amazonka.Core.Lens.Internal as Lens+import qualified Amazonka.Data as Data+import Amazonka.NetworkFirewall.Lens+import Amazonka.NetworkFirewall.Types+import qualified Amazonka.Prelude as Prelude
+ src/.gitkeep view
+ test/Main.hs view
@@ -0,0 +1,23 @@+{-# OPTIONS_GHC -fno-warn-unused-imports #-}++-- |+-- Module : Main+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Main (main) where++import Test.Amazonka.NetworkFirewall+import Test.Amazonka.NetworkFirewall.Internal+import Test.Tasty++main :: IO ()+main =+ defaultMain $+ testGroup+ "NetworkFirewall"+ [ testGroup "tests" tests,+ testGroup "fixtures" fixtures+ ]
+ test/Test/Amazonka/Gen/NetworkFirewall.hs view
@@ -0,0 +1,658 @@+{-# OPTIONS_GHC -fno-warn-orphans #-}+{-# OPTIONS_GHC -fno-warn-unused-imports #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Test.Amazonka.Gen.NetworkFirewall+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Test.Amazonka.Gen.NetworkFirewall where++import Amazonka.NetworkFirewall+import qualified Data.Proxy as Proxy+import Test.Amazonka.Fixture+import Test.Amazonka.NetworkFirewall.Internal+import Test.Amazonka.Prelude+import Test.Tasty++-- Auto-generated: the actual test selection needs to be manually placed into+-- the top-level so that real test data can be incrementally added.+--+-- This commented snippet is what the entire set should look like:++-- fixtures :: TestTree+-- fixtures =+-- [ testGroup "request"+-- [ requestAssociateFirewallPolicy $+-- newAssociateFirewallPolicy+--+-- , requestAssociateSubnets $+-- newAssociateSubnets+--+-- , requestCreateFirewall $+-- newCreateFirewall+--+-- , requestCreateFirewallPolicy $+-- newCreateFirewallPolicy+--+-- , requestCreateRuleGroup $+-- newCreateRuleGroup+--+-- , requestDeleteFirewall $+-- newDeleteFirewall+--+-- , requestDeleteFirewallPolicy $+-- newDeleteFirewallPolicy+--+-- , requestDeleteResourcePolicy $+-- newDeleteResourcePolicy+--+-- , requestDeleteRuleGroup $+-- newDeleteRuleGroup+--+-- , requestDescribeFirewall $+-- newDescribeFirewall+--+-- , requestDescribeFirewallPolicy $+-- newDescribeFirewallPolicy+--+-- , requestDescribeLoggingConfiguration $+-- newDescribeLoggingConfiguration+--+-- , requestDescribeResourcePolicy $+-- newDescribeResourcePolicy+--+-- , requestDescribeRuleGroup $+-- newDescribeRuleGroup+--+-- , requestDescribeRuleGroupMetadata $+-- newDescribeRuleGroupMetadata+--+-- , requestDisassociateSubnets $+-- newDisassociateSubnets+--+-- , requestListFirewallPolicies $+-- newListFirewallPolicies+--+-- , requestListFirewalls $+-- newListFirewalls+--+-- , requestListRuleGroups $+-- newListRuleGroups+--+-- , requestListTagsForResource $+-- newListTagsForResource+--+-- , requestPutResourcePolicy $+-- newPutResourcePolicy+--+-- , requestTagResource $+-- newTagResource+--+-- , requestUntagResource $+-- newUntagResource+--+-- , requestUpdateFirewallDeleteProtection $+-- newUpdateFirewallDeleteProtection+--+-- , requestUpdateFirewallDescription $+-- newUpdateFirewallDescription+--+-- , requestUpdateFirewallEncryptionConfiguration $+-- newUpdateFirewallEncryptionConfiguration+--+-- , requestUpdateFirewallPolicy $+-- newUpdateFirewallPolicy+--+-- , requestUpdateFirewallPolicyChangeProtection $+-- newUpdateFirewallPolicyChangeProtection+--+-- , requestUpdateLoggingConfiguration $+-- newUpdateLoggingConfiguration+--+-- , requestUpdateRuleGroup $+-- newUpdateRuleGroup+--+-- , requestUpdateSubnetChangeProtection $+-- newUpdateSubnetChangeProtection+--+-- ]++-- , testGroup "response"+-- [ responseAssociateFirewallPolicy $+-- newAssociateFirewallPolicyResponse+--+-- , responseAssociateSubnets $+-- newAssociateSubnetsResponse+--+-- , responseCreateFirewall $+-- newCreateFirewallResponse+--+-- , responseCreateFirewallPolicy $+-- newCreateFirewallPolicyResponse+--+-- , responseCreateRuleGroup $+-- newCreateRuleGroupResponse+--+-- , responseDeleteFirewall $+-- newDeleteFirewallResponse+--+-- , responseDeleteFirewallPolicy $+-- newDeleteFirewallPolicyResponse+--+-- , responseDeleteResourcePolicy $+-- newDeleteResourcePolicyResponse+--+-- , responseDeleteRuleGroup $+-- newDeleteRuleGroupResponse+--+-- , responseDescribeFirewall $+-- newDescribeFirewallResponse+--+-- , responseDescribeFirewallPolicy $+-- newDescribeFirewallPolicyResponse+--+-- , responseDescribeLoggingConfiguration $+-- newDescribeLoggingConfigurationResponse+--+-- , responseDescribeResourcePolicy $+-- newDescribeResourcePolicyResponse+--+-- , responseDescribeRuleGroup $+-- newDescribeRuleGroupResponse+--+-- , responseDescribeRuleGroupMetadata $+-- newDescribeRuleGroupMetadataResponse+--+-- , responseDisassociateSubnets $+-- newDisassociateSubnetsResponse+--+-- , responseListFirewallPolicies $+-- newListFirewallPoliciesResponse+--+-- , responseListFirewalls $+-- newListFirewallsResponse+--+-- , responseListRuleGroups $+-- newListRuleGroupsResponse+--+-- , responseListTagsForResource $+-- newListTagsForResourceResponse+--+-- , responsePutResourcePolicy $+-- newPutResourcePolicyResponse+--+-- , responseTagResource $+-- newTagResourceResponse+--+-- , responseUntagResource $+-- newUntagResourceResponse+--+-- , responseUpdateFirewallDeleteProtection $+-- newUpdateFirewallDeleteProtectionResponse+--+-- , responseUpdateFirewallDescription $+-- newUpdateFirewallDescriptionResponse+--+-- , responseUpdateFirewallEncryptionConfiguration $+-- newUpdateFirewallEncryptionConfigurationResponse+--+-- , responseUpdateFirewallPolicy $+-- newUpdateFirewallPolicyResponse+--+-- , responseUpdateFirewallPolicyChangeProtection $+-- newUpdateFirewallPolicyChangeProtectionResponse+--+-- , responseUpdateLoggingConfiguration $+-- newUpdateLoggingConfigurationResponse+--+-- , responseUpdateRuleGroup $+-- newUpdateRuleGroupResponse+--+-- , responseUpdateSubnetChangeProtection $+-- newUpdateSubnetChangeProtectionResponse+--+-- ]+-- ]++-- Requests++requestAssociateFirewallPolicy :: AssociateFirewallPolicy -> TestTree+requestAssociateFirewallPolicy =+ req+ "AssociateFirewallPolicy"+ "fixture/AssociateFirewallPolicy.yaml"++requestAssociateSubnets :: AssociateSubnets -> TestTree+requestAssociateSubnets =+ req+ "AssociateSubnets"+ "fixture/AssociateSubnets.yaml"++requestCreateFirewall :: CreateFirewall -> TestTree+requestCreateFirewall =+ req+ "CreateFirewall"+ "fixture/CreateFirewall.yaml"++requestCreateFirewallPolicy :: CreateFirewallPolicy -> TestTree+requestCreateFirewallPolicy =+ req+ "CreateFirewallPolicy"+ "fixture/CreateFirewallPolicy.yaml"++requestCreateRuleGroup :: CreateRuleGroup -> TestTree+requestCreateRuleGroup =+ req+ "CreateRuleGroup"+ "fixture/CreateRuleGroup.yaml"++requestDeleteFirewall :: DeleteFirewall -> TestTree+requestDeleteFirewall =+ req+ "DeleteFirewall"+ "fixture/DeleteFirewall.yaml"++requestDeleteFirewallPolicy :: DeleteFirewallPolicy -> TestTree+requestDeleteFirewallPolicy =+ req+ "DeleteFirewallPolicy"+ "fixture/DeleteFirewallPolicy.yaml"++requestDeleteResourcePolicy :: DeleteResourcePolicy -> TestTree+requestDeleteResourcePolicy =+ req+ "DeleteResourcePolicy"+ "fixture/DeleteResourcePolicy.yaml"++requestDeleteRuleGroup :: DeleteRuleGroup -> TestTree+requestDeleteRuleGroup =+ req+ "DeleteRuleGroup"+ "fixture/DeleteRuleGroup.yaml"++requestDescribeFirewall :: DescribeFirewall -> TestTree+requestDescribeFirewall =+ req+ "DescribeFirewall"+ "fixture/DescribeFirewall.yaml"++requestDescribeFirewallPolicy :: DescribeFirewallPolicy -> TestTree+requestDescribeFirewallPolicy =+ req+ "DescribeFirewallPolicy"+ "fixture/DescribeFirewallPolicy.yaml"++requestDescribeLoggingConfiguration :: DescribeLoggingConfiguration -> TestTree+requestDescribeLoggingConfiguration =+ req+ "DescribeLoggingConfiguration"+ "fixture/DescribeLoggingConfiguration.yaml"++requestDescribeResourcePolicy :: DescribeResourcePolicy -> TestTree+requestDescribeResourcePolicy =+ req+ "DescribeResourcePolicy"+ "fixture/DescribeResourcePolicy.yaml"++requestDescribeRuleGroup :: DescribeRuleGroup -> TestTree+requestDescribeRuleGroup =+ req+ "DescribeRuleGroup"+ "fixture/DescribeRuleGroup.yaml"++requestDescribeRuleGroupMetadata :: DescribeRuleGroupMetadata -> TestTree+requestDescribeRuleGroupMetadata =+ req+ "DescribeRuleGroupMetadata"+ "fixture/DescribeRuleGroupMetadata.yaml"++requestDisassociateSubnets :: DisassociateSubnets -> TestTree+requestDisassociateSubnets =+ req+ "DisassociateSubnets"+ "fixture/DisassociateSubnets.yaml"++requestListFirewallPolicies :: ListFirewallPolicies -> TestTree+requestListFirewallPolicies =+ req+ "ListFirewallPolicies"+ "fixture/ListFirewallPolicies.yaml"++requestListFirewalls :: ListFirewalls -> TestTree+requestListFirewalls =+ req+ "ListFirewalls"+ "fixture/ListFirewalls.yaml"++requestListRuleGroups :: ListRuleGroups -> TestTree+requestListRuleGroups =+ req+ "ListRuleGroups"+ "fixture/ListRuleGroups.yaml"++requestListTagsForResource :: ListTagsForResource -> TestTree+requestListTagsForResource =+ req+ "ListTagsForResource"+ "fixture/ListTagsForResource.yaml"++requestPutResourcePolicy :: PutResourcePolicy -> TestTree+requestPutResourcePolicy =+ req+ "PutResourcePolicy"+ "fixture/PutResourcePolicy.yaml"++requestTagResource :: TagResource -> TestTree+requestTagResource =+ req+ "TagResource"+ "fixture/TagResource.yaml"++requestUntagResource :: UntagResource -> TestTree+requestUntagResource =+ req+ "UntagResource"+ "fixture/UntagResource.yaml"++requestUpdateFirewallDeleteProtection :: UpdateFirewallDeleteProtection -> TestTree+requestUpdateFirewallDeleteProtection =+ req+ "UpdateFirewallDeleteProtection"+ "fixture/UpdateFirewallDeleteProtection.yaml"++requestUpdateFirewallDescription :: UpdateFirewallDescription -> TestTree+requestUpdateFirewallDescription =+ req+ "UpdateFirewallDescription"+ "fixture/UpdateFirewallDescription.yaml"++requestUpdateFirewallEncryptionConfiguration :: UpdateFirewallEncryptionConfiguration -> TestTree+requestUpdateFirewallEncryptionConfiguration =+ req+ "UpdateFirewallEncryptionConfiguration"+ "fixture/UpdateFirewallEncryptionConfiguration.yaml"++requestUpdateFirewallPolicy :: UpdateFirewallPolicy -> TestTree+requestUpdateFirewallPolicy =+ req+ "UpdateFirewallPolicy"+ "fixture/UpdateFirewallPolicy.yaml"++requestUpdateFirewallPolicyChangeProtection :: UpdateFirewallPolicyChangeProtection -> TestTree+requestUpdateFirewallPolicyChangeProtection =+ req+ "UpdateFirewallPolicyChangeProtection"+ "fixture/UpdateFirewallPolicyChangeProtection.yaml"++requestUpdateLoggingConfiguration :: UpdateLoggingConfiguration -> TestTree+requestUpdateLoggingConfiguration =+ req+ "UpdateLoggingConfiguration"+ "fixture/UpdateLoggingConfiguration.yaml"++requestUpdateRuleGroup :: UpdateRuleGroup -> TestTree+requestUpdateRuleGroup =+ req+ "UpdateRuleGroup"+ "fixture/UpdateRuleGroup.yaml"++requestUpdateSubnetChangeProtection :: UpdateSubnetChangeProtection -> TestTree+requestUpdateSubnetChangeProtection =+ req+ "UpdateSubnetChangeProtection"+ "fixture/UpdateSubnetChangeProtection.yaml"++-- Responses++responseAssociateFirewallPolicy :: AssociateFirewallPolicyResponse -> TestTree+responseAssociateFirewallPolicy =+ res+ "AssociateFirewallPolicyResponse"+ "fixture/AssociateFirewallPolicyResponse.proto"+ defaultService+ (Proxy.Proxy :: Proxy.Proxy AssociateFirewallPolicy)++responseAssociateSubnets :: AssociateSubnetsResponse -> TestTree+responseAssociateSubnets =+ res+ "AssociateSubnetsResponse"+ "fixture/AssociateSubnetsResponse.proto"+ defaultService+ (Proxy.Proxy :: Proxy.Proxy AssociateSubnets)++responseCreateFirewall :: CreateFirewallResponse -> TestTree+responseCreateFirewall =+ res+ "CreateFirewallResponse"+ "fixture/CreateFirewallResponse.proto"+ defaultService+ (Proxy.Proxy :: Proxy.Proxy CreateFirewall)++responseCreateFirewallPolicy :: CreateFirewallPolicyResponse -> TestTree+responseCreateFirewallPolicy =+ res+ "CreateFirewallPolicyResponse"+ "fixture/CreateFirewallPolicyResponse.proto"+ defaultService+ (Proxy.Proxy :: Proxy.Proxy CreateFirewallPolicy)++responseCreateRuleGroup :: CreateRuleGroupResponse -> TestTree+responseCreateRuleGroup =+ res+ "CreateRuleGroupResponse"+ "fixture/CreateRuleGroupResponse.proto"+ defaultService+ (Proxy.Proxy :: Proxy.Proxy CreateRuleGroup)++responseDeleteFirewall :: DeleteFirewallResponse -> TestTree+responseDeleteFirewall =+ res+ "DeleteFirewallResponse"+ "fixture/DeleteFirewallResponse.proto"+ defaultService+ (Proxy.Proxy :: Proxy.Proxy DeleteFirewall)++responseDeleteFirewallPolicy :: DeleteFirewallPolicyResponse -> TestTree+responseDeleteFirewallPolicy =+ res+ "DeleteFirewallPolicyResponse"+ "fixture/DeleteFirewallPolicyResponse.proto"+ defaultService+ (Proxy.Proxy :: Proxy.Proxy DeleteFirewallPolicy)++responseDeleteResourcePolicy :: DeleteResourcePolicyResponse -> TestTree+responseDeleteResourcePolicy =+ res+ "DeleteResourcePolicyResponse"+ "fixture/DeleteResourcePolicyResponse.proto"+ defaultService+ (Proxy.Proxy :: Proxy.Proxy DeleteResourcePolicy)++responseDeleteRuleGroup :: DeleteRuleGroupResponse -> TestTree+responseDeleteRuleGroup =+ res+ "DeleteRuleGroupResponse"+ "fixture/DeleteRuleGroupResponse.proto"+ defaultService+ (Proxy.Proxy :: Proxy.Proxy DeleteRuleGroup)++responseDescribeFirewall :: DescribeFirewallResponse -> TestTree+responseDescribeFirewall =+ res+ "DescribeFirewallResponse"+ "fixture/DescribeFirewallResponse.proto"+ defaultService+ (Proxy.Proxy :: Proxy.Proxy DescribeFirewall)++responseDescribeFirewallPolicy :: DescribeFirewallPolicyResponse -> TestTree+responseDescribeFirewallPolicy =+ res+ "DescribeFirewallPolicyResponse"+ "fixture/DescribeFirewallPolicyResponse.proto"+ defaultService+ (Proxy.Proxy :: Proxy.Proxy DescribeFirewallPolicy)++responseDescribeLoggingConfiguration :: DescribeLoggingConfigurationResponse -> TestTree+responseDescribeLoggingConfiguration =+ res+ "DescribeLoggingConfigurationResponse"+ "fixture/DescribeLoggingConfigurationResponse.proto"+ defaultService+ (Proxy.Proxy :: Proxy.Proxy DescribeLoggingConfiguration)++responseDescribeResourcePolicy :: DescribeResourcePolicyResponse -> TestTree+responseDescribeResourcePolicy =+ res+ "DescribeResourcePolicyResponse"+ "fixture/DescribeResourcePolicyResponse.proto"+ defaultService+ (Proxy.Proxy :: Proxy.Proxy DescribeResourcePolicy)++responseDescribeRuleGroup :: DescribeRuleGroupResponse -> TestTree+responseDescribeRuleGroup =+ res+ "DescribeRuleGroupResponse"+ "fixture/DescribeRuleGroupResponse.proto"+ defaultService+ (Proxy.Proxy :: Proxy.Proxy DescribeRuleGroup)++responseDescribeRuleGroupMetadata :: DescribeRuleGroupMetadataResponse -> TestTree+responseDescribeRuleGroupMetadata =+ res+ "DescribeRuleGroupMetadataResponse"+ "fixture/DescribeRuleGroupMetadataResponse.proto"+ defaultService+ (Proxy.Proxy :: Proxy.Proxy DescribeRuleGroupMetadata)++responseDisassociateSubnets :: DisassociateSubnetsResponse -> TestTree+responseDisassociateSubnets =+ res+ "DisassociateSubnetsResponse"+ "fixture/DisassociateSubnetsResponse.proto"+ defaultService+ (Proxy.Proxy :: Proxy.Proxy DisassociateSubnets)++responseListFirewallPolicies :: ListFirewallPoliciesResponse -> TestTree+responseListFirewallPolicies =+ res+ "ListFirewallPoliciesResponse"+ "fixture/ListFirewallPoliciesResponse.proto"+ defaultService+ (Proxy.Proxy :: Proxy.Proxy ListFirewallPolicies)++responseListFirewalls :: ListFirewallsResponse -> TestTree+responseListFirewalls =+ res+ "ListFirewallsResponse"+ "fixture/ListFirewallsResponse.proto"+ defaultService+ (Proxy.Proxy :: Proxy.Proxy ListFirewalls)++responseListRuleGroups :: ListRuleGroupsResponse -> TestTree+responseListRuleGroups =+ res+ "ListRuleGroupsResponse"+ "fixture/ListRuleGroupsResponse.proto"+ defaultService+ (Proxy.Proxy :: Proxy.Proxy ListRuleGroups)++responseListTagsForResource :: ListTagsForResourceResponse -> TestTree+responseListTagsForResource =+ res+ "ListTagsForResourceResponse"+ "fixture/ListTagsForResourceResponse.proto"+ defaultService+ (Proxy.Proxy :: Proxy.Proxy ListTagsForResource)++responsePutResourcePolicy :: PutResourcePolicyResponse -> TestTree+responsePutResourcePolicy =+ res+ "PutResourcePolicyResponse"+ "fixture/PutResourcePolicyResponse.proto"+ defaultService+ (Proxy.Proxy :: Proxy.Proxy PutResourcePolicy)++responseTagResource :: TagResourceResponse -> TestTree+responseTagResource =+ res+ "TagResourceResponse"+ "fixture/TagResourceResponse.proto"+ defaultService+ (Proxy.Proxy :: Proxy.Proxy TagResource)++responseUntagResource :: UntagResourceResponse -> TestTree+responseUntagResource =+ res+ "UntagResourceResponse"+ "fixture/UntagResourceResponse.proto"+ defaultService+ (Proxy.Proxy :: Proxy.Proxy UntagResource)++responseUpdateFirewallDeleteProtection :: UpdateFirewallDeleteProtectionResponse -> TestTree+responseUpdateFirewallDeleteProtection =+ res+ "UpdateFirewallDeleteProtectionResponse"+ "fixture/UpdateFirewallDeleteProtectionResponse.proto"+ defaultService+ (Proxy.Proxy :: Proxy.Proxy UpdateFirewallDeleteProtection)++responseUpdateFirewallDescription :: UpdateFirewallDescriptionResponse -> TestTree+responseUpdateFirewallDescription =+ res+ "UpdateFirewallDescriptionResponse"+ "fixture/UpdateFirewallDescriptionResponse.proto"+ defaultService+ (Proxy.Proxy :: Proxy.Proxy UpdateFirewallDescription)++responseUpdateFirewallEncryptionConfiguration :: UpdateFirewallEncryptionConfigurationResponse -> TestTree+responseUpdateFirewallEncryptionConfiguration =+ res+ "UpdateFirewallEncryptionConfigurationResponse"+ "fixture/UpdateFirewallEncryptionConfigurationResponse.proto"+ defaultService+ (Proxy.Proxy :: Proxy.Proxy UpdateFirewallEncryptionConfiguration)++responseUpdateFirewallPolicy :: UpdateFirewallPolicyResponse -> TestTree+responseUpdateFirewallPolicy =+ res+ "UpdateFirewallPolicyResponse"+ "fixture/UpdateFirewallPolicyResponse.proto"+ defaultService+ (Proxy.Proxy :: Proxy.Proxy UpdateFirewallPolicy)++responseUpdateFirewallPolicyChangeProtection :: UpdateFirewallPolicyChangeProtectionResponse -> TestTree+responseUpdateFirewallPolicyChangeProtection =+ res+ "UpdateFirewallPolicyChangeProtectionResponse"+ "fixture/UpdateFirewallPolicyChangeProtectionResponse.proto"+ defaultService+ (Proxy.Proxy :: Proxy.Proxy UpdateFirewallPolicyChangeProtection)++responseUpdateLoggingConfiguration :: UpdateLoggingConfigurationResponse -> TestTree+responseUpdateLoggingConfiguration =+ res+ "UpdateLoggingConfigurationResponse"+ "fixture/UpdateLoggingConfigurationResponse.proto"+ defaultService+ (Proxy.Proxy :: Proxy.Proxy UpdateLoggingConfiguration)++responseUpdateRuleGroup :: UpdateRuleGroupResponse -> TestTree+responseUpdateRuleGroup =+ res+ "UpdateRuleGroupResponse"+ "fixture/UpdateRuleGroupResponse.proto"+ defaultService+ (Proxy.Proxy :: Proxy.Proxy UpdateRuleGroup)++responseUpdateSubnetChangeProtection :: UpdateSubnetChangeProtectionResponse -> TestTree+responseUpdateSubnetChangeProtection =+ res+ "UpdateSubnetChangeProtectionResponse"+ "fixture/UpdateSubnetChangeProtectionResponse.proto"+ defaultService+ (Proxy.Proxy :: Proxy.Proxy UpdateSubnetChangeProtection)
+ test/Test/Amazonka/NetworkFirewall.hs view
@@ -0,0 +1,20 @@+-- |+-- Module : Test.Amazonka.NetworkFirewall+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Test.Amazonka.NetworkFirewall+ ( tests,+ fixtures,+ )+where++import Test.Tasty (TestTree)++tests :: [TestTree]+tests = []++fixtures :: [TestTree]+fixtures = []
+ test/Test/Amazonka/NetworkFirewall/Internal.hs view
@@ -0,0 +1,8 @@+-- |+-- Module : Test.Amazonka.NetworkFirewall.Internal+-- Copyright : (c) 2013-2023 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+module Test.Amazonka.NetworkFirewall.Internal where