amazonka-codeguruprofiler-2.0: gen/Amazonka/CodeGuruProfiler/PutPermission.hs
{-# LANGUAGE DeriveGeneric #-}
{-# LANGUAGE DuplicateRecordFields #-}
{-# LANGUAGE NamedFieldPuns #-}
{-# LANGUAGE OverloadedStrings #-}
{-# LANGUAGE RecordWildCards #-}
{-# LANGUAGE StrictData #-}
{-# LANGUAGE TypeFamilies #-}
{-# LANGUAGE NoImplicitPrelude #-}
{-# OPTIONS_GHC -fno-warn-unused-binds #-}
{-# OPTIONS_GHC -fno-warn-unused-imports #-}
{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-- Derived from AWS service descriptions, licensed under Apache 2.0.
-- |
-- Module : Amazonka.CodeGuruProfiler.PutPermission
-- Copyright : (c) 2013-2023 Brendan Hay
-- License : Mozilla Public License, v. 2.0.
-- Maintainer : Brendan Hay
-- Stability : auto-generated
-- Portability : non-portable (GHC extensions)
--
-- Adds permissions to a profiling group\'s resource-based policy that are
-- provided using an action group. If a profiling group doesn\'t have a
-- resource-based policy, one is created for it using the permissions in
-- the action group and the roles and users in the @principals@ parameter.
--
-- > <p> The one supported action group that can be added is <code>agentPermission</code> which grants <code>ConfigureAgent</code> and <code>PostAgent</code> permissions. For more information, see <a href="https://docs.aws.amazon.com/codeguru/latest/profiler-ug/resource-based-policies.html">Resource-based policies in CodeGuru Profiler</a> in the <i>Amazon CodeGuru Profiler User Guide</i>, <a href="https://docs.aws.amazon.com/codeguru/latest/profiler-api/API_ConfigureAgent.html"> <code>ConfigureAgent</code> </a>, and <a href="https://docs.aws.amazon.com/codeguru/latest/profiler-api/API_PostAgentProfile.html"> <code>PostAgentProfile</code> </a>. </p> <p> The first time you call <code>PutPermission</code> on a profiling group, do not specify a <code>revisionId</code> because it doesn't have a resource-based policy. Subsequent calls must provide a <code>revisionId</code> to specify which revision of the resource-based policy to add the permissions to. </p> <p> The response contains the profiling group's JSON-formatted resource policy. </p>
module Amazonka.CodeGuruProfiler.PutPermission
( -- * Creating a Request
PutPermission (..),
newPutPermission,
-- * Request Lenses
putPermission_revisionId,
putPermission_actionGroup,
putPermission_principals,
putPermission_profilingGroupName,
-- * Destructuring the Response
PutPermissionResponse (..),
newPutPermissionResponse,
-- * Response Lenses
putPermissionResponse_httpStatus,
putPermissionResponse_policy,
putPermissionResponse_revisionId,
)
where
import Amazonka.CodeGuruProfiler.Types
import qualified Amazonka.Core as Core
import qualified Amazonka.Core.Lens.Internal as Lens
import qualified Amazonka.Data as Data
import qualified Amazonka.Prelude as Prelude
import qualified Amazonka.Request as Request
import qualified Amazonka.Response as Response
-- | The structure representing the @putPermissionRequest@.
--
-- /See:/ 'newPutPermission' smart constructor.
data PutPermission = PutPermission'
{ -- | A universally unique identifier (UUID) for the revision of the policy
-- you are adding to the profiling group. Do not specify this when you add
-- permissions to a profiling group for the first time. If a policy already
-- exists on the profiling group, you must specify the @revisionId@.
revisionId :: Prelude.Maybe Prelude.Text,
-- | Specifies an action group that contains permissions to add to a
-- profiling group resource. One action group is supported,
-- @agentPermissions@, which grants permission to perform actions required
-- by the profiling agent, @ConfigureAgent@ and @PostAgentProfile@
-- permissions.
actionGroup :: ActionGroup,
-- | A list ARNs for the roles and users you want to grant access to the
-- profiling group. Wildcards are not are supported in the ARNs.
principals :: Prelude.NonEmpty Prelude.Text,
-- | The name of the profiling group to grant access to.
profilingGroupName :: Prelude.Text
}
deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
-- |
-- Create a value of 'PutPermission' with all optional fields omitted.
--
-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
--
-- The following record fields are available, with the corresponding lenses provided
-- for backwards compatibility:
--
-- 'revisionId', 'putPermission_revisionId' - A universally unique identifier (UUID) for the revision of the policy
-- you are adding to the profiling group. Do not specify this when you add
-- permissions to a profiling group for the first time. If a policy already
-- exists on the profiling group, you must specify the @revisionId@.
--
-- 'actionGroup', 'putPermission_actionGroup' - Specifies an action group that contains permissions to add to a
-- profiling group resource. One action group is supported,
-- @agentPermissions@, which grants permission to perform actions required
-- by the profiling agent, @ConfigureAgent@ and @PostAgentProfile@
-- permissions.
--
-- 'principals', 'putPermission_principals' - A list ARNs for the roles and users you want to grant access to the
-- profiling group. Wildcards are not are supported in the ARNs.
--
-- 'profilingGroupName', 'putPermission_profilingGroupName' - The name of the profiling group to grant access to.
newPutPermission ::
-- | 'actionGroup'
ActionGroup ->
-- | 'principals'
Prelude.NonEmpty Prelude.Text ->
-- | 'profilingGroupName'
Prelude.Text ->
PutPermission
newPutPermission
pActionGroup_
pPrincipals_
pProfilingGroupName_ =
PutPermission'
{ revisionId = Prelude.Nothing,
actionGroup = pActionGroup_,
principals = Lens.coerced Lens.# pPrincipals_,
profilingGroupName = pProfilingGroupName_
}
-- | A universally unique identifier (UUID) for the revision of the policy
-- you are adding to the profiling group. Do not specify this when you add
-- permissions to a profiling group for the first time. If a policy already
-- exists on the profiling group, you must specify the @revisionId@.
putPermission_revisionId :: Lens.Lens' PutPermission (Prelude.Maybe Prelude.Text)
putPermission_revisionId = Lens.lens (\PutPermission' {revisionId} -> revisionId) (\s@PutPermission' {} a -> s {revisionId = a} :: PutPermission)
-- | Specifies an action group that contains permissions to add to a
-- profiling group resource. One action group is supported,
-- @agentPermissions@, which grants permission to perform actions required
-- by the profiling agent, @ConfigureAgent@ and @PostAgentProfile@
-- permissions.
putPermission_actionGroup :: Lens.Lens' PutPermission ActionGroup
putPermission_actionGroup = Lens.lens (\PutPermission' {actionGroup} -> actionGroup) (\s@PutPermission' {} a -> s {actionGroup = a} :: PutPermission)
-- | A list ARNs for the roles and users you want to grant access to the
-- profiling group. Wildcards are not are supported in the ARNs.
putPermission_principals :: Lens.Lens' PutPermission (Prelude.NonEmpty Prelude.Text)
putPermission_principals = Lens.lens (\PutPermission' {principals} -> principals) (\s@PutPermission' {} a -> s {principals = a} :: PutPermission) Prelude.. Lens.coerced
-- | The name of the profiling group to grant access to.
putPermission_profilingGroupName :: Lens.Lens' PutPermission Prelude.Text
putPermission_profilingGroupName = Lens.lens (\PutPermission' {profilingGroupName} -> profilingGroupName) (\s@PutPermission' {} a -> s {profilingGroupName = a} :: PutPermission)
instance Core.AWSRequest PutPermission where
type
AWSResponse PutPermission =
PutPermissionResponse
request overrides =
Request.putJSON (overrides defaultService)
response =
Response.receiveJSON
( \s h x ->
PutPermissionResponse'
Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
Prelude.<*> (x Data..:> "policy")
Prelude.<*> (x Data..:> "revisionId")
)
instance Prelude.Hashable PutPermission where
hashWithSalt _salt PutPermission' {..} =
_salt
`Prelude.hashWithSalt` revisionId
`Prelude.hashWithSalt` actionGroup
`Prelude.hashWithSalt` principals
`Prelude.hashWithSalt` profilingGroupName
instance Prelude.NFData PutPermission where
rnf PutPermission' {..} =
Prelude.rnf revisionId
`Prelude.seq` Prelude.rnf actionGroup
`Prelude.seq` Prelude.rnf principals
`Prelude.seq` Prelude.rnf profilingGroupName
instance Data.ToHeaders PutPermission where
toHeaders =
Prelude.const
( Prelude.mconcat
[ "Content-Type"
Data.=# ( "application/x-amz-json-1.1" ::
Prelude.ByteString
)
]
)
instance Data.ToJSON PutPermission where
toJSON PutPermission' {..} =
Data.object
( Prelude.catMaybes
[ ("revisionId" Data..=) Prelude.<$> revisionId,
Prelude.Just ("principals" Data..= principals)
]
)
instance Data.ToPath PutPermission where
toPath PutPermission' {..} =
Prelude.mconcat
[ "/profilingGroups/",
Data.toBS profilingGroupName,
"/policy/",
Data.toBS actionGroup
]
instance Data.ToQuery PutPermission where
toQuery = Prelude.const Prelude.mempty
-- | The structure representing the @putPermissionResponse@.
--
-- /See:/ 'newPutPermissionResponse' smart constructor.
data PutPermissionResponse = PutPermissionResponse'
{ -- | The response's http status code.
httpStatus :: Prelude.Int,
-- | The JSON-formatted resource-based policy on the profiling group that
-- includes the added permissions.
policy :: Prelude.Text,
-- | A universally unique identifier (UUID) for the revision of the
-- resource-based policy that includes the added permissions. The
-- JSON-formatted policy is in the @policy@ element of the response.
revisionId :: Prelude.Text
}
deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
-- |
-- Create a value of 'PutPermissionResponse' with all optional fields omitted.
--
-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
--
-- The following record fields are available, with the corresponding lenses provided
-- for backwards compatibility:
--
-- 'httpStatus', 'putPermissionResponse_httpStatus' - The response's http status code.
--
-- 'policy', 'putPermissionResponse_policy' - The JSON-formatted resource-based policy on the profiling group that
-- includes the added permissions.
--
-- 'revisionId', 'putPermissionResponse_revisionId' - A universally unique identifier (UUID) for the revision of the
-- resource-based policy that includes the added permissions. The
-- JSON-formatted policy is in the @policy@ element of the response.
newPutPermissionResponse ::
-- | 'httpStatus'
Prelude.Int ->
-- | 'policy'
Prelude.Text ->
-- | 'revisionId'
Prelude.Text ->
PutPermissionResponse
newPutPermissionResponse
pHttpStatus_
pPolicy_
pRevisionId_ =
PutPermissionResponse'
{ httpStatus = pHttpStatus_,
policy = pPolicy_,
revisionId = pRevisionId_
}
-- | The response's http status code.
putPermissionResponse_httpStatus :: Lens.Lens' PutPermissionResponse Prelude.Int
putPermissionResponse_httpStatus = Lens.lens (\PutPermissionResponse' {httpStatus} -> httpStatus) (\s@PutPermissionResponse' {} a -> s {httpStatus = a} :: PutPermissionResponse)
-- | The JSON-formatted resource-based policy on the profiling group that
-- includes the added permissions.
putPermissionResponse_policy :: Lens.Lens' PutPermissionResponse Prelude.Text
putPermissionResponse_policy = Lens.lens (\PutPermissionResponse' {policy} -> policy) (\s@PutPermissionResponse' {} a -> s {policy = a} :: PutPermissionResponse)
-- | A universally unique identifier (UUID) for the revision of the
-- resource-based policy that includes the added permissions. The
-- JSON-formatted policy is in the @policy@ element of the response.
putPermissionResponse_revisionId :: Lens.Lens' PutPermissionResponse Prelude.Text
putPermissionResponse_revisionId = Lens.lens (\PutPermissionResponse' {revisionId} -> revisionId) (\s@PutPermissionResponse' {} a -> s {revisionId = a} :: PutPermissionResponse)
instance Prelude.NFData PutPermissionResponse where
rnf PutPermissionResponse' {..} =
Prelude.rnf httpStatus
`Prelude.seq` Prelude.rnf policy
`Prelude.seq` Prelude.rnf revisionId