amazonka-kms-0.2.2: gen/Network/AWS/KMS/Encrypt.hs
{-# LANGUAGE DataKinds #-}
{-# LANGUAGE DeriveGeneric #-}
{-# LANGUAGE FlexibleInstances #-}
{-# LANGUAGE GeneralizedNewtypeDeriving #-}
{-# LANGUAGE LambdaCase #-}
{-# LANGUAGE NoImplicitPrelude #-}
{-# LANGUAGE OverloadedStrings #-}
{-# LANGUAGE RecordWildCards #-}
{-# LANGUAGE TypeFamilies #-}
{-# OPTIONS_GHC -fno-warn-unused-imports #-}
-- Module : Network.AWS.KMS.Encrypt
-- Copyright : (c) 2013-2014 Brendan Hay <brendan.g.hay@gmail.com>
-- License : This Source Code Form is subject to the terms of
-- the Mozilla Public License, v. 2.0.
-- A copy of the MPL can be found in the LICENSE file or
-- you can obtain it at http://mozilla.org/MPL/2.0/.
-- Maintainer : Brendan Hay <brendan.g.hay@gmail.com>
-- Stability : experimental
-- Portability : non-portable (GHC extensions)
--
-- Derived from AWS service descriptions, licensed under Apache 2.0.
-- | Encrypts plaintext into ciphertext by using a customer master key.
--
-- <http://docs.aws.amazon.com/kms/latest/APIReference/API_Encrypt.html>
module Network.AWS.KMS.Encrypt
(
-- * Request
Encrypt
-- ** Request constructor
, encrypt
-- ** Request lenses
, eEncryptionContext
, eGrantTokens
, eKeyId
, ePlaintext
-- * Response
, EncryptResponse
-- ** Response constructor
, encryptResponse
-- ** Response lenses
, erCiphertextBlob
, erKeyId
) where
import Network.AWS.Prelude
import Network.AWS.Request.JSON
import Network.AWS.KMS.Types
import qualified GHC.Exts
data Encrypt = Encrypt
{ _eEncryptionContext :: Map Text Text
, _eGrantTokens :: List "GrantTokens" Text
, _eKeyId :: Text
, _ePlaintext :: Base64
} deriving (Eq, Read, Show)
-- | 'Encrypt' constructor.
--
-- The fields accessible through corresponding lenses are:
--
-- * 'eEncryptionContext' @::@ 'HashMap' 'Text' 'Text'
--
-- * 'eGrantTokens' @::@ ['Text']
--
-- * 'eKeyId' @::@ 'Text'
--
-- * 'ePlaintext' @::@ 'Base64'
--
encrypt :: Text -- ^ 'eKeyId'
-> Base64 -- ^ 'ePlaintext'
-> Encrypt
encrypt p1 p2 = Encrypt
{ _eKeyId = p1
, _ePlaintext = p2
, _eEncryptionContext = mempty
, _eGrantTokens = mempty
}
-- | Name:value pair that specifies the encryption context to be used for
-- authenticated encryption. For more information, see <http://docs.aws.amazon.com/kms/latest/developerguide/crypto_authen.html Authenticated Encryption>.
eEncryptionContext :: Lens' Encrypt (HashMap Text Text)
eEncryptionContext =
lens _eEncryptionContext (\s a -> s { _eEncryptionContext = a })
. _Map
-- | A list of grant tokens that represent grants which can be used to provide
-- long term permissions to perform encryption.
eGrantTokens :: Lens' Encrypt [Text]
eGrantTokens = lens _eGrantTokens (\s a -> s { _eGrantTokens = a }) . _List
-- | Unique identifier of the customer master. This can be an ARN, an alias, or
-- the Key ID.
eKeyId :: Lens' Encrypt Text
eKeyId = lens _eKeyId (\s a -> s { _eKeyId = a })
-- | Data to be encrypted.
ePlaintext :: Lens' Encrypt Base64
ePlaintext = lens _ePlaintext (\s a -> s { _ePlaintext = a })
data EncryptResponse = EncryptResponse
{ _erCiphertextBlob :: Maybe Base64
, _erKeyId :: Maybe Text
} deriving (Eq, Read, Show)
-- | 'EncryptResponse' constructor.
--
-- The fields accessible through corresponding lenses are:
--
-- * 'erCiphertextBlob' @::@ 'Maybe' 'Base64'
--
-- * 'erKeyId' @::@ 'Maybe' 'Text'
--
encryptResponse :: EncryptResponse
encryptResponse = EncryptResponse
{ _erCiphertextBlob = Nothing
, _erKeyId = Nothing
}
-- | The encrypted plaintext.
erCiphertextBlob :: Lens' EncryptResponse (Maybe Base64)
erCiphertextBlob = lens _erCiphertextBlob (\s a -> s { _erCiphertextBlob = a })
-- | The ID of the key used during encryption.
erKeyId :: Lens' EncryptResponse (Maybe Text)
erKeyId = lens _erKeyId (\s a -> s { _erKeyId = a })
instance ToPath Encrypt where
toPath = const "/"
instance ToQuery Encrypt where
toQuery = const mempty
instance ToHeaders Encrypt
instance ToJSON Encrypt where
toJSON Encrypt{..} = object
[ "KeyId" .= _eKeyId
, "Plaintext" .= _ePlaintext
, "EncryptionContext" .= _eEncryptionContext
, "GrantTokens" .= _eGrantTokens
]
instance AWSRequest Encrypt where
type Sv Encrypt = KMS
type Rs Encrypt = EncryptResponse
request = post "Encrypt"
response = jsonResponse
instance FromJSON EncryptResponse where
parseJSON = withObject "EncryptResponse" $ \o -> EncryptResponse
<$> o .:? "CiphertextBlob"
<*> o .:? "KeyId"