packages feed

amazonka-lakeformation-2.0: gen/Amazonka/LakeFormation/GetTemporaryGlueTableCredentials.hs

{-# LANGUAGE DeriveGeneric #-}
{-# LANGUAGE DuplicateRecordFields #-}
{-# LANGUAGE NamedFieldPuns #-}
{-# LANGUAGE OverloadedStrings #-}
{-# LANGUAGE RecordWildCards #-}
{-# LANGUAGE StrictData #-}
{-# LANGUAGE TypeFamilies #-}
{-# LANGUAGE NoImplicitPrelude #-}
{-# OPTIONS_GHC -fno-warn-unused-binds #-}
{-# OPTIONS_GHC -fno-warn-unused-imports #-}
{-# OPTIONS_GHC -fno-warn-unused-matches #-}

-- Derived from AWS service descriptions, licensed under Apache 2.0.

-- |
-- Module      : Amazonka.LakeFormation.GetTemporaryGlueTableCredentials
-- Copyright   : (c) 2013-2023 Brendan Hay
-- License     : Mozilla Public License, v. 2.0.
-- Maintainer  : Brendan Hay
-- Stability   : auto-generated
-- Portability : non-portable (GHC extensions)
--
-- Allows a caller in a secure environment to assume a role with permission
-- to access Amazon S3. In order to vend such credentials, Lake Formation
-- assumes the role associated with a registered location, for example an
-- Amazon S3 bucket, with a scope down policy which restricts the access to
-- a single prefix.
module Amazonka.LakeFormation.GetTemporaryGlueTableCredentials
  ( -- * Creating a Request
    GetTemporaryGlueTableCredentials (..),
    newGetTemporaryGlueTableCredentials,

    -- * Request Lenses
    getTemporaryGlueTableCredentials_auditContext,
    getTemporaryGlueTableCredentials_durationSeconds,
    getTemporaryGlueTableCredentials_permissions,
    getTemporaryGlueTableCredentials_tableArn,
    getTemporaryGlueTableCredentials_supportedPermissionTypes,

    -- * Destructuring the Response
    GetTemporaryGlueTableCredentialsResponse (..),
    newGetTemporaryGlueTableCredentialsResponse,

    -- * Response Lenses
    getTemporaryGlueTableCredentialsResponse_accessKeyId,
    getTemporaryGlueTableCredentialsResponse_expiration,
    getTemporaryGlueTableCredentialsResponse_secretAccessKey,
    getTemporaryGlueTableCredentialsResponse_sessionToken,
    getTemporaryGlueTableCredentialsResponse_httpStatus,
  )
where

import qualified Amazonka.Core as Core
import qualified Amazonka.Core.Lens.Internal as Lens
import qualified Amazonka.Data as Data
import Amazonka.LakeFormation.Types
import qualified Amazonka.Prelude as Prelude
import qualified Amazonka.Request as Request
import qualified Amazonka.Response as Response

-- | /See:/ 'newGetTemporaryGlueTableCredentials' smart constructor.
data GetTemporaryGlueTableCredentials = GetTemporaryGlueTableCredentials'
  { -- | A structure representing context to access a resource (column names,
    -- query ID, etc).
    auditContext :: Prelude.Maybe AuditContext,
    -- | The time period, between 900 and 21,600 seconds, for the timeout of the
    -- temporary credentials.
    durationSeconds :: Prelude.Maybe Prelude.Natural,
    -- | Filters the request based on the user having been granted a list of
    -- specified permissions on the requested resource(s).
    permissions :: Prelude.Maybe [Permission],
    -- | The ARN identifying a table in the Data Catalog for the temporary
    -- credentials request.
    tableArn :: Prelude.Text,
    -- | A list of supported permission types for the table. Valid values are
    -- @COLUMN_PERMISSION@ and @CELL_FILTER_PERMISSION@.
    supportedPermissionTypes :: Prelude.NonEmpty PermissionType
  }
  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)

-- |
-- Create a value of 'GetTemporaryGlueTableCredentials' with all optional fields omitted.
--
-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
--
-- The following record fields are available, with the corresponding lenses provided
-- for backwards compatibility:
--
-- 'auditContext', 'getTemporaryGlueTableCredentials_auditContext' - A structure representing context to access a resource (column names,
-- query ID, etc).
--
-- 'durationSeconds', 'getTemporaryGlueTableCredentials_durationSeconds' - The time period, between 900 and 21,600 seconds, for the timeout of the
-- temporary credentials.
--
-- 'permissions', 'getTemporaryGlueTableCredentials_permissions' - Filters the request based on the user having been granted a list of
-- specified permissions on the requested resource(s).
--
-- 'tableArn', 'getTemporaryGlueTableCredentials_tableArn' - The ARN identifying a table in the Data Catalog for the temporary
-- credentials request.
--
-- 'supportedPermissionTypes', 'getTemporaryGlueTableCredentials_supportedPermissionTypes' - A list of supported permission types for the table. Valid values are
-- @COLUMN_PERMISSION@ and @CELL_FILTER_PERMISSION@.
newGetTemporaryGlueTableCredentials ::
  -- | 'tableArn'
  Prelude.Text ->
  -- | 'supportedPermissionTypes'
  Prelude.NonEmpty PermissionType ->
  GetTemporaryGlueTableCredentials
newGetTemporaryGlueTableCredentials
  pTableArn_
  pSupportedPermissionTypes_ =
    GetTemporaryGlueTableCredentials'
      { auditContext =
          Prelude.Nothing,
        durationSeconds = Prelude.Nothing,
        permissions = Prelude.Nothing,
        tableArn = pTableArn_,
        supportedPermissionTypes =
          Lens.coerced
            Lens.# pSupportedPermissionTypes_
      }

-- | A structure representing context to access a resource (column names,
-- query ID, etc).
getTemporaryGlueTableCredentials_auditContext :: Lens.Lens' GetTemporaryGlueTableCredentials (Prelude.Maybe AuditContext)
getTemporaryGlueTableCredentials_auditContext = Lens.lens (\GetTemporaryGlueTableCredentials' {auditContext} -> auditContext) (\s@GetTemporaryGlueTableCredentials' {} a -> s {auditContext = a} :: GetTemporaryGlueTableCredentials)

-- | The time period, between 900 and 21,600 seconds, for the timeout of the
-- temporary credentials.
getTemporaryGlueTableCredentials_durationSeconds :: Lens.Lens' GetTemporaryGlueTableCredentials (Prelude.Maybe Prelude.Natural)
getTemporaryGlueTableCredentials_durationSeconds = Lens.lens (\GetTemporaryGlueTableCredentials' {durationSeconds} -> durationSeconds) (\s@GetTemporaryGlueTableCredentials' {} a -> s {durationSeconds = a} :: GetTemporaryGlueTableCredentials)

-- | Filters the request based on the user having been granted a list of
-- specified permissions on the requested resource(s).
getTemporaryGlueTableCredentials_permissions :: Lens.Lens' GetTemporaryGlueTableCredentials (Prelude.Maybe [Permission])
getTemporaryGlueTableCredentials_permissions = Lens.lens (\GetTemporaryGlueTableCredentials' {permissions} -> permissions) (\s@GetTemporaryGlueTableCredentials' {} a -> s {permissions = a} :: GetTemporaryGlueTableCredentials) Prelude.. Lens.mapping Lens.coerced

-- | The ARN identifying a table in the Data Catalog for the temporary
-- credentials request.
getTemporaryGlueTableCredentials_tableArn :: Lens.Lens' GetTemporaryGlueTableCredentials Prelude.Text
getTemporaryGlueTableCredentials_tableArn = Lens.lens (\GetTemporaryGlueTableCredentials' {tableArn} -> tableArn) (\s@GetTemporaryGlueTableCredentials' {} a -> s {tableArn = a} :: GetTemporaryGlueTableCredentials)

-- | A list of supported permission types for the table. Valid values are
-- @COLUMN_PERMISSION@ and @CELL_FILTER_PERMISSION@.
getTemporaryGlueTableCredentials_supportedPermissionTypes :: Lens.Lens' GetTemporaryGlueTableCredentials (Prelude.NonEmpty PermissionType)
getTemporaryGlueTableCredentials_supportedPermissionTypes = Lens.lens (\GetTemporaryGlueTableCredentials' {supportedPermissionTypes} -> supportedPermissionTypes) (\s@GetTemporaryGlueTableCredentials' {} a -> s {supportedPermissionTypes = a} :: GetTemporaryGlueTableCredentials) Prelude.. Lens.coerced

instance
  Core.AWSRequest
    GetTemporaryGlueTableCredentials
  where
  type
    AWSResponse GetTemporaryGlueTableCredentials =
      GetTemporaryGlueTableCredentialsResponse
  request overrides =
    Request.postJSON (overrides defaultService)
  response =
    Response.receiveJSON
      ( \s h x ->
          GetTemporaryGlueTableCredentialsResponse'
            Prelude.<$> (x Data..?> "AccessKeyId")
            Prelude.<*> (x Data..?> "Expiration")
            Prelude.<*> (x Data..?> "SecretAccessKey")
            Prelude.<*> (x Data..?> "SessionToken")
            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
      )

instance
  Prelude.Hashable
    GetTemporaryGlueTableCredentials
  where
  hashWithSalt
    _salt
    GetTemporaryGlueTableCredentials' {..} =
      _salt
        `Prelude.hashWithSalt` auditContext
        `Prelude.hashWithSalt` durationSeconds
        `Prelude.hashWithSalt` permissions
        `Prelude.hashWithSalt` tableArn
        `Prelude.hashWithSalt` supportedPermissionTypes

instance
  Prelude.NFData
    GetTemporaryGlueTableCredentials
  where
  rnf GetTemporaryGlueTableCredentials' {..} =
    Prelude.rnf auditContext
      `Prelude.seq` Prelude.rnf durationSeconds
      `Prelude.seq` Prelude.rnf permissions
      `Prelude.seq` Prelude.rnf tableArn
      `Prelude.seq` Prelude.rnf supportedPermissionTypes

instance
  Data.ToHeaders
    GetTemporaryGlueTableCredentials
  where
  toHeaders =
    Prelude.const
      ( Prelude.mconcat
          [ "Content-Type"
              Data.=# ( "application/x-amz-json-1.1" ::
                          Prelude.ByteString
                      )
          ]
      )

instance Data.ToJSON GetTemporaryGlueTableCredentials where
  toJSON GetTemporaryGlueTableCredentials' {..} =
    Data.object
      ( Prelude.catMaybes
          [ ("AuditContext" Data..=) Prelude.<$> auditContext,
            ("DurationSeconds" Data..=)
              Prelude.<$> durationSeconds,
            ("Permissions" Data..=) Prelude.<$> permissions,
            Prelude.Just ("TableArn" Data..= tableArn),
            Prelude.Just
              ( "SupportedPermissionTypes"
                  Data..= supportedPermissionTypes
              )
          ]
      )

instance Data.ToPath GetTemporaryGlueTableCredentials where
  toPath =
    Prelude.const "/GetTemporaryGlueTableCredentials"

instance
  Data.ToQuery
    GetTemporaryGlueTableCredentials
  where
  toQuery = Prelude.const Prelude.mempty

-- | /See:/ 'newGetTemporaryGlueTableCredentialsResponse' smart constructor.
data GetTemporaryGlueTableCredentialsResponse = GetTemporaryGlueTableCredentialsResponse'
  { -- | The access key ID for the temporary credentials.
    accessKeyId :: Prelude.Maybe Prelude.Text,
    -- | The date and time when the temporary credentials expire.
    expiration :: Prelude.Maybe Data.POSIX,
    -- | The secret key for the temporary credentials.
    secretAccessKey :: Prelude.Maybe Prelude.Text,
    -- | The session token for the temporary credentials.
    sessionToken :: Prelude.Maybe Prelude.Text,
    -- | The response's http status code.
    httpStatus :: Prelude.Int
  }
  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)

-- |
-- Create a value of 'GetTemporaryGlueTableCredentialsResponse' with all optional fields omitted.
--
-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
--
-- The following record fields are available, with the corresponding lenses provided
-- for backwards compatibility:
--
-- 'accessKeyId', 'getTemporaryGlueTableCredentialsResponse_accessKeyId' - The access key ID for the temporary credentials.
--
-- 'expiration', 'getTemporaryGlueTableCredentialsResponse_expiration' - The date and time when the temporary credentials expire.
--
-- 'secretAccessKey', 'getTemporaryGlueTableCredentialsResponse_secretAccessKey' - The secret key for the temporary credentials.
--
-- 'sessionToken', 'getTemporaryGlueTableCredentialsResponse_sessionToken' - The session token for the temporary credentials.
--
-- 'httpStatus', 'getTemporaryGlueTableCredentialsResponse_httpStatus' - The response's http status code.
newGetTemporaryGlueTableCredentialsResponse ::
  -- | 'httpStatus'
  Prelude.Int ->
  GetTemporaryGlueTableCredentialsResponse
newGetTemporaryGlueTableCredentialsResponse
  pHttpStatus_ =
    GetTemporaryGlueTableCredentialsResponse'
      { accessKeyId =
          Prelude.Nothing,
        expiration = Prelude.Nothing,
        secretAccessKey = Prelude.Nothing,
        sessionToken = Prelude.Nothing,
        httpStatus = pHttpStatus_
      }

-- | The access key ID for the temporary credentials.
getTemporaryGlueTableCredentialsResponse_accessKeyId :: Lens.Lens' GetTemporaryGlueTableCredentialsResponse (Prelude.Maybe Prelude.Text)
getTemporaryGlueTableCredentialsResponse_accessKeyId = Lens.lens (\GetTemporaryGlueTableCredentialsResponse' {accessKeyId} -> accessKeyId) (\s@GetTemporaryGlueTableCredentialsResponse' {} a -> s {accessKeyId = a} :: GetTemporaryGlueTableCredentialsResponse)

-- | The date and time when the temporary credentials expire.
getTemporaryGlueTableCredentialsResponse_expiration :: Lens.Lens' GetTemporaryGlueTableCredentialsResponse (Prelude.Maybe Prelude.UTCTime)
getTemporaryGlueTableCredentialsResponse_expiration = Lens.lens (\GetTemporaryGlueTableCredentialsResponse' {expiration} -> expiration) (\s@GetTemporaryGlueTableCredentialsResponse' {} a -> s {expiration = a} :: GetTemporaryGlueTableCredentialsResponse) Prelude.. Lens.mapping Data._Time

-- | The secret key for the temporary credentials.
getTemporaryGlueTableCredentialsResponse_secretAccessKey :: Lens.Lens' GetTemporaryGlueTableCredentialsResponse (Prelude.Maybe Prelude.Text)
getTemporaryGlueTableCredentialsResponse_secretAccessKey = Lens.lens (\GetTemporaryGlueTableCredentialsResponse' {secretAccessKey} -> secretAccessKey) (\s@GetTemporaryGlueTableCredentialsResponse' {} a -> s {secretAccessKey = a} :: GetTemporaryGlueTableCredentialsResponse)

-- | The session token for the temporary credentials.
getTemporaryGlueTableCredentialsResponse_sessionToken :: Lens.Lens' GetTemporaryGlueTableCredentialsResponse (Prelude.Maybe Prelude.Text)
getTemporaryGlueTableCredentialsResponse_sessionToken = Lens.lens (\GetTemporaryGlueTableCredentialsResponse' {sessionToken} -> sessionToken) (\s@GetTemporaryGlueTableCredentialsResponse' {} a -> s {sessionToken = a} :: GetTemporaryGlueTableCredentialsResponse)

-- | The response's http status code.
getTemporaryGlueTableCredentialsResponse_httpStatus :: Lens.Lens' GetTemporaryGlueTableCredentialsResponse Prelude.Int
getTemporaryGlueTableCredentialsResponse_httpStatus = Lens.lens (\GetTemporaryGlueTableCredentialsResponse' {httpStatus} -> httpStatus) (\s@GetTemporaryGlueTableCredentialsResponse' {} a -> s {httpStatus = a} :: GetTemporaryGlueTableCredentialsResponse)

instance
  Prelude.NFData
    GetTemporaryGlueTableCredentialsResponse
  where
  rnf GetTemporaryGlueTableCredentialsResponse' {..} =
    Prelude.rnf accessKeyId
      `Prelude.seq` Prelude.rnf expiration
      `Prelude.seq` Prelude.rnf secretAccessKey
      `Prelude.seq` Prelude.rnf sessionToken
      `Prelude.seq` Prelude.rnf httpStatus