amazonka-rds-2.0: gen/Amazonka/RDS/Types/MasterUserSecret.hs
{-# LANGUAGE DeriveGeneric #-}
{-# LANGUAGE DuplicateRecordFields #-}
{-# LANGUAGE NamedFieldPuns #-}
{-# LANGUAGE OverloadedStrings #-}
{-# LANGUAGE RecordWildCards #-}
{-# LANGUAGE StrictData #-}
{-# LANGUAGE NoImplicitPrelude #-}
{-# OPTIONS_GHC -fno-warn-unused-imports #-}
{-# OPTIONS_GHC -fno-warn-unused-matches #-}
-- Derived from AWS service descriptions, licensed under Apache 2.0.
-- |
-- Module : Amazonka.RDS.Types.MasterUserSecret
-- Copyright : (c) 2013-2023 Brendan Hay
-- License : Mozilla Public License, v. 2.0.
-- Maintainer : Brendan Hay
-- Stability : auto-generated
-- Portability : non-portable (GHC extensions)
module Amazonka.RDS.Types.MasterUserSecret where
import qualified Amazonka.Core as Core
import qualified Amazonka.Core.Lens.Internal as Lens
import qualified Amazonka.Data as Data
import qualified Amazonka.Prelude as Prelude
-- | Contains the secret managed by RDS in Amazon Web Services Secrets
-- Manager for the master user password.
--
-- For more information, see
-- <https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html Password management with Amazon Web Services Secrets Manager>
-- in the /Amazon RDS User Guide/ and
-- <https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/rds-secrets-manager.html Password management with Amazon Web Services Secrets Manager>
-- in the /Amazon Aurora User Guide./
--
-- /See:/ 'newMasterUserSecret' smart constructor.
data MasterUserSecret = MasterUserSecret'
{ -- | The Amazon Web Services KMS key identifier that is used to encrypt the
-- secret.
kmsKeyId :: Prelude.Maybe Prelude.Text,
-- | The Amazon Resource Name (ARN) of the secret.
secretArn :: Prelude.Maybe Prelude.Text,
-- | The status of the secret.
--
-- The possible status values include the following:
--
-- - @creating@ - The secret is being created.
--
-- - @active@ - The secret is available for normal use and rotation.
--
-- - @rotating@ - The secret is being rotated.
--
-- - @impaired@ - The secret can be used to access database credentials,
-- but it can\'t be rotated. A secret might have this status if, for
-- example, permissions are changed so that RDS can no longer access
-- either the secret or the KMS key for the secret.
--
-- When a secret has this status, you can correct the condition that
-- caused the status. Alternatively, modify the DB instance to turn off
-- automatic management of database credentials, and then modify the DB
-- instance again to turn on automatic management of database
-- credentials.
secretStatus :: Prelude.Maybe Prelude.Text
}
deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
-- |
-- Create a value of 'MasterUserSecret' with all optional fields omitted.
--
-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
--
-- The following record fields are available, with the corresponding lenses provided
-- for backwards compatibility:
--
-- 'kmsKeyId', 'masterUserSecret_kmsKeyId' - The Amazon Web Services KMS key identifier that is used to encrypt the
-- secret.
--
-- 'secretArn', 'masterUserSecret_secretArn' - The Amazon Resource Name (ARN) of the secret.
--
-- 'secretStatus', 'masterUserSecret_secretStatus' - The status of the secret.
--
-- The possible status values include the following:
--
-- - @creating@ - The secret is being created.
--
-- - @active@ - The secret is available for normal use and rotation.
--
-- - @rotating@ - The secret is being rotated.
--
-- - @impaired@ - The secret can be used to access database credentials,
-- but it can\'t be rotated. A secret might have this status if, for
-- example, permissions are changed so that RDS can no longer access
-- either the secret or the KMS key for the secret.
--
-- When a secret has this status, you can correct the condition that
-- caused the status. Alternatively, modify the DB instance to turn off
-- automatic management of database credentials, and then modify the DB
-- instance again to turn on automatic management of database
-- credentials.
newMasterUserSecret ::
MasterUserSecret
newMasterUserSecret =
MasterUserSecret'
{ kmsKeyId = Prelude.Nothing,
secretArn = Prelude.Nothing,
secretStatus = Prelude.Nothing
}
-- | The Amazon Web Services KMS key identifier that is used to encrypt the
-- secret.
masterUserSecret_kmsKeyId :: Lens.Lens' MasterUserSecret (Prelude.Maybe Prelude.Text)
masterUserSecret_kmsKeyId = Lens.lens (\MasterUserSecret' {kmsKeyId} -> kmsKeyId) (\s@MasterUserSecret' {} a -> s {kmsKeyId = a} :: MasterUserSecret)
-- | The Amazon Resource Name (ARN) of the secret.
masterUserSecret_secretArn :: Lens.Lens' MasterUserSecret (Prelude.Maybe Prelude.Text)
masterUserSecret_secretArn = Lens.lens (\MasterUserSecret' {secretArn} -> secretArn) (\s@MasterUserSecret' {} a -> s {secretArn = a} :: MasterUserSecret)
-- | The status of the secret.
--
-- The possible status values include the following:
--
-- - @creating@ - The secret is being created.
--
-- - @active@ - The secret is available for normal use and rotation.
--
-- - @rotating@ - The secret is being rotated.
--
-- - @impaired@ - The secret can be used to access database credentials,
-- but it can\'t be rotated. A secret might have this status if, for
-- example, permissions are changed so that RDS can no longer access
-- either the secret or the KMS key for the secret.
--
-- When a secret has this status, you can correct the condition that
-- caused the status. Alternatively, modify the DB instance to turn off
-- automatic management of database credentials, and then modify the DB
-- instance again to turn on automatic management of database
-- credentials.
masterUserSecret_secretStatus :: Lens.Lens' MasterUserSecret (Prelude.Maybe Prelude.Text)
masterUserSecret_secretStatus = Lens.lens (\MasterUserSecret' {secretStatus} -> secretStatus) (\s@MasterUserSecret' {} a -> s {secretStatus = a} :: MasterUserSecret)
instance Data.FromXML MasterUserSecret where
parseXML x =
MasterUserSecret'
Prelude.<$> (x Data..@? "KmsKeyId")
Prelude.<*> (x Data..@? "SecretArn")
Prelude.<*> (x Data..@? "SecretStatus")
instance Prelude.Hashable MasterUserSecret where
hashWithSalt _salt MasterUserSecret' {..} =
_salt
`Prelude.hashWithSalt` kmsKeyId
`Prelude.hashWithSalt` secretArn
`Prelude.hashWithSalt` secretStatus
instance Prelude.NFData MasterUserSecret where
rnf MasterUserSecret' {..} =
Prelude.rnf kmsKeyId
`Prelude.seq` Prelude.rnf secretArn
`Prelude.seq` Prelude.rnf secretStatus