Copyright	(c) 2013-2021 Brendan Hay
License	Mozilla Public License, v. 2.0.
Maintainer	Brendan Hay <brendan.g.hay+amazonka@gmail.com>
Stability	auto-generated
Portability	non-portable (GHC extensions)
Safe Haskell	None

Amazonka.AccessAnalyzer.Types.KmsGrantConstraints

Description

Documentation

data KmsGrantConstraints Source #

Use this structure to propose allowing cryptographic operations in the grant only when the operation request includes the specified encryption context. You can specify only one type of encryption context. An empty map is treated as not specified. For more information, see GrantConstraints.

See: newKmsGrantConstraints smart constructor.

Constructors

KmsGrantConstraints'

Fields

encryptionContextEquals :: Maybe (HashMap Text Text)
A list of key-value pairs that must match the encryption context in the cryptographic operation request. The grant allows the operation only when the encryption context in the request is the same as the encryption context specified in this constraint.
encryptionContextSubset :: Maybe (HashMap Text Text)
A list of key-value pairs that must be included in the encryption context of the cryptographic operation request. The grant allows the cryptographic operation only when the encryption context in the request includes the key-value pairs specified in this constraint, although it can include additional key-value pairs.

Instances

Instances details

Eq KmsGrantConstraints Source #
Instance details Defined in Amazonka.AccessAnalyzer.Types.KmsGrantConstraints Methods (==) :: KmsGrantConstraints -> KmsGrantConstraints -> Bool # (/=) :: KmsGrantConstraints -> KmsGrantConstraints -> Bool #
Read KmsGrantConstraints Source #
Instance details Defined in Amazonka.AccessAnalyzer.Types.KmsGrantConstraints Methods readsPrec :: Int -> ReadS KmsGrantConstraints # readList :: ReadS [KmsGrantConstraints] # readPrec :: ReadPrec KmsGrantConstraints # readListPrec :: ReadPrec [KmsGrantConstraints] #
Show KmsGrantConstraints Source #
Instance details Defined in Amazonka.AccessAnalyzer.Types.KmsGrantConstraints Methods showsPrec :: Int -> KmsGrantConstraints -> ShowS # show :: KmsGrantConstraints -> String # showList :: [KmsGrantConstraints] -> ShowS #
Generic KmsGrantConstraints Source #
Instance details Defined in Amazonka.AccessAnalyzer.Types.KmsGrantConstraints Associated Types type Rep KmsGrantConstraints :: Type -> Type # Methods from :: KmsGrantConstraints -> Rep KmsGrantConstraints x # to :: Rep KmsGrantConstraints x -> KmsGrantConstraints #
NFData KmsGrantConstraints Source #
Instance details Defined in Amazonka.AccessAnalyzer.Types.KmsGrantConstraints Methods rnf :: KmsGrantConstraints -> () #
Hashable KmsGrantConstraints Source #
Instance details Defined in Amazonka.AccessAnalyzer.Types.KmsGrantConstraints Methods hashWithSalt :: Int -> KmsGrantConstraints -> Int # hash :: KmsGrantConstraints -> Int #
ToJSON KmsGrantConstraints Source #
Instance details Defined in Amazonka.AccessAnalyzer.Types.KmsGrantConstraints Methods toJSON :: KmsGrantConstraints -> Value # toEncoding :: KmsGrantConstraints -> Encoding # toJSONList :: [KmsGrantConstraints] -> Value # toEncodingList :: [KmsGrantConstraints] -> Encoding #
FromJSON KmsGrantConstraints Source #
Instance details Defined in Amazonka.AccessAnalyzer.Types.KmsGrantConstraints Methods parseJSON :: Value -> Parser KmsGrantConstraints # parseJSONList :: Value -> Parser [KmsGrantConstraints] #
type Rep KmsGrantConstraints Source #
Instance details Defined in Amazonka.AccessAnalyzer.Types.KmsGrantConstraints type Rep KmsGrantConstraints = D1 ('MetaData "KmsGrantConstraints" "Amazonka.AccessAnalyzer.Types.KmsGrantConstraints" "libZSservicesZSamazonka-accessanalyzerZSamazonka-accessanalyzer" 'False) (C1 ('MetaCons "KmsGrantConstraints'" 'PrefixI 'True) (S1 ('MetaSel ('Just "encryptionContextEquals") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe (HashMap Text Text))) :*: S1 ('MetaSel ('Just "encryptionContextSubset") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe (HashMap Text Text)))))

newKmsGrantConstraints :: KmsGrantConstraints Source #

Create a value of KmsGrantConstraints with all optional fields omitted.

Use generic-lens or optics to modify other optional fields.

The following record fields are available, with the corresponding lenses provided for backwards compatibility:

$sel:encryptionContextEquals:KmsGrantConstraints', kmsGrantConstraints_encryptionContextEquals - A list of key-value pairs that must match the encryption context in the cryptographic operation request. The grant allows the operation only when the encryption context in the request is the same as the encryption context specified in this constraint.

$sel:encryptionContextSubset:KmsGrantConstraints', kmsGrantConstraints_encryptionContextSubset - A list of key-value pairs that must be included in the encryption context of the cryptographic operation request. The grant allows the cryptographic operation only when the encryption context in the request includes the key-value pairs specified in this constraint, although it can include additional key-value pairs.

kmsGrantConstraints_encryptionContextEquals :: Lens' KmsGrantConstraints (Maybe (HashMap Text Text)) Source #

A list of key-value pairs that must match the encryption context in the cryptographic operation request. The grant allows the operation only when the encryption context in the request is the same as the encryption context specified in this constraint.

kmsGrantConstraints_encryptionContextSubset :: Lens' KmsGrantConstraints (Maybe (HashMap Text Text)) Source #

A list of key-value pairs that must be included in the encryption context of the cryptographic operation request. The grant allows the cryptographic operation only when the encryption context in the request includes the key-value pairs specified in this constraint, although it can include additional key-value pairs.