{-# LANGUAGE DeriveGeneric #-}
{-# LANGUAGE DuplicateRecordFields #-}
{-# LANGUAGE NamedFieldPuns #-}
{-# LANGUAGE OverloadedStrings #-}
{-# LANGUAGE RecordWildCards #-}
{-# LANGUAGE StrictData #-}
{-# LANGUAGE TypeFamilies #-}
{-# LANGUAGE NoImplicitPrelude #-}
{-# OPTIONS_GHC -fno-warn-unused-binds #-}
{-# OPTIONS_GHC -fno-warn-unused-imports #-}
{-# OPTIONS_GHC -fno-warn-unused-matches #-}

-- Derived from AWS service descriptions, licensed under Apache 2.0.

-- |
-- Module      : Amazonka.FMS.DeletePolicy
-- Copyright   : (c) 2013-2021 Brendan Hay
-- License     : Mozilla Public License, v. 2.0.
-- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
-- Stability   : auto-generated
-- Portability : non-portable (GHC extensions)
--
-- Permanently deletes an Firewall Manager policy.
module Amazonka.FMS.DeletePolicy
  ( -- * Creating a Request
    DeletePolicy (..),
    newDeletePolicy,

    -- * Request Lenses
    deletePolicy_deleteAllPolicyResources,
    deletePolicy_policyId,

    -- * Destructuring the Response
    DeletePolicyResponse (..),
    newDeletePolicyResponse,
  )
where

import qualified Amazonka.Core as Core
import Amazonka.FMS.Types
import qualified Amazonka.Lens as Lens
import qualified Amazonka.Prelude as Prelude
import qualified Amazonka.Request as Request
import qualified Amazonka.Response as Response

-- | /See:/ 'newDeletePolicy' smart constructor.
data DeletePolicy = DeletePolicy'
  { -- | If @True@, the request performs cleanup according to the policy type.
    --
    -- For WAF and Shield Advanced policies, the cleanup does the following:
    --
    -- -   Deletes rule groups created by Firewall Manager
    --
    -- -   Removes web ACLs from in-scope resources
    --
    -- -   Deletes web ACLs that contain no rules or rule groups
    --
    -- For security group policies, the cleanup does the following for each
    -- security group in the policy:
    --
    -- -   Disassociates the security group from in-scope resources
    --
    -- -   Deletes the security group if it was created through Firewall
    --     Manager and if it\'s no longer associated with any resources through
    --     another policy
    --
    -- After the cleanup, in-scope resources are no longer protected by web
    -- ACLs in this policy. Protection of out-of-scope resources remains
    -- unchanged. Scope is determined by tags that you create and accounts that
    -- you associate with the policy. When creating the policy, if you specify
    -- that only resources in specific accounts or with specific tags are in
    -- scope of the policy, those accounts and resources are handled by the
    -- policy. All others are out of scope. If you don\'t specify tags or
    -- accounts, all resources are in scope.
    DeletePolicy -> Maybe Bool
deleteAllPolicyResources :: Prelude.Maybe Prelude.Bool,
    -- | The ID of the policy that you want to delete. You can retrieve this ID
    -- from @PutPolicy@ and @ListPolicies@.
    DeletePolicy -> Text
policyId :: Prelude.Text
  }
  deriving (DeletePolicy -> DeletePolicy -> Bool
(DeletePolicy -> DeletePolicy -> Bool)
-> (DeletePolicy -> DeletePolicy -> Bool) -> Eq DeletePolicy
forall a. (a -> a -> Bool) -> (a -> a -> Bool) -> Eq a
/= :: DeletePolicy -> DeletePolicy -> Bool
$c/= :: DeletePolicy -> DeletePolicy -> Bool
== :: DeletePolicy -> DeletePolicy -> Bool
$c== :: DeletePolicy -> DeletePolicy -> Bool
Prelude.Eq, ReadPrec [DeletePolicy]
ReadPrec DeletePolicy
Int -> ReadS DeletePolicy
ReadS [DeletePolicy]
(Int -> ReadS DeletePolicy)
-> ReadS [DeletePolicy]
-> ReadPrec DeletePolicy
-> ReadPrec [DeletePolicy]
-> Read DeletePolicy
forall a.
(Int -> ReadS a)
-> ReadS [a] -> ReadPrec a -> ReadPrec [a] -> Read a
readListPrec :: ReadPrec [DeletePolicy]
$creadListPrec :: ReadPrec [DeletePolicy]
readPrec :: ReadPrec DeletePolicy
$creadPrec :: ReadPrec DeletePolicy
readList :: ReadS [DeletePolicy]
$creadList :: ReadS [DeletePolicy]
readsPrec :: Int -> ReadS DeletePolicy
$creadsPrec :: Int -> ReadS DeletePolicy
Prelude.Read, Int -> DeletePolicy -> ShowS
[DeletePolicy] -> ShowS
DeletePolicy -> String
(Int -> DeletePolicy -> ShowS)
-> (DeletePolicy -> String)
-> ([DeletePolicy] -> ShowS)
-> Show DeletePolicy
forall a.
(Int -> a -> ShowS) -> (a -> String) -> ([a] -> ShowS) -> Show a
showList :: [DeletePolicy] -> ShowS
$cshowList :: [DeletePolicy] -> ShowS
show :: DeletePolicy -> String
$cshow :: DeletePolicy -> String
showsPrec :: Int -> DeletePolicy -> ShowS
$cshowsPrec :: Int -> DeletePolicy -> ShowS
Prelude.Show, (forall x. DeletePolicy -> Rep DeletePolicy x)
-> (forall x. Rep DeletePolicy x -> DeletePolicy)
-> Generic DeletePolicy
forall x. Rep DeletePolicy x -> DeletePolicy
forall x. DeletePolicy -> Rep DeletePolicy x
forall a.
(forall x. a -> Rep a x) -> (forall x. Rep a x -> a) -> Generic a
$cto :: forall x. Rep DeletePolicy x -> DeletePolicy
$cfrom :: forall x. DeletePolicy -> Rep DeletePolicy x
Prelude.Generic)

-- |
-- Create a value of 'DeletePolicy' with all optional fields omitted.
--
-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
--
-- The following record fields are available, with the corresponding lenses provided
-- for backwards compatibility:
--
-- 'deleteAllPolicyResources', 'deletePolicy_deleteAllPolicyResources' - If @True@, the request performs cleanup according to the policy type.
--
-- For WAF and Shield Advanced policies, the cleanup does the following:
--
-- -   Deletes rule groups created by Firewall Manager
--
-- -   Removes web ACLs from in-scope resources
--
-- -   Deletes web ACLs that contain no rules or rule groups
--
-- For security group policies, the cleanup does the following for each
-- security group in the policy:
--
-- -   Disassociates the security group from in-scope resources
--
-- -   Deletes the security group if it was created through Firewall
--     Manager and if it\'s no longer associated with any resources through
--     another policy
--
-- After the cleanup, in-scope resources are no longer protected by web
-- ACLs in this policy. Protection of out-of-scope resources remains
-- unchanged. Scope is determined by tags that you create and accounts that
-- you associate with the policy. When creating the policy, if you specify
-- that only resources in specific accounts or with specific tags are in
-- scope of the policy, those accounts and resources are handled by the
-- policy. All others are out of scope. If you don\'t specify tags or
-- accounts, all resources are in scope.
--
-- 'policyId', 'deletePolicy_policyId' - The ID of the policy that you want to delete. You can retrieve this ID
-- from @PutPolicy@ and @ListPolicies@.
newDeletePolicy ::
  -- | 'policyId'
  Prelude.Text ->
  DeletePolicy
newDeletePolicy :: Text -> DeletePolicy
newDeletePolicy Text
pPolicyId_ =
  DeletePolicy' :: Maybe Bool -> Text -> DeletePolicy
DeletePolicy'
    { $sel:deleteAllPolicyResources:DeletePolicy' :: Maybe Bool
deleteAllPolicyResources =
        Maybe Bool
forall a. Maybe a
Prelude.Nothing,
      $sel:policyId:DeletePolicy' :: Text
policyId = Text
pPolicyId_
    }

-- | If @True@, the request performs cleanup according to the policy type.
--
-- For WAF and Shield Advanced policies, the cleanup does the following:
--
-- -   Deletes rule groups created by Firewall Manager
--
-- -   Removes web ACLs from in-scope resources
--
-- -   Deletes web ACLs that contain no rules or rule groups
--
-- For security group policies, the cleanup does the following for each
-- security group in the policy:
--
-- -   Disassociates the security group from in-scope resources
--
-- -   Deletes the security group if it was created through Firewall
--     Manager and if it\'s no longer associated with any resources through
--     another policy
--
-- After the cleanup, in-scope resources are no longer protected by web
-- ACLs in this policy. Protection of out-of-scope resources remains
-- unchanged. Scope is determined by tags that you create and accounts that
-- you associate with the policy. When creating the policy, if you specify
-- that only resources in specific accounts or with specific tags are in
-- scope of the policy, those accounts and resources are handled by the
-- policy. All others are out of scope. If you don\'t specify tags or
-- accounts, all resources are in scope.
deletePolicy_deleteAllPolicyResources :: Lens.Lens' DeletePolicy (Prelude.Maybe Prelude.Bool)
deletePolicy_deleteAllPolicyResources :: (Maybe Bool -> f (Maybe Bool)) -> DeletePolicy -> f DeletePolicy
deletePolicy_deleteAllPolicyResources = (DeletePolicy -> Maybe Bool)
-> (DeletePolicy -> Maybe Bool -> DeletePolicy)
-> Lens DeletePolicy DeletePolicy (Maybe Bool) (Maybe Bool)
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\DeletePolicy' {Maybe Bool
deleteAllPolicyResources :: Maybe Bool
$sel:deleteAllPolicyResources:DeletePolicy' :: DeletePolicy -> Maybe Bool
deleteAllPolicyResources} -> Maybe Bool
deleteAllPolicyResources) (\s :: DeletePolicy
s@DeletePolicy' {} Maybe Bool
a -> DeletePolicy
s {$sel:deleteAllPolicyResources:DeletePolicy' :: Maybe Bool
deleteAllPolicyResources = Maybe Bool
a} :: DeletePolicy)

-- | The ID of the policy that you want to delete. You can retrieve this ID
-- from @PutPolicy@ and @ListPolicies@.
deletePolicy_policyId :: Lens.Lens' DeletePolicy Prelude.Text
deletePolicy_policyId :: (Text -> f Text) -> DeletePolicy -> f DeletePolicy
deletePolicy_policyId = (DeletePolicy -> Text)
-> (DeletePolicy -> Text -> DeletePolicy)
-> Lens DeletePolicy DeletePolicy Text Text
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\DeletePolicy' {Text
policyId :: Text
$sel:policyId:DeletePolicy' :: DeletePolicy -> Text
policyId} -> Text
policyId) (\s :: DeletePolicy
s@DeletePolicy' {} Text
a -> DeletePolicy
s {$sel:policyId:DeletePolicy' :: Text
policyId = Text
a} :: DeletePolicy)

instance Core.AWSRequest DeletePolicy where
  type AWSResponse DeletePolicy = DeletePolicyResponse
  request :: DeletePolicy -> Request DeletePolicy
request = Service -> DeletePolicy -> Request DeletePolicy
forall a. (ToRequest a, ToJSON a) => Service -> a -> Request a
Request.postJSON Service
defaultService
  response :: Logger
-> Service
-> Proxy DeletePolicy
-> ClientResponse ClientBody
-> m (Either Error (ClientResponse (AWSResponse DeletePolicy)))
response = AWSResponse DeletePolicy
-> Logger
-> Service
-> Proxy DeletePolicy
-> ClientResponse ClientBody
-> m (Either Error (ClientResponse (AWSResponse DeletePolicy)))
forall (m :: * -> *) a.
MonadResource m =>
AWSResponse a
-> Logger
-> Service
-> Proxy a
-> ClientResponse ClientBody
-> m (Either Error (ClientResponse (AWSResponse a)))
Response.receiveNull AWSResponse DeletePolicy
DeletePolicyResponse
DeletePolicyResponse'

instance Prelude.Hashable DeletePolicy

instance Prelude.NFData DeletePolicy

instance Core.ToHeaders DeletePolicy where
  toHeaders :: DeletePolicy -> [Header]
toHeaders =
    [Header] -> DeletePolicy -> [Header]
forall a b. a -> b -> a
Prelude.const
      ( [[Header]] -> [Header]
forall a. Monoid a => [a] -> a
Prelude.mconcat
          [ HeaderName
"X-Amz-Target"
              HeaderName -> ByteString -> [Header]
forall a. ToHeader a => HeaderName -> a -> [Header]
Core.=# ( ByteString
"AWSFMS_20180101.DeletePolicy" ::
                          Prelude.ByteString
                      ),
            HeaderName
"Content-Type"
              HeaderName -> ByteString -> [Header]
forall a. ToHeader a => HeaderName -> a -> [Header]
Core.=# ( ByteString
"application/x-amz-json-1.1" ::
                          Prelude.ByteString
                      )
          ]
      )

instance Core.ToJSON DeletePolicy where
  toJSON :: DeletePolicy -> Value
toJSON DeletePolicy' {Maybe Bool
Text
policyId :: Text
deleteAllPolicyResources :: Maybe Bool
$sel:policyId:DeletePolicy' :: DeletePolicy -> Text
$sel:deleteAllPolicyResources:DeletePolicy' :: DeletePolicy -> Maybe Bool
..} =
    [Pair] -> Value
Core.object
      ( [Maybe Pair] -> [Pair]
forall a. [Maybe a] -> [a]
Prelude.catMaybes
          [ (Text
"DeleteAllPolicyResources" Text -> Bool -> Pair
forall kv v. (KeyValue kv, ToJSON v) => Text -> v -> kv
Core..=)
              (Bool -> Pair) -> Maybe Bool -> Maybe Pair
forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
Prelude.<$> Maybe Bool
deleteAllPolicyResources,
            Pair -> Maybe Pair
forall a. a -> Maybe a
Prelude.Just (Text
"PolicyId" Text -> Text -> Pair
forall kv v. (KeyValue kv, ToJSON v) => Text -> v -> kv
Core..= Text
policyId)
          ]
      )

instance Core.ToPath DeletePolicy where
  toPath :: DeletePolicy -> ByteString
toPath = ByteString -> DeletePolicy -> ByteString
forall a b. a -> b -> a
Prelude.const ByteString
"/"

instance Core.ToQuery DeletePolicy where
  toQuery :: DeletePolicy -> QueryString
toQuery = QueryString -> DeletePolicy -> QueryString
forall a b. a -> b -> a
Prelude.const QueryString
forall a. Monoid a => a
Prelude.mempty

-- | /See:/ 'newDeletePolicyResponse' smart constructor.
data DeletePolicyResponse = DeletePolicyResponse'
  {
  }
  deriving (DeletePolicyResponse -> DeletePolicyResponse -> Bool
(DeletePolicyResponse -> DeletePolicyResponse -> Bool)
-> (DeletePolicyResponse -> DeletePolicyResponse -> Bool)
-> Eq DeletePolicyResponse
forall a. (a -> a -> Bool) -> (a -> a -> Bool) -> Eq a
/= :: DeletePolicyResponse -> DeletePolicyResponse -> Bool
$c/= :: DeletePolicyResponse -> DeletePolicyResponse -> Bool
== :: DeletePolicyResponse -> DeletePolicyResponse -> Bool
$c== :: DeletePolicyResponse -> DeletePolicyResponse -> Bool
Prelude.Eq, ReadPrec [DeletePolicyResponse]
ReadPrec DeletePolicyResponse
Int -> ReadS DeletePolicyResponse
ReadS [DeletePolicyResponse]
(Int -> ReadS DeletePolicyResponse)
-> ReadS [DeletePolicyResponse]
-> ReadPrec DeletePolicyResponse
-> ReadPrec [DeletePolicyResponse]
-> Read DeletePolicyResponse
forall a.
(Int -> ReadS a)
-> ReadS [a] -> ReadPrec a -> ReadPrec [a] -> Read a
readListPrec :: ReadPrec [DeletePolicyResponse]
$creadListPrec :: ReadPrec [DeletePolicyResponse]
readPrec :: ReadPrec DeletePolicyResponse
$creadPrec :: ReadPrec DeletePolicyResponse
readList :: ReadS [DeletePolicyResponse]
$creadList :: ReadS [DeletePolicyResponse]
readsPrec :: Int -> ReadS DeletePolicyResponse
$creadsPrec :: Int -> ReadS DeletePolicyResponse
Prelude.Read, Int -> DeletePolicyResponse -> ShowS
[DeletePolicyResponse] -> ShowS
DeletePolicyResponse -> String
(Int -> DeletePolicyResponse -> ShowS)
-> (DeletePolicyResponse -> String)
-> ([DeletePolicyResponse] -> ShowS)
-> Show DeletePolicyResponse
forall a.
(Int -> a -> ShowS) -> (a -> String) -> ([a] -> ShowS) -> Show a
showList :: [DeletePolicyResponse] -> ShowS
$cshowList :: [DeletePolicyResponse] -> ShowS
show :: DeletePolicyResponse -> String
$cshow :: DeletePolicyResponse -> String
showsPrec :: Int -> DeletePolicyResponse -> ShowS
$cshowsPrec :: Int -> DeletePolicyResponse -> ShowS
Prelude.Show, (forall x. DeletePolicyResponse -> Rep DeletePolicyResponse x)
-> (forall x. Rep DeletePolicyResponse x -> DeletePolicyResponse)
-> Generic DeletePolicyResponse
forall x. Rep DeletePolicyResponse x -> DeletePolicyResponse
forall x. DeletePolicyResponse -> Rep DeletePolicyResponse x
forall a.
(forall x. a -> Rep a x) -> (forall x. Rep a x -> a) -> Generic a
$cto :: forall x. Rep DeletePolicyResponse x -> DeletePolicyResponse
$cfrom :: forall x. DeletePolicyResponse -> Rep DeletePolicyResponse x
Prelude.Generic)

-- |
-- Create a value of 'DeletePolicyResponse' with all optional fields omitted.
--
-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
newDeletePolicyResponse ::
  DeletePolicyResponse
newDeletePolicyResponse :: DeletePolicyResponse
newDeletePolicyResponse = DeletePolicyResponse
DeletePolicyResponse'

instance Prelude.NFData DeletePolicyResponse