{-# LANGUAGE DeriveGeneric #-}
{-# LANGUAGE DuplicateRecordFields #-}
{-# LANGUAGE NamedFieldPuns #-}
{-# LANGUAGE OverloadedStrings #-}
{-# LANGUAGE RecordWildCards #-}
{-# LANGUAGE StrictData #-}
{-# LANGUAGE TypeFamilies #-}
{-# LANGUAGE NoImplicitPrelude #-}
{-# OPTIONS_GHC -fno-warn-unused-binds #-}
{-# OPTIONS_GHC -fno-warn-unused-imports #-}
{-# OPTIONS_GHC -fno-warn-unused-matches #-}

-- Derived from AWS service descriptions, licensed under Apache 2.0.

-- |
-- Module      : Amazonka.IAM.EnableMFADevice
-- Copyright   : (c) 2013-2021 Brendan Hay
-- License     : Mozilla Public License, v. 2.0.
-- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
-- Stability   : auto-generated
-- Portability : non-portable (GHC extensions)
--
-- Enables the specified MFA device and associates it with the specified
-- IAM user. When enabled, the MFA device is required for every subsequent
-- login by the IAM user associated with the device.
module Amazonka.IAM.EnableMFADevice
  ( -- * Creating a Request
    EnableMFADevice (..),
    newEnableMFADevice,

    -- * Request Lenses
    enableMFADevice_userName,
    enableMFADevice_serialNumber,
    enableMFADevice_authenticationCode1,
    enableMFADevice_authenticationCode2,

    -- * Destructuring the Response
    EnableMFADeviceResponse (..),
    newEnableMFADeviceResponse,
  )
where

import qualified Amazonka.Core as Core
import Amazonka.IAM.Types
import qualified Amazonka.Lens as Lens
import qualified Amazonka.Prelude as Prelude
import qualified Amazonka.Request as Request
import qualified Amazonka.Response as Response

-- | /See:/ 'newEnableMFADevice' smart constructor.
data EnableMFADevice = EnableMFADevice'
  { -- | The name of the IAM user for whom you want to enable the MFA device.
    --
    -- This parameter allows (through its
    -- <http://wikipedia.org/wiki/regex regex pattern>) a string of characters
    -- consisting of upper and lowercase alphanumeric characters with no
    -- spaces. You can also include any of the following characters: _+=,.\@-
    EnableMFADevice -> Text
userName :: Prelude.Text,
    -- | The serial number that uniquely identifies the MFA device. For virtual
    -- MFA devices, the serial number is the device ARN.
    --
    -- This parameter allows (through its
    -- <http://wikipedia.org/wiki/regex regex pattern>) a string of characters
    -- consisting of upper and lowercase alphanumeric characters with no
    -- spaces. You can also include any of the following characters: =,.\@:\/-
    EnableMFADevice -> Text
serialNumber :: Prelude.Text,
    -- | An authentication code emitted by the device.
    --
    -- The format for this parameter is a string of six digits.
    --
    -- Submit your request immediately after generating the authentication
    -- codes. If you generate the codes and then wait too long to submit the
    -- request, the MFA device successfully associates with the user but the
    -- MFA device becomes out of sync. This happens because time-based one-time
    -- passwords (TOTP) expire after a short period of time. If this happens,
    -- you can
    -- <https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_mfa_sync.html resync the device>.
    EnableMFADevice -> Text
authenticationCode1 :: Prelude.Text,
    -- | A subsequent authentication code emitted by the device.
    --
    -- The format for this parameter is a string of six digits.
    --
    -- Submit your request immediately after generating the authentication
    -- codes. If you generate the codes and then wait too long to submit the
    -- request, the MFA device successfully associates with the user but the
    -- MFA device becomes out of sync. This happens because time-based one-time
    -- passwords (TOTP) expire after a short period of time. If this happens,
    -- you can
    -- <https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_mfa_sync.html resync the device>.
    EnableMFADevice -> Text
authenticationCode2 :: Prelude.Text
  }
  deriving (EnableMFADevice -> EnableMFADevice -> Bool
(EnableMFADevice -> EnableMFADevice -> Bool)
-> (EnableMFADevice -> EnableMFADevice -> Bool)
-> Eq EnableMFADevice
forall a. (a -> a -> Bool) -> (a -> a -> Bool) -> Eq a
/= :: EnableMFADevice -> EnableMFADevice -> Bool
$c/= :: EnableMFADevice -> EnableMFADevice -> Bool
== :: EnableMFADevice -> EnableMFADevice -> Bool
$c== :: EnableMFADevice -> EnableMFADevice -> Bool
Prelude.Eq, ReadPrec [EnableMFADevice]
ReadPrec EnableMFADevice
Int -> ReadS EnableMFADevice
ReadS [EnableMFADevice]
(Int -> ReadS EnableMFADevice)
-> ReadS [EnableMFADevice]
-> ReadPrec EnableMFADevice
-> ReadPrec [EnableMFADevice]
-> Read EnableMFADevice
forall a.
(Int -> ReadS a)
-> ReadS [a] -> ReadPrec a -> ReadPrec [a] -> Read a
readListPrec :: ReadPrec [EnableMFADevice]
$creadListPrec :: ReadPrec [EnableMFADevice]
readPrec :: ReadPrec EnableMFADevice
$creadPrec :: ReadPrec EnableMFADevice
readList :: ReadS [EnableMFADevice]
$creadList :: ReadS [EnableMFADevice]
readsPrec :: Int -> ReadS EnableMFADevice
$creadsPrec :: Int -> ReadS EnableMFADevice
Prelude.Read, Int -> EnableMFADevice -> ShowS
[EnableMFADevice] -> ShowS
EnableMFADevice -> String
(Int -> EnableMFADevice -> ShowS)
-> (EnableMFADevice -> String)
-> ([EnableMFADevice] -> ShowS)
-> Show EnableMFADevice
forall a.
(Int -> a -> ShowS) -> (a -> String) -> ([a] -> ShowS) -> Show a
showList :: [EnableMFADevice] -> ShowS
$cshowList :: [EnableMFADevice] -> ShowS
show :: EnableMFADevice -> String
$cshow :: EnableMFADevice -> String
showsPrec :: Int -> EnableMFADevice -> ShowS
$cshowsPrec :: Int -> EnableMFADevice -> ShowS
Prelude.Show, (forall x. EnableMFADevice -> Rep EnableMFADevice x)
-> (forall x. Rep EnableMFADevice x -> EnableMFADevice)
-> Generic EnableMFADevice
forall x. Rep EnableMFADevice x -> EnableMFADevice
forall x. EnableMFADevice -> Rep EnableMFADevice x
forall a.
(forall x. a -> Rep a x) -> (forall x. Rep a x -> a) -> Generic a
$cto :: forall x. Rep EnableMFADevice x -> EnableMFADevice
$cfrom :: forall x. EnableMFADevice -> Rep EnableMFADevice x
Prelude.Generic)

-- |
-- Create a value of 'EnableMFADevice' with all optional fields omitted.
--
-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
--
-- The following record fields are available, with the corresponding lenses provided
-- for backwards compatibility:
--
-- 'userName', 'enableMFADevice_userName' - The name of the IAM user for whom you want to enable the MFA device.
--
-- This parameter allows (through its
-- <http://wikipedia.org/wiki/regex regex pattern>) a string of characters
-- consisting of upper and lowercase alphanumeric characters with no
-- spaces. You can also include any of the following characters: _+=,.\@-
--
-- 'serialNumber', 'enableMFADevice_serialNumber' - The serial number that uniquely identifies the MFA device. For virtual
-- MFA devices, the serial number is the device ARN.
--
-- This parameter allows (through its
-- <http://wikipedia.org/wiki/regex regex pattern>) a string of characters
-- consisting of upper and lowercase alphanumeric characters with no
-- spaces. You can also include any of the following characters: =,.\@:\/-
--
-- 'authenticationCode1', 'enableMFADevice_authenticationCode1' - An authentication code emitted by the device.
--
-- The format for this parameter is a string of six digits.
--
-- Submit your request immediately after generating the authentication
-- codes. If you generate the codes and then wait too long to submit the
-- request, the MFA device successfully associates with the user but the
-- MFA device becomes out of sync. This happens because time-based one-time
-- passwords (TOTP) expire after a short period of time. If this happens,
-- you can
-- <https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_mfa_sync.html resync the device>.
--
-- 'authenticationCode2', 'enableMFADevice_authenticationCode2' - A subsequent authentication code emitted by the device.
--
-- The format for this parameter is a string of six digits.
--
-- Submit your request immediately after generating the authentication
-- codes. If you generate the codes and then wait too long to submit the
-- request, the MFA device successfully associates with the user but the
-- MFA device becomes out of sync. This happens because time-based one-time
-- passwords (TOTP) expire after a short period of time. If this happens,
-- you can
-- <https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_mfa_sync.html resync the device>.
newEnableMFADevice ::
  -- | 'userName'
  Prelude.Text ->
  -- | 'serialNumber'
  Prelude.Text ->
  -- | 'authenticationCode1'
  Prelude.Text ->
  -- | 'authenticationCode2'
  Prelude.Text ->
  EnableMFADevice
newEnableMFADevice :: Text -> Text -> Text -> Text -> EnableMFADevice
newEnableMFADevice
  Text
pUserName_
  Text
pSerialNumber_
  Text
pAuthenticationCode1_
  Text
pAuthenticationCode2_ =
    EnableMFADevice' :: Text -> Text -> Text -> Text -> EnableMFADevice
EnableMFADevice'
      { $sel:userName:EnableMFADevice' :: Text
userName = Text
pUserName_,
        $sel:serialNumber:EnableMFADevice' :: Text
serialNumber = Text
pSerialNumber_,
        $sel:authenticationCode1:EnableMFADevice' :: Text
authenticationCode1 = Text
pAuthenticationCode1_,
        $sel:authenticationCode2:EnableMFADevice' :: Text
authenticationCode2 = Text
pAuthenticationCode2_
      }

-- | The name of the IAM user for whom you want to enable the MFA device.
--
-- This parameter allows (through its
-- <http://wikipedia.org/wiki/regex regex pattern>) a string of characters
-- consisting of upper and lowercase alphanumeric characters with no
-- spaces. You can also include any of the following characters: _+=,.\@-
enableMFADevice_userName :: Lens.Lens' EnableMFADevice Prelude.Text
enableMFADevice_userName :: (Text -> f Text) -> EnableMFADevice -> f EnableMFADevice
enableMFADevice_userName = (EnableMFADevice -> Text)
-> (EnableMFADevice -> Text -> EnableMFADevice)
-> Lens EnableMFADevice EnableMFADevice Text Text
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\EnableMFADevice' {Text
userName :: Text
$sel:userName:EnableMFADevice' :: EnableMFADevice -> Text
userName} -> Text
userName) (\s :: EnableMFADevice
s@EnableMFADevice' {} Text
a -> EnableMFADevice
s {$sel:userName:EnableMFADevice' :: Text
userName = Text
a} :: EnableMFADevice)

-- | The serial number that uniquely identifies the MFA device. For virtual
-- MFA devices, the serial number is the device ARN.
--
-- This parameter allows (through its
-- <http://wikipedia.org/wiki/regex regex pattern>) a string of characters
-- consisting of upper and lowercase alphanumeric characters with no
-- spaces. You can also include any of the following characters: =,.\@:\/-
enableMFADevice_serialNumber :: Lens.Lens' EnableMFADevice Prelude.Text
enableMFADevice_serialNumber :: (Text -> f Text) -> EnableMFADevice -> f EnableMFADevice
enableMFADevice_serialNumber = (EnableMFADevice -> Text)
-> (EnableMFADevice -> Text -> EnableMFADevice)
-> Lens EnableMFADevice EnableMFADevice Text Text
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\EnableMFADevice' {Text
serialNumber :: Text
$sel:serialNumber:EnableMFADevice' :: EnableMFADevice -> Text
serialNumber} -> Text
serialNumber) (\s :: EnableMFADevice
s@EnableMFADevice' {} Text
a -> EnableMFADevice
s {$sel:serialNumber:EnableMFADevice' :: Text
serialNumber = Text
a} :: EnableMFADevice)

-- | An authentication code emitted by the device.
--
-- The format for this parameter is a string of six digits.
--
-- Submit your request immediately after generating the authentication
-- codes. If you generate the codes and then wait too long to submit the
-- request, the MFA device successfully associates with the user but the
-- MFA device becomes out of sync. This happens because time-based one-time
-- passwords (TOTP) expire after a short period of time. If this happens,
-- you can
-- <https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_mfa_sync.html resync the device>.
enableMFADevice_authenticationCode1 :: Lens.Lens' EnableMFADevice Prelude.Text
enableMFADevice_authenticationCode1 :: (Text -> f Text) -> EnableMFADevice -> f EnableMFADevice
enableMFADevice_authenticationCode1 = (EnableMFADevice -> Text)
-> (EnableMFADevice -> Text -> EnableMFADevice)
-> Lens EnableMFADevice EnableMFADevice Text Text
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\EnableMFADevice' {Text
authenticationCode1 :: Text
$sel:authenticationCode1:EnableMFADevice' :: EnableMFADevice -> Text
authenticationCode1} -> Text
authenticationCode1) (\s :: EnableMFADevice
s@EnableMFADevice' {} Text
a -> EnableMFADevice
s {$sel:authenticationCode1:EnableMFADevice' :: Text
authenticationCode1 = Text
a} :: EnableMFADevice)

-- | A subsequent authentication code emitted by the device.
--
-- The format for this parameter is a string of six digits.
--
-- Submit your request immediately after generating the authentication
-- codes. If you generate the codes and then wait too long to submit the
-- request, the MFA device successfully associates with the user but the
-- MFA device becomes out of sync. This happens because time-based one-time
-- passwords (TOTP) expire after a short period of time. If this happens,
-- you can
-- <https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_mfa_sync.html resync the device>.
enableMFADevice_authenticationCode2 :: Lens.Lens' EnableMFADevice Prelude.Text
enableMFADevice_authenticationCode2 :: (Text -> f Text) -> EnableMFADevice -> f EnableMFADevice
enableMFADevice_authenticationCode2 = (EnableMFADevice -> Text)
-> (EnableMFADevice -> Text -> EnableMFADevice)
-> Lens EnableMFADevice EnableMFADevice Text Text
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\EnableMFADevice' {Text
authenticationCode2 :: Text
$sel:authenticationCode2:EnableMFADevice' :: EnableMFADevice -> Text
authenticationCode2} -> Text
authenticationCode2) (\s :: EnableMFADevice
s@EnableMFADevice' {} Text
a -> EnableMFADevice
s {$sel:authenticationCode2:EnableMFADevice' :: Text
authenticationCode2 = Text
a} :: EnableMFADevice)

instance Core.AWSRequest EnableMFADevice where
  type
    AWSResponse EnableMFADevice =
      EnableMFADeviceResponse
  request :: EnableMFADevice -> Request EnableMFADevice
request = Service -> EnableMFADevice -> Request EnableMFADevice
forall a. ToRequest a => Service -> a -> Request a
Request.postQuery Service
defaultService
  response :: Logger
-> Service
-> Proxy EnableMFADevice
-> ClientResponse ClientBody
-> m (Either Error (ClientResponse (AWSResponse EnableMFADevice)))
response =
    AWSResponse EnableMFADevice
-> Logger
-> Service
-> Proxy EnableMFADevice
-> ClientResponse ClientBody
-> m (Either Error (ClientResponse (AWSResponse EnableMFADevice)))
forall (m :: * -> *) a.
MonadResource m =>
AWSResponse a
-> Logger
-> Service
-> Proxy a
-> ClientResponse ClientBody
-> m (Either Error (ClientResponse (AWSResponse a)))
Response.receiveNull AWSResponse EnableMFADevice
EnableMFADeviceResponse
EnableMFADeviceResponse'

instance Prelude.Hashable EnableMFADevice

instance Prelude.NFData EnableMFADevice

instance Core.ToHeaders EnableMFADevice where
  toHeaders :: EnableMFADevice -> [Header]
toHeaders = [Header] -> EnableMFADevice -> [Header]
forall a b. a -> b -> a
Prelude.const [Header]
forall a. Monoid a => a
Prelude.mempty

instance Core.ToPath EnableMFADevice where
  toPath :: EnableMFADevice -> ByteString
toPath = ByteString -> EnableMFADevice -> ByteString
forall a b. a -> b -> a
Prelude.const ByteString
"/"

instance Core.ToQuery EnableMFADevice where
  toQuery :: EnableMFADevice -> QueryString
toQuery EnableMFADevice' {Text
authenticationCode2 :: Text
authenticationCode1 :: Text
serialNumber :: Text
userName :: Text
$sel:authenticationCode2:EnableMFADevice' :: EnableMFADevice -> Text
$sel:authenticationCode1:EnableMFADevice' :: EnableMFADevice -> Text
$sel:serialNumber:EnableMFADevice' :: EnableMFADevice -> Text
$sel:userName:EnableMFADevice' :: EnableMFADevice -> Text
..} =
    [QueryString] -> QueryString
forall a. Monoid a => [a] -> a
Prelude.mconcat
      [ ByteString
"Action"
          ByteString -> ByteString -> QueryString
forall a. ToQuery a => ByteString -> a -> QueryString
Core.=: (ByteString
"EnableMFADevice" :: Prelude.ByteString),
        ByteString
"Version"
          ByteString -> ByteString -> QueryString
forall a. ToQuery a => ByteString -> a -> QueryString
Core.=: (ByteString
"2010-05-08" :: Prelude.ByteString),
        ByteString
"UserName" ByteString -> Text -> QueryString
forall a. ToQuery a => ByteString -> a -> QueryString
Core.=: Text
userName,
        ByteString
"SerialNumber" ByteString -> Text -> QueryString
forall a. ToQuery a => ByteString -> a -> QueryString
Core.=: Text
serialNumber,
        ByteString
"AuthenticationCode1" ByteString -> Text -> QueryString
forall a. ToQuery a => ByteString -> a -> QueryString
Core.=: Text
authenticationCode1,
        ByteString
"AuthenticationCode2" ByteString -> Text -> QueryString
forall a. ToQuery a => ByteString -> a -> QueryString
Core.=: Text
authenticationCode2
      ]

-- | /See:/ 'newEnableMFADeviceResponse' smart constructor.
data EnableMFADeviceResponse = EnableMFADeviceResponse'
  {
  }
  deriving (EnableMFADeviceResponse -> EnableMFADeviceResponse -> Bool
(EnableMFADeviceResponse -> EnableMFADeviceResponse -> Bool)
-> (EnableMFADeviceResponse -> EnableMFADeviceResponse -> Bool)
-> Eq EnableMFADeviceResponse
forall a. (a -> a -> Bool) -> (a -> a -> Bool) -> Eq a
/= :: EnableMFADeviceResponse -> EnableMFADeviceResponse -> Bool
$c/= :: EnableMFADeviceResponse -> EnableMFADeviceResponse -> Bool
== :: EnableMFADeviceResponse -> EnableMFADeviceResponse -> Bool
$c== :: EnableMFADeviceResponse -> EnableMFADeviceResponse -> Bool
Prelude.Eq, ReadPrec [EnableMFADeviceResponse]
ReadPrec EnableMFADeviceResponse
Int -> ReadS EnableMFADeviceResponse
ReadS [EnableMFADeviceResponse]
(Int -> ReadS EnableMFADeviceResponse)
-> ReadS [EnableMFADeviceResponse]
-> ReadPrec EnableMFADeviceResponse
-> ReadPrec [EnableMFADeviceResponse]
-> Read EnableMFADeviceResponse
forall a.
(Int -> ReadS a)
-> ReadS [a] -> ReadPrec a -> ReadPrec [a] -> Read a
readListPrec :: ReadPrec [EnableMFADeviceResponse]
$creadListPrec :: ReadPrec [EnableMFADeviceResponse]
readPrec :: ReadPrec EnableMFADeviceResponse
$creadPrec :: ReadPrec EnableMFADeviceResponse
readList :: ReadS [EnableMFADeviceResponse]
$creadList :: ReadS [EnableMFADeviceResponse]
readsPrec :: Int -> ReadS EnableMFADeviceResponse
$creadsPrec :: Int -> ReadS EnableMFADeviceResponse
Prelude.Read, Int -> EnableMFADeviceResponse -> ShowS
[EnableMFADeviceResponse] -> ShowS
EnableMFADeviceResponse -> String
(Int -> EnableMFADeviceResponse -> ShowS)
-> (EnableMFADeviceResponse -> String)
-> ([EnableMFADeviceResponse] -> ShowS)
-> Show EnableMFADeviceResponse
forall a.
(Int -> a -> ShowS) -> (a -> String) -> ([a] -> ShowS) -> Show a
showList :: [EnableMFADeviceResponse] -> ShowS
$cshowList :: [EnableMFADeviceResponse] -> ShowS
show :: EnableMFADeviceResponse -> String
$cshow :: EnableMFADeviceResponse -> String
showsPrec :: Int -> EnableMFADeviceResponse -> ShowS
$cshowsPrec :: Int -> EnableMFADeviceResponse -> ShowS
Prelude.Show, (forall x.
 EnableMFADeviceResponse -> Rep EnableMFADeviceResponse x)
-> (forall x.
    Rep EnableMFADeviceResponse x -> EnableMFADeviceResponse)
-> Generic EnableMFADeviceResponse
forall x. Rep EnableMFADeviceResponse x -> EnableMFADeviceResponse
forall x. EnableMFADeviceResponse -> Rep EnableMFADeviceResponse x
forall a.
(forall x. a -> Rep a x) -> (forall x. Rep a x -> a) -> Generic a
$cto :: forall x. Rep EnableMFADeviceResponse x -> EnableMFADeviceResponse
$cfrom :: forall x. EnableMFADeviceResponse -> Rep EnableMFADeviceResponse x
Prelude.Generic)

-- |
-- Create a value of 'EnableMFADeviceResponse' with all optional fields omitted.
--
-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
newEnableMFADeviceResponse ::
  EnableMFADeviceResponse
newEnableMFADeviceResponse :: EnableMFADeviceResponse
newEnableMFADeviceResponse = EnableMFADeviceResponse
EnableMFADeviceResponse'

instance Prelude.NFData EnableMFADeviceResponse