{-# LANGUAGE DeriveGeneric #-}
{-# LANGUAGE DuplicateRecordFields #-}
{-# LANGUAGE NamedFieldPuns #-}
{-# LANGUAGE OverloadedStrings #-}
{-# LANGUAGE RecordWildCards #-}
{-# LANGUAGE StrictData #-}
{-# LANGUAGE TypeFamilies #-}
{-# LANGUAGE NoImplicitPrelude #-}
{-# OPTIONS_GHC -fno-warn-unused-binds #-}
{-# OPTIONS_GHC -fno-warn-unused-imports #-}
{-# OPTIONS_GHC -fno-warn-unused-matches #-}

-- Derived from AWS service descriptions, licensed under Apache 2.0.

-- |
-- Module      : Amazonka.IAM.GenerateOrganizationsAccessReport
-- Copyright   : (c) 2013-2021 Brendan Hay
-- License     : Mozilla Public License, v. 2.0.
-- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
-- Stability   : auto-generated
-- Portability : non-portable (GHC extensions)
--
-- Generates a report for service last accessed data for Organizations. You
-- can generate a report for any entities (organization root,
-- organizational unit, or account) or policies in your organization.
--
-- To call this operation, you must be signed in using your Organizations
-- management account credentials. You can use your long-term IAM user or
-- root user credentials, or temporary credentials from assuming an IAM
-- role. SCPs must be enabled for your organization root. You must have the
-- required IAM and Organizations permissions. For more information, see
-- <https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html Refining permissions using service last accessed data>
-- in the /IAM User Guide/.
--
-- You can generate a service last accessed data report for entities by
-- specifying only the entity\'s path. This data includes a list of
-- services that are allowed by any service control policies (SCPs) that
-- apply to the entity.
--
-- You can generate a service last accessed data report for a policy by
-- specifying an entity\'s path and an optional Organizations policy ID.
-- This data includes a list of services that are allowed by the specified
-- SCP.
--
-- For each service in both report types, the data includes the most recent
-- account activity that the policy allows to account principals in the
-- entity or the entity\'s children. For important information about the
-- data, reporting period, permissions required, troubleshooting, and
-- supported Regions see
-- <https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html Reducing permissions using service last accessed data>
-- in the /IAM User Guide/.
--
-- The data includes all attempts to access Amazon Web Services, not just
-- the successful ones. This includes all attempts that were made using the
-- Amazon Web Services Management Console, the Amazon Web Services API
-- through any of the SDKs, or any of the command line tools. An unexpected
-- entry in the service last accessed data does not mean that an account
-- has been compromised, because the request might have been denied. Refer
-- to your CloudTrail logs as the authoritative source for information
-- about all API calls and whether they were successful or denied access.
-- For more information,
-- see <https://docs.aws.amazon.com/IAM/latest/UserGuide/cloudtrail-integration.html Logging IAM events with CloudTrail>
-- in the /IAM User Guide/.
--
-- This operation returns a @JobId@. Use this parameter in the
-- @ GetOrganizationsAccessReport @ operation to check the status of the
-- report generation. To check the status of this request, use the @JobId@
-- parameter in the @ GetOrganizationsAccessReport @ operation and test the
-- @JobStatus@ response parameter. When the job is complete, you can
-- retrieve the report.
--
-- To generate a service last accessed data report for entities, specify an
-- entity path without specifying the optional Organizations policy ID. The
-- type of entity that you specify determines the data returned in the
-- report.
--
-- -   __Root__ – When you specify the organizations root as the entity,
--     the resulting report lists all of the services allowed by SCPs that
--     are attached to your root. For each service, the report includes
--     data for all accounts in your organization except the management
--     account, because the management account is not limited by SCPs.
--
-- -   __OU__ – When you specify an organizational unit (OU) as the entity,
--     the resulting report lists all of the services allowed by SCPs that
--     are attached to the OU and its parents. For each service, the report
--     includes data for all accounts in the OU or its children. This data
--     excludes the management account, because the management account is
--     not limited by SCPs.
--
-- -   __management account__ – When you specify the management account,
--     the resulting report lists all Amazon Web Services services, because
--     the management account is not limited by SCPs. For each service, the
--     report includes data for only the management account.
--
-- -   __Account__ – When you specify another account as the entity, the
--     resulting report lists all of the services allowed by SCPs that are
--     attached to the account and its parents. For each service, the
--     report includes data for only the specified account.
--
-- To generate a service last accessed data report for policies, specify an
-- entity path and the optional Organizations policy ID. The type of entity
-- that you specify determines the data returned for each service.
--
-- -   __Root__ – When you specify the root entity and a policy ID, the
--     resulting report lists all of the services that are allowed by the
--     specified SCP. For each service, the report includes data for all
--     accounts in your organization to which the SCP applies. This data
--     excludes the management account, because the management account is
--     not limited by SCPs. If the SCP is not attached to any entities in
--     the organization, then the report will return a list of services
--     with no data.
--
-- -   __OU__ – When you specify an OU entity and a policy ID, the
--     resulting report lists all of the services that are allowed by the
--     specified SCP. For each service, the report includes data for all
--     accounts in the OU or its children to which the SCP applies. This
--     means that other accounts outside the OU that are affected by the
--     SCP might not be included in the data. This data excludes the
--     management account, because the management account is not limited by
--     SCPs. If the SCP is not attached to the OU or one of its children,
--     the report will return a list of services with no data.
--
-- -   __management account__ – When you specify the management account,
--     the resulting report lists all Amazon Web Services services, because
--     the management account is not limited by SCPs. If you specify a
--     policy ID in the CLI or API, the policy is ignored. For each
--     service, the report includes data for only the management account.
--
-- -   __Account__ – When you specify another account entity and a policy
--     ID, the resulting report lists all of the services that are allowed
--     by the specified SCP. For each service, the report includes data for
--     only the specified account. This means that other accounts in the
--     organization that are affected by the SCP might not be included in
--     the data. If the SCP is not attached to the account, the report will
--     return a list of services with no data.
--
-- Service last accessed data does not use other policy types when
-- determining whether a principal could access a service. These other
-- policy types include identity-based policies, resource-based policies,
-- access control lists, IAM permissions boundaries, and STS assume role
-- policies. It only applies SCP logic. For more about the evaluation of
-- policy types, see
-- <https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html#policy-eval-basics Evaluating policies>
-- in the /IAM User Guide/.
--
-- For more information about service last accessed data, see
-- <https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html Reducing policy scope by viewing user activity>
-- in the /IAM User Guide/.
module Amazonka.IAM.GenerateOrganizationsAccessReport
  ( -- * Creating a Request
    GenerateOrganizationsAccessReport (..),
    newGenerateOrganizationsAccessReport,

    -- * Request Lenses
    generateOrganizationsAccessReport_organizationsPolicyId,
    generateOrganizationsAccessReport_entityPath,

    -- * Destructuring the Response
    GenerateOrganizationsAccessReportResponse (..),
    newGenerateOrganizationsAccessReportResponse,

    -- * Response Lenses
    generateOrganizationsAccessReportResponse_jobId,
    generateOrganizationsAccessReportResponse_httpStatus,
  )
where

import qualified Amazonka.Core as Core
import Amazonka.IAM.Types
import qualified Amazonka.Lens as Lens
import qualified Amazonka.Prelude as Prelude
import qualified Amazonka.Request as Request
import qualified Amazonka.Response as Response

-- | /See:/ 'newGenerateOrganizationsAccessReport' smart constructor.
data GenerateOrganizationsAccessReport = GenerateOrganizationsAccessReport'
  { -- | The identifier of the Organizations service control policy (SCP). This
    -- parameter is optional.
    --
    -- This ID is used to generate information about when an account principal
    -- that is limited by the SCP attempted to access an Amazon Web Services
    -- service.
    GenerateOrganizationsAccessReport -> Maybe Text
organizationsPolicyId :: Prelude.Maybe Prelude.Text,
    -- | The path of the Organizations entity (root, OU, or account). You can
    -- build an entity path using the known structure of your organization. For
    -- example, assume that your account ID is @123456789012@ and its parent OU
    -- ID is @ou-rge0-awsabcde@. The organization root ID is
    -- @r-f6g7h8i9j0example@ and your organization ID is @o-a1b2c3d4e5@. Your
    -- entity path is
    -- @o-a1b2c3d4e5\/r-f6g7h8i9j0example\/ou-rge0-awsabcde\/123456789012@.
    GenerateOrganizationsAccessReport -> Text
entityPath :: Prelude.Text
  }
  deriving (GenerateOrganizationsAccessReport
-> GenerateOrganizationsAccessReport -> Bool
(GenerateOrganizationsAccessReport
 -> GenerateOrganizationsAccessReport -> Bool)
-> (GenerateOrganizationsAccessReport
    -> GenerateOrganizationsAccessReport -> Bool)
-> Eq GenerateOrganizationsAccessReport
forall a. (a -> a -> Bool) -> (a -> a -> Bool) -> Eq a
/= :: GenerateOrganizationsAccessReport
-> GenerateOrganizationsAccessReport -> Bool
$c/= :: GenerateOrganizationsAccessReport
-> GenerateOrganizationsAccessReport -> Bool
== :: GenerateOrganizationsAccessReport
-> GenerateOrganizationsAccessReport -> Bool
$c== :: GenerateOrganizationsAccessReport
-> GenerateOrganizationsAccessReport -> Bool
Prelude.Eq, ReadPrec [GenerateOrganizationsAccessReport]
ReadPrec GenerateOrganizationsAccessReport
Int -> ReadS GenerateOrganizationsAccessReport
ReadS [GenerateOrganizationsAccessReport]
(Int -> ReadS GenerateOrganizationsAccessReport)
-> ReadS [GenerateOrganizationsAccessReport]
-> ReadPrec GenerateOrganizationsAccessReport
-> ReadPrec [GenerateOrganizationsAccessReport]
-> Read GenerateOrganizationsAccessReport
forall a.
(Int -> ReadS a)
-> ReadS [a] -> ReadPrec a -> ReadPrec [a] -> Read a
readListPrec :: ReadPrec [GenerateOrganizationsAccessReport]
$creadListPrec :: ReadPrec [GenerateOrganizationsAccessReport]
readPrec :: ReadPrec GenerateOrganizationsAccessReport
$creadPrec :: ReadPrec GenerateOrganizationsAccessReport
readList :: ReadS [GenerateOrganizationsAccessReport]
$creadList :: ReadS [GenerateOrganizationsAccessReport]
readsPrec :: Int -> ReadS GenerateOrganizationsAccessReport
$creadsPrec :: Int -> ReadS GenerateOrganizationsAccessReport
Prelude.Read, Int -> GenerateOrganizationsAccessReport -> ShowS
[GenerateOrganizationsAccessReport] -> ShowS
GenerateOrganizationsAccessReport -> String
(Int -> GenerateOrganizationsAccessReport -> ShowS)
-> (GenerateOrganizationsAccessReport -> String)
-> ([GenerateOrganizationsAccessReport] -> ShowS)
-> Show GenerateOrganizationsAccessReport
forall a.
(Int -> a -> ShowS) -> (a -> String) -> ([a] -> ShowS) -> Show a
showList :: [GenerateOrganizationsAccessReport] -> ShowS
$cshowList :: [GenerateOrganizationsAccessReport] -> ShowS
show :: GenerateOrganizationsAccessReport -> String
$cshow :: GenerateOrganizationsAccessReport -> String
showsPrec :: Int -> GenerateOrganizationsAccessReport -> ShowS
$cshowsPrec :: Int -> GenerateOrganizationsAccessReport -> ShowS
Prelude.Show, (forall x.
 GenerateOrganizationsAccessReport
 -> Rep GenerateOrganizationsAccessReport x)
-> (forall x.
    Rep GenerateOrganizationsAccessReport x
    -> GenerateOrganizationsAccessReport)
-> Generic GenerateOrganizationsAccessReport
forall x.
Rep GenerateOrganizationsAccessReport x
-> GenerateOrganizationsAccessReport
forall x.
GenerateOrganizationsAccessReport
-> Rep GenerateOrganizationsAccessReport x
forall a.
(forall x. a -> Rep a x) -> (forall x. Rep a x -> a) -> Generic a
$cto :: forall x.
Rep GenerateOrganizationsAccessReport x
-> GenerateOrganizationsAccessReport
$cfrom :: forall x.
GenerateOrganizationsAccessReport
-> Rep GenerateOrganizationsAccessReport x
Prelude.Generic)

-- |
-- Create a value of 'GenerateOrganizationsAccessReport' with all optional fields omitted.
--
-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
--
-- The following record fields are available, with the corresponding lenses provided
-- for backwards compatibility:
--
-- 'organizationsPolicyId', 'generateOrganizationsAccessReport_organizationsPolicyId' - The identifier of the Organizations service control policy (SCP). This
-- parameter is optional.
--
-- This ID is used to generate information about when an account principal
-- that is limited by the SCP attempted to access an Amazon Web Services
-- service.
--
-- 'entityPath', 'generateOrganizationsAccessReport_entityPath' - The path of the Organizations entity (root, OU, or account). You can
-- build an entity path using the known structure of your organization. For
-- example, assume that your account ID is @123456789012@ and its parent OU
-- ID is @ou-rge0-awsabcde@. The organization root ID is
-- @r-f6g7h8i9j0example@ and your organization ID is @o-a1b2c3d4e5@. Your
-- entity path is
-- @o-a1b2c3d4e5\/r-f6g7h8i9j0example\/ou-rge0-awsabcde\/123456789012@.
newGenerateOrganizationsAccessReport ::
  -- | 'entityPath'
  Prelude.Text ->
  GenerateOrganizationsAccessReport
newGenerateOrganizationsAccessReport :: Text -> GenerateOrganizationsAccessReport
newGenerateOrganizationsAccessReport Text
pEntityPath_ =
  GenerateOrganizationsAccessReport' :: Maybe Text -> Text -> GenerateOrganizationsAccessReport
GenerateOrganizationsAccessReport'
    { $sel:organizationsPolicyId:GenerateOrganizationsAccessReport' :: Maybe Text
organizationsPolicyId =
        Maybe Text
forall a. Maybe a
Prelude.Nothing,
      $sel:entityPath:GenerateOrganizationsAccessReport' :: Text
entityPath = Text
pEntityPath_
    }

-- | The identifier of the Organizations service control policy (SCP). This
-- parameter is optional.
--
-- This ID is used to generate information about when an account principal
-- that is limited by the SCP attempted to access an Amazon Web Services
-- service.
generateOrganizationsAccessReport_organizationsPolicyId :: Lens.Lens' GenerateOrganizationsAccessReport (Prelude.Maybe Prelude.Text)
generateOrganizationsAccessReport_organizationsPolicyId :: (Maybe Text -> f (Maybe Text))
-> GenerateOrganizationsAccessReport
-> f GenerateOrganizationsAccessReport
generateOrganizationsAccessReport_organizationsPolicyId = (GenerateOrganizationsAccessReport -> Maybe Text)
-> (GenerateOrganizationsAccessReport
    -> Maybe Text -> GenerateOrganizationsAccessReport)
-> Lens
     GenerateOrganizationsAccessReport
     GenerateOrganizationsAccessReport
     (Maybe Text)
     (Maybe Text)
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\GenerateOrganizationsAccessReport' {Maybe Text
organizationsPolicyId :: Maybe Text
$sel:organizationsPolicyId:GenerateOrganizationsAccessReport' :: GenerateOrganizationsAccessReport -> Maybe Text
organizationsPolicyId} -> Maybe Text
organizationsPolicyId) (\s :: GenerateOrganizationsAccessReport
s@GenerateOrganizationsAccessReport' {} Maybe Text
a -> GenerateOrganizationsAccessReport
s {$sel:organizationsPolicyId:GenerateOrganizationsAccessReport' :: Maybe Text
organizationsPolicyId = Maybe Text
a} :: GenerateOrganizationsAccessReport)

-- | The path of the Organizations entity (root, OU, or account). You can
-- build an entity path using the known structure of your organization. For
-- example, assume that your account ID is @123456789012@ and its parent OU
-- ID is @ou-rge0-awsabcde@. The organization root ID is
-- @r-f6g7h8i9j0example@ and your organization ID is @o-a1b2c3d4e5@. Your
-- entity path is
-- @o-a1b2c3d4e5\/r-f6g7h8i9j0example\/ou-rge0-awsabcde\/123456789012@.
generateOrganizationsAccessReport_entityPath :: Lens.Lens' GenerateOrganizationsAccessReport Prelude.Text
generateOrganizationsAccessReport_entityPath :: (Text -> f Text)
-> GenerateOrganizationsAccessReport
-> f GenerateOrganizationsAccessReport
generateOrganizationsAccessReport_entityPath = (GenerateOrganizationsAccessReport -> Text)
-> (GenerateOrganizationsAccessReport
    -> Text -> GenerateOrganizationsAccessReport)
-> Lens
     GenerateOrganizationsAccessReport
     GenerateOrganizationsAccessReport
     Text
     Text
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\GenerateOrganizationsAccessReport' {Text
entityPath :: Text
$sel:entityPath:GenerateOrganizationsAccessReport' :: GenerateOrganizationsAccessReport -> Text
entityPath} -> Text
entityPath) (\s :: GenerateOrganizationsAccessReport
s@GenerateOrganizationsAccessReport' {} Text
a -> GenerateOrganizationsAccessReport
s {$sel:entityPath:GenerateOrganizationsAccessReport' :: Text
entityPath = Text
a} :: GenerateOrganizationsAccessReport)

instance
  Core.AWSRequest
    GenerateOrganizationsAccessReport
  where
  type
    AWSResponse GenerateOrganizationsAccessReport =
      GenerateOrganizationsAccessReportResponse
  request :: GenerateOrganizationsAccessReport
-> Request GenerateOrganizationsAccessReport
request = Service
-> GenerateOrganizationsAccessReport
-> Request GenerateOrganizationsAccessReport
forall a. ToRequest a => Service -> a -> Request a
Request.postQuery Service
defaultService
  response :: Logger
-> Service
-> Proxy GenerateOrganizationsAccessReport
-> ClientResponse ClientBody
-> m (Either
        Error
        (ClientResponse (AWSResponse GenerateOrganizationsAccessReport)))
response =
    Text
-> (Int
    -> ResponseHeaders
    -> [Node]
    -> Either String (AWSResponse GenerateOrganizationsAccessReport))
-> Logger
-> Service
-> Proxy GenerateOrganizationsAccessReport
-> ClientResponse ClientBody
-> m (Either
        Error
        (ClientResponse (AWSResponse GenerateOrganizationsAccessReport)))
forall (m :: * -> *) a.
MonadResource m =>
Text
-> (Int
    -> ResponseHeaders -> [Node] -> Either String (AWSResponse a))
-> Logger
-> Service
-> Proxy a
-> ClientResponse ClientBody
-> m (Either Error (ClientResponse (AWSResponse a)))
Response.receiveXMLWrapper
      Text
"GenerateOrganizationsAccessReportResult"
      ( \Int
s ResponseHeaders
h [Node]
x ->
          Maybe Text -> Int -> GenerateOrganizationsAccessReportResponse
GenerateOrganizationsAccessReportResponse'
            (Maybe Text -> Int -> GenerateOrganizationsAccessReportResponse)
-> Either String (Maybe Text)
-> Either String (Int -> GenerateOrganizationsAccessReportResponse)
forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
Prelude.<$> ([Node]
x [Node] -> Text -> Either String (Maybe Text)
forall a. FromXML a => [Node] -> Text -> Either String (Maybe a)
Core..@? Text
"JobId")
              Either String (Int -> GenerateOrganizationsAccessReportResponse)
-> Either String Int
-> Either String GenerateOrganizationsAccessReportResponse
forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Int -> Either String Int
forall (f :: * -> *) a. Applicative f => a -> f a
Prelude.pure (Int -> Int
forall a. Enum a => a -> Int
Prelude.fromEnum Int
s))
      )

instance
  Prelude.Hashable
    GenerateOrganizationsAccessReport

instance
  Prelude.NFData
    GenerateOrganizationsAccessReport

instance
  Core.ToHeaders
    GenerateOrganizationsAccessReport
  where
  toHeaders :: GenerateOrganizationsAccessReport -> ResponseHeaders
toHeaders = ResponseHeaders
-> GenerateOrganizationsAccessReport -> ResponseHeaders
forall a b. a -> b -> a
Prelude.const ResponseHeaders
forall a. Monoid a => a
Prelude.mempty

instance
  Core.ToPath
    GenerateOrganizationsAccessReport
  where
  toPath :: GenerateOrganizationsAccessReport -> ByteString
toPath = ByteString -> GenerateOrganizationsAccessReport -> ByteString
forall a b. a -> b -> a
Prelude.const ByteString
"/"

instance
  Core.ToQuery
    GenerateOrganizationsAccessReport
  where
  toQuery :: GenerateOrganizationsAccessReport -> QueryString
toQuery GenerateOrganizationsAccessReport' {Maybe Text
Text
entityPath :: Text
organizationsPolicyId :: Maybe Text
$sel:entityPath:GenerateOrganizationsAccessReport' :: GenerateOrganizationsAccessReport -> Text
$sel:organizationsPolicyId:GenerateOrganizationsAccessReport' :: GenerateOrganizationsAccessReport -> Maybe Text
..} =
    [QueryString] -> QueryString
forall a. Monoid a => [a] -> a
Prelude.mconcat
      [ ByteString
"Action"
          ByteString -> ByteString -> QueryString
forall a. ToQuery a => ByteString -> a -> QueryString
Core.=: ( ByteString
"GenerateOrganizationsAccessReport" ::
                      Prelude.ByteString
                  ),
        ByteString
"Version"
          ByteString -> ByteString -> QueryString
forall a. ToQuery a => ByteString -> a -> QueryString
Core.=: (ByteString
"2010-05-08" :: Prelude.ByteString),
        ByteString
"OrganizationsPolicyId"
          ByteString -> Maybe Text -> QueryString
forall a. ToQuery a => ByteString -> a -> QueryString
Core.=: Maybe Text
organizationsPolicyId,
        ByteString
"EntityPath" ByteString -> Text -> QueryString
forall a. ToQuery a => ByteString -> a -> QueryString
Core.=: Text
entityPath
      ]

-- | /See:/ 'newGenerateOrganizationsAccessReportResponse' smart constructor.
data GenerateOrganizationsAccessReportResponse = GenerateOrganizationsAccessReportResponse'
  { -- | The job identifier that you can use in the GetOrganizationsAccessReport
    -- operation.
    GenerateOrganizationsAccessReportResponse -> Maybe Text
jobId :: Prelude.Maybe Prelude.Text,
    -- | The response's http status code.
    GenerateOrganizationsAccessReportResponse -> Int
httpStatus :: Prelude.Int
  }
  deriving (GenerateOrganizationsAccessReportResponse
-> GenerateOrganizationsAccessReportResponse -> Bool
(GenerateOrganizationsAccessReportResponse
 -> GenerateOrganizationsAccessReportResponse -> Bool)
-> (GenerateOrganizationsAccessReportResponse
    -> GenerateOrganizationsAccessReportResponse -> Bool)
-> Eq GenerateOrganizationsAccessReportResponse
forall a. (a -> a -> Bool) -> (a -> a -> Bool) -> Eq a
/= :: GenerateOrganizationsAccessReportResponse
-> GenerateOrganizationsAccessReportResponse -> Bool
$c/= :: GenerateOrganizationsAccessReportResponse
-> GenerateOrganizationsAccessReportResponse -> Bool
== :: GenerateOrganizationsAccessReportResponse
-> GenerateOrganizationsAccessReportResponse -> Bool
$c== :: GenerateOrganizationsAccessReportResponse
-> GenerateOrganizationsAccessReportResponse -> Bool
Prelude.Eq, ReadPrec [GenerateOrganizationsAccessReportResponse]
ReadPrec GenerateOrganizationsAccessReportResponse
Int -> ReadS GenerateOrganizationsAccessReportResponse
ReadS [GenerateOrganizationsAccessReportResponse]
(Int -> ReadS GenerateOrganizationsAccessReportResponse)
-> ReadS [GenerateOrganizationsAccessReportResponse]
-> ReadPrec GenerateOrganizationsAccessReportResponse
-> ReadPrec [GenerateOrganizationsAccessReportResponse]
-> Read GenerateOrganizationsAccessReportResponse
forall a.
(Int -> ReadS a)
-> ReadS [a] -> ReadPrec a -> ReadPrec [a] -> Read a
readListPrec :: ReadPrec [GenerateOrganizationsAccessReportResponse]
$creadListPrec :: ReadPrec [GenerateOrganizationsAccessReportResponse]
readPrec :: ReadPrec GenerateOrganizationsAccessReportResponse
$creadPrec :: ReadPrec GenerateOrganizationsAccessReportResponse
readList :: ReadS [GenerateOrganizationsAccessReportResponse]
$creadList :: ReadS [GenerateOrganizationsAccessReportResponse]
readsPrec :: Int -> ReadS GenerateOrganizationsAccessReportResponse
$creadsPrec :: Int -> ReadS GenerateOrganizationsAccessReportResponse
Prelude.Read, Int -> GenerateOrganizationsAccessReportResponse -> ShowS
[GenerateOrganizationsAccessReportResponse] -> ShowS
GenerateOrganizationsAccessReportResponse -> String
(Int -> GenerateOrganizationsAccessReportResponse -> ShowS)
-> (GenerateOrganizationsAccessReportResponse -> String)
-> ([GenerateOrganizationsAccessReportResponse] -> ShowS)
-> Show GenerateOrganizationsAccessReportResponse
forall a.
(Int -> a -> ShowS) -> (a -> String) -> ([a] -> ShowS) -> Show a
showList :: [GenerateOrganizationsAccessReportResponse] -> ShowS
$cshowList :: [GenerateOrganizationsAccessReportResponse] -> ShowS
show :: GenerateOrganizationsAccessReportResponse -> String
$cshow :: GenerateOrganizationsAccessReportResponse -> String
showsPrec :: Int -> GenerateOrganizationsAccessReportResponse -> ShowS
$cshowsPrec :: Int -> GenerateOrganizationsAccessReportResponse -> ShowS
Prelude.Show, (forall x.
 GenerateOrganizationsAccessReportResponse
 -> Rep GenerateOrganizationsAccessReportResponse x)
-> (forall x.
    Rep GenerateOrganizationsAccessReportResponse x
    -> GenerateOrganizationsAccessReportResponse)
-> Generic GenerateOrganizationsAccessReportResponse
forall x.
Rep GenerateOrganizationsAccessReportResponse x
-> GenerateOrganizationsAccessReportResponse
forall x.
GenerateOrganizationsAccessReportResponse
-> Rep GenerateOrganizationsAccessReportResponse x
forall a.
(forall x. a -> Rep a x) -> (forall x. Rep a x -> a) -> Generic a
$cto :: forall x.
Rep GenerateOrganizationsAccessReportResponse x
-> GenerateOrganizationsAccessReportResponse
$cfrom :: forall x.
GenerateOrganizationsAccessReportResponse
-> Rep GenerateOrganizationsAccessReportResponse x
Prelude.Generic)

-- |
-- Create a value of 'GenerateOrganizationsAccessReportResponse' with all optional fields omitted.
--
-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
--
-- The following record fields are available, with the corresponding lenses provided
-- for backwards compatibility:
--
-- 'jobId', 'generateOrganizationsAccessReportResponse_jobId' - The job identifier that you can use in the GetOrganizationsAccessReport
-- operation.
--
-- 'httpStatus', 'generateOrganizationsAccessReportResponse_httpStatus' - The response's http status code.
newGenerateOrganizationsAccessReportResponse ::
  -- | 'httpStatus'
  Prelude.Int ->
  GenerateOrganizationsAccessReportResponse
newGenerateOrganizationsAccessReportResponse :: Int -> GenerateOrganizationsAccessReportResponse
newGenerateOrganizationsAccessReportResponse
  Int
pHttpStatus_ =
    GenerateOrganizationsAccessReportResponse' :: Maybe Text -> Int -> GenerateOrganizationsAccessReportResponse
GenerateOrganizationsAccessReportResponse'
      { $sel:jobId:GenerateOrganizationsAccessReportResponse' :: Maybe Text
jobId =
          Maybe Text
forall a. Maybe a
Prelude.Nothing,
        $sel:httpStatus:GenerateOrganizationsAccessReportResponse' :: Int
httpStatus = Int
pHttpStatus_
      }

-- | The job identifier that you can use in the GetOrganizationsAccessReport
-- operation.
generateOrganizationsAccessReportResponse_jobId :: Lens.Lens' GenerateOrganizationsAccessReportResponse (Prelude.Maybe Prelude.Text)
generateOrganizationsAccessReportResponse_jobId :: (Maybe Text -> f (Maybe Text))
-> GenerateOrganizationsAccessReportResponse
-> f GenerateOrganizationsAccessReportResponse
generateOrganizationsAccessReportResponse_jobId = (GenerateOrganizationsAccessReportResponse -> Maybe Text)
-> (GenerateOrganizationsAccessReportResponse
    -> Maybe Text -> GenerateOrganizationsAccessReportResponse)
-> Lens
     GenerateOrganizationsAccessReportResponse
     GenerateOrganizationsAccessReportResponse
     (Maybe Text)
     (Maybe Text)
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\GenerateOrganizationsAccessReportResponse' {Maybe Text
jobId :: Maybe Text
$sel:jobId:GenerateOrganizationsAccessReportResponse' :: GenerateOrganizationsAccessReportResponse -> Maybe Text
jobId} -> Maybe Text
jobId) (\s :: GenerateOrganizationsAccessReportResponse
s@GenerateOrganizationsAccessReportResponse' {} Maybe Text
a -> GenerateOrganizationsAccessReportResponse
s {$sel:jobId:GenerateOrganizationsAccessReportResponse' :: Maybe Text
jobId = Maybe Text
a} :: GenerateOrganizationsAccessReportResponse)

-- | The response's http status code.
generateOrganizationsAccessReportResponse_httpStatus :: Lens.Lens' GenerateOrganizationsAccessReportResponse Prelude.Int
generateOrganizationsAccessReportResponse_httpStatus :: (Int -> f Int)
-> GenerateOrganizationsAccessReportResponse
-> f GenerateOrganizationsAccessReportResponse
generateOrganizationsAccessReportResponse_httpStatus = (GenerateOrganizationsAccessReportResponse -> Int)
-> (GenerateOrganizationsAccessReportResponse
    -> Int -> GenerateOrganizationsAccessReportResponse)
-> Lens
     GenerateOrganizationsAccessReportResponse
     GenerateOrganizationsAccessReportResponse
     Int
     Int
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\GenerateOrganizationsAccessReportResponse' {Int
httpStatus :: Int
$sel:httpStatus:GenerateOrganizationsAccessReportResponse' :: GenerateOrganizationsAccessReportResponse -> Int
httpStatus} -> Int
httpStatus) (\s :: GenerateOrganizationsAccessReportResponse
s@GenerateOrganizationsAccessReportResponse' {} Int
a -> GenerateOrganizationsAccessReportResponse
s {$sel:httpStatus:GenerateOrganizationsAccessReportResponse' :: Int
httpStatus = Int
a} :: GenerateOrganizationsAccessReportResponse)

instance
  Prelude.NFData
    GenerateOrganizationsAccessReportResponse