{-# LANGUAGE DeriveGeneric #-}
{-# LANGUAGE DuplicateRecordFields #-}
{-# LANGUAGE NamedFieldPuns #-}
{-# LANGUAGE OverloadedStrings #-}
{-# LANGUAGE RecordWildCards #-}
{-# LANGUAGE StrictData #-}
{-# LANGUAGE TypeFamilies #-}
{-# LANGUAGE NoImplicitPrelude #-}
{-# OPTIONS_GHC -fno-warn-unused-binds #-}
{-# OPTIONS_GHC -fno-warn-unused-imports #-}
{-# OPTIONS_GHC -fno-warn-unused-matches #-}

-- Derived from AWS service descriptions, licensed under Apache 2.0.

-- |
-- Module      : Amazonka.KMS.GetKeyPolicy
-- Copyright   : (c) 2013-2021 Brendan Hay
-- License     : Mozilla Public License, v. 2.0.
-- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
-- Stability   : auto-generated
-- Portability : non-portable (GHC extensions)
--
-- Gets a key policy attached to the specified KMS key.
--
-- __Cross-account use__: No. You cannot perform this operation on a KMS
-- key in a different Amazon Web Services account.
--
-- __Required permissions__:
-- <https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html kms:GetKeyPolicy>
-- (key policy)
--
-- __Related operations__: PutKeyPolicy
module Amazonka.KMS.GetKeyPolicy
  ( -- * Creating a Request
    GetKeyPolicy (..),
    newGetKeyPolicy,

    -- * Request Lenses
    getKeyPolicy_keyId,
    getKeyPolicy_policyName,

    -- * Destructuring the Response
    GetKeyPolicyResponse (..),
    newGetKeyPolicyResponse,

    -- * Response Lenses
    getKeyPolicyResponse_policy,
    getKeyPolicyResponse_httpStatus,
  )
where

import qualified Amazonka.Core as Core
import Amazonka.KMS.Types
import qualified Amazonka.Lens as Lens
import qualified Amazonka.Prelude as Prelude
import qualified Amazonka.Request as Request
import qualified Amazonka.Response as Response

-- | /See:/ 'newGetKeyPolicy' smart constructor.
data GetKeyPolicy = GetKeyPolicy'
  { -- | Gets the key policy for the specified KMS key.
    --
    -- Specify the key ID or key ARN of the KMS key.
    --
    -- For example:
    --
    -- -   Key ID: @1234abcd-12ab-34cd-56ef-1234567890ab@
    --
    -- -   Key ARN:
    --     @arn:aws:kms:us-east-2:111122223333:key\/1234abcd-12ab-34cd-56ef-1234567890ab@
    --
    -- To get the key ID and key ARN for a KMS key, use ListKeys or
    -- DescribeKey.
    GetKeyPolicy -> Text
keyId :: Prelude.Text,
    -- | Specifies the name of the key policy. The only valid name is @default@.
    -- To get the names of key policies, use ListKeyPolicies.
    GetKeyPolicy -> Text
policyName :: Prelude.Text
  }
  deriving (GetKeyPolicy -> GetKeyPolicy -> Bool
(GetKeyPolicy -> GetKeyPolicy -> Bool)
-> (GetKeyPolicy -> GetKeyPolicy -> Bool) -> Eq GetKeyPolicy
forall a. (a -> a -> Bool) -> (a -> a -> Bool) -> Eq a
/= :: GetKeyPolicy -> GetKeyPolicy -> Bool
$c/= :: GetKeyPolicy -> GetKeyPolicy -> Bool
== :: GetKeyPolicy -> GetKeyPolicy -> Bool
$c== :: GetKeyPolicy -> GetKeyPolicy -> Bool
Prelude.Eq, ReadPrec [GetKeyPolicy]
ReadPrec GetKeyPolicy
Int -> ReadS GetKeyPolicy
ReadS [GetKeyPolicy]
(Int -> ReadS GetKeyPolicy)
-> ReadS [GetKeyPolicy]
-> ReadPrec GetKeyPolicy
-> ReadPrec [GetKeyPolicy]
-> Read GetKeyPolicy
forall a.
(Int -> ReadS a)
-> ReadS [a] -> ReadPrec a -> ReadPrec [a] -> Read a
readListPrec :: ReadPrec [GetKeyPolicy]
$creadListPrec :: ReadPrec [GetKeyPolicy]
readPrec :: ReadPrec GetKeyPolicy
$creadPrec :: ReadPrec GetKeyPolicy
readList :: ReadS [GetKeyPolicy]
$creadList :: ReadS [GetKeyPolicy]
readsPrec :: Int -> ReadS GetKeyPolicy
$creadsPrec :: Int -> ReadS GetKeyPolicy
Prelude.Read, Int -> GetKeyPolicy -> ShowS
[GetKeyPolicy] -> ShowS
GetKeyPolicy -> String
(Int -> GetKeyPolicy -> ShowS)
-> (GetKeyPolicy -> String)
-> ([GetKeyPolicy] -> ShowS)
-> Show GetKeyPolicy
forall a.
(Int -> a -> ShowS) -> (a -> String) -> ([a] -> ShowS) -> Show a
showList :: [GetKeyPolicy] -> ShowS
$cshowList :: [GetKeyPolicy] -> ShowS
show :: GetKeyPolicy -> String
$cshow :: GetKeyPolicy -> String
showsPrec :: Int -> GetKeyPolicy -> ShowS
$cshowsPrec :: Int -> GetKeyPolicy -> ShowS
Prelude.Show, (forall x. GetKeyPolicy -> Rep GetKeyPolicy x)
-> (forall x. Rep GetKeyPolicy x -> GetKeyPolicy)
-> Generic GetKeyPolicy
forall x. Rep GetKeyPolicy x -> GetKeyPolicy
forall x. GetKeyPolicy -> Rep GetKeyPolicy x
forall a.
(forall x. a -> Rep a x) -> (forall x. Rep a x -> a) -> Generic a
$cto :: forall x. Rep GetKeyPolicy x -> GetKeyPolicy
$cfrom :: forall x. GetKeyPolicy -> Rep GetKeyPolicy x
Prelude.Generic)

-- |
-- Create a value of 'GetKeyPolicy' with all optional fields omitted.
--
-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
--
-- The following record fields are available, with the corresponding lenses provided
-- for backwards compatibility:
--
-- 'keyId', 'getKeyPolicy_keyId' - Gets the key policy for the specified KMS key.
--
-- Specify the key ID or key ARN of the KMS key.
--
-- For example:
--
-- -   Key ID: @1234abcd-12ab-34cd-56ef-1234567890ab@
--
-- -   Key ARN:
--     @arn:aws:kms:us-east-2:111122223333:key\/1234abcd-12ab-34cd-56ef-1234567890ab@
--
-- To get the key ID and key ARN for a KMS key, use ListKeys or
-- DescribeKey.
--
-- 'policyName', 'getKeyPolicy_policyName' - Specifies the name of the key policy. The only valid name is @default@.
-- To get the names of key policies, use ListKeyPolicies.
newGetKeyPolicy ::
  -- | 'keyId'
  Prelude.Text ->
  -- | 'policyName'
  Prelude.Text ->
  GetKeyPolicy
newGetKeyPolicy :: Text -> Text -> GetKeyPolicy
newGetKeyPolicy Text
pKeyId_ Text
pPolicyName_ =
  GetKeyPolicy' :: Text -> Text -> GetKeyPolicy
GetKeyPolicy'
    { $sel:keyId:GetKeyPolicy' :: Text
keyId = Text
pKeyId_,
      $sel:policyName:GetKeyPolicy' :: Text
policyName = Text
pPolicyName_
    }

-- | Gets the key policy for the specified KMS key.
--
-- Specify the key ID or key ARN of the KMS key.
--
-- For example:
--
-- -   Key ID: @1234abcd-12ab-34cd-56ef-1234567890ab@
--
-- -   Key ARN:
--     @arn:aws:kms:us-east-2:111122223333:key\/1234abcd-12ab-34cd-56ef-1234567890ab@
--
-- To get the key ID and key ARN for a KMS key, use ListKeys or
-- DescribeKey.
getKeyPolicy_keyId :: Lens.Lens' GetKeyPolicy Prelude.Text
getKeyPolicy_keyId :: (Text -> f Text) -> GetKeyPolicy -> f GetKeyPolicy
getKeyPolicy_keyId = (GetKeyPolicy -> Text)
-> (GetKeyPolicy -> Text -> GetKeyPolicy)
-> Lens GetKeyPolicy GetKeyPolicy Text Text
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\GetKeyPolicy' {Text
keyId :: Text
$sel:keyId:GetKeyPolicy' :: GetKeyPolicy -> Text
keyId} -> Text
keyId) (\s :: GetKeyPolicy
s@GetKeyPolicy' {} Text
a -> GetKeyPolicy
s {$sel:keyId:GetKeyPolicy' :: Text
keyId = Text
a} :: GetKeyPolicy)

-- | Specifies the name of the key policy. The only valid name is @default@.
-- To get the names of key policies, use ListKeyPolicies.
getKeyPolicy_policyName :: Lens.Lens' GetKeyPolicy Prelude.Text
getKeyPolicy_policyName :: (Text -> f Text) -> GetKeyPolicy -> f GetKeyPolicy
getKeyPolicy_policyName = (GetKeyPolicy -> Text)
-> (GetKeyPolicy -> Text -> GetKeyPolicy)
-> Lens GetKeyPolicy GetKeyPolicy Text Text
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\GetKeyPolicy' {Text
policyName :: Text
$sel:policyName:GetKeyPolicy' :: GetKeyPolicy -> Text
policyName} -> Text
policyName) (\s :: GetKeyPolicy
s@GetKeyPolicy' {} Text
a -> GetKeyPolicy
s {$sel:policyName:GetKeyPolicy' :: Text
policyName = Text
a} :: GetKeyPolicy)

instance Core.AWSRequest GetKeyPolicy where
  type AWSResponse GetKeyPolicy = GetKeyPolicyResponse
  request :: GetKeyPolicy -> Request GetKeyPolicy
request = Service -> GetKeyPolicy -> Request GetKeyPolicy
forall a. (ToRequest a, ToJSON a) => Service -> a -> Request a
Request.postJSON Service
defaultService
  response :: Logger
-> Service
-> Proxy GetKeyPolicy
-> ClientResponse ClientBody
-> m (Either Error (ClientResponse (AWSResponse GetKeyPolicy)))
response =
    (Int
 -> ResponseHeaders
 -> Object
 -> Either String (AWSResponse GetKeyPolicy))
-> Logger
-> Service
-> Proxy GetKeyPolicy
-> ClientResponse ClientBody
-> m (Either Error (ClientResponse (AWSResponse GetKeyPolicy)))
forall (m :: * -> *) a.
MonadResource m =>
(Int -> ResponseHeaders -> Object -> Either String (AWSResponse a))
-> Logger
-> Service
-> Proxy a
-> ClientResponse ClientBody
-> m (Either Error (ClientResponse (AWSResponse a)))
Response.receiveJSON
      ( \Int
s ResponseHeaders
h Object
x ->
          Maybe Text -> Int -> GetKeyPolicyResponse
GetKeyPolicyResponse'
            (Maybe Text -> Int -> GetKeyPolicyResponse)
-> Either String (Maybe Text)
-> Either String (Int -> GetKeyPolicyResponse)
forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
Prelude.<$> (Object
x Object -> Text -> Either String (Maybe Text)
forall a. FromJSON a => Object -> Text -> Either String (Maybe a)
Core..?> Text
"Policy")
            Either String (Int -> GetKeyPolicyResponse)
-> Either String Int -> Either String GetKeyPolicyResponse
forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Int -> Either String Int
forall (f :: * -> *) a. Applicative f => a -> f a
Prelude.pure (Int -> Int
forall a. Enum a => a -> Int
Prelude.fromEnum Int
s))
      )

instance Prelude.Hashable GetKeyPolicy

instance Prelude.NFData GetKeyPolicy

instance Core.ToHeaders GetKeyPolicy where
  toHeaders :: GetKeyPolicy -> ResponseHeaders
toHeaders =
    ResponseHeaders -> GetKeyPolicy -> ResponseHeaders
forall a b. a -> b -> a
Prelude.const
      ( [ResponseHeaders] -> ResponseHeaders
forall a. Monoid a => [a] -> a
Prelude.mconcat
          [ HeaderName
"X-Amz-Target"
              HeaderName -> ByteString -> ResponseHeaders
forall a. ToHeader a => HeaderName -> a -> ResponseHeaders
Core.=# (ByteString
"TrentService.GetKeyPolicy" :: Prelude.ByteString),
            HeaderName
"Content-Type"
              HeaderName -> ByteString -> ResponseHeaders
forall a. ToHeader a => HeaderName -> a -> ResponseHeaders
Core.=# ( ByteString
"application/x-amz-json-1.1" ::
                          Prelude.ByteString
                      )
          ]
      )

instance Core.ToJSON GetKeyPolicy where
  toJSON :: GetKeyPolicy -> Value
toJSON GetKeyPolicy' {Text
policyName :: Text
keyId :: Text
$sel:policyName:GetKeyPolicy' :: GetKeyPolicy -> Text
$sel:keyId:GetKeyPolicy' :: GetKeyPolicy -> Text
..} =
    [Pair] -> Value
Core.object
      ( [Maybe Pair] -> [Pair]
forall a. [Maybe a] -> [a]
Prelude.catMaybes
          [ Pair -> Maybe Pair
forall a. a -> Maybe a
Prelude.Just (Text
"KeyId" Text -> Text -> Pair
forall kv v. (KeyValue kv, ToJSON v) => Text -> v -> kv
Core..= Text
keyId),
            Pair -> Maybe Pair
forall a. a -> Maybe a
Prelude.Just (Text
"PolicyName" Text -> Text -> Pair
forall kv v. (KeyValue kv, ToJSON v) => Text -> v -> kv
Core..= Text
policyName)
          ]
      )

instance Core.ToPath GetKeyPolicy where
  toPath :: GetKeyPolicy -> ByteString
toPath = ByteString -> GetKeyPolicy -> ByteString
forall a b. a -> b -> a
Prelude.const ByteString
"/"

instance Core.ToQuery GetKeyPolicy where
  toQuery :: GetKeyPolicy -> QueryString
toQuery = QueryString -> GetKeyPolicy -> QueryString
forall a b. a -> b -> a
Prelude.const QueryString
forall a. Monoid a => a
Prelude.mempty

-- | /See:/ 'newGetKeyPolicyResponse' smart constructor.
data GetKeyPolicyResponse = GetKeyPolicyResponse'
  { -- | A key policy document in JSON format.
    GetKeyPolicyResponse -> Maybe Text
policy :: Prelude.Maybe Prelude.Text,
    -- | The response's http status code.
    GetKeyPolicyResponse -> Int
httpStatus :: Prelude.Int
  }
  deriving (GetKeyPolicyResponse -> GetKeyPolicyResponse -> Bool
(GetKeyPolicyResponse -> GetKeyPolicyResponse -> Bool)
-> (GetKeyPolicyResponse -> GetKeyPolicyResponse -> Bool)
-> Eq GetKeyPolicyResponse
forall a. (a -> a -> Bool) -> (a -> a -> Bool) -> Eq a
/= :: GetKeyPolicyResponse -> GetKeyPolicyResponse -> Bool
$c/= :: GetKeyPolicyResponse -> GetKeyPolicyResponse -> Bool
== :: GetKeyPolicyResponse -> GetKeyPolicyResponse -> Bool
$c== :: GetKeyPolicyResponse -> GetKeyPolicyResponse -> Bool
Prelude.Eq, ReadPrec [GetKeyPolicyResponse]
ReadPrec GetKeyPolicyResponse
Int -> ReadS GetKeyPolicyResponse
ReadS [GetKeyPolicyResponse]
(Int -> ReadS GetKeyPolicyResponse)
-> ReadS [GetKeyPolicyResponse]
-> ReadPrec GetKeyPolicyResponse
-> ReadPrec [GetKeyPolicyResponse]
-> Read GetKeyPolicyResponse
forall a.
(Int -> ReadS a)
-> ReadS [a] -> ReadPrec a -> ReadPrec [a] -> Read a
readListPrec :: ReadPrec [GetKeyPolicyResponse]
$creadListPrec :: ReadPrec [GetKeyPolicyResponse]
readPrec :: ReadPrec GetKeyPolicyResponse
$creadPrec :: ReadPrec GetKeyPolicyResponse
readList :: ReadS [GetKeyPolicyResponse]
$creadList :: ReadS [GetKeyPolicyResponse]
readsPrec :: Int -> ReadS GetKeyPolicyResponse
$creadsPrec :: Int -> ReadS GetKeyPolicyResponse
Prelude.Read, Int -> GetKeyPolicyResponse -> ShowS
[GetKeyPolicyResponse] -> ShowS
GetKeyPolicyResponse -> String
(Int -> GetKeyPolicyResponse -> ShowS)
-> (GetKeyPolicyResponse -> String)
-> ([GetKeyPolicyResponse] -> ShowS)
-> Show GetKeyPolicyResponse
forall a.
(Int -> a -> ShowS) -> (a -> String) -> ([a] -> ShowS) -> Show a
showList :: [GetKeyPolicyResponse] -> ShowS
$cshowList :: [GetKeyPolicyResponse] -> ShowS
show :: GetKeyPolicyResponse -> String
$cshow :: GetKeyPolicyResponse -> String
showsPrec :: Int -> GetKeyPolicyResponse -> ShowS
$cshowsPrec :: Int -> GetKeyPolicyResponse -> ShowS
Prelude.Show, (forall x. GetKeyPolicyResponse -> Rep GetKeyPolicyResponse x)
-> (forall x. Rep GetKeyPolicyResponse x -> GetKeyPolicyResponse)
-> Generic GetKeyPolicyResponse
forall x. Rep GetKeyPolicyResponse x -> GetKeyPolicyResponse
forall x. GetKeyPolicyResponse -> Rep GetKeyPolicyResponse x
forall a.
(forall x. a -> Rep a x) -> (forall x. Rep a x -> a) -> Generic a
$cto :: forall x. Rep GetKeyPolicyResponse x -> GetKeyPolicyResponse
$cfrom :: forall x. GetKeyPolicyResponse -> Rep GetKeyPolicyResponse x
Prelude.Generic)

-- |
-- Create a value of 'GetKeyPolicyResponse' with all optional fields omitted.
--
-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
--
-- The following record fields are available, with the corresponding lenses provided
-- for backwards compatibility:
--
-- 'policy', 'getKeyPolicyResponse_policy' - A key policy document in JSON format.
--
-- 'httpStatus', 'getKeyPolicyResponse_httpStatus' - The response's http status code.
newGetKeyPolicyResponse ::
  -- | 'httpStatus'
  Prelude.Int ->
  GetKeyPolicyResponse
newGetKeyPolicyResponse :: Int -> GetKeyPolicyResponse
newGetKeyPolicyResponse Int
pHttpStatus_ =
  GetKeyPolicyResponse' :: Maybe Text -> Int -> GetKeyPolicyResponse
GetKeyPolicyResponse'
    { $sel:policy:GetKeyPolicyResponse' :: Maybe Text
policy = Maybe Text
forall a. Maybe a
Prelude.Nothing,
      $sel:httpStatus:GetKeyPolicyResponse' :: Int
httpStatus = Int
pHttpStatus_
    }

-- | A key policy document in JSON format.
getKeyPolicyResponse_policy :: Lens.Lens' GetKeyPolicyResponse (Prelude.Maybe Prelude.Text)
getKeyPolicyResponse_policy :: (Maybe Text -> f (Maybe Text))
-> GetKeyPolicyResponse -> f GetKeyPolicyResponse
getKeyPolicyResponse_policy = (GetKeyPolicyResponse -> Maybe Text)
-> (GetKeyPolicyResponse -> Maybe Text -> GetKeyPolicyResponse)
-> Lens
     GetKeyPolicyResponse GetKeyPolicyResponse (Maybe Text) (Maybe Text)
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\GetKeyPolicyResponse' {Maybe Text
policy :: Maybe Text
$sel:policy:GetKeyPolicyResponse' :: GetKeyPolicyResponse -> Maybe Text
policy} -> Maybe Text
policy) (\s :: GetKeyPolicyResponse
s@GetKeyPolicyResponse' {} Maybe Text
a -> GetKeyPolicyResponse
s {$sel:policy:GetKeyPolicyResponse' :: Maybe Text
policy = Maybe Text
a} :: GetKeyPolicyResponse)

-- | The response's http status code.
getKeyPolicyResponse_httpStatus :: Lens.Lens' GetKeyPolicyResponse Prelude.Int
getKeyPolicyResponse_httpStatus :: (Int -> f Int) -> GetKeyPolicyResponse -> f GetKeyPolicyResponse
getKeyPolicyResponse_httpStatus = (GetKeyPolicyResponse -> Int)
-> (GetKeyPolicyResponse -> Int -> GetKeyPolicyResponse)
-> Lens GetKeyPolicyResponse GetKeyPolicyResponse Int Int
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\GetKeyPolicyResponse' {Int
httpStatus :: Int
$sel:httpStatus:GetKeyPolicyResponse' :: GetKeyPolicyResponse -> Int
httpStatus} -> Int
httpStatus) (\s :: GetKeyPolicyResponse
s@GetKeyPolicyResponse' {} Int
a -> GetKeyPolicyResponse
s {$sel:httpStatus:GetKeyPolicyResponse' :: Int
httpStatus = Int
a} :: GetKeyPolicyResponse)

instance Prelude.NFData GetKeyPolicyResponse