{-# LANGUAGE DeriveGeneric #-}
{-# LANGUAGE DuplicateRecordFields #-}
{-# LANGUAGE NamedFieldPuns #-}
{-# LANGUAGE OverloadedStrings #-}
{-# LANGUAGE RecordWildCards #-}
{-# LANGUAGE StrictData #-}
{-# LANGUAGE NoImplicitPrelude #-}
{-# OPTIONS_GHC -fno-warn-unused-imports #-}
{-# OPTIONS_GHC -fno-warn-unused-matches #-}

-- Derived from AWS service descriptions, licensed under Apache 2.0.

-- |
-- Module      : Amazonka.KMS.Types.CustomKeyStoresListEntry
-- Copyright   : (c) 2013-2021 Brendan Hay
-- License     : Mozilla Public License, v. 2.0.
-- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
-- Stability   : auto-generated
-- Portability : non-portable (GHC extensions)
module Amazonka.KMS.Types.CustomKeyStoresListEntry where

import qualified Amazonka.Core as Core
import Amazonka.KMS.Types.ConnectionErrorCodeType
import Amazonka.KMS.Types.ConnectionStateType
import qualified Amazonka.Lens as Lens
import qualified Amazonka.Prelude as Prelude

-- | Contains information about each custom key store in the custom key store
-- list.
--
-- /See:/ 'newCustomKeyStoresListEntry' smart constructor.
data CustomKeyStoresListEntry = CustomKeyStoresListEntry'
  { -- | The user-specified friendly name for the custom key store.
    CustomKeyStoresListEntry -> Maybe Text
customKeyStoreName :: Prelude.Maybe Prelude.Text,
    -- | The trust anchor certificate of the associated CloudHSM cluster. When
    -- you
    -- <https://docs.aws.amazon.com/cloudhsm/latest/userguide/initialize-cluster.html#sign-csr initialize the cluster>,
    -- you create this certificate and save it in the @customerCA.crt@ file.
    CustomKeyStoresListEntry -> Maybe Text
trustAnchorCertificate :: Prelude.Maybe Prelude.Text,
    -- | Describes the connection error. This field appears in the response only
    -- when the @ConnectionState@ is @FAILED@. For help resolving these errors,
    -- see
    -- <https://docs.aws.amazon.com/kms/latest/developerguide/fix-keystore.html#fix-keystore-failed How to Fix a Connection Failure>
    -- in /Key Management Service Developer Guide/.
    --
    -- Valid values are:
    --
    -- -   @CLUSTER_NOT_FOUND@ - KMS cannot find the CloudHSM cluster with the
    --     specified cluster ID.
    --
    -- -   @INSUFFICIENT_CLOUDHSM_HSMS@ - The associated CloudHSM cluster does
    --     not contain any active HSMs. To connect a custom key store to its
    --     CloudHSM cluster, the cluster must contain at least one active HSM.
    --
    -- -   @INTERNAL_ERROR@ - KMS could not complete the request due to an
    --     internal error. Retry the request. For @ConnectCustomKeyStore@
    --     requests, disconnect the custom key store before trying to connect
    --     again.
    --
    -- -   @INVALID_CREDENTIALS@ - KMS does not have the correct password for
    --     the @kmsuser@ crypto user in the CloudHSM cluster. Before you can
    --     connect your custom key store to its CloudHSM cluster, you must
    --     change the @kmsuser@ account password and update the key store
    --     password value for the custom key store.
    --
    -- -   @NETWORK_ERRORS@ - Network errors are preventing KMS from connecting
    --     to the custom key store.
    --
    -- -   @SUBNET_NOT_FOUND@ - A subnet in the CloudHSM cluster configuration
    --     was deleted. If KMS cannot find all of the subnets in the cluster
    --     configuration, attempts to connect the custom key store to the
    --     CloudHSM cluster fail. To fix this error, create a cluster from a
    --     recent backup and associate it with your custom key store. (This
    --     process creates a new cluster configuration with a VPC and private
    --     subnets.) For details, see
    --     <https://docs.aws.amazon.com/kms/latest/developerguide/fix-keystore.html#fix-keystore-failed How to Fix a Connection Failure>
    --     in the /Key Management Service Developer Guide/.
    --
    -- -   @USER_LOCKED_OUT@ - The @kmsuser@ CU account is locked out of the
    --     associated CloudHSM cluster due to too many failed password
    --     attempts. Before you can connect your custom key store to its
    --     CloudHSM cluster, you must change the @kmsuser@ account password and
    --     update the key store password value for the custom key store.
    --
    -- -   @USER_LOGGED_IN@ - The @kmsuser@ CU account is logged into the the
    --     associated CloudHSM cluster. This prevents KMS from rotating the
    --     @kmsuser@ account password and logging into the cluster. Before you
    --     can connect your custom key store to its CloudHSM cluster, you must
    --     log the @kmsuser@ CU out of the cluster. If you changed the
    --     @kmsuser@ password to log into the cluster, you must also and update
    --     the key store password value for the custom key store. For help, see
    --     <https://docs.aws.amazon.com/kms/latest/developerguide/fix-keystore.html#login-kmsuser-2 How to Log Out and Reconnect>
    --     in the /Key Management Service Developer Guide/.
    --
    -- -   @USER_NOT_FOUND@ - KMS cannot find a @kmsuser@ CU account in the
    --     associated CloudHSM cluster. Before you can connect your custom key
    --     store to its CloudHSM cluster, you must create a @kmsuser@ CU
    --     account in the cluster, and then update the key store password value
    --     for the custom key store.
    CustomKeyStoresListEntry -> Maybe ConnectionErrorCodeType
connectionErrorCode :: Prelude.Maybe ConnectionErrorCodeType,
    -- | The date and time when the custom key store was created.
    CustomKeyStoresListEntry -> Maybe POSIX
creationDate :: Prelude.Maybe Core.POSIX,
    -- | A unique identifier for the CloudHSM cluster that is associated with the
    -- custom key store.
    CustomKeyStoresListEntry -> Maybe Text
cloudHsmClusterId :: Prelude.Maybe Prelude.Text,
    -- | A unique identifier for the custom key store.
    CustomKeyStoresListEntry -> Maybe Text
customKeyStoreId :: Prelude.Maybe Prelude.Text,
    -- | Indicates whether the custom key store is connected to its CloudHSM
    -- cluster.
    --
    -- You can create and use KMS keys in your custom key stores only when its
    -- connection state is @CONNECTED@.
    --
    -- The value is @DISCONNECTED@ if the key store has never been connected or
    -- you use the DisconnectCustomKeyStore operation to disconnect it. If the
    -- value is @CONNECTED@ but you are having trouble using the custom key
    -- store, make sure that its associated CloudHSM cluster is active and
    -- contains at least one active HSM.
    --
    -- A value of @FAILED@ indicates that an attempt to connect was
    -- unsuccessful. The @ConnectionErrorCode@ field in the response indicates
    -- the cause of the failure. For help resolving a connection failure, see
    -- <https://docs.aws.amazon.com/kms/latest/developerguide/fix-keystore.html Troubleshooting a Custom Key Store>
    -- in the /Key Management Service Developer Guide/.
    CustomKeyStoresListEntry -> Maybe ConnectionStateType
connectionState :: Prelude.Maybe ConnectionStateType
  }
  deriving (CustomKeyStoresListEntry -> CustomKeyStoresListEntry -> Bool
(CustomKeyStoresListEntry -> CustomKeyStoresListEntry -> Bool)
-> (CustomKeyStoresListEntry -> CustomKeyStoresListEntry -> Bool)
-> Eq CustomKeyStoresListEntry
forall a. (a -> a -> Bool) -> (a -> a -> Bool) -> Eq a
/= :: CustomKeyStoresListEntry -> CustomKeyStoresListEntry -> Bool
$c/= :: CustomKeyStoresListEntry -> CustomKeyStoresListEntry -> Bool
== :: CustomKeyStoresListEntry -> CustomKeyStoresListEntry -> Bool
$c== :: CustomKeyStoresListEntry -> CustomKeyStoresListEntry -> Bool
Prelude.Eq, ReadPrec [CustomKeyStoresListEntry]
ReadPrec CustomKeyStoresListEntry
Int -> ReadS CustomKeyStoresListEntry
ReadS [CustomKeyStoresListEntry]
(Int -> ReadS CustomKeyStoresListEntry)
-> ReadS [CustomKeyStoresListEntry]
-> ReadPrec CustomKeyStoresListEntry
-> ReadPrec [CustomKeyStoresListEntry]
-> Read CustomKeyStoresListEntry
forall a.
(Int -> ReadS a)
-> ReadS [a] -> ReadPrec a -> ReadPrec [a] -> Read a
readListPrec :: ReadPrec [CustomKeyStoresListEntry]
$creadListPrec :: ReadPrec [CustomKeyStoresListEntry]
readPrec :: ReadPrec CustomKeyStoresListEntry
$creadPrec :: ReadPrec CustomKeyStoresListEntry
readList :: ReadS [CustomKeyStoresListEntry]
$creadList :: ReadS [CustomKeyStoresListEntry]
readsPrec :: Int -> ReadS CustomKeyStoresListEntry
$creadsPrec :: Int -> ReadS CustomKeyStoresListEntry
Prelude.Read, Int -> CustomKeyStoresListEntry -> ShowS
[CustomKeyStoresListEntry] -> ShowS
CustomKeyStoresListEntry -> String
(Int -> CustomKeyStoresListEntry -> ShowS)
-> (CustomKeyStoresListEntry -> String)
-> ([CustomKeyStoresListEntry] -> ShowS)
-> Show CustomKeyStoresListEntry
forall a.
(Int -> a -> ShowS) -> (a -> String) -> ([a] -> ShowS) -> Show a
showList :: [CustomKeyStoresListEntry] -> ShowS
$cshowList :: [CustomKeyStoresListEntry] -> ShowS
show :: CustomKeyStoresListEntry -> String
$cshow :: CustomKeyStoresListEntry -> String
showsPrec :: Int -> CustomKeyStoresListEntry -> ShowS
$cshowsPrec :: Int -> CustomKeyStoresListEntry -> ShowS
Prelude.Show, (forall x.
 CustomKeyStoresListEntry -> Rep CustomKeyStoresListEntry x)
-> (forall x.
    Rep CustomKeyStoresListEntry x -> CustomKeyStoresListEntry)
-> Generic CustomKeyStoresListEntry
forall x.
Rep CustomKeyStoresListEntry x -> CustomKeyStoresListEntry
forall x.
CustomKeyStoresListEntry -> Rep CustomKeyStoresListEntry x
forall a.
(forall x. a -> Rep a x) -> (forall x. Rep a x -> a) -> Generic a
$cto :: forall x.
Rep CustomKeyStoresListEntry x -> CustomKeyStoresListEntry
$cfrom :: forall x.
CustomKeyStoresListEntry -> Rep CustomKeyStoresListEntry x
Prelude.Generic)

-- |
-- Create a value of 'CustomKeyStoresListEntry' with all optional fields omitted.
--
-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
--
-- The following record fields are available, with the corresponding lenses provided
-- for backwards compatibility:
--
-- 'customKeyStoreName', 'customKeyStoresListEntry_customKeyStoreName' - The user-specified friendly name for the custom key store.
--
-- 'trustAnchorCertificate', 'customKeyStoresListEntry_trustAnchorCertificate' - The trust anchor certificate of the associated CloudHSM cluster. When
-- you
-- <https://docs.aws.amazon.com/cloudhsm/latest/userguide/initialize-cluster.html#sign-csr initialize the cluster>,
-- you create this certificate and save it in the @customerCA.crt@ file.
--
-- 'connectionErrorCode', 'customKeyStoresListEntry_connectionErrorCode' - Describes the connection error. This field appears in the response only
-- when the @ConnectionState@ is @FAILED@. For help resolving these errors,
-- see
-- <https://docs.aws.amazon.com/kms/latest/developerguide/fix-keystore.html#fix-keystore-failed How to Fix a Connection Failure>
-- in /Key Management Service Developer Guide/.
--
-- Valid values are:
--
-- -   @CLUSTER_NOT_FOUND@ - KMS cannot find the CloudHSM cluster with the
--     specified cluster ID.
--
-- -   @INSUFFICIENT_CLOUDHSM_HSMS@ - The associated CloudHSM cluster does
--     not contain any active HSMs. To connect a custom key store to its
--     CloudHSM cluster, the cluster must contain at least one active HSM.
--
-- -   @INTERNAL_ERROR@ - KMS could not complete the request due to an
--     internal error. Retry the request. For @ConnectCustomKeyStore@
--     requests, disconnect the custom key store before trying to connect
--     again.
--
-- -   @INVALID_CREDENTIALS@ - KMS does not have the correct password for
--     the @kmsuser@ crypto user in the CloudHSM cluster. Before you can
--     connect your custom key store to its CloudHSM cluster, you must
--     change the @kmsuser@ account password and update the key store
--     password value for the custom key store.
--
-- -   @NETWORK_ERRORS@ - Network errors are preventing KMS from connecting
--     to the custom key store.
--
-- -   @SUBNET_NOT_FOUND@ - A subnet in the CloudHSM cluster configuration
--     was deleted. If KMS cannot find all of the subnets in the cluster
--     configuration, attempts to connect the custom key store to the
--     CloudHSM cluster fail. To fix this error, create a cluster from a
--     recent backup and associate it with your custom key store. (This
--     process creates a new cluster configuration with a VPC and private
--     subnets.) For details, see
--     <https://docs.aws.amazon.com/kms/latest/developerguide/fix-keystore.html#fix-keystore-failed How to Fix a Connection Failure>
--     in the /Key Management Service Developer Guide/.
--
-- -   @USER_LOCKED_OUT@ - The @kmsuser@ CU account is locked out of the
--     associated CloudHSM cluster due to too many failed password
--     attempts. Before you can connect your custom key store to its
--     CloudHSM cluster, you must change the @kmsuser@ account password and
--     update the key store password value for the custom key store.
--
-- -   @USER_LOGGED_IN@ - The @kmsuser@ CU account is logged into the the
--     associated CloudHSM cluster. This prevents KMS from rotating the
--     @kmsuser@ account password and logging into the cluster. Before you
--     can connect your custom key store to its CloudHSM cluster, you must
--     log the @kmsuser@ CU out of the cluster. If you changed the
--     @kmsuser@ password to log into the cluster, you must also and update
--     the key store password value for the custom key store. For help, see
--     <https://docs.aws.amazon.com/kms/latest/developerguide/fix-keystore.html#login-kmsuser-2 How to Log Out and Reconnect>
--     in the /Key Management Service Developer Guide/.
--
-- -   @USER_NOT_FOUND@ - KMS cannot find a @kmsuser@ CU account in the
--     associated CloudHSM cluster. Before you can connect your custom key
--     store to its CloudHSM cluster, you must create a @kmsuser@ CU
--     account in the cluster, and then update the key store password value
--     for the custom key store.
--
-- 'creationDate', 'customKeyStoresListEntry_creationDate' - The date and time when the custom key store was created.
--
-- 'cloudHsmClusterId', 'customKeyStoresListEntry_cloudHsmClusterId' - A unique identifier for the CloudHSM cluster that is associated with the
-- custom key store.
--
-- 'customKeyStoreId', 'customKeyStoresListEntry_customKeyStoreId' - A unique identifier for the custom key store.
--
-- 'connectionState', 'customKeyStoresListEntry_connectionState' - Indicates whether the custom key store is connected to its CloudHSM
-- cluster.
--
-- You can create and use KMS keys in your custom key stores only when its
-- connection state is @CONNECTED@.
--
-- The value is @DISCONNECTED@ if the key store has never been connected or
-- you use the DisconnectCustomKeyStore operation to disconnect it. If the
-- value is @CONNECTED@ but you are having trouble using the custom key
-- store, make sure that its associated CloudHSM cluster is active and
-- contains at least one active HSM.
--
-- A value of @FAILED@ indicates that an attempt to connect was
-- unsuccessful. The @ConnectionErrorCode@ field in the response indicates
-- the cause of the failure. For help resolving a connection failure, see
-- <https://docs.aws.amazon.com/kms/latest/developerguide/fix-keystore.html Troubleshooting a Custom Key Store>
-- in the /Key Management Service Developer Guide/.
newCustomKeyStoresListEntry ::
  CustomKeyStoresListEntry
newCustomKeyStoresListEntry :: CustomKeyStoresListEntry
newCustomKeyStoresListEntry =
  CustomKeyStoresListEntry' :: Maybe Text
-> Maybe Text
-> Maybe ConnectionErrorCodeType
-> Maybe POSIX
-> Maybe Text
-> Maybe Text
-> Maybe ConnectionStateType
-> CustomKeyStoresListEntry
CustomKeyStoresListEntry'
    { $sel:customKeyStoreName:CustomKeyStoresListEntry' :: Maybe Text
customKeyStoreName =
        Maybe Text
forall a. Maybe a
Prelude.Nothing,
      $sel:trustAnchorCertificate:CustomKeyStoresListEntry' :: Maybe Text
trustAnchorCertificate = Maybe Text
forall a. Maybe a
Prelude.Nothing,
      $sel:connectionErrorCode:CustomKeyStoresListEntry' :: Maybe ConnectionErrorCodeType
connectionErrorCode = Maybe ConnectionErrorCodeType
forall a. Maybe a
Prelude.Nothing,
      $sel:creationDate:CustomKeyStoresListEntry' :: Maybe POSIX
creationDate = Maybe POSIX
forall a. Maybe a
Prelude.Nothing,
      $sel:cloudHsmClusterId:CustomKeyStoresListEntry' :: Maybe Text
cloudHsmClusterId = Maybe Text
forall a. Maybe a
Prelude.Nothing,
      $sel:customKeyStoreId:CustomKeyStoresListEntry' :: Maybe Text
customKeyStoreId = Maybe Text
forall a. Maybe a
Prelude.Nothing,
      $sel:connectionState:CustomKeyStoresListEntry' :: Maybe ConnectionStateType
connectionState = Maybe ConnectionStateType
forall a. Maybe a
Prelude.Nothing
    }

-- | The user-specified friendly name for the custom key store.
customKeyStoresListEntry_customKeyStoreName :: Lens.Lens' CustomKeyStoresListEntry (Prelude.Maybe Prelude.Text)
customKeyStoresListEntry_customKeyStoreName :: (Maybe Text -> f (Maybe Text))
-> CustomKeyStoresListEntry -> f CustomKeyStoresListEntry
customKeyStoresListEntry_customKeyStoreName = (CustomKeyStoresListEntry -> Maybe Text)
-> (CustomKeyStoresListEntry
    -> Maybe Text -> CustomKeyStoresListEntry)
-> Lens
     CustomKeyStoresListEntry
     CustomKeyStoresListEntry
     (Maybe Text)
     (Maybe Text)
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\CustomKeyStoresListEntry' {Maybe Text
customKeyStoreName :: Maybe Text
$sel:customKeyStoreName:CustomKeyStoresListEntry' :: CustomKeyStoresListEntry -> Maybe Text
customKeyStoreName} -> Maybe Text
customKeyStoreName) (\s :: CustomKeyStoresListEntry
s@CustomKeyStoresListEntry' {} Maybe Text
a -> CustomKeyStoresListEntry
s {$sel:customKeyStoreName:CustomKeyStoresListEntry' :: Maybe Text
customKeyStoreName = Maybe Text
a} :: CustomKeyStoresListEntry)

-- | The trust anchor certificate of the associated CloudHSM cluster. When
-- you
-- <https://docs.aws.amazon.com/cloudhsm/latest/userguide/initialize-cluster.html#sign-csr initialize the cluster>,
-- you create this certificate and save it in the @customerCA.crt@ file.
customKeyStoresListEntry_trustAnchorCertificate :: Lens.Lens' CustomKeyStoresListEntry (Prelude.Maybe Prelude.Text)
customKeyStoresListEntry_trustAnchorCertificate :: (Maybe Text -> f (Maybe Text))
-> CustomKeyStoresListEntry -> f CustomKeyStoresListEntry
customKeyStoresListEntry_trustAnchorCertificate = (CustomKeyStoresListEntry -> Maybe Text)
-> (CustomKeyStoresListEntry
    -> Maybe Text -> CustomKeyStoresListEntry)
-> Lens
     CustomKeyStoresListEntry
     CustomKeyStoresListEntry
     (Maybe Text)
     (Maybe Text)
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\CustomKeyStoresListEntry' {Maybe Text
trustAnchorCertificate :: Maybe Text
$sel:trustAnchorCertificate:CustomKeyStoresListEntry' :: CustomKeyStoresListEntry -> Maybe Text
trustAnchorCertificate} -> Maybe Text
trustAnchorCertificate) (\s :: CustomKeyStoresListEntry
s@CustomKeyStoresListEntry' {} Maybe Text
a -> CustomKeyStoresListEntry
s {$sel:trustAnchorCertificate:CustomKeyStoresListEntry' :: Maybe Text
trustAnchorCertificate = Maybe Text
a} :: CustomKeyStoresListEntry)

-- | Describes the connection error. This field appears in the response only
-- when the @ConnectionState@ is @FAILED@. For help resolving these errors,
-- see
-- <https://docs.aws.amazon.com/kms/latest/developerguide/fix-keystore.html#fix-keystore-failed How to Fix a Connection Failure>
-- in /Key Management Service Developer Guide/.
--
-- Valid values are:
--
-- -   @CLUSTER_NOT_FOUND@ - KMS cannot find the CloudHSM cluster with the
--     specified cluster ID.
--
-- -   @INSUFFICIENT_CLOUDHSM_HSMS@ - The associated CloudHSM cluster does
--     not contain any active HSMs. To connect a custom key store to its
--     CloudHSM cluster, the cluster must contain at least one active HSM.
--
-- -   @INTERNAL_ERROR@ - KMS could not complete the request due to an
--     internal error. Retry the request. For @ConnectCustomKeyStore@
--     requests, disconnect the custom key store before trying to connect
--     again.
--
-- -   @INVALID_CREDENTIALS@ - KMS does not have the correct password for
--     the @kmsuser@ crypto user in the CloudHSM cluster. Before you can
--     connect your custom key store to its CloudHSM cluster, you must
--     change the @kmsuser@ account password and update the key store
--     password value for the custom key store.
--
-- -   @NETWORK_ERRORS@ - Network errors are preventing KMS from connecting
--     to the custom key store.
--
-- -   @SUBNET_NOT_FOUND@ - A subnet in the CloudHSM cluster configuration
--     was deleted. If KMS cannot find all of the subnets in the cluster
--     configuration, attempts to connect the custom key store to the
--     CloudHSM cluster fail. To fix this error, create a cluster from a
--     recent backup and associate it with your custom key store. (This
--     process creates a new cluster configuration with a VPC and private
--     subnets.) For details, see
--     <https://docs.aws.amazon.com/kms/latest/developerguide/fix-keystore.html#fix-keystore-failed How to Fix a Connection Failure>
--     in the /Key Management Service Developer Guide/.
--
-- -   @USER_LOCKED_OUT@ - The @kmsuser@ CU account is locked out of the
--     associated CloudHSM cluster due to too many failed password
--     attempts. Before you can connect your custom key store to its
--     CloudHSM cluster, you must change the @kmsuser@ account password and
--     update the key store password value for the custom key store.
--
-- -   @USER_LOGGED_IN@ - The @kmsuser@ CU account is logged into the the
--     associated CloudHSM cluster. This prevents KMS from rotating the
--     @kmsuser@ account password and logging into the cluster. Before you
--     can connect your custom key store to its CloudHSM cluster, you must
--     log the @kmsuser@ CU out of the cluster. If you changed the
--     @kmsuser@ password to log into the cluster, you must also and update
--     the key store password value for the custom key store. For help, see
--     <https://docs.aws.amazon.com/kms/latest/developerguide/fix-keystore.html#login-kmsuser-2 How to Log Out and Reconnect>
--     in the /Key Management Service Developer Guide/.
--
-- -   @USER_NOT_FOUND@ - KMS cannot find a @kmsuser@ CU account in the
--     associated CloudHSM cluster. Before you can connect your custom key
--     store to its CloudHSM cluster, you must create a @kmsuser@ CU
--     account in the cluster, and then update the key store password value
--     for the custom key store.
customKeyStoresListEntry_connectionErrorCode :: Lens.Lens' CustomKeyStoresListEntry (Prelude.Maybe ConnectionErrorCodeType)
customKeyStoresListEntry_connectionErrorCode :: (Maybe ConnectionErrorCodeType
 -> f (Maybe ConnectionErrorCodeType))
-> CustomKeyStoresListEntry -> f CustomKeyStoresListEntry
customKeyStoresListEntry_connectionErrorCode = (CustomKeyStoresListEntry -> Maybe ConnectionErrorCodeType)
-> (CustomKeyStoresListEntry
    -> Maybe ConnectionErrorCodeType -> CustomKeyStoresListEntry)
-> Lens
     CustomKeyStoresListEntry
     CustomKeyStoresListEntry
     (Maybe ConnectionErrorCodeType)
     (Maybe ConnectionErrorCodeType)
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\CustomKeyStoresListEntry' {Maybe ConnectionErrorCodeType
connectionErrorCode :: Maybe ConnectionErrorCodeType
$sel:connectionErrorCode:CustomKeyStoresListEntry' :: CustomKeyStoresListEntry -> Maybe ConnectionErrorCodeType
connectionErrorCode} -> Maybe ConnectionErrorCodeType
connectionErrorCode) (\s :: CustomKeyStoresListEntry
s@CustomKeyStoresListEntry' {} Maybe ConnectionErrorCodeType
a -> CustomKeyStoresListEntry
s {$sel:connectionErrorCode:CustomKeyStoresListEntry' :: Maybe ConnectionErrorCodeType
connectionErrorCode = Maybe ConnectionErrorCodeType
a} :: CustomKeyStoresListEntry)

-- | The date and time when the custom key store was created.
customKeyStoresListEntry_creationDate :: Lens.Lens' CustomKeyStoresListEntry (Prelude.Maybe Prelude.UTCTime)
customKeyStoresListEntry_creationDate :: (Maybe UTCTime -> f (Maybe UTCTime))
-> CustomKeyStoresListEntry -> f CustomKeyStoresListEntry
customKeyStoresListEntry_creationDate = (CustomKeyStoresListEntry -> Maybe POSIX)
-> (CustomKeyStoresListEntry
    -> Maybe POSIX -> CustomKeyStoresListEntry)
-> Lens
     CustomKeyStoresListEntry
     CustomKeyStoresListEntry
     (Maybe POSIX)
     (Maybe POSIX)
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\CustomKeyStoresListEntry' {Maybe POSIX
creationDate :: Maybe POSIX
$sel:creationDate:CustomKeyStoresListEntry' :: CustomKeyStoresListEntry -> Maybe POSIX
creationDate} -> Maybe POSIX
creationDate) (\s :: CustomKeyStoresListEntry
s@CustomKeyStoresListEntry' {} Maybe POSIX
a -> CustomKeyStoresListEntry
s {$sel:creationDate:CustomKeyStoresListEntry' :: Maybe POSIX
creationDate = Maybe POSIX
a} :: CustomKeyStoresListEntry) ((Maybe POSIX -> f (Maybe POSIX))
 -> CustomKeyStoresListEntry -> f CustomKeyStoresListEntry)
-> ((Maybe UTCTime -> f (Maybe UTCTime))
    -> Maybe POSIX -> f (Maybe POSIX))
-> (Maybe UTCTime -> f (Maybe UTCTime))
-> CustomKeyStoresListEntry
-> f CustomKeyStoresListEntry
forall b c a. (b -> c) -> (a -> b) -> a -> c
Prelude.. AnIso POSIX POSIX UTCTime UTCTime
-> Iso (Maybe POSIX) (Maybe POSIX) (Maybe UTCTime) (Maybe UTCTime)
forall (f :: * -> *) (g :: * -> *) s t a b.
(Functor f, Functor g) =>
AnIso s t a b -> Iso (f s) (g t) (f a) (g b)
Lens.mapping AnIso POSIX POSIX UTCTime UTCTime
forall (a :: Format). Iso' (Time a) UTCTime
Core._Time

-- | A unique identifier for the CloudHSM cluster that is associated with the
-- custom key store.
customKeyStoresListEntry_cloudHsmClusterId :: Lens.Lens' CustomKeyStoresListEntry (Prelude.Maybe Prelude.Text)
customKeyStoresListEntry_cloudHsmClusterId :: (Maybe Text -> f (Maybe Text))
-> CustomKeyStoresListEntry -> f CustomKeyStoresListEntry
customKeyStoresListEntry_cloudHsmClusterId = (CustomKeyStoresListEntry -> Maybe Text)
-> (CustomKeyStoresListEntry
    -> Maybe Text -> CustomKeyStoresListEntry)
-> Lens
     CustomKeyStoresListEntry
     CustomKeyStoresListEntry
     (Maybe Text)
     (Maybe Text)
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\CustomKeyStoresListEntry' {Maybe Text
cloudHsmClusterId :: Maybe Text
$sel:cloudHsmClusterId:CustomKeyStoresListEntry' :: CustomKeyStoresListEntry -> Maybe Text
cloudHsmClusterId} -> Maybe Text
cloudHsmClusterId) (\s :: CustomKeyStoresListEntry
s@CustomKeyStoresListEntry' {} Maybe Text
a -> CustomKeyStoresListEntry
s {$sel:cloudHsmClusterId:CustomKeyStoresListEntry' :: Maybe Text
cloudHsmClusterId = Maybe Text
a} :: CustomKeyStoresListEntry)

-- | A unique identifier for the custom key store.
customKeyStoresListEntry_customKeyStoreId :: Lens.Lens' CustomKeyStoresListEntry (Prelude.Maybe Prelude.Text)
customKeyStoresListEntry_customKeyStoreId :: (Maybe Text -> f (Maybe Text))
-> CustomKeyStoresListEntry -> f CustomKeyStoresListEntry
customKeyStoresListEntry_customKeyStoreId = (CustomKeyStoresListEntry -> Maybe Text)
-> (CustomKeyStoresListEntry
    -> Maybe Text -> CustomKeyStoresListEntry)
-> Lens
     CustomKeyStoresListEntry
     CustomKeyStoresListEntry
     (Maybe Text)
     (Maybe Text)
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\CustomKeyStoresListEntry' {Maybe Text
customKeyStoreId :: Maybe Text
$sel:customKeyStoreId:CustomKeyStoresListEntry' :: CustomKeyStoresListEntry -> Maybe Text
customKeyStoreId} -> Maybe Text
customKeyStoreId) (\s :: CustomKeyStoresListEntry
s@CustomKeyStoresListEntry' {} Maybe Text
a -> CustomKeyStoresListEntry
s {$sel:customKeyStoreId:CustomKeyStoresListEntry' :: Maybe Text
customKeyStoreId = Maybe Text
a} :: CustomKeyStoresListEntry)

-- | Indicates whether the custom key store is connected to its CloudHSM
-- cluster.
--
-- You can create and use KMS keys in your custom key stores only when its
-- connection state is @CONNECTED@.
--
-- The value is @DISCONNECTED@ if the key store has never been connected or
-- you use the DisconnectCustomKeyStore operation to disconnect it. If the
-- value is @CONNECTED@ but you are having trouble using the custom key
-- store, make sure that its associated CloudHSM cluster is active and
-- contains at least one active HSM.
--
-- A value of @FAILED@ indicates that an attempt to connect was
-- unsuccessful. The @ConnectionErrorCode@ field in the response indicates
-- the cause of the failure. For help resolving a connection failure, see
-- <https://docs.aws.amazon.com/kms/latest/developerguide/fix-keystore.html Troubleshooting a Custom Key Store>
-- in the /Key Management Service Developer Guide/.
customKeyStoresListEntry_connectionState :: Lens.Lens' CustomKeyStoresListEntry (Prelude.Maybe ConnectionStateType)
customKeyStoresListEntry_connectionState :: (Maybe ConnectionStateType -> f (Maybe ConnectionStateType))
-> CustomKeyStoresListEntry -> f CustomKeyStoresListEntry
customKeyStoresListEntry_connectionState = (CustomKeyStoresListEntry -> Maybe ConnectionStateType)
-> (CustomKeyStoresListEntry
    -> Maybe ConnectionStateType -> CustomKeyStoresListEntry)
-> Lens
     CustomKeyStoresListEntry
     CustomKeyStoresListEntry
     (Maybe ConnectionStateType)
     (Maybe ConnectionStateType)
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\CustomKeyStoresListEntry' {Maybe ConnectionStateType
connectionState :: Maybe ConnectionStateType
$sel:connectionState:CustomKeyStoresListEntry' :: CustomKeyStoresListEntry -> Maybe ConnectionStateType
connectionState} -> Maybe ConnectionStateType
connectionState) (\s :: CustomKeyStoresListEntry
s@CustomKeyStoresListEntry' {} Maybe ConnectionStateType
a -> CustomKeyStoresListEntry
s {$sel:connectionState:CustomKeyStoresListEntry' :: Maybe ConnectionStateType
connectionState = Maybe ConnectionStateType
a} :: CustomKeyStoresListEntry)

instance Core.FromJSON CustomKeyStoresListEntry where
  parseJSON :: Value -> Parser CustomKeyStoresListEntry
parseJSON =
    String
-> (Object -> Parser CustomKeyStoresListEntry)
-> Value
-> Parser CustomKeyStoresListEntry
forall a. String -> (Object -> Parser a) -> Value -> Parser a
Core.withObject
      String
"CustomKeyStoresListEntry"
      ( \Object
x ->
          Maybe Text
-> Maybe Text
-> Maybe ConnectionErrorCodeType
-> Maybe POSIX
-> Maybe Text
-> Maybe Text
-> Maybe ConnectionStateType
-> CustomKeyStoresListEntry
CustomKeyStoresListEntry'
            (Maybe Text
 -> Maybe Text
 -> Maybe ConnectionErrorCodeType
 -> Maybe POSIX
 -> Maybe Text
 -> Maybe Text
 -> Maybe ConnectionStateType
 -> CustomKeyStoresListEntry)
-> Parser (Maybe Text)
-> Parser
     (Maybe Text
      -> Maybe ConnectionErrorCodeType
      -> Maybe POSIX
      -> Maybe Text
      -> Maybe Text
      -> Maybe ConnectionStateType
      -> CustomKeyStoresListEntry)
forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
Prelude.<$> (Object
x Object -> Text -> Parser (Maybe Text)
forall a. FromJSON a => Object -> Text -> Parser (Maybe a)
Core..:? Text
"CustomKeyStoreName")
            Parser
  (Maybe Text
   -> Maybe ConnectionErrorCodeType
   -> Maybe POSIX
   -> Maybe Text
   -> Maybe Text
   -> Maybe ConnectionStateType
   -> CustomKeyStoresListEntry)
-> Parser (Maybe Text)
-> Parser
     (Maybe ConnectionErrorCodeType
      -> Maybe POSIX
      -> Maybe Text
      -> Maybe Text
      -> Maybe ConnectionStateType
      -> CustomKeyStoresListEntry)
forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x Object -> Text -> Parser (Maybe Text)
forall a. FromJSON a => Object -> Text -> Parser (Maybe a)
Core..:? Text
"TrustAnchorCertificate")
            Parser
  (Maybe ConnectionErrorCodeType
   -> Maybe POSIX
   -> Maybe Text
   -> Maybe Text
   -> Maybe ConnectionStateType
   -> CustomKeyStoresListEntry)
-> Parser (Maybe ConnectionErrorCodeType)
-> Parser
     (Maybe POSIX
      -> Maybe Text
      -> Maybe Text
      -> Maybe ConnectionStateType
      -> CustomKeyStoresListEntry)
forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x Object -> Text -> Parser (Maybe ConnectionErrorCodeType)
forall a. FromJSON a => Object -> Text -> Parser (Maybe a)
Core..:? Text
"ConnectionErrorCode")
            Parser
  (Maybe POSIX
   -> Maybe Text
   -> Maybe Text
   -> Maybe ConnectionStateType
   -> CustomKeyStoresListEntry)
-> Parser (Maybe POSIX)
-> Parser
     (Maybe Text
      -> Maybe Text
      -> Maybe ConnectionStateType
      -> CustomKeyStoresListEntry)
forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x Object -> Text -> Parser (Maybe POSIX)
forall a. FromJSON a => Object -> Text -> Parser (Maybe a)
Core..:? Text
"CreationDate")
            Parser
  (Maybe Text
   -> Maybe Text
   -> Maybe ConnectionStateType
   -> CustomKeyStoresListEntry)
-> Parser (Maybe Text)
-> Parser
     (Maybe Text
      -> Maybe ConnectionStateType -> CustomKeyStoresListEntry)
forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x Object -> Text -> Parser (Maybe Text)
forall a. FromJSON a => Object -> Text -> Parser (Maybe a)
Core..:? Text
"CloudHsmClusterId")
            Parser
  (Maybe Text
   -> Maybe ConnectionStateType -> CustomKeyStoresListEntry)
-> Parser (Maybe Text)
-> Parser (Maybe ConnectionStateType -> CustomKeyStoresListEntry)
forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x Object -> Text -> Parser (Maybe Text)
forall a. FromJSON a => Object -> Text -> Parser (Maybe a)
Core..:? Text
"CustomKeyStoreId")
            Parser (Maybe ConnectionStateType -> CustomKeyStoresListEntry)
-> Parser (Maybe ConnectionStateType)
-> Parser CustomKeyStoresListEntry
forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x Object -> Text -> Parser (Maybe ConnectionStateType)
forall a. FromJSON a => Object -> Text -> Parser (Maybe a)
Core..:? Text
"ConnectionState")
      )

instance Prelude.Hashable CustomKeyStoresListEntry

instance Prelude.NFData CustomKeyStoresListEntry