Copyright	(c) 2013-2021 Brendan Hay
License	Mozilla Public License, v. 2.0.
Maintainer	Brendan Hay <brendan.g.hay+amazonka@gmail.com>
Stability	auto-generated
Portability	non-portable (GHC extensions)
Safe Haskell	None

Amazonka.QLDB.UpdateLedgerPermissionsMode

Contents

Creating a Request
Request Lenses
Destructuring the Response
Response Lenses

Description

Updates the permissions mode of a ledger.

Before you switch to the STANDARD permissions mode, you must first create all required IAM policies and table tags to avoid disruption to your users. To learn more, see Migrating to the standard permissions mode in the Amazon QLDB Developer Guide.

Synopsis

Creating a Request

data UpdateLedgerPermissionsMode Source #

See: newUpdateLedgerPermissionsMode smart constructor.

Constructors

UpdateLedgerPermissionsMode'

Fields

name :: Text
The name of the ledger.
permissionsMode :: PermissionsMode
The permissions mode to assign to the ledger. This parameter can have one of the following values:
- ALLOW_ALL: A legacy permissions mode that enables access control with API-level granularity for ledgers.
  This mode allows users who have the SendCommand API permission for this ledger to run all PartiQL commands (hence, ALLOW_ALL) on any tables in the specified ledger. This mode disregards any table-level or command-level IAM permissions policies that you create for the ledger.
- STANDARD: (Recommended) A permissions mode that enables access control with finer granularity for ledgers, tables, and PartiQL commands.
  By default, this mode denies all user requests to run any PartiQL commands on any tables in this ledger. To allow PartiQL commands to run, you must create IAM permissions policies for specific table resources and PartiQL actions, in addition to the SendCommand API permission for the ledger. For information, see Getting started with the standard permissions mode in the Amazon QLDB Developer Guide.
We strongly recommend using the STANDARD permissions mode to maximize the security of your ledger data.

Instances

Instances details

Eq UpdateLedgerPermissionsMode Source #
Instance details Defined in Amazonka.QLDB.UpdateLedgerPermissionsMode Methods (==) :: UpdateLedgerPermissionsMode -> UpdateLedgerPermissionsMode -> Bool # (/=) :: UpdateLedgerPermissionsMode -> UpdateLedgerPermissionsMode -> Bool #
Read UpdateLedgerPermissionsMode Source #
Instance details Defined in Amazonka.QLDB.UpdateLedgerPermissionsMode Methods readsPrec :: Int -> ReadS UpdateLedgerPermissionsMode # readList :: ReadS [UpdateLedgerPermissionsMode] # readPrec :: ReadPrec UpdateLedgerPermissionsMode # readListPrec :: ReadPrec [UpdateLedgerPermissionsMode] #
Show UpdateLedgerPermissionsMode Source #
Instance details Defined in Amazonka.QLDB.UpdateLedgerPermissionsMode Methods showsPrec :: Int -> UpdateLedgerPermissionsMode -> ShowS # show :: UpdateLedgerPermissionsMode -> String # showList :: [UpdateLedgerPermissionsMode] -> ShowS #
Generic UpdateLedgerPermissionsMode Source #
Instance details Defined in Amazonka.QLDB.UpdateLedgerPermissionsMode Associated Types type Rep UpdateLedgerPermissionsMode :: Type -> Type # Methods from :: UpdateLedgerPermissionsMode -> Rep UpdateLedgerPermissionsMode x # to :: Rep UpdateLedgerPermissionsMode x -> UpdateLedgerPermissionsMode #
NFData UpdateLedgerPermissionsMode Source #
Instance details Defined in Amazonka.QLDB.UpdateLedgerPermissionsMode Methods rnf :: UpdateLedgerPermissionsMode -> () #
Hashable UpdateLedgerPermissionsMode Source #
Instance details Defined in Amazonka.QLDB.UpdateLedgerPermissionsMode Methods hashWithSalt :: Int -> UpdateLedgerPermissionsMode -> Int # hash :: UpdateLedgerPermissionsMode -> Int #
ToJSON UpdateLedgerPermissionsMode Source #
Instance details Defined in Amazonka.QLDB.UpdateLedgerPermissionsMode Methods toJSON :: UpdateLedgerPermissionsMode -> Value # toEncoding :: UpdateLedgerPermissionsMode -> Encoding # toJSONList :: [UpdateLedgerPermissionsMode] -> Value # toEncodingList :: [UpdateLedgerPermissionsMode] -> Encoding #
AWSRequest UpdateLedgerPermissionsMode Source #
Instance details Defined in Amazonka.QLDB.UpdateLedgerPermissionsMode Associated Types type AWSResponse UpdateLedgerPermissionsMode # Methods request :: UpdateLedgerPermissionsMode -> Request UpdateLedgerPermissionsMode # response :: MonadResource m => Logger -> Service -> Proxy UpdateLedgerPermissionsMode -> ClientResponse ClientBody -> m (Either Error (ClientResponse (AWSResponse UpdateLedgerPermissionsMode))) #
ToHeaders UpdateLedgerPermissionsMode Source #
Instance details Defined in Amazonka.QLDB.UpdateLedgerPermissionsMode Methods toHeaders :: UpdateLedgerPermissionsMode -> [Header] #
ToPath UpdateLedgerPermissionsMode Source #
Instance details Defined in Amazonka.QLDB.UpdateLedgerPermissionsMode Methods toPath :: UpdateLedgerPermissionsMode -> ByteString #
ToQuery UpdateLedgerPermissionsMode Source #
Instance details Defined in Amazonka.QLDB.UpdateLedgerPermissionsMode Methods toQuery :: UpdateLedgerPermissionsMode -> QueryString #
type Rep UpdateLedgerPermissionsMode Source #
Instance details Defined in Amazonka.QLDB.UpdateLedgerPermissionsMode type Rep UpdateLedgerPermissionsMode = D1 ('MetaData "UpdateLedgerPermissionsMode" "Amazonka.QLDB.UpdateLedgerPermissionsMode" "libZSservicesZSamazonka-qldbZSamazonka-qldb" 'False) (C1 ('MetaCons "UpdateLedgerPermissionsMode'" 'PrefixI 'True) (S1 ('MetaSel ('Just "name") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 Text) :*: S1 ('MetaSel ('Just "permissionsMode") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 PermissionsMode)))
type AWSResponse UpdateLedgerPermissionsMode Source #
Instance details Defined in Amazonka.QLDB.UpdateLedgerPermissionsMode type AWSResponse UpdateLedgerPermissionsMode = UpdateLedgerPermissionsModeResponse

newUpdateLedgerPermissionsMode Source #

Arguments

:: Text	`$sel:name:UpdateLedgerPermissionsMode'`
-> PermissionsMode	`$sel:permissionsMode:UpdateLedgerPermissionsMode'`
-> UpdateLedgerPermissionsMode

Create a value of UpdateLedgerPermissionsMode with all optional fields omitted.

Use generic-lens or optics to modify other optional fields.

The following record fields are available, with the corresponding lenses provided for backwards compatibility:

$sel:name:UpdateLedgerPermissionsMode', updateLedgerPermissionsMode_name - The name of the ledger.

$sel:permissionsMode:UpdateLedgerPermissionsMode', updateLedgerPermissionsMode_permissionsMode - The permissions mode to assign to the ledger. This parameter can have one of the following values:

ALLOW_ALL: A legacy permissions mode that enables access control with API-level granularity for ledgers.
This mode allows users who have the SendCommand API permission for this ledger to run all PartiQL commands (hence, ALLOW_ALL) on any tables in the specified ledger. This mode disregards any table-level or command-level IAM permissions policies that you create for the ledger.
STANDARD: (Recommended) A permissions mode that enables access control with finer granularity for ledgers, tables, and PartiQL commands.
By default, this mode denies all user requests to run any PartiQL commands on any tables in this ledger. To allow PartiQL commands to run, you must create IAM permissions policies for specific table resources and PartiQL actions, in addition to the SendCommand API permission for the ledger. For information, see Getting started with the standard permissions mode in the Amazon QLDB Developer Guide.

We strongly recommend using the STANDARD permissions mode to maximize the security of your ledger data.

Request Lenses

updateLedgerPermissionsMode_name :: Lens' UpdateLedgerPermissionsMode Text Source #

The name of the ledger.

updateLedgerPermissionsMode_permissionsMode :: Lens' UpdateLedgerPermissionsMode PermissionsMode Source #

The permissions mode to assign to the ledger. This parameter can have one of the following values:

ALLOW_ALL: A legacy permissions mode that enables access control with API-level granularity for ledgers.
This mode allows users who have the SendCommand API permission for this ledger to run all PartiQL commands (hence, ALLOW_ALL) on any tables in the specified ledger. This mode disregards any table-level or command-level IAM permissions policies that you create for the ledger.
STANDARD: (Recommended) A permissions mode that enables access control with finer granularity for ledgers, tables, and PartiQL commands.
By default, this mode denies all user requests to run any PartiQL commands on any tables in this ledger. To allow PartiQL commands to run, you must create IAM permissions policies for specific table resources and PartiQL actions, in addition to the SendCommand API permission for the ledger. For information, see Getting started with the standard permissions mode in the Amazon QLDB Developer Guide.

We strongly recommend using the STANDARD permissions mode to maximize the security of your ledger data.

Destructuring the Response

data UpdateLedgerPermissionsModeResponse Source #

See: newUpdateLedgerPermissionsModeResponse smart constructor.

Constructors

UpdateLedgerPermissionsModeResponse'
Fields arn :: Maybe Text The Amazon Resource Name (ARN) for the ledger. name :: Maybe Text The name of the ledger. permissionsMode :: Maybe PermissionsMode The current permissions mode of the ledger. httpStatus :: Int The response's http status code.

Instances

Instances details

Eq UpdateLedgerPermissionsModeResponse Source #
Instance details Defined in Amazonka.QLDB.UpdateLedgerPermissionsMode Methods (==) :: UpdateLedgerPermissionsModeResponse -> UpdateLedgerPermissionsModeResponse -> Bool # (/=) :: UpdateLedgerPermissionsModeResponse -> UpdateLedgerPermissionsModeResponse -> Bool #
Read UpdateLedgerPermissionsModeResponse Source #
Instance details Defined in Amazonka.QLDB.UpdateLedgerPermissionsMode Methods readsPrec :: Int -> ReadS UpdateLedgerPermissionsModeResponse # readList :: ReadS [UpdateLedgerPermissionsModeResponse] # readPrec :: ReadPrec UpdateLedgerPermissionsModeResponse # readListPrec :: ReadPrec [UpdateLedgerPermissionsModeResponse] #
Show UpdateLedgerPermissionsModeResponse Source #
Instance details Defined in Amazonka.QLDB.UpdateLedgerPermissionsMode Methods showsPrec :: Int -> UpdateLedgerPermissionsModeResponse -> ShowS # show :: UpdateLedgerPermissionsModeResponse -> String # showList :: [UpdateLedgerPermissionsModeResponse] -> ShowS #
Generic UpdateLedgerPermissionsModeResponse Source #
Instance details Defined in Amazonka.QLDB.UpdateLedgerPermissionsMode Associated Types type Rep UpdateLedgerPermissionsModeResponse :: Type -> Type # Methods from :: UpdateLedgerPermissionsModeResponse -> Rep UpdateLedgerPermissionsModeResponse x # to :: Rep UpdateLedgerPermissionsModeResponse x -> UpdateLedgerPermissionsModeResponse #
NFData UpdateLedgerPermissionsModeResponse Source #
Instance details Defined in Amazonka.QLDB.UpdateLedgerPermissionsMode Methods rnf :: UpdateLedgerPermissionsModeResponse -> () #
type Rep UpdateLedgerPermissionsModeResponse Source #
Instance details Defined in Amazonka.QLDB.UpdateLedgerPermissionsMode type Rep UpdateLedgerPermissionsModeResponse = D1 ('MetaData "UpdateLedgerPermissionsModeResponse" "Amazonka.QLDB.UpdateLedgerPermissionsMode" "libZSservicesZSamazonka-qldbZSamazonka-qldb" 'False) (C1 ('MetaCons "UpdateLedgerPermissionsModeResponse'" 'PrefixI 'True) ((S1 ('MetaSel ('Just "arn") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe Text)) :: S1 ('MetaSel ('Just "name") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe Text))) :: (S1 ('MetaSel ('Just "permissionsMode") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe PermissionsMode)) :*: S1 ('MetaSel ('Just "httpStatus") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 Int))))