{-# LANGUAGE DeriveGeneric #-}
{-# LANGUAGE DuplicateRecordFields #-}
{-# LANGUAGE NamedFieldPuns #-}
{-# LANGUAGE OverloadedStrings #-}
{-# LANGUAGE RecordWildCards #-}
{-# LANGUAGE StrictData #-}
{-# LANGUAGE TypeFamilies #-}
{-# LANGUAGE NoImplicitPrelude #-}
{-# OPTIONS_GHC -fno-warn-unused-binds #-}
{-# OPTIONS_GHC -fno-warn-unused-imports #-}
{-# OPTIONS_GHC -fno-warn-unused-matches #-}

-- Derived from AWS service descriptions, licensed under Apache 2.0.

-- |
-- Module      : Amazonka.Route53Resolver.CreateFirewallRule
-- Copyright   : (c) 2013-2021 Brendan Hay
-- License     : Mozilla Public License, v. 2.0.
-- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
-- Stability   : auto-generated
-- Portability : non-portable (GHC extensions)
--
-- Creates a single DNS Firewall rule in the specified rule group, using
-- the specified domain list.
module Amazonka.Route53Resolver.CreateFirewallRule
  ( -- * Creating a Request
    CreateFirewallRule (..),
    newCreateFirewallRule,

    -- * Request Lenses
    createFirewallRule_blockOverrideDnsType,
    createFirewallRule_blockResponse,
    createFirewallRule_blockOverrideTtl,
    createFirewallRule_blockOverrideDomain,
    createFirewallRule_creatorRequestId,
    createFirewallRule_firewallRuleGroupId,
    createFirewallRule_firewallDomainListId,
    createFirewallRule_priority,
    createFirewallRule_action,
    createFirewallRule_name,

    -- * Destructuring the Response
    CreateFirewallRuleResponse (..),
    newCreateFirewallRuleResponse,

    -- * Response Lenses
    createFirewallRuleResponse_firewallRule,
    createFirewallRuleResponse_httpStatus,
  )
where

import qualified Amazonka.Core as Core
import qualified Amazonka.Lens as Lens
import qualified Amazonka.Prelude as Prelude
import qualified Amazonka.Request as Request
import qualified Amazonka.Response as Response
import Amazonka.Route53Resolver.Types

-- | /See:/ 'newCreateFirewallRule' smart constructor.
data CreateFirewallRule = CreateFirewallRule'
  { -- | The DNS record\'s type. This determines the format of the record value
    -- that you provided in @BlockOverrideDomain@. Used for the rule action
    -- @BLOCK@ with a @BlockResponse@ setting of @OVERRIDE@.
    --
    -- This setting is required if the @BlockResponse@ setting is @OVERRIDE@.
    CreateFirewallRule -> Maybe BlockOverrideDnsType
blockOverrideDnsType :: Prelude.Maybe BlockOverrideDnsType,
    -- | The way that you want DNS Firewall to block the request, used with the
    -- rule action setting @BLOCK@.
    --
    -- -   @NODATA@ - Respond indicating that the query was successful, but no
    --     response is available for it.
    --
    -- -   @NXDOMAIN@ - Respond indicating that the domain name that\'s in the
    --     query doesn\'t exist.
    --
    -- -   @OVERRIDE@ - Provide a custom override in the response. This option
    --     requires custom handling details in the rule\'s @BlockOverride*@
    --     settings.
    --
    -- This setting is required if the rule action setting is @BLOCK@.
    CreateFirewallRule -> Maybe BlockResponse
blockResponse :: Prelude.Maybe BlockResponse,
    -- | The recommended amount of time, in seconds, for the DNS resolver or web
    -- browser to cache the provided override record. Used for the rule action
    -- @BLOCK@ with a @BlockResponse@ setting of @OVERRIDE@.
    --
    -- This setting is required if the @BlockResponse@ setting is @OVERRIDE@.
    CreateFirewallRule -> Maybe Natural
blockOverrideTtl :: Prelude.Maybe Prelude.Natural,
    -- | The custom DNS record to send back in response to the query. Used for
    -- the rule action @BLOCK@ with a @BlockResponse@ setting of @OVERRIDE@.
    --
    -- This setting is required if the @BlockResponse@ setting is @OVERRIDE@.
    CreateFirewallRule -> Maybe Text
blockOverrideDomain :: Prelude.Maybe Prelude.Text,
    -- | A unique string that identifies the request and that allows you to retry
    -- failed requests without the risk of running the operation twice.
    -- @CreatorRequestId@ can be any unique string, for example, a date\/time
    -- stamp.
    CreateFirewallRule -> Text
creatorRequestId :: Prelude.Text,
    -- | The unique identifier of the firewall rule group where you want to
    -- create the rule.
    CreateFirewallRule -> Text
firewallRuleGroupId :: Prelude.Text,
    -- | The ID of the domain list that you want to use in the rule.
    CreateFirewallRule -> Text
firewallDomainListId :: Prelude.Text,
    -- | The setting that determines the processing order of the rule in the rule
    -- group. DNS Firewall processes the rules in a rule group by order of
    -- priority, starting from the lowest setting.
    --
    -- You must specify a unique priority for each rule in a rule group. To
    -- make it easier to insert rules later, leave space between the numbers,
    -- for example, use 100, 200, and so on. You can change the priority
    -- setting for the rules in a rule group at any time.
    CreateFirewallRule -> Int
priority :: Prelude.Int,
    -- | The action that DNS Firewall should take on a DNS query when it matches
    -- one of the domains in the rule\'s domain list:
    --
    -- -   @ALLOW@ - Permit the request to go through.
    --
    -- -   @ALERT@ - Permit the request and send metrics and logs to Cloud
    --     Watch.
    --
    -- -   @BLOCK@ - Disallow the request. This option requires additional
    --     details in the rule\'s @BlockResponse@.
    CreateFirewallRule -> Action
action :: Action,
    -- | A name that lets you identify the rule in the rule group.
    CreateFirewallRule -> Text
name :: Prelude.Text
  }
  deriving (CreateFirewallRule -> CreateFirewallRule -> Bool
(CreateFirewallRule -> CreateFirewallRule -> Bool)
-> (CreateFirewallRule -> CreateFirewallRule -> Bool)
-> Eq CreateFirewallRule
forall a. (a -> a -> Bool) -> (a -> a -> Bool) -> Eq a
/= :: CreateFirewallRule -> CreateFirewallRule -> Bool
$c/= :: CreateFirewallRule -> CreateFirewallRule -> Bool
== :: CreateFirewallRule -> CreateFirewallRule -> Bool
$c== :: CreateFirewallRule -> CreateFirewallRule -> Bool
Prelude.Eq, ReadPrec [CreateFirewallRule]
ReadPrec CreateFirewallRule
Int -> ReadS CreateFirewallRule
ReadS [CreateFirewallRule]
(Int -> ReadS CreateFirewallRule)
-> ReadS [CreateFirewallRule]
-> ReadPrec CreateFirewallRule
-> ReadPrec [CreateFirewallRule]
-> Read CreateFirewallRule
forall a.
(Int -> ReadS a)
-> ReadS [a] -> ReadPrec a -> ReadPrec [a] -> Read a
readListPrec :: ReadPrec [CreateFirewallRule]
$creadListPrec :: ReadPrec [CreateFirewallRule]
readPrec :: ReadPrec CreateFirewallRule
$creadPrec :: ReadPrec CreateFirewallRule
readList :: ReadS [CreateFirewallRule]
$creadList :: ReadS [CreateFirewallRule]
readsPrec :: Int -> ReadS CreateFirewallRule
$creadsPrec :: Int -> ReadS CreateFirewallRule
Prelude.Read, Int -> CreateFirewallRule -> ShowS
[CreateFirewallRule] -> ShowS
CreateFirewallRule -> String
(Int -> CreateFirewallRule -> ShowS)
-> (CreateFirewallRule -> String)
-> ([CreateFirewallRule] -> ShowS)
-> Show CreateFirewallRule
forall a.
(Int -> a -> ShowS) -> (a -> String) -> ([a] -> ShowS) -> Show a
showList :: [CreateFirewallRule] -> ShowS
$cshowList :: [CreateFirewallRule] -> ShowS
show :: CreateFirewallRule -> String
$cshow :: CreateFirewallRule -> String
showsPrec :: Int -> CreateFirewallRule -> ShowS
$cshowsPrec :: Int -> CreateFirewallRule -> ShowS
Prelude.Show, (forall x. CreateFirewallRule -> Rep CreateFirewallRule x)
-> (forall x. Rep CreateFirewallRule x -> CreateFirewallRule)
-> Generic CreateFirewallRule
forall x. Rep CreateFirewallRule x -> CreateFirewallRule
forall x. CreateFirewallRule -> Rep CreateFirewallRule x
forall a.
(forall x. a -> Rep a x) -> (forall x. Rep a x -> a) -> Generic a
$cto :: forall x. Rep CreateFirewallRule x -> CreateFirewallRule
$cfrom :: forall x. CreateFirewallRule -> Rep CreateFirewallRule x
Prelude.Generic)

-- |
-- Create a value of 'CreateFirewallRule' with all optional fields omitted.
--
-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
--
-- The following record fields are available, with the corresponding lenses provided
-- for backwards compatibility:
--
-- 'blockOverrideDnsType', 'createFirewallRule_blockOverrideDnsType' - The DNS record\'s type. This determines the format of the record value
-- that you provided in @BlockOverrideDomain@. Used for the rule action
-- @BLOCK@ with a @BlockResponse@ setting of @OVERRIDE@.
--
-- This setting is required if the @BlockResponse@ setting is @OVERRIDE@.
--
-- 'blockResponse', 'createFirewallRule_blockResponse' - The way that you want DNS Firewall to block the request, used with the
-- rule action setting @BLOCK@.
--
-- -   @NODATA@ - Respond indicating that the query was successful, but no
--     response is available for it.
--
-- -   @NXDOMAIN@ - Respond indicating that the domain name that\'s in the
--     query doesn\'t exist.
--
-- -   @OVERRIDE@ - Provide a custom override in the response. This option
--     requires custom handling details in the rule\'s @BlockOverride*@
--     settings.
--
-- This setting is required if the rule action setting is @BLOCK@.
--
-- 'blockOverrideTtl', 'createFirewallRule_blockOverrideTtl' - The recommended amount of time, in seconds, for the DNS resolver or web
-- browser to cache the provided override record. Used for the rule action
-- @BLOCK@ with a @BlockResponse@ setting of @OVERRIDE@.
--
-- This setting is required if the @BlockResponse@ setting is @OVERRIDE@.
--
-- 'blockOverrideDomain', 'createFirewallRule_blockOverrideDomain' - The custom DNS record to send back in response to the query. Used for
-- the rule action @BLOCK@ with a @BlockResponse@ setting of @OVERRIDE@.
--
-- This setting is required if the @BlockResponse@ setting is @OVERRIDE@.
--
-- 'creatorRequestId', 'createFirewallRule_creatorRequestId' - A unique string that identifies the request and that allows you to retry
-- failed requests without the risk of running the operation twice.
-- @CreatorRequestId@ can be any unique string, for example, a date\/time
-- stamp.
--
-- 'firewallRuleGroupId', 'createFirewallRule_firewallRuleGroupId' - The unique identifier of the firewall rule group where you want to
-- create the rule.
--
-- 'firewallDomainListId', 'createFirewallRule_firewallDomainListId' - The ID of the domain list that you want to use in the rule.
--
-- 'priority', 'createFirewallRule_priority' - The setting that determines the processing order of the rule in the rule
-- group. DNS Firewall processes the rules in a rule group by order of
-- priority, starting from the lowest setting.
--
-- You must specify a unique priority for each rule in a rule group. To
-- make it easier to insert rules later, leave space between the numbers,
-- for example, use 100, 200, and so on. You can change the priority
-- setting for the rules in a rule group at any time.
--
-- 'action', 'createFirewallRule_action' - The action that DNS Firewall should take on a DNS query when it matches
-- one of the domains in the rule\'s domain list:
--
-- -   @ALLOW@ - Permit the request to go through.
--
-- -   @ALERT@ - Permit the request and send metrics and logs to Cloud
--     Watch.
--
-- -   @BLOCK@ - Disallow the request. This option requires additional
--     details in the rule\'s @BlockResponse@.
--
-- 'name', 'createFirewallRule_name' - A name that lets you identify the rule in the rule group.
newCreateFirewallRule ::
  -- | 'creatorRequestId'
  Prelude.Text ->
  -- | 'firewallRuleGroupId'
  Prelude.Text ->
  -- | 'firewallDomainListId'
  Prelude.Text ->
  -- | 'priority'
  Prelude.Int ->
  -- | 'action'
  Action ->
  -- | 'name'
  Prelude.Text ->
  CreateFirewallRule
newCreateFirewallRule :: Text -> Text -> Text -> Int -> Action -> Text -> CreateFirewallRule
newCreateFirewallRule
  Text
pCreatorRequestId_
  Text
pFirewallRuleGroupId_
  Text
pFirewallDomainListId_
  Int
pPriority_
  Action
pAction_
  Text
pName_ =
    CreateFirewallRule' :: Maybe BlockOverrideDnsType
-> Maybe BlockResponse
-> Maybe Natural
-> Maybe Text
-> Text
-> Text
-> Text
-> Int
-> Action
-> Text
-> CreateFirewallRule
CreateFirewallRule'
      { $sel:blockOverrideDnsType:CreateFirewallRule' :: Maybe BlockOverrideDnsType
blockOverrideDnsType =
          Maybe BlockOverrideDnsType
forall a. Maybe a
Prelude.Nothing,
        $sel:blockResponse:CreateFirewallRule' :: Maybe BlockResponse
blockResponse = Maybe BlockResponse
forall a. Maybe a
Prelude.Nothing,
        $sel:blockOverrideTtl:CreateFirewallRule' :: Maybe Natural
blockOverrideTtl = Maybe Natural
forall a. Maybe a
Prelude.Nothing,
        $sel:blockOverrideDomain:CreateFirewallRule' :: Maybe Text
blockOverrideDomain = Maybe Text
forall a. Maybe a
Prelude.Nothing,
        $sel:creatorRequestId:CreateFirewallRule' :: Text
creatorRequestId = Text
pCreatorRequestId_,
        $sel:firewallRuleGroupId:CreateFirewallRule' :: Text
firewallRuleGroupId = Text
pFirewallRuleGroupId_,
        $sel:firewallDomainListId:CreateFirewallRule' :: Text
firewallDomainListId = Text
pFirewallDomainListId_,
        $sel:priority:CreateFirewallRule' :: Int
priority = Int
pPriority_,
        $sel:action:CreateFirewallRule' :: Action
action = Action
pAction_,
        $sel:name:CreateFirewallRule' :: Text
name = Text
pName_
      }

-- | The DNS record\'s type. This determines the format of the record value
-- that you provided in @BlockOverrideDomain@. Used for the rule action
-- @BLOCK@ with a @BlockResponse@ setting of @OVERRIDE@.
--
-- This setting is required if the @BlockResponse@ setting is @OVERRIDE@.
createFirewallRule_blockOverrideDnsType :: Lens.Lens' CreateFirewallRule (Prelude.Maybe BlockOverrideDnsType)
createFirewallRule_blockOverrideDnsType :: (Maybe BlockOverrideDnsType -> f (Maybe BlockOverrideDnsType))
-> CreateFirewallRule -> f CreateFirewallRule
createFirewallRule_blockOverrideDnsType = (CreateFirewallRule -> Maybe BlockOverrideDnsType)
-> (CreateFirewallRule
    -> Maybe BlockOverrideDnsType -> CreateFirewallRule)
-> Lens
     CreateFirewallRule
     CreateFirewallRule
     (Maybe BlockOverrideDnsType)
     (Maybe BlockOverrideDnsType)
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\CreateFirewallRule' {Maybe BlockOverrideDnsType
blockOverrideDnsType :: Maybe BlockOverrideDnsType
$sel:blockOverrideDnsType:CreateFirewallRule' :: CreateFirewallRule -> Maybe BlockOverrideDnsType
blockOverrideDnsType} -> Maybe BlockOverrideDnsType
blockOverrideDnsType) (\s :: CreateFirewallRule
s@CreateFirewallRule' {} Maybe BlockOverrideDnsType
a -> CreateFirewallRule
s {$sel:blockOverrideDnsType:CreateFirewallRule' :: Maybe BlockOverrideDnsType
blockOverrideDnsType = Maybe BlockOverrideDnsType
a} :: CreateFirewallRule)

-- | The way that you want DNS Firewall to block the request, used with the
-- rule action setting @BLOCK@.
--
-- -   @NODATA@ - Respond indicating that the query was successful, but no
--     response is available for it.
--
-- -   @NXDOMAIN@ - Respond indicating that the domain name that\'s in the
--     query doesn\'t exist.
--
-- -   @OVERRIDE@ - Provide a custom override in the response. This option
--     requires custom handling details in the rule\'s @BlockOverride*@
--     settings.
--
-- This setting is required if the rule action setting is @BLOCK@.
createFirewallRule_blockResponse :: Lens.Lens' CreateFirewallRule (Prelude.Maybe BlockResponse)
createFirewallRule_blockResponse :: (Maybe BlockResponse -> f (Maybe BlockResponse))
-> CreateFirewallRule -> f CreateFirewallRule
createFirewallRule_blockResponse = (CreateFirewallRule -> Maybe BlockResponse)
-> (CreateFirewallRule
    -> Maybe BlockResponse -> CreateFirewallRule)
-> Lens
     CreateFirewallRule
     CreateFirewallRule
     (Maybe BlockResponse)
     (Maybe BlockResponse)
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\CreateFirewallRule' {Maybe BlockResponse
blockResponse :: Maybe BlockResponse
$sel:blockResponse:CreateFirewallRule' :: CreateFirewallRule -> Maybe BlockResponse
blockResponse} -> Maybe BlockResponse
blockResponse) (\s :: CreateFirewallRule
s@CreateFirewallRule' {} Maybe BlockResponse
a -> CreateFirewallRule
s {$sel:blockResponse:CreateFirewallRule' :: Maybe BlockResponse
blockResponse = Maybe BlockResponse
a} :: CreateFirewallRule)

-- | The recommended amount of time, in seconds, for the DNS resolver or web
-- browser to cache the provided override record. Used for the rule action
-- @BLOCK@ with a @BlockResponse@ setting of @OVERRIDE@.
--
-- This setting is required if the @BlockResponse@ setting is @OVERRIDE@.
createFirewallRule_blockOverrideTtl :: Lens.Lens' CreateFirewallRule (Prelude.Maybe Prelude.Natural)
createFirewallRule_blockOverrideTtl :: (Maybe Natural -> f (Maybe Natural))
-> CreateFirewallRule -> f CreateFirewallRule
createFirewallRule_blockOverrideTtl = (CreateFirewallRule -> Maybe Natural)
-> (CreateFirewallRule -> Maybe Natural -> CreateFirewallRule)
-> Lens
     CreateFirewallRule
     CreateFirewallRule
     (Maybe Natural)
     (Maybe Natural)
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\CreateFirewallRule' {Maybe Natural
blockOverrideTtl :: Maybe Natural
$sel:blockOverrideTtl:CreateFirewallRule' :: CreateFirewallRule -> Maybe Natural
blockOverrideTtl} -> Maybe Natural
blockOverrideTtl) (\s :: CreateFirewallRule
s@CreateFirewallRule' {} Maybe Natural
a -> CreateFirewallRule
s {$sel:blockOverrideTtl:CreateFirewallRule' :: Maybe Natural
blockOverrideTtl = Maybe Natural
a} :: CreateFirewallRule)

-- | The custom DNS record to send back in response to the query. Used for
-- the rule action @BLOCK@ with a @BlockResponse@ setting of @OVERRIDE@.
--
-- This setting is required if the @BlockResponse@ setting is @OVERRIDE@.
createFirewallRule_blockOverrideDomain :: Lens.Lens' CreateFirewallRule (Prelude.Maybe Prelude.Text)
createFirewallRule_blockOverrideDomain :: (Maybe Text -> f (Maybe Text))
-> CreateFirewallRule -> f CreateFirewallRule
createFirewallRule_blockOverrideDomain = (CreateFirewallRule -> Maybe Text)
-> (CreateFirewallRule -> Maybe Text -> CreateFirewallRule)
-> Lens
     CreateFirewallRule CreateFirewallRule (Maybe Text) (Maybe Text)
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\CreateFirewallRule' {Maybe Text
blockOverrideDomain :: Maybe Text
$sel:blockOverrideDomain:CreateFirewallRule' :: CreateFirewallRule -> Maybe Text
blockOverrideDomain} -> Maybe Text
blockOverrideDomain) (\s :: CreateFirewallRule
s@CreateFirewallRule' {} Maybe Text
a -> CreateFirewallRule
s {$sel:blockOverrideDomain:CreateFirewallRule' :: Maybe Text
blockOverrideDomain = Maybe Text
a} :: CreateFirewallRule)

-- | A unique string that identifies the request and that allows you to retry
-- failed requests without the risk of running the operation twice.
-- @CreatorRequestId@ can be any unique string, for example, a date\/time
-- stamp.
createFirewallRule_creatorRequestId :: Lens.Lens' CreateFirewallRule Prelude.Text
createFirewallRule_creatorRequestId :: (Text -> f Text) -> CreateFirewallRule -> f CreateFirewallRule
createFirewallRule_creatorRequestId = (CreateFirewallRule -> Text)
-> (CreateFirewallRule -> Text -> CreateFirewallRule)
-> Lens CreateFirewallRule CreateFirewallRule Text Text
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\CreateFirewallRule' {Text
creatorRequestId :: Text
$sel:creatorRequestId:CreateFirewallRule' :: CreateFirewallRule -> Text
creatorRequestId} -> Text
creatorRequestId) (\s :: CreateFirewallRule
s@CreateFirewallRule' {} Text
a -> CreateFirewallRule
s {$sel:creatorRequestId:CreateFirewallRule' :: Text
creatorRequestId = Text
a} :: CreateFirewallRule)

-- | The unique identifier of the firewall rule group where you want to
-- create the rule.
createFirewallRule_firewallRuleGroupId :: Lens.Lens' CreateFirewallRule Prelude.Text
createFirewallRule_firewallRuleGroupId :: (Text -> f Text) -> CreateFirewallRule -> f CreateFirewallRule
createFirewallRule_firewallRuleGroupId = (CreateFirewallRule -> Text)
-> (CreateFirewallRule -> Text -> CreateFirewallRule)
-> Lens CreateFirewallRule CreateFirewallRule Text Text
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\CreateFirewallRule' {Text
firewallRuleGroupId :: Text
$sel:firewallRuleGroupId:CreateFirewallRule' :: CreateFirewallRule -> Text
firewallRuleGroupId} -> Text
firewallRuleGroupId) (\s :: CreateFirewallRule
s@CreateFirewallRule' {} Text
a -> CreateFirewallRule
s {$sel:firewallRuleGroupId:CreateFirewallRule' :: Text
firewallRuleGroupId = Text
a} :: CreateFirewallRule)

-- | The ID of the domain list that you want to use in the rule.
createFirewallRule_firewallDomainListId :: Lens.Lens' CreateFirewallRule Prelude.Text
createFirewallRule_firewallDomainListId :: (Text -> f Text) -> CreateFirewallRule -> f CreateFirewallRule
createFirewallRule_firewallDomainListId = (CreateFirewallRule -> Text)
-> (CreateFirewallRule -> Text -> CreateFirewallRule)
-> Lens CreateFirewallRule CreateFirewallRule Text Text
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\CreateFirewallRule' {Text
firewallDomainListId :: Text
$sel:firewallDomainListId:CreateFirewallRule' :: CreateFirewallRule -> Text
firewallDomainListId} -> Text
firewallDomainListId) (\s :: CreateFirewallRule
s@CreateFirewallRule' {} Text
a -> CreateFirewallRule
s {$sel:firewallDomainListId:CreateFirewallRule' :: Text
firewallDomainListId = Text
a} :: CreateFirewallRule)

-- | The setting that determines the processing order of the rule in the rule
-- group. DNS Firewall processes the rules in a rule group by order of
-- priority, starting from the lowest setting.
--
-- You must specify a unique priority for each rule in a rule group. To
-- make it easier to insert rules later, leave space between the numbers,
-- for example, use 100, 200, and so on. You can change the priority
-- setting for the rules in a rule group at any time.
createFirewallRule_priority :: Lens.Lens' CreateFirewallRule Prelude.Int
createFirewallRule_priority :: (Int -> f Int) -> CreateFirewallRule -> f CreateFirewallRule
createFirewallRule_priority = (CreateFirewallRule -> Int)
-> (CreateFirewallRule -> Int -> CreateFirewallRule)
-> Lens CreateFirewallRule CreateFirewallRule Int Int
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\CreateFirewallRule' {Int
priority :: Int
$sel:priority:CreateFirewallRule' :: CreateFirewallRule -> Int
priority} -> Int
priority) (\s :: CreateFirewallRule
s@CreateFirewallRule' {} Int
a -> CreateFirewallRule
s {$sel:priority:CreateFirewallRule' :: Int
priority = Int
a} :: CreateFirewallRule)

-- | The action that DNS Firewall should take on a DNS query when it matches
-- one of the domains in the rule\'s domain list:
--
-- -   @ALLOW@ - Permit the request to go through.
--
-- -   @ALERT@ - Permit the request and send metrics and logs to Cloud
--     Watch.
--
-- -   @BLOCK@ - Disallow the request. This option requires additional
--     details in the rule\'s @BlockResponse@.
createFirewallRule_action :: Lens.Lens' CreateFirewallRule Action
createFirewallRule_action :: (Action -> f Action) -> CreateFirewallRule -> f CreateFirewallRule
createFirewallRule_action = (CreateFirewallRule -> Action)
-> (CreateFirewallRule -> Action -> CreateFirewallRule)
-> Lens CreateFirewallRule CreateFirewallRule Action Action
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\CreateFirewallRule' {Action
action :: Action
$sel:action:CreateFirewallRule' :: CreateFirewallRule -> Action
action} -> Action
action) (\s :: CreateFirewallRule
s@CreateFirewallRule' {} Action
a -> CreateFirewallRule
s {$sel:action:CreateFirewallRule' :: Action
action = Action
a} :: CreateFirewallRule)

-- | A name that lets you identify the rule in the rule group.
createFirewallRule_name :: Lens.Lens' CreateFirewallRule Prelude.Text
createFirewallRule_name :: (Text -> f Text) -> CreateFirewallRule -> f CreateFirewallRule
createFirewallRule_name = (CreateFirewallRule -> Text)
-> (CreateFirewallRule -> Text -> CreateFirewallRule)
-> Lens CreateFirewallRule CreateFirewallRule Text Text
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\CreateFirewallRule' {Text
name :: Text
$sel:name:CreateFirewallRule' :: CreateFirewallRule -> Text
name} -> Text
name) (\s :: CreateFirewallRule
s@CreateFirewallRule' {} Text
a -> CreateFirewallRule
s {$sel:name:CreateFirewallRule' :: Text
name = Text
a} :: CreateFirewallRule)

instance Core.AWSRequest CreateFirewallRule where
  type
    AWSResponse CreateFirewallRule =
      CreateFirewallRuleResponse
  request :: CreateFirewallRule -> Request CreateFirewallRule
request = Service -> CreateFirewallRule -> Request CreateFirewallRule
forall a. (ToRequest a, ToJSON a) => Service -> a -> Request a
Request.postJSON Service
defaultService
  response :: Logger
-> Service
-> Proxy CreateFirewallRule
-> ClientResponse ClientBody
-> m (Either
        Error (ClientResponse (AWSResponse CreateFirewallRule)))
response =
    (Int
 -> ResponseHeaders
 -> Object
 -> Either String (AWSResponse CreateFirewallRule))
-> Logger
-> Service
-> Proxy CreateFirewallRule
-> ClientResponse ClientBody
-> m (Either
        Error (ClientResponse (AWSResponse CreateFirewallRule)))
forall (m :: * -> *) a.
MonadResource m =>
(Int -> ResponseHeaders -> Object -> Either String (AWSResponse a))
-> Logger
-> Service
-> Proxy a
-> ClientResponse ClientBody
-> m (Either Error (ClientResponse (AWSResponse a)))
Response.receiveJSON
      ( \Int
s ResponseHeaders
h Object
x ->
          Maybe FirewallRule -> Int -> CreateFirewallRuleResponse
CreateFirewallRuleResponse'
            (Maybe FirewallRule -> Int -> CreateFirewallRuleResponse)
-> Either String (Maybe FirewallRule)
-> Either String (Int -> CreateFirewallRuleResponse)
forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
Prelude.<$> (Object
x Object -> Text -> Either String (Maybe FirewallRule)
forall a. FromJSON a => Object -> Text -> Either String (Maybe a)
Core..?> Text
"FirewallRule")
            Either String (Int -> CreateFirewallRuleResponse)
-> Either String Int -> Either String CreateFirewallRuleResponse
forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Int -> Either String Int
forall (f :: * -> *) a. Applicative f => a -> f a
Prelude.pure (Int -> Int
forall a. Enum a => a -> Int
Prelude.fromEnum Int
s))
      )

instance Prelude.Hashable CreateFirewallRule

instance Prelude.NFData CreateFirewallRule

instance Core.ToHeaders CreateFirewallRule where
  toHeaders :: CreateFirewallRule -> ResponseHeaders
toHeaders =
    ResponseHeaders -> CreateFirewallRule -> ResponseHeaders
forall a b. a -> b -> a
Prelude.const
      ( [ResponseHeaders] -> ResponseHeaders
forall a. Monoid a => [a] -> a
Prelude.mconcat
          [ HeaderName
"X-Amz-Target"
              HeaderName -> ByteString -> ResponseHeaders
forall a. ToHeader a => HeaderName -> a -> ResponseHeaders
Core.=# ( ByteString
"Route53Resolver.CreateFirewallRule" ::
                          Prelude.ByteString
                      ),
            HeaderName
"Content-Type"
              HeaderName -> ByteString -> ResponseHeaders
forall a. ToHeader a => HeaderName -> a -> ResponseHeaders
Core.=# ( ByteString
"application/x-amz-json-1.1" ::
                          Prelude.ByteString
                      )
          ]
      )

instance Core.ToJSON CreateFirewallRule where
  toJSON :: CreateFirewallRule -> Value
toJSON CreateFirewallRule' {Int
Maybe Natural
Maybe Text
Maybe BlockOverrideDnsType
Maybe BlockResponse
Text
Action
name :: Text
action :: Action
priority :: Int
firewallDomainListId :: Text
firewallRuleGroupId :: Text
creatorRequestId :: Text
blockOverrideDomain :: Maybe Text
blockOverrideTtl :: Maybe Natural
blockResponse :: Maybe BlockResponse
blockOverrideDnsType :: Maybe BlockOverrideDnsType
$sel:name:CreateFirewallRule' :: CreateFirewallRule -> Text
$sel:action:CreateFirewallRule' :: CreateFirewallRule -> Action
$sel:priority:CreateFirewallRule' :: CreateFirewallRule -> Int
$sel:firewallDomainListId:CreateFirewallRule' :: CreateFirewallRule -> Text
$sel:firewallRuleGroupId:CreateFirewallRule' :: CreateFirewallRule -> Text
$sel:creatorRequestId:CreateFirewallRule' :: CreateFirewallRule -> Text
$sel:blockOverrideDomain:CreateFirewallRule' :: CreateFirewallRule -> Maybe Text
$sel:blockOverrideTtl:CreateFirewallRule' :: CreateFirewallRule -> Maybe Natural
$sel:blockResponse:CreateFirewallRule' :: CreateFirewallRule -> Maybe BlockResponse
$sel:blockOverrideDnsType:CreateFirewallRule' :: CreateFirewallRule -> Maybe BlockOverrideDnsType
..} =
    [Pair] -> Value
Core.object
      ( [Maybe Pair] -> [Pair]
forall a. [Maybe a] -> [a]
Prelude.catMaybes
          [ (Text
"BlockOverrideDnsType" Text -> BlockOverrideDnsType -> Pair
forall kv v. (KeyValue kv, ToJSON v) => Text -> v -> kv
Core..=)
              (BlockOverrideDnsType -> Pair)
-> Maybe BlockOverrideDnsType -> Maybe Pair
forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
Prelude.<$> Maybe BlockOverrideDnsType
blockOverrideDnsType,
            (Text
"BlockResponse" Text -> BlockResponse -> Pair
forall kv v. (KeyValue kv, ToJSON v) => Text -> v -> kv
Core..=) (BlockResponse -> Pair) -> Maybe BlockResponse -> Maybe Pair
forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
Prelude.<$> Maybe BlockResponse
blockResponse,
            (Text
"BlockOverrideTtl" Text -> Natural -> Pair
forall kv v. (KeyValue kv, ToJSON v) => Text -> v -> kv
Core..=)
              (Natural -> Pair) -> Maybe Natural -> Maybe Pair
forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
Prelude.<$> Maybe Natural
blockOverrideTtl,
            (Text
"BlockOverrideDomain" Text -> Text -> Pair
forall kv v. (KeyValue kv, ToJSON v) => Text -> v -> kv
Core..=)
              (Text -> Pair) -> Maybe Text -> Maybe Pair
forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
Prelude.<$> Maybe Text
blockOverrideDomain,
            Pair -> Maybe Pair
forall a. a -> Maybe a
Prelude.Just
              (Text
"CreatorRequestId" Text -> Text -> Pair
forall kv v. (KeyValue kv, ToJSON v) => Text -> v -> kv
Core..= Text
creatorRequestId),
            Pair -> Maybe Pair
forall a. a -> Maybe a
Prelude.Just
              (Text
"FirewallRuleGroupId" Text -> Text -> Pair
forall kv v. (KeyValue kv, ToJSON v) => Text -> v -> kv
Core..= Text
firewallRuleGroupId),
            Pair -> Maybe Pair
forall a. a -> Maybe a
Prelude.Just
              ( Text
"FirewallDomainListId"
                  Text -> Text -> Pair
forall kv v. (KeyValue kv, ToJSON v) => Text -> v -> kv
Core..= Text
firewallDomainListId
              ),
            Pair -> Maybe Pair
forall a. a -> Maybe a
Prelude.Just (Text
"Priority" Text -> Int -> Pair
forall kv v. (KeyValue kv, ToJSON v) => Text -> v -> kv
Core..= Int
priority),
            Pair -> Maybe Pair
forall a. a -> Maybe a
Prelude.Just (Text
"Action" Text -> Action -> Pair
forall kv v. (KeyValue kv, ToJSON v) => Text -> v -> kv
Core..= Action
action),
            Pair -> Maybe Pair
forall a. a -> Maybe a
Prelude.Just (Text
"Name" Text -> Text -> Pair
forall kv v. (KeyValue kv, ToJSON v) => Text -> v -> kv
Core..= Text
name)
          ]
      )

instance Core.ToPath CreateFirewallRule where
  toPath :: CreateFirewallRule -> ByteString
toPath = ByteString -> CreateFirewallRule -> ByteString
forall a b. a -> b -> a
Prelude.const ByteString
"/"

instance Core.ToQuery CreateFirewallRule where
  toQuery :: CreateFirewallRule -> QueryString
toQuery = QueryString -> CreateFirewallRule -> QueryString
forall a b. a -> b -> a
Prelude.const QueryString
forall a. Monoid a => a
Prelude.mempty

-- | /See:/ 'newCreateFirewallRuleResponse' smart constructor.
data CreateFirewallRuleResponse = CreateFirewallRuleResponse'
  { -- | The firewall rule that you just created.
    CreateFirewallRuleResponse -> Maybe FirewallRule
firewallRule :: Prelude.Maybe FirewallRule,
    -- | The response's http status code.
    CreateFirewallRuleResponse -> Int
httpStatus :: Prelude.Int
  }
  deriving (CreateFirewallRuleResponse -> CreateFirewallRuleResponse -> Bool
(CreateFirewallRuleResponse -> CreateFirewallRuleResponse -> Bool)
-> (CreateFirewallRuleResponse
    -> CreateFirewallRuleResponse -> Bool)
-> Eq CreateFirewallRuleResponse
forall a. (a -> a -> Bool) -> (a -> a -> Bool) -> Eq a
/= :: CreateFirewallRuleResponse -> CreateFirewallRuleResponse -> Bool
$c/= :: CreateFirewallRuleResponse -> CreateFirewallRuleResponse -> Bool
== :: CreateFirewallRuleResponse -> CreateFirewallRuleResponse -> Bool
$c== :: CreateFirewallRuleResponse -> CreateFirewallRuleResponse -> Bool
Prelude.Eq, ReadPrec [CreateFirewallRuleResponse]
ReadPrec CreateFirewallRuleResponse
Int -> ReadS CreateFirewallRuleResponse
ReadS [CreateFirewallRuleResponse]
(Int -> ReadS CreateFirewallRuleResponse)
-> ReadS [CreateFirewallRuleResponse]
-> ReadPrec CreateFirewallRuleResponse
-> ReadPrec [CreateFirewallRuleResponse]
-> Read CreateFirewallRuleResponse
forall a.
(Int -> ReadS a)
-> ReadS [a] -> ReadPrec a -> ReadPrec [a] -> Read a
readListPrec :: ReadPrec [CreateFirewallRuleResponse]
$creadListPrec :: ReadPrec [CreateFirewallRuleResponse]
readPrec :: ReadPrec CreateFirewallRuleResponse
$creadPrec :: ReadPrec CreateFirewallRuleResponse
readList :: ReadS [CreateFirewallRuleResponse]
$creadList :: ReadS [CreateFirewallRuleResponse]
readsPrec :: Int -> ReadS CreateFirewallRuleResponse
$creadsPrec :: Int -> ReadS CreateFirewallRuleResponse
Prelude.Read, Int -> CreateFirewallRuleResponse -> ShowS
[CreateFirewallRuleResponse] -> ShowS
CreateFirewallRuleResponse -> String
(Int -> CreateFirewallRuleResponse -> ShowS)
-> (CreateFirewallRuleResponse -> String)
-> ([CreateFirewallRuleResponse] -> ShowS)
-> Show CreateFirewallRuleResponse
forall a.
(Int -> a -> ShowS) -> (a -> String) -> ([a] -> ShowS) -> Show a
showList :: [CreateFirewallRuleResponse] -> ShowS
$cshowList :: [CreateFirewallRuleResponse] -> ShowS
show :: CreateFirewallRuleResponse -> String
$cshow :: CreateFirewallRuleResponse -> String
showsPrec :: Int -> CreateFirewallRuleResponse -> ShowS
$cshowsPrec :: Int -> CreateFirewallRuleResponse -> ShowS
Prelude.Show, (forall x.
 CreateFirewallRuleResponse -> Rep CreateFirewallRuleResponse x)
-> (forall x.
    Rep CreateFirewallRuleResponse x -> CreateFirewallRuleResponse)
-> Generic CreateFirewallRuleResponse
forall x.
Rep CreateFirewallRuleResponse x -> CreateFirewallRuleResponse
forall x.
CreateFirewallRuleResponse -> Rep CreateFirewallRuleResponse x
forall a.
(forall x. a -> Rep a x) -> (forall x. Rep a x -> a) -> Generic a
$cto :: forall x.
Rep CreateFirewallRuleResponse x -> CreateFirewallRuleResponse
$cfrom :: forall x.
CreateFirewallRuleResponse -> Rep CreateFirewallRuleResponse x
Prelude.Generic)

-- |
-- Create a value of 'CreateFirewallRuleResponse' with all optional fields omitted.
--
-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
--
-- The following record fields are available, with the corresponding lenses provided
-- for backwards compatibility:
--
-- 'firewallRule', 'createFirewallRuleResponse_firewallRule' - The firewall rule that you just created.
--
-- 'httpStatus', 'createFirewallRuleResponse_httpStatus' - The response's http status code.
newCreateFirewallRuleResponse ::
  -- | 'httpStatus'
  Prelude.Int ->
  CreateFirewallRuleResponse
newCreateFirewallRuleResponse :: Int -> CreateFirewallRuleResponse
newCreateFirewallRuleResponse Int
pHttpStatus_ =
  CreateFirewallRuleResponse' :: Maybe FirewallRule -> Int -> CreateFirewallRuleResponse
CreateFirewallRuleResponse'
    { $sel:firewallRule:CreateFirewallRuleResponse' :: Maybe FirewallRule
firewallRule =
        Maybe FirewallRule
forall a. Maybe a
Prelude.Nothing,
      $sel:httpStatus:CreateFirewallRuleResponse' :: Int
httpStatus = Int
pHttpStatus_
    }

-- | The firewall rule that you just created.
createFirewallRuleResponse_firewallRule :: Lens.Lens' CreateFirewallRuleResponse (Prelude.Maybe FirewallRule)
createFirewallRuleResponse_firewallRule :: (Maybe FirewallRule -> f (Maybe FirewallRule))
-> CreateFirewallRuleResponse -> f CreateFirewallRuleResponse
createFirewallRuleResponse_firewallRule = (CreateFirewallRuleResponse -> Maybe FirewallRule)
-> (CreateFirewallRuleResponse
    -> Maybe FirewallRule -> CreateFirewallRuleResponse)
-> Lens
     CreateFirewallRuleResponse
     CreateFirewallRuleResponse
     (Maybe FirewallRule)
     (Maybe FirewallRule)
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\CreateFirewallRuleResponse' {Maybe FirewallRule
firewallRule :: Maybe FirewallRule
$sel:firewallRule:CreateFirewallRuleResponse' :: CreateFirewallRuleResponse -> Maybe FirewallRule
firewallRule} -> Maybe FirewallRule
firewallRule) (\s :: CreateFirewallRuleResponse
s@CreateFirewallRuleResponse' {} Maybe FirewallRule
a -> CreateFirewallRuleResponse
s {$sel:firewallRule:CreateFirewallRuleResponse' :: Maybe FirewallRule
firewallRule = Maybe FirewallRule
a} :: CreateFirewallRuleResponse)

-- | The response's http status code.
createFirewallRuleResponse_httpStatus :: Lens.Lens' CreateFirewallRuleResponse Prelude.Int
createFirewallRuleResponse_httpStatus :: (Int -> f Int)
-> CreateFirewallRuleResponse -> f CreateFirewallRuleResponse
createFirewallRuleResponse_httpStatus = (CreateFirewallRuleResponse -> Int)
-> (CreateFirewallRuleResponse
    -> Int -> CreateFirewallRuleResponse)
-> Lens
     CreateFirewallRuleResponse CreateFirewallRuleResponse Int Int
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\CreateFirewallRuleResponse' {Int
httpStatus :: Int
$sel:httpStatus:CreateFirewallRuleResponse' :: CreateFirewallRuleResponse -> Int
httpStatus} -> Int
httpStatus) (\s :: CreateFirewallRuleResponse
s@CreateFirewallRuleResponse' {} Int
a -> CreateFirewallRuleResponse
s {$sel:httpStatus:CreateFirewallRuleResponse' :: Int
httpStatus = Int
a} :: CreateFirewallRuleResponse)

instance Prelude.NFData CreateFirewallRuleResponse