{-# LANGUAGE DeriveGeneric #-}
{-# LANGUAGE DuplicateRecordFields #-}
{-# LANGUAGE NamedFieldPuns #-}
{-# LANGUAGE OverloadedStrings #-}
{-# LANGUAGE RecordWildCards #-}
{-# LANGUAGE StrictData #-}
{-# LANGUAGE NoImplicitPrelude #-}
{-# OPTIONS_GHC -fno-warn-unused-imports #-}
{-# OPTIONS_GHC -fno-warn-unused-matches #-}

-- Derived from AWS service descriptions, licensed under Apache 2.0.

-- |
-- Module      : Amazonka.S3.Types.ServerSideEncryptionRule
-- Copyright   : (c) 2013-2021 Brendan Hay
-- License     : Mozilla Public License, v. 2.0.
-- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
-- Stability   : auto-generated
-- Portability : non-portable (GHC extensions)
module Amazonka.S3.Types.ServerSideEncryptionRule where

import qualified Amazonka.Core as Core
import qualified Amazonka.Lens as Lens
import qualified Amazonka.Prelude as Prelude
import Amazonka.S3.Internal
import Amazonka.S3.Types.ServerSideEncryptionByDefault

-- | Specifies the default server-side encryption configuration.
--
-- /See:/ 'newServerSideEncryptionRule' smart constructor.
data ServerSideEncryptionRule = ServerSideEncryptionRule'
  { -- | Specifies the default server-side encryption to apply to new objects in
    -- the bucket. If a PUT Object request doesn\'t specify any server-side
    -- encryption, this default encryption will be applied.
    ServerSideEncryptionRule -> Maybe ServerSideEncryptionByDefault
applyServerSideEncryptionByDefault :: Prelude.Maybe ServerSideEncryptionByDefault,
    -- | Specifies whether Amazon S3 should use an S3 Bucket Key with server-side
    -- encryption using KMS (SSE-KMS) for new objects in the bucket. Existing
    -- objects are not affected. Setting the @BucketKeyEnabled@ element to
    -- @true@ causes Amazon S3 to use an S3 Bucket Key. By default, S3 Bucket
    -- Key is not enabled.
    --
    -- For more information, see
    -- <https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html Amazon S3 Bucket Keys>
    -- in the /Amazon S3 User Guide/.
    ServerSideEncryptionRule -> Maybe Bool
bucketKeyEnabled :: Prelude.Maybe Prelude.Bool
  }
  deriving (ServerSideEncryptionRule -> ServerSideEncryptionRule -> Bool
(ServerSideEncryptionRule -> ServerSideEncryptionRule -> Bool)
-> (ServerSideEncryptionRule -> ServerSideEncryptionRule -> Bool)
-> Eq ServerSideEncryptionRule
forall a. (a -> a -> Bool) -> (a -> a -> Bool) -> Eq a
/= :: ServerSideEncryptionRule -> ServerSideEncryptionRule -> Bool
$c/= :: ServerSideEncryptionRule -> ServerSideEncryptionRule -> Bool
== :: ServerSideEncryptionRule -> ServerSideEncryptionRule -> Bool
$c== :: ServerSideEncryptionRule -> ServerSideEncryptionRule -> Bool
Prelude.Eq, Int -> ServerSideEncryptionRule -> ShowS
[ServerSideEncryptionRule] -> ShowS
ServerSideEncryptionRule -> String
(Int -> ServerSideEncryptionRule -> ShowS)
-> (ServerSideEncryptionRule -> String)
-> ([ServerSideEncryptionRule] -> ShowS)
-> Show ServerSideEncryptionRule
forall a.
(Int -> a -> ShowS) -> (a -> String) -> ([a] -> ShowS) -> Show a
showList :: [ServerSideEncryptionRule] -> ShowS
$cshowList :: [ServerSideEncryptionRule] -> ShowS
show :: ServerSideEncryptionRule -> String
$cshow :: ServerSideEncryptionRule -> String
showsPrec :: Int -> ServerSideEncryptionRule -> ShowS
$cshowsPrec :: Int -> ServerSideEncryptionRule -> ShowS
Prelude.Show, (forall x.
 ServerSideEncryptionRule -> Rep ServerSideEncryptionRule x)
-> (forall x.
    Rep ServerSideEncryptionRule x -> ServerSideEncryptionRule)
-> Generic ServerSideEncryptionRule
forall x.
Rep ServerSideEncryptionRule x -> ServerSideEncryptionRule
forall x.
ServerSideEncryptionRule -> Rep ServerSideEncryptionRule x
forall a.
(forall x. a -> Rep a x) -> (forall x. Rep a x -> a) -> Generic a
$cto :: forall x.
Rep ServerSideEncryptionRule x -> ServerSideEncryptionRule
$cfrom :: forall x.
ServerSideEncryptionRule -> Rep ServerSideEncryptionRule x
Prelude.Generic)

-- |
-- Create a value of 'ServerSideEncryptionRule' with all optional fields omitted.
--
-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
--
-- The following record fields are available, with the corresponding lenses provided
-- for backwards compatibility:
--
-- 'applyServerSideEncryptionByDefault', 'serverSideEncryptionRule_applyServerSideEncryptionByDefault' - Specifies the default server-side encryption to apply to new objects in
-- the bucket. If a PUT Object request doesn\'t specify any server-side
-- encryption, this default encryption will be applied.
--
-- 'bucketKeyEnabled', 'serverSideEncryptionRule_bucketKeyEnabled' - Specifies whether Amazon S3 should use an S3 Bucket Key with server-side
-- encryption using KMS (SSE-KMS) for new objects in the bucket. Existing
-- objects are not affected. Setting the @BucketKeyEnabled@ element to
-- @true@ causes Amazon S3 to use an S3 Bucket Key. By default, S3 Bucket
-- Key is not enabled.
--
-- For more information, see
-- <https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html Amazon S3 Bucket Keys>
-- in the /Amazon S3 User Guide/.
newServerSideEncryptionRule ::
  ServerSideEncryptionRule
newServerSideEncryptionRule :: ServerSideEncryptionRule
newServerSideEncryptionRule =
  ServerSideEncryptionRule' :: Maybe ServerSideEncryptionByDefault
-> Maybe Bool -> ServerSideEncryptionRule
ServerSideEncryptionRule'
    { $sel:applyServerSideEncryptionByDefault:ServerSideEncryptionRule' :: Maybe ServerSideEncryptionByDefault
applyServerSideEncryptionByDefault =
        Maybe ServerSideEncryptionByDefault
forall a. Maybe a
Prelude.Nothing,
      $sel:bucketKeyEnabled:ServerSideEncryptionRule' :: Maybe Bool
bucketKeyEnabled = Maybe Bool
forall a. Maybe a
Prelude.Nothing
    }

-- | Specifies the default server-side encryption to apply to new objects in
-- the bucket. If a PUT Object request doesn\'t specify any server-side
-- encryption, this default encryption will be applied.
serverSideEncryptionRule_applyServerSideEncryptionByDefault :: Lens.Lens' ServerSideEncryptionRule (Prelude.Maybe ServerSideEncryptionByDefault)
serverSideEncryptionRule_applyServerSideEncryptionByDefault :: (Maybe ServerSideEncryptionByDefault
 -> f (Maybe ServerSideEncryptionByDefault))
-> ServerSideEncryptionRule -> f ServerSideEncryptionRule
serverSideEncryptionRule_applyServerSideEncryptionByDefault = (ServerSideEncryptionRule -> Maybe ServerSideEncryptionByDefault)
-> (ServerSideEncryptionRule
    -> Maybe ServerSideEncryptionByDefault -> ServerSideEncryptionRule)
-> Lens
     ServerSideEncryptionRule
     ServerSideEncryptionRule
     (Maybe ServerSideEncryptionByDefault)
     (Maybe ServerSideEncryptionByDefault)
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\ServerSideEncryptionRule' {Maybe ServerSideEncryptionByDefault
applyServerSideEncryptionByDefault :: Maybe ServerSideEncryptionByDefault
$sel:applyServerSideEncryptionByDefault:ServerSideEncryptionRule' :: ServerSideEncryptionRule -> Maybe ServerSideEncryptionByDefault
applyServerSideEncryptionByDefault} -> Maybe ServerSideEncryptionByDefault
applyServerSideEncryptionByDefault) (\s :: ServerSideEncryptionRule
s@ServerSideEncryptionRule' {} Maybe ServerSideEncryptionByDefault
a -> ServerSideEncryptionRule
s {$sel:applyServerSideEncryptionByDefault:ServerSideEncryptionRule' :: Maybe ServerSideEncryptionByDefault
applyServerSideEncryptionByDefault = Maybe ServerSideEncryptionByDefault
a} :: ServerSideEncryptionRule)

-- | Specifies whether Amazon S3 should use an S3 Bucket Key with server-side
-- encryption using KMS (SSE-KMS) for new objects in the bucket. Existing
-- objects are not affected. Setting the @BucketKeyEnabled@ element to
-- @true@ causes Amazon S3 to use an S3 Bucket Key. By default, S3 Bucket
-- Key is not enabled.
--
-- For more information, see
-- <https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html Amazon S3 Bucket Keys>
-- in the /Amazon S3 User Guide/.
serverSideEncryptionRule_bucketKeyEnabled :: Lens.Lens' ServerSideEncryptionRule (Prelude.Maybe Prelude.Bool)
serverSideEncryptionRule_bucketKeyEnabled :: (Maybe Bool -> f (Maybe Bool))
-> ServerSideEncryptionRule -> f ServerSideEncryptionRule
serverSideEncryptionRule_bucketKeyEnabled = (ServerSideEncryptionRule -> Maybe Bool)
-> (ServerSideEncryptionRule
    -> Maybe Bool -> ServerSideEncryptionRule)
-> Lens
     ServerSideEncryptionRule
     ServerSideEncryptionRule
     (Maybe Bool)
     (Maybe Bool)
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\ServerSideEncryptionRule' {Maybe Bool
bucketKeyEnabled :: Maybe Bool
$sel:bucketKeyEnabled:ServerSideEncryptionRule' :: ServerSideEncryptionRule -> Maybe Bool
bucketKeyEnabled} -> Maybe Bool
bucketKeyEnabled) (\s :: ServerSideEncryptionRule
s@ServerSideEncryptionRule' {} Maybe Bool
a -> ServerSideEncryptionRule
s {$sel:bucketKeyEnabled:ServerSideEncryptionRule' :: Maybe Bool
bucketKeyEnabled = Maybe Bool
a} :: ServerSideEncryptionRule)

instance Core.FromXML ServerSideEncryptionRule where
  parseXML :: [Node] -> Either String ServerSideEncryptionRule
parseXML [Node]
x =
    Maybe ServerSideEncryptionByDefault
-> Maybe Bool -> ServerSideEncryptionRule
ServerSideEncryptionRule'
      (Maybe ServerSideEncryptionByDefault
 -> Maybe Bool -> ServerSideEncryptionRule)
-> Either String (Maybe ServerSideEncryptionByDefault)
-> Either String (Maybe Bool -> ServerSideEncryptionRule)
forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
Prelude.<$> ([Node]
x [Node]
-> Text -> Either String (Maybe ServerSideEncryptionByDefault)
forall a. FromXML a => [Node] -> Text -> Either String (Maybe a)
Core..@? Text
"ApplyServerSideEncryptionByDefault")
      Either String (Maybe Bool -> ServerSideEncryptionRule)
-> Either String (Maybe Bool)
-> Either String ServerSideEncryptionRule
forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> ([Node]
x [Node] -> Text -> Either String (Maybe Bool)
forall a. FromXML a => [Node] -> Text -> Either String (Maybe a)
Core..@? Text
"BucketKeyEnabled")

instance Prelude.Hashable ServerSideEncryptionRule

instance Prelude.NFData ServerSideEncryptionRule

instance Core.ToXML ServerSideEncryptionRule where
  toXML :: ServerSideEncryptionRule -> XML
toXML ServerSideEncryptionRule' {Maybe Bool
Maybe ServerSideEncryptionByDefault
bucketKeyEnabled :: Maybe Bool
applyServerSideEncryptionByDefault :: Maybe ServerSideEncryptionByDefault
$sel:bucketKeyEnabled:ServerSideEncryptionRule' :: ServerSideEncryptionRule -> Maybe Bool
$sel:applyServerSideEncryptionByDefault:ServerSideEncryptionRule' :: ServerSideEncryptionRule -> Maybe ServerSideEncryptionByDefault
..} =
    [XML] -> XML
forall a. Monoid a => [a] -> a
Prelude.mconcat
      [ Name
"ApplyServerSideEncryptionByDefault"
          Name -> Maybe ServerSideEncryptionByDefault -> XML
forall a. ToXML a => Name -> a -> XML
Core.@= Maybe ServerSideEncryptionByDefault
applyServerSideEncryptionByDefault,
        Name
"BucketKeyEnabled" Name -> Maybe Bool -> XML
forall a. ToXML a => Name -> a -> XML
Core.@= Maybe Bool
bucketKeyEnabled
      ]