Skip to content

Commit

Permalink
Regenerating amazonka-kms from latest service definition
Browse files Browse the repository at this point in the history
  • Loading branch information
brendanhay committed Mar 17, 2017
1 parent 05bc7a4 commit dd18275
Show file tree
Hide file tree
Showing 21 changed files with 641 additions and 45 deletions.
3 changes: 3 additions & 0 deletions amazonka-kms/amazonka-kms.cabal
Original file line number Diff line number Diff line change
Expand Up @@ -64,13 +64,16 @@ library
, Network.AWS.KMS.ListGrants
, Network.AWS.KMS.ListKeyPolicies
, Network.AWS.KMS.ListKeys
, Network.AWS.KMS.ListResourceTags
, Network.AWS.KMS.ListRetirableGrants
, Network.AWS.KMS.PutKeyPolicy
, Network.AWS.KMS.ReEncrypt
, Network.AWS.KMS.RetireGrant
, Network.AWS.KMS.RevokeGrant
, Network.AWS.KMS.ScheduleKeyDeletion
, Network.AWS.KMS.TagResource
, Network.AWS.KMS.Types
, Network.AWS.KMS.UntagResource
, Network.AWS.KMS.UpdateAlias
, Network.AWS.KMS.UpdateKeyDescription
, Network.AWS.KMS.Waiters
Expand Down
10 changes: 10 additions & 0 deletions amazonka-kms/fixture/ListResourceTags.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
---
method: POST
headers:
Authorization: AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/kms/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
Host: kms.us-east-1.amazonaws.com
Content-Type: application/x-www-form-urlencoded; charset=utf-8
X-Amz-Content-SHA256: abcdef
X-Amz-Date: 20091028T223200Z
body:
''
Empty file.
10 changes: 10 additions & 0 deletions amazonka-kms/fixture/TagResource.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
---
method: POST
headers:
Authorization: AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/kms/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
Host: kms.us-east-1.amazonaws.com
Content-Type: application/x-www-form-urlencoded; charset=utf-8
X-Amz-Content-SHA256: abcdef
X-Amz-Date: 20091028T223200Z
body:
''
Empty file.
10 changes: 10 additions & 0 deletions amazonka-kms/fixture/UntagResource.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
---
method: POST
headers:
Authorization: AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/kms/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
Host: kms.us-east-1.amazonaws.com
Content-Type: application/x-www-form-urlencoded; charset=utf-8
X-Amz-Content-SHA256: abcdef
X-Amz-Date: 20091028T223200Z
body:
''
Empty file.
21 changes: 21 additions & 0 deletions amazonka-kms/gen/Network/AWS/KMS.hs
Original file line number Diff line number Diff line change
Expand Up @@ -90,6 +90,9 @@ module Network.AWS.KMS
-- ** KMSInternalException
, _KMSInternalException

-- ** TagException
, _TagException

-- ** InvalidImportTokenException
, _InvalidImportTokenException

Expand Down Expand Up @@ -174,6 +177,9 @@ module Network.AWS.KMS
-- ** ListKeys (Paginated)
, module Network.AWS.KMS.ListKeys

-- ** ListResourceTags
, module Network.AWS.KMS.ListResourceTags

-- ** GetKeyRotationStatus
, module Network.AWS.KMS.GetKeyRotationStatus

Expand Down Expand Up @@ -201,9 +207,15 @@ module Network.AWS.KMS
-- ** ReEncrypt
, module Network.AWS.KMS.ReEncrypt

-- ** TagResource
, module Network.AWS.KMS.TagResource

-- ** ListKeyPolicies (Paginated)
, module Network.AWS.KMS.ListKeyPolicies

-- ** UntagResource
, module Network.AWS.KMS.UntagResource

-- ** ScheduleKeyDeletion
, module Network.AWS.KMS.ScheduleKeyDeletion

Expand Down Expand Up @@ -305,6 +317,12 @@ module Network.AWS.KMS
, lgTruncated
, lgGrants
, lgNextMarker

-- ** Tag
, Tag
, tag
, tagTagKey
, tagTagValue
) where

import Network.AWS.KMS.CancelKeyDeletion
Expand All @@ -331,13 +349,16 @@ import Network.AWS.KMS.ListAliases
import Network.AWS.KMS.ListGrants
import Network.AWS.KMS.ListKeyPolicies
import Network.AWS.KMS.ListKeys
import Network.AWS.KMS.ListResourceTags
import Network.AWS.KMS.ListRetirableGrants
import Network.AWS.KMS.PutKeyPolicy
import Network.AWS.KMS.ReEncrypt
import Network.AWS.KMS.RetireGrant
import Network.AWS.KMS.RevokeGrant
import Network.AWS.KMS.ScheduleKeyDeletion
import Network.AWS.KMS.TagResource
import Network.AWS.KMS.Types
import Network.AWS.KMS.UntagResource
import Network.AWS.KMS.UpdateAlias
import Network.AWS.KMS.UpdateKeyDescription
import Network.AWS.KMS.Waiters
Expand Down
20 changes: 15 additions & 5 deletions amazonka-kms/gen/Network/AWS/KMS/CreateKey.hs
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,7 @@ module Network.AWS.KMS.CreateKey
, ckBypassPolicyLockoutSafetyCheck
, ckPolicy
, ckDescription
, ckTags

-- * Destructuring the Response
, createKeyResponse
Expand All @@ -63,6 +64,7 @@ data CreateKey = CreateKey'
, _ckBypassPolicyLockoutSafetyCheck :: !(Maybe Bool)
, _ckPolicy :: !(Maybe Text)
, _ckDescription :: !(Maybe Text)
, _ckTags :: !(Maybe [Tag])
} deriving (Eq,Read,Show,Data,Typeable,Generic)

-- | Creates a value of 'CreateKey' with the minimum fields required to make a request.
Expand All @@ -73,11 +75,13 @@ data CreateKey = CreateKey'
--
-- * 'ckKeyUsage' - The intended use of the CMK. You can use CMKs only for symmetric encryption and decryption.
--
-- * 'ckBypassPolicyLockoutSafetyCheck' - A flag to indicate whether to bypass the key policy lockout safety check. /Important:/ Setting this value to true increases the likelihood that the CMK becomes unmanageable. Do not set this value to true indiscriminately. For more information, refer to the scenario in the <http://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam Default Key Policy> section in the /AWS Key Management Service Developer Guide/ . Use this parameter only when you include a policy in the request and you intend to prevent the principal making the request from making a subsequent 'PutKeyPolicy' request on the CMK. The default value is false.
-- * 'ckBypassPolicyLockoutSafetyCheck' - A flag to indicate whether to bypass the key policy lockout safety check. /Important:/ Setting this value to true increases the likelihood that the CMK becomes unmanageable. Do not set this value to true indiscriminately. For more information, refer to the scenario in the <http://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam Default Key Policy> section in the /AWS Key Management Service Developer Guide/ . Use this parameter only when you include a policy in the request and you intend to prevent the principal that is making the request from making a subsequent 'PutKeyPolicy' request on the CMK. The default value is false.
--
-- * 'ckPolicy' - The key policy to attach to the CMK. If you specify a policy and do not set @BypassPolicyLockoutSafetyCheck@ to true, the policy must meet the following criteria: * It must allow the principal making the @CreateKey@ request to make a subsequent 'PutKeyPolicy' request on the CMK. This reduces the likelihood that the CMK becomes unmanageable. For more information, refer to the scenario in the <http://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam Default Key Policy> section in the /AWS Key Management Service Developer Guide/ . * The principal(s) specified in the key policy must exist and be visible to AWS KMS. When you create a new AWS principal (for example, an IAM user or role), you might need to enforce a delay before specifying the new principal in a key policy because the new principal might not immediately be visible to AWS KMS. For more information, see <http://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency Changes that I make are not always immediately visible> in the /IAM User Guide/ . If you do not specify a policy, AWS KMS attaches a default key policy to the CMK. For more information, see <http://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default Default Key Policy> in the /AWS Key Management Service Developer Guide/ . The policy size limit is 32 KiB (32768 bytes).
-- * 'ckPolicy' - The key policy to attach to the CMK. If you specify a policy and do not set @BypassPolicyLockoutSafetyCheck@ to true, the policy must meet the following criteria: * It must allow the principal that is making the @CreateKey@ request to make a subsequent 'PutKeyPolicy' request on the CMK. This reduces the likelihood that the CMK becomes unmanageable. For more information, refer to the scenario in the <http://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam Default Key Policy> section in the /AWS Key Management Service Developer Guide/ . * The principals that are specified in the key policy must exist and be visible to AWS KMS. When you create a new AWS principal (for example, an IAM user or role), you might need to enforce a delay before specifying the new principal in a key policy because the new principal might not immediately be visible to AWS KMS. For more information, see <http://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency Changes that I make are not always immediately visible> in the /IAM User Guide/ . If you do not specify a policy, AWS KMS attaches a default key policy to the CMK. For more information, see <http://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default Default Key Policy> in the /AWS Key Management Service Developer Guide/ . The policy size limit is 32 KiB (32768 bytes).
--
-- * 'ckDescription' - A description of the CMK. Use a description that helps you decide whether the CMK is appropriate for a task.
--
-- * 'ckTags' - One or more tags. Each tag consists of a tag key and a tag value. Tag keys and tag values are both required, but tag values can be empty (null) strings. Use this parameter to tag the CMK when it is created. Alternately, you can omit this parameter and instead tag the CMK after it is created using 'TagResource' .
createKey
:: CreateKey
createKey =
Expand All @@ -87,6 +91,7 @@ createKey =
, _ckBypassPolicyLockoutSafetyCheck = Nothing
, _ckPolicy = Nothing
, _ckDescription = Nothing
, _ckTags = Nothing
}

-- | The source of the CMK's key material. The default is @AWS_KMS@ , which means AWS KMS creates the key material. When this parameter is set to @EXTERNAL@ , the request creates a CMK without key material so that you can import key material from your existing key management infrastructure. For more information about importing key material into AWS KMS, see <http://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html Importing Key Material> in the /AWS Key Management Service Developer Guide/ . The CMK's @Origin@ is immutable and is set when the CMK is created.
Expand All @@ -97,18 +102,22 @@ ckOrigin = lens _ckOrigin (\ s a -> s{_ckOrigin = a});
ckKeyUsage :: Lens' CreateKey (Maybe KeyUsageType)
ckKeyUsage = lens _ckKeyUsage (\ s a -> s{_ckKeyUsage = a});

-- | A flag to indicate whether to bypass the key policy lockout safety check. /Important:/ Setting this value to true increases the likelihood that the CMK becomes unmanageable. Do not set this value to true indiscriminately. For more information, refer to the scenario in the <http://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam Default Key Policy> section in the /AWS Key Management Service Developer Guide/ . Use this parameter only when you include a policy in the request and you intend to prevent the principal making the request from making a subsequent 'PutKeyPolicy' request on the CMK. The default value is false.
-- | A flag to indicate whether to bypass the key policy lockout safety check. /Important:/ Setting this value to true increases the likelihood that the CMK becomes unmanageable. Do not set this value to true indiscriminately. For more information, refer to the scenario in the <http://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam Default Key Policy> section in the /AWS Key Management Service Developer Guide/ . Use this parameter only when you include a policy in the request and you intend to prevent the principal that is making the request from making a subsequent 'PutKeyPolicy' request on the CMK. The default value is false.
ckBypassPolicyLockoutSafetyCheck :: Lens' CreateKey (Maybe Bool)
ckBypassPolicyLockoutSafetyCheck = lens _ckBypassPolicyLockoutSafetyCheck (\ s a -> s{_ckBypassPolicyLockoutSafetyCheck = a});

-- | The key policy to attach to the CMK. If you specify a policy and do not set @BypassPolicyLockoutSafetyCheck@ to true, the policy must meet the following criteria: * It must allow the principal making the @CreateKey@ request to make a subsequent 'PutKeyPolicy' request on the CMK. This reduces the likelihood that the CMK becomes unmanageable. For more information, refer to the scenario in the <http://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam Default Key Policy> section in the /AWS Key Management Service Developer Guide/ . * The principal(s) specified in the key policy must exist and be visible to AWS KMS. When you create a new AWS principal (for example, an IAM user or role), you might need to enforce a delay before specifying the new principal in a key policy because the new principal might not immediately be visible to AWS KMS. For more information, see <http://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency Changes that I make are not always immediately visible> in the /IAM User Guide/ . If you do not specify a policy, AWS KMS attaches a default key policy to the CMK. For more information, see <http://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default Default Key Policy> in the /AWS Key Management Service Developer Guide/ . The policy size limit is 32 KiB (32768 bytes).
-- | The key policy to attach to the CMK. If you specify a policy and do not set @BypassPolicyLockoutSafetyCheck@ to true, the policy must meet the following criteria: * It must allow the principal that is making the @CreateKey@ request to make a subsequent 'PutKeyPolicy' request on the CMK. This reduces the likelihood that the CMK becomes unmanageable. For more information, refer to the scenario in the <http://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam Default Key Policy> section in the /AWS Key Management Service Developer Guide/ . * The principals that are specified in the key policy must exist and be visible to AWS KMS. When you create a new AWS principal (for example, an IAM user or role), you might need to enforce a delay before specifying the new principal in a key policy because the new principal might not immediately be visible to AWS KMS. For more information, see <http://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency Changes that I make are not always immediately visible> in the /IAM User Guide/ . If you do not specify a policy, AWS KMS attaches a default key policy to the CMK. For more information, see <http://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default Default Key Policy> in the /AWS Key Management Service Developer Guide/ . The policy size limit is 32 KiB (32768 bytes).
ckPolicy :: Lens' CreateKey (Maybe Text)
ckPolicy = lens _ckPolicy (\ s a -> s{_ckPolicy = a});

-- | A description of the CMK. Use a description that helps you decide whether the CMK is appropriate for a task.
ckDescription :: Lens' CreateKey (Maybe Text)
ckDescription = lens _ckDescription (\ s a -> s{_ckDescription = a});

-- | One or more tags. Each tag consists of a tag key and a tag value. Tag keys and tag values are both required, but tag values can be empty (null) strings. Use this parameter to tag the CMK when it is created. Alternately, you can omit this parameter and instead tag the CMK after it is created using 'TagResource' .
ckTags :: Lens' CreateKey [Tag]
ckTags = lens _ckTags (\ s a -> s{_ckTags = a}) . _Default . _Coerce;

instance AWSRequest CreateKey where
type Rs CreateKey = CreateKeyResponse
request = postJSON kms
Expand Down Expand Up @@ -140,7 +149,8 @@ instance ToJSON CreateKey where
("BypassPolicyLockoutSafetyCheck" .=) <$>
_ckBypassPolicyLockoutSafetyCheck,
("Policy" .=) <$> _ckPolicy,
("Description" .=) <$> _ckDescription])
("Description" .=) <$> _ckDescription,
("Tags" .=) <$> _ckTags])

instance ToPath CreateKey where
toPath = const "/"
Expand Down
Loading

0 comments on commit dd18275

Please sign in to comment.