{-# LANGUAGE DeriveGeneric #-}
{-# LANGUAGE DuplicateRecordFields #-}
{-# LANGUAGE NamedFieldPuns #-}
{-# LANGUAGE OverloadedStrings #-}
{-# LANGUAGE RecordWildCards #-}
{-# LANGUAGE StrictData #-}
{-# LANGUAGE NoImplicitPrelude #-}
{-# OPTIONS_GHC -fno-warn-unused-imports #-}
{-# OPTIONS_GHC -fno-warn-unused-matches #-}

-- Derived from AWS service descriptions, licensed under Apache 2.0.

-- |
-- Module      : Amazonka.EC2.Types.NetworkAclEntry
-- Copyright   : (c) 2013-2023 Brendan Hay
-- License     : Mozilla Public License, v. 2.0.
-- Maintainer  : Brendan Hay
-- Stability   : auto-generated
-- Portability : non-portable (GHC extensions)
module Amazonka.EC2.Types.NetworkAclEntry where

import qualified Amazonka.Core as Core
import qualified Amazonka.Core.Lens.Internal as Lens
import qualified Amazonka.Data as Data
import Amazonka.EC2.Internal
import Amazonka.EC2.Types.IcmpTypeCode
import Amazonka.EC2.Types.PortRange
import Amazonka.EC2.Types.RuleAction
import qualified Amazonka.Prelude as Prelude

-- | Describes an entry in a network ACL.
--
-- /See:/ 'newNetworkAclEntry' smart constructor.
data NetworkAclEntry = NetworkAclEntry'
  { -- | The IPv4 network range to allow or deny, in CIDR notation.
    NetworkAclEntry -> Maybe Text
cidrBlock :: Prelude.Maybe Prelude.Text,
    -- | Indicates whether the rule is an egress rule (applied to traffic leaving
    -- the subnet).
    NetworkAclEntry -> Maybe Bool
egress :: Prelude.Maybe Prelude.Bool,
    -- | ICMP protocol: The ICMP type and code.
    NetworkAclEntry -> Maybe IcmpTypeCode
icmpTypeCode :: Prelude.Maybe IcmpTypeCode,
    -- | The IPv6 network range to allow or deny, in CIDR notation.
    NetworkAclEntry -> Maybe Text
ipv6CidrBlock :: Prelude.Maybe Prelude.Text,
    -- | TCP or UDP protocols: The range of ports the rule applies to.
    NetworkAclEntry -> Maybe PortRange
portRange :: Prelude.Maybe PortRange,
    -- | The protocol number. A value of \"-1\" means all protocols.
    NetworkAclEntry -> Maybe Text
protocol :: Prelude.Maybe Prelude.Text,
    -- | Indicates whether to allow or deny the traffic that matches the rule.
    NetworkAclEntry -> Maybe RuleAction
ruleAction :: Prelude.Maybe RuleAction,
    -- | The rule number for the entry. ACL entries are processed in ascending
    -- order by rule number.
    NetworkAclEntry -> Maybe Int
ruleNumber :: Prelude.Maybe Prelude.Int
  }
  deriving (NetworkAclEntry -> NetworkAclEntry -> Bool
forall a. (a -> a -> Bool) -> (a -> a -> Bool) -> Eq a
/= :: NetworkAclEntry -> NetworkAclEntry -> Bool
$c/= :: NetworkAclEntry -> NetworkAclEntry -> Bool
== :: NetworkAclEntry -> NetworkAclEntry -> Bool
$c== :: NetworkAclEntry -> NetworkAclEntry -> Bool
Prelude.Eq, ReadPrec [NetworkAclEntry]
ReadPrec NetworkAclEntry
Int -> ReadS NetworkAclEntry
ReadS [NetworkAclEntry]
forall a.
(Int -> ReadS a)
-> ReadS [a] -> ReadPrec a -> ReadPrec [a] -> Read a
readListPrec :: ReadPrec [NetworkAclEntry]
$creadListPrec :: ReadPrec [NetworkAclEntry]
readPrec :: ReadPrec NetworkAclEntry
$creadPrec :: ReadPrec NetworkAclEntry
readList :: ReadS [NetworkAclEntry]
$creadList :: ReadS [NetworkAclEntry]
readsPrec :: Int -> ReadS NetworkAclEntry
$creadsPrec :: Int -> ReadS NetworkAclEntry
Prelude.Read, Int -> NetworkAclEntry -> ShowS
[NetworkAclEntry] -> ShowS
NetworkAclEntry -> String
forall a.
(Int -> a -> ShowS) -> (a -> String) -> ([a] -> ShowS) -> Show a
showList :: [NetworkAclEntry] -> ShowS
$cshowList :: [NetworkAclEntry] -> ShowS
show :: NetworkAclEntry -> String
$cshow :: NetworkAclEntry -> String
showsPrec :: Int -> NetworkAclEntry -> ShowS
$cshowsPrec :: Int -> NetworkAclEntry -> ShowS
Prelude.Show, forall x. Rep NetworkAclEntry x -> NetworkAclEntry
forall x. NetworkAclEntry -> Rep NetworkAclEntry x
forall a.
(forall x. a -> Rep a x) -> (forall x. Rep a x -> a) -> Generic a
$cto :: forall x. Rep NetworkAclEntry x -> NetworkAclEntry
$cfrom :: forall x. NetworkAclEntry -> Rep NetworkAclEntry x
Prelude.Generic)

-- |
-- Create a value of 'NetworkAclEntry' with all optional fields omitted.
--
-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
--
-- The following record fields are available, with the corresponding lenses provided
-- for backwards compatibility:
--
-- 'cidrBlock', 'networkAclEntry_cidrBlock' - The IPv4 network range to allow or deny, in CIDR notation.
--
-- 'egress', 'networkAclEntry_egress' - Indicates whether the rule is an egress rule (applied to traffic leaving
-- the subnet).
--
-- 'icmpTypeCode', 'networkAclEntry_icmpTypeCode' - ICMP protocol: The ICMP type and code.
--
-- 'ipv6CidrBlock', 'networkAclEntry_ipv6CidrBlock' - The IPv6 network range to allow or deny, in CIDR notation.
--
-- 'portRange', 'networkAclEntry_portRange' - TCP or UDP protocols: The range of ports the rule applies to.
--
-- 'protocol', 'networkAclEntry_protocol' - The protocol number. A value of \"-1\" means all protocols.
--
-- 'ruleAction', 'networkAclEntry_ruleAction' - Indicates whether to allow or deny the traffic that matches the rule.
--
-- 'ruleNumber', 'networkAclEntry_ruleNumber' - The rule number for the entry. ACL entries are processed in ascending
-- order by rule number.
newNetworkAclEntry ::
  NetworkAclEntry
newNetworkAclEntry :: NetworkAclEntry
newNetworkAclEntry =
  NetworkAclEntry'
    { $sel:cidrBlock:NetworkAclEntry' :: Maybe Text
cidrBlock = forall a. Maybe a
Prelude.Nothing,
      $sel:egress:NetworkAclEntry' :: Maybe Bool
egress = forall a. Maybe a
Prelude.Nothing,
      $sel:icmpTypeCode:NetworkAclEntry' :: Maybe IcmpTypeCode
icmpTypeCode = forall a. Maybe a
Prelude.Nothing,
      $sel:ipv6CidrBlock:NetworkAclEntry' :: Maybe Text
ipv6CidrBlock = forall a. Maybe a
Prelude.Nothing,
      $sel:portRange:NetworkAclEntry' :: Maybe PortRange
portRange = forall a. Maybe a
Prelude.Nothing,
      $sel:protocol:NetworkAclEntry' :: Maybe Text
protocol = forall a. Maybe a
Prelude.Nothing,
      $sel:ruleAction:NetworkAclEntry' :: Maybe RuleAction
ruleAction = forall a. Maybe a
Prelude.Nothing,
      $sel:ruleNumber:NetworkAclEntry' :: Maybe Int
ruleNumber = forall a. Maybe a
Prelude.Nothing
    }

-- | The IPv4 network range to allow or deny, in CIDR notation.
networkAclEntry_cidrBlock :: Lens.Lens' NetworkAclEntry (Prelude.Maybe Prelude.Text)
networkAclEntry_cidrBlock :: Lens' NetworkAclEntry (Maybe Text)
networkAclEntry_cidrBlock = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\NetworkAclEntry' {Maybe Text
cidrBlock :: Maybe Text
$sel:cidrBlock:NetworkAclEntry' :: NetworkAclEntry -> Maybe Text
cidrBlock} -> Maybe Text
cidrBlock) (\s :: NetworkAclEntry
s@NetworkAclEntry' {} Maybe Text
a -> NetworkAclEntry
s {$sel:cidrBlock:NetworkAclEntry' :: Maybe Text
cidrBlock = Maybe Text
a} :: NetworkAclEntry)

-- | Indicates whether the rule is an egress rule (applied to traffic leaving
-- the subnet).
networkAclEntry_egress :: Lens.Lens' NetworkAclEntry (Prelude.Maybe Prelude.Bool)
networkAclEntry_egress :: Lens' NetworkAclEntry (Maybe Bool)
networkAclEntry_egress = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\NetworkAclEntry' {Maybe Bool
egress :: Maybe Bool
$sel:egress:NetworkAclEntry' :: NetworkAclEntry -> Maybe Bool
egress} -> Maybe Bool
egress) (\s :: NetworkAclEntry
s@NetworkAclEntry' {} Maybe Bool
a -> NetworkAclEntry
s {$sel:egress:NetworkAclEntry' :: Maybe Bool
egress = Maybe Bool
a} :: NetworkAclEntry)

-- | ICMP protocol: The ICMP type and code.
networkAclEntry_icmpTypeCode :: Lens.Lens' NetworkAclEntry (Prelude.Maybe IcmpTypeCode)
networkAclEntry_icmpTypeCode :: Lens' NetworkAclEntry (Maybe IcmpTypeCode)
networkAclEntry_icmpTypeCode = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\NetworkAclEntry' {Maybe IcmpTypeCode
icmpTypeCode :: Maybe IcmpTypeCode
$sel:icmpTypeCode:NetworkAclEntry' :: NetworkAclEntry -> Maybe IcmpTypeCode
icmpTypeCode} -> Maybe IcmpTypeCode
icmpTypeCode) (\s :: NetworkAclEntry
s@NetworkAclEntry' {} Maybe IcmpTypeCode
a -> NetworkAclEntry
s {$sel:icmpTypeCode:NetworkAclEntry' :: Maybe IcmpTypeCode
icmpTypeCode = Maybe IcmpTypeCode
a} :: NetworkAclEntry)

-- | The IPv6 network range to allow or deny, in CIDR notation.
networkAclEntry_ipv6CidrBlock :: Lens.Lens' NetworkAclEntry (Prelude.Maybe Prelude.Text)
networkAclEntry_ipv6CidrBlock :: Lens' NetworkAclEntry (Maybe Text)
networkAclEntry_ipv6CidrBlock = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\NetworkAclEntry' {Maybe Text
ipv6CidrBlock :: Maybe Text
$sel:ipv6CidrBlock:NetworkAclEntry' :: NetworkAclEntry -> Maybe Text
ipv6CidrBlock} -> Maybe Text
ipv6CidrBlock) (\s :: NetworkAclEntry
s@NetworkAclEntry' {} Maybe Text
a -> NetworkAclEntry
s {$sel:ipv6CidrBlock:NetworkAclEntry' :: Maybe Text
ipv6CidrBlock = Maybe Text
a} :: NetworkAclEntry)

-- | TCP or UDP protocols: The range of ports the rule applies to.
networkAclEntry_portRange :: Lens.Lens' NetworkAclEntry (Prelude.Maybe PortRange)
networkAclEntry_portRange :: Lens' NetworkAclEntry (Maybe PortRange)
networkAclEntry_portRange = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\NetworkAclEntry' {Maybe PortRange
portRange :: Maybe PortRange
$sel:portRange:NetworkAclEntry' :: NetworkAclEntry -> Maybe PortRange
portRange} -> Maybe PortRange
portRange) (\s :: NetworkAclEntry
s@NetworkAclEntry' {} Maybe PortRange
a -> NetworkAclEntry
s {$sel:portRange:NetworkAclEntry' :: Maybe PortRange
portRange = Maybe PortRange
a} :: NetworkAclEntry)

-- | The protocol number. A value of \"-1\" means all protocols.
networkAclEntry_protocol :: Lens.Lens' NetworkAclEntry (Prelude.Maybe Prelude.Text)
networkAclEntry_protocol :: Lens' NetworkAclEntry (Maybe Text)
networkAclEntry_protocol = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\NetworkAclEntry' {Maybe Text
protocol :: Maybe Text
$sel:protocol:NetworkAclEntry' :: NetworkAclEntry -> Maybe Text
protocol} -> Maybe Text
protocol) (\s :: NetworkAclEntry
s@NetworkAclEntry' {} Maybe Text
a -> NetworkAclEntry
s {$sel:protocol:NetworkAclEntry' :: Maybe Text
protocol = Maybe Text
a} :: NetworkAclEntry)

-- | Indicates whether to allow or deny the traffic that matches the rule.
networkAclEntry_ruleAction :: Lens.Lens' NetworkAclEntry (Prelude.Maybe RuleAction)
networkAclEntry_ruleAction :: Lens' NetworkAclEntry (Maybe RuleAction)
networkAclEntry_ruleAction = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\NetworkAclEntry' {Maybe RuleAction
ruleAction :: Maybe RuleAction
$sel:ruleAction:NetworkAclEntry' :: NetworkAclEntry -> Maybe RuleAction
ruleAction} -> Maybe RuleAction
ruleAction) (\s :: NetworkAclEntry
s@NetworkAclEntry' {} Maybe RuleAction
a -> NetworkAclEntry
s {$sel:ruleAction:NetworkAclEntry' :: Maybe RuleAction
ruleAction = Maybe RuleAction
a} :: NetworkAclEntry)

-- | The rule number for the entry. ACL entries are processed in ascending
-- order by rule number.
networkAclEntry_ruleNumber :: Lens.Lens' NetworkAclEntry (Prelude.Maybe Prelude.Int)
networkAclEntry_ruleNumber :: Lens' NetworkAclEntry (Maybe Int)
networkAclEntry_ruleNumber = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\NetworkAclEntry' {Maybe Int
ruleNumber :: Maybe Int
$sel:ruleNumber:NetworkAclEntry' :: NetworkAclEntry -> Maybe Int
ruleNumber} -> Maybe Int
ruleNumber) (\s :: NetworkAclEntry
s@NetworkAclEntry' {} Maybe Int
a -> NetworkAclEntry
s {$sel:ruleNumber:NetworkAclEntry' :: Maybe Int
ruleNumber = Maybe Int
a} :: NetworkAclEntry)

instance Data.FromXML NetworkAclEntry where
  parseXML :: [Node] -> Either String NetworkAclEntry
parseXML [Node]
x =
    Maybe Text
-> Maybe Bool
-> Maybe IcmpTypeCode
-> Maybe Text
-> Maybe PortRange
-> Maybe Text
-> Maybe RuleAction
-> Maybe Int
-> NetworkAclEntry
NetworkAclEntry'
      forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
Prelude.<$> ([Node]
x forall a. FromXML a => [Node] -> Text -> Either String (Maybe a)
Data..@? Text
"cidrBlock")
      forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> ([Node]
x forall a. FromXML a => [Node] -> Text -> Either String (Maybe a)
Data..@? Text
"egress")
      forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> ([Node]
x forall a. FromXML a => [Node] -> Text -> Either String (Maybe a)
Data..@? Text
"icmpTypeCode")
      forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> ([Node]
x forall a. FromXML a => [Node] -> Text -> Either String (Maybe a)
Data..@? Text
"ipv6CidrBlock")
      forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> ([Node]
x forall a. FromXML a => [Node] -> Text -> Either String (Maybe a)
Data..@? Text
"portRange")
      forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> ([Node]
x forall a. FromXML a => [Node] -> Text -> Either String (Maybe a)
Data..@? Text
"protocol")
      forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> ([Node]
x forall a. FromXML a => [Node] -> Text -> Either String (Maybe a)
Data..@? Text
"ruleAction")
      forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> ([Node]
x forall a. FromXML a => [Node] -> Text -> Either String (Maybe a)
Data..@? Text
"ruleNumber")

instance Prelude.Hashable NetworkAclEntry where
  hashWithSalt :: Int -> NetworkAclEntry -> Int
hashWithSalt Int
_salt NetworkAclEntry' {Maybe Bool
Maybe Int
Maybe Text
Maybe IcmpTypeCode
Maybe PortRange
Maybe RuleAction
ruleNumber :: Maybe Int
ruleAction :: Maybe RuleAction
protocol :: Maybe Text
portRange :: Maybe PortRange
ipv6CidrBlock :: Maybe Text
icmpTypeCode :: Maybe IcmpTypeCode
egress :: Maybe Bool
cidrBlock :: Maybe Text
$sel:ruleNumber:NetworkAclEntry' :: NetworkAclEntry -> Maybe Int
$sel:ruleAction:NetworkAclEntry' :: NetworkAclEntry -> Maybe RuleAction
$sel:protocol:NetworkAclEntry' :: NetworkAclEntry -> Maybe Text
$sel:portRange:NetworkAclEntry' :: NetworkAclEntry -> Maybe PortRange
$sel:ipv6CidrBlock:NetworkAclEntry' :: NetworkAclEntry -> Maybe Text
$sel:icmpTypeCode:NetworkAclEntry' :: NetworkAclEntry -> Maybe IcmpTypeCode
$sel:egress:NetworkAclEntry' :: NetworkAclEntry -> Maybe Bool
$sel:cidrBlock:NetworkAclEntry' :: NetworkAclEntry -> Maybe Text
..} =
    Int
_salt
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` Maybe Text
cidrBlock
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` Maybe Bool
egress
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` Maybe IcmpTypeCode
icmpTypeCode
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` Maybe Text
ipv6CidrBlock
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` Maybe PortRange
portRange
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` Maybe Text
protocol
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` Maybe RuleAction
ruleAction
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` Maybe Int
ruleNumber

instance Prelude.NFData NetworkAclEntry where
  rnf :: NetworkAclEntry -> ()
rnf NetworkAclEntry' {Maybe Bool
Maybe Int
Maybe Text
Maybe IcmpTypeCode
Maybe PortRange
Maybe RuleAction
ruleNumber :: Maybe Int
ruleAction :: Maybe RuleAction
protocol :: Maybe Text
portRange :: Maybe PortRange
ipv6CidrBlock :: Maybe Text
icmpTypeCode :: Maybe IcmpTypeCode
egress :: Maybe Bool
cidrBlock :: Maybe Text
$sel:ruleNumber:NetworkAclEntry' :: NetworkAclEntry -> Maybe Int
$sel:ruleAction:NetworkAclEntry' :: NetworkAclEntry -> Maybe RuleAction
$sel:protocol:NetworkAclEntry' :: NetworkAclEntry -> Maybe Text
$sel:portRange:NetworkAclEntry' :: NetworkAclEntry -> Maybe PortRange
$sel:ipv6CidrBlock:NetworkAclEntry' :: NetworkAclEntry -> Maybe Text
$sel:icmpTypeCode:NetworkAclEntry' :: NetworkAclEntry -> Maybe IcmpTypeCode
$sel:egress:NetworkAclEntry' :: NetworkAclEntry -> Maybe Bool
$sel:cidrBlock:NetworkAclEntry' :: NetworkAclEntry -> Maybe Text
..} =
    forall a. NFData a => a -> ()
Prelude.rnf Maybe Text
cidrBlock
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf Maybe Bool
egress
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf Maybe IcmpTypeCode
icmpTypeCode
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf Maybe Text
ipv6CidrBlock
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf Maybe PortRange
portRange
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf Maybe Text
protocol
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf Maybe RuleAction
ruleAction
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf Maybe Int
ruleNumber