{-# LANGUAGE DeriveGeneric #-}
{-# LANGUAGE DuplicateRecordFields #-}
{-# LANGUAGE NamedFieldPuns #-}
{-# LANGUAGE OverloadedStrings #-}
{-# LANGUAGE RecordWildCards #-}
{-# LANGUAGE StrictData #-}
{-# LANGUAGE NoImplicitPrelude #-}
{-# OPTIONS_GHC -fno-warn-unused-imports #-}
{-# OPTIONS_GHC -fno-warn-unused-matches #-}

-- Derived from AWS service descriptions, licensed under Apache 2.0.

-- |
-- Module      : Amazonka.RDS.Types.MasterUserSecret
-- Copyright   : (c) 2013-2023 Brendan Hay
-- License     : Mozilla Public License, v. 2.0.
-- Maintainer  : Brendan Hay
-- Stability   : auto-generated
-- Portability : non-portable (GHC extensions)
module Amazonka.RDS.Types.MasterUserSecret where

import qualified Amazonka.Core as Core
import qualified Amazonka.Core.Lens.Internal as Lens
import qualified Amazonka.Data as Data
import qualified Amazonka.Prelude as Prelude

-- | Contains the secret managed by RDS in Amazon Web Services Secrets
-- Manager for the master user password.
--
-- For more information, see
-- <https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html Password management with Amazon Web Services Secrets Manager>
-- in the /Amazon RDS User Guide/ and
-- <https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/rds-secrets-manager.html Password management with Amazon Web Services Secrets Manager>
-- in the /Amazon Aurora User Guide./
--
-- /See:/ 'newMasterUserSecret' smart constructor.
data MasterUserSecret = MasterUserSecret'
  { -- | The Amazon Web Services KMS key identifier that is used to encrypt the
    -- secret.
    MasterUserSecret -> Maybe Text
kmsKeyId :: Prelude.Maybe Prelude.Text,
    -- | The Amazon Resource Name (ARN) of the secret.
    MasterUserSecret -> Maybe Text
secretArn :: Prelude.Maybe Prelude.Text,
    -- | The status of the secret.
    --
    -- The possible status values include the following:
    --
    -- -   @creating@ - The secret is being created.
    --
    -- -   @active@ - The secret is available for normal use and rotation.
    --
    -- -   @rotating@ - The secret is being rotated.
    --
    -- -   @impaired@ - The secret can be used to access database credentials,
    --     but it can\'t be rotated. A secret might have this status if, for
    --     example, permissions are changed so that RDS can no longer access
    --     either the secret or the KMS key for the secret.
    --
    --     When a secret has this status, you can correct the condition that
    --     caused the status. Alternatively, modify the DB instance to turn off
    --     automatic management of database credentials, and then modify the DB
    --     instance again to turn on automatic management of database
    --     credentials.
    MasterUserSecret -> Maybe Text
secretStatus :: Prelude.Maybe Prelude.Text
  }
  deriving (MasterUserSecret -> MasterUserSecret -> Bool
forall a. (a -> a -> Bool) -> (a -> a -> Bool) -> Eq a
/= :: MasterUserSecret -> MasterUserSecret -> Bool
$c/= :: MasterUserSecret -> MasterUserSecret -> Bool
== :: MasterUserSecret -> MasterUserSecret -> Bool
$c== :: MasterUserSecret -> MasterUserSecret -> Bool
Prelude.Eq, ReadPrec [MasterUserSecret]
ReadPrec MasterUserSecret
Int -> ReadS MasterUserSecret
ReadS [MasterUserSecret]
forall a.
(Int -> ReadS a)
-> ReadS [a] -> ReadPrec a -> ReadPrec [a] -> Read a
readListPrec :: ReadPrec [MasterUserSecret]
$creadListPrec :: ReadPrec [MasterUserSecret]
readPrec :: ReadPrec MasterUserSecret
$creadPrec :: ReadPrec MasterUserSecret
readList :: ReadS [MasterUserSecret]
$creadList :: ReadS [MasterUserSecret]
readsPrec :: Int -> ReadS MasterUserSecret
$creadsPrec :: Int -> ReadS MasterUserSecret
Prelude.Read, Int -> MasterUserSecret -> ShowS
[MasterUserSecret] -> ShowS
MasterUserSecret -> String
forall a.
(Int -> a -> ShowS) -> (a -> String) -> ([a] -> ShowS) -> Show a
showList :: [MasterUserSecret] -> ShowS
$cshowList :: [MasterUserSecret] -> ShowS
show :: MasterUserSecret -> String
$cshow :: MasterUserSecret -> String
showsPrec :: Int -> MasterUserSecret -> ShowS
$cshowsPrec :: Int -> MasterUserSecret -> ShowS
Prelude.Show, forall x. Rep MasterUserSecret x -> MasterUserSecret
forall x. MasterUserSecret -> Rep MasterUserSecret x
forall a.
(forall x. a -> Rep a x) -> (forall x. Rep a x -> a) -> Generic a
$cto :: forall x. Rep MasterUserSecret x -> MasterUserSecret
$cfrom :: forall x. MasterUserSecret -> Rep MasterUserSecret x
Prelude.Generic)

-- |
-- Create a value of 'MasterUserSecret' with all optional fields omitted.
--
-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
--
-- The following record fields are available, with the corresponding lenses provided
-- for backwards compatibility:
--
-- 'kmsKeyId', 'masterUserSecret_kmsKeyId' - The Amazon Web Services KMS key identifier that is used to encrypt the
-- secret.
--
-- 'secretArn', 'masterUserSecret_secretArn' - The Amazon Resource Name (ARN) of the secret.
--
-- 'secretStatus', 'masterUserSecret_secretStatus' - The status of the secret.
--
-- The possible status values include the following:
--
-- -   @creating@ - The secret is being created.
--
-- -   @active@ - The secret is available for normal use and rotation.
--
-- -   @rotating@ - The secret is being rotated.
--
-- -   @impaired@ - The secret can be used to access database credentials,
--     but it can\'t be rotated. A secret might have this status if, for
--     example, permissions are changed so that RDS can no longer access
--     either the secret or the KMS key for the secret.
--
--     When a secret has this status, you can correct the condition that
--     caused the status. Alternatively, modify the DB instance to turn off
--     automatic management of database credentials, and then modify the DB
--     instance again to turn on automatic management of database
--     credentials.
newMasterUserSecret ::
  MasterUserSecret
newMasterUserSecret :: MasterUserSecret
newMasterUserSecret =
  MasterUserSecret'
    { $sel:kmsKeyId:MasterUserSecret' :: Maybe Text
kmsKeyId = forall a. Maybe a
Prelude.Nothing,
      $sel:secretArn:MasterUserSecret' :: Maybe Text
secretArn = forall a. Maybe a
Prelude.Nothing,
      $sel:secretStatus:MasterUserSecret' :: Maybe Text
secretStatus = forall a. Maybe a
Prelude.Nothing
    }

-- | The Amazon Web Services KMS key identifier that is used to encrypt the
-- secret.
masterUserSecret_kmsKeyId :: Lens.Lens' MasterUserSecret (Prelude.Maybe Prelude.Text)
masterUserSecret_kmsKeyId :: Lens' MasterUserSecret (Maybe Text)
masterUserSecret_kmsKeyId = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\MasterUserSecret' {Maybe Text
kmsKeyId :: Maybe Text
$sel:kmsKeyId:MasterUserSecret' :: MasterUserSecret -> Maybe Text
kmsKeyId} -> Maybe Text
kmsKeyId) (\s :: MasterUserSecret
s@MasterUserSecret' {} Maybe Text
a -> MasterUserSecret
s {$sel:kmsKeyId:MasterUserSecret' :: Maybe Text
kmsKeyId = Maybe Text
a} :: MasterUserSecret)

-- | The Amazon Resource Name (ARN) of the secret.
masterUserSecret_secretArn :: Lens.Lens' MasterUserSecret (Prelude.Maybe Prelude.Text)
masterUserSecret_secretArn :: Lens' MasterUserSecret (Maybe Text)
masterUserSecret_secretArn = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\MasterUserSecret' {Maybe Text
secretArn :: Maybe Text
$sel:secretArn:MasterUserSecret' :: MasterUserSecret -> Maybe Text
secretArn} -> Maybe Text
secretArn) (\s :: MasterUserSecret
s@MasterUserSecret' {} Maybe Text
a -> MasterUserSecret
s {$sel:secretArn:MasterUserSecret' :: Maybe Text
secretArn = Maybe Text
a} :: MasterUserSecret)

-- | The status of the secret.
--
-- The possible status values include the following:
--
-- -   @creating@ - The secret is being created.
--
-- -   @active@ - The secret is available for normal use and rotation.
--
-- -   @rotating@ - The secret is being rotated.
--
-- -   @impaired@ - The secret can be used to access database credentials,
--     but it can\'t be rotated. A secret might have this status if, for
--     example, permissions are changed so that RDS can no longer access
--     either the secret or the KMS key for the secret.
--
--     When a secret has this status, you can correct the condition that
--     caused the status. Alternatively, modify the DB instance to turn off
--     automatic management of database credentials, and then modify the DB
--     instance again to turn on automatic management of database
--     credentials.
masterUserSecret_secretStatus :: Lens.Lens' MasterUserSecret (Prelude.Maybe Prelude.Text)
masterUserSecret_secretStatus :: Lens' MasterUserSecret (Maybe Text)
masterUserSecret_secretStatus = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\MasterUserSecret' {Maybe Text
secretStatus :: Maybe Text
$sel:secretStatus:MasterUserSecret' :: MasterUserSecret -> Maybe Text
secretStatus} -> Maybe Text
secretStatus) (\s :: MasterUserSecret
s@MasterUserSecret' {} Maybe Text
a -> MasterUserSecret
s {$sel:secretStatus:MasterUserSecret' :: Maybe Text
secretStatus = Maybe Text
a} :: MasterUserSecret)

instance Data.FromXML MasterUserSecret where
  parseXML :: [Node] -> Either String MasterUserSecret
parseXML [Node]
x =
    Maybe Text -> Maybe Text -> Maybe Text -> MasterUserSecret
MasterUserSecret'
      forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
Prelude.<$> ([Node]
x forall a. FromXML a => [Node] -> Text -> Either String (Maybe a)
Data..@? Text
"KmsKeyId")
      forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> ([Node]
x forall a. FromXML a => [Node] -> Text -> Either String (Maybe a)
Data..@? Text
"SecretArn")
      forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> ([Node]
x forall a. FromXML a => [Node] -> Text -> Either String (Maybe a)
Data..@? Text
"SecretStatus")

instance Prelude.Hashable MasterUserSecret where
  hashWithSalt :: Int -> MasterUserSecret -> Int
hashWithSalt Int
_salt MasterUserSecret' {Maybe Text
secretStatus :: Maybe Text
secretArn :: Maybe Text
kmsKeyId :: Maybe Text
$sel:secretStatus:MasterUserSecret' :: MasterUserSecret -> Maybe Text
$sel:secretArn:MasterUserSecret' :: MasterUserSecret -> Maybe Text
$sel:kmsKeyId:MasterUserSecret' :: MasterUserSecret -> Maybe Text
..} =
    Int
_salt
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` Maybe Text
kmsKeyId
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` Maybe Text
secretArn
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` Maybe Text
secretStatus

instance Prelude.NFData MasterUserSecret where
  rnf :: MasterUserSecret -> ()
rnf MasterUserSecret' {Maybe Text
secretStatus :: Maybe Text
secretArn :: Maybe Text
kmsKeyId :: Maybe Text
$sel:secretStatus:MasterUserSecret' :: MasterUserSecret -> Maybe Text
$sel:secretArn:MasterUserSecret' :: MasterUserSecret -> Maybe Text
$sel:kmsKeyId:MasterUserSecret' :: MasterUserSecret -> Maybe Text
..} =
    forall a. NFData a => a -> ()
Prelude.rnf Maybe Text
kmsKeyId
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf Maybe Text
secretArn
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf Maybe Text
secretStatus