{-# LANGUAGE DeriveDataTypeable #-}
{-# LANGUAGE DeriveGeneric      #-}
{-# LANGUAGE OverloadedStrings  #-}
{-# LANGUAGE RecordWildCards    #-}
{-# LANGUAGE TypeFamilies       #-}

{-# OPTIONS_GHC -fno-warn-unused-imports #-}
{-# OPTIONS_GHC -fno-warn-unused-binds   #-}
{-# OPTIONS_GHC -fno-warn-unused-matches #-}

-- Derived from AWS service descriptions, licensed under Apache 2.0.

-- |
-- Module      : Network.AWS.Redshift.CreateHSMClientCertificate
-- Copyright   : (c) 2013-2016 Brendan Hay
-- License     : Mozilla Public License, v. 2.0.
-- Maintainer  : Brendan Hay <brendan.g.hay@gmail.com>
-- Stability   : auto-generated
-- Portability : non-portable (GHC extensions)
--
-- Creates an HSM client certificate that an Amazon Redshift cluster will
-- use to connect to the client\'s HSM in order to store and retrieve the
-- keys used to encrypt the cluster databases.
--
-- The command returns a public key, which you must store in the HSM. In
-- addition to creating the HSM certificate, you must create an Amazon
-- Redshift HSM configuration that provides a cluster the information
-- needed to store and use encryption keys in the HSM. For more
-- information, go to
-- <http://docs.aws.amazon.com/redshift/latest/mgmt/working-with-HSM.html Hardware Security Modules>
-- in the Amazon Redshift Cluster Management Guide.
module Network.AWS.Redshift.CreateHSMClientCertificate
    (
    -- * Creating a Request
      createHSMClientCertificate
    , CreateHSMClientCertificate
    -- * Request Lenses
    , chccTags
    , chccHSMClientCertificateIdentifier

    -- * Destructuring the Response
    , createHSMClientCertificateResponse
    , CreateHSMClientCertificateResponse
    -- * Response Lenses
    , chccrsHSMClientCertificate
    , chccrsResponseStatus
    ) where

import           Network.AWS.Lens
import           Network.AWS.Prelude
import           Network.AWS.Redshift.Types
import           Network.AWS.Redshift.Types.Product
import           Network.AWS.Request
import           Network.AWS.Response

-- |
--
-- /See:/ 'createHSMClientCertificate' smart constructor.
data CreateHSMClientCertificate = CreateHSMClientCertificate'
    { _chccTags                           :: !(Maybe [Tag])
    , _chccHSMClientCertificateIdentifier :: !Text
    } deriving (Eq,Read,Show,Data,Typeable,Generic)

-- | Creates a value of 'CreateHSMClientCertificate' with the minimum fields required to make a request.
--
-- Use one of the following lenses to modify other fields as desired:
--
-- * 'chccTags'
--
-- * 'chccHSMClientCertificateIdentifier'
createHSMClientCertificate
    :: Text -- ^ 'chccHSMClientCertificateIdentifier'
    -> CreateHSMClientCertificate
createHSMClientCertificate pHSMClientCertificateIdentifier_ =
    CreateHSMClientCertificate'
    { _chccTags = Nothing
    , _chccHSMClientCertificateIdentifier = pHSMClientCertificateIdentifier_
    }

-- | A list of tag instances.
chccTags :: Lens' CreateHSMClientCertificate [Tag]
chccTags = lens _chccTags (\ s a -> s{_chccTags = a}) . _Default . _Coerce;

-- | The identifier to be assigned to the new HSM client certificate that the
-- cluster will use to connect to the HSM to use the database encryption
-- keys.
chccHSMClientCertificateIdentifier :: Lens' CreateHSMClientCertificate Text
chccHSMClientCertificateIdentifier = lens _chccHSMClientCertificateIdentifier (\ s a -> s{_chccHSMClientCertificateIdentifier = a});

instance AWSRequest CreateHSMClientCertificate where
        type Rs CreateHSMClientCertificate =
             CreateHSMClientCertificateResponse
        request = postQuery redshift
        response
          = receiveXMLWrapper
              "CreateHsmClientCertificateResult"
              (\ s h x ->
                 CreateHSMClientCertificateResponse' <$>
                   (x .@? "HsmClientCertificate") <*>
                     (pure (fromEnum s)))

instance Hashable CreateHSMClientCertificate

instance NFData CreateHSMClientCertificate

instance ToHeaders CreateHSMClientCertificate where
        toHeaders = const mempty

instance ToPath CreateHSMClientCertificate where
        toPath = const "/"

instance ToQuery CreateHSMClientCertificate where
        toQuery CreateHSMClientCertificate'{..}
          = mconcat
              ["Action" =:
                 ("CreateHsmClientCertificate" :: ByteString),
               "Version" =: ("2012-12-01" :: ByteString),
               "Tags" =: toQuery (toQueryList "Tag" <$> _chccTags),
               "HsmClientCertificateIdentifier" =:
                 _chccHSMClientCertificateIdentifier]

-- | /See:/ 'createHSMClientCertificateResponse' smart constructor.
data CreateHSMClientCertificateResponse = CreateHSMClientCertificateResponse'
    { _chccrsHSMClientCertificate :: !(Maybe HSMClientCertificate)
    , _chccrsResponseStatus       :: !Int
    } deriving (Eq,Read,Show,Data,Typeable,Generic)

-- | Creates a value of 'CreateHSMClientCertificateResponse' with the minimum fields required to make a request.
--
-- Use one of the following lenses to modify other fields as desired:
--
-- * 'chccrsHSMClientCertificate'
--
-- * 'chccrsResponseStatus'
createHSMClientCertificateResponse
    :: Int -- ^ 'chccrsResponseStatus'
    -> CreateHSMClientCertificateResponse
createHSMClientCertificateResponse pResponseStatus_ =
    CreateHSMClientCertificateResponse'
    { _chccrsHSMClientCertificate = Nothing
    , _chccrsResponseStatus = pResponseStatus_
    }

-- | Undocumented member.
chccrsHSMClientCertificate :: Lens' CreateHSMClientCertificateResponse (Maybe HSMClientCertificate)
chccrsHSMClientCertificate = lens _chccrsHSMClientCertificate (\ s a -> s{_chccrsHSMClientCertificate = a});

-- | The response status code.
chccrsResponseStatus :: Lens' CreateHSMClientCertificateResponse Int
chccrsResponseStatus = lens _chccrsResponseStatus (\ s a -> s{_chccrsResponseStatus = a});

instance NFData CreateHSMClientCertificateResponse