{-# LANGUAGE DeriveDataTypeable #-} {-# LANGUAGE DeriveGeneric #-} {-# LANGUAGE OverloadedStrings #-} {-# LANGUAGE RecordWildCards #-} {-# LANGUAGE TypeFamilies #-} {-# OPTIONS_GHC -fno-warn-unused-imports #-} {-# OPTIONS_GHC -fno-warn-unused-binds #-} {-# OPTIONS_GHC -fno-warn-unused-matches #-} -- Derived from AWS service descriptions, licensed under Apache 2.0. -- | -- Module : Network.AWS.EC2.CreateFlowLogs -- Copyright : (c) 2013-2018 Brendan Hay -- License : Mozilla Public License, v. 2.0. -- Maintainer : Brendan Hay -- Stability : auto-generated -- Portability : non-portable (GHC extensions) -- -- Creates one or more flow logs to capture IP traffic for a specific network interface, subnet, or VPC. Flow logs are delivered to a specified log group in Amazon CloudWatch Logs. If you specify a VPC or subnet in the request, a log stream is created in CloudWatch Logs for each network interface in the subnet or VPC. Log streams can include information about accepted and rejected traffic to a network interface. You can view the data in your log streams using Amazon CloudWatch Logs. -- -- -- In your request, you must also specify an IAM role that has permission to publish logs to CloudWatch Logs. -- -- For more information, see in the /Amazon Virtual Private Cloud User Guide/ . -- module Network.AWS.EC2.CreateFlowLogs ( -- * Creating a Request createFlowLogs , CreateFlowLogs -- * Request Lenses , cflClientToken , cflDeliverLogsPermissionARN , cflLogGroupName , cflResourceIds , cflResourceType , cflTrafficType -- * Destructuring the Response , createFlowLogsResponse , CreateFlowLogsResponse -- * Response Lenses , cflrsUnsuccessful , cflrsClientToken , cflrsFlowLogIds , cflrsResponseStatus ) where import Network.AWS.EC2.Types import Network.AWS.EC2.Types.Product import Network.AWS.Lens import Network.AWS.Prelude import Network.AWS.Request import Network.AWS.Response -- | Contains the parameters for CreateFlowLogs. -- -- -- -- /See:/ 'createFlowLogs' smart constructor. data CreateFlowLogs = CreateFlowLogs' { _cflClientToken :: !(Maybe Text) , _cflDeliverLogsPermissionARN :: !Text , _cflLogGroupName :: !Text , _cflResourceIds :: ![Text] , _cflResourceType :: !FlowLogsResourceType , _cflTrafficType :: !TrafficType } deriving (Eq, Read, Show, Data, Typeable, Generic) -- | Creates a value of 'CreateFlowLogs' with the minimum fields required to make a request. -- -- Use one of the following lenses to modify other fields as desired: -- -- * 'cflClientToken' - Unique, case-sensitive identifier you provide to ensure the idempotency of the request. For more information, see . -- -- * 'cflDeliverLogsPermissionARN' - The ARN for the IAM role that's used to post flow logs to a CloudWatch Logs log group. -- -- * 'cflLogGroupName' - The name of the CloudWatch log group. -- -- * 'cflResourceIds' - One or more subnet, network interface, or VPC IDs. Constraints: Maximum of 1000 resources -- -- * 'cflResourceType' - The type of resource on which to create the flow log. -- -- * 'cflTrafficType' - The type of traffic to log. createFlowLogs :: Text -- ^ 'cflDeliverLogsPermissionARN' -> Text -- ^ 'cflLogGroupName' -> FlowLogsResourceType -- ^ 'cflResourceType' -> TrafficType -- ^ 'cflTrafficType' -> CreateFlowLogs createFlowLogs pDeliverLogsPermissionARN_ pLogGroupName_ pResourceType_ pTrafficType_ = CreateFlowLogs' { _cflClientToken = Nothing , _cflDeliverLogsPermissionARN = pDeliverLogsPermissionARN_ , _cflLogGroupName = pLogGroupName_ , _cflResourceIds = mempty , _cflResourceType = pResourceType_ , _cflTrafficType = pTrafficType_ } -- | Unique, case-sensitive identifier you provide to ensure the idempotency of the request. For more information, see . cflClientToken :: Lens' CreateFlowLogs (Maybe Text) cflClientToken = lens _cflClientToken (\ s a -> s{_cflClientToken = a}) -- | The ARN for the IAM role that's used to post flow logs to a CloudWatch Logs log group. cflDeliverLogsPermissionARN :: Lens' CreateFlowLogs Text cflDeliverLogsPermissionARN = lens _cflDeliverLogsPermissionARN (\ s a -> s{_cflDeliverLogsPermissionARN = a}) -- | The name of the CloudWatch log group. cflLogGroupName :: Lens' CreateFlowLogs Text cflLogGroupName = lens _cflLogGroupName (\ s a -> s{_cflLogGroupName = a}) -- | One or more subnet, network interface, or VPC IDs. Constraints: Maximum of 1000 resources cflResourceIds :: Lens' CreateFlowLogs [Text] cflResourceIds = lens _cflResourceIds (\ s a -> s{_cflResourceIds = a}) . _Coerce -- | The type of resource on which to create the flow log. cflResourceType :: Lens' CreateFlowLogs FlowLogsResourceType cflResourceType = lens _cflResourceType (\ s a -> s{_cflResourceType = a}) -- | The type of traffic to log. cflTrafficType :: Lens' CreateFlowLogs TrafficType cflTrafficType = lens _cflTrafficType (\ s a -> s{_cflTrafficType = a}) instance AWSRequest CreateFlowLogs where type Rs CreateFlowLogs = CreateFlowLogsResponse request = postQuery ec2 response = receiveXML (\ s h x -> CreateFlowLogsResponse' <$> (x .@? "unsuccessful" .!@ mempty >>= may (parseXMLList "item")) <*> (x .@? "clientToken") <*> (x .@? "flowLogIdSet" .!@ mempty >>= may (parseXMLList "item")) <*> (pure (fromEnum s))) instance Hashable CreateFlowLogs where instance NFData CreateFlowLogs where instance ToHeaders CreateFlowLogs where toHeaders = const mempty instance ToPath CreateFlowLogs where toPath = const "/" instance ToQuery CreateFlowLogs where toQuery CreateFlowLogs'{..} = mconcat ["Action" =: ("CreateFlowLogs" :: ByteString), "Version" =: ("2016-11-15" :: ByteString), "ClientToken" =: _cflClientToken, "DeliverLogsPermissionArn" =: _cflDeliverLogsPermissionARN, "LogGroupName" =: _cflLogGroupName, toQueryList "ResourceId" _cflResourceIds, "ResourceType" =: _cflResourceType, "TrafficType" =: _cflTrafficType] -- | Contains the output of CreateFlowLogs. -- -- -- -- /See:/ 'createFlowLogsResponse' smart constructor. data CreateFlowLogsResponse = CreateFlowLogsResponse' { _cflrsUnsuccessful :: !(Maybe [UnsuccessfulItem]) , _cflrsClientToken :: !(Maybe Text) , _cflrsFlowLogIds :: !(Maybe [Text]) , _cflrsResponseStatus :: !Int } deriving (Eq, Read, Show, Data, Typeable, Generic) -- | Creates a value of 'CreateFlowLogsResponse' with the minimum fields required to make a request. -- -- Use one of the following lenses to modify other fields as desired: -- -- * 'cflrsUnsuccessful' - Information about the flow logs that could not be created successfully. -- -- * 'cflrsClientToken' - Unique, case-sensitive identifier you provide to ensure the idempotency of the request. -- -- * 'cflrsFlowLogIds' - The IDs of the flow logs. -- -- * 'cflrsResponseStatus' - -- | The response status code. createFlowLogsResponse :: Int -- ^ 'cflrsResponseStatus' -> CreateFlowLogsResponse createFlowLogsResponse pResponseStatus_ = CreateFlowLogsResponse' { _cflrsUnsuccessful = Nothing , _cflrsClientToken = Nothing , _cflrsFlowLogIds = Nothing , _cflrsResponseStatus = pResponseStatus_ } -- | Information about the flow logs that could not be created successfully. cflrsUnsuccessful :: Lens' CreateFlowLogsResponse [UnsuccessfulItem] cflrsUnsuccessful = lens _cflrsUnsuccessful (\ s a -> s{_cflrsUnsuccessful = a}) . _Default . _Coerce -- | Unique, case-sensitive identifier you provide to ensure the idempotency of the request. cflrsClientToken :: Lens' CreateFlowLogsResponse (Maybe Text) cflrsClientToken = lens _cflrsClientToken (\ s a -> s{_cflrsClientToken = a}) -- | The IDs of the flow logs. cflrsFlowLogIds :: Lens' CreateFlowLogsResponse [Text] cflrsFlowLogIds = lens _cflrsFlowLogIds (\ s a -> s{_cflrsFlowLogIds = a}) . _Default . _Coerce -- | -- | The response status code. cflrsResponseStatus :: Lens' CreateFlowLogsResponse Int cflrsResponseStatus = lens _cflrsResponseStatus (\ s a -> s{_cflrsResponseStatus = a}) instance NFData CreateFlowLogsResponse where