{-# LANGUAGE DeriveDataTypeable #-} {-# LANGUAGE DeriveGeneric #-} {-# LANGUAGE OverloadedStrings #-} {-# LANGUAGE RecordWildCards #-} {-# LANGUAGE TypeFamilies #-} {-# OPTIONS_GHC -fno-warn-unused-imports #-} {-# OPTIONS_GHC -fno-warn-unused-binds #-} {-# OPTIONS_GHC -fno-warn-unused-matches #-} -- Derived from AWS service descriptions, licensed under Apache 2.0. -- | -- Module : Network.AWS.EC2.RevokeSecurityGroupEgress -- Copyright : (c) 2013-2018 Brendan Hay -- License : Mozilla Public License, v. 2.0. -- Maintainer : Brendan Hay -- Stability : auto-generated -- Portability : non-portable (GHC extensions) -- -- [EC2-VPC only] Removes one or more egress rules from a security group for EC2-VPC. This action doesn't apply to security groups for use in EC2-Classic. To remove a rule, the values that you specify (for example, ports) must match the existing rule's values exactly. -- -- -- Each rule consists of the protocol and the IPv4 or IPv6 CIDR range or source security group. For the TCP and UDP protocols, you must also specify the destination port or range of ports. For the ICMP protocol, you must also specify the ICMP type and code. If the security group rule has a description, you do not have to specify the description to revoke the rule. -- -- Rule changes are propagated to instances within the security group as quickly as possible. However, a small delay might occur. -- module Network.AWS.EC2.RevokeSecurityGroupEgress ( -- * Creating a Request revokeSecurityGroupEgress , RevokeSecurityGroupEgress -- * Request Lenses , rsgeFromPort , rsgeIPPermissions , rsgeIPProtocol , rsgeToPort , rsgeCidrIP , rsgeSourceSecurityGroupOwnerId , rsgeSourceSecurityGroupName , rsgeDryRun , rsgeGroupId -- * Destructuring the Response , revokeSecurityGroupEgressResponse , RevokeSecurityGroupEgressResponse ) where import Network.AWS.EC2.Types import Network.AWS.EC2.Types.Product import Network.AWS.Lens import Network.AWS.Prelude import Network.AWS.Request import Network.AWS.Response -- | Contains the parameters for RevokeSecurityGroupEgress. -- -- -- -- /See:/ 'revokeSecurityGroupEgress' smart constructor. data RevokeSecurityGroupEgress = RevokeSecurityGroupEgress' { _rsgeFromPort :: !(Maybe Int) , _rsgeIPPermissions :: !(Maybe [IPPermission]) , _rsgeIPProtocol :: !(Maybe Text) , _rsgeToPort :: !(Maybe Int) , _rsgeCidrIP :: !(Maybe Text) , _rsgeSourceSecurityGroupOwnerId :: !(Maybe Text) , _rsgeSourceSecurityGroupName :: !(Maybe Text) , _rsgeDryRun :: !(Maybe Bool) , _rsgeGroupId :: !Text } deriving (Eq, Read, Show, Data, Typeable, Generic) -- | Creates a value of 'RevokeSecurityGroupEgress' with the minimum fields required to make a request. -- -- Use one of the following lenses to modify other fields as desired: -- -- * 'rsgeFromPort' - Not supported. Use a set of IP permissions to specify the port. -- -- * 'rsgeIPPermissions' - One or more sets of IP permissions. You can't specify a destination security group and a CIDR IP address range in the same set of permissions. -- -- * 'rsgeIPProtocol' - Not supported. Use a set of IP permissions to specify the protocol name or number. -- -- * 'rsgeToPort' - Not supported. Use a set of IP permissions to specify the port. -- -- * 'rsgeCidrIP' - Not supported. Use a set of IP permissions to specify the CIDR. -- -- * 'rsgeSourceSecurityGroupOwnerId' - Not supported. Use a set of IP permissions to specify a destination security group. -- -- * 'rsgeSourceSecurityGroupName' - Not supported. Use a set of IP permissions to specify a destination security group. -- -- * 'rsgeDryRun' - Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is @DryRunOperation@ . Otherwise, it is @UnauthorizedOperation@ . -- -- * 'rsgeGroupId' - The ID of the security group. revokeSecurityGroupEgress :: Text -- ^ 'rsgeGroupId' -> RevokeSecurityGroupEgress revokeSecurityGroupEgress pGroupId_ = RevokeSecurityGroupEgress' { _rsgeFromPort = Nothing , _rsgeIPPermissions = Nothing , _rsgeIPProtocol = Nothing , _rsgeToPort = Nothing , _rsgeCidrIP = Nothing , _rsgeSourceSecurityGroupOwnerId = Nothing , _rsgeSourceSecurityGroupName = Nothing , _rsgeDryRun = Nothing , _rsgeGroupId = pGroupId_ } -- | Not supported. Use a set of IP permissions to specify the port. rsgeFromPort :: Lens' RevokeSecurityGroupEgress (Maybe Int) rsgeFromPort = lens _rsgeFromPort (\ s a -> s{_rsgeFromPort = a}) -- | One or more sets of IP permissions. You can't specify a destination security group and a CIDR IP address range in the same set of permissions. rsgeIPPermissions :: Lens' RevokeSecurityGroupEgress [IPPermission] rsgeIPPermissions = lens _rsgeIPPermissions (\ s a -> s{_rsgeIPPermissions = a}) . _Default . _Coerce -- | Not supported. Use a set of IP permissions to specify the protocol name or number. rsgeIPProtocol :: Lens' RevokeSecurityGroupEgress (Maybe Text) rsgeIPProtocol = lens _rsgeIPProtocol (\ s a -> s{_rsgeIPProtocol = a}) -- | Not supported. Use a set of IP permissions to specify the port. rsgeToPort :: Lens' RevokeSecurityGroupEgress (Maybe Int) rsgeToPort = lens _rsgeToPort (\ s a -> s{_rsgeToPort = a}) -- | Not supported. Use a set of IP permissions to specify the CIDR. rsgeCidrIP :: Lens' RevokeSecurityGroupEgress (Maybe Text) rsgeCidrIP = lens _rsgeCidrIP (\ s a -> s{_rsgeCidrIP = a}) -- | Not supported. Use a set of IP permissions to specify a destination security group. rsgeSourceSecurityGroupOwnerId :: Lens' RevokeSecurityGroupEgress (Maybe Text) rsgeSourceSecurityGroupOwnerId = lens _rsgeSourceSecurityGroupOwnerId (\ s a -> s{_rsgeSourceSecurityGroupOwnerId = a}) -- | Not supported. Use a set of IP permissions to specify a destination security group. rsgeSourceSecurityGroupName :: Lens' RevokeSecurityGroupEgress (Maybe Text) rsgeSourceSecurityGroupName = lens _rsgeSourceSecurityGroupName (\ s a -> s{_rsgeSourceSecurityGroupName = a}) -- | Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is @DryRunOperation@ . Otherwise, it is @UnauthorizedOperation@ . rsgeDryRun :: Lens' RevokeSecurityGroupEgress (Maybe Bool) rsgeDryRun = lens _rsgeDryRun (\ s a -> s{_rsgeDryRun = a}) -- | The ID of the security group. rsgeGroupId :: Lens' RevokeSecurityGroupEgress Text rsgeGroupId = lens _rsgeGroupId (\ s a -> s{_rsgeGroupId = a}) instance AWSRequest RevokeSecurityGroupEgress where type Rs RevokeSecurityGroupEgress = RevokeSecurityGroupEgressResponse request = postQuery ec2 response = receiveNull RevokeSecurityGroupEgressResponse' instance Hashable RevokeSecurityGroupEgress where instance NFData RevokeSecurityGroupEgress where instance ToHeaders RevokeSecurityGroupEgress where toHeaders = const mempty instance ToPath RevokeSecurityGroupEgress where toPath = const "/" instance ToQuery RevokeSecurityGroupEgress where toQuery RevokeSecurityGroupEgress'{..} = mconcat ["Action" =: ("RevokeSecurityGroupEgress" :: ByteString), "Version" =: ("2016-11-15" :: ByteString), "FromPort" =: _rsgeFromPort, toQuery (toQueryList "IpPermissions" <$> _rsgeIPPermissions), "IpProtocol" =: _rsgeIPProtocol, "ToPort" =: _rsgeToPort, "CidrIp" =: _rsgeCidrIP, "SourceSecurityGroupOwnerId" =: _rsgeSourceSecurityGroupOwnerId, "SourceSecurityGroupName" =: _rsgeSourceSecurityGroupName, "DryRun" =: _rsgeDryRun, "GroupId" =: _rsgeGroupId] -- | /See:/ 'revokeSecurityGroupEgressResponse' smart constructor. data RevokeSecurityGroupEgressResponse = RevokeSecurityGroupEgressResponse' deriving (Eq, Read, Show, Data, Typeable, Generic) -- | Creates a value of 'RevokeSecurityGroupEgressResponse' with the minimum fields required to make a request. -- revokeSecurityGroupEgressResponse :: RevokeSecurityGroupEgressResponse revokeSecurityGroupEgressResponse = RevokeSecurityGroupEgressResponse' instance NFData RevokeSecurityGroupEgressResponse where