{-# LANGUAGE DeriveDataTypeable #-} {-# LANGUAGE DeriveGeneric #-} {-# LANGUAGE OverloadedStrings #-} {-# LANGUAGE RecordWildCards #-} {-# LANGUAGE TypeFamilies #-} {-# OPTIONS_GHC -fno-warn-unused-imports #-} {-# OPTIONS_GHC -fno-warn-unused-binds #-} {-# OPTIONS_GHC -fno-warn-unused-matches #-} -- Derived from AWS service descriptions, licensed under Apache 2.0. -- | -- Module : Network.AWS.Glacier.InitiateVaultLock -- Copyright : (c) 2013-2015 Brendan Hay -- License : Mozilla Public License, v. 2.0. -- Maintainer : Brendan Hay <brendan.g.hay@gmail.com> -- Stability : auto-generated -- Portability : non-portable (GHC extensions) -- -- This operation initiates the vault locking process by doing the -- following: -- -- - Installing a vault lock policy on the specified vault. -- -- - Setting the lock state of vault lock to 'InProgress'. -- -- - Returning a lock ID, which is used to complete the vault locking -- process. -- -- You can set one vault lock policy for each vault and this policy can be -- up to 20 KB in size. For more information about vault lock policies, see -- <http://docs.aws.amazon.com/amazonglacier/latest/dev/vault-lock-policy.html Amazon Glacier Access Control with Vault Lock Policies>. -- -- You must complete the vault locking process within 24 hours after the -- vault lock enters the 'InProgress' state. After the 24 hour window ends, -- the lock ID expires, the vault automatically exits the 'InProgress' -- state, and the vault lock policy is removed from the vault. You call -- CompleteVaultLock to complete the vault locking process by setting the -- state of the vault lock to 'Locked'. -- -- After a vault lock is in the 'Locked' state, you cannot initiate a new -- vault lock for the vault. -- -- You can abort the vault locking process by calling AbortVaultLock. You -- can get the state of the vault lock by calling GetVaultLock. For more -- information about the vault locking process, -- <http://docs.aws.amazon.com/amazonglacier/latest/dev/vault-lock.html Amazon Glacier Vault Lock>. -- -- If this operation is called when the vault lock is in the 'InProgress' -- state, the operation returns an 'AccessDeniedException' error. When the -- vault lock is in the 'InProgress' state you must call AbortVaultLock -- before you can initiate a new vault lock policy. -- -- /See:/ <http://docs.aws.amazon.com/amazonglacier/latest/dev/api-InitiateVaultLock.html AWS API Reference> for InitiateVaultLock. module Network.AWS.Glacier.InitiateVaultLock ( -- * Creating a Request initiateVaultLock , InitiateVaultLock -- * Request Lenses , ivlPolicy , ivlAccountId , ivlVaultName -- * Destructuring the Response , initiateVaultLockResponse , InitiateVaultLockResponse -- * Response Lenses , ivlrsLockId , ivlrsResponseStatus ) where import Network.AWS.Glacier.Types import Network.AWS.Glacier.Types.Product import Network.AWS.Prelude import Network.AWS.Request import Network.AWS.Response -- | The input values for 'InitiateVaultLock'. -- -- /See:/ 'initiateVaultLock' smart constructor. data InitiateVaultLock = InitiateVaultLock' { _ivlPolicy :: !(Maybe VaultLockPolicy) , _ivlAccountId :: !Text , _ivlVaultName :: !Text } deriving (Eq,Read,Show,Data,Typeable,Generic) -- | Creates a value of 'InitiateVaultLock' with the minimum fields required to make a request. -- -- Use one of the following lenses to modify other fields as desired: -- -- * 'ivlPolicy' -- -- * 'ivlAccountId' -- -- * 'ivlVaultName' initiateVaultLock :: Text -- ^ 'ivlAccountId' -> Text -- ^ 'ivlVaultName' -> InitiateVaultLock initiateVaultLock pAccountId_ pVaultName_ = InitiateVaultLock' { _ivlPolicy = Nothing , _ivlAccountId = pAccountId_ , _ivlVaultName = pVaultName_ } -- | The vault lock policy as a JSON string, which uses \"\\\" as an escape -- character. ivlPolicy :: Lens' InitiateVaultLock (Maybe VaultLockPolicy) ivlPolicy = lens _ivlPolicy (\ s a -> s{_ivlPolicy = a}); -- | The 'AccountId' value is the AWS account ID. This value must match the -- AWS account ID associated with the credentials used to sign the request. -- You can either specify an AWS account ID or optionally a single -- apos'-'apos (hyphen), in which case Amazon Glacier uses the AWS account -- ID associated with the credentials used to sign the request. If you -- specify your account ID, do not include any hyphens (apos-apos) in the -- ID. ivlAccountId :: Lens' InitiateVaultLock Text ivlAccountId = lens _ivlAccountId (\ s a -> s{_ivlAccountId = a}); -- | The name of the vault. ivlVaultName :: Lens' InitiateVaultLock Text ivlVaultName = lens _ivlVaultName (\ s a -> s{_ivlVaultName = a}); instance AWSRequest InitiateVaultLock where type Rs InitiateVaultLock = InitiateVaultLockResponse request = postJSON glacier response = receiveEmpty (\ s h x -> InitiateVaultLockResponse' <$> (h .#? "x-amz-lock-id") <*> (pure (fromEnum s))) instance ToHeaders InitiateVaultLock where toHeaders = const mempty instance ToJSON InitiateVaultLock where toJSON InitiateVaultLock'{..} = object (catMaybes [("policy" .=) <$> _ivlPolicy]) instance ToPath InitiateVaultLock where toPath InitiateVaultLock'{..} = mconcat ["/", toBS _ivlAccountId, "/vaults/", toBS _ivlVaultName, "/lock-policy"] instance ToQuery InitiateVaultLock where toQuery = const mempty -- | Contains the Amazon Glacier response to your request. -- -- /See:/ 'initiateVaultLockResponse' smart constructor. data InitiateVaultLockResponse = InitiateVaultLockResponse' { _ivlrsLockId :: !(Maybe Text) , _ivlrsResponseStatus :: !Int } deriving (Eq,Read,Show,Data,Typeable,Generic) -- | Creates a value of 'InitiateVaultLockResponse' with the minimum fields required to make a request. -- -- Use one of the following lenses to modify other fields as desired: -- -- * 'ivlrsLockId' -- -- * 'ivlrsResponseStatus' initiateVaultLockResponse :: Int -- ^ 'ivlrsResponseStatus' -> InitiateVaultLockResponse initiateVaultLockResponse pResponseStatus_ = InitiateVaultLockResponse' { _ivlrsLockId = Nothing , _ivlrsResponseStatus = pResponseStatus_ } -- | The lock ID, which is used to complete the vault locking process. ivlrsLockId :: Lens' InitiateVaultLockResponse (Maybe Text) ivlrsLockId = lens _ivlrsLockId (\ s a -> s{_ivlrsLockId = a}); -- | The response status code. ivlrsResponseStatus :: Lens' InitiateVaultLockResponse Int ivlrsResponseStatus = lens _ivlrsResponseStatus (\ s a -> s{_ivlrsResponseStatus = a});