Copyright	(c) 2013-2017 Brendan Hay
License	Mozilla Public License, v. 2.0.
Maintainer	Brendan Hay <brendan.g.hay+amazonka@gmail.com>
Stability	auto-generated
Portability	non-portable (GHC extensions)
Safe Haskell	None
Language	Haskell2010

Network.AWS.Kinesis.StartStreamEncryption

Contents

Creating a Request
Request Lenses
Destructuring the Response

Description

Enables or updates server-side encryption using an AWS KMS key for a specified stream.

Starting encryption is an asynchronous operation. Upon receiving the request, Amazon Kinesis returns immediately and sets the status of the stream to UPDATING . After the update is complete, Amazon Kinesis sets the status of the stream back to ACTIVE . Updating or applying encryption normally takes a few seconds to complete but it can take minutes. You can continue to read and write data to your stream while its status is UPDATING . Once the status of the stream is ACTIVE , records written to the stream will begin to be encrypted.

API Limits: You can successfully apply a new AWS KMS key for server-side encryption 25 times in a rolling 24 hour period.

Note: It can take up to 5 seconds after the stream is in an ACTIVE status before all records written to the stream are encrypted. After you’ve enabled encryption, you can verify encryption was applied by inspecting the API response from PutRecord or PutRecords .

Creating a Request

startStreamEncryption Source #

Arguments

:: Text	`sStreamName`
-> EncryptionType	`sEncryptionType`
-> Text	`sKeyId`
-> StartStreamEncryption

Creates a value of StartStreamEncryption with the minimum fields required to make a request.

Use one of the following lenses to modify other fields as desired:

sStreamName - The name of the stream for which to start encrypting records.
sEncryptionType - The encryption type to use. This parameter can be one of the following values: * NONE : Not valid for this operation. An InvalidOperationException will be thrown. * KMS : Use server-side encryption on the records in the stream using a customer-managed KMS key.
sKeyId - The GUID for the customer-managed KMS key to use for encryption. You can also use a Kinesis-owned master key by specifying the alias aws/kinesis .

data StartStreamEncryption Source #

See: startStreamEncryption smart constructor.

Instances

Eq StartStreamEncryption Source #
Methods (==) :: StartStreamEncryption -> StartStreamEncryption -> Bool # (/=) :: StartStreamEncryption -> StartStreamEncryption -> Bool #
Data StartStreamEncryption Source #
Methods gfoldl :: (forall d b. Data d => c (d -> b) -> d -> c b) -> (forall g. g -> c g) -> StartStreamEncryption -> c StartStreamEncryption # gunfold :: (forall b r. Data b => c (b -> r) -> c r) -> (forall r. r -> c r) -> Constr -> c StartStreamEncryption # toConstr :: StartStreamEncryption -> Constr # dataTypeOf :: StartStreamEncryption -> DataType # dataCast1 :: Typeable (* -> ) t => (forall d. Data d => c (t d)) -> Maybe (c StartStreamEncryption) # dataCast2 :: Typeable ( -> * -> *) t => (forall d e. (Data d, Data e) => c (t d e)) -> Maybe (c StartStreamEncryption) # gmapT :: (forall b. Data b => b -> b) -> StartStreamEncryption -> StartStreamEncryption # gmapQl :: (r -> r' -> r) -> r -> (forall d. Data d => d -> r') -> StartStreamEncryption -> r # gmapQr :: (r' -> r -> r) -> r -> (forall d. Data d => d -> r') -> StartStreamEncryption -> r # gmapQ :: (forall d. Data d => d -> u) -> StartStreamEncryption -> [u] # gmapQi :: Int -> (forall d. Data d => d -> u) -> StartStreamEncryption -> u # gmapM :: Monad m => (forall d. Data d => d -> m d) -> StartStreamEncryption -> m StartStreamEncryption # gmapMp :: MonadPlus m => (forall d. Data d => d -> m d) -> StartStreamEncryption -> m StartStreamEncryption # gmapMo :: MonadPlus m => (forall d. Data d => d -> m d) -> StartStreamEncryption -> m StartStreamEncryption #
Read StartStreamEncryption Source #
Methods readsPrec :: Int -> ReadS StartStreamEncryption # readList :: ReadS [StartStreamEncryption] # readPrec :: ReadPrec StartStreamEncryption # readListPrec :: ReadPrec [StartStreamEncryption] #
Show StartStreamEncryption Source #
Methods showsPrec :: Int -> StartStreamEncryption -> ShowS # show :: StartStreamEncryption -> String # showList :: [StartStreamEncryption] -> ShowS #
Generic StartStreamEncryption Source #
Associated Types type Rep StartStreamEncryption :: * -> * # Methods from :: StartStreamEncryption -> Rep StartStreamEncryption x # to :: Rep StartStreamEncryption x -> StartStreamEncryption #
Hashable StartStreamEncryption Source #
Methods hashWithSalt :: Int -> StartStreamEncryption -> Int # hash :: StartStreamEncryption -> Int #
ToJSON StartStreamEncryption Source #
Methods toJSON :: StartStreamEncryption -> Value # toEncoding :: StartStreamEncryption -> Encoding # toJSONList :: [StartStreamEncryption] -> Value # toEncodingList :: [StartStreamEncryption] -> Encoding #
NFData StartStreamEncryption Source #
Methods rnf :: StartStreamEncryption -> () #
AWSRequest StartStreamEncryption Source #
Associated Types type Rs StartStreamEncryption :: * # Methods request :: StartStreamEncryption -> Request StartStreamEncryption # response :: MonadResource m => Logger -> Service -> Proxy * StartStreamEncryption -> ClientResponse -> m (Response StartStreamEncryption) #
ToQuery StartStreamEncryption Source #
Methods toQuery :: StartStreamEncryption -> QueryString #
ToPath StartStreamEncryption Source #
Methods toPath :: StartStreamEncryption -> ByteString #
ToHeaders StartStreamEncryption Source #
Methods toHeaders :: StartStreamEncryption -> [Header] #
type Rep StartStreamEncryption Source #
type Rep StartStreamEncryption = D1 (MetaData "StartStreamEncryption" "Network.AWS.Kinesis.StartStreamEncryption" "amazonka-kinesis-1.5.0-9sBOxcpdcTN2BghkYmkXAp" False) (C1 (MetaCons "StartStreamEncryption'" PrefixI True) ((::) (S1 (MetaSel (Just Symbol "_sStreamName") NoSourceUnpackedness SourceStrict DecidedStrict) (Rec0 Text)) ((::) (S1 (MetaSel (Just Symbol "_sEncryptionType") NoSourceUnpackedness SourceStrict DecidedStrict) (Rec0 EncryptionType)) (S1 (MetaSel (Just Symbol "_sKeyId") NoSourceUnpackedness SourceStrict DecidedStrict) (Rec0 Text)))))
type Rs StartStreamEncryption Source #
type Rs StartStreamEncryption = StartStreamEncryptionResponse

Request Lenses

sStreamName :: Lens' StartStreamEncryption Text Source #

The name of the stream for which to start encrypting records.

sEncryptionType :: Lens' StartStreamEncryption EncryptionType Source #

The encryption type to use. This parameter can be one of the following values: * NONE : Not valid for this operation. An InvalidOperationException will be thrown. * KMS : Use server-side encryption on the records in the stream using a customer-managed KMS key.

sKeyId :: Lens' StartStreamEncryption Text Source #

The GUID for the customer-managed KMS key to use for encryption. You can also use a Kinesis-owned master key by specifying the alias aws/kinesis .

Destructuring the Response

startStreamEncryptionResponse :: StartStreamEncryptionResponse Source #

Creates a value of StartStreamEncryptionResponse with the minimum fields required to make a request.

data StartStreamEncryptionResponse Source #

See: startStreamEncryptionResponse smart constructor.

Instances

Eq StartStreamEncryptionResponse Source #
Methods (==) :: StartStreamEncryptionResponse -> StartStreamEncryptionResponse -> Bool # (/=) :: StartStreamEncryptionResponse -> StartStreamEncryptionResponse -> Bool #
Data StartStreamEncryptionResponse Source #
Methods gfoldl :: (forall d b. Data d => c (d -> b) -> d -> c b) -> (forall g. g -> c g) -> StartStreamEncryptionResponse -> c StartStreamEncryptionResponse # gunfold :: (forall b r. Data b => c (b -> r) -> c r) -> (forall r. r -> c r) -> Constr -> c StartStreamEncryptionResponse # toConstr :: StartStreamEncryptionResponse -> Constr # dataTypeOf :: StartStreamEncryptionResponse -> DataType # dataCast1 :: Typeable (* -> ) t => (forall d. Data d => c (t d)) -> Maybe (c StartStreamEncryptionResponse) # dataCast2 :: Typeable ( -> * -> *) t => (forall d e. (Data d, Data e) => c (t d e)) -> Maybe (c StartStreamEncryptionResponse) # gmapT :: (forall b. Data b => b -> b) -> StartStreamEncryptionResponse -> StartStreamEncryptionResponse # gmapQl :: (r -> r' -> r) -> r -> (forall d. Data d => d -> r') -> StartStreamEncryptionResponse -> r # gmapQr :: (r' -> r -> r) -> r -> (forall d. Data d => d -> r') -> StartStreamEncryptionResponse -> r # gmapQ :: (forall d. Data d => d -> u) -> StartStreamEncryptionResponse -> [u] # gmapQi :: Int -> (forall d. Data d => d -> u) -> StartStreamEncryptionResponse -> u # gmapM :: Monad m => (forall d. Data d => d -> m d) -> StartStreamEncryptionResponse -> m StartStreamEncryptionResponse # gmapMp :: MonadPlus m => (forall d. Data d => d -> m d) -> StartStreamEncryptionResponse -> m StartStreamEncryptionResponse # gmapMo :: MonadPlus m => (forall d. Data d => d -> m d) -> StartStreamEncryptionResponse -> m StartStreamEncryptionResponse #
Read StartStreamEncryptionResponse Source #
Methods readsPrec :: Int -> ReadS StartStreamEncryptionResponse # readList :: ReadS [StartStreamEncryptionResponse] # readPrec :: ReadPrec StartStreamEncryptionResponse # readListPrec :: ReadPrec [StartStreamEncryptionResponse] #
Show StartStreamEncryptionResponse Source #
Methods showsPrec :: Int -> StartStreamEncryptionResponse -> ShowS # show :: StartStreamEncryptionResponse -> String # showList :: [StartStreamEncryptionResponse] -> ShowS #
Generic StartStreamEncryptionResponse Source #
Associated Types type Rep StartStreamEncryptionResponse :: * -> * # Methods from :: StartStreamEncryptionResponse -> Rep StartStreamEncryptionResponse x # to :: Rep StartStreamEncryptionResponse x -> StartStreamEncryptionResponse #
NFData StartStreamEncryptionResponse Source #
Methods rnf :: StartStreamEncryptionResponse -> () #
type Rep StartStreamEncryptionResponse Source #
type Rep StartStreamEncryptionResponse = D1 (MetaData "StartStreamEncryptionResponse" "Network.AWS.Kinesis.StartStreamEncryption" "amazonka-kinesis-1.5.0-9sBOxcpdcTN2BghkYmkXAp" False) (C1 (MetaCons "StartStreamEncryptionResponse'" PrefixI False) U1)