Copyright	(c) 2013-2018 Brendan Hay
License	Mozilla Public License, v. 2.0.
Maintainer	Brendan Hay <brendan.g.hay+amazonka@gmail.com>
Stability	auto-generated
Portability	non-portable (GHC extensions)
Safe Haskell	None
Language	Haskell2010

Network.AWS.Kinesis.StartStreamEncryption

Contents

Creating a Request
Request Lenses
Destructuring the Response

Description

Enables or updates server-side encryption using an AWS KMS key for a specified stream.

Starting encryption is an asynchronous operation. Upon receiving the request, Kinesis Data Streams returns immediately and sets the status of the stream to UPDATING . After the update is complete, Kinesis Data Streams sets the status of the stream back to ACTIVE . Updating or applying encryption normally takes a few seconds to complete, but it can take minutes. You can continue to read and write data to your stream while its status is UPDATING . Once the status of the stream is ACTIVE , encryption begins for records written to the stream.

API Limits: You can successfully apply a new AWS KMS key for server-side encryption 25 times in a rolling 24-hour period.

Note: It can take up to five seconds after the stream is in an ACTIVE status before all records written to the stream are encrypted. After you enable encryption, you can verify that encryption is applied by inspecting the API response from PutRecord or PutRecords .

Creating a Request

startStreamEncryption Source #

Arguments

:: Text	`sStreamName`
-> EncryptionType	`sEncryptionType`
-> Text	`sKeyId`
-> StartStreamEncryption

Creates a value of StartStreamEncryption with the minimum fields required to make a request.

Use one of the following lenses to modify other fields as desired:

sStreamName - The name of the stream for which to start encrypting records.
sEncryptionType - The encryption type to use. The only valid value is KMS .
sKeyId - The GUID for the customer-managed AWS KMS key to use for encryption. This value can be a globally unique identifier, a fully specified Amazon Resource Name (ARN) to either an alias or a key, or an alias name prefixed by "alias".You can also use a master key owned by Kinesis Data Streams by specifying the alias @awskinesis . * Key ARN example: arn:aws:kms:us-east-1:123456789012:key12345678-1234-1234-1234-123456789012 * Alias ARN example: arn:aws:kms:us-east-1:123456789012:aliasMyAliasName * Globally unique key ID example: 12345678-1234-1234-1234-123456789012 * Alias name example: aliasMyAliasName * Master key owned by Kinesis Data Streams: aliasaws/kinesis@

data StartStreamEncryption Source #

See: startStreamEncryption smart constructor.

Instances

Eq StartStreamEncryption Source #
Methods (==) :: StartStreamEncryption -> StartStreamEncryption -> Bool # (/=) :: StartStreamEncryption -> StartStreamEncryption -> Bool #
Data StartStreamEncryption Source #
Methods gfoldl :: (forall d b. Data d => c (d -> b) -> d -> c b) -> (forall g. g -> c g) -> StartStreamEncryption -> c StartStreamEncryption # gunfold :: (forall b r. Data b => c (b -> r) -> c r) -> (forall r. r -> c r) -> Constr -> c StartStreamEncryption # toConstr :: StartStreamEncryption -> Constr # dataTypeOf :: StartStreamEncryption -> DataType # dataCast1 :: Typeable (* -> ) t => (forall d. Data d => c (t d)) -> Maybe (c StartStreamEncryption) # dataCast2 :: Typeable ( -> * -> *) t => (forall d e. (Data d, Data e) => c (t d e)) -> Maybe (c StartStreamEncryption) # gmapT :: (forall b. Data b => b -> b) -> StartStreamEncryption -> StartStreamEncryption # gmapQl :: (r -> r' -> r) -> r -> (forall d. Data d => d -> r') -> StartStreamEncryption -> r # gmapQr :: (r' -> r -> r) -> r -> (forall d. Data d => d -> r') -> StartStreamEncryption -> r # gmapQ :: (forall d. Data d => d -> u) -> StartStreamEncryption -> [u] # gmapQi :: Int -> (forall d. Data d => d -> u) -> StartStreamEncryption -> u # gmapM :: Monad m => (forall d. Data d => d -> m d) -> StartStreamEncryption -> m StartStreamEncryption # gmapMp :: MonadPlus m => (forall d. Data d => d -> m d) -> StartStreamEncryption -> m StartStreamEncryption # gmapMo :: MonadPlus m => (forall d. Data d => d -> m d) -> StartStreamEncryption -> m StartStreamEncryption #
Read StartStreamEncryption Source #
Methods readsPrec :: Int -> ReadS StartStreamEncryption # readList :: ReadS [StartStreamEncryption] # readPrec :: ReadPrec StartStreamEncryption # readListPrec :: ReadPrec [StartStreamEncryption] #
Show StartStreamEncryption Source #
Methods showsPrec :: Int -> StartStreamEncryption -> ShowS # show :: StartStreamEncryption -> String # showList :: [StartStreamEncryption] -> ShowS #
Generic StartStreamEncryption Source #
Associated Types type Rep StartStreamEncryption :: * -> * # Methods from :: StartStreamEncryption -> Rep StartStreamEncryption x # to :: Rep StartStreamEncryption x -> StartStreamEncryption #
Hashable StartStreamEncryption Source #
Methods hashWithSalt :: Int -> StartStreamEncryption -> Int # hash :: StartStreamEncryption -> Int #
ToJSON StartStreamEncryption Source #
Methods toJSON :: StartStreamEncryption -> Value # toEncoding :: StartStreamEncryption -> Encoding # toJSONList :: [StartStreamEncryption] -> Value # toEncodingList :: [StartStreamEncryption] -> Encoding #
NFData StartStreamEncryption Source #
Methods rnf :: StartStreamEncryption -> () #
AWSRequest StartStreamEncryption Source #
Associated Types type Rs StartStreamEncryption :: * # Methods request :: StartStreamEncryption -> Request StartStreamEncryption # response :: (MonadResource m, MonadThrow m) => Logger -> Service -> Proxy * StartStreamEncryption -> ClientResponse -> m (Response StartStreamEncryption) #
ToHeaders StartStreamEncryption Source #
Methods toHeaders :: StartStreamEncryption -> [Header] #
ToPath StartStreamEncryption Source #
Methods toPath :: StartStreamEncryption -> ByteString #
ToQuery StartStreamEncryption Source #
Methods toQuery :: StartStreamEncryption -> QueryString #
type Rep StartStreamEncryption Source #
type Rep StartStreamEncryption = D1 * (MetaData "StartStreamEncryption" "Network.AWS.Kinesis.StartStreamEncryption" "amazonka-kinesis-1.6.0-FM91TbfEPFA6fwZObkhzFa" False) (C1 * (MetaCons "StartStreamEncryption'" PrefixI True) ((::) (S1 * (MetaSel (Just Symbol "_sStreamName") NoSourceUnpackedness SourceStrict DecidedStrict) (Rec0 * Text)) ((::) (S1 * (MetaSel (Just Symbol "_sEncryptionType") NoSourceUnpackedness SourceStrict DecidedStrict) (Rec0 * EncryptionType)) (S1 * (MetaSel (Just Symbol "_sKeyId") NoSourceUnpackedness SourceStrict DecidedStrict) (Rec0 * Text)))))
type Rs StartStreamEncryption Source #
type Rs StartStreamEncryption = StartStreamEncryptionResponse

Request Lenses

sStreamName :: Lens' StartStreamEncryption Text Source #

The name of the stream for which to start encrypting records.

sEncryptionType :: Lens' StartStreamEncryption EncryptionType Source #

The encryption type to use. The only valid value is KMS .

sKeyId :: Lens' StartStreamEncryption Text Source #

The GUID for the customer-managed AWS KMS key to use for encryption. This value can be a globally unique identifier, a fully specified Amazon Resource Name (ARN) to either an alias or a key, or an alias name prefixed by "alias".You can also use a master key owned by Kinesis Data Streams by specifying the alias @awskinesis . * Key ARN example: arn:aws:kms:us-east-1:123456789012:key12345678-1234-1234-1234-123456789012 * Alias ARN example: arn:aws:kms:us-east-1:123456789012:aliasMyAliasName * Globally unique key ID example: 12345678-1234-1234-1234-123456789012 * Alias name example: aliasMyAliasName * Master key owned by Kinesis Data Streams: aliasaws/kinesis@

Destructuring the Response

startStreamEncryptionResponse :: StartStreamEncryptionResponse Source #

Creates a value of StartStreamEncryptionResponse with the minimum fields required to make a request.

data StartStreamEncryptionResponse Source #

See: startStreamEncryptionResponse smart constructor.

Instances

Eq StartStreamEncryptionResponse Source #
Methods (==) :: StartStreamEncryptionResponse -> StartStreamEncryptionResponse -> Bool # (/=) :: StartStreamEncryptionResponse -> StartStreamEncryptionResponse -> Bool #
Data StartStreamEncryptionResponse Source #
Methods gfoldl :: (forall d b. Data d => c (d -> b) -> d -> c b) -> (forall g. g -> c g) -> StartStreamEncryptionResponse -> c StartStreamEncryptionResponse # gunfold :: (forall b r. Data b => c (b -> r) -> c r) -> (forall r. r -> c r) -> Constr -> c StartStreamEncryptionResponse # toConstr :: StartStreamEncryptionResponse -> Constr # dataTypeOf :: StartStreamEncryptionResponse -> DataType # dataCast1 :: Typeable (* -> ) t => (forall d. Data d => c (t d)) -> Maybe (c StartStreamEncryptionResponse) # dataCast2 :: Typeable ( -> * -> *) t => (forall d e. (Data d, Data e) => c (t d e)) -> Maybe (c StartStreamEncryptionResponse) # gmapT :: (forall b. Data b => b -> b) -> StartStreamEncryptionResponse -> StartStreamEncryptionResponse # gmapQl :: (r -> r' -> r) -> r -> (forall d. Data d => d -> r') -> StartStreamEncryptionResponse -> r # gmapQr :: (r' -> r -> r) -> r -> (forall d. Data d => d -> r') -> StartStreamEncryptionResponse -> r # gmapQ :: (forall d. Data d => d -> u) -> StartStreamEncryptionResponse -> [u] # gmapQi :: Int -> (forall d. Data d => d -> u) -> StartStreamEncryptionResponse -> u # gmapM :: Monad m => (forall d. Data d => d -> m d) -> StartStreamEncryptionResponse -> m StartStreamEncryptionResponse # gmapMp :: MonadPlus m => (forall d. Data d => d -> m d) -> StartStreamEncryptionResponse -> m StartStreamEncryptionResponse # gmapMo :: MonadPlus m => (forall d. Data d => d -> m d) -> StartStreamEncryptionResponse -> m StartStreamEncryptionResponse #
Read StartStreamEncryptionResponse Source #
Methods readsPrec :: Int -> ReadS StartStreamEncryptionResponse # readList :: ReadS [StartStreamEncryptionResponse] # readPrec :: ReadPrec StartStreamEncryptionResponse # readListPrec :: ReadPrec [StartStreamEncryptionResponse] #
Show StartStreamEncryptionResponse Source #
Methods showsPrec :: Int -> StartStreamEncryptionResponse -> ShowS # show :: StartStreamEncryptionResponse -> String # showList :: [StartStreamEncryptionResponse] -> ShowS #
Generic StartStreamEncryptionResponse Source #
Associated Types type Rep StartStreamEncryptionResponse :: * -> * # Methods from :: StartStreamEncryptionResponse -> Rep StartStreamEncryptionResponse x # to :: Rep StartStreamEncryptionResponse x -> StartStreamEncryptionResponse #
NFData StartStreamEncryptionResponse Source #
Methods rnf :: StartStreamEncryptionResponse -> () #
type Rep StartStreamEncryptionResponse Source #
type Rep StartStreamEncryptionResponse = D1 * (MetaData "StartStreamEncryptionResponse" "Network.AWS.Kinesis.StartStreamEncryption" "amazonka-kinesis-1.6.0-FM91TbfEPFA6fwZObkhzFa" False) (C1 * (MetaCons "StartStreamEncryptionResponse'" PrefixI False) (U1 *))