Copyright | (c) 2013-2015 Brendan Hay |
---|---|
License | Mozilla Public License, v. 2.0. |
Maintainer | Brendan Hay <brendan.g.hay@gmail.com> |
Stability | auto-generated |
Portability | non-portable (GHC extensions) |
Safe Haskell | None |
Language | Haskell2010 |
- kMS :: Service
- _InvalidMarkerException :: AsError a => Getting (First ServiceError) a ServiceError
- _KMSInvalidStateException :: AsError a => Getting (First ServiceError) a ServiceError
- _InvalidKeyUsageException :: AsError a => Getting (First ServiceError) a ServiceError
- _MalformedPolicyDocumentException :: AsError a => Getting (First ServiceError) a ServiceError
- _UnsupportedOperationException :: AsError a => Getting (First ServiceError) a ServiceError
- _DisabledException :: AsError a => Getting (First ServiceError) a ServiceError
- _KeyUnavailableException :: AsError a => Getting (First ServiceError) a ServiceError
- _KMSInternalException :: AsError a => Getting (First ServiceError) a ServiceError
- _NotFoundException :: AsError a => Getting (First ServiceError) a ServiceError
- _InvalidAliasNameException :: AsError a => Getting (First ServiceError) a ServiceError
- _InvalidGrantIdException :: AsError a => Getting (First ServiceError) a ServiceError
- _InvalidGrantTokenException :: AsError a => Getting (First ServiceError) a ServiceError
- _InvalidARNException :: AsError a => Getting (First ServiceError) a ServiceError
- _DependencyTimeoutException :: AsError a => Getting (First ServiceError) a ServiceError
- _InvalidCiphertextException :: AsError a => Getting (First ServiceError) a ServiceError
- _AlreadyExistsException :: AsError a => Getting (First ServiceError) a ServiceError
- _LimitExceededException :: AsError a => Getting (First ServiceError) a ServiceError
- data DataKeySpec
- data GrantOperation
- data KeyState
- data KeyUsageType = EncryptDecrypt
- data AliasListEntry
- aliasListEntry :: AliasListEntry
- aleTargetKeyId :: Lens' AliasListEntry (Maybe Text)
- aleAliasName :: Lens' AliasListEntry (Maybe Text)
- aleAliasARN :: Lens' AliasListEntry (Maybe Text)
- data GrantConstraints
- grantConstraints :: GrantConstraints
- gcEncryptionContextEquals :: Lens' GrantConstraints (HashMap Text Text)
- gcEncryptionContextSubset :: Lens' GrantConstraints (HashMap Text Text)
- data GrantListEntry
- grantListEntry :: GrantListEntry
- gleKeyId :: Lens' GrantListEntry (Maybe Text)
- gleRetiringPrincipal :: Lens' GrantListEntry (Maybe Text)
- gleIssuingAccount :: Lens' GrantListEntry (Maybe Text)
- gleGrantId :: Lens' GrantListEntry (Maybe Text)
- gleConstraints :: Lens' GrantListEntry (Maybe GrantConstraints)
- gleGranteePrincipal :: Lens' GrantListEntry (Maybe Text)
- gleName :: Lens' GrantListEntry (Maybe Text)
- gleCreationDate :: Lens' GrantListEntry (Maybe UTCTime)
- gleOperations :: Lens' GrantListEntry [GrantOperation]
- data KeyListEntry
- keyListEntry :: KeyListEntry
- kleKeyId :: Lens' KeyListEntry (Maybe Text)
- kleKeyARN :: Lens' KeyListEntry (Maybe Text)
- data KeyMetadata
- keyMetadata :: Text -> KeyMetadata
- kmEnabled :: Lens' KeyMetadata (Maybe Bool)
- kmARN :: Lens' KeyMetadata (Maybe Text)
- kmKeyState :: Lens' KeyMetadata (Maybe KeyState)
- kmAWSAccountId :: Lens' KeyMetadata (Maybe Text)
- kmKeyUsage :: Lens' KeyMetadata (Maybe KeyUsageType)
- kmCreationDate :: Lens' KeyMetadata (Maybe UTCTime)
- kmDeletionDate :: Lens' KeyMetadata (Maybe UTCTime)
- kmDescription :: Lens' KeyMetadata (Maybe Text)
- kmKeyId :: Lens' KeyMetadata Text
- data ListGrantsResponse
- listGrantsResponse :: ListGrantsResponse
- lgTruncated :: Lens' ListGrantsResponse (Maybe Bool)
- lgGrants :: Lens' ListGrantsResponse [GrantListEntry]
- lgNextMarker :: Lens' ListGrantsResponse (Maybe Text)
Service Configuration
API version '2014-11-01' of the Amazon Key Management Service SDK configuration.
Errors
_InvalidMarkerException :: AsError a => Getting (First ServiceError) a ServiceError Source
The request was rejected because the marker that specifies where pagination should next begin is not valid.
_KMSInvalidStateException :: AsError a => Getting (First ServiceError) a ServiceError Source
The request was rejected because the state of the specified resource is not valid for this request.
For more information about how key state affects the use of a customer master key (CMK), go to How Key State Affects the Use of a Customer Master Key in the AWS Key Management Service Developer Guide.
_InvalidKeyUsageException :: AsError a => Getting (First ServiceError) a ServiceError Source
The request was rejected because the specified KeySpec parameter is not valid. The currently supported value is ENCRYPT/DECRYPT.
_MalformedPolicyDocumentException :: AsError a => Getting (First ServiceError) a ServiceError Source
The request was rejected because the specified policy is not syntactically or semantically correct.
_UnsupportedOperationException :: AsError a => Getting (First ServiceError) a ServiceError Source
The request was rejected because a specified parameter is not supported.
_DisabledException :: AsError a => Getting (First ServiceError) a ServiceError Source
The request was rejected because the specified key was marked as disabled.
_KeyUnavailableException :: AsError a => Getting (First ServiceError) a ServiceError Source
The request was rejected because the key was not available. The request can be retried.
_KMSInternalException :: AsError a => Getting (First ServiceError) a ServiceError Source
The request was rejected because an internal exception occurred. The request can be retried.
_NotFoundException :: AsError a => Getting (First ServiceError) a ServiceError Source
The request was rejected because the specified entity or resource could not be found.
_InvalidAliasNameException :: AsError a => Getting (First ServiceError) a ServiceError Source
The request was rejected because the specified alias name is not valid.
_InvalidGrantIdException :: AsError a => Getting (First ServiceError) a ServiceError Source
The request was rejected because the specified GrantId
is not valid.
_InvalidGrantTokenException :: AsError a => Getting (First ServiceError) a ServiceError Source
The request was rejected because a grant token provided as part of the request is invalid.
_InvalidARNException :: AsError a => Getting (First ServiceError) a ServiceError Source
The request was rejected because a specified ARN was not valid.
_DependencyTimeoutException :: AsError a => Getting (First ServiceError) a ServiceError Source
The system timed out while trying to fulfill the request. The request can be retried.
_InvalidCiphertextException :: AsError a => Getting (First ServiceError) a ServiceError Source
The request was rejected because the specified ciphertext has been corrupted or is otherwise invalid.
_AlreadyExistsException :: AsError a => Getting (First ServiceError) a ServiceError Source
The request was rejected because it attempted to create a resource that already exists.
_LimitExceededException :: AsError a => Getting (First ServiceError) a ServiceError Source
The request was rejected because a limit was exceeded. For more information, see Limits in the AWS Key Management Service Developer Guide.
DataKeySpec
data DataKeySpec Source
GrantOperation
data GrantOperation Source
CreateGrant | |
Decrypt | |
DescribeKey | |
Encrypt | |
GenerateDataKey | |
GenerateDataKeyWithoutPlaintext | |
ReEncryptFrom | |
ReEncryptTo | |
RetireGrant |
KeyState
KeyUsageType
data KeyUsageType Source
AliasListEntry
data AliasListEntry Source
Contains information about an alias.
See: aliasListEntry
smart constructor.
aliasListEntry :: AliasListEntry Source
Creates a value of AliasListEntry
with the minimum fields required to make a request.
Use one of the following lenses to modify other fields as desired:
aleTargetKeyId :: Lens' AliasListEntry (Maybe Text) Source
String that contains the key identifier pointed to by the alias.
aleAliasName :: Lens' AliasListEntry (Maybe Text) Source
String that contains the alias.
aleAliasARN :: Lens' AliasListEntry (Maybe Text) Source
String that contains the key ARN.
GrantConstraints
data GrantConstraints Source
A structure for specifying the conditions under which the operations permitted by the grant are allowed.
You can use this structure to allow the operations permitted by the grant only when a specified encryption context is present. For more information about encryption context, see Encryption Context in the AWS Key Management Service Developer Guide.
See: grantConstraints
smart constructor.
grantConstraints :: GrantConstraints Source
Creates a value of GrantConstraints
with the minimum fields required to make a request.
Use one of the following lenses to modify other fields as desired:
gcEncryptionContextEquals :: Lens' GrantConstraints (HashMap Text Text) Source
Contains a list of key-value pairs that must be present in the encryption context of a subsequent operation permitted by the grant. When a subsequent operation permitted by the grant includes an encryption context that matches this list, the grant allows the operation. Otherwise, the operation is not allowed.
gcEncryptionContextSubset :: Lens' GrantConstraints (HashMap Text Text) Source
Contains a list of key-value pairs, a subset of which must be present in the encryption context of a subsequent operation permitted by the grant. When a subsequent operation permitted by the grant includes an encryption context that matches this list or is a subset of this list, the grant allows the operation. Otherwise, the operation is not allowed.
GrantListEntry
data GrantListEntry Source
Contains information about an entry in a list of grants.
See: grantListEntry
smart constructor.
grantListEntry :: GrantListEntry Source
Creates a value of GrantListEntry
with the minimum fields required to make a request.
Use one of the following lenses to modify other fields as desired:
gleKeyId :: Lens' GrantListEntry (Maybe Text) Source
The unique identifier for the customer master key (CMK) to which the grant applies.
gleRetiringPrincipal :: Lens' GrantListEntry (Maybe Text) Source
The principal that can retire the grant.
gleIssuingAccount :: Lens' GrantListEntry (Maybe Text) Source
The AWS account under which the grant was issued.
gleGrantId :: Lens' GrantListEntry (Maybe Text) Source
The unique identifier for the grant.
gleConstraints :: Lens' GrantListEntry (Maybe GrantConstraints) Source
The conditions under which the grant's operations are allowed.
gleGranteePrincipal :: Lens' GrantListEntry (Maybe Text) Source
The principal that receives the grant's permissions.
gleName :: Lens' GrantListEntry (Maybe Text) Source
The friendly name that identifies the grant. If a name was provided in the CreateGrant request, that name is returned. Otherwise this value is null.
gleCreationDate :: Lens' GrantListEntry (Maybe UTCTime) Source
The date and time when the grant was created.
gleOperations :: Lens' GrantListEntry [GrantOperation] Source
The list of operations permitted by the grant.
KeyListEntry
data KeyListEntry Source
Contains information about each entry in the key list.
See: keyListEntry
smart constructor.
keyListEntry :: KeyListEntry Source
Creates a value of KeyListEntry
with the minimum fields required to make a request.
Use one of the following lenses to modify other fields as desired:
KeyMetadata
data KeyMetadata Source
Contains metadata about a customer master key (CMK).
This data type is used as a response element for the CreateKey and DescribeKey operations.
See: keyMetadata
smart constructor.
:: Text | |
-> KeyMetadata |
Creates a value of KeyMetadata
with the minimum fields required to make a request.
Use one of the following lenses to modify other fields as desired:
kmARN :: Lens' KeyMetadata (Maybe Text) Source
The Amazon Resource Name (ARN) of the key. For examples, see AWS Key Management Service (AWS KMS) in the Example ARNs section of the AWS General Reference.
kmKeyState :: Lens' KeyMetadata (Maybe KeyState) Source
The state of the customer master key (CMK).
For more information about how key state affects the use of a CMK, go to How Key State Affects the Use of a Customer Master Key in the AWS Key Management Service Developer Guide.
kmAWSAccountId :: Lens' KeyMetadata (Maybe Text) Source
The twelve-digit account ID of the AWS account that owns the key.
kmKeyUsage :: Lens' KeyMetadata (Maybe KeyUsageType) Source
The cryptographic operations for which you can use the key. Currently
the only allowed value is ENCRYPT_DECRYPT
, which means you can use the
key for the Encrypt and Decrypt operations.
kmCreationDate :: Lens' KeyMetadata (Maybe UTCTime) Source
The date and time when the key was created.
kmDeletionDate :: Lens' KeyMetadata (Maybe UTCTime) Source
The date and time after which AWS KMS deletes the customer master key
(CMK). This value is present only when KeyState
is PendingDeletion
,
otherwise this value is null.
kmDescription :: Lens' KeyMetadata (Maybe Text) Source
The friendly description of the key.
kmKeyId :: Lens' KeyMetadata Text Source
The globally unique identifier for the key.
ListGrantsResponse
data ListGrantsResponse Source
See: listGrantsResponse
smart constructor.
listGrantsResponse :: ListGrantsResponse Source
Creates a value of ListGrantsResponse
with the minimum fields required to make a request.
Use one of the following lenses to modify other fields as desired:
lgTruncated :: Lens' ListGrantsResponse (Maybe Bool) Source
A flag that indicates whether there are more items in the list. If your
results were truncated, you can use the Marker
parameter to make a
subsequent pagination request to retrieve more items in the list.
lgGrants :: Lens' ListGrantsResponse [GrantListEntry] Source
A list of grants.
lgNextMarker :: Lens' ListGrantsResponse (Maybe Text) Source
When Truncated
is true, this value is present and contains the value
to use for the Marker
parameter in a subsequent pagination request.