Copyright	(c) 2013-2015 Brendan Hay
License	Mozilla Public License, v. 2.0.
Maintainer	Brendan Hay <brendan.g.hay@gmail.com>
Stability	auto-generated
Portability	non-portable (GHC extensions)
Safe Haskell	None
Language	Haskell2010

Network.AWS.KMS.Types

Contents

Service Configuration
Errors
DataKeySpec
GrantOperation
KeyState
KeyUsageType
AliasListEntry
GrantConstraints
GrantListEntry
KeyListEntry
KeyMetadata
ListGrantsResponse

Description

Synopsis

Service Configuration

kMS :: Service Source

API version '2014-11-01' of the Amazon Key Management Service SDK configuration.

Errors

_InvalidMarkerException :: AsError a => Getting (First ServiceError) a ServiceError Source

The request was rejected because the marker that specifies where pagination should next begin is not valid.

_KMSInvalidStateException :: AsError a => Getting (First ServiceError) a ServiceError Source

The request was rejected because the state of the specified resource is not valid for this request.

For more information about how key state affects the use of a customer master key (CMK), go to How Key State Affects the Use of a Customer Master Key in the AWS Key Management Service Developer Guide.

_InvalidKeyUsageException :: AsError a => Getting (First ServiceError) a ServiceError Source

The request was rejected because the specified KeySpec parameter is not valid. The currently supported value is ENCRYPT/DECRYPT.

_MalformedPolicyDocumentException :: AsError a => Getting (First ServiceError) a ServiceError Source

The request was rejected because the specified policy is not syntactically or semantically correct.

_UnsupportedOperationException :: AsError a => Getting (First ServiceError) a ServiceError Source

The request was rejected because a specified parameter is not supported.

_DisabledException :: AsError a => Getting (First ServiceError) a ServiceError Source

The request was rejected because the specified key was marked as disabled.

_KeyUnavailableException :: AsError a => Getting (First ServiceError) a ServiceError Source

The request was rejected because the key was not available. The request can be retried.

_KMSInternalException :: AsError a => Getting (First ServiceError) a ServiceError Source

The request was rejected because an internal exception occurred. The request can be retried.

_NotFoundException :: AsError a => Getting (First ServiceError) a ServiceError Source

The request was rejected because the specified entity or resource could not be found.

_InvalidAliasNameException :: AsError a => Getting (First ServiceError) a ServiceError Source

The request was rejected because the specified alias name is not valid.

_InvalidGrantIdException :: AsError a => Getting (First ServiceError) a ServiceError Source

The request was rejected because the specified GrantId is not valid.

_InvalidGrantTokenException :: AsError a => Getting (First ServiceError) a ServiceError Source

The request was rejected because a grant token provided as part of the request is invalid.

_InvalidARNException :: AsError a => Getting (First ServiceError) a ServiceError Source

The request was rejected because a specified ARN was not valid.

_DependencyTimeoutException :: AsError a => Getting (First ServiceError) a ServiceError Source

The system timed out while trying to fulfill the request. The request can be retried.

_InvalidCiphertextException :: AsError a => Getting (First ServiceError) a ServiceError Source

The request was rejected because the specified ciphertext has been corrupted or is otherwise invalid.

_AlreadyExistsException :: AsError a => Getting (First ServiceError) a ServiceError Source

The request was rejected because it attempted to create a resource that already exists.

_LimitExceededException :: AsError a => Getting (First ServiceError) a ServiceError Source

The request was rejected because a limit was exceeded. For more information, see Limits in the AWS Key Management Service Developer Guide.

DataKeySpec

GrantOperation

KeyState

KeyUsageType

AliasListEntry

data AliasListEntry Source

Contains information about an alias.

See: aliasListEntry smart constructor.

aliasListEntry :: AliasListEntry Source

Creates a value of AliasListEntry with the minimum fields required to make a request.

Use one of the following lenses to modify other fields as desired:

aleTargetKeyId :: Lens' AliasListEntry (Maybe Text) Source

String that contains the key identifier pointed to by the alias.

aleAliasName :: Lens' AliasListEntry (Maybe Text) Source

String that contains the alias.

aleAliasARN :: Lens' AliasListEntry (Maybe Text) Source

String that contains the key ARN.

GrantConstraints

data GrantConstraints Source

A structure for specifying the conditions under which the operations permitted by the grant are allowed.

You can use this structure to allow the operations permitted by the grant only when a specified encryption context is present. For more information about encryption context, see Encryption Context in the AWS Key Management Service Developer Guide.

See: grantConstraints smart constructor.

grantConstraints :: GrantConstraints Source

Creates a value of GrantConstraints with the minimum fields required to make a request.

Use one of the following lenses to modify other fields as desired:

gcEncryptionContextEquals :: Lens' GrantConstraints (HashMap Text Text) Source

Contains a list of key-value pairs that must be present in the encryption context of a subsequent operation permitted by the grant. When a subsequent operation permitted by the grant includes an encryption context that matches this list, the grant allows the operation. Otherwise, the operation is not allowed.

gcEncryptionContextSubset :: Lens' GrantConstraints (HashMap Text Text) Source

Contains a list of key-value pairs, a subset of which must be present in the encryption context of a subsequent operation permitted by the grant. When a subsequent operation permitted by the grant includes an encryption context that matches this list or is a subset of this list, the grant allows the operation. Otherwise, the operation is not allowed.

GrantListEntry

data GrantListEntry Source

Contains information about an entry in a list of grants.

See: grantListEntry smart constructor.

grantListEntry :: GrantListEntry Source

Creates a value of GrantListEntry with the minimum fields required to make a request.

Use one of the following lenses to modify other fields as desired:

gleKeyId :: Lens' GrantListEntry (Maybe Text) Source

The unique identifier for the customer master key (CMK) to which the grant applies.

gleRetiringPrincipal :: Lens' GrantListEntry (Maybe Text) Source

The principal that can retire the grant.

gleIssuingAccount :: Lens' GrantListEntry (Maybe Text) Source

The AWS account under which the grant was issued.

gleGrantId :: Lens' GrantListEntry (Maybe Text) Source

The unique identifier for the grant.

gleConstraints :: Lens' GrantListEntry (Maybe GrantConstraints) Source

The conditions under which the grant's operations are allowed.

gleGranteePrincipal :: Lens' GrantListEntry (Maybe Text) Source

The principal that receives the grant's permissions.

gleName :: Lens' GrantListEntry (Maybe Text) Source

The friendly name that identifies the grant. If a name was provided in the CreateGrant request, that name is returned. Otherwise this value is null.

gleCreationDate :: Lens' GrantListEntry (Maybe UTCTime) Source

The date and time when the grant was created.

gleOperations :: Lens' GrantListEntry [GrantOperation] Source

The list of operations permitted by the grant.

KeyListEntry

data KeyListEntry Source

Contains information about each entry in the key list.

See: keyListEntry smart constructor.

keyListEntry :: KeyListEntry Source

Creates a value of KeyListEntry with the minimum fields required to make a request.

Use one of the following lenses to modify other fields as desired:

kleKeyId
kleKeyARN

kleKeyId :: Lens' KeyListEntry (Maybe Text) Source

Unique identifier of the key.

kleKeyARN :: Lens' KeyListEntry (Maybe Text) Source

ARN of the key.

KeyMetadata

data KeyMetadata Source

Contains metadata about a customer master key (CMK).

This data type is used as a response element for the CreateKey and DescribeKey operations.

See: keyMetadata smart constructor.

Instances

Eq KeyMetadata Source
Data KeyMetadata Source
Read KeyMetadata Source
Show KeyMetadata Source
Generic KeyMetadata Source
FromJSON KeyMetadata Source
type Rep KeyMetadata Source

keyMetadata Source

Arguments

:: Text	`kmKeyId`
-> KeyMetadata

Creates a value of KeyMetadata with the minimum fields required to make a request.

Use one of the following lenses to modify other fields as desired:

kmEnabled :: Lens' KeyMetadata (Maybe Bool) Source

Specifies whether the key is enabled. When KeyState is Enabled this value is true, otherwise it is false.

kmARN :: Lens' KeyMetadata (Maybe Text) Source

The Amazon Resource Name (ARN) of the key. For examples, see AWS Key Management Service (AWS KMS) in the Example ARNs section of the AWS General Reference.

kmKeyState :: Lens' KeyMetadata (Maybe KeyState) Source

The state of the customer master key (CMK).

For more information about how key state affects the use of a CMK, go to How Key State Affects the Use of a Customer Master Key in the AWS Key Management Service Developer Guide.

kmAWSAccountId :: Lens' KeyMetadata (Maybe Text) Source

The twelve-digit account ID of the AWS account that owns the key.

kmKeyUsage :: Lens' KeyMetadata (Maybe KeyUsageType) Source

The cryptographic operations for which you can use the key. Currently the only allowed value is ENCRYPT_DECRYPT, which means you can use the key for the Encrypt and Decrypt operations.

kmCreationDate :: Lens' KeyMetadata (Maybe UTCTime) Source

The date and time when the key was created.

kmDeletionDate :: Lens' KeyMetadata (Maybe UTCTime) Source

The date and time after which AWS KMS deletes the customer master key (CMK). This value is present only when KeyState is PendingDeletion, otherwise this value is null.

kmDescription :: Lens' KeyMetadata (Maybe Text) Source

The friendly description of the key.

kmKeyId :: Lens' KeyMetadata Text Source

The globally unique identifier for the key.

ListGrantsResponse

data ListGrantsResponse Source

See: listGrantsResponse smart constructor.

listGrantsResponse :: ListGrantsResponse Source

Creates a value of ListGrantsResponse with the minimum fields required to make a request.

Use one of the following lenses to modify other fields as desired:

lgTruncated :: Lens' ListGrantsResponse (Maybe Bool) Source

A flag that indicates whether there are more items in the list. If your results were truncated, you can use the Marker parameter to make a subsequent pagination request to retrieve more items in the list.

lgGrants :: Lens' ListGrantsResponse [GrantListEntry] Source

A list of grants.

lgNextMarker :: Lens' ListGrantsResponse (Maybe Text) Source

When Truncated is true, this value is present and contains the value to use for the Marker parameter in a subsequent pagination request.

Enum DataKeySpec Source
Eq DataKeySpec Source
Data DataKeySpec Source
Ord DataKeySpec Source
Read DataKeySpec Source
Show DataKeySpec Source
Generic DataKeySpec Source
ToJSON DataKeySpec Source
Hashable DataKeySpec Source
ToHeader DataKeySpec Source
ToQuery DataKeySpec Source
ToByteString DataKeySpec Source
FromText DataKeySpec Source
ToText DataKeySpec Source
type Rep DataKeySpec Source

CreateGrant
Decrypt
DescribeKey
Encrypt
GenerateDataKey
GenerateDataKeyWithoutPlaintext
ReEncryptFrom
ReEncryptTo
RetireGrant

Enum GrantOperation Source
Eq GrantOperation Source
Data GrantOperation Source
Ord GrantOperation Source
Read GrantOperation Source
Show GrantOperation Source
Generic GrantOperation Source
ToJSON GrantOperation Source
FromJSON GrantOperation Source
Hashable GrantOperation Source
ToHeader GrantOperation Source
ToQuery GrantOperation Source
ToByteString GrantOperation Source
FromText GrantOperation Source
ToText GrantOperation Source
type Rep GrantOperation Source

Enum KeyState Source
Eq KeyState Source
Data KeyState Source
Ord KeyState Source
Read KeyState Source
Show KeyState Source
Generic KeyState Source
FromJSON KeyState Source
Hashable KeyState Source
ToHeader KeyState Source
ToQuery KeyState Source
ToByteString KeyState Source
FromText KeyState Source
ToText KeyState Source
type Rep KeyState Source

Enum KeyUsageType Source
Eq KeyUsageType Source
Data KeyUsageType Source
Ord KeyUsageType Source
Read KeyUsageType Source
Show KeyUsageType Source
Generic KeyUsageType Source
ToJSON KeyUsageType Source
FromJSON KeyUsageType Source
Hashable KeyUsageType Source
ToHeader KeyUsageType Source
ToQuery KeyUsageType Source
ToByteString KeyUsageType Source
FromText KeyUsageType Source
ToText KeyUsageType Source
type Rep KeyUsageType Source

Eq AliasListEntry Source
Data AliasListEntry Source
Read AliasListEntry Source
Show AliasListEntry Source
Generic AliasListEntry Source
FromJSON AliasListEntry Source
type Rep AliasListEntry Source

Eq GrantConstraints Source
Data GrantConstraints Source
Read GrantConstraints Source
Show GrantConstraints Source
Generic GrantConstraints Source
ToJSON GrantConstraints Source
FromJSON GrantConstraints Source
type Rep GrantConstraints Source

Eq GrantListEntry Source
Data GrantListEntry Source
Read GrantListEntry Source
Show GrantListEntry Source
Generic GrantListEntry Source
FromJSON GrantListEntry Source
type Rep GrantListEntry Source

Eq KeyListEntry Source
Data KeyListEntry Source
Read KeyListEntry Source
Show KeyListEntry Source
Generic KeyListEntry Source
FromJSON KeyListEntry Source
type Rep KeyListEntry Source

Eq ListGrantsResponse Source
Data ListGrantsResponse Source
Read ListGrantsResponse Source
Show ListGrantsResponse Source
Generic ListGrantsResponse Source
FromJSON ListGrantsResponse Source
type Rep ListGrantsResponse Source