{-# LANGUAGE DeriveGeneric #-}
{-# LANGUAGE DuplicateRecordFields #-}
{-# LANGUAGE NamedFieldPuns #-}
{-# LANGUAGE OverloadedStrings #-}
{-# LANGUAGE RecordWildCards #-}
{-# LANGUAGE StrictData #-}
{-# LANGUAGE TypeFamilies #-}
{-# LANGUAGE NoImplicitPrelude #-}
{-# OPTIONS_GHC -fno-warn-unused-binds #-}
{-# OPTIONS_GHC -fno-warn-unused-imports #-}
{-# OPTIONS_GHC -fno-warn-unused-matches #-}

-- Derived from AWS service descriptions, licensed under Apache 2.0.

-- |
-- Module      : Amazonka.KMS.GetKeyPolicy
-- Copyright   : (c) 2013-2023 Brendan Hay
-- License     : Mozilla Public License, v. 2.0.
-- Maintainer  : Brendan Hay
-- Stability   : auto-generated
-- Portability : non-portable (GHC extensions)
--
-- Gets a key policy attached to the specified KMS key.
--
-- __Cross-account use__: No. You cannot perform this operation on a KMS
-- key in a different Amazon Web Services account.
--
-- __Required permissions__:
-- <https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html kms:GetKeyPolicy>
-- (key policy)
--
-- __Related operations__: PutKeyPolicy
module Amazonka.KMS.GetKeyPolicy
  ( -- * Creating a Request
    GetKeyPolicy (..),
    newGetKeyPolicy,

    -- * Request Lenses
    getKeyPolicy_keyId,
    getKeyPolicy_policyName,

    -- * Destructuring the Response
    GetKeyPolicyResponse (..),
    newGetKeyPolicyResponse,

    -- * Response Lenses
    getKeyPolicyResponse_policy,
    getKeyPolicyResponse_httpStatus,
  )
where

import qualified Amazonka.Core as Core
import qualified Amazonka.Core.Lens.Internal as Lens
import qualified Amazonka.Data as Data
import Amazonka.KMS.Types
import qualified Amazonka.Prelude as Prelude
import qualified Amazonka.Request as Request
import qualified Amazonka.Response as Response

-- | /See:/ 'newGetKeyPolicy' smart constructor.
data GetKeyPolicy = GetKeyPolicy'
  { -- | Gets the key policy for the specified KMS key.
    --
    -- Specify the key ID or key ARN of the KMS key.
    --
    -- For example:
    --
    -- -   Key ID: @1234abcd-12ab-34cd-56ef-1234567890ab@
    --
    -- -   Key ARN:
    --     @arn:aws:kms:us-east-2:111122223333:key\/1234abcd-12ab-34cd-56ef-1234567890ab@
    --
    -- To get the key ID and key ARN for a KMS key, use ListKeys or
    -- DescribeKey.
    GetKeyPolicy -> Text
keyId :: Prelude.Text,
    -- | Specifies the name of the key policy. The only valid name is @default@.
    -- To get the names of key policies, use ListKeyPolicies.
    GetKeyPolicy -> Text
policyName :: Prelude.Text
  }
  deriving (GetKeyPolicy -> GetKeyPolicy -> Bool
forall a. (a -> a -> Bool) -> (a -> a -> Bool) -> Eq a
/= :: GetKeyPolicy -> GetKeyPolicy -> Bool
$c/= :: GetKeyPolicy -> GetKeyPolicy -> Bool
== :: GetKeyPolicy -> GetKeyPolicy -> Bool
$c== :: GetKeyPolicy -> GetKeyPolicy -> Bool
Prelude.Eq, ReadPrec [GetKeyPolicy]
ReadPrec GetKeyPolicy
Int -> ReadS GetKeyPolicy
ReadS [GetKeyPolicy]
forall a.
(Int -> ReadS a)
-> ReadS [a] -> ReadPrec a -> ReadPrec [a] -> Read a
readListPrec :: ReadPrec [GetKeyPolicy]
$creadListPrec :: ReadPrec [GetKeyPolicy]
readPrec :: ReadPrec GetKeyPolicy
$creadPrec :: ReadPrec GetKeyPolicy
readList :: ReadS [GetKeyPolicy]
$creadList :: ReadS [GetKeyPolicy]
readsPrec :: Int -> ReadS GetKeyPolicy
$creadsPrec :: Int -> ReadS GetKeyPolicy
Prelude.Read, Int -> GetKeyPolicy -> ShowS
[GetKeyPolicy] -> ShowS
GetKeyPolicy -> String
forall a.
(Int -> a -> ShowS) -> (a -> String) -> ([a] -> ShowS) -> Show a
showList :: [GetKeyPolicy] -> ShowS
$cshowList :: [GetKeyPolicy] -> ShowS
show :: GetKeyPolicy -> String
$cshow :: GetKeyPolicy -> String
showsPrec :: Int -> GetKeyPolicy -> ShowS
$cshowsPrec :: Int -> GetKeyPolicy -> ShowS
Prelude.Show, forall x. Rep GetKeyPolicy x -> GetKeyPolicy
forall x. GetKeyPolicy -> Rep GetKeyPolicy x
forall a.
(forall x. a -> Rep a x) -> (forall x. Rep a x -> a) -> Generic a
$cto :: forall x. Rep GetKeyPolicy x -> GetKeyPolicy
$cfrom :: forall x. GetKeyPolicy -> Rep GetKeyPolicy x
Prelude.Generic)

-- |
-- Create a value of 'GetKeyPolicy' with all optional fields omitted.
--
-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
--
-- The following record fields are available, with the corresponding lenses provided
-- for backwards compatibility:
--
-- 'keyId', 'getKeyPolicy_keyId' - Gets the key policy for the specified KMS key.
--
-- Specify the key ID or key ARN of the KMS key.
--
-- For example:
--
-- -   Key ID: @1234abcd-12ab-34cd-56ef-1234567890ab@
--
-- -   Key ARN:
--     @arn:aws:kms:us-east-2:111122223333:key\/1234abcd-12ab-34cd-56ef-1234567890ab@
--
-- To get the key ID and key ARN for a KMS key, use ListKeys or
-- DescribeKey.
--
-- 'policyName', 'getKeyPolicy_policyName' - Specifies the name of the key policy. The only valid name is @default@.
-- To get the names of key policies, use ListKeyPolicies.
newGetKeyPolicy ::
  -- | 'keyId'
  Prelude.Text ->
  -- | 'policyName'
  Prelude.Text ->
  GetKeyPolicy
newGetKeyPolicy :: Text -> Text -> GetKeyPolicy
newGetKeyPolicy Text
pKeyId_ Text
pPolicyName_ =
  GetKeyPolicy'
    { $sel:keyId:GetKeyPolicy' :: Text
keyId = Text
pKeyId_,
      $sel:policyName:GetKeyPolicy' :: Text
policyName = Text
pPolicyName_
    }

-- | Gets the key policy for the specified KMS key.
--
-- Specify the key ID or key ARN of the KMS key.
--
-- For example:
--
-- -   Key ID: @1234abcd-12ab-34cd-56ef-1234567890ab@
--
-- -   Key ARN:
--     @arn:aws:kms:us-east-2:111122223333:key\/1234abcd-12ab-34cd-56ef-1234567890ab@
--
-- To get the key ID and key ARN for a KMS key, use ListKeys or
-- DescribeKey.
getKeyPolicy_keyId :: Lens.Lens' GetKeyPolicy Prelude.Text
getKeyPolicy_keyId :: Lens' GetKeyPolicy Text
getKeyPolicy_keyId = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\GetKeyPolicy' {Text
keyId :: Text
$sel:keyId:GetKeyPolicy' :: GetKeyPolicy -> Text
keyId} -> Text
keyId) (\s :: GetKeyPolicy
s@GetKeyPolicy' {} Text
a -> GetKeyPolicy
s {$sel:keyId:GetKeyPolicy' :: Text
keyId = Text
a} :: GetKeyPolicy)

-- | Specifies the name of the key policy. The only valid name is @default@.
-- To get the names of key policies, use ListKeyPolicies.
getKeyPolicy_policyName :: Lens.Lens' GetKeyPolicy Prelude.Text
getKeyPolicy_policyName :: Lens' GetKeyPolicy Text
getKeyPolicy_policyName = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\GetKeyPolicy' {Text
policyName :: Text
$sel:policyName:GetKeyPolicy' :: GetKeyPolicy -> Text
policyName} -> Text
policyName) (\s :: GetKeyPolicy
s@GetKeyPolicy' {} Text
a -> GetKeyPolicy
s {$sel:policyName:GetKeyPolicy' :: Text
policyName = Text
a} :: GetKeyPolicy)

instance Core.AWSRequest GetKeyPolicy where
  type AWSResponse GetKeyPolicy = GetKeyPolicyResponse
  request :: (Service -> Service) -> GetKeyPolicy -> Request GetKeyPolicy
request Service -> Service
overrides =
    forall a. (ToRequest a, ToJSON a) => Service -> a -> Request a
Request.postJSON (Service -> Service
overrides Service
defaultService)
  response :: forall (m :: * -> *).
MonadResource m =>
(ByteStringLazy -> IO ByteStringLazy)
-> Service
-> Proxy GetKeyPolicy
-> ClientResponse ClientBody
-> m (Either Error (ClientResponse (AWSResponse GetKeyPolicy)))
response =
    forall (m :: * -> *) a.
MonadResource m =>
(Int -> ResponseHeaders -> Object -> Either String (AWSResponse a))
-> (ByteStringLazy -> IO ByteStringLazy)
-> Service
-> Proxy a
-> ClientResponse ClientBody
-> m (Either Error (ClientResponse (AWSResponse a)))
Response.receiveJSON
      ( \Int
s ResponseHeaders
h Object
x ->
          Maybe Text -> Int -> GetKeyPolicyResponse
GetKeyPolicyResponse'
            forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
Prelude.<$> (Object
x forall a. FromJSON a => Object -> Key -> Either String (Maybe a)
Data..?> Key
"Policy")
            forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (forall (f :: * -> *) a. Applicative f => a -> f a
Prelude.pure (forall a. Enum a => a -> Int
Prelude.fromEnum Int
s))
      )

instance Prelude.Hashable GetKeyPolicy where
  hashWithSalt :: Int -> GetKeyPolicy -> Int
hashWithSalt Int
_salt GetKeyPolicy' {Text
policyName :: Text
keyId :: Text
$sel:policyName:GetKeyPolicy' :: GetKeyPolicy -> Text
$sel:keyId:GetKeyPolicy' :: GetKeyPolicy -> Text
..} =
    Int
_salt
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` Text
keyId
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` Text
policyName

instance Prelude.NFData GetKeyPolicy where
  rnf :: GetKeyPolicy -> ()
rnf GetKeyPolicy' {Text
policyName :: Text
keyId :: Text
$sel:policyName:GetKeyPolicy' :: GetKeyPolicy -> Text
$sel:keyId:GetKeyPolicy' :: GetKeyPolicy -> Text
..} =
    forall a. NFData a => a -> ()
Prelude.rnf Text
keyId
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf Text
policyName

instance Data.ToHeaders GetKeyPolicy where
  toHeaders :: GetKeyPolicy -> ResponseHeaders
toHeaders =
    forall a b. a -> b -> a
Prelude.const
      ( forall a. Monoid a => [a] -> a
Prelude.mconcat
          [ HeaderName
"X-Amz-Target"
              forall a. ToHeader a => HeaderName -> a -> ResponseHeaders
Data.=# (ByteString
"TrentService.GetKeyPolicy" :: Prelude.ByteString),
            HeaderName
"Content-Type"
              forall a. ToHeader a => HeaderName -> a -> ResponseHeaders
Data.=# ( ByteString
"application/x-amz-json-1.1" ::
                          Prelude.ByteString
                      )
          ]
      )

instance Data.ToJSON GetKeyPolicy where
  toJSON :: GetKeyPolicy -> Value
toJSON GetKeyPolicy' {Text
policyName :: Text
keyId :: Text
$sel:policyName:GetKeyPolicy' :: GetKeyPolicy -> Text
$sel:keyId:GetKeyPolicy' :: GetKeyPolicy -> Text
..} =
    [Pair] -> Value
Data.object
      ( forall a. [Maybe a] -> [a]
Prelude.catMaybes
          [ forall a. a -> Maybe a
Prelude.Just (Key
"KeyId" forall kv v. (KeyValue kv, ToJSON v) => Key -> v -> kv
Data..= Text
keyId),
            forall a. a -> Maybe a
Prelude.Just (Key
"PolicyName" forall kv v. (KeyValue kv, ToJSON v) => Key -> v -> kv
Data..= Text
policyName)
          ]
      )

instance Data.ToPath GetKeyPolicy where
  toPath :: GetKeyPolicy -> ByteString
toPath = forall a b. a -> b -> a
Prelude.const ByteString
"/"

instance Data.ToQuery GetKeyPolicy where
  toQuery :: GetKeyPolicy -> QueryString
toQuery = forall a b. a -> b -> a
Prelude.const forall a. Monoid a => a
Prelude.mempty

-- | /See:/ 'newGetKeyPolicyResponse' smart constructor.
data GetKeyPolicyResponse = GetKeyPolicyResponse'
  { -- | A key policy document in JSON format.
    GetKeyPolicyResponse -> Maybe Text
policy :: Prelude.Maybe Prelude.Text,
    -- | The response's http status code.
    GetKeyPolicyResponse -> Int
httpStatus :: Prelude.Int
  }
  deriving (GetKeyPolicyResponse -> GetKeyPolicyResponse -> Bool
forall a. (a -> a -> Bool) -> (a -> a -> Bool) -> Eq a
/= :: GetKeyPolicyResponse -> GetKeyPolicyResponse -> Bool
$c/= :: GetKeyPolicyResponse -> GetKeyPolicyResponse -> Bool
== :: GetKeyPolicyResponse -> GetKeyPolicyResponse -> Bool
$c== :: GetKeyPolicyResponse -> GetKeyPolicyResponse -> Bool
Prelude.Eq, ReadPrec [GetKeyPolicyResponse]
ReadPrec GetKeyPolicyResponse
Int -> ReadS GetKeyPolicyResponse
ReadS [GetKeyPolicyResponse]
forall a.
(Int -> ReadS a)
-> ReadS [a] -> ReadPrec a -> ReadPrec [a] -> Read a
readListPrec :: ReadPrec [GetKeyPolicyResponse]
$creadListPrec :: ReadPrec [GetKeyPolicyResponse]
readPrec :: ReadPrec GetKeyPolicyResponse
$creadPrec :: ReadPrec GetKeyPolicyResponse
readList :: ReadS [GetKeyPolicyResponse]
$creadList :: ReadS [GetKeyPolicyResponse]
readsPrec :: Int -> ReadS GetKeyPolicyResponse
$creadsPrec :: Int -> ReadS GetKeyPolicyResponse
Prelude.Read, Int -> GetKeyPolicyResponse -> ShowS
[GetKeyPolicyResponse] -> ShowS
GetKeyPolicyResponse -> String
forall a.
(Int -> a -> ShowS) -> (a -> String) -> ([a] -> ShowS) -> Show a
showList :: [GetKeyPolicyResponse] -> ShowS
$cshowList :: [GetKeyPolicyResponse] -> ShowS
show :: GetKeyPolicyResponse -> String
$cshow :: GetKeyPolicyResponse -> String
showsPrec :: Int -> GetKeyPolicyResponse -> ShowS
$cshowsPrec :: Int -> GetKeyPolicyResponse -> ShowS
Prelude.Show, forall x. Rep GetKeyPolicyResponse x -> GetKeyPolicyResponse
forall x. GetKeyPolicyResponse -> Rep GetKeyPolicyResponse x
forall a.
(forall x. a -> Rep a x) -> (forall x. Rep a x -> a) -> Generic a
$cto :: forall x. Rep GetKeyPolicyResponse x -> GetKeyPolicyResponse
$cfrom :: forall x. GetKeyPolicyResponse -> Rep GetKeyPolicyResponse x
Prelude.Generic)

-- |
-- Create a value of 'GetKeyPolicyResponse' with all optional fields omitted.
--
-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
--
-- The following record fields are available, with the corresponding lenses provided
-- for backwards compatibility:
--
-- 'policy', 'getKeyPolicyResponse_policy' - A key policy document in JSON format.
--
-- 'httpStatus', 'getKeyPolicyResponse_httpStatus' - The response's http status code.
newGetKeyPolicyResponse ::
  -- | 'httpStatus'
  Prelude.Int ->
  GetKeyPolicyResponse
newGetKeyPolicyResponse :: Int -> GetKeyPolicyResponse
newGetKeyPolicyResponse Int
pHttpStatus_ =
  GetKeyPolicyResponse'
    { $sel:policy:GetKeyPolicyResponse' :: Maybe Text
policy = forall a. Maybe a
Prelude.Nothing,
      $sel:httpStatus:GetKeyPolicyResponse' :: Int
httpStatus = Int
pHttpStatus_
    }

-- | A key policy document in JSON format.
getKeyPolicyResponse_policy :: Lens.Lens' GetKeyPolicyResponse (Prelude.Maybe Prelude.Text)
getKeyPolicyResponse_policy :: Lens' GetKeyPolicyResponse (Maybe Text)
getKeyPolicyResponse_policy = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\GetKeyPolicyResponse' {Maybe Text
policy :: Maybe Text
$sel:policy:GetKeyPolicyResponse' :: GetKeyPolicyResponse -> Maybe Text
policy} -> Maybe Text
policy) (\s :: GetKeyPolicyResponse
s@GetKeyPolicyResponse' {} Maybe Text
a -> GetKeyPolicyResponse
s {$sel:policy:GetKeyPolicyResponse' :: Maybe Text
policy = Maybe Text
a} :: GetKeyPolicyResponse)

-- | The response's http status code.
getKeyPolicyResponse_httpStatus :: Lens.Lens' GetKeyPolicyResponse Prelude.Int
getKeyPolicyResponse_httpStatus :: Lens' GetKeyPolicyResponse Int
getKeyPolicyResponse_httpStatus = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\GetKeyPolicyResponse' {Int
httpStatus :: Int
$sel:httpStatus:GetKeyPolicyResponse' :: GetKeyPolicyResponse -> Int
httpStatus} -> Int
httpStatus) (\s :: GetKeyPolicyResponse
s@GetKeyPolicyResponse' {} Int
a -> GetKeyPolicyResponse
s {$sel:httpStatus:GetKeyPolicyResponse' :: Int
httpStatus = Int
a} :: GetKeyPolicyResponse)

instance Prelude.NFData GetKeyPolicyResponse where
  rnf :: GetKeyPolicyResponse -> ()
rnf GetKeyPolicyResponse' {Int
Maybe Text
httpStatus :: Int
policy :: Maybe Text
$sel:httpStatus:GetKeyPolicyResponse' :: GetKeyPolicyResponse -> Int
$sel:policy:GetKeyPolicyResponse' :: GetKeyPolicyResponse -> Maybe Text
..} =
    forall a. NFData a => a -> ()
Prelude.rnf Maybe Text
policy
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf Int
httpStatus