{-# LANGUAGE DeriveGeneric #-}
{-# LANGUAGE DuplicateRecordFields #-}
{-# LANGUAGE NamedFieldPuns #-}
{-# LANGUAGE OverloadedStrings #-}
{-# LANGUAGE RecordWildCards #-}
{-# LANGUAGE StrictData #-}
{-# LANGUAGE TypeFamilies #-}
{-# LANGUAGE NoImplicitPrelude #-}
{-# OPTIONS_GHC -fno-warn-unused-binds #-}
{-# OPTIONS_GHC -fno-warn-unused-imports #-}
{-# OPTIONS_GHC -fno-warn-unused-matches #-}

-- Derived from AWS service descriptions, licensed under Apache 2.0.

-- |
-- Module      : Amazonka.CloudWatchLogs.PutDataProtectionPolicy
-- Copyright   : (c) 2013-2023 Brendan Hay
-- License     : Mozilla Public License, v. 2.0.
-- Maintainer  : Brendan Hay
-- Stability   : auto-generated
-- Portability : non-portable (GHC extensions)
--
-- Creates a data protection policy for the specified log group. A data
-- protection policy can help safeguard sensitive data that\'s ingested by
-- the log group by auditing and masking the sensitive log data.
--
-- Sensitive data is detected and masked when it is ingested into the log
-- group. When you set a data protection policy, log events ingested into
-- the log group before that time are not masked.
--
-- By default, when a user views a log event that includes masked data, the
-- sensitive data is replaced by asterisks. A user who has the
-- @logs:Unmask@ permission can use a
-- <https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_GetLogEvents.html GetLogEvents>
-- or
-- <https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_FilterLogEvents.html FilterLogEvents>
-- operation with the @unmask@ parameter set to @true@ to view the unmasked
-- log events. Users with the @logs:Unmask@ can also view unmasked data in
-- the CloudWatch Logs console by running a CloudWatch Logs Insights query
-- with the @unmask@ query command.
--
-- For more information, including a list of types of data that can be
-- audited and masked, see
-- <https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/mask-sensitive-log-data.html Protect sensitive log data with masking>.
module Amazonka.CloudWatchLogs.PutDataProtectionPolicy
  ( -- * Creating a Request
    PutDataProtectionPolicy (..),
    newPutDataProtectionPolicy,

    -- * Request Lenses
    putDataProtectionPolicy_logGroupIdentifier,
    putDataProtectionPolicy_policyDocument,

    -- * Destructuring the Response
    PutDataProtectionPolicyResponse (..),
    newPutDataProtectionPolicyResponse,

    -- * Response Lenses
    putDataProtectionPolicyResponse_lastUpdatedTime,
    putDataProtectionPolicyResponse_logGroupIdentifier,
    putDataProtectionPolicyResponse_policyDocument,
    putDataProtectionPolicyResponse_httpStatus,
  )
where

import Amazonka.CloudWatchLogs.Types
import qualified Amazonka.Core as Core
import qualified Amazonka.Core.Lens.Internal as Lens
import qualified Amazonka.Data as Data
import qualified Amazonka.Prelude as Prelude
import qualified Amazonka.Request as Request
import qualified Amazonka.Response as Response

-- | /See:/ 'newPutDataProtectionPolicy' smart constructor.
data PutDataProtectionPolicy = PutDataProtectionPolicy'
  { -- | Specify either the log group name or log group ARN.
    PutDataProtectionPolicy -> Text
logGroupIdentifier :: Prelude.Text,
    -- | Specify the data protection policy, in JSON.
    --
    -- This policy must include two JSON blocks:
    --
    -- -   The first block must include both a @DataIdentifer@ array and an
    --     @Operation@ property with an @Audit@ action. The @DataIdentifer@
    --     array lists the types of sensitive data that you want to mask. For
    --     more information about the available options, see
    --     <https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/mask-sensitive-log-data-types.html Types of data that you can mask>.
    --
    --     The @Operation@ property with an @Audit@ action is required to find
    --     the sensitive data terms. This @Audit@ action must contain a
    --     @FindingsDestination@ object. You can optionally use that
    --     @FindingsDestination@ object to list one or more destinations to
    --     send audit findings to. If you specify destinations such as log
    --     groups, Kinesis Data Firehose streams, and S3 buckets, they must
    --     already exist.
    --
    -- -   The second block must include both a @DataIdentifer@ array and an
    --     @Operation@ property with an @Deidentify@ action. The
    --     @DataIdentifer@ array must exactly match the @DataIdentifer@ array
    --     in the first block of the policy.
    --
    --     The @Operation@ property with the @Deidentify@ action is what
    --     actually masks the data, and it must contain the
    --     @ \"MaskConfig\": {}@ object. The @ \"MaskConfig\": {}@ object must
    --     be empty.
    --
    -- For an example data protection policy, see the __Examples__ section on
    -- this page.
    --
    -- The contents of two @DataIdentifer@ arrays must match exactly.
    PutDataProtectionPolicy -> Text
policyDocument :: Prelude.Text
  }
  deriving (PutDataProtectionPolicy -> PutDataProtectionPolicy -> Bool
forall a. (a -> a -> Bool) -> (a -> a -> Bool) -> Eq a
/= :: PutDataProtectionPolicy -> PutDataProtectionPolicy -> Bool
$c/= :: PutDataProtectionPolicy -> PutDataProtectionPolicy -> Bool
== :: PutDataProtectionPolicy -> PutDataProtectionPolicy -> Bool
$c== :: PutDataProtectionPolicy -> PutDataProtectionPolicy -> Bool
Prelude.Eq, ReadPrec [PutDataProtectionPolicy]
ReadPrec PutDataProtectionPolicy
Int -> ReadS PutDataProtectionPolicy
ReadS [PutDataProtectionPolicy]
forall a.
(Int -> ReadS a)
-> ReadS [a] -> ReadPrec a -> ReadPrec [a] -> Read a
readListPrec :: ReadPrec [PutDataProtectionPolicy]
$creadListPrec :: ReadPrec [PutDataProtectionPolicy]
readPrec :: ReadPrec PutDataProtectionPolicy
$creadPrec :: ReadPrec PutDataProtectionPolicy
readList :: ReadS [PutDataProtectionPolicy]
$creadList :: ReadS [PutDataProtectionPolicy]
readsPrec :: Int -> ReadS PutDataProtectionPolicy
$creadsPrec :: Int -> ReadS PutDataProtectionPolicy
Prelude.Read, Int -> PutDataProtectionPolicy -> ShowS
[PutDataProtectionPolicy] -> ShowS
PutDataProtectionPolicy -> String
forall a.
(Int -> a -> ShowS) -> (a -> String) -> ([a] -> ShowS) -> Show a
showList :: [PutDataProtectionPolicy] -> ShowS
$cshowList :: [PutDataProtectionPolicy] -> ShowS
show :: PutDataProtectionPolicy -> String
$cshow :: PutDataProtectionPolicy -> String
showsPrec :: Int -> PutDataProtectionPolicy -> ShowS
$cshowsPrec :: Int -> PutDataProtectionPolicy -> ShowS
Prelude.Show, forall x. Rep PutDataProtectionPolicy x -> PutDataProtectionPolicy
forall x. PutDataProtectionPolicy -> Rep PutDataProtectionPolicy x
forall a.
(forall x. a -> Rep a x) -> (forall x. Rep a x -> a) -> Generic a
$cto :: forall x. Rep PutDataProtectionPolicy x -> PutDataProtectionPolicy
$cfrom :: forall x. PutDataProtectionPolicy -> Rep PutDataProtectionPolicy x
Prelude.Generic)

-- |
-- Create a value of 'PutDataProtectionPolicy' with all optional fields omitted.
--
-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
--
-- The following record fields are available, with the corresponding lenses provided
-- for backwards compatibility:
--
-- 'logGroupIdentifier', 'putDataProtectionPolicy_logGroupIdentifier' - Specify either the log group name or log group ARN.
--
-- 'policyDocument', 'putDataProtectionPolicy_policyDocument' - Specify the data protection policy, in JSON.
--
-- This policy must include two JSON blocks:
--
-- -   The first block must include both a @DataIdentifer@ array and an
--     @Operation@ property with an @Audit@ action. The @DataIdentifer@
--     array lists the types of sensitive data that you want to mask. For
--     more information about the available options, see
--     <https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/mask-sensitive-log-data-types.html Types of data that you can mask>.
--
--     The @Operation@ property with an @Audit@ action is required to find
--     the sensitive data terms. This @Audit@ action must contain a
--     @FindingsDestination@ object. You can optionally use that
--     @FindingsDestination@ object to list one or more destinations to
--     send audit findings to. If you specify destinations such as log
--     groups, Kinesis Data Firehose streams, and S3 buckets, they must
--     already exist.
--
-- -   The second block must include both a @DataIdentifer@ array and an
--     @Operation@ property with an @Deidentify@ action. The
--     @DataIdentifer@ array must exactly match the @DataIdentifer@ array
--     in the first block of the policy.
--
--     The @Operation@ property with the @Deidentify@ action is what
--     actually masks the data, and it must contain the
--     @ \"MaskConfig\": {}@ object. The @ \"MaskConfig\": {}@ object must
--     be empty.
--
-- For an example data protection policy, see the __Examples__ section on
-- this page.
--
-- The contents of two @DataIdentifer@ arrays must match exactly.
newPutDataProtectionPolicy ::
  -- | 'logGroupIdentifier'
  Prelude.Text ->
  -- | 'policyDocument'
  Prelude.Text ->
  PutDataProtectionPolicy
newPutDataProtectionPolicy :: Text -> Text -> PutDataProtectionPolicy
newPutDataProtectionPolicy
  Text
pLogGroupIdentifier_
  Text
pPolicyDocument_ =
    PutDataProtectionPolicy'
      { $sel:logGroupIdentifier:PutDataProtectionPolicy' :: Text
logGroupIdentifier =
          Text
pLogGroupIdentifier_,
        $sel:policyDocument:PutDataProtectionPolicy' :: Text
policyDocument = Text
pPolicyDocument_
      }

-- | Specify either the log group name or log group ARN.
putDataProtectionPolicy_logGroupIdentifier :: Lens.Lens' PutDataProtectionPolicy Prelude.Text
putDataProtectionPolicy_logGroupIdentifier :: Lens' PutDataProtectionPolicy Text
putDataProtectionPolicy_logGroupIdentifier = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\PutDataProtectionPolicy' {Text
logGroupIdentifier :: Text
$sel:logGroupIdentifier:PutDataProtectionPolicy' :: PutDataProtectionPolicy -> Text
logGroupIdentifier} -> Text
logGroupIdentifier) (\s :: PutDataProtectionPolicy
s@PutDataProtectionPolicy' {} Text
a -> PutDataProtectionPolicy
s {$sel:logGroupIdentifier:PutDataProtectionPolicy' :: Text
logGroupIdentifier = Text
a} :: PutDataProtectionPolicy)

-- | Specify the data protection policy, in JSON.
--
-- This policy must include two JSON blocks:
--
-- -   The first block must include both a @DataIdentifer@ array and an
--     @Operation@ property with an @Audit@ action. The @DataIdentifer@
--     array lists the types of sensitive data that you want to mask. For
--     more information about the available options, see
--     <https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/mask-sensitive-log-data-types.html Types of data that you can mask>.
--
--     The @Operation@ property with an @Audit@ action is required to find
--     the sensitive data terms. This @Audit@ action must contain a
--     @FindingsDestination@ object. You can optionally use that
--     @FindingsDestination@ object to list one or more destinations to
--     send audit findings to. If you specify destinations such as log
--     groups, Kinesis Data Firehose streams, and S3 buckets, they must
--     already exist.
--
-- -   The second block must include both a @DataIdentifer@ array and an
--     @Operation@ property with an @Deidentify@ action. The
--     @DataIdentifer@ array must exactly match the @DataIdentifer@ array
--     in the first block of the policy.
--
--     The @Operation@ property with the @Deidentify@ action is what
--     actually masks the data, and it must contain the
--     @ \"MaskConfig\": {}@ object. The @ \"MaskConfig\": {}@ object must
--     be empty.
--
-- For an example data protection policy, see the __Examples__ section on
-- this page.
--
-- The contents of two @DataIdentifer@ arrays must match exactly.
putDataProtectionPolicy_policyDocument :: Lens.Lens' PutDataProtectionPolicy Prelude.Text
putDataProtectionPolicy_policyDocument :: Lens' PutDataProtectionPolicy Text
putDataProtectionPolicy_policyDocument = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\PutDataProtectionPolicy' {Text
policyDocument :: Text
$sel:policyDocument:PutDataProtectionPolicy' :: PutDataProtectionPolicy -> Text
policyDocument} -> Text
policyDocument) (\s :: PutDataProtectionPolicy
s@PutDataProtectionPolicy' {} Text
a -> PutDataProtectionPolicy
s {$sel:policyDocument:PutDataProtectionPolicy' :: Text
policyDocument = Text
a} :: PutDataProtectionPolicy)

instance Core.AWSRequest PutDataProtectionPolicy where
  type
    AWSResponse PutDataProtectionPolicy =
      PutDataProtectionPolicyResponse
  request :: (Service -> Service)
-> PutDataProtectionPolicy -> Request PutDataProtectionPolicy
request Service -> Service
overrides =
    forall a. (ToRequest a, ToJSON a) => Service -> a -> Request a
Request.postJSON (Service -> Service
overrides Service
defaultService)
  response :: forall (m :: * -> *).
MonadResource m =>
(ByteStringLazy -> IO ByteStringLazy)
-> Service
-> Proxy PutDataProtectionPolicy
-> ClientResponse ClientBody
-> m (Either
        Error (ClientResponse (AWSResponse PutDataProtectionPolicy)))
response =
    forall (m :: * -> *) a.
MonadResource m =>
(Int -> ResponseHeaders -> Object -> Either String (AWSResponse a))
-> (ByteStringLazy -> IO ByteStringLazy)
-> Service
-> Proxy a
-> ClientResponse ClientBody
-> m (Either Error (ClientResponse (AWSResponse a)))
Response.receiveJSON
      ( \Int
s ResponseHeaders
h Object
x ->
          Maybe Natural
-> Maybe Text
-> Maybe Text
-> Int
-> PutDataProtectionPolicyResponse
PutDataProtectionPolicyResponse'
            forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
Prelude.<$> (Object
x forall a. FromJSON a => Object -> Key -> Either String (Maybe a)
Data..?> Key
"lastUpdatedTime")
            forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x forall a. FromJSON a => Object -> Key -> Either String (Maybe a)
Data..?> Key
"logGroupIdentifier")
            forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x forall a. FromJSON a => Object -> Key -> Either String (Maybe a)
Data..?> Key
"policyDocument")
            forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (forall (f :: * -> *) a. Applicative f => a -> f a
Prelude.pure (forall a. Enum a => a -> Int
Prelude.fromEnum Int
s))
      )

instance Prelude.Hashable PutDataProtectionPolicy where
  hashWithSalt :: Int -> PutDataProtectionPolicy -> Int
hashWithSalt Int
_salt PutDataProtectionPolicy' {Text
policyDocument :: Text
logGroupIdentifier :: Text
$sel:policyDocument:PutDataProtectionPolicy' :: PutDataProtectionPolicy -> Text
$sel:logGroupIdentifier:PutDataProtectionPolicy' :: PutDataProtectionPolicy -> Text
..} =
    Int
_salt
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` Text
logGroupIdentifier
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` Text
policyDocument

instance Prelude.NFData PutDataProtectionPolicy where
  rnf :: PutDataProtectionPolicy -> ()
rnf PutDataProtectionPolicy' {Text
policyDocument :: Text
logGroupIdentifier :: Text
$sel:policyDocument:PutDataProtectionPolicy' :: PutDataProtectionPolicy -> Text
$sel:logGroupIdentifier:PutDataProtectionPolicy' :: PutDataProtectionPolicy -> Text
..} =
    forall a. NFData a => a -> ()
Prelude.rnf Text
logGroupIdentifier
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf Text
policyDocument

instance Data.ToHeaders PutDataProtectionPolicy where
  toHeaders :: PutDataProtectionPolicy -> ResponseHeaders
toHeaders =
    forall a b. a -> b -> a
Prelude.const
      ( forall a. Monoid a => [a] -> a
Prelude.mconcat
          [ HeaderName
"X-Amz-Target"
              forall a. ToHeader a => HeaderName -> a -> ResponseHeaders
Data.=# ( ByteString
"Logs_20140328.PutDataProtectionPolicy" ::
                          Prelude.ByteString
                      ),
            HeaderName
"Content-Type"
              forall a. ToHeader a => HeaderName -> a -> ResponseHeaders
Data.=# ( ByteString
"application/x-amz-json-1.1" ::
                          Prelude.ByteString
                      )
          ]
      )

instance Data.ToJSON PutDataProtectionPolicy where
  toJSON :: PutDataProtectionPolicy -> Value
toJSON PutDataProtectionPolicy' {Text
policyDocument :: Text
logGroupIdentifier :: Text
$sel:policyDocument:PutDataProtectionPolicy' :: PutDataProtectionPolicy -> Text
$sel:logGroupIdentifier:PutDataProtectionPolicy' :: PutDataProtectionPolicy -> Text
..} =
    [Pair] -> Value
Data.object
      ( forall a. [Maybe a] -> [a]
Prelude.catMaybes
          [ forall a. a -> Maybe a
Prelude.Just
              (Key
"logGroupIdentifier" forall kv v. (KeyValue kv, ToJSON v) => Key -> v -> kv
Data..= Text
logGroupIdentifier),
            forall a. a -> Maybe a
Prelude.Just
              (Key
"policyDocument" forall kv v. (KeyValue kv, ToJSON v) => Key -> v -> kv
Data..= Text
policyDocument)
          ]
      )

instance Data.ToPath PutDataProtectionPolicy where
  toPath :: PutDataProtectionPolicy -> ByteString
toPath = forall a b. a -> b -> a
Prelude.const ByteString
"/"

instance Data.ToQuery PutDataProtectionPolicy where
  toQuery :: PutDataProtectionPolicy -> QueryString
toQuery = forall a b. a -> b -> a
Prelude.const forall a. Monoid a => a
Prelude.mempty

-- | /See:/ 'newPutDataProtectionPolicyResponse' smart constructor.
data PutDataProtectionPolicyResponse = PutDataProtectionPolicyResponse'
  { -- | The date and time that this policy was most recently updated.
    PutDataProtectionPolicyResponse -> Maybe Natural
lastUpdatedTime :: Prelude.Maybe Prelude.Natural,
    -- | The log group name or ARN that you specified in your request.
    PutDataProtectionPolicyResponse -> Maybe Text
logGroupIdentifier :: Prelude.Maybe Prelude.Text,
    -- | The data protection policy used for this log group.
    PutDataProtectionPolicyResponse -> Maybe Text
policyDocument :: Prelude.Maybe Prelude.Text,
    -- | The response's http status code.
    PutDataProtectionPolicyResponse -> Int
httpStatus :: Prelude.Int
  }
  deriving (PutDataProtectionPolicyResponse
-> PutDataProtectionPolicyResponse -> Bool
forall a. (a -> a -> Bool) -> (a -> a -> Bool) -> Eq a
/= :: PutDataProtectionPolicyResponse
-> PutDataProtectionPolicyResponse -> Bool
$c/= :: PutDataProtectionPolicyResponse
-> PutDataProtectionPolicyResponse -> Bool
== :: PutDataProtectionPolicyResponse
-> PutDataProtectionPolicyResponse -> Bool
$c== :: PutDataProtectionPolicyResponse
-> PutDataProtectionPolicyResponse -> Bool
Prelude.Eq, ReadPrec [PutDataProtectionPolicyResponse]
ReadPrec PutDataProtectionPolicyResponse
Int -> ReadS PutDataProtectionPolicyResponse
ReadS [PutDataProtectionPolicyResponse]
forall a.
(Int -> ReadS a)
-> ReadS [a] -> ReadPrec a -> ReadPrec [a] -> Read a
readListPrec :: ReadPrec [PutDataProtectionPolicyResponse]
$creadListPrec :: ReadPrec [PutDataProtectionPolicyResponse]
readPrec :: ReadPrec PutDataProtectionPolicyResponse
$creadPrec :: ReadPrec PutDataProtectionPolicyResponse
readList :: ReadS [PutDataProtectionPolicyResponse]
$creadList :: ReadS [PutDataProtectionPolicyResponse]
readsPrec :: Int -> ReadS PutDataProtectionPolicyResponse
$creadsPrec :: Int -> ReadS PutDataProtectionPolicyResponse
Prelude.Read, Int -> PutDataProtectionPolicyResponse -> ShowS
[PutDataProtectionPolicyResponse] -> ShowS
PutDataProtectionPolicyResponse -> String
forall a.
(Int -> a -> ShowS) -> (a -> String) -> ([a] -> ShowS) -> Show a
showList :: [PutDataProtectionPolicyResponse] -> ShowS
$cshowList :: [PutDataProtectionPolicyResponse] -> ShowS
show :: PutDataProtectionPolicyResponse -> String
$cshow :: PutDataProtectionPolicyResponse -> String
showsPrec :: Int -> PutDataProtectionPolicyResponse -> ShowS
$cshowsPrec :: Int -> PutDataProtectionPolicyResponse -> ShowS
Prelude.Show, forall x.
Rep PutDataProtectionPolicyResponse x
-> PutDataProtectionPolicyResponse
forall x.
PutDataProtectionPolicyResponse
-> Rep PutDataProtectionPolicyResponse x
forall a.
(forall x. a -> Rep a x) -> (forall x. Rep a x -> a) -> Generic a
$cto :: forall x.
Rep PutDataProtectionPolicyResponse x
-> PutDataProtectionPolicyResponse
$cfrom :: forall x.
PutDataProtectionPolicyResponse
-> Rep PutDataProtectionPolicyResponse x
Prelude.Generic)

-- |
-- Create a value of 'PutDataProtectionPolicyResponse' with all optional fields omitted.
--
-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
--
-- The following record fields are available, with the corresponding lenses provided
-- for backwards compatibility:
--
-- 'lastUpdatedTime', 'putDataProtectionPolicyResponse_lastUpdatedTime' - The date and time that this policy was most recently updated.
--
-- 'logGroupIdentifier', 'putDataProtectionPolicyResponse_logGroupIdentifier' - The log group name or ARN that you specified in your request.
--
-- 'policyDocument', 'putDataProtectionPolicyResponse_policyDocument' - The data protection policy used for this log group.
--
-- 'httpStatus', 'putDataProtectionPolicyResponse_httpStatus' - The response's http status code.
newPutDataProtectionPolicyResponse ::
  -- | 'httpStatus'
  Prelude.Int ->
  PutDataProtectionPolicyResponse
newPutDataProtectionPolicyResponse :: Int -> PutDataProtectionPolicyResponse
newPutDataProtectionPolicyResponse Int
pHttpStatus_ =
  PutDataProtectionPolicyResponse'
    { $sel:lastUpdatedTime:PutDataProtectionPolicyResponse' :: Maybe Natural
lastUpdatedTime =
        forall a. Maybe a
Prelude.Nothing,
      $sel:logGroupIdentifier:PutDataProtectionPolicyResponse' :: Maybe Text
logGroupIdentifier = forall a. Maybe a
Prelude.Nothing,
      $sel:policyDocument:PutDataProtectionPolicyResponse' :: Maybe Text
policyDocument = forall a. Maybe a
Prelude.Nothing,
      $sel:httpStatus:PutDataProtectionPolicyResponse' :: Int
httpStatus = Int
pHttpStatus_
    }

-- | The date and time that this policy was most recently updated.
putDataProtectionPolicyResponse_lastUpdatedTime :: Lens.Lens' PutDataProtectionPolicyResponse (Prelude.Maybe Prelude.Natural)
putDataProtectionPolicyResponse_lastUpdatedTime :: Lens' PutDataProtectionPolicyResponse (Maybe Natural)
putDataProtectionPolicyResponse_lastUpdatedTime = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\PutDataProtectionPolicyResponse' {Maybe Natural
lastUpdatedTime :: Maybe Natural
$sel:lastUpdatedTime:PutDataProtectionPolicyResponse' :: PutDataProtectionPolicyResponse -> Maybe Natural
lastUpdatedTime} -> Maybe Natural
lastUpdatedTime) (\s :: PutDataProtectionPolicyResponse
s@PutDataProtectionPolicyResponse' {} Maybe Natural
a -> PutDataProtectionPolicyResponse
s {$sel:lastUpdatedTime:PutDataProtectionPolicyResponse' :: Maybe Natural
lastUpdatedTime = Maybe Natural
a} :: PutDataProtectionPolicyResponse)

-- | The log group name or ARN that you specified in your request.
putDataProtectionPolicyResponse_logGroupIdentifier :: Lens.Lens' PutDataProtectionPolicyResponse (Prelude.Maybe Prelude.Text)
putDataProtectionPolicyResponse_logGroupIdentifier :: Lens' PutDataProtectionPolicyResponse (Maybe Text)
putDataProtectionPolicyResponse_logGroupIdentifier = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\PutDataProtectionPolicyResponse' {Maybe Text
logGroupIdentifier :: Maybe Text
$sel:logGroupIdentifier:PutDataProtectionPolicyResponse' :: PutDataProtectionPolicyResponse -> Maybe Text
logGroupIdentifier} -> Maybe Text
logGroupIdentifier) (\s :: PutDataProtectionPolicyResponse
s@PutDataProtectionPolicyResponse' {} Maybe Text
a -> PutDataProtectionPolicyResponse
s {$sel:logGroupIdentifier:PutDataProtectionPolicyResponse' :: Maybe Text
logGroupIdentifier = Maybe Text
a} :: PutDataProtectionPolicyResponse)

-- | The data protection policy used for this log group.
putDataProtectionPolicyResponse_policyDocument :: Lens.Lens' PutDataProtectionPolicyResponse (Prelude.Maybe Prelude.Text)
putDataProtectionPolicyResponse_policyDocument :: Lens' PutDataProtectionPolicyResponse (Maybe Text)
putDataProtectionPolicyResponse_policyDocument = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\PutDataProtectionPolicyResponse' {Maybe Text
policyDocument :: Maybe Text
$sel:policyDocument:PutDataProtectionPolicyResponse' :: PutDataProtectionPolicyResponse -> Maybe Text
policyDocument} -> Maybe Text
policyDocument) (\s :: PutDataProtectionPolicyResponse
s@PutDataProtectionPolicyResponse' {} Maybe Text
a -> PutDataProtectionPolicyResponse
s {$sel:policyDocument:PutDataProtectionPolicyResponse' :: Maybe Text
policyDocument = Maybe Text
a} :: PutDataProtectionPolicyResponse)

-- | The response's http status code.
putDataProtectionPolicyResponse_httpStatus :: Lens.Lens' PutDataProtectionPolicyResponse Prelude.Int
putDataProtectionPolicyResponse_httpStatus :: Lens' PutDataProtectionPolicyResponse Int
putDataProtectionPolicyResponse_httpStatus = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\PutDataProtectionPolicyResponse' {Int
httpStatus :: Int
$sel:httpStatus:PutDataProtectionPolicyResponse' :: PutDataProtectionPolicyResponse -> Int
httpStatus} -> Int
httpStatus) (\s :: PutDataProtectionPolicyResponse
s@PutDataProtectionPolicyResponse' {} Int
a -> PutDataProtectionPolicyResponse
s {$sel:httpStatus:PutDataProtectionPolicyResponse' :: Int
httpStatus = Int
a} :: PutDataProtectionPolicyResponse)

instance
  Prelude.NFData
    PutDataProtectionPolicyResponse
  where
  rnf :: PutDataProtectionPolicyResponse -> ()
rnf PutDataProtectionPolicyResponse' {Int
Maybe Natural
Maybe Text
httpStatus :: Int
policyDocument :: Maybe Text
logGroupIdentifier :: Maybe Text
lastUpdatedTime :: Maybe Natural
$sel:httpStatus:PutDataProtectionPolicyResponse' :: PutDataProtectionPolicyResponse -> Int
$sel:policyDocument:PutDataProtectionPolicyResponse' :: PutDataProtectionPolicyResponse -> Maybe Text
$sel:logGroupIdentifier:PutDataProtectionPolicyResponse' :: PutDataProtectionPolicyResponse -> Maybe Text
$sel:lastUpdatedTime:PutDataProtectionPolicyResponse' :: PutDataProtectionPolicyResponse -> Maybe Natural
..} =
    forall a. NFData a => a -> ()
Prelude.rnf Maybe Natural
lastUpdatedTime
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf Maybe Text
logGroupIdentifier
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf Maybe Text
policyDocument
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf Int
httpStatus