{-# LANGUAGE DeriveGeneric #-} {-# LANGUAGE DuplicateRecordFields #-} {-# LANGUAGE NamedFieldPuns #-} {-# LANGUAGE OverloadedStrings #-} {-# LANGUAGE RecordWildCards #-} {-# LANGUAGE StrictData #-} {-# LANGUAGE TypeFamilies #-} {-# LANGUAGE NoImplicitPrelude #-} {-# OPTIONS_GHC -fno-warn-unused-binds #-} {-# OPTIONS_GHC -fno-warn-unused-imports #-} {-# OPTIONS_GHC -fno-warn-unused-matches #-} -- Derived from AWS service descriptions, licensed under Apache 2.0. -- | -- Module : Amazonka.EMR.PutBlockPublicAccessConfiguration -- Copyright : (c) 2013-2023 Brendan Hay -- License : Mozilla Public License, v. 2.0. -- Maintainer : Brendan Hay -- Stability : auto-generated -- Portability : non-portable (GHC extensions) -- -- Creates or updates an Amazon EMR block public access configuration for -- your Amazon Web Services account in the current Region. For more -- information see -- -- in the /Amazon EMR Management Guide/. module Amazonka.EMR.PutBlockPublicAccessConfiguration ( -- * Creating a Request PutBlockPublicAccessConfiguration (..), newPutBlockPublicAccessConfiguration, -- * Request Lenses putBlockPublicAccessConfiguration_blockPublicAccessConfiguration, -- * Destructuring the Response PutBlockPublicAccessConfigurationResponse (..), newPutBlockPublicAccessConfigurationResponse, -- * Response Lenses putBlockPublicAccessConfigurationResponse_httpStatus, ) where import qualified Amazonka.Core as Core import qualified Amazonka.Core.Lens.Internal as Lens import qualified Amazonka.Data as Data import Amazonka.EMR.Types import qualified Amazonka.Prelude as Prelude import qualified Amazonka.Request as Request import qualified Amazonka.Response as Response -- | /See:/ 'newPutBlockPublicAccessConfiguration' smart constructor. data PutBlockPublicAccessConfiguration = PutBlockPublicAccessConfiguration' { -- | A configuration for Amazon EMR block public access. The configuration -- applies to all clusters created in your account for the current Region. -- The configuration specifies whether block public access is enabled. If -- block public access is enabled, security groups associated with the -- cluster cannot have rules that allow inbound traffic from 0.0.0.0\/0 or -- ::\/0 on a port, unless the port is specified as an exception using -- @PermittedPublicSecurityGroupRuleRanges@ in the -- @BlockPublicAccessConfiguration@. By default, Port 22 (SSH) is an -- exception, and public access is allowed on this port. You can change -- this by updating @BlockPublicSecurityGroupRules@ to remove the -- exception. -- -- For accounts that created clusters in a Region before November 25, 2019, -- block public access is disabled by default in that Region. To use this -- feature, you must manually enable and configure it. For accounts that -- did not create an EMR cluster in a Region before this date, block public -- access is enabled by default in that Region. blockPublicAccessConfiguration :: BlockPublicAccessConfiguration } deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic) -- | -- Create a value of 'PutBlockPublicAccessConfiguration' with all optional fields omitted. -- -- Use or to modify other optional fields. -- -- The following record fields are available, with the corresponding lenses provided -- for backwards compatibility: -- -- 'blockPublicAccessConfiguration', 'putBlockPublicAccessConfiguration_blockPublicAccessConfiguration' - A configuration for Amazon EMR block public access. The configuration -- applies to all clusters created in your account for the current Region. -- The configuration specifies whether block public access is enabled. If -- block public access is enabled, security groups associated with the -- cluster cannot have rules that allow inbound traffic from 0.0.0.0\/0 or -- ::\/0 on a port, unless the port is specified as an exception using -- @PermittedPublicSecurityGroupRuleRanges@ in the -- @BlockPublicAccessConfiguration@. By default, Port 22 (SSH) is an -- exception, and public access is allowed on this port. You can change -- this by updating @BlockPublicSecurityGroupRules@ to remove the -- exception. -- -- For accounts that created clusters in a Region before November 25, 2019, -- block public access is disabled by default in that Region. To use this -- feature, you must manually enable and configure it. For accounts that -- did not create an EMR cluster in a Region before this date, block public -- access is enabled by default in that Region. newPutBlockPublicAccessConfiguration :: -- | 'blockPublicAccessConfiguration' BlockPublicAccessConfiguration -> PutBlockPublicAccessConfiguration newPutBlockPublicAccessConfiguration pBlockPublicAccessConfiguration_ = PutBlockPublicAccessConfiguration' { blockPublicAccessConfiguration = pBlockPublicAccessConfiguration_ } -- | A configuration for Amazon EMR block public access. The configuration -- applies to all clusters created in your account for the current Region. -- The configuration specifies whether block public access is enabled. If -- block public access is enabled, security groups associated with the -- cluster cannot have rules that allow inbound traffic from 0.0.0.0\/0 or -- ::\/0 on a port, unless the port is specified as an exception using -- @PermittedPublicSecurityGroupRuleRanges@ in the -- @BlockPublicAccessConfiguration@. By default, Port 22 (SSH) is an -- exception, and public access is allowed on this port. You can change -- this by updating @BlockPublicSecurityGroupRules@ to remove the -- exception. -- -- For accounts that created clusters in a Region before November 25, 2019, -- block public access is disabled by default in that Region. To use this -- feature, you must manually enable and configure it. For accounts that -- did not create an EMR cluster in a Region before this date, block public -- access is enabled by default in that Region. putBlockPublicAccessConfiguration_blockPublicAccessConfiguration :: Lens.Lens' PutBlockPublicAccessConfiguration BlockPublicAccessConfiguration putBlockPublicAccessConfiguration_blockPublicAccessConfiguration = Lens.lens (\PutBlockPublicAccessConfiguration' {blockPublicAccessConfiguration} -> blockPublicAccessConfiguration) (\s@PutBlockPublicAccessConfiguration' {} a -> s {blockPublicAccessConfiguration = a} :: PutBlockPublicAccessConfiguration) instance Core.AWSRequest PutBlockPublicAccessConfiguration where type AWSResponse PutBlockPublicAccessConfiguration = PutBlockPublicAccessConfigurationResponse request overrides = Request.postJSON (overrides defaultService) response = Response.receiveEmpty ( \s h x -> PutBlockPublicAccessConfigurationResponse' Prelude.<$> (Prelude.pure (Prelude.fromEnum s)) ) instance Prelude.Hashable PutBlockPublicAccessConfiguration where hashWithSalt _salt PutBlockPublicAccessConfiguration' {..} = _salt `Prelude.hashWithSalt` blockPublicAccessConfiguration instance Prelude.NFData PutBlockPublicAccessConfiguration where rnf PutBlockPublicAccessConfiguration' {..} = Prelude.rnf blockPublicAccessConfiguration instance Data.ToHeaders PutBlockPublicAccessConfiguration where toHeaders = Prelude.const ( Prelude.mconcat [ "X-Amz-Target" Data.=# ( "ElasticMapReduce.PutBlockPublicAccessConfiguration" :: Prelude.ByteString ), "Content-Type" Data.=# ( "application/x-amz-json-1.1" :: Prelude.ByteString ) ] ) instance Data.ToJSON PutBlockPublicAccessConfiguration where toJSON PutBlockPublicAccessConfiguration' {..} = Data.object ( Prelude.catMaybes [ Prelude.Just ( "BlockPublicAccessConfiguration" Data..= blockPublicAccessConfiguration ) ] ) instance Data.ToPath PutBlockPublicAccessConfiguration where toPath = Prelude.const "/" instance Data.ToQuery PutBlockPublicAccessConfiguration where toQuery = Prelude.const Prelude.mempty -- | /See:/ 'newPutBlockPublicAccessConfigurationResponse' smart constructor. data PutBlockPublicAccessConfigurationResponse = PutBlockPublicAccessConfigurationResponse' { -- | The response's http status code. httpStatus :: Prelude.Int } deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic) -- | -- Create a value of 'PutBlockPublicAccessConfigurationResponse' with all optional fields omitted. -- -- Use or to modify other optional fields. -- -- The following record fields are available, with the corresponding lenses provided -- for backwards compatibility: -- -- 'httpStatus', 'putBlockPublicAccessConfigurationResponse_httpStatus' - The response's http status code. newPutBlockPublicAccessConfigurationResponse :: -- | 'httpStatus' Prelude.Int -> PutBlockPublicAccessConfigurationResponse newPutBlockPublicAccessConfigurationResponse pHttpStatus_ = PutBlockPublicAccessConfigurationResponse' { httpStatus = pHttpStatus_ } -- | The response's http status code. putBlockPublicAccessConfigurationResponse_httpStatus :: Lens.Lens' PutBlockPublicAccessConfigurationResponse Prelude.Int putBlockPublicAccessConfigurationResponse_httpStatus = Lens.lens (\PutBlockPublicAccessConfigurationResponse' {httpStatus} -> httpStatus) (\s@PutBlockPublicAccessConfigurationResponse' {} a -> s {httpStatus = a} :: PutBlockPublicAccessConfigurationResponse) instance Prelude.NFData PutBlockPublicAccessConfigurationResponse where rnf PutBlockPublicAccessConfigurationResponse' {..} = Prelude.rnf httpStatus