-- Hoogle documentation, generated by Haddock
-- See Hoogle, http://www.haskell.org/hoogle/


-- | Amazon CloudFront SDK.
--   
--   The types from this library are intended to be used with
--   <a>amazonka</a>, which provides mechanisms for specifying AuthN/AuthZ
--   information, sending requests, and receiving responses.
--   
--   Lenses are used for constructing and manipulating types, due to the
--   depth of nesting of AWS types and transparency regarding
--   de/serialisation into more palatable Haskell values. The provided
--   lenses should be compatible with any of the major lens libraries such
--   as <a>lens</a> or <a>lens-family-core</a>.
--   
--   See <a>Network.AWS.CloudFront</a> or <a>the AWS documentation</a> to
--   get started.
@package amazonka-cloudfront
@version 1.6.0


module Network.AWS.CloudFront.Types

-- | API version <tt>2017-10-30</tt> of the Amazon CloudFront SDK
--   configuration.
cloudFront :: Service

-- | Prism for TooManyOriginCustomHeaders' errors.
_TooManyOriginCustomHeaders :: AsError a => Getting (First ServiceError) a ServiceError

-- | Prism for InvalidTagging' errors.
_InvalidTagging :: AsError a => Getting (First ServiceError) a ServiceError

-- | Prism for InvalidErrorCode' errors.
_InvalidErrorCode :: AsError a => Getting (First ServiceError) a ServiceError

-- | The specified profile for field-level encryption doesn't exist.
_NoSuchFieldLevelEncryptionProfile :: AsError a => Getting (First ServiceError) a ServiceError

-- | The specified profile for field-level encryption is in use.
_FieldLevelEncryptionProfileInUse :: AsError a => Getting (First ServiceError) a ServiceError

-- | Prism for InvalidOriginReadTimeout' errors.
_InvalidOriginReadTimeout :: AsError a => Getting (First ServiceError) a ServiceError

-- | The maximum number of profiles for field-level encryption have been
--   created.
_TooManyFieldLevelEncryptionProfiles :: AsError a => Getting (First ServiceError) a ServiceError

-- | You cannot create more cache behaviors for the distribution.
_TooManyCacheBehaviors :: AsError a => Getting (First ServiceError) a ServiceError

-- | Processing your request would cause you to exceed the maximum number
--   of origin access identities allowed.
_TooManyCloudFrontOriginAccessIdentities :: AsError a => Getting (First ServiceError) a ServiceError

-- | The origin access identity is not valid or doesn't exist.
_InvalidOriginAccessIdentity :: AsError a => Getting (First ServiceError) a ServiceError

-- | Prism for DistributionNotDisabled' errors.
_DistributionNotDisabled :: AsError a => Getting (First ServiceError) a ServiceError

-- | The specified streaming distribution does not exist.
_NoSuchStreamingDistribution :: AsError a => Getting (First ServiceError) a ServiceError

-- | The value of <tt>Quantity</tt> and the size of <tt>Items</tt> don't
--   match.
_InconsistentQuantities :: AsError a => Getting (First ServiceError) a ServiceError

-- | The argument is invalid.
_InvalidArgument :: AsError a => Getting (First ServiceError) a ServiceError

-- | Prism for InvalidOriginKeepaliveTimeout' errors.
_InvalidOriginKeepaliveTimeout :: AsError a => Getting (First ServiceError) a ServiceError

-- | You have exceeded the maximum number of allowable InProgress
--   invalidation batch requests, or invalidation objects.
_TooManyInvalidationsInProgress :: AsError a => Getting (First ServiceError) a ServiceError

-- | Prism for InvalidWebACLId' errors.
_InvalidWebACLId :: AsError a => Getting (First ServiceError) a ServiceError

-- | Prism for TooManyQueryStringParameters' errors.
_TooManyQueryStringParameters :: AsError a => Getting (First ServiceError) a ServiceError

-- | The maximum number of query arg profiles for field-level encryption
--   have been created.
_TooManyFieldLevelEncryptionQueryArgProfiles :: AsError a => Getting (First ServiceError) a ServiceError

-- | Your request contains more CNAMEs than are allowed per distribution.
_TooManyDistributionCNAMEs :: AsError a => Getting (First ServiceError) a ServiceError

-- | The specified origin access identity does not exist.
_NoSuchCloudFrontOriginAccessIdentity :: AsError a => Getting (First ServiceError) a ServiceError

-- | Prism for CloudFrontOriginAccessIdentityInUse' errors.
_CloudFrontOriginAccessIdentityInUse :: AsError a => Getting (First ServiceError) a ServiceError

-- | Processing your request would cause you to exceed the maximum number
--   of streaming distributions allowed.
_TooManyStreamingDistributions :: AsError a => Getting (First ServiceError) a ServiceError

-- | You can't change the value of a public key.
_CannotChangeImmutablePublicKeyFields :: AsError a => Getting (First ServiceError) a ServiceError

-- | Prism for BatchTooLarge' errors.
_BatchTooLarge :: AsError a => Getting (First ServiceError) a ServiceError

-- | Your request contains more cookie names in the whitelist than are
--   allowed per cache behavior.
_TooManyCookieNamesInWhiteList :: AsError a => Getting (First ServiceError) a ServiceError

-- | The specified Lambda function association is invalid.
_InvalidLambdaFunctionAssociation :: AsError a => Getting (First ServiceError) a ServiceError

-- | Your request contains forward cookies option which doesn't match with
--   the expectation for the <tt>whitelisted</tt> list of cookie names.
--   Either list of cookie names has been specified when not allowed or
--   list of cookie names is missing when expected.
_InvalidForwardCookies :: AsError a => Getting (First ServiceError) a ServiceError

-- | The specified configuration for field-level encryption is in use.
_FieldLevelEncryptionConfigInUse :: AsError a => Getting (First ServiceError) a ServiceError

-- | Your request contains more trusted signers than are allowed per
--   distribution.
_TooManyTrustedSigners :: AsError a => Getting (First ServiceError) a ServiceError

-- | The Amazon S3 origin server specified does not refer to a valid Amazon
--   S3 bucket.
_InvalidOrigin :: AsError a => Getting (First ServiceError) a ServiceError

-- | The specified invalidation does not exist.
_NoSuchInvalidation :: AsError a => Getting (First ServiceError) a ServiceError

-- | The specified public key already exists.
_PublicKeyAlreadyExists :: AsError a => Getting (First ServiceError) a ServiceError

-- | No origin exists with the specified <tt>Origin Id</tt> .
_NoSuchOrigin :: AsError a => Getting (First ServiceError) a ServiceError

-- | Prism for InvalidTTLOrder' errors.
_InvalidTTLOrder :: AsError a => Getting (First ServiceError) a ServiceError

-- | Prism for StreamingDistributionNotDisabled' errors.
_StreamingDistributionNotDisabled :: AsError a => Getting (First ServiceError) a ServiceError

-- | Prism for TooManyHeadersInForwardedValues' errors.
_TooManyHeadersInForwardedValues :: AsError a => Getting (First ServiceError) a ServiceError

-- | Prism for NoSuchResource' errors.
_NoSuchResource :: AsError a => Getting (First ServiceError) a ServiceError

-- | The maximum number of encryption entities for field-level encryption
--   have been created.
_TooManyFieldLevelEncryptionEncryptionEntities :: AsError a => Getting (First ServiceError) a ServiceError

-- | Prism for TooManyStreamingDistributionCNAMEs' errors.
_TooManyStreamingDistributionCNAMEs :: AsError a => Getting (First ServiceError) a ServiceError

-- | The specified profile for field-level encryption already exists.
_FieldLevelEncryptionProfileAlreadyExists :: AsError a => Getting (First ServiceError) a ServiceError

-- | Prism for ResourceInUse' errors.
_ResourceInUse :: AsError a => Getting (First ServiceError) a ServiceError

-- | This operation requires the HTTPS protocol. Ensure that you specify
--   the HTTPS protocol in your request, or omit the
--   <tt>RequiredProtocols</tt> element from your distribution
--   configuration.
_InvalidRequiredProtocol :: AsError a => Getting (First ServiceError) a ServiceError

-- | Processing your request would cause you to exceed the maximum number
--   of distributions allowed.
_TooManyDistributions :: AsError a => Getting (First ServiceError) a ServiceError

-- | You cannot create anymore custom SSL/TLS certificates.
_TooManyCertificates :: AsError a => Getting (First ServiceError) a ServiceError

-- | The caller reference you attempted to create the distribution with is
--   associated with another distribution.
_DistributionAlreadyExists :: AsError a => Getting (First ServiceError) a ServiceError

-- | The maximum number of distributions have been associated with the
--   specified configuration for field-level encryption.
_TooManyDistributionsAssociatedToFieldLevelEncryptionConfig :: AsError a => Getting (First ServiceError) a ServiceError

-- | Prism for InvalidQueryStringParameters' errors.
_InvalidQueryStringParameters :: AsError a => Getting (First ServiceError) a ServiceError

-- | This operation requires a body. Ensure that the body is present and
--   the <tt>Content-Type</tt> header is set.
_MissingBody :: AsError a => Getting (First ServiceError) a ServiceError

-- | The specified configuration for field-level encryption can't be
--   associated with the specified cache behavior.
_IllegalFieldLevelEncryptionConfigAssociationWithCacheBehavior :: AsError a => Getting (First ServiceError) a ServiceError

-- | Origin and <tt>CallerReference</tt> cannot be updated.
_IllegalUpdate :: AsError a => Getting (First ServiceError) a ServiceError

-- | The <tt>If-Match</tt> version is missing or not valid for the
--   distribution.
_InvalidIfMatchVersion :: AsError a => Getting (First ServiceError) a ServiceError

-- | The specified configuration for field-level encryption already exists.
_FieldLevelEncryptionConfigAlreadyExists :: AsError a => Getting (First ServiceError) a ServiceError

-- | The precondition given in one or more of the request-header fields
--   evaluated to <tt>false</tt> .
_PreconditionFailed :: AsError a => Getting (First ServiceError) a ServiceError

-- | Prism for InvalidResponseCode' errors.
_InvalidResponseCode :: AsError a => Getting (First ServiceError) a ServiceError

-- | Prism for InvalidHeadersForS3Origin' errors.
_InvalidHeadersForS3Origin :: AsError a => Getting (First ServiceError) a ServiceError

-- | Prism for CNAMEAlreadyExists' errors.
_CNAMEAlreadyExists :: AsError a => Getting (First ServiceError) a ServiceError

-- | The specified public key doesn't exist.
_NoSuchPublicKey :: AsError a => Getting (First ServiceError) a ServiceError

-- | The specified public key is in use.
_PublicKeyInUse :: AsError a => Getting (First ServiceError) a ServiceError

-- | One or more of your trusted signers don't exist.
_TrustedSignerDoesNotExist :: AsError a => Getting (First ServiceError) a ServiceError

-- | You cannot specify SSLv3 as the minimum protocol version if you only
--   want to support only clients that support Server Name Indication
--   (SNI).
_InvalidProtocolSettings :: AsError a => Getting (First ServiceError) a ServiceError

-- | The maximum number of public keys for field-level encryption have been
--   created. To create a new public key, delete one of the existing keys.
_TooManyPublicKeys :: AsError a => Getting (First ServiceError) a ServiceError

-- | The specified configuration for field-level encryption doesn't exist.
_NoSuchFieldLevelEncryptionConfig :: AsError a => Getting (First ServiceError) a ServiceError

-- | The maximum number of content type profiles for field-level encryption
--   have been created.
_TooManyFieldLevelEncryptionContentTypeProfiles :: AsError a => Getting (First ServiceError) a ServiceError

-- | The maximum number of field patterns for field-level encryption have
--   been created.
_TooManyFieldLevelEncryptionFieldPatterns :: AsError a => Getting (First ServiceError) a ServiceError

-- | The maximum number of configurations for field-level encryption have
--   been created.
_TooManyFieldLevelEncryptionConfigs :: AsError a => Getting (First ServiceError) a ServiceError

-- | Your request contains more Lambda function associations than are
--   allowed per distribution.
_TooManyLambdaFunctionAssociations :: AsError a => Getting (First ServiceError) a ServiceError

-- | If the <tt>CallerReference</tt> is a value you already sent in a
--   previous request to create an identity but the content of the
--   <tt>CloudFrontOriginAccessIdentityConfig</tt> is different from the
--   original request, CloudFront returns a
--   <tt>CloudFrontOriginAccessIdentityAlreadyExists</tt> error.
_CloudFrontOriginAccessIdentityAlreadyExists :: AsError a => Getting (First ServiceError) a ServiceError

-- | You cannot create more origins for the distribution.
_TooManyOrigins :: AsError a => Getting (First ServiceError) a ServiceError

-- | The relative path is too big, is not URL-encoded, or does not begin
--   with a slash (/).
_InvalidRelativePath :: AsError a => Getting (First ServiceError) a ServiceError

-- | Prism for StreamingDistributionAlreadyExists' errors.
_StreamingDistributionAlreadyExists :: AsError a => Getting (First ServiceError) a ServiceError

-- | No profile specified for the field-level encryption query argument.
_QueryArgProfileEmpty :: AsError a => Getting (First ServiceError) a ServiceError

-- | Prism for InvalidMinimumProtocolVersion' errors.
_InvalidMinimumProtocolVersion :: AsError a => Getting (First ServiceError) a ServiceError

-- | Access denied.
_AccessDenied :: AsError a => Getting (First ServiceError) a ServiceError

-- | Prism for InvalidViewerCertificate' errors.
_InvalidViewerCertificate :: AsError a => Getting (First ServiceError) a ServiceError

-- | The specified distribution does not exist.
_NoSuchDistribution :: AsError a => Getting (First ServiceError) a ServiceError

-- | The maximum size of a profile for field-level encryption was exceeded.
_FieldLevelEncryptionProfileSizeExceeded :: AsError a => Getting (First ServiceError) a ServiceError

-- | The default root object file name is too big or contains an invalid
--   character.
_InvalidDefaultRootObject :: AsError a => Getting (First ServiceError) a ServiceError

-- | Processing your request would cause the maximum number of
--   distributions with Lambda function associations per owner to be
--   exceeded.
_TooManyDistributionsWithLambdaAssociations :: AsError a => Getting (First ServiceError) a ServiceError

-- | Prism for InvalidGeoRestrictionParameter' errors.
_InvalidGeoRestrictionParameter :: AsError a => Getting (First ServiceError) a ServiceError

-- | Prism for InvalidLocationCode' errors.
_InvalidLocationCode :: AsError a => Getting (First ServiceError) a ServiceError
data CertificateSource
Acm :: CertificateSource
Cloudfront :: CertificateSource
IAM :: CertificateSource
data EventType
OriginRequest :: EventType
OriginResponse :: EventType
ViewerRequest :: EventType
ViewerResponse :: EventType
data Format
URLEncoded :: Format
data GeoRestrictionType
Blacklist :: GeoRestrictionType
None :: GeoRestrictionType
Whitelist :: GeoRestrictionType
data HTTPVersion
HTTP1_1 :: HTTPVersion
HTTP2 :: HTTPVersion
data ItemSelection
ISAll :: ItemSelection
ISNone :: ItemSelection
ISWhitelist :: ItemSelection
data Method
Delete :: Method
Get :: Method
Head :: Method
Options :: Method
Patch :: Method
Post :: Method
Put :: Method
data MinimumProtocolVersion
MPVSSLV3 :: MinimumProtocolVersion
MPVTLSV1 :: MinimumProtocolVersion
MPVTLSV12016 :: MinimumProtocolVersion
MPVTLSV1_12016 :: MinimumProtocolVersion
MPVTLSV1_22018 :: MinimumProtocolVersion
data OriginProtocolPolicy
HTTPOnly :: OriginProtocolPolicy
HTTPSOnly :: OriginProtocolPolicy
MatchViewer :: OriginProtocolPolicy
data PriceClass
PriceClass100 :: PriceClass
PriceClass200 :: PriceClass
PriceClassAll :: PriceClass
data SSLProtocol
SSLV3 :: SSLProtocol
TLSV1 :: SSLProtocol
TLSV1_1 :: SSLProtocol
TLSV1_2 :: SSLProtocol
data SSLSupportMethod
SNIOnly :: SSLSupportMethod
VIP :: SSLSupportMethod
data ViewerProtocolPolicy
VPPAllowAll :: ViewerProtocolPolicy
VPPHTTPSOnly :: ViewerProtocolPolicy
VPPRedirectToHTTPS :: ViewerProtocolPolicy

-- | A complex type that lists the AWS accounts, if any, that you included
--   in the <tt>TrustedSigners</tt> complex type for this distribution.
--   These are the accounts that you want to allow to create signed URLs
--   for private content.
--   
--   The <tt>Signer</tt> complex type lists the AWS account number of the
--   trusted signer or <tt>self</tt> if the signer is the AWS account that
--   created the distribution. The <tt>Signer</tt> element also includes
--   the IDs of any active CloudFront key pairs that are associated with
--   the trusted signer's AWS account. If no <tt>KeyPairId</tt> element
--   appears for a <tt>Signer</tt> , that signer can't create signed URLs.
--   
--   For more information, see <a>Serving Private Content through
--   CloudFront</a> in the <i>Amazon CloudFront Developer Guide</i> .
--   
--   <i>See:</i> <a>activeTrustedSigners</a> smart constructor.
data ActiveTrustedSigners

-- | Creates a value of <a>ActiveTrustedSigners</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>atsItems</a> - A complex type that contains one <tt>Signer</tt>
--   complex type for each trusted signer that is specified in the
--   <tt>TrustedSigners</tt> complex type. For more information, see
--   <a>ActiveTrustedSigners</a> .</li>
--   <li><a>atsEnabled</a> - Enabled is <tt>true</tt> if any of the AWS
--   accounts listed in the <tt>TrustedSigners</tt> complex type for this
--   RTMP distribution have active CloudFront key pairs. If not,
--   <tt>Enabled</tt> is <tt>false</tt> . For more information, see
--   <a>ActiveTrustedSigners</a> .</li>
--   <li><a>atsQuantity</a> - A complex type that contains one
--   <tt>Signer</tt> complex type for each trusted signer specified in the
--   <tt>TrustedSigners</tt> complex type. For more information, see
--   <a>ActiveTrustedSigners</a> .</li>
--   </ul>
activeTrustedSigners :: Bool -> Int -> ActiveTrustedSigners

-- | A complex type that contains one <tt>Signer</tt> complex type for each
--   trusted signer that is specified in the <tt>TrustedSigners</tt>
--   complex type. For more information, see <a>ActiveTrustedSigners</a> .
atsItems :: Lens' ActiveTrustedSigners [Signer]

-- | Enabled is <tt>true</tt> if any of the AWS accounts listed in the
--   <tt>TrustedSigners</tt> complex type for this RTMP distribution have
--   active CloudFront key pairs. If not, <tt>Enabled</tt> is
--   <tt>false</tt> . For more information, see <a>ActiveTrustedSigners</a>
--   .
atsEnabled :: Lens' ActiveTrustedSigners Bool

-- | A complex type that contains one <tt>Signer</tt> complex type for each
--   trusted signer specified in the <tt>TrustedSigners</tt> complex type.
--   For more information, see <a>ActiveTrustedSigners</a> .
atsQuantity :: Lens' ActiveTrustedSigners Int

-- | A complex type that contains information about CNAMEs (alternate
--   domain names), if any, for this distribution.
--   
--   <i>See:</i> <a>aliases</a> smart constructor.
data Aliases

-- | Creates a value of <a>Aliases</a> with the minimum fields required to
--   make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>aItems</a> - A complex type that contains the CNAME aliases, if
--   any, that you want to associate with this distribution.</li>
--   <li><a>aQuantity</a> - The number of CNAME aliases, if any, that you
--   want to associate with this distribution.</li>
--   </ul>
aliases :: Int -> Aliases

-- | A complex type that contains the CNAME aliases, if any, that you want
--   to associate with this distribution.
aItems :: Lens' Aliases [Text]

-- | The number of CNAME aliases, if any, that you want to associate with
--   this distribution.
aQuantity :: Lens' Aliases Int

-- | A complex type that controls which HTTP methods CloudFront processes
--   and forwards to your Amazon S3 bucket or your custom origin. There are
--   three choices:
--   
--   <ul>
--   <li>CloudFront forwards only <tt>GET</tt> and <tt>HEAD</tt>
--   requests.</li>
--   <li>CloudFront forwards only <tt>GET</tt> , <tt>HEAD</tt> , and
--   <tt>OPTIONS</tt> requests.</li>
--   <li>CloudFront forwards <tt>GET, HEAD, OPTIONS, PUT, PATCH, POST</tt>
--   , and <tt>DELETE</tt> requests.</li>
--   </ul>
--   
--   If you pick the third choice, you may need to restrict access to your
--   Amazon S3 bucket or to your custom origin so users can't perform
--   operations that you don't want them to. For example, you might not
--   want users to have permissions to delete objects from your origin.
--   
--   <i>See:</i> <a>allowedMethods</a> smart constructor.
data AllowedMethods

-- | Creates a value of <a>AllowedMethods</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>amCachedMethods</a> - Undocumented member.</li>
--   <li><a>amQuantity</a> - The number of HTTP methods that you want
--   CloudFront to forward to your origin. Valid values are 2 (for
--   <tt>GET</tt> and <tt>HEAD</tt> requests), 3 (for <tt>GET</tt> ,
--   <tt>HEAD</tt> , and <tt>OPTIONS</tt> requests) and 7 (for <tt>GET,
--   HEAD, OPTIONS, PUT, PATCH, POST</tt> , and <tt>DELETE</tt>
--   requests).</li>
--   <li><a>amItems</a> - A complex type that contains the HTTP methods
--   that you want CloudFront to process and forward to your origin.</li>
--   </ul>
allowedMethods :: Int -> AllowedMethods

-- | Undocumented member.
amCachedMethods :: Lens' AllowedMethods (Maybe CachedMethods)

-- | The number of HTTP methods that you want CloudFront to forward to your
--   origin. Valid values are 2 (for <tt>GET</tt> and <tt>HEAD</tt>
--   requests), 3 (for <tt>GET</tt> , <tt>HEAD</tt> , and <tt>OPTIONS</tt>
--   requests) and 7 (for <tt>GET, HEAD, OPTIONS, PUT, PATCH, POST</tt> ,
--   and <tt>DELETE</tt> requests).
amQuantity :: Lens' AllowedMethods Int

-- | A complex type that contains the HTTP methods that you want CloudFront
--   to process and forward to your origin.
amItems :: Lens' AllowedMethods [Method]

-- | A complex type that describes how CloudFront processes requests.
--   
--   You must create at least as many cache behaviors (including the
--   default cache behavior) as you have origins if you want CloudFront to
--   distribute objects from all of the origins. Each cache behavior
--   specifies the one origin from which you want CloudFront to get
--   objects. If you have two origins and only the default cache behavior,
--   the default cache behavior will cause CloudFront to get objects from
--   one of the origins, but the other origin is never used.
--   
--   For the current limit on the number of cache behaviors that you can
--   add to a distribution, see <a>Amazon CloudFront Limits</a> in the
--   <i>AWS General Reference</i> .
--   
--   If you don't want to specify any cache behaviors, include only an
--   empty <tt>CacheBehaviors</tt> element. Don't include an empty
--   <tt>CacheBehavior</tt> element, or CloudFront returns a
--   <tt>MalformedXML</tt> error.
--   
--   To delete all cache behaviors in an existing distribution, update the
--   distribution configuration and include only an empty
--   <tt>CacheBehaviors</tt> element.
--   
--   To add, change, or remove one or more cache behaviors, update the
--   distribution configuration and specify all of the cache behaviors that
--   you want to include in the updated distribution.
--   
--   For more information about cache behaviors, see <a>Cache Behaviors</a>
--   in the <i>Amazon CloudFront Developer Guide</i> .
--   
--   <i>See:</i> <a>cacheBehavior</a> smart constructor.
data CacheBehavior

-- | Creates a value of <a>CacheBehavior</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>cbAllowedMethods</a> - Undocumented member.</li>
--   <li><a>cbLambdaFunctionAssociations</a> - A complex type that contains
--   zero or more Lambda function associations for a cache behavior.</li>
--   <li><a>cbMaxTTL</a> - The maximum amount of time that you want objects
--   to stay in CloudFront caches before CloudFront forwards another
--   request to your origin to determine whether the object has been
--   updated. The value that you specify applies only when your origin adds
--   HTTP headers such as <tt>Cache-Control max-age</tt> ,
--   <tt>Cache-Control s-maxage</tt> , and <tt>Expires</tt> to objects. For
--   more information, see <a>Specifying How Long Objects and Errors Stay
--   in a CloudFront Edge Cache (Expiration)</a> in the <i>Amazon
--   CloudFront Developer Guide</i> .</li>
--   <li><a>cbCompress</a> - Whether you want CloudFront to automatically
--   compress certain files for this cache behavior. If so, specify true;
--   if not, specify false. For more information, see <a>Serving Compressed
--   Files</a> in the <i>Amazon CloudFront Developer Guide</i> .</li>
--   <li><a>cbSmoothStreaming</a> - Indicates whether you want to
--   distribute media files in the Microsoft Smooth Streaming format using
--   the origin that is associated with this cache behavior. If so, specify
--   <tt>true</tt> ; if not, specify <tt>false</tt> . If you specify
--   <tt>true</tt> for <tt>SmoothStreaming</tt> , you can still distribute
--   other content using this cache behavior if the content matches the
--   value of <tt>PathPattern</tt> .</li>
--   <li><a>cbDefaultTTL</a> - The default amount of time that you want
--   objects to stay in CloudFront caches before CloudFront forwards
--   another request to your origin to determine whether the object has
--   been updated. The value that you specify applies only when your origin
--   does not add HTTP headers such as <tt>Cache-Control max-age</tt> ,
--   <tt>Cache-Control s-maxage</tt> , and <tt>Expires</tt> to objects. For
--   more information, see <a>Specifying How Long Objects and Errors Stay
--   in a CloudFront Edge Cache (Expiration)</a> in the <i>Amazon
--   CloudFront Developer Guide</i> .</li>
--   <li><a>cbFieldLevelEncryptionId</a> - Undocumented member.</li>
--   <li><a>cbPathPattern</a> - The pattern (for example,
--   <tt>images/*.jpg</tt> ) that specifies which requests to apply the
--   behavior to. When CloudFront receives a viewer request, the requested
--   path is compared with path patterns in the order in which cache
--   behaviors are listed in the distribution. The path pattern for the
--   default cache behavior is <tt>*</tt> and cannot be changed. If the
--   request for an object does not match the path pattern for any cache
--   behaviors, CloudFront applies the behavior in the default cache
--   behavior. For more information, see <a>Path Pattern</a> in the
--   <i>Amazon CloudFront Developer Guide</i> .</li>
--   <li><a>cbTargetOriginId</a> - The value of <tt>ID</tt> for the origin
--   that you want CloudFront to route requests to when a request matches
--   the path pattern either for a cache behavior or for the default cache
--   behavior.</li>
--   <li><a>cbForwardedValues</a> - A complex type that specifies how
--   CloudFront handles query strings and cookies.</li>
--   <li><a>cbTrustedSigners</a> - A complex type that specifies the AWS
--   accounts, if any, that you want to allow to create signed URLs for
--   private content. If you want to require signed URLs in requests for
--   objects in the target origin that match the <tt>PathPattern</tt> for
--   this cache behavior, specify <tt>true</tt> for <tt>Enabled</tt> , and
--   specify the applicable values for <tt>Quantity</tt> and <tt>Items</tt>
--   . For more information, see <a>Serving Private Content through
--   CloudFront</a> in the <i>Amazon Amazon CloudFront Developer Guide</i>
--   . If you don't want to require signed URLs in requests for objects
--   that match <tt>PathPattern</tt> , specify <tt>false</tt> for
--   <tt>Enabled</tt> and <tt>0</tt> for <tt>Quantity</tt> . Omit
--   <tt>Items</tt> . To add, change, or remove one or more trusted
--   signers, change <tt>Enabled</tt> to <tt>true</tt> (if it's currently
--   <tt>false</tt> ), change <tt>Quantity</tt> as applicable, and specify
--   all of the trusted signers that you want to include in the updated
--   distribution.</li>
--   <li><a>cbViewerProtocolPolicy</a> - The protocol that viewers can use
--   to access the files in the origin specified by <tt>TargetOriginId</tt>
--   when a request matches the path pattern in <tt>PathPattern</tt> . You
--   can specify the following options: * <tt>allow-all</tt> : Viewers can
--   use HTTP or HTTPS. * <tt>redirect-to-https</tt> : If a viewer submits
--   an HTTP request, CloudFront returns an HTTP status code of 301 (Moved
--   Permanently) to the viewer along with the HTTPS URL. The viewer then
--   resubmits the request using the new URL. * <tt>https-only</tt> : If a
--   viewer sends an HTTP request, CloudFront returns an HTTP status code
--   of 403 (Forbidden). For more information about requiring the HTTPS
--   protocol, see <a>Using an HTTPS Connection to Access Your Objects</a>
--   in the <i>Amazon CloudFront Developer Guide</i> .</li>
--   <li><a>cbMinTTL</a> - The minimum amount of time that you want objects
--   to stay in CloudFront caches before CloudFront forwards another
--   request to your origin to determine whether the object has been
--   updated. For more information, see <a>Specifying How Long Objects and
--   Errors Stay in a CloudFront Edge Cache (Expiration)</a> in the
--   <i>Amazon Amazon CloudFront Developer Guide</i> . You must specify
--   <tt>0</tt> for <tt>MinTTL</tt> if you configure CloudFront to forward
--   all headers to your origin (under <tt>Headers</tt> , if you specify
--   <tt>1</tt> for <tt>Quantity</tt> and <tt>*</tt> for <tt>Name</tt>
--   ).</li>
--   </ul>
cacheBehavior :: Text -> Text -> ForwardedValues -> TrustedSigners -> ViewerProtocolPolicy -> Integer -> CacheBehavior

-- | Undocumented member.
cbAllowedMethods :: Lens' CacheBehavior (Maybe AllowedMethods)

-- | A complex type that contains zero or more Lambda function associations
--   for a cache behavior.
cbLambdaFunctionAssociations :: Lens' CacheBehavior (Maybe LambdaFunctionAssociations)

-- | The maximum amount of time that you want objects to stay in CloudFront
--   caches before CloudFront forwards another request to your origin to
--   determine whether the object has been updated. The value that you
--   specify applies only when your origin adds HTTP headers such as
--   <tt>Cache-Control max-age</tt> , <tt>Cache-Control s-maxage</tt> , and
--   <tt>Expires</tt> to objects. For more information, see <a>Specifying
--   How Long Objects and Errors Stay in a CloudFront Edge Cache
--   (Expiration)</a> in the <i>Amazon CloudFront Developer Guide</i> .
cbMaxTTL :: Lens' CacheBehavior (Maybe Integer)

-- | Whether you want CloudFront to automatically compress certain files
--   for this cache behavior. If so, specify true; if not, specify false.
--   For more information, see <a>Serving Compressed Files</a> in the
--   <i>Amazon CloudFront Developer Guide</i> .
cbCompress :: Lens' CacheBehavior (Maybe Bool)

-- | Indicates whether you want to distribute media files in the Microsoft
--   Smooth Streaming format using the origin that is associated with this
--   cache behavior. If so, specify <tt>true</tt> ; if not, specify
--   <tt>false</tt> . If you specify <tt>true</tt> for
--   <tt>SmoothStreaming</tt> , you can still distribute other content
--   using this cache behavior if the content matches the value of
--   <tt>PathPattern</tt> .
cbSmoothStreaming :: Lens' CacheBehavior (Maybe Bool)

-- | The default amount of time that you want objects to stay in CloudFront
--   caches before CloudFront forwards another request to your origin to
--   determine whether the object has been updated. The value that you
--   specify applies only when your origin does not add HTTP headers such
--   as <tt>Cache-Control max-age</tt> , <tt>Cache-Control s-maxage</tt> ,
--   and <tt>Expires</tt> to objects. For more information, see
--   <a>Specifying How Long Objects and Errors Stay in a CloudFront Edge
--   Cache (Expiration)</a> in the <i>Amazon CloudFront Developer Guide</i>
--   .
cbDefaultTTL :: Lens' CacheBehavior (Maybe Integer)

-- | Undocumented member.
cbFieldLevelEncryptionId :: Lens' CacheBehavior (Maybe Text)

-- | The pattern (for example, <tt>images/*.jpg</tt> ) that specifies which
--   requests to apply the behavior to. When CloudFront receives a viewer
--   request, the requested path is compared with path patterns in the
--   order in which cache behaviors are listed in the distribution. The
--   path pattern for the default cache behavior is <tt>*</tt> and cannot
--   be changed. If the request for an object does not match the path
--   pattern for any cache behaviors, CloudFront applies the behavior in
--   the default cache behavior. For more information, see <a>Path
--   Pattern</a> in the <i>Amazon CloudFront Developer Guide</i> .
cbPathPattern :: Lens' CacheBehavior Text

-- | The value of <tt>ID</tt> for the origin that you want CloudFront to
--   route requests to when a request matches the path pattern either for a
--   cache behavior or for the default cache behavior.
cbTargetOriginId :: Lens' CacheBehavior Text

-- | A complex type that specifies how CloudFront handles query strings and
--   cookies.
cbForwardedValues :: Lens' CacheBehavior ForwardedValues

-- | A complex type that specifies the AWS accounts, if any, that you want
--   to allow to create signed URLs for private content. If you want to
--   require signed URLs in requests for objects in the target origin that
--   match the <tt>PathPattern</tt> for this cache behavior, specify
--   <tt>true</tt> for <tt>Enabled</tt> , and specify the applicable values
--   for <tt>Quantity</tt> and <tt>Items</tt> . For more information, see
--   <a>Serving Private Content through CloudFront</a> in the <i>Amazon
--   Amazon CloudFront Developer Guide</i> . If you don't want to require
--   signed URLs in requests for objects that match <tt>PathPattern</tt> ,
--   specify <tt>false</tt> for <tt>Enabled</tt> and <tt>0</tt> for
--   <tt>Quantity</tt> . Omit <tt>Items</tt> . To add, change, or remove
--   one or more trusted signers, change <tt>Enabled</tt> to <tt>true</tt>
--   (if it's currently <tt>false</tt> ), change <tt>Quantity</tt> as
--   applicable, and specify all of the trusted signers that you want to
--   include in the updated distribution.
cbTrustedSigners :: Lens' CacheBehavior TrustedSigners

-- | The protocol that viewers can use to access the files in the origin
--   specified by <tt>TargetOriginId</tt> when a request matches the path
--   pattern in <tt>PathPattern</tt> . You can specify the following
--   options: * <tt>allow-all</tt> : Viewers can use HTTP or HTTPS. *
--   <tt>redirect-to-https</tt> : If a viewer submits an HTTP request,
--   CloudFront returns an HTTP status code of 301 (Moved Permanently) to
--   the viewer along with the HTTPS URL. The viewer then resubmits the
--   request using the new URL. * <tt>https-only</tt> : If a viewer sends
--   an HTTP request, CloudFront returns an HTTP status code of 403
--   (Forbidden). For more information about requiring the HTTPS protocol,
--   see <a>Using an HTTPS Connection to Access Your Objects</a> in the
--   <i>Amazon CloudFront Developer Guide</i> .
cbViewerProtocolPolicy :: Lens' CacheBehavior ViewerProtocolPolicy

-- | The minimum amount of time that you want objects to stay in CloudFront
--   caches before CloudFront forwards another request to your origin to
--   determine whether the object has been updated. For more information,
--   see <a>Specifying How Long Objects and Errors Stay in a CloudFront
--   Edge Cache (Expiration)</a> in the <i>Amazon Amazon CloudFront
--   Developer Guide</i> . You must specify <tt>0</tt> for <tt>MinTTL</tt>
--   if you configure CloudFront to forward all headers to your origin
--   (under <tt>Headers</tt> , if you specify <tt>1</tt> for
--   <tt>Quantity</tt> and <tt>*</tt> for <tt>Name</tt> ).
cbMinTTL :: Lens' CacheBehavior Integer

-- | A complex type that contains zero or more <tt>CacheBehavior</tt>
--   elements.
--   
--   <i>See:</i> <a>cacheBehaviors</a> smart constructor.
data CacheBehaviors

-- | Creates a value of <a>CacheBehaviors</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>cbItems</a> - Optional: A complex type that contains cache
--   behaviors for this distribution. If <tt>Quantity</tt> is <tt>0</tt> ,
--   you can omit <tt>Items</tt> .</li>
--   <li><a>cbQuantity</a> - The number of cache behaviors for this
--   distribution.</li>
--   </ul>
cacheBehaviors :: Int -> CacheBehaviors

-- | Optional: A complex type that contains cache behaviors for this
--   distribution. If <tt>Quantity</tt> is <tt>0</tt> , you can omit
--   <tt>Items</tt> .
cbItems :: Lens' CacheBehaviors [CacheBehavior]

-- | The number of cache behaviors for this distribution.
cbQuantity :: Lens' CacheBehaviors Int

-- | A complex type that controls whether CloudFront caches the response to
--   requests using the specified HTTP methods. There are two choices:
--   
--   <ul>
--   <li>CloudFront caches responses to <tt>GET</tt> and <tt>HEAD</tt>
--   requests.</li>
--   <li>CloudFront caches responses to <tt>GET</tt> , <tt>HEAD</tt> , and
--   <tt>OPTIONS</tt> requests.</li>
--   </ul>
--   
--   If you pick the second choice for your Amazon S3 Origin, you may need
--   to forward Access-Control-Request-Method,
--   Access-Control-Request-Headers, and Origin headers for the responses
--   to be cached correctly.
--   
--   <i>See:</i> <a>cachedMethods</a> smart constructor.
data CachedMethods

-- | Creates a value of <a>CachedMethods</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>cmQuantity</a> - The number of HTTP methods for which you want
--   CloudFront to cache responses. Valid values are <tt>2</tt> (for
--   caching responses to <tt>GET</tt> and <tt>HEAD</tt> requests) and
--   <tt>3</tt> (for caching responses to <tt>GET</tt> , <tt>HEAD</tt> ,
--   and <tt>OPTIONS</tt> requests).</li>
--   <li><a>cmItems</a> - A complex type that contains the HTTP methods
--   that you want CloudFront to cache responses to.</li>
--   </ul>
cachedMethods :: Int -> CachedMethods

-- | The number of HTTP methods for which you want CloudFront to cache
--   responses. Valid values are <tt>2</tt> (for caching responses to
--   <tt>GET</tt> and <tt>HEAD</tt> requests) and <tt>3</tt> (for caching
--   responses to <tt>GET</tt> , <tt>HEAD</tt> , and <tt>OPTIONS</tt>
--   requests).
cmQuantity :: Lens' CachedMethods Int

-- | A complex type that contains the HTTP methods that you want CloudFront
--   to cache responses to.
cmItems :: Lens' CachedMethods [Method]

-- | CloudFront origin access identity.
--   
--   <i>See:</i> <a>cloudFrontOriginAccessIdentity</a> smart constructor.
data CloudFrontOriginAccessIdentity

-- | Creates a value of <a>CloudFrontOriginAccessIdentity</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>cfoaiCloudFrontOriginAccessIdentityConfig</a> - The current
--   configuration information for the identity.</li>
--   <li><a>cfoaiId</a> - The ID for the origin access identity, for
--   example, <tt>E74FTE3AJFJ256A</tt> .</li>
--   <li><a>cfoaiS3CanonicalUserId</a> - The Amazon S3 canonical user ID
--   for the origin access identity, used when giving the origin access
--   identity read permission to an object in Amazon S3.</li>
--   </ul>
cloudFrontOriginAccessIdentity :: Text -> Text -> CloudFrontOriginAccessIdentity

-- | The current configuration information for the identity.
cfoaiCloudFrontOriginAccessIdentityConfig :: Lens' CloudFrontOriginAccessIdentity (Maybe CloudFrontOriginAccessIdentityConfig)

-- | The ID for the origin access identity, for example,
--   <tt>E74FTE3AJFJ256A</tt> .
cfoaiId :: Lens' CloudFrontOriginAccessIdentity Text

-- | The Amazon S3 canonical user ID for the origin access identity, used
--   when giving the origin access identity read permission to an object in
--   Amazon S3.
cfoaiS3CanonicalUserId :: Lens' CloudFrontOriginAccessIdentity Text

-- | Origin access identity configuration. Send a <tt>GET</tt> request to
--   the <tt>/<i>CloudFront API version</i> <i>CloudFront</i>identity
--   ID/config</tt> resource.
--   
--   <i>See:</i> <a>cloudFrontOriginAccessIdentityConfig</a> smart
--   constructor.
data CloudFrontOriginAccessIdentityConfig

-- | Creates a value of <a>CloudFrontOriginAccessIdentityConfig</a> with
--   the minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>cfoaicCallerReference</a> - A unique number that ensures the
--   request can't be replayed. If the <tt>CallerReference</tt> is new (no
--   matter the content of the
--   <tt>CloudFrontOriginAccessIdentityConfig</tt> object), a new origin
--   access identity is created. If the <tt>CallerReference</tt> is a value
--   already sent in a previous identity request, and the content of the
--   <tt>CloudFrontOriginAccessIdentityConfig</tt> is identical to the
--   original request (ignoring white space), the response includes the
--   same information returned to the original request. If the
--   <tt>CallerReference</tt> is a value you already sent in a previous
--   request to create an identity, but the content of the
--   <tt>CloudFrontOriginAccessIdentityConfig</tt> is different from the
--   original request, CloudFront returns a
--   <tt>CloudFrontOriginAccessIdentityAlreadyExists</tt> error.</li>
--   <li><a>cfoaicComment</a> - Any comments you want to include about the
--   origin access identity.</li>
--   </ul>
cloudFrontOriginAccessIdentityConfig :: Text -> Text -> CloudFrontOriginAccessIdentityConfig

-- | A unique number that ensures the request can't be replayed. If the
--   <tt>CallerReference</tt> is new (no matter the content of the
--   <tt>CloudFrontOriginAccessIdentityConfig</tt> object), a new origin
--   access identity is created. If the <tt>CallerReference</tt> is a value
--   already sent in a previous identity request, and the content of the
--   <tt>CloudFrontOriginAccessIdentityConfig</tt> is identical to the
--   original request (ignoring white space), the response includes the
--   same information returned to the original request. If the
--   <tt>CallerReference</tt> is a value you already sent in a previous
--   request to create an identity, but the content of the
--   <tt>CloudFrontOriginAccessIdentityConfig</tt> is different from the
--   original request, CloudFront returns a
--   <tt>CloudFrontOriginAccessIdentityAlreadyExists</tt> error.
cfoaicCallerReference :: Lens' CloudFrontOriginAccessIdentityConfig Text

-- | Any comments you want to include about the origin access identity.
cfoaicComment :: Lens' CloudFrontOriginAccessIdentityConfig Text

-- | Lists the origin access identities for CloudFront.Send a <tt>GET</tt>
--   request to the <tt>/<i>CloudFront API version</i>
--   <i>origin-access-identity</i>cloudfront</tt> resource. The response
--   includes a <tt>CloudFrontOriginAccessIdentityList</tt> element with
--   zero or more <tt>CloudFrontOriginAccessIdentitySummary</tt> child
--   elements. By default, your entire list of origin access identities is
--   returned in one single page. If the list is long, you can paginate it
--   using the <tt>MaxItems</tt> and <tt>Marker</tt> parameters.
--   
--   <i>See:</i> <a>cloudFrontOriginAccessIdentityList</a> smart
--   constructor.
data CloudFrontOriginAccessIdentityList

-- | Creates a value of <a>CloudFrontOriginAccessIdentityList</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>cfoailItems</a> - A complex type that contains one
--   <tt>CloudFrontOriginAccessIdentitySummary</tt> element for each origin
--   access identity that was created by the current AWS account.</li>
--   <li><a>cfoailNextMarker</a> - If <tt>IsTruncated</tt> is <tt>true</tt>
--   , this element is present and contains the value you can use for the
--   <tt>Marker</tt> request parameter to continue listing your origin
--   access identities where they left off.</li>
--   <li><a>cfoailMarker</a> - Use this when paginating results to indicate
--   where to begin in your list of origin access identities. The results
--   include identities in the list that occur after the marker. To get the
--   next page of results, set the <tt>Marker</tt> to the value of the
--   <tt>NextMarker</tt> from the current page's response (which is also
--   the ID of the last identity on that page).</li>
--   <li><a>cfoailMaxItems</a> - The maximum number of origin access
--   identities you want in the response body.</li>
--   <li><a>cfoailIsTruncated</a> - A flag that indicates whether more
--   origin access identities remain to be listed. If your results were
--   truncated, you can make a follow-up pagination request using the
--   <tt>Marker</tt> request parameter to retrieve more items in the
--   list.</li>
--   <li><a>cfoailQuantity</a> - The number of CloudFront origin access
--   identities that were created by the current AWS account.</li>
--   </ul>
cloudFrontOriginAccessIdentityList :: Text -> Int -> Bool -> Int -> CloudFrontOriginAccessIdentityList

-- | A complex type that contains one
--   <tt>CloudFrontOriginAccessIdentitySummary</tt> element for each origin
--   access identity that was created by the current AWS account.
cfoailItems :: Lens' CloudFrontOriginAccessIdentityList [CloudFrontOriginAccessIdentitySummary]

-- | If <tt>IsTruncated</tt> is <tt>true</tt> , this element is present and
--   contains the value you can use for the <tt>Marker</tt> request
--   parameter to continue listing your origin access identities where they
--   left off.
cfoailNextMarker :: Lens' CloudFrontOriginAccessIdentityList (Maybe Text)

-- | Use this when paginating results to indicate where to begin in your
--   list of origin access identities. The results include identities in
--   the list that occur after the marker. To get the next page of results,
--   set the <tt>Marker</tt> to the value of the <tt>NextMarker</tt> from
--   the current page's response (which is also the ID of the last identity
--   on that page).
cfoailMarker :: Lens' CloudFrontOriginAccessIdentityList Text

-- | The maximum number of origin access identities you want in the
--   response body.
cfoailMaxItems :: Lens' CloudFrontOriginAccessIdentityList Int

-- | A flag that indicates whether more origin access identities remain to
--   be listed. If your results were truncated, you can make a follow-up
--   pagination request using the <tt>Marker</tt> request parameter to
--   retrieve more items in the list.
cfoailIsTruncated :: Lens' CloudFrontOriginAccessIdentityList Bool

-- | The number of CloudFront origin access identities that were created by
--   the current AWS account.
cfoailQuantity :: Lens' CloudFrontOriginAccessIdentityList Int

-- | Summary of the information about a CloudFront origin access identity.
--   
--   <i>See:</i> <a>cloudFrontOriginAccessIdentitySummary</a> smart
--   constructor.
data CloudFrontOriginAccessIdentitySummary

-- | Creates a value of <a>CloudFrontOriginAccessIdentitySummary</a> with
--   the minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>cfoaisId</a> - The ID for the origin access identity. For
--   example: <tt>E74FTE3AJFJ256A</tt> .</li>
--   <li><a>cfoaisS3CanonicalUserId</a> - The Amazon S3 canonical user ID
--   for the origin access identity, which you use when giving the origin
--   access identity read permission to an object in Amazon S3.</li>
--   <li><a>cfoaisComment</a> - The comment for this origin access
--   identity, as originally specified when created.</li>
--   </ul>
cloudFrontOriginAccessIdentitySummary :: Text -> Text -> Text -> CloudFrontOriginAccessIdentitySummary

-- | The ID for the origin access identity. For example:
--   <tt>E74FTE3AJFJ256A</tt> .
cfoaisId :: Lens' CloudFrontOriginAccessIdentitySummary Text

-- | The Amazon S3 canonical user ID for the origin access identity, which
--   you use when giving the origin access identity read permission to an
--   object in Amazon S3.
cfoaisS3CanonicalUserId :: Lens' CloudFrontOriginAccessIdentitySummary Text

-- | The comment for this origin access identity, as originally specified
--   when created.
cfoaisComment :: Lens' CloudFrontOriginAccessIdentitySummary Text

-- | A field-level encryption content type profile.
--   
--   <i>See:</i> <a>contentTypeProfile</a> smart constructor.
data ContentTypeProfile

-- | Creates a value of <a>ContentTypeProfile</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>ctpProfileId</a> - The profile ID for a field-level encryption
--   content type-profile mapping.</li>
--   <li><a>ctpFormat</a> - The format for a field-level encryption content
--   type-profile mapping.</li>
--   <li><a>ctpContentType</a> - The content type for a field-level
--   encryption content type-profile mapping.</li>
--   </ul>
contentTypeProfile :: Format -> Text -> ContentTypeProfile

-- | The profile ID for a field-level encryption content type-profile
--   mapping.
ctpProfileId :: Lens' ContentTypeProfile (Maybe Text)

-- | The format for a field-level encryption content type-profile mapping.
ctpFormat :: Lens' ContentTypeProfile Format

-- | The content type for a field-level encryption content type-profile
--   mapping.
ctpContentType :: Lens' ContentTypeProfile Text

-- | The configuration for a field-level encryption content type-profile
--   mapping.
--   
--   <i>See:</i> <a>contentTypeProfileConfig</a> smart constructor.
data ContentTypeProfileConfig

-- | Creates a value of <a>ContentTypeProfileConfig</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>ctpcContentTypeProfiles</a> - The configuration for a
--   field-level encryption content type-profile.</li>
--   <li><a>ctpcForwardWhenContentTypeIsUnknown</a> - The setting in a
--   field-level encryption content type-profile mapping that specifies
--   what to do when an unknown content type is provided for the profile.
--   If true, content is forwarded without being encrypted when the content
--   type is unknown. If false (the default), an error is returned when the
--   content type is unknown.</li>
--   </ul>
contentTypeProfileConfig :: Bool -> ContentTypeProfileConfig

-- | The configuration for a field-level encryption content type-profile.
ctpcContentTypeProfiles :: Lens' ContentTypeProfileConfig (Maybe ContentTypeProfiles)

-- | The setting in a field-level encryption content type-profile mapping
--   that specifies what to do when an unknown content type is provided for
--   the profile. If true, content is forwarded without being encrypted
--   when the content type is unknown. If false (the default), an error is
--   returned when the content type is unknown.
ctpcForwardWhenContentTypeIsUnknown :: Lens' ContentTypeProfileConfig Bool

-- | Field-level encryption content type-profile.
--   
--   <i>See:</i> <a>contentTypeProfiles</a> smart constructor.
data ContentTypeProfiles

-- | Creates a value of <a>ContentTypeProfiles</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>ctpItems</a> - Items in a field-level encryption content
--   type-profile mapping.</li>
--   <li><a>ctpQuantity</a> - The number of field-level encryption content
--   type-profile mappings.</li>
--   </ul>
contentTypeProfiles :: Int -> ContentTypeProfiles

-- | Items in a field-level encryption content type-profile mapping.
ctpItems :: Lens' ContentTypeProfiles [ContentTypeProfile]

-- | The number of field-level encryption content type-profile mappings.
ctpQuantity :: Lens' ContentTypeProfiles Int

-- | A complex type that specifies whether you want CloudFront to forward
--   cookies to the origin and, if so, which ones. For more information
--   about forwarding cookies to the origin, see <a>How CloudFront
--   Forwards, Caches, and Logs Cookies</a> in the <i>Amazon CloudFront
--   Developer Guide</i> .
--   
--   <i>See:</i> <a>cookieNames</a> smart constructor.
data CookieNames

-- | Creates a value of <a>CookieNames</a> with the minimum fields required
--   to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>cnItems</a> - A complex type that contains one <tt>Name</tt>
--   element for each cookie that you want CloudFront to forward to the
--   origin for this cache behavior.</li>
--   <li><a>cnQuantity</a> - The number of different cookies that you want
--   CloudFront to forward to the origin for this cache behavior.</li>
--   </ul>
cookieNames :: Int -> CookieNames

-- | A complex type that contains one <tt>Name</tt> element for each cookie
--   that you want CloudFront to forward to the origin for this cache
--   behavior.
cnItems :: Lens' CookieNames [Text]

-- | The number of different cookies that you want CloudFront to forward to
--   the origin for this cache behavior.
cnQuantity :: Lens' CookieNames Int

-- | A complex type that specifies whether you want CloudFront to forward
--   cookies to the origin and, if so, which ones. For more information
--   about forwarding cookies to the origin, see <a>How CloudFront
--   Forwards, Caches, and Logs Cookies</a> in the <i>Amazon CloudFront
--   Developer Guide</i> .
--   
--   <i>See:</i> <a>cookiePreference</a> smart constructor.
data CookiePreference

-- | Creates a value of <a>CookiePreference</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>cpWhitelistedNames</a> - Required if you specify
--   <tt>whitelist</tt> for the value of <tt>Forward:</tt> . A complex type
--   that specifies how many different cookies you want CloudFront to
--   forward to the origin for this cache behavior and, if you want to
--   forward selected cookies, the names of those cookies. If you specify
--   <tt>all</tt> or none for the value of <tt>Forward</tt> , omit
--   <tt>WhitelistedNames</tt> . If you change the value of
--   <tt>Forward</tt> from <tt>whitelist</tt> to all or none and you don't
--   delete the <tt>WhitelistedNames</tt> element and its child elements,
--   CloudFront deletes them automatically. For the current limit on the
--   number of cookie names that you can whitelist for each cache behavior,
--   see <a>Amazon CloudFront Limits</a> in the <i>AWS General
--   Reference</i> .</li>
--   <li><a>cpForward</a> - Specifies which cookies to forward to the
--   origin for this cache behavior: all, none, or the list of cookies
--   specified in the <tt>WhitelistedNames</tt> complex type. Amazon S3
--   doesn't process cookies. When the cache behavior is forwarding
--   requests to an Amazon S3 origin, specify none for the <tt>Forward</tt>
--   element.</li>
--   </ul>
cookiePreference :: ItemSelection -> CookiePreference

-- | Required if you specify <tt>whitelist</tt> for the value of
--   <tt>Forward:</tt> . A complex type that specifies how many different
--   cookies you want CloudFront to forward to the origin for this cache
--   behavior and, if you want to forward selected cookies, the names of
--   those cookies. If you specify <tt>all</tt> or none for the value of
--   <tt>Forward</tt> , omit <tt>WhitelistedNames</tt> . If you change the
--   value of <tt>Forward</tt> from <tt>whitelist</tt> to all or none and
--   you don't delete the <tt>WhitelistedNames</tt> element and its child
--   elements, CloudFront deletes them automatically. For the current limit
--   on the number of cookie names that you can whitelist for each cache
--   behavior, see <a>Amazon CloudFront Limits</a> in the <i>AWS General
--   Reference</i> .
cpWhitelistedNames :: Lens' CookiePreference (Maybe CookieNames)

-- | Specifies which cookies to forward to the origin for this cache
--   behavior: all, none, or the list of cookies specified in the
--   <tt>WhitelistedNames</tt> complex type. Amazon S3 doesn't process
--   cookies. When the cache behavior is forwarding requests to an Amazon
--   S3 origin, specify none for the <tt>Forward</tt> element.
cpForward :: Lens' CookiePreference ItemSelection

-- | A complex type that controls:
--   
--   <ul>
--   <li>Whether CloudFront replaces HTTP status codes in the 4xx and 5xx
--   range with custom error messages before returning the response to the
--   viewer.</li>
--   <li>How long CloudFront caches HTTP status codes in the 4xx and 5xx
--   range.</li>
--   </ul>
--   
--   For more information about custom error pages, see <a>Customizing
--   Error Responses</a> in the <i>Amazon CloudFront Developer Guide</i> .
--   
--   <i>See:</i> <a>customErrorResponse</a> smart constructor.
data CustomErrorResponse

-- | Creates a value of <a>CustomErrorResponse</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>ceResponsePagePath</a> - The path to the custom error page that
--   you want CloudFront to return to a viewer when your origin returns the
--   HTTP status code specified by <tt>ErrorCode</tt> , for example,
--   <tt><i>4xx-errors</i>403-forbidden.html</tt> . If you want to store
--   your objects and your custom error pages in different locations, your
--   distribution must include a cache behavior for which the following is
--   true: * The value of <tt>PathPattern</tt> matches the path to your
--   custom error messages. For example, suppose you saved custom error
--   pages for 4xx errors in an Amazon S3 bucket in a directory named
--   <tt>/4xx-errors</tt> . Your distribution must include a cache behavior
--   for which the path pattern routes requests for your custom error pages
--   to that location, for example, <tt><i>4xx-errors</i>*</tt> . * The
--   value of <tt>TargetOriginId</tt> specifies the value of the
--   <tt>ID</tt> element for the origin that contains your custom error
--   pages. If you specify a value for <tt>ResponsePagePath</tt> , you must
--   also specify a value for <tt>ResponseCode</tt> . If you don't want to
--   specify a value, include an empty element,
--   <tt><a>ResponsePagePath</a></tt> , in the XML document. We recommend
--   that you store custom error pages in an Amazon S3 bucket. If you store
--   custom error pages on an HTTP server and the server starts to return
--   5xx errors, CloudFront can't get the files that you want to return to
--   viewers because the origin server is unavailable.</li>
--   <li><a>ceResponseCode</a> - The HTTP status code that you want
--   CloudFront to return to the viewer along with the custom error page.
--   There are a variety of reasons that you might want CloudFront to
--   return a status code different from the status code that your origin
--   returned to CloudFront, for example: * Some Internet devices (some
--   firewalls and corporate proxies, for example) intercept HTTP 4xx and
--   5xx and prevent the response from being returned to the viewer. If you
--   substitute <tt>200</tt> , the response typically won't be intercepted.
--   * If you don't care about distinguishing among different client errors
--   or server errors, you can specify <tt>400</tt> or <tt>500</tt> as the
--   <tt>ResponseCode</tt> for all 4xx or 5xx errors. * You might want to
--   return a <tt>200</tt> status code (OK) and static website so your
--   customers don't know that your website is down. If you specify a value
--   for <tt>ResponseCode</tt> , you must also specify a value for
--   <tt>ResponsePagePath</tt> . If you don't want to specify a value,
--   include an empty element, <tt><a>ResponseCode</a></tt> , in the XML
--   document.</li>
--   <li><a>ceErrorCachingMinTTL</a> - The minimum amount of time, in
--   seconds, that you want CloudFront to cache the HTTP status code
--   specified in <tt>ErrorCode</tt> . When this time period has elapsed,
--   CloudFront queries your origin to see whether the problem that caused
--   the error has been resolved and the requested object is now available.
--   If you don't want to specify a value, include an empty element,
--   <tt><a>ErrorCachingMinTTL</a></tt> , in the XML document. For more
--   information, see <a>Customizing Error Responses</a> in the <i>Amazon
--   CloudFront Developer Guide</i> .</li>
--   <li><a>ceErrorCode</a> - The HTTP status code for which you want to
--   specify a custom error page and/or a caching duration.</li>
--   </ul>
customErrorResponse :: Int -> CustomErrorResponse

-- | The path to the custom error page that you want CloudFront to return
--   to a viewer when your origin returns the HTTP status code specified by
--   <tt>ErrorCode</tt> , for example,
--   <tt><i>4xx-errors</i>403-forbidden.html</tt> . If you want to store
--   your objects and your custom error pages in different locations, your
--   distribution must include a cache behavior for which the following is
--   true: * The value of <tt>PathPattern</tt> matches the path to your
--   custom error messages. For example, suppose you saved custom error
--   pages for 4xx errors in an Amazon S3 bucket in a directory named
--   <tt>/4xx-errors</tt> . Your distribution must include a cache behavior
--   for which the path pattern routes requests for your custom error pages
--   to that location, for example, <tt><i>4xx-errors</i>*</tt> . * The
--   value of <tt>TargetOriginId</tt> specifies the value of the
--   <tt>ID</tt> element for the origin that contains your custom error
--   pages. If you specify a value for <tt>ResponsePagePath</tt> , you must
--   also specify a value for <tt>ResponseCode</tt> . If you don't want to
--   specify a value, include an empty element,
--   <tt><a>ResponsePagePath</a></tt> , in the XML document. We recommend
--   that you store custom error pages in an Amazon S3 bucket. If you store
--   custom error pages on an HTTP server and the server starts to return
--   5xx errors, CloudFront can't get the files that you want to return to
--   viewers because the origin server is unavailable.
ceResponsePagePath :: Lens' CustomErrorResponse (Maybe Text)

-- | The HTTP status code that you want CloudFront to return to the viewer
--   along with the custom error page. There are a variety of reasons that
--   you might want CloudFront to return a status code different from the
--   status code that your origin returned to CloudFront, for example: *
--   Some Internet devices (some firewalls and corporate proxies, for
--   example) intercept HTTP 4xx and 5xx and prevent the response from
--   being returned to the viewer. If you substitute <tt>200</tt> , the
--   response typically won't be intercepted. * If you don't care about
--   distinguishing among different client errors or server errors, you can
--   specify <tt>400</tt> or <tt>500</tt> as the <tt>ResponseCode</tt> for
--   all 4xx or 5xx errors. * You might want to return a <tt>200</tt>
--   status code (OK) and static website so your customers don't know that
--   your website is down. If you specify a value for <tt>ResponseCode</tt>
--   , you must also specify a value for <tt>ResponsePagePath</tt> . If you
--   don't want to specify a value, include an empty element,
--   <tt><a>ResponseCode</a></tt> , in the XML document.
ceResponseCode :: Lens' CustomErrorResponse (Maybe Text)

-- | The minimum amount of time, in seconds, that you want CloudFront to
--   cache the HTTP status code specified in <tt>ErrorCode</tt> . When this
--   time period has elapsed, CloudFront queries your origin to see whether
--   the problem that caused the error has been resolved and the requested
--   object is now available. If you don't want to specify a value, include
--   an empty element, <tt><a>ErrorCachingMinTTL</a></tt> , in the XML
--   document. For more information, see <a>Customizing Error Responses</a>
--   in the <i>Amazon CloudFront Developer Guide</i> .
ceErrorCachingMinTTL :: Lens' CustomErrorResponse (Maybe Integer)

-- | The HTTP status code for which you want to specify a custom error page
--   and/or a caching duration.
ceErrorCode :: Lens' CustomErrorResponse Int

-- | A complex type that controls:
--   
--   <ul>
--   <li>Whether CloudFront replaces HTTP status codes in the 4xx and 5xx
--   range with custom error messages before returning the response to the
--   viewer.</li>
--   <li>How long CloudFront caches HTTP status codes in the 4xx and 5xx
--   range.</li>
--   </ul>
--   
--   For more information about custom error pages, see <a>Customizing
--   Error Responses</a> in the <i>Amazon CloudFront Developer Guide</i> .
--   
--   <i>See:</i> <a>customErrorResponses</a> smart constructor.
data CustomErrorResponses

-- | Creates a value of <a>CustomErrorResponses</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>cerItems</a> - A complex type that contains a
--   <tt>CustomErrorResponse</tt> element for each HTTP status code for
--   which you want to specify a custom error page and/or a caching
--   duration.</li>
--   <li><a>cerQuantity</a> - The number of HTTP status codes for which you
--   want to specify a custom error page and/or a caching duration. If
--   <tt>Quantity</tt> is <tt>0</tt> , you can omit <tt>Items</tt> .</li>
--   </ul>
customErrorResponses :: Int -> CustomErrorResponses

-- | A complex type that contains a <tt>CustomErrorResponse</tt> element
--   for each HTTP status code for which you want to specify a custom error
--   page and/or a caching duration.
cerItems :: Lens' CustomErrorResponses [CustomErrorResponse]

-- | The number of HTTP status codes for which you want to specify a custom
--   error page and/or a caching duration. If <tt>Quantity</tt> is
--   <tt>0</tt> , you can omit <tt>Items</tt> .
cerQuantity :: Lens' CustomErrorResponses Int

-- | A complex type that contains the list of Custom Headers for each
--   origin.
--   
--   <i>See:</i> <a>customHeaders</a> smart constructor.
data CustomHeaders

-- | Creates a value of <a>CustomHeaders</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>chItems</a> - <b>Optional</b> : A list that contains one
--   <tt>OriginCustomHeader</tt> element for each custom header that you
--   want CloudFront to forward to the origin. If Quantity is <tt>0</tt> ,
--   omit <tt>Items</tt> .</li>
--   <li><a>chQuantity</a> - The number of custom headers, if any, for this
--   distribution.</li>
--   </ul>
customHeaders :: Int -> CustomHeaders

-- | <b>Optional</b> : A list that contains one <tt>OriginCustomHeader</tt>
--   element for each custom header that you want CloudFront to forward to
--   the origin. If Quantity is <tt>0</tt> , omit <tt>Items</tt> .
chItems :: Lens' CustomHeaders [OriginCustomHeader]

-- | The number of custom headers, if any, for this distribution.
chQuantity :: Lens' CustomHeaders Int

-- | A customer origin.
--   
--   <i>See:</i> <a>customOriginConfig</a> smart constructor.
data CustomOriginConfig

-- | Creates a value of <a>CustomOriginConfig</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>cocOriginKeepaliveTimeout</a> - You can create a custom
--   keep-alive timeout. All timeout units are in seconds. The default
--   keep-alive timeout is 5 seconds, but you can configure custom timeout
--   lengths using the CloudFront API. The minimum timeout length is 1
--   second; the maximum is 60 seconds. If you need to increase the maximum
--   time limit, contact the <a>AWS Support Center</a> .</li>
--   <li><a>cocOriginReadTimeout</a> - You can create a custom origin read
--   timeout. All timeout units are in seconds. The default origin read
--   timeout is 30 seconds, but you can configure custom timeout lengths
--   using the CloudFront API. The minimum timeout length is 4 seconds; the
--   maximum is 60 seconds. If you need to increase the maximum time limit,
--   contact the <a>AWS Support Center</a> .</li>
--   <li><a>cocOriginSSLProtocols</a> - The SSL/TLS protocols that you want
--   CloudFront to use when communicating with your origin over HTTPS.</li>
--   <li><a>cocHTTPPort</a> - The HTTP port the custom origin listens
--   on.</li>
--   <li><a>cocHTTPSPort</a> - The HTTPS port the custom origin listens
--   on.</li>
--   <li><a>cocOriginProtocolPolicy</a> - The origin protocol policy to
--   apply to your origin.</li>
--   </ul>
customOriginConfig :: Int -> Int -> OriginProtocolPolicy -> CustomOriginConfig

-- | You can create a custom keep-alive timeout. All timeout units are in
--   seconds. The default keep-alive timeout is 5 seconds, but you can
--   configure custom timeout lengths using the CloudFront API. The minimum
--   timeout length is 1 second; the maximum is 60 seconds. If you need to
--   increase the maximum time limit, contact the <a>AWS Support Center</a>
--   .
cocOriginKeepaliveTimeout :: Lens' CustomOriginConfig (Maybe Int)

-- | You can create a custom origin read timeout. All timeout units are in
--   seconds. The default origin read timeout is 30 seconds, but you can
--   configure custom timeout lengths using the CloudFront API. The minimum
--   timeout length is 4 seconds; the maximum is 60 seconds. If you need to
--   increase the maximum time limit, contact the <a>AWS Support Center</a>
--   .
cocOriginReadTimeout :: Lens' CustomOriginConfig (Maybe Int)

-- | The SSL/TLS protocols that you want CloudFront to use when
--   communicating with your origin over HTTPS.
cocOriginSSLProtocols :: Lens' CustomOriginConfig (Maybe OriginSSLProtocols)

-- | The HTTP port the custom origin listens on.
cocHTTPPort :: Lens' CustomOriginConfig Int

-- | The HTTPS port the custom origin listens on.
cocHTTPSPort :: Lens' CustomOriginConfig Int

-- | The origin protocol policy to apply to your origin.
cocOriginProtocolPolicy :: Lens' CustomOriginConfig OriginProtocolPolicy

-- | A complex type that describes the default cache behavior if you don't
--   specify a <tt>CacheBehavior</tt> element or if files don't match any
--   of the values of <tt>PathPattern</tt> in <tt>CacheBehavior</tt>
--   elements. You must create exactly one default cache behavior.
--   
--   <i>See:</i> <a>defaultCacheBehavior</a> smart constructor.
data DefaultCacheBehavior

-- | Creates a value of <a>DefaultCacheBehavior</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>dcbAllowedMethods</a> - Undocumented member.</li>
--   <li><a>dcbLambdaFunctionAssociations</a> - A complex type that
--   contains zero or more Lambda function associations for a cache
--   behavior.</li>
--   <li><a>dcbMaxTTL</a> - Undocumented member.</li>
--   <li><a>dcbCompress</a> - Whether you want CloudFront to automatically
--   compress certain files for this cache behavior. If so, specify
--   <tt>true</tt> ; if not, specify <tt>false</tt> . For more information,
--   see <a>Serving Compressed Files</a> in the <i>Amazon CloudFront
--   Developer Guide</i> .</li>
--   <li><a>dcbSmoothStreaming</a> - Indicates whether you want to
--   distribute media files in the Microsoft Smooth Streaming format using
--   the origin that is associated with this cache behavior. If so, specify
--   <tt>true</tt> ; if not, specify <tt>false</tt> . If you specify
--   <tt>true</tt> for <tt>SmoothStreaming</tt> , you can still distribute
--   other content using this cache behavior if the content matches the
--   value of <tt>PathPattern</tt> .</li>
--   <li><a>dcbDefaultTTL</a> - The default amount of time that you want
--   objects to stay in CloudFront caches before CloudFront forwards
--   another request to your origin to determine whether the object has
--   been updated. The value that you specify applies only when your origin
--   does not add HTTP headers such as <tt>Cache-Control max-age</tt> ,
--   <tt>Cache-Control s-maxage</tt> , and <tt>Expires</tt> to objects. For
--   more information, see <a>Specifying How Long Objects and Errors Stay
--   in a CloudFront Edge Cache (Expiration)</a> in the <i>Amazon
--   CloudFront Developer Guide</i> .</li>
--   <li><a>dcbFieldLevelEncryptionId</a> - Undocumented member.</li>
--   <li><a>dcbTargetOriginId</a> - The value of <tt>ID</tt> for the origin
--   that you want CloudFront to route requests to when a request matches
--   the path pattern either for a cache behavior or for the default cache
--   behavior.</li>
--   <li><a>dcbForwardedValues</a> - A complex type that specifies how
--   CloudFront handles query strings and cookies.</li>
--   <li><a>dcbTrustedSigners</a> - A complex type that specifies the AWS
--   accounts, if any, that you want to allow to create signed URLs for
--   private content. If you want to require signed URLs in requests for
--   objects in the target origin that match the <tt>PathPattern</tt> for
--   this cache behavior, specify <tt>true</tt> for <tt>Enabled</tt> , and
--   specify the applicable values for <tt>Quantity</tt> and <tt>Items</tt>
--   . For more information, see <a>Serving Private Content through
--   CloudFront</a> in the <i>Amazon Amazon CloudFront Developer Guide</i>
--   . If you don't want to require signed URLs in requests for objects
--   that match <tt>PathPattern</tt> , specify <tt>false</tt> for
--   <tt>Enabled</tt> and <tt>0</tt> for <tt>Quantity</tt> . Omit
--   <tt>Items</tt> . To add, change, or remove one or more trusted
--   signers, change <tt>Enabled</tt> to <tt>true</tt> (if it's currently
--   <tt>false</tt> ), change <tt>Quantity</tt> as applicable, and specify
--   all of the trusted signers that you want to include in the updated
--   distribution.</li>
--   <li><a>dcbViewerProtocolPolicy</a> - The protocol that viewers can use
--   to access the files in the origin specified by <tt>TargetOriginId</tt>
--   when a request matches the path pattern in <tt>PathPattern</tt> . You
--   can specify the following options: * <tt>allow-all</tt> : Viewers can
--   use HTTP or HTTPS. * <tt>redirect-to-https</tt> : If a viewer submits
--   an HTTP request, CloudFront returns an HTTP status code of 301 (Moved
--   Permanently) to the viewer along with the HTTPS URL. The viewer then
--   resubmits the request using the new URL. * <tt>https-only</tt> : If a
--   viewer sends an HTTP request, CloudFront returns an HTTP status code
--   of 403 (Forbidden). For more information about requiring the HTTPS
--   protocol, see <a>Using an HTTPS Connection to Access Your Objects</a>
--   in the <i>Amazon CloudFront Developer Guide</i> .</li>
--   <li><a>dcbMinTTL</a> - The minimum amount of time that you want
--   objects to stay in CloudFront caches before CloudFront forwards
--   another request to your origin to determine whether the object has
--   been updated. For more information, see <a>Specifying How Long Objects
--   and Errors Stay in a CloudFront Edge Cache (Expiration)</a> in the
--   <i>Amazon Amazon CloudFront Developer Guide</i> . You must specify
--   <tt>0</tt> for <tt>MinTTL</tt> if you configure CloudFront to forward
--   all headers to your origin (under <tt>Headers</tt> , if you specify
--   <tt>1</tt> for <tt>Quantity</tt> and <tt>*</tt> for <tt>Name</tt>
--   ).</li>
--   </ul>
defaultCacheBehavior :: Text -> ForwardedValues -> TrustedSigners -> ViewerProtocolPolicy -> Integer -> DefaultCacheBehavior

-- | Undocumented member.
dcbAllowedMethods :: Lens' DefaultCacheBehavior (Maybe AllowedMethods)

-- | A complex type that contains zero or more Lambda function associations
--   for a cache behavior.
dcbLambdaFunctionAssociations :: Lens' DefaultCacheBehavior (Maybe LambdaFunctionAssociations)

-- | Undocumented member.
dcbMaxTTL :: Lens' DefaultCacheBehavior (Maybe Integer)

-- | Whether you want CloudFront to automatically compress certain files
--   for this cache behavior. If so, specify <tt>true</tt> ; if not,
--   specify <tt>false</tt> . For more information, see <a>Serving
--   Compressed Files</a> in the <i>Amazon CloudFront Developer Guide</i> .
dcbCompress :: Lens' DefaultCacheBehavior (Maybe Bool)

-- | Indicates whether you want to distribute media files in the Microsoft
--   Smooth Streaming format using the origin that is associated with this
--   cache behavior. If so, specify <tt>true</tt> ; if not, specify
--   <tt>false</tt> . If you specify <tt>true</tt> for
--   <tt>SmoothStreaming</tt> , you can still distribute other content
--   using this cache behavior if the content matches the value of
--   <tt>PathPattern</tt> .
dcbSmoothStreaming :: Lens' DefaultCacheBehavior (Maybe Bool)

-- | The default amount of time that you want objects to stay in CloudFront
--   caches before CloudFront forwards another request to your origin to
--   determine whether the object has been updated. The value that you
--   specify applies only when your origin does not add HTTP headers such
--   as <tt>Cache-Control max-age</tt> , <tt>Cache-Control s-maxage</tt> ,
--   and <tt>Expires</tt> to objects. For more information, see
--   <a>Specifying How Long Objects and Errors Stay in a CloudFront Edge
--   Cache (Expiration)</a> in the <i>Amazon CloudFront Developer Guide</i>
--   .
dcbDefaultTTL :: Lens' DefaultCacheBehavior (Maybe Integer)

-- | Undocumented member.
dcbFieldLevelEncryptionId :: Lens' DefaultCacheBehavior (Maybe Text)

-- | The value of <tt>ID</tt> for the origin that you want CloudFront to
--   route requests to when a request matches the path pattern either for a
--   cache behavior or for the default cache behavior.
dcbTargetOriginId :: Lens' DefaultCacheBehavior Text

-- | A complex type that specifies how CloudFront handles query strings and
--   cookies.
dcbForwardedValues :: Lens' DefaultCacheBehavior ForwardedValues

-- | A complex type that specifies the AWS accounts, if any, that you want
--   to allow to create signed URLs for private content. If you want to
--   require signed URLs in requests for objects in the target origin that
--   match the <tt>PathPattern</tt> for this cache behavior, specify
--   <tt>true</tt> for <tt>Enabled</tt> , and specify the applicable values
--   for <tt>Quantity</tt> and <tt>Items</tt> . For more information, see
--   <a>Serving Private Content through CloudFront</a> in the <i>Amazon
--   Amazon CloudFront Developer Guide</i> . If you don't want to require
--   signed URLs in requests for objects that match <tt>PathPattern</tt> ,
--   specify <tt>false</tt> for <tt>Enabled</tt> and <tt>0</tt> for
--   <tt>Quantity</tt> . Omit <tt>Items</tt> . To add, change, or remove
--   one or more trusted signers, change <tt>Enabled</tt> to <tt>true</tt>
--   (if it's currently <tt>false</tt> ), change <tt>Quantity</tt> as
--   applicable, and specify all of the trusted signers that you want to
--   include in the updated distribution.
dcbTrustedSigners :: Lens' DefaultCacheBehavior TrustedSigners

-- | The protocol that viewers can use to access the files in the origin
--   specified by <tt>TargetOriginId</tt> when a request matches the path
--   pattern in <tt>PathPattern</tt> . You can specify the following
--   options: * <tt>allow-all</tt> : Viewers can use HTTP or HTTPS. *
--   <tt>redirect-to-https</tt> : If a viewer submits an HTTP request,
--   CloudFront returns an HTTP status code of 301 (Moved Permanently) to
--   the viewer along with the HTTPS URL. The viewer then resubmits the
--   request using the new URL. * <tt>https-only</tt> : If a viewer sends
--   an HTTP request, CloudFront returns an HTTP status code of 403
--   (Forbidden). For more information about requiring the HTTPS protocol,
--   see <a>Using an HTTPS Connection to Access Your Objects</a> in the
--   <i>Amazon CloudFront Developer Guide</i> .
dcbViewerProtocolPolicy :: Lens' DefaultCacheBehavior ViewerProtocolPolicy

-- | The minimum amount of time that you want objects to stay in CloudFront
--   caches before CloudFront forwards another request to your origin to
--   determine whether the object has been updated. For more information,
--   see <a>Specifying How Long Objects and Errors Stay in a CloudFront
--   Edge Cache (Expiration)</a> in the <i>Amazon Amazon CloudFront
--   Developer Guide</i> . You must specify <tt>0</tt> for <tt>MinTTL</tt>
--   if you configure CloudFront to forward all headers to your origin
--   (under <tt>Headers</tt> , if you specify <tt>1</tt> for
--   <tt>Quantity</tt> and <tt>*</tt> for <tt>Name</tt> ).
dcbMinTTL :: Lens' DefaultCacheBehavior Integer

-- | The distribution's information.
--   
--   <i>See:</i> <a>distribution</a> smart constructor.
data Distribution

-- | Creates a value of <a>Distribution</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>dId</a> - The identifier for the distribution. For example:
--   <tt>EDFDVBD632BHDS5</tt> .</li>
--   <li><a>dARN</a> - The ARN (Amazon Resource Name) for the distribution.
--   For example:
--   <tt>arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5</tt>
--   , where <tt>123456789012</tt> is your AWS account ID.</li>
--   <li><a>dStatus</a> - This response element indicates the current
--   status of the distribution. When the status is <tt>Deployed</tt> , the
--   distribution's information is fully propagated to all CloudFront edge
--   locations.</li>
--   <li><a>dLastModifiedTime</a> - The date and time the distribution was
--   last modified.</li>
--   <li><a>dInProgressInvalidationBatches</a> - The number of invalidation
--   batches currently in progress.</li>
--   <li><a>dDomainName</a> - The domain name corresponding to the
--   distribution, for example, <tt>d111111abcdef8.cloudfront.net</tt>
--   .</li>
--   <li><a>dActiveTrustedSigners</a> - CloudFront automatically adds this
--   element to the response only if you've set up the distribution to
--   serve private content with signed URLs. The element lists the key pair
--   IDs that CloudFront is aware of for each trusted signer. The
--   <tt>Signer</tt> child element lists the AWS account number of the
--   trusted signer (or an empty <tt>Self</tt> element if the signer is
--   you). The <tt>Signer</tt> element also includes the IDs of any active
--   key pairs associated with the trusted signer's AWS account. If no
--   <tt>KeyPairId</tt> element appears for a <tt>Signer</tt> , that signer
--   can't create working signed URLs.</li>
--   <li><a>dDistributionConfig</a> - The current configuration information
--   for the distribution. Send a <tt>GET</tt> request to the
--   <tt>/<i>CloudFront API version</i> <i>distribution ID</i>config</tt>
--   resource.</li>
--   </ul>
distribution :: Text -> Text -> Text -> UTCTime -> Int -> Text -> ActiveTrustedSigners -> DistributionConfig -> Distribution

-- | The identifier for the distribution. For example:
--   <tt>EDFDVBD632BHDS5</tt> .
dId :: Lens' Distribution Text

-- | The ARN (Amazon Resource Name) for the distribution. For example:
--   <tt>arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5</tt>
--   , where <tt>123456789012</tt> is your AWS account ID.
dARN :: Lens' Distribution Text

-- | This response element indicates the current status of the
--   distribution. When the status is <tt>Deployed</tt> , the
--   distribution's information is fully propagated to all CloudFront edge
--   locations.
dStatus :: Lens' Distribution Text

-- | The date and time the distribution was last modified.
dLastModifiedTime :: Lens' Distribution UTCTime

-- | The number of invalidation batches currently in progress.
dInProgressInvalidationBatches :: Lens' Distribution Int

-- | The domain name corresponding to the distribution, for example,
--   <tt>d111111abcdef8.cloudfront.net</tt> .
dDomainName :: Lens' Distribution Text

-- | CloudFront automatically adds this element to the response only if
--   you've set up the distribution to serve private content with signed
--   URLs. The element lists the key pair IDs that CloudFront is aware of
--   for each trusted signer. The <tt>Signer</tt> child element lists the
--   AWS account number of the trusted signer (or an empty <tt>Self</tt>
--   element if the signer is you). The <tt>Signer</tt> element also
--   includes the IDs of any active key pairs associated with the trusted
--   signer's AWS account. If no <tt>KeyPairId</tt> element appears for a
--   <tt>Signer</tt> , that signer can't create working signed URLs.
dActiveTrustedSigners :: Lens' Distribution ActiveTrustedSigners

-- | The current configuration information for the distribution. Send a
--   <tt>GET</tt> request to the <tt>/<i>CloudFront API version</i>
--   <i>distribution ID</i>config</tt> resource.
dDistributionConfig :: Lens' Distribution DistributionConfig

-- | A distribution configuration.
--   
--   <i>See:</i> <a>distributionConfig</a> smart constructor.
data DistributionConfig

-- | Creates a value of <a>DistributionConfig</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>dcHTTPVersion</a> - (Optional) Specify the maximum HTTP version
--   that you want viewers to use to communicate with CloudFront. The
--   default value for new web distributions is http2. Viewers that don't
--   support HTTP<i>2 automatically use an earlier HTTP version. For
--   viewers and CloudFront to use HTTP</i>2, viewers must support TLS 1.2
--   or later, and must support Server Name Identification (SNI). In
--   general, configuring CloudFront to communicate with viewers using
--   HTTP<i>2 reduces latency. You can improve performance by optimizing
--   for HTTP</i>2. For more information, do an Internet search for "http/2
--   optimization."</li>
--   <li><a>dcAliases</a> - A complex type that contains information about
--   CNAMEs (alternate domain names), if any, for this distribution.</li>
--   <li><a>dcDefaultRootObject</a> - The object that you want CloudFront
--   to request from your origin (for example, <tt>index.html</tt> ) when a
--   viewer requests the root URL for your distribution
--   (<tt><a>http://www.example.com</a></tt> ) instead of an object in your
--   distribution
--   (<tt><a>http://www.example.com/product-description.html</a></tt> ).
--   Specifying a default root object avoids exposing the contents of your
--   distribution. Specify only the object name, for example,
--   <tt>index.html</tt> . Don't add a <tt>/</tt> before the object name.
--   If you don't want to specify a default root object when you create a
--   distribution, include an empty <tt>DefaultRootObject</tt> element. To
--   delete the default root object from an existing distribution, update
--   the distribution configuration and include an empty
--   <tt>DefaultRootObject</tt> element. To replace the default root
--   object, update the distribution configuration and specify the new
--   object. For more information about the default root object, see
--   <a>Creating a Default Root Object</a> in the <i>Amazon CloudFront
--   Developer Guide</i> .</li>
--   <li><a>dcPriceClass</a> - The price class that corresponds with the
--   maximum price that you want to pay for CloudFront service. If you
--   specify <tt>PriceClass_All</tt> , CloudFront responds to requests for
--   your objects from all CloudFront edge locations. If you specify a
--   price class other than <tt>PriceClass_All</tt> , CloudFront serves
--   your objects from the CloudFront edge location that has the lowest
--   latency among the edge locations in your price class. Viewers who are
--   in or near regions that are excluded from your specified price class
--   may encounter slower performance. For more information about price
--   classes, see <a>Choosing the Price Class for a CloudFront
--   Distribution</a> in the <i>Amazon CloudFront Developer Guide</i> . For
--   information about CloudFront pricing, including how price classes map
--   to CloudFront regions, see <a>Amazon CloudFront Pricing</a> .</li>
--   <li><a>dcCustomErrorResponses</a> - A complex type that controls the
--   following: * Whether CloudFront replaces HTTP status codes in the 4xx
--   and 5xx range with custom error messages before returning the response
--   to the viewer. * How long CloudFront caches HTTP status codes in the
--   4xx and 5xx range. For more information about custom error pages, see
--   <a>Customizing Error Responses</a> in the <i>Amazon CloudFront
--   Developer Guide</i> .</li>
--   <li><a>dcWebACLId</a> - A unique identifier that specifies the AWS WAF
--   web ACL, if any, to associate with this distribution. AWS WAF is a web
--   application firewall that lets you monitor the HTTP and HTTPS requests
--   that are forwarded to CloudFront, and lets you control access to your
--   content. Based on conditions that you specify, such as the IP
--   addresses that requests originate from or the values of query strings,
--   CloudFront responds to requests either with the requested content or
--   with an HTTP 403 status code (Forbidden). You can also configure
--   CloudFront to return a custom error page when a request is blocked.
--   For more information about AWS WAF, see the <a>AWS WAF Developer
--   Guide</a> .</li>
--   <li><a>dcViewerCertificate</a> - Undocumented member.</li>
--   <li><a>dcRestrictions</a> - Undocumented member.</li>
--   <li><a>dcLogging</a> - A complex type that controls whether access
--   logs are written for the distribution. For more information about
--   logging, see <a>Access Logs</a> in the <i>Amazon CloudFront Developer
--   Guide</i> .</li>
--   <li><a>dcCacheBehaviors</a> - A complex type that contains zero or
--   more <tt>CacheBehavior</tt> elements.</li>
--   <li><a>dcIsIPV6Enabled</a> - If you want CloudFront to respond to IPv6
--   DNS requests with an IPv6 address for your distribution, specify
--   <tt>true</tt> . If you specify <tt>false</tt> , CloudFront responds to
--   IPv6 DNS requests with the DNS response code <tt>NOERROR</tt> and with
--   no IP addresses. This allows viewers to submit a second request, for
--   an IPv4 address for your distribution. In general, you should enable
--   IPv6 if you have users on IPv6 networks who want to access your
--   content. However, if you're using signed URLs or signed cookies to
--   restrict access to your content, and if you're using a custom policy
--   that includes the <tt>IpAddress</tt> parameter to restrict the IP
--   addresses that can access your content, don't enable IPv6. If you want
--   to restrict access to some content by IP address and not restrict
--   access to other content (or restrict access but not by IP address),
--   you can create two distributions. For more information, see
--   <a>Creating a Signed URL Using a Custom Policy</a> in the <i>Amazon
--   CloudFront Developer Guide</i> . If you're using an Amazon Route 53
--   alias resource record set to route traffic to your CloudFront
--   distribution, you need to create a second alias resource record set
--   when both of the following are true: * You enable IPv6 for the
--   distribution * You're using alternate domain names in the URLs for
--   your objects For more information, see <a>Routing Traffic to an Amazon
--   CloudFront Web Distribution by Using Your Domain Name</a> in the
--   <i>Amazon Route 53 Developer Guide</i> . If you created a CNAME
--   resource record set, either with Amazon Route 53 or with another DNS
--   service, you don't need to make any changes. A CNAME record will route
--   traffic to your distribution regardless of the IP address format of
--   the viewer request.</li>
--   <li><a>dcCallerReference</a> - A unique value (for example, a
--   date-time stamp) that ensures that the request can't be replayed. If
--   the value of <tt>CallerReference</tt> is new (regardless of the
--   content of the <tt>DistributionConfig</tt> object), CloudFront creates
--   a new distribution. If <tt>CallerReference</tt> is a value you already
--   sent in a previous request to create a distribution, and if the
--   content of the <tt>DistributionConfig</tt> is identical to the
--   original request (ignoring white space), CloudFront returns the same
--   the response that it returned to the original request. If
--   <tt>CallerReference</tt> is a value you already sent in a previous
--   request to create a distribution but the content of the
--   <tt>DistributionConfig</tt> is different from the original request,
--   CloudFront returns a <tt>DistributionAlreadyExists</tt> error.</li>
--   <li><a>dcOrigins</a> - A complex type that contains information about
--   origins for this distribution.</li>
--   <li><a>dcDefaultCacheBehavior</a> - A complex type that describes the
--   default cache behavior if you don't specify a <tt>CacheBehavior</tt>
--   element or if files don't match any of the values of
--   <tt>PathPattern</tt> in <tt>CacheBehavior</tt> elements. You must
--   create exactly one default cache behavior.</li>
--   <li><a>dcComment</a> - Any comments you want to include about the
--   distribution. If you don't want to specify a comment, include an empty
--   <tt>Comment</tt> element. To delete an existing comment, update the
--   distribution configuration and include an empty <tt>Comment</tt>
--   element. To add or change a comment, update the distribution
--   configuration and specify the new comment.</li>
--   <li><a>dcEnabled</a> - From this field, you can enable or disable the
--   selected distribution. If you specify <tt>false</tt> for
--   <tt>Enabled</tt> but you specify values for <tt>Bucket</tt> and
--   <tt>Prefix</tt> , the values are automatically deleted.</li>
--   </ul>
distributionConfig :: Text -> Origins -> DefaultCacheBehavior -> Text -> Bool -> DistributionConfig

-- | (Optional) Specify the maximum HTTP version that you want viewers to
--   use to communicate with CloudFront. The default value for new web
--   distributions is http2. Viewers that don't support HTTP<i>2
--   automatically use an earlier HTTP version. For viewers and CloudFront
--   to use HTTP</i>2, viewers must support TLS 1.2 or later, and must
--   support Server Name Identification (SNI). In general, configuring
--   CloudFront to communicate with viewers using HTTP<i>2 reduces latency.
--   You can improve performance by optimizing for HTTP</i>2. For more
--   information, do an Internet search for "http/2 optimization."
dcHTTPVersion :: Lens' DistributionConfig (Maybe HTTPVersion)

-- | A complex type that contains information about CNAMEs (alternate
--   domain names), if any, for this distribution.
dcAliases :: Lens' DistributionConfig (Maybe Aliases)

-- | The object that you want CloudFront to request from your origin (for
--   example, <tt>index.html</tt> ) when a viewer requests the root URL for
--   your distribution (<tt><a>http://www.example.com</a></tt> ) instead of
--   an object in your distribution
--   (<tt><a>http://www.example.com/product-description.html</a></tt> ).
--   Specifying a default root object avoids exposing the contents of your
--   distribution. Specify only the object name, for example,
--   <tt>index.html</tt> . Don't add a <tt>/</tt> before the object name.
--   If you don't want to specify a default root object when you create a
--   distribution, include an empty <tt>DefaultRootObject</tt> element. To
--   delete the default root object from an existing distribution, update
--   the distribution configuration and include an empty
--   <tt>DefaultRootObject</tt> element. To replace the default root
--   object, update the distribution configuration and specify the new
--   object. For more information about the default root object, see
--   <a>Creating a Default Root Object</a> in the <i>Amazon CloudFront
--   Developer Guide</i> .
dcDefaultRootObject :: Lens' DistributionConfig (Maybe Text)

-- | The price class that corresponds with the maximum price that you want
--   to pay for CloudFront service. If you specify <tt>PriceClass_All</tt>
--   , CloudFront responds to requests for your objects from all CloudFront
--   edge locations. If you specify a price class other than
--   <tt>PriceClass_All</tt> , CloudFront serves your objects from the
--   CloudFront edge location that has the lowest latency among the edge
--   locations in your price class. Viewers who are in or near regions that
--   are excluded from your specified price class may encounter slower
--   performance. For more information about price classes, see <a>Choosing
--   the Price Class for a CloudFront Distribution</a> in the <i>Amazon
--   CloudFront Developer Guide</i> . For information about CloudFront
--   pricing, including how price classes map to CloudFront regions, see
--   <a>Amazon CloudFront Pricing</a> .
dcPriceClass :: Lens' DistributionConfig (Maybe PriceClass)

-- | A complex type that controls the following: * Whether CloudFront
--   replaces HTTP status codes in the 4xx and 5xx range with custom error
--   messages before returning the response to the viewer. * How long
--   CloudFront caches HTTP status codes in the 4xx and 5xx range. For more
--   information about custom error pages, see <a>Customizing Error
--   Responses</a> in the <i>Amazon CloudFront Developer Guide</i> .
dcCustomErrorResponses :: Lens' DistributionConfig (Maybe CustomErrorResponses)

-- | A unique identifier that specifies the AWS WAF web ACL, if any, to
--   associate with this distribution. AWS WAF is a web application
--   firewall that lets you monitor the HTTP and HTTPS requests that are
--   forwarded to CloudFront, and lets you control access to your content.
--   Based on conditions that you specify, such as the IP addresses that
--   requests originate from or the values of query strings, CloudFront
--   responds to requests either with the requested content or with an HTTP
--   403 status code (Forbidden). You can also configure CloudFront to
--   return a custom error page when a request is blocked. For more
--   information about AWS WAF, see the <a>AWS WAF Developer Guide</a> .
dcWebACLId :: Lens' DistributionConfig (Maybe Text)

-- | Undocumented member.
dcViewerCertificate :: Lens' DistributionConfig (Maybe ViewerCertificate)

-- | Undocumented member.
dcRestrictions :: Lens' DistributionConfig (Maybe Restrictions)

-- | A complex type that controls whether access logs are written for the
--   distribution. For more information about logging, see <a>Access
--   Logs</a> in the <i>Amazon CloudFront Developer Guide</i> .
dcLogging :: Lens' DistributionConfig (Maybe LoggingConfig)

-- | A complex type that contains zero or more <tt>CacheBehavior</tt>
--   elements.
dcCacheBehaviors :: Lens' DistributionConfig (Maybe CacheBehaviors)

-- | If you want CloudFront to respond to IPv6 DNS requests with an IPv6
--   address for your distribution, specify <tt>true</tt> . If you specify
--   <tt>false</tt> , CloudFront responds to IPv6 DNS requests with the DNS
--   response code <tt>NOERROR</tt> and with no IP addresses. This allows
--   viewers to submit a second request, for an IPv4 address for your
--   distribution. In general, you should enable IPv6 if you have users on
--   IPv6 networks who want to access your content. However, if you're
--   using signed URLs or signed cookies to restrict access to your
--   content, and if you're using a custom policy that includes the
--   <tt>IpAddress</tt> parameter to restrict the IP addresses that can
--   access your content, don't enable IPv6. If you want to restrict access
--   to some content by IP address and not restrict access to other content
--   (or restrict access but not by IP address), you can create two
--   distributions. For more information, see <a>Creating a Signed URL
--   Using a Custom Policy</a> in the <i>Amazon CloudFront Developer
--   Guide</i> . If you're using an Amazon Route 53 alias resource record
--   set to route traffic to your CloudFront distribution, you need to
--   create a second alias resource record set when both of the following
--   are true: * You enable IPv6 for the distribution * You're using
--   alternate domain names in the URLs for your objects For more
--   information, see <a>Routing Traffic to an Amazon CloudFront Web
--   Distribution by Using Your Domain Name</a> in the <i>Amazon Route 53
--   Developer Guide</i> . If you created a CNAME resource record set,
--   either with Amazon Route 53 or with another DNS service, you don't
--   need to make any changes. A CNAME record will route traffic to your
--   distribution regardless of the IP address format of the viewer
--   request.
dcIsIPV6Enabled :: Lens' DistributionConfig (Maybe Bool)

-- | A unique value (for example, a date-time stamp) that ensures that the
--   request can't be replayed. If the value of <tt>CallerReference</tt> is
--   new (regardless of the content of the <tt>DistributionConfig</tt>
--   object), CloudFront creates a new distribution. If
--   <tt>CallerReference</tt> is a value you already sent in a previous
--   request to create a distribution, and if the content of the
--   <tt>DistributionConfig</tt> is identical to the original request
--   (ignoring white space), CloudFront returns the same the response that
--   it returned to the original request. If <tt>CallerReference</tt> is a
--   value you already sent in a previous request to create a distribution
--   but the content of the <tt>DistributionConfig</tt> is different from
--   the original request, CloudFront returns a
--   <tt>DistributionAlreadyExists</tt> error.
dcCallerReference :: Lens' DistributionConfig Text

-- | A complex type that contains information about origins for this
--   distribution.
dcOrigins :: Lens' DistributionConfig Origins

-- | A complex type that describes the default cache behavior if you don't
--   specify a <tt>CacheBehavior</tt> element or if files don't match any
--   of the values of <tt>PathPattern</tt> in <tt>CacheBehavior</tt>
--   elements. You must create exactly one default cache behavior.
dcDefaultCacheBehavior :: Lens' DistributionConfig DefaultCacheBehavior

-- | Any comments you want to include about the distribution. If you don't
--   want to specify a comment, include an empty <tt>Comment</tt> element.
--   To delete an existing comment, update the distribution configuration
--   and include an empty <tt>Comment</tt> element. To add or change a
--   comment, update the distribution configuration and specify the new
--   comment.
dcComment :: Lens' DistributionConfig Text

-- | From this field, you can enable or disable the selected distribution.
--   If you specify <tt>false</tt> for <tt>Enabled</tt> but you specify
--   values for <tt>Bucket</tt> and <tt>Prefix</tt> , the values are
--   automatically deleted.
dcEnabled :: Lens' DistributionConfig Bool

-- | A distribution Configuration and a list of tags to be associated with
--   the distribution.
--   
--   <i>See:</i> <a>distributionConfigWithTags</a> smart constructor.
data DistributionConfigWithTags

-- | Creates a value of <a>DistributionConfigWithTags</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>dcwtDistributionConfig</a> - A distribution configuration.</li>
--   <li><a>dcwtTags</a> - A complex type that contains zero or more
--   <tt>Tag</tt> elements.</li>
--   </ul>
distributionConfigWithTags :: DistributionConfig -> Tags -> DistributionConfigWithTags

-- | A distribution configuration.
dcwtDistributionConfig :: Lens' DistributionConfigWithTags DistributionConfig

-- | A complex type that contains zero or more <tt>Tag</tt> elements.
dcwtTags :: Lens' DistributionConfigWithTags Tags

-- | A distribution list.
--   
--   <i>See:</i> <a>distributionList</a> smart constructor.
data DistributionList

-- | Creates a value of <a>DistributionList</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>dlItems</a> - A complex type that contains one
--   <tt>DistributionSummary</tt> element for each distribution that was
--   created by the current AWS account.</li>
--   <li><a>dlNextMarker</a> - If <tt>IsTruncated</tt> is <tt>true</tt> ,
--   this element is present and contains the value you can use for the
--   <tt>Marker</tt> request parameter to continue listing your
--   distributions where they left off.</li>
--   <li><a>dlMarker</a> - The value you provided for the <tt>Marker</tt>
--   request parameter.</li>
--   <li><a>dlMaxItems</a> - The value you provided for the
--   <tt>MaxItems</tt> request parameter.</li>
--   <li><a>dlIsTruncated</a> - A flag that indicates whether more
--   distributions remain to be listed. If your results were truncated, you
--   can make a follow-up pagination request using the <tt>Marker</tt>
--   request parameter to retrieve more distributions in the list.</li>
--   <li><a>dlQuantity</a> - The number of distributions that were created
--   by the current AWS account.</li>
--   </ul>
distributionList :: Text -> Int -> Bool -> Int -> DistributionList

-- | A complex type that contains one <tt>DistributionSummary</tt> element
--   for each distribution that was created by the current AWS account.
dlItems :: Lens' DistributionList [DistributionSummary]

-- | If <tt>IsTruncated</tt> is <tt>true</tt> , this element is present and
--   contains the value you can use for the <tt>Marker</tt> request
--   parameter to continue listing your distributions where they left off.
dlNextMarker :: Lens' DistributionList (Maybe Text)

-- | The value you provided for the <tt>Marker</tt> request parameter.
dlMarker :: Lens' DistributionList Text

-- | The value you provided for the <tt>MaxItems</tt> request parameter.
dlMaxItems :: Lens' DistributionList Int

-- | A flag that indicates whether more distributions remain to be listed.
--   If your results were truncated, you can make a follow-up pagination
--   request using the <tt>Marker</tt> request parameter to retrieve more
--   distributions in the list.
dlIsTruncated :: Lens' DistributionList Bool

-- | The number of distributions that were created by the current AWS
--   account.
dlQuantity :: Lens' DistributionList Int

-- | A summary of the information about a CloudFront distribution.
--   
--   <i>See:</i> <a>distributionSummary</a> smart constructor.
data DistributionSummary

-- | Creates a value of <a>DistributionSummary</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>dsId</a> - The identifier for the distribution. For example:
--   <tt>EDFDVBD632BHDS5</tt> .</li>
--   <li><a>dsARN</a> - The ARN (Amazon Resource Name) for the
--   distribution. For example:
--   <tt>arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5</tt>
--   , where <tt>123456789012</tt> is your AWS account ID.</li>
--   <li><a>dsStatus</a> - The current status of the distribution. When the
--   status is <tt>Deployed</tt> , the distribution's information is
--   propagated to all CloudFront edge locations.</li>
--   <li><a>dsLastModifiedTime</a> - The date and time the distribution was
--   last modified.</li>
--   <li><a>dsDomainName</a> - The domain name that corresponds to the
--   distribution, for example, <tt>d111111abcdef8.cloudfront.net</tt>
--   .</li>
--   <li><a>dsAliases</a> - A complex type that contains information about
--   CNAMEs (alternate domain names), if any, for this distribution.</li>
--   <li><a>dsOrigins</a> - A complex type that contains information about
--   origins for this distribution.</li>
--   <li><a>dsDefaultCacheBehavior</a> - A complex type that describes the
--   default cache behavior if you don't specify a <tt>CacheBehavior</tt>
--   element or if files don't match any of the values of
--   <tt>PathPattern</tt> in <tt>CacheBehavior</tt> elements. You must
--   create exactly one default cache behavior.</li>
--   <li><a>dsCacheBehaviors</a> - A complex type that contains zero or
--   more <tt>CacheBehavior</tt> elements.</li>
--   <li><a>dsCustomErrorResponses</a> - A complex type that contains zero
--   or more <tt>CustomErrorResponses</tt> elements.</li>
--   <li><a>dsComment</a> - The comment originally specified when this
--   distribution was created.</li>
--   <li><a>dsPriceClass</a> - Undocumented member.</li>
--   <li><a>dsEnabled</a> - Whether the distribution is enabled to accept
--   user requests for content.</li>
--   <li><a>dsViewerCertificate</a> - Undocumented member.</li>
--   <li><a>dsRestrictions</a> - Undocumented member.</li>
--   <li><a>dsWebACLId</a> - The Web ACL Id (if any) associated with the
--   distribution.</li>
--   <li><a>dsHTTPVersion</a> - Specify the maximum HTTP version that you
--   want viewers to use to communicate with CloudFront. The default value
--   for new web distributions is <tt>http2</tt> . Viewers that don't
--   support <tt>HTTP/2</tt> will automatically use an earlier
--   version.</li>
--   <li><a>dsIsIPV6Enabled</a> - Whether CloudFront responds to IPv6 DNS
--   requests with an IPv6 address for your distribution.</li>
--   </ul>
distributionSummary :: Text -> Text -> Text -> UTCTime -> Text -> Aliases -> Origins -> DefaultCacheBehavior -> CacheBehaviors -> CustomErrorResponses -> Text -> PriceClass -> Bool -> ViewerCertificate -> Restrictions -> Text -> HTTPVersion -> Bool -> DistributionSummary

-- | The identifier for the distribution. For example:
--   <tt>EDFDVBD632BHDS5</tt> .
dsId :: Lens' DistributionSummary Text

-- | The ARN (Amazon Resource Name) for the distribution. For example:
--   <tt>arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5</tt>
--   , where <tt>123456789012</tt> is your AWS account ID.
dsARN :: Lens' DistributionSummary Text

-- | The current status of the distribution. When the status is
--   <tt>Deployed</tt> , the distribution's information is propagated to
--   all CloudFront edge locations.
dsStatus :: Lens' DistributionSummary Text

-- | The date and time the distribution was last modified.
dsLastModifiedTime :: Lens' DistributionSummary UTCTime

-- | The domain name that corresponds to the distribution, for example,
--   <tt>d111111abcdef8.cloudfront.net</tt> .
dsDomainName :: Lens' DistributionSummary Text

-- | A complex type that contains information about CNAMEs (alternate
--   domain names), if any, for this distribution.
dsAliases :: Lens' DistributionSummary Aliases

-- | A complex type that contains information about origins for this
--   distribution.
dsOrigins :: Lens' DistributionSummary Origins

-- | A complex type that describes the default cache behavior if you don't
--   specify a <tt>CacheBehavior</tt> element or if files don't match any
--   of the values of <tt>PathPattern</tt> in <tt>CacheBehavior</tt>
--   elements. You must create exactly one default cache behavior.
dsDefaultCacheBehavior :: Lens' DistributionSummary DefaultCacheBehavior

-- | A complex type that contains zero or more <tt>CacheBehavior</tt>
--   elements.
dsCacheBehaviors :: Lens' DistributionSummary CacheBehaviors

-- | A complex type that contains zero or more
--   <tt>CustomErrorResponses</tt> elements.
dsCustomErrorResponses :: Lens' DistributionSummary CustomErrorResponses

-- | The comment originally specified when this distribution was created.
dsComment :: Lens' DistributionSummary Text

-- | Undocumented member.
dsPriceClass :: Lens' DistributionSummary PriceClass

-- | Whether the distribution is enabled to accept user requests for
--   content.
dsEnabled :: Lens' DistributionSummary Bool

-- | Undocumented member.
dsViewerCertificate :: Lens' DistributionSummary ViewerCertificate

-- | Undocumented member.
dsRestrictions :: Lens' DistributionSummary Restrictions

-- | The Web ACL Id (if any) associated with the distribution.
dsWebACLId :: Lens' DistributionSummary Text

-- | Specify the maximum HTTP version that you want viewers to use to
--   communicate with CloudFront. The default value for new web
--   distributions is <tt>http2</tt> . Viewers that don't support
--   <tt>HTTP/2</tt> will automatically use an earlier version.
dsHTTPVersion :: Lens' DistributionSummary HTTPVersion

-- | Whether CloudFront responds to IPv6 DNS requests with an IPv6 address
--   for your distribution.
dsIsIPV6Enabled :: Lens' DistributionSummary Bool

-- | Complex data type for field-level encryption profiles that includes
--   all of the encryption entities.
--   
--   <i>See:</i> <a>encryptionEntities</a> smart constructor.
data EncryptionEntities

-- | Creates a value of <a>EncryptionEntities</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>eeItems</a> - An array of field patterns in a field-level
--   encryption content type-profile mapping.</li>
--   <li><a>eeQuantity</a> - Number of field pattern items in a field-level
--   encryption content type-profile mapping.</li>
--   </ul>
encryptionEntities :: Int -> EncryptionEntities

-- | An array of field patterns in a field-level encryption content
--   type-profile mapping.
eeItems :: Lens' EncryptionEntities [EncryptionEntity]

-- | Number of field pattern items in a field-level encryption content
--   type-profile mapping.
eeQuantity :: Lens' EncryptionEntities Int

-- | Complex data type for field-level encryption profiles that includes
--   the encryption key and field pattern specifications.
--   
--   <i>See:</i> <a>encryptionEntity</a> smart constructor.
data EncryptionEntity

-- | Creates a value of <a>EncryptionEntity</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>eePublicKeyId</a> - The public key associated with a set of
--   field-level encryption patterns, to be used when encrypting the fields
--   that match the patterns.</li>
--   <li><a>eeProviderId</a> - The provider associated with the public key
--   being used for encryption. This value must also be provided with the
--   private key for applications to be able to decrypt data.</li>
--   <li><a>eeFieldPatterns</a> - Field patterns in a field-level
--   encryption content type profile specify the fields that you want to be
--   encrypted. You can provide the full field name, or any beginning
--   characters followed by a wildcard (*). You can't overlap field
--   patterns. For example, you can't have both ABC* and AB*. Note that
--   field patterns are case-sensitive.</li>
--   </ul>
encryptionEntity :: Text -> Text -> FieldPatterns -> EncryptionEntity

-- | The public key associated with a set of field-level encryption
--   patterns, to be used when encrypting the fields that match the
--   patterns.
eePublicKeyId :: Lens' EncryptionEntity Text

-- | The provider associated with the public key being used for encryption.
--   This value must also be provided with the private key for applications
--   to be able to decrypt data.
eeProviderId :: Lens' EncryptionEntity Text

-- | Field patterns in a field-level encryption content type profile
--   specify the fields that you want to be encrypted. You can provide the
--   full field name, or any beginning characters followed by a wildcard
--   (*). You can't overlap field patterns. For example, you can't have
--   both ABC* and AB*. Note that field patterns are case-sensitive.
eeFieldPatterns :: Lens' EncryptionEntity FieldPatterns

-- | A complex data type that includes the profile configurations and other
--   options specified for field-level encryption.
--   
--   <i>See:</i> <a>fieldLevelEncryption</a> smart constructor.
data FieldLevelEncryption

-- | Creates a value of <a>FieldLevelEncryption</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>fleId</a> - The configuration ID for a field-level encryption
--   configuration which includes a set of profiles that specify certain
--   selected data fields to be encrypted by specific public keys.</li>
--   <li><a>fleLastModifiedTime</a> - The last time the field-level
--   encryption configuration was changed.</li>
--   <li><a>fleFieldLevelEncryptionConfig</a> - A complex data type that
--   includes the profile configurations specified for field-level
--   encryption.</li>
--   </ul>
fieldLevelEncryption :: Text -> UTCTime -> FieldLevelEncryptionConfig -> FieldLevelEncryption

-- | The configuration ID for a field-level encryption configuration which
--   includes a set of profiles that specify certain selected data fields
--   to be encrypted by specific public keys.
fleId :: Lens' FieldLevelEncryption Text

-- | The last time the field-level encryption configuration was changed.
fleLastModifiedTime :: Lens' FieldLevelEncryption UTCTime

-- | A complex data type that includes the profile configurations specified
--   for field-level encryption.
fleFieldLevelEncryptionConfig :: Lens' FieldLevelEncryption FieldLevelEncryptionConfig

-- | A complex data type that includes the profile configurations specified
--   for field-level encryption.
--   
--   <i>See:</i> <a>fieldLevelEncryptionConfig</a> smart constructor.
data FieldLevelEncryptionConfig

-- | Creates a value of <a>FieldLevelEncryptionConfig</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>flecQueryArgProfileConfig</a> - A complex data type that
--   specifies when to forward content if a profile isn't found and the
--   profile that can be provided as a query argument in a request.</li>
--   <li><a>flecContentTypeProfileConfig</a> - A complex data type that
--   specifies when to forward content if a content type isn't recognized
--   and profiles to use as by default in a request if a query argument
--   doesn't specify a profile to use.</li>
--   <li><a>flecComment</a> - An optional comment about the
--   configuration.</li>
--   <li><a>flecCallerReference</a> - A unique number that ensures the
--   request can't be replayed.</li>
--   </ul>
fieldLevelEncryptionConfig :: Text -> FieldLevelEncryptionConfig

-- | A complex data type that specifies when to forward content if a
--   profile isn't found and the profile that can be provided as a query
--   argument in a request.
flecQueryArgProfileConfig :: Lens' FieldLevelEncryptionConfig (Maybe QueryArgProfileConfig)

-- | A complex data type that specifies when to forward content if a
--   content type isn't recognized and profiles to use as by default in a
--   request if a query argument doesn't specify a profile to use.
flecContentTypeProfileConfig :: Lens' FieldLevelEncryptionConfig (Maybe ContentTypeProfileConfig)

-- | An optional comment about the configuration.
flecComment :: Lens' FieldLevelEncryptionConfig (Maybe Text)

-- | A unique number that ensures the request can't be replayed.
flecCallerReference :: Lens' FieldLevelEncryptionConfig Text

-- | List of field-level encrpytion configurations.
--   
--   <i>See:</i> <a>fieldLevelEncryptionList</a> smart constructor.
data FieldLevelEncryptionList

-- | Creates a value of <a>FieldLevelEncryptionList</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>flelItems</a> - An array of field-level encryption items.</li>
--   <li><a>flelNextMarker</a> - If there are more elements to be listed,
--   this element is present and contains the value that you can use for
--   the <tt>Marker</tt> request parameter to continue listing your
--   configurations where you left off.</li>
--   <li><a>flelMaxItems</a> - The maximum number of elements you want in
--   the response body.</li>
--   <li><a>flelQuantity</a> - The number of field-level encryption
--   items.</li>
--   </ul>
fieldLevelEncryptionList :: Int -> Int -> FieldLevelEncryptionList

-- | An array of field-level encryption items.
flelItems :: Lens' FieldLevelEncryptionList [FieldLevelEncryptionSummary]

-- | If there are more elements to be listed, this element is present and
--   contains the value that you can use for the <tt>Marker</tt> request
--   parameter to continue listing your configurations where you left off.
flelNextMarker :: Lens' FieldLevelEncryptionList (Maybe Text)

-- | The maximum number of elements you want in the response body.
flelMaxItems :: Lens' FieldLevelEncryptionList Int

-- | The number of field-level encryption items.
flelQuantity :: Lens' FieldLevelEncryptionList Int

-- | A complex data type for field-level encryption profiles.
--   
--   <i>See:</i> <a>fieldLevelEncryptionProfile</a> smart constructor.
data FieldLevelEncryptionProfile

-- | Creates a value of <a>FieldLevelEncryptionProfile</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>flepId</a> - The ID for a field-level encryption profile
--   configuration which includes a set of profiles that specify certain
--   selected data fields to be encrypted by specific public keys.</li>
--   <li><a>flepLastModifiedTime</a> - The last time the field-level
--   encryption profile was updated.</li>
--   <li><a>flepFieldLevelEncryptionProfileConfig</a> - A complex data type
--   that includes the profile name and the encryption entities for the
--   field-level encryption profile.</li>
--   </ul>
fieldLevelEncryptionProfile :: Text -> UTCTime -> FieldLevelEncryptionProfileConfig -> FieldLevelEncryptionProfile

-- | The ID for a field-level encryption profile configuration which
--   includes a set of profiles that specify certain selected data fields
--   to be encrypted by specific public keys.
flepId :: Lens' FieldLevelEncryptionProfile Text

-- | The last time the field-level encryption profile was updated.
flepLastModifiedTime :: Lens' FieldLevelEncryptionProfile UTCTime

-- | A complex data type that includes the profile name and the encryption
--   entities for the field-level encryption profile.
flepFieldLevelEncryptionProfileConfig :: Lens' FieldLevelEncryptionProfile FieldLevelEncryptionProfileConfig

-- | A complex data type of profiles for the field-level encryption.
--   
--   <i>See:</i> <a>fieldLevelEncryptionProfileConfig</a> smart
--   constructor.
data FieldLevelEncryptionProfileConfig

-- | Creates a value of <a>FieldLevelEncryptionProfileConfig</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>flepcComment</a> - An optional comment for the field-level
--   encryption profile.</li>
--   <li><a>flepcName</a> - Profile name for the field-level encryption
--   profile.</li>
--   <li><a>flepcCallerReference</a> - A unique number that ensures the
--   request can't be replayed.</li>
--   <li><a>flepcEncryptionEntities</a> - A complex data type of encryption
--   entities for the field-level encryption profile that include the
--   public key ID, provider, and field patterns for specifying which
--   fields to encrypt with this key.</li>
--   </ul>
fieldLevelEncryptionProfileConfig :: Text -> Text -> EncryptionEntities -> FieldLevelEncryptionProfileConfig

-- | An optional comment for the field-level encryption profile.
flepcComment :: Lens' FieldLevelEncryptionProfileConfig (Maybe Text)

-- | Profile name for the field-level encryption profile.
flepcName :: Lens' FieldLevelEncryptionProfileConfig Text

-- | A unique number that ensures the request can't be replayed.
flepcCallerReference :: Lens' FieldLevelEncryptionProfileConfig Text

-- | A complex data type of encryption entities for the field-level
--   encryption profile that include the public key ID, provider, and field
--   patterns for specifying which fields to encrypt with this key.
flepcEncryptionEntities :: Lens' FieldLevelEncryptionProfileConfig EncryptionEntities

-- | List of field-level encryption profiles.
--   
--   <i>See:</i> <a>fieldLevelEncryptionProfileList</a> smart constructor.
data FieldLevelEncryptionProfileList

-- | Creates a value of <a>FieldLevelEncryptionProfileList</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>fleplItems</a> - The field-level encryption profile items.</li>
--   <li><a>fleplNextMarker</a> - If there are more elements to be listed,
--   this element is present and contains the value that you can use for
--   the <tt>Marker</tt> request parameter to continue listing your
--   profiles where you left off.</li>
--   <li><a>fleplMaxItems</a> - The maximum number of field-level
--   encryption profiles you want in the response body.</li>
--   <li><a>fleplQuantity</a> - The number of field-level encryption
--   profiles.</li>
--   </ul>
fieldLevelEncryptionProfileList :: Int -> Int -> FieldLevelEncryptionProfileList

-- | The field-level encryption profile items.
fleplItems :: Lens' FieldLevelEncryptionProfileList [FieldLevelEncryptionProfileSummary]

-- | If there are more elements to be listed, this element is present and
--   contains the value that you can use for the <tt>Marker</tt> request
--   parameter to continue listing your profiles where you left off.
fleplNextMarker :: Lens' FieldLevelEncryptionProfileList (Maybe Text)

-- | The maximum number of field-level encryption profiles you want in the
--   response body.
fleplMaxItems :: Lens' FieldLevelEncryptionProfileList Int

-- | The number of field-level encryption profiles.
fleplQuantity :: Lens' FieldLevelEncryptionProfileList Int

-- | The field-level encryption profile summary.
--   
--   <i>See:</i> <a>fieldLevelEncryptionProfileSummary</a> smart
--   constructor.
data FieldLevelEncryptionProfileSummary

-- | Creates a value of <a>FieldLevelEncryptionProfileSummary</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>flepsComment</a> - An optional comment for the field-level
--   encryption profile summary.</li>
--   <li><a>flepsId</a> - ID for the field-level encryption profile
--   summary.</li>
--   <li><a>flepsLastModifiedTime</a> - The time when the the field-level
--   encryption profile summary was last updated.</li>
--   <li><a>flepsName</a> - Name for the field-level encryption profile
--   summary.</li>
--   <li><a>flepsEncryptionEntities</a> - A complex data type of encryption
--   entities for the field-level encryption profile that include the
--   public key ID, provider, and field patterns for specifying which
--   fields to encrypt with this key.</li>
--   </ul>
fieldLevelEncryptionProfileSummary :: Text -> UTCTime -> Text -> EncryptionEntities -> FieldLevelEncryptionProfileSummary

-- | An optional comment for the field-level encryption profile summary.
flepsComment :: Lens' FieldLevelEncryptionProfileSummary (Maybe Text)

-- | ID for the field-level encryption profile summary.
flepsId :: Lens' FieldLevelEncryptionProfileSummary Text

-- | The time when the the field-level encryption profile summary was last
--   updated.
flepsLastModifiedTime :: Lens' FieldLevelEncryptionProfileSummary UTCTime

-- | Name for the field-level encryption profile summary.
flepsName :: Lens' FieldLevelEncryptionProfileSummary Text

-- | A complex data type of encryption entities for the field-level
--   encryption profile that include the public key ID, provider, and field
--   patterns for specifying which fields to encrypt with this key.
flepsEncryptionEntities :: Lens' FieldLevelEncryptionProfileSummary EncryptionEntities

-- | A summary of a field-level encryption item.
--   
--   <i>See:</i> <a>fieldLevelEncryptionSummary</a> smart constructor.
data FieldLevelEncryptionSummary

-- | Creates a value of <a>FieldLevelEncryptionSummary</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>flesQueryArgProfileConfig</a> - A summary of a query
--   argument-profile mapping.</li>
--   <li><a>flesContentTypeProfileConfig</a> - A summary of a content
--   type-profile mapping.</li>
--   <li><a>flesComment</a> - An optional comment about the field-level
--   encryption item.</li>
--   <li><a>flesId</a> - The unique ID of a field-level encryption
--   item.</li>
--   <li><a>flesLastModifiedTime</a> - The last time that the summary of
--   field-level encryption items was modified.</li>
--   </ul>
fieldLevelEncryptionSummary :: Text -> UTCTime -> FieldLevelEncryptionSummary

-- | A summary of a query argument-profile mapping.
flesQueryArgProfileConfig :: Lens' FieldLevelEncryptionSummary (Maybe QueryArgProfileConfig)

-- | A summary of a content type-profile mapping.
flesContentTypeProfileConfig :: Lens' FieldLevelEncryptionSummary (Maybe ContentTypeProfileConfig)

-- | An optional comment about the field-level encryption item.
flesComment :: Lens' FieldLevelEncryptionSummary (Maybe Text)

-- | The unique ID of a field-level encryption item.
flesId :: Lens' FieldLevelEncryptionSummary Text

-- | The last time that the summary of field-level encryption items was
--   modified.
flesLastModifiedTime :: Lens' FieldLevelEncryptionSummary UTCTime

-- | A complex data type that includes the field patterns to match for
--   field-level encryption.
--   
--   <i>See:</i> <a>fieldPatterns</a> smart constructor.
data FieldPatterns

-- | Creates a value of <a>FieldPatterns</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>fpItems</a> - An array of the field-level encryption field
--   patterns.</li>
--   <li><a>fpQuantity</a> - The number of field-level encryption field
--   patterns.</li>
--   </ul>
fieldPatterns :: Int -> FieldPatterns

-- | An array of the field-level encryption field patterns.
fpItems :: Lens' FieldPatterns [Text]

-- | The number of field-level encryption field patterns.
fpQuantity :: Lens' FieldPatterns Int

-- | A complex type that specifies how CloudFront handles query strings and
--   cookies.
--   
--   <i>See:</i> <a>forwardedValues</a> smart constructor.
data ForwardedValues

-- | Creates a value of <a>ForwardedValues</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>fvQueryStringCacheKeys</a> - A complex type that contains
--   information about the query string parameters that you want CloudFront
--   to use for caching for this cache behavior.</li>
--   <li><a>fvHeaders</a> - A complex type that specifies the
--   <tt>Headers</tt> , if any, that you want CloudFront to base caching on
--   for this cache behavior.</li>
--   <li><a>fvQueryString</a> - Indicates whether you want CloudFront to
--   forward query strings to the origin that is associated with this cache
--   behavior and cache based on the query string parameters. CloudFront
--   behavior depends on the value of <tt>QueryString</tt> and on the
--   values that you specify for <tt>QueryStringCacheKeys</tt> , if any: If
--   you specify true for <tt>QueryString</tt> and you don't specify any
--   values for <tt>QueryStringCacheKeys</tt> , CloudFront forwards all
--   query string parameters to the origin and caches based on all query
--   string parameters. Depending on how many query string parameters and
--   values you have, this can adversely affect performance because
--   CloudFront must forward more requests to the origin. If you specify
--   true for <tt>QueryString</tt> and you specify one or more values for
--   <tt>QueryStringCacheKeys</tt> , CloudFront forwards all query string
--   parameters to the origin, but it only caches based on the query string
--   parameters that you specify. If you specify false for
--   <tt>QueryString</tt> , CloudFront doesn't forward any query string
--   parameters to the origin, and doesn't cache based on query string
--   parameters. For more information, see <a>Configuring CloudFront to
--   Cache Based on Query String Parameters</a> in the <i>Amazon CloudFront
--   Developer Guide</i> .</li>
--   <li><a>fvCookies</a> - A complex type that specifies whether you want
--   CloudFront to forward cookies to the origin and, if so, which ones.
--   For more information about forwarding cookies to the origin, see
--   <a>How CloudFront Forwards, Caches, and Logs Cookies</a> in the
--   <i>Amazon CloudFront Developer Guide</i> .</li>
--   </ul>
forwardedValues :: Bool -> CookiePreference -> ForwardedValues

-- | A complex type that contains information about the query string
--   parameters that you want CloudFront to use for caching for this cache
--   behavior.
fvQueryStringCacheKeys :: Lens' ForwardedValues (Maybe QueryStringCacheKeys)

-- | A complex type that specifies the <tt>Headers</tt> , if any, that you
--   want CloudFront to base caching on for this cache behavior.
fvHeaders :: Lens' ForwardedValues (Maybe Headers)

-- | Indicates whether you want CloudFront to forward query strings to the
--   origin that is associated with this cache behavior and cache based on
--   the query string parameters. CloudFront behavior depends on the value
--   of <tt>QueryString</tt> and on the values that you specify for
--   <tt>QueryStringCacheKeys</tt> , if any: If you specify true for
--   <tt>QueryString</tt> and you don't specify any values for
--   <tt>QueryStringCacheKeys</tt> , CloudFront forwards all query string
--   parameters to the origin and caches based on all query string
--   parameters. Depending on how many query string parameters and values
--   you have, this can adversely affect performance because CloudFront
--   must forward more requests to the origin. If you specify true for
--   <tt>QueryString</tt> and you specify one or more values for
--   <tt>QueryStringCacheKeys</tt> , CloudFront forwards all query string
--   parameters to the origin, but it only caches based on the query string
--   parameters that you specify. If you specify false for
--   <tt>QueryString</tt> , CloudFront doesn't forward any query string
--   parameters to the origin, and doesn't cache based on query string
--   parameters. For more information, see <a>Configuring CloudFront to
--   Cache Based on Query String Parameters</a> in the <i>Amazon CloudFront
--   Developer Guide</i> .
fvQueryString :: Lens' ForwardedValues Bool

-- | A complex type that specifies whether you want CloudFront to forward
--   cookies to the origin and, if so, which ones. For more information
--   about forwarding cookies to the origin, see <a>How CloudFront
--   Forwards, Caches, and Logs Cookies</a> in the <i>Amazon CloudFront
--   Developer Guide</i> .
fvCookies :: Lens' ForwardedValues CookiePreference

-- | A complex type that controls the countries in which your content is
--   distributed. CloudFront determines the location of your users using
--   <tt>MaxMind</tt> GeoIP databases.
--   
--   <i>See:</i> <a>geoRestriction</a> smart constructor.
data GeoRestriction

-- | Creates a value of <a>GeoRestriction</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>grItems</a> - A complex type that contains a <tt>Location</tt>
--   element for each country in which you want CloudFront either to
--   distribute your content (<tt>whitelist</tt> ) or not distribute your
--   content (<tt>blacklist</tt> ). The <tt>Location</tt> element is a
--   two-letter, uppercase country code for a country that you want to
--   include in your <tt>blacklist</tt> or <tt>whitelist</tt> . Include one
--   <tt>Location</tt> element for each country. CloudFront and
--   <tt>MaxMind</tt> both use <tt>ISO 3166</tt> country codes. For the
--   current list of countries and the corresponding codes, see <tt>ISO
--   3166-1-alpha-2</tt> code on the <i>International Organization for
--   Standardization</i> website. You can also refer to the country list on
--   the CloudFront console, which includes both country names and
--   codes.</li>
--   <li><a>grRestrictionType</a> - The method that you want to use to
--   restrict distribution of your content by country: * <tt>none</tt> : No
--   geo restriction is enabled, meaning access to content is not
--   restricted by client geo location. * <tt>blacklist</tt> : The
--   <tt>Location</tt> elements specify the countries in which you don't
--   want CloudFront to distribute your content. * <tt>whitelist</tt> : The
--   <tt>Location</tt> elements specify the countries in which you want
--   CloudFront to distribute your content.</li>
--   <li><a>grQuantity</a> - When geo restriction is <tt>enabled</tt> ,
--   this is the number of countries in your <tt>whitelist</tt> or
--   <tt>blacklist</tt> . Otherwise, when it is not enabled,
--   <tt>Quantity</tt> is <tt>0</tt> , and you can omit <tt>Items</tt>
--   .</li>
--   </ul>
geoRestriction :: GeoRestrictionType -> Int -> GeoRestriction

-- | A complex type that contains a <tt>Location</tt> element for each
--   country in which you want CloudFront either to distribute your content
--   (<tt>whitelist</tt> ) or not distribute your content
--   (<tt>blacklist</tt> ). The <tt>Location</tt> element is a two-letter,
--   uppercase country code for a country that you want to include in your
--   <tt>blacklist</tt> or <tt>whitelist</tt> . Include one
--   <tt>Location</tt> element for each country. CloudFront and
--   <tt>MaxMind</tt> both use <tt>ISO 3166</tt> country codes. For the
--   current list of countries and the corresponding codes, see <tt>ISO
--   3166-1-alpha-2</tt> code on the <i>International Organization for
--   Standardization</i> website. You can also refer to the country list on
--   the CloudFront console, which includes both country names and codes.
grItems :: Lens' GeoRestriction [Text]

-- | The method that you want to use to restrict distribution of your
--   content by country: * <tt>none</tt> : No geo restriction is enabled,
--   meaning access to content is not restricted by client geo location. *
--   <tt>blacklist</tt> : The <tt>Location</tt> elements specify the
--   countries in which you don't want CloudFront to distribute your
--   content. * <tt>whitelist</tt> : The <tt>Location</tt> elements specify
--   the countries in which you want CloudFront to distribute your content.
grRestrictionType :: Lens' GeoRestriction GeoRestrictionType

-- | When geo restriction is <tt>enabled</tt> , this is the number of
--   countries in your <tt>whitelist</tt> or <tt>blacklist</tt> .
--   Otherwise, when it is not enabled, <tt>Quantity</tt> is <tt>0</tt> ,
--   and you can omit <tt>Items</tt> .
grQuantity :: Lens' GeoRestriction Int

-- | A complex type that specifies the request headers, if any, that you
--   want CloudFront to base caching on for this cache behavior.
--   
--   For the headers that you specify, CloudFront caches separate versions
--   of a specified object based on the header values in viewer requests.
--   For example, suppose viewer requests for <tt>logo.jpg</tt> contain a
--   custom <tt>product</tt> header that has a value of either
--   <tt>acme</tt> or <tt>apex</tt> , and you configure CloudFront to cache
--   your content based on values in the <tt>product</tt> header.
--   CloudFront forwards the <tt>product</tt> header to the origin and
--   caches the response from the origin once for each header value. For
--   more information about caching based on header values, see <a>How
--   CloudFront Forwards and Caches Headers</a> in the <i>Amazon CloudFront
--   Developer Guide</i> .
--   
--   <i>See:</i> <a>headers</a> smart constructor.
data Headers

-- | Creates a value of <a>Headers</a> with the minimum fields required to
--   make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>hItems</a> - A list that contains one <tt>Name</tt> element for
--   each header that you want CloudFront to use for caching in this cache
--   behavior. If <tt>Quantity</tt> is <tt>0</tt> , omit <tt>Items</tt>
--   .</li>
--   <li><a>hQuantity</a> - The number of different headers that you want
--   CloudFront to base caching on for this cache behavior. You can
--   configure each cache behavior in a web distribution to do one of the
--   following: * <b>Forward all headers to your origin</b> : Specify
--   <tt>1</tt> for <tt>Quantity</tt> and <tt>*</tt> for <tt>Name</tt> .
--   <i>Important:</i> CloudFront doesn't cache the objects that are
--   associated with this cache behavior. Instead, CloudFront sends every
--   request to the origin. * <b>Forward a whitelist of headers you
--   specify</b> : Specify the number of headers that you want CloudFront
--   to base caching on. Then specify the header names in <tt>Name</tt>
--   elements. CloudFront caches your objects based on the values in the
--   specified headers. * <b>Forward only the default headers</b> : Specify
--   <tt>0</tt> for <tt>Quantity</tt> and omit <tt>Items</tt> . In this
--   configuration, CloudFront doesn't cache based on the values in the
--   request headers. Regardless of which option you choose, CloudFront
--   forwards headers to your origin based on whether the origin is an S3
--   bucket or a custom origin. See the following documentation: * <b>S3
--   bucket</b> : See <a>HTTP Request Headers That CloudFront Removes or
--   Updates</a> * <b>Custom origin</b> : See <a>HTTP Request Headers and
--   CloudFront Behavior</a></li>
--   </ul>
headers :: Int -> Headers

-- | A list that contains one <tt>Name</tt> element for each header that
--   you want CloudFront to use for caching in this cache behavior. If
--   <tt>Quantity</tt> is <tt>0</tt> , omit <tt>Items</tt> .
hItems :: Lens' Headers [Text]

-- | The number of different headers that you want CloudFront to base
--   caching on for this cache behavior. You can configure each cache
--   behavior in a web distribution to do one of the following: *
--   <b>Forward all headers to your origin</b> : Specify <tt>1</tt> for
--   <tt>Quantity</tt> and <tt>*</tt> for <tt>Name</tt> . <i>Important:</i>
--   CloudFront doesn't cache the objects that are associated with this
--   cache behavior. Instead, CloudFront sends every request to the origin.
--   * <b>Forward a whitelist of headers you specify</b> : Specify the
--   number of headers that you want CloudFront to base caching on. Then
--   specify the header names in <tt>Name</tt> elements. CloudFront caches
--   your objects based on the values in the specified headers. *
--   <b>Forward only the default headers</b> : Specify <tt>0</tt> for
--   <tt>Quantity</tt> and omit <tt>Items</tt> . In this configuration,
--   CloudFront doesn't cache based on the values in the request headers.
--   Regardless of which option you choose, CloudFront forwards headers to
--   your origin based on whether the origin is an S3 bucket or a custom
--   origin. See the following documentation: * <b>S3 bucket</b> : See
--   <a>HTTP Request Headers That CloudFront Removes or Updates</a> *
--   <b>Custom origin</b> : See <a>HTTP Request Headers and CloudFront
--   Behavior</a>
hQuantity :: Lens' Headers Int

-- | An invalidation.
--   
--   <i>See:</i> <a>invalidation</a> smart constructor.
data Invalidation

-- | Creates a value of <a>Invalidation</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>iId</a> - The identifier for the invalidation request. For
--   example: <tt>IDFDVBD632BHDS5</tt> .</li>
--   <li><a>iStatus</a> - The status of the invalidation request. When the
--   invalidation batch is finished, the status is <tt>Completed</tt>
--   .</li>
--   <li><a>iCreateTime</a> - The date and time the invalidation request
--   was first made.</li>
--   <li><a>iInvalidationBatch</a> - The current invalidation information
--   for the batch request.</li>
--   </ul>
invalidation :: Text -> Text -> UTCTime -> InvalidationBatch -> Invalidation

-- | The identifier for the invalidation request. For example:
--   <tt>IDFDVBD632BHDS5</tt> .
iId :: Lens' Invalidation Text

-- | The status of the invalidation request. When the invalidation batch is
--   finished, the status is <tt>Completed</tt> .
iStatus :: Lens' Invalidation Text

-- | The date and time the invalidation request was first made.
iCreateTime :: Lens' Invalidation UTCTime

-- | The current invalidation information for the batch request.
iInvalidationBatch :: Lens' Invalidation InvalidationBatch

-- | An invalidation batch.
--   
--   <i>See:</i> <a>invalidationBatch</a> smart constructor.
data InvalidationBatch

-- | Creates a value of <a>InvalidationBatch</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>ibPaths</a> - A complex type that contains information about
--   the objects that you want to invalidate. For more information, see
--   <a>Specifying the Objects to Invalidate</a> in the <i>Amazon
--   CloudFront Developer Guide</i> .</li>
--   <li><a>ibCallerReference</a> - A value that you specify to uniquely
--   identify an invalidation request. CloudFront uses the value to prevent
--   you from accidentally resubmitting an identical request. Whenever you
--   create a new invalidation request, you must specify a new value for
--   <tt>CallerReference</tt> and change other values in the request as
--   applicable. One way to ensure that the value of
--   <tt>CallerReference</tt> is unique is to use a <tt>timestamp</tt> ,
--   for example, <tt>20120301090000</tt> . If you make a second
--   invalidation request with the same value for <tt>CallerReference</tt>
--   , and if the rest of the request is the same, CloudFront doesn't
--   create a new invalidation request. Instead, CloudFront returns
--   information about the invalidation request that you previously created
--   with the same <tt>CallerReference</tt> . If <tt>CallerReference</tt>
--   is a value you already sent in a previous invalidation batch request
--   but the content of any <tt>Path</tt> is different from the original
--   request, CloudFront returns an <tt>InvalidationBatchAlreadyExists</tt>
--   error.</li>
--   </ul>
invalidationBatch :: Paths -> Text -> InvalidationBatch

-- | A complex type that contains information about the objects that you
--   want to invalidate. For more information, see <a>Specifying the
--   Objects to Invalidate</a> in the <i>Amazon CloudFront Developer
--   Guide</i> .
ibPaths :: Lens' InvalidationBatch Paths

-- | A value that you specify to uniquely identify an invalidation request.
--   CloudFront uses the value to prevent you from accidentally
--   resubmitting an identical request. Whenever you create a new
--   invalidation request, you must specify a new value for
--   <tt>CallerReference</tt> and change other values in the request as
--   applicable. One way to ensure that the value of
--   <tt>CallerReference</tt> is unique is to use a <tt>timestamp</tt> ,
--   for example, <tt>20120301090000</tt> . If you make a second
--   invalidation request with the same value for <tt>CallerReference</tt>
--   , and if the rest of the request is the same, CloudFront doesn't
--   create a new invalidation request. Instead, CloudFront returns
--   information about the invalidation request that you previously created
--   with the same <tt>CallerReference</tt> . If <tt>CallerReference</tt>
--   is a value you already sent in a previous invalidation batch request
--   but the content of any <tt>Path</tt> is different from the original
--   request, CloudFront returns an <tt>InvalidationBatchAlreadyExists</tt>
--   error.
ibCallerReference :: Lens' InvalidationBatch Text

-- | The <tt>InvalidationList</tt> complex type describes the list of
--   invalidation objects. For more information about invalidation, see
--   <a>Invalidating Objects (Web Distributions Only)</a> in the <i>Amazon
--   CloudFront Developer Guide</i> .
--   
--   <i>See:</i> <a>invalidationList</a> smart constructor.
data InvalidationList

-- | Creates a value of <a>InvalidationList</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>ilItems</a> - A complex type that contains one
--   <tt>InvalidationSummary</tt> element for each invalidation batch
--   created by the current AWS account.</li>
--   <li><a>ilNextMarker</a> - If <tt>IsTruncated</tt> is <tt>true</tt> ,
--   this element is present and contains the value that you can use for
--   the <tt>Marker</tt> request parameter to continue listing your
--   invalidation batches where they left off.</li>
--   <li><a>ilMarker</a> - The value that you provided for the
--   <tt>Marker</tt> request parameter.</li>
--   <li><a>ilMaxItems</a> - The value that you provided for the
--   <tt>MaxItems</tt> request parameter.</li>
--   <li><a>ilIsTruncated</a> - A flag that indicates whether more
--   invalidation batch requests remain to be listed. If your results were
--   truncated, you can make a follow-up pagination request using the
--   <tt>Marker</tt> request parameter to retrieve more invalidation
--   batches in the list.</li>
--   <li><a>ilQuantity</a> - The number of invalidation batches that were
--   created by the current AWS account.</li>
--   </ul>
invalidationList :: Text -> Int -> Bool -> Int -> InvalidationList

-- | A complex type that contains one <tt>InvalidationSummary</tt> element
--   for each invalidation batch created by the current AWS account.
ilItems :: Lens' InvalidationList [InvalidationSummary]

-- | If <tt>IsTruncated</tt> is <tt>true</tt> , this element is present and
--   contains the value that you can use for the <tt>Marker</tt> request
--   parameter to continue listing your invalidation batches where they
--   left off.
ilNextMarker :: Lens' InvalidationList (Maybe Text)

-- | The value that you provided for the <tt>Marker</tt> request parameter.
ilMarker :: Lens' InvalidationList Text

-- | The value that you provided for the <tt>MaxItems</tt> request
--   parameter.
ilMaxItems :: Lens' InvalidationList Int

-- | A flag that indicates whether more invalidation batch requests remain
--   to be listed. If your results were truncated, you can make a follow-up
--   pagination request using the <tt>Marker</tt> request parameter to
--   retrieve more invalidation batches in the list.
ilIsTruncated :: Lens' InvalidationList Bool

-- | The number of invalidation batches that were created by the current
--   AWS account.
ilQuantity :: Lens' InvalidationList Int

-- | A summary of an invalidation request.
--   
--   <i>See:</i> <a>invalidationSummary</a> smart constructor.
data InvalidationSummary

-- | Creates a value of <a>InvalidationSummary</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>isId</a> - The unique ID for an invalidation request.</li>
--   <li><a>isCreateTime</a> - Undocumented member.</li>
--   <li><a>isStatus</a> - The status of an invalidation request.</li>
--   </ul>
invalidationSummary :: Text -> UTCTime -> Text -> InvalidationSummary

-- | The unique ID for an invalidation request.
isId :: Lens' InvalidationSummary Text

-- | Undocumented member.
isCreateTime :: Lens' InvalidationSummary UTCTime

-- | The status of an invalidation request.
isStatus :: Lens' InvalidationSummary Text

-- | A complex type that lists the active CloudFront key pairs, if any,
--   that are associated with <tt>AwsAccountNumber</tt> .
--   
--   For more information, see <a>ActiveTrustedSigners</a> .
--   
--   <i>See:</i> <a>keyPairIds</a> smart constructor.
data KeyPairIds

-- | Creates a value of <a>KeyPairIds</a> with the minimum fields required
--   to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>kpiItems</a> - A complex type that lists the active CloudFront
--   key pairs, if any, that are associated with <tt>AwsAccountNumber</tt>
--   . For more information, see <a>ActiveTrustedSigners</a> .</li>
--   <li><a>kpiQuantity</a> - The number of active CloudFront key pairs for
--   <tt>AwsAccountNumber</tt> . For more information, see
--   <a>ActiveTrustedSigners</a> .</li>
--   </ul>
keyPairIds :: Int -> KeyPairIds

-- | A complex type that lists the active CloudFront key pairs, if any,
--   that are associated with <tt>AwsAccountNumber</tt> . For more
--   information, see <a>ActiveTrustedSigners</a> .
kpiItems :: Lens' KeyPairIds [Text]

-- | The number of active CloudFront key pairs for
--   <tt>AwsAccountNumber</tt> . For more information, see
--   <a>ActiveTrustedSigners</a> .
kpiQuantity :: Lens' KeyPairIds Int

-- | A complex type that contains a Lambda function association.
--   
--   <i>See:</i> <a>lambdaFunctionAssociation</a> smart constructor.
data LambdaFunctionAssociation

-- | Creates a value of <a>LambdaFunctionAssociation</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>lfaLambdaFunctionARN</a> - The ARN of the Lambda function. You
--   must specify the ARN of a function version; you can't specify a Lambda
--   alias or $LATEST.</li>
--   <li><a>lfaEventType</a> - Specifies the event type that triggers a
--   Lambda function invocation. You can specify the following values: *
--   <tt>viewer-request</tt> : The function executes when CloudFront
--   receives a request from a viewer and before it checks to see whether
--   the requested object is in the edge cache. * <tt>origin-request</tt> :
--   The function executes only when CloudFront forwards a request to your
--   origin. When the requested object is in the edge cache, the function
--   doesn't execute. * <tt>origin-response</tt> : The function executes
--   after CloudFront receives a response from the origin and before it
--   caches the object in the response. When the requested object is in the
--   edge cache, the function doesn't execute. If the origin returns an
--   HTTP status code other than HTTP 200 (OK), the function doesn't
--   execute. * <tt>viewer-response</tt> : The function executes before
--   CloudFront returns the requested object to the viewer. The function
--   executes regardless of whether the object was already in the edge
--   cache. If the origin returns an HTTP status code other than HTTP 200
--   (OK), the function doesn't execute.</li>
--   </ul>
lambdaFunctionAssociation :: Text -> EventType -> LambdaFunctionAssociation

-- | The ARN of the Lambda function. You must specify the ARN of a function
--   version; you can't specify a Lambda alias or $LATEST.
lfaLambdaFunctionARN :: Lens' LambdaFunctionAssociation Text

-- | Specifies the event type that triggers a Lambda function invocation.
--   You can specify the following values: * <tt>viewer-request</tt> : The
--   function executes when CloudFront receives a request from a viewer and
--   before it checks to see whether the requested object is in the edge
--   cache. * <tt>origin-request</tt> : The function executes only when
--   CloudFront forwards a request to your origin. When the requested
--   object is in the edge cache, the function doesn't execute. *
--   <tt>origin-response</tt> : The function executes after CloudFront
--   receives a response from the origin and before it caches the object in
--   the response. When the requested object is in the edge cache, the
--   function doesn't execute. If the origin returns an HTTP status code
--   other than HTTP 200 (OK), the function doesn't execute. *
--   <tt>viewer-response</tt> : The function executes before CloudFront
--   returns the requested object to the viewer. The function executes
--   regardless of whether the object was already in the edge cache. If the
--   origin returns an HTTP status code other than HTTP 200 (OK), the
--   function doesn't execute.
lfaEventType :: Lens' LambdaFunctionAssociation EventType

-- | A complex type that specifies a list of Lambda functions associations
--   for a cache behavior.
--   
--   If you want to invoke one or more Lambda functions triggered by
--   requests that match the <tt>PathPattern</tt> of the cache behavior,
--   specify the applicable values for <tt>Quantity</tt> and <tt>Items</tt>
--   . Note that there can be up to 4 <tt>LambdaFunctionAssociation</tt>
--   items in this list (one for each possible value of <tt>EventType</tt>
--   ) and each <tt>EventType</tt> can be associated with the Lambda
--   function only once.
--   
--   If you don't want to invoke any Lambda functions for the requests that
--   match <tt>PathPattern</tt> , specify <tt>0</tt> for <tt>Quantity</tt>
--   and omit <tt>Items</tt> .
--   
--   <i>See:</i> <a>lambdaFunctionAssociations</a> smart constructor.
data LambdaFunctionAssociations

-- | Creates a value of <a>LambdaFunctionAssociations</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>lfaItems</a> - <b>Optional</b> : A complex type that contains
--   <tt>LambdaFunctionAssociation</tt> items for this cache behavior. If
--   <tt>Quantity</tt> is <tt>0</tt> , you can omit <tt>Items</tt> .</li>
--   <li><a>lfaQuantity</a> - The number of Lambda function associations
--   for this cache behavior.</li>
--   </ul>
lambdaFunctionAssociations :: Int -> LambdaFunctionAssociations

-- | <b>Optional</b> : A complex type that contains
--   <tt>LambdaFunctionAssociation</tt> items for this cache behavior. If
--   <tt>Quantity</tt> is <tt>0</tt> , you can omit <tt>Items</tt> .
lfaItems :: Lens' LambdaFunctionAssociations [LambdaFunctionAssociation]

-- | The number of Lambda function associations for this cache behavior.
lfaQuantity :: Lens' LambdaFunctionAssociations Int

-- | A complex type that controls whether access logs are written for the
--   distribution.
--   
--   <i>See:</i> <a>loggingConfig</a> smart constructor.
data LoggingConfig

-- | Creates a value of <a>LoggingConfig</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>lcEnabled</a> - Specifies whether you want CloudFront to save
--   access logs to an Amazon S3 bucket. If you don't want to enable
--   logging when you create a distribution or if you want to disable
--   logging for an existing distribution, specify <tt>false</tt> for
--   <tt>Enabled</tt> , and specify empty <tt>Bucket</tt> and
--   <tt>Prefix</tt> elements. If you specify <tt>false</tt> for
--   <tt>Enabled</tt> but you specify values for <tt>Bucket</tt> ,
--   <tt>prefix</tt> , and <tt>IncludeCookies</tt> , the values are
--   automatically deleted.</li>
--   <li><a>lcIncludeCookies</a> - Specifies whether you want CloudFront to
--   include cookies in access logs, specify <tt>true</tt> for
--   <tt>IncludeCookies</tt> . If you choose to include cookies in logs,
--   CloudFront logs all cookies regardless of how you configure the cache
--   behaviors for this distribution. If you don't want to include cookies
--   when you create a distribution or if you want to disable include
--   cookies for an existing distribution, specify <tt>false</tt> for
--   <tt>IncludeCookies</tt> .</li>
--   <li><a>lcBucket</a> - The Amazon S3 bucket to store the access logs
--   in, for example, <tt>myawslogbucket.s3.amazonaws.com</tt> .</li>
--   <li><a>lcPrefix</a> - An optional string that you want CloudFront to
--   prefix to the access log <tt>filenames</tt> for this distribution, for
--   example, <tt>myprefix/</tt> . If you want to enable logging, but you
--   don't want to specify a prefix, you still must include an empty
--   <tt>Prefix</tt> element in the <tt>Logging</tt> element.</li>
--   </ul>
loggingConfig :: Bool -> Bool -> Text -> Text -> LoggingConfig

-- | Specifies whether you want CloudFront to save access logs to an Amazon
--   S3 bucket. If you don't want to enable logging when you create a
--   distribution or if you want to disable logging for an existing
--   distribution, specify <tt>false</tt> for <tt>Enabled</tt> , and
--   specify empty <tt>Bucket</tt> and <tt>Prefix</tt> elements. If you
--   specify <tt>false</tt> for <tt>Enabled</tt> but you specify values for
--   <tt>Bucket</tt> , <tt>prefix</tt> , and <tt>IncludeCookies</tt> , the
--   values are automatically deleted.
lcEnabled :: Lens' LoggingConfig Bool

-- | Specifies whether you want CloudFront to include cookies in access
--   logs, specify <tt>true</tt> for <tt>IncludeCookies</tt> . If you
--   choose to include cookies in logs, CloudFront logs all cookies
--   regardless of how you configure the cache behaviors for this
--   distribution. If you don't want to include cookies when you create a
--   distribution or if you want to disable include cookies for an existing
--   distribution, specify <tt>false</tt> for <tt>IncludeCookies</tt> .
lcIncludeCookies :: Lens' LoggingConfig Bool

-- | The Amazon S3 bucket to store the access logs in, for example,
--   <tt>myawslogbucket.s3.amazonaws.com</tt> .
lcBucket :: Lens' LoggingConfig Text

-- | An optional string that you want CloudFront to prefix to the access
--   log <tt>filenames</tt> for this distribution, for example,
--   <tt>myprefix/</tt> . If you want to enable logging, but you don't want
--   to specify a prefix, you still must include an empty <tt>Prefix</tt>
--   element in the <tt>Logging</tt> element.
lcPrefix :: Lens' LoggingConfig Text

-- | A complex type that describes the Amazon S3 bucket or the HTTP server
--   (for example, a web server) from which CloudFront gets your files. You
--   must create at least one origin.
--   
--   For the current limit on the number of origins that you can create for
--   a distribution, see <a>Amazon CloudFront Limits</a> in the <i>AWS
--   General Reference</i> .
--   
--   <i>See:</i> <a>origin</a> smart constructor.
data Origin

-- | Creates a value of <a>Origin</a> with the minimum fields required to
--   make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>oCustomHeaders</a> - A complex type that contains names and
--   values for the custom headers that you want.</li>
--   <li><a>oCustomOriginConfig</a> - A complex type that contains
--   information about a custom origin. If the origin is an Amazon S3
--   bucket, use the <tt>S3OriginConfig</tt> element instead.</li>
--   <li><a>oS3OriginConfig</a> - A complex type that contains information
--   about the Amazon S3 origin. If the origin is a custom origin, use the
--   <tt>CustomOriginConfig</tt> element instead.</li>
--   <li><a>oOriginPath</a> - An optional element that causes CloudFront to
--   request your content from a directory in your Amazon S3 bucket or your
--   custom origin. When you include the <tt>OriginPath</tt> element,
--   specify the directory name, beginning with a <tt>/</tt> . CloudFront
--   appends the directory name to the value of <tt>DomainName</tt> , for
--   example, <tt>example.com/production</tt> . Do not include a <tt>/</tt>
--   at the end of the directory name. For example, suppose you've
--   specified the following values for your distribution: *
--   <tt>DomainName</tt> : An Amazon S3 bucket named <tt>myawsbucket</tt> .
--   * <tt>OriginPath</tt> : <tt>/production</tt> * <tt>CNAME</tt> :
--   <tt>example.com</tt> When a user enters
--   <tt>example.com/index.html</tt> in a browser, CloudFront sends a
--   request to Amazon S3 for
--   <tt>myawsbucket<i>production</i>index.html</tt> . When a user enters
--   <tt>example.com<i>acme</i>index.html</tt> in a browser, CloudFront
--   sends a request to Amazon S3 for
--   <tt>myawsbucket<i>production</i>acme/index.html</tt> .</li>
--   <li><a>oId</a> - A unique identifier for the origin. The value of
--   <tt>Id</tt> must be unique within the distribution. When you specify
--   the value of <tt>TargetOriginId</tt> for the default cache behavior or
--   for another cache behavior, you indicate the origin to which you want
--   the cache behavior to route requests by specifying the value of the
--   <tt>Id</tt> element for that origin. When a request matches the path
--   pattern for that cache behavior, CloudFront routes the request to the
--   specified origin. For more information, see <a>Cache Behavior
--   Settings</a> in the <i>Amazon CloudFront Developer Guide</i> .</li>
--   <li><a>oDomainName</a> - <b>Amazon S3 origins</b> : The DNS name of
--   the Amazon S3 bucket from which you want CloudFront to get objects for
--   this origin, for example, <tt>myawsbucket.s3.amazonaws.com</tt> .
--   Constraints for Amazon S3 origins: * If you configured Amazon S3
--   Transfer Acceleration for your bucket, don't specify the
--   <tt>s3-accelerate</tt> endpoint for <tt>DomainName</tt> . * The bucket
--   name must be between 3 and 63 characters long (inclusive). * The
--   bucket name must contain only lowercase characters, numbers, periods,
--   underscores, and dashes. * The bucket name must not contain adjacent
--   periods. <b>Custom Origins</b> : The DNS domain name for the HTTP
--   server from which you want CloudFront to get objects for this origin,
--   for example, <tt>www.example.com</tt> . Constraints for custom
--   origins: * <tt>DomainName</tt> must be a valid DNS name that contains
--   only a-z, A-Z, 0-9, dot (.), hyphen (-), or underscore (_) characters.
--   * The name cannot exceed 128 characters.</li>
--   </ul>
origin :: Text -> Text -> Origin

-- | A complex type that contains names and values for the custom headers
--   that you want.
oCustomHeaders :: Lens' Origin (Maybe CustomHeaders)

-- | A complex type that contains information about a custom origin. If the
--   origin is an Amazon S3 bucket, use the <tt>S3OriginConfig</tt> element
--   instead.
oCustomOriginConfig :: Lens' Origin (Maybe CustomOriginConfig)

-- | A complex type that contains information about the Amazon S3 origin.
--   If the origin is a custom origin, use the <tt>CustomOriginConfig</tt>
--   element instead.
oS3OriginConfig :: Lens' Origin (Maybe S3OriginConfig)

-- | An optional element that causes CloudFront to request your content
--   from a directory in your Amazon S3 bucket or your custom origin. When
--   you include the <tt>OriginPath</tt> element, specify the directory
--   name, beginning with a <tt>/</tt> . CloudFront appends the directory
--   name to the value of <tt>DomainName</tt> , for example,
--   <tt>example.com/production</tt> . Do not include a <tt>/</tt> at the
--   end of the directory name. For example, suppose you've specified the
--   following values for your distribution: * <tt>DomainName</tt> : An
--   Amazon S3 bucket named <tt>myawsbucket</tt> . * <tt>OriginPath</tt> :
--   <tt>/production</tt> * <tt>CNAME</tt> : <tt>example.com</tt> When a
--   user enters <tt>example.com/index.html</tt> in a browser, CloudFront
--   sends a request to Amazon S3 for
--   <tt>myawsbucket<i>production</i>index.html</tt> . When a user enters
--   <tt>example.com<i>acme</i>index.html</tt> in a browser, CloudFront
--   sends a request to Amazon S3 for
--   <tt>myawsbucket<i>production</i>acme/index.html</tt> .
oOriginPath :: Lens' Origin (Maybe Text)

-- | A unique identifier for the origin. The value of <tt>Id</tt> must be
--   unique within the distribution. When you specify the value of
--   <tt>TargetOriginId</tt> for the default cache behavior or for another
--   cache behavior, you indicate the origin to which you want the cache
--   behavior to route requests by specifying the value of the <tt>Id</tt>
--   element for that origin. When a request matches the path pattern for
--   that cache behavior, CloudFront routes the request to the specified
--   origin. For more information, see <a>Cache Behavior Settings</a> in
--   the <i>Amazon CloudFront Developer Guide</i> .
oId :: Lens' Origin Text

-- | <b>Amazon S3 origins</b> : The DNS name of the Amazon S3 bucket from
--   which you want CloudFront to get objects for this origin, for example,
--   <tt>myawsbucket.s3.amazonaws.com</tt> . Constraints for Amazon S3
--   origins: * If you configured Amazon S3 Transfer Acceleration for your
--   bucket, don't specify the <tt>s3-accelerate</tt> endpoint for
--   <tt>DomainName</tt> . * The bucket name must be between 3 and 63
--   characters long (inclusive). * The bucket name must contain only
--   lowercase characters, numbers, periods, underscores, and dashes. * The
--   bucket name must not contain adjacent periods. <b>Custom Origins</b> :
--   The DNS domain name for the HTTP server from which you want CloudFront
--   to get objects for this origin, for example, <tt>www.example.com</tt>
--   . Constraints for custom origins: * <tt>DomainName</tt> must be a
--   valid DNS name that contains only a-z, A-Z, 0-9, dot (.), hyphen (-),
--   or underscore (_) characters. * The name cannot exceed 128 characters.
oDomainName :: Lens' Origin Text

-- | A complex type that contains <tt>HeaderName</tt> and
--   <tt>HeaderValue</tt> elements, if any, for this distribution.
--   
--   <i>See:</i> <a>originCustomHeader</a> smart constructor.
data OriginCustomHeader

-- | Creates a value of <a>OriginCustomHeader</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>ochHeaderName</a> - The name of a header that you want
--   CloudFront to forward to your origin. For more information, see
--   <a>Forwarding Custom Headers to Your Origin (Web Distributions
--   Only)</a> in the <i>Amazon Amazon CloudFront Developer Guide</i>
--   .</li>
--   <li><a>ochHeaderValue</a> - The value for the header that you
--   specified in the <tt>HeaderName</tt> field.</li>
--   </ul>
originCustomHeader :: Text -> Text -> OriginCustomHeader

-- | The name of a header that you want CloudFront to forward to your
--   origin. For more information, see <a>Forwarding Custom Headers to Your
--   Origin (Web Distributions Only)</a> in the <i>Amazon Amazon CloudFront
--   Developer Guide</i> .
ochHeaderName :: Lens' OriginCustomHeader Text

-- | The value for the header that you specified in the <tt>HeaderName</tt>
--   field.
ochHeaderValue :: Lens' OriginCustomHeader Text

-- | A complex type that contains information about the SSL/TLS protocols
--   that CloudFront can use when establishing an HTTPS connection with
--   your origin.
--   
--   <i>See:</i> <a>originSSLProtocols</a> smart constructor.
data OriginSSLProtocols

-- | Creates a value of <a>OriginSSLProtocols</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>ospQuantity</a> - The number of SSL/TLS protocols that you want
--   to allow CloudFront to use when establishing an HTTPS connection with
--   this origin.</li>
--   <li><a>ospItems</a> - A list that contains allowed SSL/TLS protocols
--   for this distribution.</li>
--   </ul>
originSSLProtocols :: Int -> OriginSSLProtocols

-- | The number of SSL/TLS protocols that you want to allow CloudFront to
--   use when establishing an HTTPS connection with this origin.
ospQuantity :: Lens' OriginSSLProtocols Int

-- | A list that contains allowed SSL/TLS protocols for this distribution.
ospItems :: Lens' OriginSSLProtocols [SSLProtocol]

-- | A complex type that contains information about origins for this
--   distribution.
--   
--   <i>See:</i> <a>origins</a> smart constructor.
data Origins

-- | Creates a value of <a>Origins</a> with the minimum fields required to
--   make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>oItems</a> - A complex type that contains origins for this
--   distribution.</li>
--   <li><a>oQuantity</a> - The number of origins for this
--   distribution.</li>
--   </ul>
origins :: Int -> Origins

-- | A complex type that contains origins for this distribution.
oItems :: Lens' Origins (Maybe (NonEmpty Origin))

-- | The number of origins for this distribution.
oQuantity :: Lens' Origins Int

-- | A complex type that contains information about the objects that you
--   want to invalidate. For more information, see <a>Specifying the
--   Objects to Invalidate</a> in the <i>Amazon CloudFront Developer
--   Guide</i> .
--   
--   <i>See:</i> <a>paths</a> smart constructor.
data Paths

-- | Creates a value of <a>Paths</a> with the minimum fields required to
--   make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>pItems</a> - A complex type that contains a list of the paths
--   that you want to invalidate.</li>
--   <li><a>pQuantity</a> - The number of objects that you want to
--   invalidate.</li>
--   </ul>
paths :: Int -> Paths

-- | A complex type that contains a list of the paths that you want to
--   invalidate.
pItems :: Lens' Paths [Text]

-- | The number of objects that you want to invalidate.
pQuantity :: Lens' Paths Int

-- | A complex data type of public keys you add to CloudFront to use with
--   features like field-level encryption.
--   
--   <i>See:</i> <a>publicKey</a> smart constructor.
data PublicKey

-- | Creates a value of <a>PublicKey</a> with the minimum fields required
--   to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>pkId</a> - A unique ID assigned to a public key you've added to
--   CloudFront.</li>
--   <li><a>pkCreatedTime</a> - A time you added a public key to
--   CloudFront.</li>
--   <li><a>pkPublicKeyConfig</a> - A complex data type for a public key
--   you add to CloudFront to use with features like field-level
--   encryption.</li>
--   </ul>
publicKey :: Text -> UTCTime -> PublicKeyConfig -> PublicKey

-- | A unique ID assigned to a public key you've added to CloudFront.
pkId :: Lens' PublicKey Text

-- | A time you added a public key to CloudFront.
pkCreatedTime :: Lens' PublicKey UTCTime

-- | A complex data type for a public key you add to CloudFront to use with
--   features like field-level encryption.
pkPublicKeyConfig :: Lens' PublicKey PublicKeyConfig

-- | Information about a public key you add to CloudFront to use with
--   features like field-level encryption.
--   
--   <i>See:</i> <a>publicKeyConfig</a> smart constructor.
data PublicKeyConfig

-- | Creates a value of <a>PublicKeyConfig</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>pkcComment</a> - An optional comment about a public key.</li>
--   <li><a>pkcCallerReference</a> - A unique number that ensures the
--   request can't be replayed.</li>
--   <li><a>pkcName</a> - The name for a public key you add to CloudFront
--   to use with features like field-level encryption.</li>
--   <li><a>pkcEncodedKey</a> - The encoded public key that you want to add
--   to CloudFront to use with features like field-level encryption.</li>
--   </ul>
publicKeyConfig :: Text -> Text -> Text -> PublicKeyConfig

-- | An optional comment about a public key.
pkcComment :: Lens' PublicKeyConfig (Maybe Text)

-- | A unique number that ensures the request can't be replayed.
pkcCallerReference :: Lens' PublicKeyConfig Text

-- | The name for a public key you add to CloudFront to use with features
--   like field-level encryption.
pkcName :: Lens' PublicKeyConfig Text

-- | The encoded public key that you want to add to CloudFront to use with
--   features like field-level encryption.
pkcEncodedKey :: Lens' PublicKeyConfig Text

-- | A list of public keys you've added to CloudFront to use with features
--   like field-level encryption.
--   
--   <i>See:</i> <a>publicKeyList</a> smart constructor.
data PublicKeyList

-- | Creates a value of <a>PublicKeyList</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>pklItems</a> - An array of information about a public key you
--   add to CloudFront to use with features like field-level
--   encryption.</li>
--   <li><a>pklNextMarker</a> - If there are more elements to be listed,
--   this element is present and contains the value that you can use for
--   the <tt>Marker</tt> request parameter to continue listing your public
--   keys where you left off.</li>
--   <li><a>pklMaxItems</a> - The maximum number of public keys you want in
--   the response body.</li>
--   <li><a>pklQuantity</a> - The number of public keys you added to
--   CloudFront to use with features like field-level encryption.</li>
--   </ul>
publicKeyList :: Int -> Int -> PublicKeyList

-- | An array of information about a public key you add to CloudFront to
--   use with features like field-level encryption.
pklItems :: Lens' PublicKeyList [PublicKeySummary]

-- | If there are more elements to be listed, this element is present and
--   contains the value that you can use for the <tt>Marker</tt> request
--   parameter to continue listing your public keys where you left off.
pklNextMarker :: Lens' PublicKeyList (Maybe Text)

-- | The maximum number of public keys you want in the response body.
pklMaxItems :: Lens' PublicKeyList Int

-- | The number of public keys you added to CloudFront to use with features
--   like field-level encryption.
pklQuantity :: Lens' PublicKeyList Int

-- | Public key information summary.
--   
--   <i>See:</i> <a>publicKeySummary</a> smart constructor.
data PublicKeySummary

-- | Creates a value of <a>PublicKeySummary</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>pksComment</a> - Comment for public key information
--   summary.</li>
--   <li><a>pksId</a> - ID for public key information summary.</li>
--   <li><a>pksName</a> - Name for public key information summary.</li>
--   <li><a>pksCreatedTime</a> - Creation time for public key information
--   summary.</li>
--   <li><a>pksEncodedKey</a> - Encoded key for public key information
--   summary.</li>
--   </ul>
publicKeySummary :: Text -> Text -> UTCTime -> Text -> PublicKeySummary

-- | Comment for public key information summary.
pksComment :: Lens' PublicKeySummary (Maybe Text)

-- | ID for public key information summary.
pksId :: Lens' PublicKeySummary Text

-- | Name for public key information summary.
pksName :: Lens' PublicKeySummary Text

-- | Creation time for public key information summary.
pksCreatedTime :: Lens' PublicKeySummary UTCTime

-- | Encoded key for public key information summary.
pksEncodedKey :: Lens' PublicKeySummary Text

-- | Query argument-profile mapping for field-level encryption.
--   
--   <i>See:</i> <a>queryArgProfile</a> smart constructor.
data QueryArgProfile

-- | Creates a value of <a>QueryArgProfile</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>qapQueryArg</a> - Query argument for field-level encryption
--   query argument-profile mapping.</li>
--   <li><a>qapProfileId</a> - ID of profile to use for field-level
--   encryption query argument-profile mapping</li>
--   </ul>
queryArgProfile :: Text -> Text -> QueryArgProfile

-- | Query argument for field-level encryption query argument-profile
--   mapping.
qapQueryArg :: Lens' QueryArgProfile Text

-- | ID of profile to use for field-level encryption query argument-profile
--   mapping
qapProfileId :: Lens' QueryArgProfile Text

-- | Configuration for query argument-profile mapping for field-level
--   encryption.
--   
--   <i>See:</i> <a>queryArgProfileConfig</a> smart constructor.
data QueryArgProfileConfig

-- | Creates a value of <a>QueryArgProfileConfig</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>qapcQueryArgProfiles</a> - Profiles specified for query
--   argument-profile mapping for field-level encryption.</li>
--   <li><a>qapcForwardWhenQueryArgProfileIsUnknown</a> - Flag to set if
--   you want a request to be forwarded to the origin even if the profile
--   specified by the field-level encryption query argument, fle-profile,
--   is unknown.</li>
--   </ul>
queryArgProfileConfig :: Bool -> QueryArgProfileConfig

-- | Profiles specified for query argument-profile mapping for field-level
--   encryption.
qapcQueryArgProfiles :: Lens' QueryArgProfileConfig (Maybe QueryArgProfiles)

-- | Flag to set if you want a request to be forwarded to the origin even
--   if the profile specified by the field-level encryption query argument,
--   fle-profile, is unknown.
qapcForwardWhenQueryArgProfileIsUnknown :: Lens' QueryArgProfileConfig Bool

-- | Query argument-profile mapping for field-level encryption.
--   
--   <i>See:</i> <a>queryArgProfiles</a> smart constructor.
data QueryArgProfiles

-- | Creates a value of <a>QueryArgProfiles</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>qapItems</a> - Number of items for query argument-profile
--   mapping for field-level encryption.</li>
--   <li><a>qapQuantity</a> - Number of profiles for query argument-profile
--   mapping for field-level encryption.</li>
--   </ul>
queryArgProfiles :: Int -> QueryArgProfiles

-- | Number of items for query argument-profile mapping for field-level
--   encryption.
qapItems :: Lens' QueryArgProfiles [QueryArgProfile]

-- | Number of profiles for query argument-profile mapping for field-level
--   encryption.
qapQuantity :: Lens' QueryArgProfiles Int

-- | <i>See:</i> <a>queryStringCacheKeys</a> smart constructor.
data QueryStringCacheKeys

-- | Creates a value of <a>QueryStringCacheKeys</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>qsckItems</a> - (Optional) A list that contains the query
--   string parameters that you want CloudFront to use as a basis for
--   caching for this cache behavior. If <tt>Quantity</tt> is 0, you can
--   omit <tt>Items</tt> .</li>
--   <li><a>qsckQuantity</a> - The number of <tt>whitelisted</tt> query
--   string parameters for this cache behavior.</li>
--   </ul>
queryStringCacheKeys :: Int -> QueryStringCacheKeys

-- | (Optional) A list that contains the query string parameters that you
--   want CloudFront to use as a basis for caching for this cache behavior.
--   If <tt>Quantity</tt> is 0, you can omit <tt>Items</tt> .
qsckItems :: Lens' QueryStringCacheKeys [Text]

-- | The number of <tt>whitelisted</tt> query string parameters for this
--   cache behavior.
qsckQuantity :: Lens' QueryStringCacheKeys Int

-- | A complex type that identifies ways in which you want to restrict
--   distribution of your content.
--   
--   <i>See:</i> <a>restrictions</a> smart constructor.
data Restrictions

-- | Creates a value of <a>Restrictions</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>rGeoRestriction</a> - Undocumented member.</li>
--   </ul>
restrictions :: GeoRestriction -> Restrictions

-- | Undocumented member.
rGeoRestriction :: Lens' Restrictions GeoRestriction

-- | A complex type that contains information about the Amazon S3 bucket
--   from which you want CloudFront to get your media files for
--   distribution.
--   
--   <i>See:</i> <a>s3Origin</a> smart constructor.
data S3Origin

-- | Creates a value of <a>S3Origin</a> with the minimum fields required to
--   make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>soDomainName</a> - The DNS name of the Amazon S3 origin.</li>
--   <li><a>soOriginAccessIdentity</a> - The CloudFront origin access
--   identity to associate with the RTMP distribution. Use an origin access
--   identity to configure the distribution so that end users can only
--   access objects in an Amazon S3 bucket through CloudFront. If you want
--   end users to be able to access objects using either the CloudFront URL
--   or the Amazon S3 URL, specify an empty <tt>OriginAccessIdentity</tt>
--   element. To delete the origin access identity from an existing
--   distribution, update the distribution configuration and include an
--   empty <tt>OriginAccessIdentity</tt> element. To replace the origin
--   access identity, update the distribution configuration and specify the
--   new origin access identity. For more information, see <a>Using an
--   Origin Access Identity to Restrict Access to Your Amazon S3
--   Content</a> in the <i>Amazon Amazon CloudFront Developer Guide</i>
--   .</li>
--   </ul>
s3Origin :: Text -> Text -> S3Origin

-- | The DNS name of the Amazon S3 origin.
soDomainName :: Lens' S3Origin Text

-- | The CloudFront origin access identity to associate with the RTMP
--   distribution. Use an origin access identity to configure the
--   distribution so that end users can only access objects in an Amazon S3
--   bucket through CloudFront. If you want end users to be able to access
--   objects using either the CloudFront URL or the Amazon S3 URL, specify
--   an empty <tt>OriginAccessIdentity</tt> element. To delete the origin
--   access identity from an existing distribution, update the distribution
--   configuration and include an empty <tt>OriginAccessIdentity</tt>
--   element. To replace the origin access identity, update the
--   distribution configuration and specify the new origin access identity.
--   For more information, see <a>Using an Origin Access Identity to
--   Restrict Access to Your Amazon S3 Content</a> in the <i>Amazon Amazon
--   CloudFront Developer Guide</i> .
soOriginAccessIdentity :: Lens' S3Origin Text

-- | A complex type that contains information about the Amazon S3 origin.
--   If the origin is a custom origin, use the <tt>CustomOriginConfig</tt>
--   element instead.
--   
--   <i>See:</i> <a>s3OriginConfig</a> smart constructor.
data S3OriginConfig

-- | Creates a value of <a>S3OriginConfig</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>socOriginAccessIdentity</a> - The CloudFront origin access
--   identity to associate with the origin. Use an origin access identity
--   to configure the origin so that viewers can <i>only</i> access objects
--   in an Amazon S3 bucket through CloudFront. The format of the value is:
--   origin-access-identity<i>cloudfront</i><i>ID-of-origin-access-identity</i>
--   where <tt><i>ID-of-origin-access-identity</i> </tt> is the value that
--   CloudFront returned in the <tt>ID</tt> element when you created the
--   origin access identity. If you want viewers to be able to access
--   objects using either the CloudFront URL or the Amazon S3 URL, specify
--   an empty <tt>OriginAccessIdentity</tt> element. To delete the origin
--   access identity from an existing distribution, update the distribution
--   configuration and include an empty <tt>OriginAccessIdentity</tt>
--   element. To replace the origin access identity, update the
--   distribution configuration and specify the new origin access identity.
--   For more information about the origin access identity, see <a>Serving
--   Private Content through CloudFront</a> in the <i>Amazon CloudFront
--   Developer Guide</i> .</li>
--   </ul>
s3OriginConfig :: Text -> S3OriginConfig

-- | The CloudFront origin access identity to associate with the origin.
--   Use an origin access identity to configure the origin so that viewers
--   can <i>only</i> access objects in an Amazon S3 bucket through
--   CloudFront. The format of the value is:
--   origin-access-identity<i>cloudfront</i><i>ID-of-origin-access-identity</i>
--   where <tt><i>ID-of-origin-access-identity</i> </tt> is the value that
--   CloudFront returned in the <tt>ID</tt> element when you created the
--   origin access identity. If you want viewers to be able to access
--   objects using either the CloudFront URL or the Amazon S3 URL, specify
--   an empty <tt>OriginAccessIdentity</tt> element. To delete the origin
--   access identity from an existing distribution, update the distribution
--   configuration and include an empty <tt>OriginAccessIdentity</tt>
--   element. To replace the origin access identity, update the
--   distribution configuration and specify the new origin access identity.
--   For more information about the origin access identity, see <a>Serving
--   Private Content through CloudFront</a> in the <i>Amazon CloudFront
--   Developer Guide</i> .
socOriginAccessIdentity :: Lens' S3OriginConfig Text

-- | A complex type that lists the AWS accounts that were included in the
--   <tt>TrustedSigners</tt> complex type, as well as their active
--   CloudFront key pair IDs, if any.
--   
--   <i>See:</i> <a>signer</a> smart constructor.
data Signer

-- | Creates a value of <a>Signer</a> with the minimum fields required to
--   make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>sAWSAccountNumber</a> - An AWS account that is included in the
--   <tt>TrustedSigners</tt> complex type for this RTMP distribution. Valid
--   values include: * <tt>self</tt> , which is the AWS account used to
--   create the distribution. * An AWS account number.</li>
--   <li><a>sKeyPairIds</a> - A complex type that lists the active
--   CloudFront key pairs, if any, that are associated with
--   <tt>AwsAccountNumber</tt> .</li>
--   </ul>
signer :: Signer

-- | An AWS account that is included in the <tt>TrustedSigners</tt> complex
--   type for this RTMP distribution. Valid values include: * <tt>self</tt>
--   , which is the AWS account used to create the distribution. * An AWS
--   account number.
sAWSAccountNumber :: Lens' Signer (Maybe Text)

-- | A complex type that lists the active CloudFront key pairs, if any,
--   that are associated with <tt>AwsAccountNumber</tt> .
sKeyPairIds :: Lens' Signer (Maybe KeyPairIds)

-- | A streaming distribution.
--   
--   <i>See:</i> <a>streamingDistribution</a> smart constructor.
data StreamingDistribution

-- | Creates a value of <a>StreamingDistribution</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>sdLastModifiedTime</a> - The date and time that the
--   distribution was last modified.</li>
--   <li><a>sdId</a> - The identifier for the RTMP distribution. For
--   example: <tt>EGTXBD79EXAMPLE</tt> .</li>
--   <li><a>sdARN</a> - Undocumented member.</li>
--   <li><a>sdStatus</a> - The current status of the RTMP distribution.
--   When the status is <tt>Deployed</tt> , the distribution's information
--   is propagated to all CloudFront edge locations.</li>
--   <li><a>sdDomainName</a> - The domain name that corresponds to the
--   streaming distribution, for example,
--   <tt>s5c39gqb8ow64r.cloudfront.net</tt> .</li>
--   <li><a>sdActiveTrustedSigners</a> - A complex type that lists the AWS
--   accounts, if any, that you included in the <tt>TrustedSigners</tt>
--   complex type for this distribution. These are the accounts that you
--   want to allow to create signed URLs for private content. The
--   <tt>Signer</tt> complex type lists the AWS account number of the
--   trusted signer or <tt>self</tt> if the signer is the AWS account that
--   created the distribution. The <tt>Signer</tt> element also includes
--   the IDs of any active CloudFront key pairs that are associated with
--   the trusted signer's AWS account. If no <tt>KeyPairId</tt> element
--   appears for a <tt>Signer</tt> , that signer can't create signed URLs.
--   For more information, see <a>Serving Private Content through
--   CloudFront</a> in the <i>Amazon CloudFront Developer Guide</i> .</li>
--   <li><a>sdStreamingDistributionConfig</a> - The current configuration
--   information for the RTMP distribution.</li>
--   </ul>
streamingDistribution :: Text -> Text -> Text -> Text -> ActiveTrustedSigners -> StreamingDistributionConfig -> StreamingDistribution

-- | The date and time that the distribution was last modified.
sdLastModifiedTime :: Lens' StreamingDistribution (Maybe UTCTime)

-- | The identifier for the RTMP distribution. For example:
--   <tt>EGTXBD79EXAMPLE</tt> .
sdId :: Lens' StreamingDistribution Text

-- | Undocumented member.
sdARN :: Lens' StreamingDistribution Text

-- | The current status of the RTMP distribution. When the status is
--   <tt>Deployed</tt> , the distribution's information is propagated to
--   all CloudFront edge locations.
sdStatus :: Lens' StreamingDistribution Text

-- | The domain name that corresponds to the streaming distribution, for
--   example, <tt>s5c39gqb8ow64r.cloudfront.net</tt> .
sdDomainName :: Lens' StreamingDistribution Text

-- | A complex type that lists the AWS accounts, if any, that you included
--   in the <tt>TrustedSigners</tt> complex type for this distribution.
--   These are the accounts that you want to allow to create signed URLs
--   for private content. The <tt>Signer</tt> complex type lists the AWS
--   account number of the trusted signer or <tt>self</tt> if the signer is
--   the AWS account that created the distribution. The <tt>Signer</tt>
--   element also includes the IDs of any active CloudFront key pairs that
--   are associated with the trusted signer's AWS account. If no
--   <tt>KeyPairId</tt> element appears for a <tt>Signer</tt> , that signer
--   can't create signed URLs. For more information, see <a>Serving Private
--   Content through CloudFront</a> in the <i>Amazon CloudFront Developer
--   Guide</i> .
sdActiveTrustedSigners :: Lens' StreamingDistribution ActiveTrustedSigners

-- | The current configuration information for the RTMP distribution.
sdStreamingDistributionConfig :: Lens' StreamingDistribution StreamingDistributionConfig

-- | The RTMP distribution's configuration information.
--   
--   <i>See:</i> <a>streamingDistributionConfig</a> smart constructor.
data StreamingDistributionConfig

-- | Creates a value of <a>StreamingDistributionConfig</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>sdcAliases</a> - A complex type that contains information about
--   CNAMEs (alternate domain names), if any, for this streaming
--   distribution.</li>
--   <li><a>sdcPriceClass</a> - A complex type that contains information
--   about price class for this streaming distribution.</li>
--   <li><a>sdcLogging</a> - A complex type that controls whether access
--   logs are written for the streaming distribution.</li>
--   <li><a>sdcCallerReference</a> - A unique number that ensures that the
--   request can't be replayed. If the <tt>CallerReference</tt> is new (no
--   matter the content of the <tt>StreamingDistributionConfig</tt>
--   object), a new streaming distribution is created. If the
--   <tt>CallerReference</tt> is a value that you already sent in a
--   previous request to create a streaming distribution, and the content
--   of the <tt>StreamingDistributionConfig</tt> is identical to the
--   original request (ignoring white space), the response includes the
--   same information returned to the original request. If the
--   <tt>CallerReference</tt> is a value that you already sent in a
--   previous request to create a streaming distribution but the content of
--   the <tt>StreamingDistributionConfig</tt> is different from the
--   original request, CloudFront returns a
--   <tt>DistributionAlreadyExists</tt> error.</li>
--   <li><a>sdcS3Origin</a> - A complex type that contains information
--   about the Amazon S3 bucket from which you want CloudFront to get your
--   media files for distribution.</li>
--   <li><a>sdcComment</a> - Any comments you want to include about the
--   streaming distribution.</li>
--   <li><a>sdcTrustedSigners</a> - A complex type that specifies any AWS
--   accounts that you want to permit to create signed URLs for private
--   content. If you want the distribution to use signed URLs, include this
--   element; if you want the distribution to use public URLs, remove this
--   element. For more information, see <a>Serving Private Content through
--   CloudFront</a> in the <i>Amazon CloudFront Developer Guide</i> .</li>
--   <li><a>sdcEnabled</a> - Whether the streaming distribution is enabled
--   to accept user requests for content.</li>
--   </ul>
streamingDistributionConfig :: Text -> S3Origin -> Text -> TrustedSigners -> Bool -> StreamingDistributionConfig

-- | A complex type that contains information about CNAMEs (alternate
--   domain names), if any, for this streaming distribution.
sdcAliases :: Lens' StreamingDistributionConfig (Maybe Aliases)

-- | A complex type that contains information about price class for this
--   streaming distribution.
sdcPriceClass :: Lens' StreamingDistributionConfig (Maybe PriceClass)

-- | A complex type that controls whether access logs are written for the
--   streaming distribution.
sdcLogging :: Lens' StreamingDistributionConfig (Maybe StreamingLoggingConfig)

-- | A unique number that ensures that the request can't be replayed. If
--   the <tt>CallerReference</tt> is new (no matter the content of the
--   <tt>StreamingDistributionConfig</tt> object), a new streaming
--   distribution is created. If the <tt>CallerReference</tt> is a value
--   that you already sent in a previous request to create a streaming
--   distribution, and the content of the
--   <tt>StreamingDistributionConfig</tt> is identical to the original
--   request (ignoring white space), the response includes the same
--   information returned to the original request. If the
--   <tt>CallerReference</tt> is a value that you already sent in a
--   previous request to create a streaming distribution but the content of
--   the <tt>StreamingDistributionConfig</tt> is different from the
--   original request, CloudFront returns a
--   <tt>DistributionAlreadyExists</tt> error.
sdcCallerReference :: Lens' StreamingDistributionConfig Text

-- | A complex type that contains information about the Amazon S3 bucket
--   from which you want CloudFront to get your media files for
--   distribution.
sdcS3Origin :: Lens' StreamingDistributionConfig S3Origin

-- | Any comments you want to include about the streaming distribution.
sdcComment :: Lens' StreamingDistributionConfig Text

-- | A complex type that specifies any AWS accounts that you want to permit
--   to create signed URLs for private content. If you want the
--   distribution to use signed URLs, include this element; if you want the
--   distribution to use public URLs, remove this element. For more
--   information, see <a>Serving Private Content through CloudFront</a> in
--   the <i>Amazon CloudFront Developer Guide</i> .
sdcTrustedSigners :: Lens' StreamingDistributionConfig TrustedSigners

-- | Whether the streaming distribution is enabled to accept user requests
--   for content.
sdcEnabled :: Lens' StreamingDistributionConfig Bool

-- | A streaming distribution Configuration and a list of tags to be
--   associated with the streaming distribution.
--   
--   <i>See:</i> <a>streamingDistributionConfigWithTags</a> smart
--   constructor.
data StreamingDistributionConfigWithTags

-- | Creates a value of <a>StreamingDistributionConfigWithTags</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>sdcwtStreamingDistributionConfig</a> - A streaming distribution
--   Configuration.</li>
--   <li><a>sdcwtTags</a> - A complex type that contains zero or more
--   <tt>Tag</tt> elements.</li>
--   </ul>
streamingDistributionConfigWithTags :: StreamingDistributionConfig -> Tags -> StreamingDistributionConfigWithTags

-- | A streaming distribution Configuration.
sdcwtStreamingDistributionConfig :: Lens' StreamingDistributionConfigWithTags StreamingDistributionConfig

-- | A complex type that contains zero or more <tt>Tag</tt> elements.
sdcwtTags :: Lens' StreamingDistributionConfigWithTags Tags

-- | A streaming distribution list.
--   
--   <i>See:</i> <a>streamingDistributionList</a> smart constructor.
data StreamingDistributionList

-- | Creates a value of <a>StreamingDistributionList</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>sdlItems</a> - A complex type that contains one
--   <tt>StreamingDistributionSummary</tt> element for each distribution
--   that was created by the current AWS account.</li>
--   <li><a>sdlNextMarker</a> - If <tt>IsTruncated</tt> is <tt>true</tt> ,
--   this element is present and contains the value you can use for the
--   <tt>Marker</tt> request parameter to continue listing your RTMP
--   distributions where they left off.</li>
--   <li><a>sdlMarker</a> - The value you provided for the <tt>Marker</tt>
--   request parameter.</li>
--   <li><a>sdlMaxItems</a> - The value you provided for the
--   <tt>MaxItems</tt> request parameter.</li>
--   <li><a>sdlIsTruncated</a> - A flag that indicates whether more
--   streaming distributions remain to be listed. If your results were
--   truncated, you can make a follow-up pagination request using the
--   <tt>Marker</tt> request parameter to retrieve more distributions in
--   the list.</li>
--   <li><a>sdlQuantity</a> - The number of streaming distributions that
--   were created by the current AWS account.</li>
--   </ul>
streamingDistributionList :: Text -> Int -> Bool -> Int -> StreamingDistributionList

-- | A complex type that contains one <tt>StreamingDistributionSummary</tt>
--   element for each distribution that was created by the current AWS
--   account.
sdlItems :: Lens' StreamingDistributionList [StreamingDistributionSummary]

-- | If <tt>IsTruncated</tt> is <tt>true</tt> , this element is present and
--   contains the value you can use for the <tt>Marker</tt> request
--   parameter to continue listing your RTMP distributions where they left
--   off.
sdlNextMarker :: Lens' StreamingDistributionList (Maybe Text)

-- | The value you provided for the <tt>Marker</tt> request parameter.
sdlMarker :: Lens' StreamingDistributionList Text

-- | The value you provided for the <tt>MaxItems</tt> request parameter.
sdlMaxItems :: Lens' StreamingDistributionList Int

-- | A flag that indicates whether more streaming distributions remain to
--   be listed. If your results were truncated, you can make a follow-up
--   pagination request using the <tt>Marker</tt> request parameter to
--   retrieve more distributions in the list.
sdlIsTruncated :: Lens' StreamingDistributionList Bool

-- | The number of streaming distributions that were created by the current
--   AWS account.
sdlQuantity :: Lens' StreamingDistributionList Int

-- | A summary of the information for an Amazon CloudFront streaming
--   distribution.
--   
--   <i>See:</i> <a>streamingDistributionSummary</a> smart constructor.
data StreamingDistributionSummary

-- | Creates a value of <a>StreamingDistributionSummary</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>sdsId</a> - The identifier for the distribution, for example,
--   <tt>EDFDVBD632BHDS5</tt> .</li>
--   <li><a>sdsARN</a> - The ARN (Amazon Resource Name) for the streaming
--   distribution. For example:
--   <tt>arn:aws:cloudfront::123456789012:streaming-distribution/EDFDVBD632BHDS5</tt>
--   , where <tt>123456789012</tt> is your AWS account ID.</li>
--   <li><a>sdsStatus</a> - Indicates the current status of the
--   distribution. When the status is <tt>Deployed</tt> , the
--   distribution's information is fully propagated throughout the Amazon
--   CloudFront system.</li>
--   <li><a>sdsLastModifiedTime</a> - The date and time the distribution
--   was last modified.</li>
--   <li><a>sdsDomainName</a> - The domain name corresponding to the
--   distribution, for example, <tt>d111111abcdef8.cloudfront.net</tt>
--   .</li>
--   <li><a>sdsS3Origin</a> - A complex type that contains information
--   about the Amazon S3 bucket from which you want CloudFront to get your
--   media files for distribution.</li>
--   <li><a>sdsAliases</a> - A complex type that contains information about
--   CNAMEs (alternate domain names), if any, for this streaming
--   distribution.</li>
--   <li><a>sdsTrustedSigners</a> - A complex type that specifies the AWS
--   accounts, if any, that you want to allow to create signed URLs for
--   private content. If you want to require signed URLs in requests for
--   objects in the target origin that match the <tt>PathPattern</tt> for
--   this cache behavior, specify <tt>true</tt> for <tt>Enabled</tt> , and
--   specify the applicable values for <tt>Quantity</tt> and <tt>Items</tt>
--   .If you don't want to require signed URLs in requests for objects that
--   match <tt>PathPattern</tt> , specify <tt>false</tt> for
--   <tt>Enabled</tt> and <tt>0</tt> for <tt>Quantity</tt> . Omit
--   <tt>Items</tt> . To add, change, or remove one or more trusted
--   signers, change <tt>Enabled</tt> to <tt>true</tt> (if it's currently
--   <tt>false</tt> ), change <tt>Quantity</tt> as applicable, and specify
--   all of the trusted signers that you want to include in the updated
--   distribution.</li>
--   <li><a>sdsComment</a> - The comment originally specified when this
--   distribution was created.</li>
--   <li><a>sdsPriceClass</a> - Undocumented member.</li>
--   <li><a>sdsEnabled</a> - Whether the distribution is enabled to accept
--   end user requests for content.</li>
--   </ul>
streamingDistributionSummary :: Text -> Text -> Text -> UTCTime -> Text -> S3Origin -> Aliases -> TrustedSigners -> Text -> PriceClass -> Bool -> StreamingDistributionSummary

-- | The identifier for the distribution, for example,
--   <tt>EDFDVBD632BHDS5</tt> .
sdsId :: Lens' StreamingDistributionSummary Text

-- | The ARN (Amazon Resource Name) for the streaming distribution. For
--   example:
--   <tt>arn:aws:cloudfront::123456789012:streaming-distribution/EDFDVBD632BHDS5</tt>
--   , where <tt>123456789012</tt> is your AWS account ID.
sdsARN :: Lens' StreamingDistributionSummary Text

-- | Indicates the current status of the distribution. When the status is
--   <tt>Deployed</tt> , the distribution's information is fully propagated
--   throughout the Amazon CloudFront system.
sdsStatus :: Lens' StreamingDistributionSummary Text

-- | The date and time the distribution was last modified.
sdsLastModifiedTime :: Lens' StreamingDistributionSummary UTCTime

-- | The domain name corresponding to the distribution, for example,
--   <tt>d111111abcdef8.cloudfront.net</tt> .
sdsDomainName :: Lens' StreamingDistributionSummary Text

-- | A complex type that contains information about the Amazon S3 bucket
--   from which you want CloudFront to get your media files for
--   distribution.
sdsS3Origin :: Lens' StreamingDistributionSummary S3Origin

-- | A complex type that contains information about CNAMEs (alternate
--   domain names), if any, for this streaming distribution.
sdsAliases :: Lens' StreamingDistributionSummary Aliases

-- | A complex type that specifies the AWS accounts, if any, that you want
--   to allow to create signed URLs for private content. If you want to
--   require signed URLs in requests for objects in the target origin that
--   match the <tt>PathPattern</tt> for this cache behavior, specify
--   <tt>true</tt> for <tt>Enabled</tt> , and specify the applicable values
--   for <tt>Quantity</tt> and <tt>Items</tt> .If you don't want to require
--   signed URLs in requests for objects that match <tt>PathPattern</tt> ,
--   specify <tt>false</tt> for <tt>Enabled</tt> and <tt>0</tt> for
--   <tt>Quantity</tt> . Omit <tt>Items</tt> . To add, change, or remove
--   one or more trusted signers, change <tt>Enabled</tt> to <tt>true</tt>
--   (if it's currently <tt>false</tt> ), change <tt>Quantity</tt> as
--   applicable, and specify all of the trusted signers that you want to
--   include in the updated distribution.
sdsTrustedSigners :: Lens' StreamingDistributionSummary TrustedSigners

-- | The comment originally specified when this distribution was created.
sdsComment :: Lens' StreamingDistributionSummary Text

-- | Undocumented member.
sdsPriceClass :: Lens' StreamingDistributionSummary PriceClass

-- | Whether the distribution is enabled to accept end user requests for
--   content.
sdsEnabled :: Lens' StreamingDistributionSummary Bool

-- | A complex type that controls whether access logs are written for this
--   streaming distribution.
--   
--   <i>See:</i> <a>streamingLoggingConfig</a> smart constructor.
data StreamingLoggingConfig

-- | Creates a value of <a>StreamingLoggingConfig</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>slcEnabled</a> - Specifies whether you want CloudFront to save
--   access logs to an Amazon S3 bucket. If you don't want to enable
--   logging when you create a streaming distribution or if you want to
--   disable logging for an existing streaming distribution, specify
--   <tt>false</tt> for <tt>Enabled</tt> , and specify <tt>empty
--   Bucket</tt> and <tt>Prefix</tt> elements. If you specify
--   <tt>false</tt> for <tt>Enabled</tt> but you specify values for
--   <tt>Bucket</tt> and <tt>Prefix</tt> , the values are automatically
--   deleted.</li>
--   <li><a>slcBucket</a> - The Amazon S3 bucket to store the access logs
--   in, for example, <tt>myawslogbucket.s3.amazonaws.com</tt> .</li>
--   <li><a>slcPrefix</a> - An optional string that you want CloudFront to
--   prefix to the access log filenames for this streaming distribution,
--   for example, <tt>myprefix/</tt> . If you want to enable logging, but
--   you don't want to specify a prefix, you still must include an empty
--   <tt>Prefix</tt> element in the <tt>Logging</tt> element.</li>
--   </ul>
streamingLoggingConfig :: Bool -> Text -> Text -> StreamingLoggingConfig

-- | Specifies whether you want CloudFront to save access logs to an Amazon
--   S3 bucket. If you don't want to enable logging when you create a
--   streaming distribution or if you want to disable logging for an
--   existing streaming distribution, specify <tt>false</tt> for
--   <tt>Enabled</tt> , and specify <tt>empty Bucket</tt> and
--   <tt>Prefix</tt> elements. If you specify <tt>false</tt> for
--   <tt>Enabled</tt> but you specify values for <tt>Bucket</tt> and
--   <tt>Prefix</tt> , the values are automatically deleted.
slcEnabled :: Lens' StreamingLoggingConfig Bool

-- | The Amazon S3 bucket to store the access logs in, for example,
--   <tt>myawslogbucket.s3.amazonaws.com</tt> .
slcBucket :: Lens' StreamingLoggingConfig Text

-- | An optional string that you want CloudFront to prefix to the access
--   log filenames for this streaming distribution, for example,
--   <tt>myprefix/</tt> . If you want to enable logging, but you don't want
--   to specify a prefix, you still must include an empty <tt>Prefix</tt>
--   element in the <tt>Logging</tt> element.
slcPrefix :: Lens' StreamingLoggingConfig Text

-- | A complex type that contains <tt>Tag</tt> key and <tt>Tag</tt> value.
--   
--   <i>See:</i> <a>tag</a> smart constructor.
data Tag

-- | Creates a value of <a>Tag</a> with the minimum fields required to make
--   a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>tagValue</a> - A string that contains an optional <tt>Tag</tt>
--   value. The string length should be between 0 and 256 characters. Valid
--   characters include <tt>a-z</tt> , <tt>A-Z</tt> , <tt>0-9</tt> , space,
--   and the special characters <tt>_ - . : / = + </tt>@ .</li>
--   <li><a>tagKey</a> - A string that contains <tt>Tag</tt> key. The
--   string length should be between 1 and 128 characters. Valid characters
--   include <tt>a-z</tt> , <tt>A-Z</tt> , <tt>0-9</tt> , space, and the
--   special characters <tt>_ - . : / = + </tt>@ .</li>
--   </ul>
tag :: Text -> Tag

-- | A string that contains an optional <tt>Tag</tt> value. The string
--   length should be between 0 and 256 characters. Valid characters
--   include <tt>a-z</tt> , <tt>A-Z</tt> , <tt>0-9</tt> , space, and the
--   special characters <tt>_ - . : / = + </tt>@ .
tagValue :: Lens' Tag (Maybe Text)

-- | A string that contains <tt>Tag</tt> key. The string length should be
--   between 1 and 128 characters. Valid characters include <tt>a-z</tt> ,
--   <tt>A-Z</tt> , <tt>0-9</tt> , space, and the special characters <tt>_
--   - . : / = + </tt>@ .
tagKey :: Lens' Tag Text

-- | A complex type that contains zero or more <tt>Tag</tt> elements.
--   
--   <i>See:</i> <a>tagKeys</a> smart constructor.
data TagKeys

-- | Creates a value of <a>TagKeys</a> with the minimum fields required to
--   make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>tkItems</a> - A complex type that contains <tt>Tag</tt> key
--   elements.</li>
--   </ul>
tagKeys :: TagKeys

-- | A complex type that contains <tt>Tag</tt> key elements.
tkItems :: Lens' TagKeys [Text]

-- | A complex type that contains zero or more <tt>Tag</tt> elements.
--   
--   <i>See:</i> <a>tags</a> smart constructor.
data Tags

-- | Creates a value of <a>Tags</a> with the minimum fields required to
--   make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>tItems</a> - A complex type that contains <tt>Tag</tt>
--   elements.</li>
--   </ul>
tags :: Tags

-- | A complex type that contains <tt>Tag</tt> elements.
tItems :: Lens' Tags [Tag]

-- | A complex type that specifies the AWS accounts, if any, that you want
--   to allow to create signed URLs for private content.
--   
--   If you want to require signed URLs in requests for objects in the
--   target origin that match the <tt>PathPattern</tt> for this cache
--   behavior, specify <tt>true</tt> for <tt>Enabled</tt> , and specify the
--   applicable values for <tt>Quantity</tt> and <tt>Items</tt> . For more
--   information, see <a>Serving Private Content through CloudFront</a> in
--   the <i>Amazon Amazon CloudFront Developer Guide</i> .
--   
--   If you don't want to require signed URLs in requests for objects that
--   match <tt>PathPattern</tt> , specify <tt>false</tt> for
--   <tt>Enabled</tt> and <tt>0</tt> for <tt>Quantity</tt> . Omit
--   <tt>Items</tt> .
--   
--   To add, change, or remove one or more trusted signers, change
--   <tt>Enabled</tt> to <tt>true</tt> (if it's currently <tt>false</tt> ),
--   change <tt>Quantity</tt> as applicable, and specify all of the trusted
--   signers that you want to include in the updated distribution.
--   
--   For more information about updating the distribution configuration,
--   see <a>DistributionConfig</a> .
--   
--   <i>See:</i> <a>trustedSigners</a> smart constructor.
data TrustedSigners

-- | Creates a value of <a>TrustedSigners</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>tsItems</a> - <b>Optional</b> : A complex type that contains
--   trusted signers for this cache behavior. If <tt>Quantity</tt> is
--   <tt>0</tt> , you can omit <tt>Items</tt> .</li>
--   <li><a>tsEnabled</a> - Specifies whether you want to require viewers
--   to use signed URLs to access the files specified by
--   <tt>PathPattern</tt> and <tt>TargetOriginId</tt> .</li>
--   <li><a>tsQuantity</a> - The number of trusted signers for this cache
--   behavior.</li>
--   </ul>
trustedSigners :: Bool -> Int -> TrustedSigners

-- | <b>Optional</b> : A complex type that contains trusted signers for
--   this cache behavior. If <tt>Quantity</tt> is <tt>0</tt> , you can omit
--   <tt>Items</tt> .
tsItems :: Lens' TrustedSigners [Text]

-- | Specifies whether you want to require viewers to use signed URLs to
--   access the files specified by <tt>PathPattern</tt> and
--   <tt>TargetOriginId</tt> .
tsEnabled :: Lens' TrustedSigners Bool

-- | The number of trusted signers for this cache behavior.
tsQuantity :: Lens' TrustedSigners Int

-- | A complex type that specifies the following:
--   
--   <ul>
--   <li>Whether you want viewers to use HTTP or HTTPS to request your
--   objects.</li>
--   <li>If you want viewers to use HTTPS, whether you're using an
--   alternate domain name such as <tt>example.com</tt> or the CloudFront
--   domain name for your distribution, such as
--   <tt>d111111abcdef8.cloudfront.net</tt> .</li>
--   <li>If you're using an alternate domain name, whether AWS Certificate
--   Manager (ACM) provided the certificate, or you purchased a certificate
--   from a third-party certificate authority and imported it into ACM or
--   uploaded it to the IAM certificate store.</li>
--   </ul>
--   
--   You must specify only one of the following values:
--   
--   <ul>
--   <li>'ViewerCertificate$ACMCertificateArn'</li>
--   <li>'ViewerCertificate$IAMCertificateId'</li>
--   <li>'ViewerCertificate$CloudFrontDefaultCertificate'</li>
--   </ul>
--   
--   Don't specify <tt>false</tt> for <tt>CloudFrontDefaultCertificate</tt>
--   .
--   
--   <b>If you want viewers to use HTTP instead of HTTPS to request your
--   objects</b> : Specify the following value:
--   
--   <pre>
--   <a>CloudFrontDefaultCertificate</a>true<a>CloudFrontDefaultCertificate</a>
--   </pre>
--   
--   In addition, specify <tt>allow-all</tt> for
--   <tt>ViewerProtocolPolicy</tt> for all of your cache behaviors.
--   
--   <b>If you want viewers to use HTTPS to request your objects</b> :
--   Choose the type of certificate that you want to use based on whether
--   you're using an alternate domain name for your objects or the
--   CloudFront domain name:
--   
--   <ul>
--   <li><b>If you're using an alternate domain name, such as
--   example.com</b> : Specify one of the following values, depending on
--   whether ACM provided your certificate or you purchased your
--   certificate from third-party certificate authority:</li>
--   <li><tt><a>ACMCertificateArn</a><i>ARN for ACM SSL/TLS certificate</i>
--   <a>ACMCertificateArn</a></tt> where <tt><i>ARN for ACM SSL/TLS
--   certificate</i> </tt> is the ARN for the ACM SSL/TLS certificate that
--   you want to use for this distribution.</li>
--   <li><tt><a>IAMCertificateId</a><i>IAM certificate ID</i>
--   <a>IAMCertificateId</a></tt> where <tt><i>IAM certificate ID</i> </tt>
--   is the ID that IAM returned when you added the certificate to the IAM
--   certificate store.</li>
--   </ul>
--   
--   If you specify <tt>ACMCertificateArn</tt> or <tt>IAMCertificateId</tt>
--   , you must also specify a value for <tt>SSLSupportMethod</tt> .
--   
--   If you choose to use an ACM certificate or a certificate in the IAM
--   certificate store, we recommend that you use only an alternate domain
--   name in your object URLs (<tt><a>https://example.com/logo.jpg</a></tt>
--   ). If you use the domain name that is associated with your CloudFront
--   distribution (such as
--   <tt><a>https://d111111abcdef8.cloudfront.net/logo.jpg</a></tt> ) and
--   the viewer supports <tt>SNI</tt> , then CloudFront behaves normally.
--   However, if the browser does not support SNI, the user's experience
--   depends on the value that you choose for <tt>SSLSupportMethod</tt> :
--   
--   <ul>
--   <li><tt>vip</tt> : The viewer displays a warning because there is a
--   mismatch between the CloudFront domain name and the domain name in
--   your SSL/TLS certificate.</li>
--   <li><tt>sni-only</tt> : CloudFront drops the connection with the
--   browser without returning the object.</li>
--   <li><b>If you're using the CloudFront domain name for your
--   distribution, such as <tt>d111111abcdef8.cloudfront.net</tt> </b> :
--   Specify the following value:</li>
--   </ul>
--   
--   <pre>
--   <a>CloudFrontDefaultCertificate</a>true<a>CloudFrontDefaultCertificate</a>
--   </pre>
--   
--   If you want viewers to use HTTPS, you must also specify one of the
--   following values in your cache behaviors:
--   
--   <ul>
--   
--   <li><pre><a>ViewerProtocolPolicy</a>https-only<a>ViewerProtocolPolicy</a></pre></li>
--   
--   <li><pre><a>ViewerProtocolPolicy</a>redirect-to-https<a>ViewerProtocolPolicy</a></pre></li>
--   </ul>
--   
--   You can also optionally require that CloudFront use HTTPS to
--   communicate with your origin by specifying one of the following values
--   for the applicable origins:
--   
--   <ul>
--   
--   <li><pre><a>OriginProtocolPolicy</a>https-only<a>OriginProtocolPolicy</a></pre></li>
--   
--   <li><pre><a>OriginProtocolPolicy</a>match-viewer<a>OriginProtocolPolicy</a></pre></li>
--   </ul>
--   
--   For more information, see <a>Using Alternate Domain Names and
--   HTTPS</a> in the <i>Amazon CloudFront Developer Guide</i> .
--   
--   <i>See:</i> <a>viewerCertificate</a> smart constructor.
data ViewerCertificate

-- | Creates a value of <a>ViewerCertificate</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>vcSSLSupportMethod</a> - If you specify a value for
--   'ViewerCertificate$ACMCertificateArn' or for
--   'ViewerCertificate$IAMCertificateId' , you must also specify how you
--   want CloudFront to serve HTTPS requests: using a method that works for
--   all clients or one that works for most clients: * <tt>vip</tt> :
--   CloudFront uses dedicated IP addresses for your content and can
--   respond to HTTPS requests from any viewer. However, you will incur
--   additional monthly charges. * <tt>sni-only</tt> : CloudFront can
--   respond to HTTPS requests from viewers that support Server Name
--   Indication (SNI). All modern browsers support SNI, but some browsers
--   still in use don't support SNI. If some of your users' browsers don't
--   support SNI, we recommend that you do one of the following: * Use the
--   <tt>vip</tt> option (dedicated IP addresses) instead of
--   <tt>sni-only</tt> . * Use the CloudFront SSL<i>TLS certificate instead
--   of a custom certificate. This requires that you use the CloudFront
--   domain name of your distribution in the URLs for your objects, for
--   example, @https:</i><i>d111111abcdef8.cloudfront.net</i>logo.png<tt> .
--   * If you can control which browser your users use, upgrade the browser
--   to one that supports SNI. * Use HTTP instead of HTTPS. Don't specify a
--   value for </tt>SSLSupportMethod<tt> if you specified
--   </tt><a>CloudFrontDefaultCertificate</a>true<a>CloudFrontDefaultCertificate</a>@
--   . For more information, see <a>Using Alternate Domain Names and
--   HTTPS</a> in the <i>Amazon CloudFront Developer Guide</i> .</li>
--   <li><a>vcACMCertificateARN</a> - For information about how and when to
--   use <tt>ACMCertificateArn</tt> , see <a>ViewerCertificate</a> .</li>
--   <li><a>vcCertificateSource</a> - This field has been deprecated. Use
--   one of the following fields instead: *
--   'ViewerCertificate$ACMCertificateArn' *
--   'ViewerCertificate$IAMCertificateId' *
--   'ViewerCertificate$CloudFrontDefaultCertificate'</li>
--   <li><a>vcMinimumProtocolVersion</a> - Specify the security policy that
--   you want CloudFront to use for HTTPS connections. A security policy
--   determines two settings: * The minimum SSL<i>TLS protocol that
--   CloudFront uses to communicate with viewers * The cipher that
--   CloudFront uses to encrypt the content that it returns to viewers We
--   recommend that you specify <tt>TLSv1.1_2016</tt> unless your users are
--   using browsers or devices that do not support TLSv1.1 or later. When
--   both of the following are true, you must specify <tt>TLSv1</tt> or
--   later for the security policy: * You're using a custom certificate:
--   you specified a value for <tt>ACMCertificateArn</tt> or for
--   <tt>IAMCertificateId</tt> * You're using SNI: you specified
--   <tt>sni-only</tt> for <tt>SSLSupportMethod</tt> If you specify
--   <tt>true</tt> for <tt>CloudFrontDefaultCertificate</tt> , CloudFront
--   automatically sets the security policy to <tt>TLSv1</tt> regardless of
--   the value that you specify for <tt>MinimumProtocolVersion</tt> . For
--   information about the relationship between the security policy that
--   you choose and the protocols and ciphers that CloudFront uses to
--   communicate with viewers, see
--   &lt;http:</i><i>docs.aws.amazon.com</i>AmazonCloudFront<i>latest</i>DeveloperGuide<i>secure-connections-supported-viewer-protocols-ciphers.html#secure-connections-supported-ciphers
--   Supported SSL</i>TLS Protocols and Ciphers for Communication Between
--   Viewers and CloudFront&gt; in the <i>Amazon CloudFront Developer
--   Guide</i> .</li>
--   <li><a>vcCertificate</a> - This field has been deprecated. Use one of
--   the following fields instead: * 'ViewerCertificate$ACMCertificateArn'
--   * 'ViewerCertificate$IAMCertificateId' *
--   'ViewerCertificate$CloudFrontDefaultCertificate'</li>
--   <li><a>vcIAMCertificateId</a> - For information about how and when to
--   use <tt>IAMCertificateId</tt> , see <a>ViewerCertificate</a> .</li>
--   <li><a>vcCloudFrontDefaultCertificate</a> - For information about how
--   and when to use <tt>CloudFrontDefaultCertificate</tt> , see
--   <a>ViewerCertificate</a> .</li>
--   </ul>
viewerCertificate :: ViewerCertificate

-- | If you specify a value for 'ViewerCertificate$ACMCertificateArn' or
--   for 'ViewerCertificate$IAMCertificateId' , you must also specify how
--   you want CloudFront to serve HTTPS requests: using a method that works
--   for all clients or one that works for most clients: * <tt>vip</tt> :
--   CloudFront uses dedicated IP addresses for your content and can
--   respond to HTTPS requests from any viewer. However, you will incur
--   additional monthly charges. * <tt>sni-only</tt> : CloudFront can
--   respond to HTTPS requests from viewers that support Server Name
--   Indication (SNI). All modern browsers support SNI, but some browsers
--   still in use don't support SNI. If some of your users' browsers don't
--   support SNI, we recommend that you do one of the following: * Use the
--   <tt>vip</tt> option (dedicated IP addresses) instead of
--   <tt>sni-only</tt> . * Use the CloudFront SSL<i>TLS certificate instead
--   of a custom certificate. This requires that you use the CloudFront
--   domain name of your distribution in the URLs for your objects, for
--   example, @https:</i><i>d111111abcdef8.cloudfront.net</i>logo.png<tt> .
--   * If you can control which browser your users use, upgrade the browser
--   to one that supports SNI. * Use HTTP instead of HTTPS. Don't specify a
--   value for </tt>SSLSupportMethod<tt> if you specified
--   </tt><a>CloudFrontDefaultCertificate</a>true<a>CloudFrontDefaultCertificate</a>@
--   . For more information, see <a>Using Alternate Domain Names and
--   HTTPS</a> in the <i>Amazon CloudFront Developer Guide</i> .
vcSSLSupportMethod :: Lens' ViewerCertificate (Maybe SSLSupportMethod)

-- | For information about how and when to use <tt>ACMCertificateArn</tt> ,
--   see <a>ViewerCertificate</a> .
vcACMCertificateARN :: Lens' ViewerCertificate (Maybe Text)

-- | This field has been deprecated. Use one of the following fields
--   instead: * 'ViewerCertificate$ACMCertificateArn' *
--   'ViewerCertificate$IAMCertificateId' *
--   'ViewerCertificate$CloudFrontDefaultCertificate'
vcCertificateSource :: Lens' ViewerCertificate (Maybe CertificateSource)

-- | Specify the security policy that you want CloudFront to use for HTTPS
--   connections. A security policy determines two settings: * The minimum
--   SSL<i>TLS protocol that CloudFront uses to communicate with viewers *
--   The cipher that CloudFront uses to encrypt the content that it returns
--   to viewers We recommend that you specify <tt>TLSv1.1_2016</tt> unless
--   your users are using browsers or devices that do not support TLSv1.1
--   or later. When both of the following are true, you must specify
--   <tt>TLSv1</tt> or later for the security policy: * You're using a
--   custom certificate: you specified a value for
--   <tt>ACMCertificateArn</tt> or for <tt>IAMCertificateId</tt> * You're
--   using SNI: you specified <tt>sni-only</tt> for
--   <tt>SSLSupportMethod</tt> If you specify <tt>true</tt> for
--   <tt>CloudFrontDefaultCertificate</tt> , CloudFront automatically sets
--   the security policy to <tt>TLSv1</tt> regardless of the value that you
--   specify for <tt>MinimumProtocolVersion</tt> . For information about
--   the relationship between the security policy that you choose and the
--   protocols and ciphers that CloudFront uses to communicate with
--   viewers, see
--   &lt;http:</i><i>docs.aws.amazon.com</i>AmazonCloudFront<i>latest</i>DeveloperGuide<i>secure-connections-supported-viewer-protocols-ciphers.html#secure-connections-supported-ciphers
--   Supported SSL</i>TLS Protocols and Ciphers for Communication Between
--   Viewers and CloudFront&gt; in the <i>Amazon CloudFront Developer
--   Guide</i> .
vcMinimumProtocolVersion :: Lens' ViewerCertificate (Maybe MinimumProtocolVersion)

-- | This field has been deprecated. Use one of the following fields
--   instead: * 'ViewerCertificate$ACMCertificateArn' *
--   'ViewerCertificate$IAMCertificateId' *
--   'ViewerCertificate$CloudFrontDefaultCertificate'
vcCertificate :: Lens' ViewerCertificate (Maybe Text)

-- | For information about how and when to use <tt>IAMCertificateId</tt> ,
--   see <a>ViewerCertificate</a> .
vcIAMCertificateId :: Lens' ViewerCertificate (Maybe Text)

-- | For information about how and when to use
--   <tt>CloudFrontDefaultCertificate</tt> , see <a>ViewerCertificate</a> .
vcCloudFrontDefaultCertificate :: Lens' ViewerCertificate (Maybe Bool)


-- | Add tags to a CloudFront resource.
module Network.AWS.CloudFront.TagResource

-- | Creates a value of <a>TagResource</a> with the minimum fields required
--   to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>trResource</a> - An ARN of a CloudFront resource.</li>
--   <li><a>trTags</a> - A complex type that contains zero or more
--   <tt>Tag</tt> elements.</li>
--   </ul>
tagResource :: Text -> Tags -> TagResource

-- | The request to add tags to a CloudFront resource.
--   
--   <i>See:</i> <a>tagResource</a> smart constructor.
data TagResource

-- | An ARN of a CloudFront resource.
trResource :: Lens' TagResource Text

-- | A complex type that contains zero or more <tt>Tag</tt> elements.
trTags :: Lens' TagResource Tags

-- | Creates a value of <a>TagResourceResponse</a> with the minimum fields
--   required to make a request.
tagResourceResponse :: TagResourceResponse

-- | <i>See:</i> <a>tagResourceResponse</a> smart constructor.
data TagResourceResponse
instance GHC.Generics.Generic Network.AWS.CloudFront.TagResource.TagResourceResponse
instance Data.Data.Data Network.AWS.CloudFront.TagResource.TagResourceResponse
instance GHC.Show.Show Network.AWS.CloudFront.TagResource.TagResourceResponse
instance GHC.Read.Read Network.AWS.CloudFront.TagResource.TagResourceResponse
instance GHC.Classes.Eq Network.AWS.CloudFront.TagResource.TagResourceResponse
instance GHC.Generics.Generic Network.AWS.CloudFront.TagResource.TagResource
instance Data.Data.Data Network.AWS.CloudFront.TagResource.TagResource
instance GHC.Show.Show Network.AWS.CloudFront.TagResource.TagResource
instance GHC.Read.Read Network.AWS.CloudFront.TagResource.TagResource
instance GHC.Classes.Eq Network.AWS.CloudFront.TagResource.TagResource
instance Network.AWS.Types.AWSRequest Network.AWS.CloudFront.TagResource.TagResource
instance Control.DeepSeq.NFData Network.AWS.CloudFront.TagResource.TagResourceResponse
instance Data.Hashable.Class.Hashable Network.AWS.CloudFront.TagResource.TagResource
instance Control.DeepSeq.NFData Network.AWS.CloudFront.TagResource.TagResource
instance Network.AWS.Data.XML.ToElement Network.AWS.CloudFront.TagResource.TagResource
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CloudFront.TagResource.TagResource
instance Network.AWS.Data.Path.ToPath Network.AWS.CloudFront.TagResource.TagResource
instance Network.AWS.Data.Query.ToQuery Network.AWS.CloudFront.TagResource.TagResource


-- | List tags for a CloudFront resource.
module Network.AWS.CloudFront.ListTagsForResource

-- | Creates a value of <a>ListTagsForResource</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>ltfrResource</a> - An ARN of a CloudFront resource.</li>
--   </ul>
listTagsForResource :: Text -> ListTagsForResource

-- | The request to list tags for a CloudFront resource.
--   
--   <i>See:</i> <a>listTagsForResource</a> smart constructor.
data ListTagsForResource

-- | An ARN of a CloudFront resource.
ltfrResource :: Lens' ListTagsForResource Text

-- | Creates a value of <a>ListTagsForResourceResponse</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>ltfrrsResponseStatus</a> - -- | The response status code.</li>
--   <li><a>ltfrrsTags</a> - A complex type that contains zero or more
--   <tt>Tag</tt> elements.</li>
--   </ul>
listTagsForResourceResponse :: Int -> Tags -> ListTagsForResourceResponse

-- | The returned result of the corresponding request.
--   
--   <i>See:</i> <a>listTagsForResourceResponse</a> smart constructor.
data ListTagsForResourceResponse

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
ltfrrsResponseStatus :: Lens' ListTagsForResourceResponse Int

-- | A complex type that contains zero or more <tt>Tag</tt> elements.
ltfrrsTags :: Lens' ListTagsForResourceResponse Tags
instance GHC.Generics.Generic Network.AWS.CloudFront.ListTagsForResource.ListTagsForResourceResponse
instance Data.Data.Data Network.AWS.CloudFront.ListTagsForResource.ListTagsForResourceResponse
instance GHC.Show.Show Network.AWS.CloudFront.ListTagsForResource.ListTagsForResourceResponse
instance GHC.Read.Read Network.AWS.CloudFront.ListTagsForResource.ListTagsForResourceResponse
instance GHC.Classes.Eq Network.AWS.CloudFront.ListTagsForResource.ListTagsForResourceResponse
instance GHC.Generics.Generic Network.AWS.CloudFront.ListTagsForResource.ListTagsForResource
instance Data.Data.Data Network.AWS.CloudFront.ListTagsForResource.ListTagsForResource
instance GHC.Show.Show Network.AWS.CloudFront.ListTagsForResource.ListTagsForResource
instance GHC.Read.Read Network.AWS.CloudFront.ListTagsForResource.ListTagsForResource
instance GHC.Classes.Eq Network.AWS.CloudFront.ListTagsForResource.ListTagsForResource
instance Network.AWS.Types.AWSRequest Network.AWS.CloudFront.ListTagsForResource.ListTagsForResource
instance Control.DeepSeq.NFData Network.AWS.CloudFront.ListTagsForResource.ListTagsForResourceResponse
instance Data.Hashable.Class.Hashable Network.AWS.CloudFront.ListTagsForResource.ListTagsForResource
instance Control.DeepSeq.NFData Network.AWS.CloudFront.ListTagsForResource.ListTagsForResource
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CloudFront.ListTagsForResource.ListTagsForResource
instance Network.AWS.Data.Path.ToPath Network.AWS.CloudFront.ListTagsForResource.ListTagsForResource
instance Network.AWS.Data.Query.ToQuery Network.AWS.CloudFront.ListTagsForResource.ListTagsForResource


-- | List streaming distributions.
--   
--   This operation returns paginated results.
module Network.AWS.CloudFront.ListStreamingDistributions

-- | Creates a value of <a>ListStreamingDistributions</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>lsdMarker</a> - The value that you provided for the
--   <tt>Marker</tt> request parameter.</li>
--   <li><a>lsdMaxItems</a> - The value that you provided for the
--   <tt>MaxItems</tt> request parameter.</li>
--   </ul>
listStreamingDistributions :: ListStreamingDistributions

-- | The request to list your streaming distributions.
--   
--   <i>See:</i> <a>listStreamingDistributions</a> smart constructor.
data ListStreamingDistributions

-- | The value that you provided for the <tt>Marker</tt> request parameter.
lsdMarker :: Lens' ListStreamingDistributions (Maybe Text)

-- | The value that you provided for the <tt>MaxItems</tt> request
--   parameter.
lsdMaxItems :: Lens' ListStreamingDistributions (Maybe Text)

-- | Creates a value of <a>ListStreamingDistributionsResponse</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>lsdrsResponseStatus</a> - -- | The response status code.</li>
--   <li><a>lsdrsStreamingDistributionList</a> - The
--   <tt>StreamingDistributionList</tt> type.</li>
--   </ul>
listStreamingDistributionsResponse :: Int -> StreamingDistributionList -> ListStreamingDistributionsResponse

-- | The returned result of the corresponding request.
--   
--   <i>See:</i> <a>listStreamingDistributionsResponse</a> smart
--   constructor.
data ListStreamingDistributionsResponse

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
lsdrsResponseStatus :: Lens' ListStreamingDistributionsResponse Int

-- | The <tt>StreamingDistributionList</tt> type.
lsdrsStreamingDistributionList :: Lens' ListStreamingDistributionsResponse StreamingDistributionList
instance GHC.Generics.Generic Network.AWS.CloudFront.ListStreamingDistributions.ListStreamingDistributionsResponse
instance Data.Data.Data Network.AWS.CloudFront.ListStreamingDistributions.ListStreamingDistributionsResponse
instance GHC.Show.Show Network.AWS.CloudFront.ListStreamingDistributions.ListStreamingDistributionsResponse
instance GHC.Read.Read Network.AWS.CloudFront.ListStreamingDistributions.ListStreamingDistributionsResponse
instance GHC.Classes.Eq Network.AWS.CloudFront.ListStreamingDistributions.ListStreamingDistributionsResponse
instance GHC.Generics.Generic Network.AWS.CloudFront.ListStreamingDistributions.ListStreamingDistributions
instance Data.Data.Data Network.AWS.CloudFront.ListStreamingDistributions.ListStreamingDistributions
instance GHC.Show.Show Network.AWS.CloudFront.ListStreamingDistributions.ListStreamingDistributions
instance GHC.Read.Read Network.AWS.CloudFront.ListStreamingDistributions.ListStreamingDistributions
instance GHC.Classes.Eq Network.AWS.CloudFront.ListStreamingDistributions.ListStreamingDistributions
instance Network.AWS.Types.AWSRequest Network.AWS.CloudFront.ListStreamingDistributions.ListStreamingDistributions
instance Control.DeepSeq.NFData Network.AWS.CloudFront.ListStreamingDistributions.ListStreamingDistributionsResponse
instance Network.AWS.Pager.AWSPager Network.AWS.CloudFront.ListStreamingDistributions.ListStreamingDistributions
instance Data.Hashable.Class.Hashable Network.AWS.CloudFront.ListStreamingDistributions.ListStreamingDistributions
instance Control.DeepSeq.NFData Network.AWS.CloudFront.ListStreamingDistributions.ListStreamingDistributions
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CloudFront.ListStreamingDistributions.ListStreamingDistributions
instance Network.AWS.Data.Path.ToPath Network.AWS.CloudFront.ListStreamingDistributions.ListStreamingDistributions
instance Network.AWS.Data.Query.ToQuery Network.AWS.CloudFront.ListStreamingDistributions.ListStreamingDistributions


-- | List all public keys that have been added to CloudFront for this
--   account.
module Network.AWS.CloudFront.ListPublicKeys

-- | Creates a value of <a>ListPublicKeys</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>lpkMarker</a> - Use this when paginating results to indicate
--   where to begin in your list of public keys. The results include public
--   keys in the list that occur after the marker. To get the next page of
--   results, set the <tt>Marker</tt> to the value of the
--   <tt>NextMarker</tt> from the current page's response (which is also
--   the ID of the last public key on that page).</li>
--   <li><a>lpkMaxItems</a> - The maximum number of public keys you want in
--   the response body.</li>
--   </ul>
listPublicKeys :: ListPublicKeys

-- | <i>See:</i> <a>listPublicKeys</a> smart constructor.
data ListPublicKeys

-- | Use this when paginating results to indicate where to begin in your
--   list of public keys. The results include public keys in the list that
--   occur after the marker. To get the next page of results, set the
--   <tt>Marker</tt> to the value of the <tt>NextMarker</tt> from the
--   current page's response (which is also the ID of the last public key
--   on that page).
lpkMarker :: Lens' ListPublicKeys (Maybe Text)

-- | The maximum number of public keys you want in the response body.
lpkMaxItems :: Lens' ListPublicKeys (Maybe Text)

-- | Creates a value of <a>ListPublicKeysResponse</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>lpkrsPublicKeyList</a> - Returns a list of all public keys that
--   have been added to CloudFront for this account.</li>
--   <li><a>lpkrsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
listPublicKeysResponse :: Int -> ListPublicKeysResponse

-- | <i>See:</i> <a>listPublicKeysResponse</a> smart constructor.
data ListPublicKeysResponse

-- | Returns a list of all public keys that have been added to CloudFront
--   for this account.
lpkrsPublicKeyList :: Lens' ListPublicKeysResponse (Maybe PublicKeyList)

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
lpkrsResponseStatus :: Lens' ListPublicKeysResponse Int
instance GHC.Generics.Generic Network.AWS.CloudFront.ListPublicKeys.ListPublicKeysResponse
instance Data.Data.Data Network.AWS.CloudFront.ListPublicKeys.ListPublicKeysResponse
instance GHC.Show.Show Network.AWS.CloudFront.ListPublicKeys.ListPublicKeysResponse
instance GHC.Read.Read Network.AWS.CloudFront.ListPublicKeys.ListPublicKeysResponse
instance GHC.Classes.Eq Network.AWS.CloudFront.ListPublicKeys.ListPublicKeysResponse
instance GHC.Generics.Generic Network.AWS.CloudFront.ListPublicKeys.ListPublicKeys
instance Data.Data.Data Network.AWS.CloudFront.ListPublicKeys.ListPublicKeys
instance GHC.Show.Show Network.AWS.CloudFront.ListPublicKeys.ListPublicKeys
instance GHC.Read.Read Network.AWS.CloudFront.ListPublicKeys.ListPublicKeys
instance GHC.Classes.Eq Network.AWS.CloudFront.ListPublicKeys.ListPublicKeys
instance Network.AWS.Types.AWSRequest Network.AWS.CloudFront.ListPublicKeys.ListPublicKeys
instance Control.DeepSeq.NFData Network.AWS.CloudFront.ListPublicKeys.ListPublicKeysResponse
instance Data.Hashable.Class.Hashable Network.AWS.CloudFront.ListPublicKeys.ListPublicKeys
instance Control.DeepSeq.NFData Network.AWS.CloudFront.ListPublicKeys.ListPublicKeys
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CloudFront.ListPublicKeys.ListPublicKeys
instance Network.AWS.Data.Path.ToPath Network.AWS.CloudFront.ListPublicKeys.ListPublicKeys
instance Network.AWS.Data.Query.ToQuery Network.AWS.CloudFront.ListPublicKeys.ListPublicKeys


-- | Lists invalidation batches.
--   
--   This operation returns paginated results.
module Network.AWS.CloudFront.ListInvalidations

-- | Creates a value of <a>ListInvalidations</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>liMarker</a> - Use this parameter when paginating results to
--   indicate where to begin in your list of invalidation batches. Because
--   the results are returned in decreasing order from most recent to
--   oldest, the most recent results are on the first page, the second page
--   will contain earlier results, and so on. To get the next page of
--   results, set <tt>Marker</tt> to the value of the <tt>NextMarker</tt>
--   from the current page's response. This value is the same as the ID of
--   the last invalidation batch on that page.</li>
--   <li><a>liMaxItems</a> - The maximum number of invalidation batches
--   that you want in the response body.</li>
--   <li><a>liDistributionId</a> - The distribution's ID.</li>
--   </ul>
listInvalidations :: Text -> ListInvalidations

-- | The request to list invalidations.
--   
--   <i>See:</i> <a>listInvalidations</a> smart constructor.
data ListInvalidations

-- | Use this parameter when paginating results to indicate where to begin
--   in your list of invalidation batches. Because the results are returned
--   in decreasing order from most recent to oldest, the most recent
--   results are on the first page, the second page will contain earlier
--   results, and so on. To get the next page of results, set
--   <tt>Marker</tt> to the value of the <tt>NextMarker</tt> from the
--   current page's response. This value is the same as the ID of the last
--   invalidation batch on that page.
liMarker :: Lens' ListInvalidations (Maybe Text)

-- | The maximum number of invalidation batches that you want in the
--   response body.
liMaxItems :: Lens' ListInvalidations (Maybe Text)

-- | The distribution's ID.
liDistributionId :: Lens' ListInvalidations Text

-- | Creates a value of <a>ListInvalidationsResponse</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>lirsResponseStatus</a> - -- | The response status code.</li>
--   <li><a>lirsInvalidationList</a> - Information about invalidation
--   batches.</li>
--   </ul>
listInvalidationsResponse :: Int -> InvalidationList -> ListInvalidationsResponse

-- | The returned result of the corresponding request.
--   
--   <i>See:</i> <a>listInvalidationsResponse</a> smart constructor.
data ListInvalidationsResponse

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
lirsResponseStatus :: Lens' ListInvalidationsResponse Int

-- | Information about invalidation batches.
lirsInvalidationList :: Lens' ListInvalidationsResponse InvalidationList
instance GHC.Generics.Generic Network.AWS.CloudFront.ListInvalidations.ListInvalidationsResponse
instance Data.Data.Data Network.AWS.CloudFront.ListInvalidations.ListInvalidationsResponse
instance GHC.Show.Show Network.AWS.CloudFront.ListInvalidations.ListInvalidationsResponse
instance GHC.Read.Read Network.AWS.CloudFront.ListInvalidations.ListInvalidationsResponse
instance GHC.Classes.Eq Network.AWS.CloudFront.ListInvalidations.ListInvalidationsResponse
instance GHC.Generics.Generic Network.AWS.CloudFront.ListInvalidations.ListInvalidations
instance Data.Data.Data Network.AWS.CloudFront.ListInvalidations.ListInvalidations
instance GHC.Show.Show Network.AWS.CloudFront.ListInvalidations.ListInvalidations
instance GHC.Read.Read Network.AWS.CloudFront.ListInvalidations.ListInvalidations
instance GHC.Classes.Eq Network.AWS.CloudFront.ListInvalidations.ListInvalidations
instance Network.AWS.Types.AWSRequest Network.AWS.CloudFront.ListInvalidations.ListInvalidations
instance Control.DeepSeq.NFData Network.AWS.CloudFront.ListInvalidations.ListInvalidationsResponse
instance Network.AWS.Pager.AWSPager Network.AWS.CloudFront.ListInvalidations.ListInvalidations
instance Data.Hashable.Class.Hashable Network.AWS.CloudFront.ListInvalidations.ListInvalidations
instance Control.DeepSeq.NFData Network.AWS.CloudFront.ListInvalidations.ListInvalidations
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CloudFront.ListInvalidations.ListInvalidations
instance Network.AWS.Data.Path.ToPath Network.AWS.CloudFront.ListInvalidations.ListInvalidations
instance Network.AWS.Data.Query.ToQuery Network.AWS.CloudFront.ListInvalidations.ListInvalidations


-- | Request a list of field-level encryption profiles that have been
--   created in CloudFront for this account.
module Network.AWS.CloudFront.ListFieldLevelEncryptionProfiles

-- | Creates a value of <a>ListFieldLevelEncryptionProfiles</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>lflepMarker</a> - Use this when paginating results to indicate
--   where to begin in your list of profiles. The results include profiles
--   in the list that occur after the marker. To get the next page of
--   results, set the <tt>Marker</tt> to the value of the
--   <tt>NextMarker</tt> from the current page's response (which is also
--   the ID of the last profile on that page).</li>
--   <li><a>lflepMaxItems</a> - The maximum number of field-level
--   encryption profiles you want in the response body.</li>
--   </ul>
listFieldLevelEncryptionProfiles :: ListFieldLevelEncryptionProfiles

-- | <i>See:</i> <a>listFieldLevelEncryptionProfiles</a> smart constructor.
data ListFieldLevelEncryptionProfiles

-- | Use this when paginating results to indicate where to begin in your
--   list of profiles. The results include profiles in the list that occur
--   after the marker. To get the next page of results, set the
--   <tt>Marker</tt> to the value of the <tt>NextMarker</tt> from the
--   current page's response (which is also the ID of the last profile on
--   that page).
lflepMarker :: Lens' ListFieldLevelEncryptionProfiles (Maybe Text)

-- | The maximum number of field-level encryption profiles you want in the
--   response body.
lflepMaxItems :: Lens' ListFieldLevelEncryptionProfiles (Maybe Text)

-- | Creates a value of <a>ListFieldLevelEncryptionProfilesResponse</a>
--   with the minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>lfleprsFieldLevelEncryptionProfileList</a> - Returns a list of
--   the field-level encryption profiles that have been created in
--   CloudFront for this account.</li>
--   <li><a>lfleprsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
listFieldLevelEncryptionProfilesResponse :: Int -> ListFieldLevelEncryptionProfilesResponse

-- | <i>See:</i> <a>listFieldLevelEncryptionProfilesResponse</a> smart
--   constructor.
data ListFieldLevelEncryptionProfilesResponse

-- | Returns a list of the field-level encryption profiles that have been
--   created in CloudFront for this account.
lfleprsFieldLevelEncryptionProfileList :: Lens' ListFieldLevelEncryptionProfilesResponse (Maybe FieldLevelEncryptionProfileList)

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
lfleprsResponseStatus :: Lens' ListFieldLevelEncryptionProfilesResponse Int
instance GHC.Generics.Generic Network.AWS.CloudFront.ListFieldLevelEncryptionProfiles.ListFieldLevelEncryptionProfilesResponse
instance Data.Data.Data Network.AWS.CloudFront.ListFieldLevelEncryptionProfiles.ListFieldLevelEncryptionProfilesResponse
instance GHC.Show.Show Network.AWS.CloudFront.ListFieldLevelEncryptionProfiles.ListFieldLevelEncryptionProfilesResponse
instance GHC.Read.Read Network.AWS.CloudFront.ListFieldLevelEncryptionProfiles.ListFieldLevelEncryptionProfilesResponse
instance GHC.Classes.Eq Network.AWS.CloudFront.ListFieldLevelEncryptionProfiles.ListFieldLevelEncryptionProfilesResponse
instance GHC.Generics.Generic Network.AWS.CloudFront.ListFieldLevelEncryptionProfiles.ListFieldLevelEncryptionProfiles
instance Data.Data.Data Network.AWS.CloudFront.ListFieldLevelEncryptionProfiles.ListFieldLevelEncryptionProfiles
instance GHC.Show.Show Network.AWS.CloudFront.ListFieldLevelEncryptionProfiles.ListFieldLevelEncryptionProfiles
instance GHC.Read.Read Network.AWS.CloudFront.ListFieldLevelEncryptionProfiles.ListFieldLevelEncryptionProfiles
instance GHC.Classes.Eq Network.AWS.CloudFront.ListFieldLevelEncryptionProfiles.ListFieldLevelEncryptionProfiles
instance Network.AWS.Types.AWSRequest Network.AWS.CloudFront.ListFieldLevelEncryptionProfiles.ListFieldLevelEncryptionProfiles
instance Control.DeepSeq.NFData Network.AWS.CloudFront.ListFieldLevelEncryptionProfiles.ListFieldLevelEncryptionProfilesResponse
instance Data.Hashable.Class.Hashable Network.AWS.CloudFront.ListFieldLevelEncryptionProfiles.ListFieldLevelEncryptionProfiles
instance Control.DeepSeq.NFData Network.AWS.CloudFront.ListFieldLevelEncryptionProfiles.ListFieldLevelEncryptionProfiles
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CloudFront.ListFieldLevelEncryptionProfiles.ListFieldLevelEncryptionProfiles
instance Network.AWS.Data.Path.ToPath Network.AWS.CloudFront.ListFieldLevelEncryptionProfiles.ListFieldLevelEncryptionProfiles
instance Network.AWS.Data.Query.ToQuery Network.AWS.CloudFront.ListFieldLevelEncryptionProfiles.ListFieldLevelEncryptionProfiles


-- | List all field-level encryption configurations that have been created
--   in CloudFront for this account.
module Network.AWS.CloudFront.ListFieldLevelEncryptionConfigs

-- | Creates a value of <a>ListFieldLevelEncryptionConfigs</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>lflecMarker</a> - Use this when paginating results to indicate
--   where to begin in your list of configurations. The results include
--   configurations in the list that occur after the marker. To get the
--   next page of results, set the <tt>Marker</tt> to the value of the
--   <tt>NextMarker</tt> from the current page's response (which is also
--   the ID of the last configuration on that page).</li>
--   <li><a>lflecMaxItems</a> - The maximum number of field-level
--   encryption configurations you want in the response body.</li>
--   </ul>
listFieldLevelEncryptionConfigs :: ListFieldLevelEncryptionConfigs

-- | <i>See:</i> <a>listFieldLevelEncryptionConfigs</a> smart constructor.
data ListFieldLevelEncryptionConfigs

-- | Use this when paginating results to indicate where to begin in your
--   list of configurations. The results include configurations in the list
--   that occur after the marker. To get the next page of results, set the
--   <tt>Marker</tt> to the value of the <tt>NextMarker</tt> from the
--   current page's response (which is also the ID of the last
--   configuration on that page).
lflecMarker :: Lens' ListFieldLevelEncryptionConfigs (Maybe Text)

-- | The maximum number of field-level encryption configurations you want
--   in the response body.
lflecMaxItems :: Lens' ListFieldLevelEncryptionConfigs (Maybe Text)

-- | Creates a value of <a>ListFieldLevelEncryptionConfigsResponse</a> with
--   the minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>lflecrsFieldLevelEncryptionList</a> - Returns a list of all
--   field-level encryption configurations that have been created in
--   CloudFront for this account.</li>
--   <li><a>lflecrsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
listFieldLevelEncryptionConfigsResponse :: Int -> ListFieldLevelEncryptionConfigsResponse

-- | <i>See:</i> <a>listFieldLevelEncryptionConfigsResponse</a> smart
--   constructor.
data ListFieldLevelEncryptionConfigsResponse

-- | Returns a list of all field-level encryption configurations that have
--   been created in CloudFront for this account.
lflecrsFieldLevelEncryptionList :: Lens' ListFieldLevelEncryptionConfigsResponse (Maybe FieldLevelEncryptionList)

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
lflecrsResponseStatus :: Lens' ListFieldLevelEncryptionConfigsResponse Int
instance GHC.Generics.Generic Network.AWS.CloudFront.ListFieldLevelEncryptionConfigs.ListFieldLevelEncryptionConfigsResponse
instance Data.Data.Data Network.AWS.CloudFront.ListFieldLevelEncryptionConfigs.ListFieldLevelEncryptionConfigsResponse
instance GHC.Show.Show Network.AWS.CloudFront.ListFieldLevelEncryptionConfigs.ListFieldLevelEncryptionConfigsResponse
instance GHC.Read.Read Network.AWS.CloudFront.ListFieldLevelEncryptionConfigs.ListFieldLevelEncryptionConfigsResponse
instance GHC.Classes.Eq Network.AWS.CloudFront.ListFieldLevelEncryptionConfigs.ListFieldLevelEncryptionConfigsResponse
instance GHC.Generics.Generic Network.AWS.CloudFront.ListFieldLevelEncryptionConfigs.ListFieldLevelEncryptionConfigs
instance Data.Data.Data Network.AWS.CloudFront.ListFieldLevelEncryptionConfigs.ListFieldLevelEncryptionConfigs
instance GHC.Show.Show Network.AWS.CloudFront.ListFieldLevelEncryptionConfigs.ListFieldLevelEncryptionConfigs
instance GHC.Read.Read Network.AWS.CloudFront.ListFieldLevelEncryptionConfigs.ListFieldLevelEncryptionConfigs
instance GHC.Classes.Eq Network.AWS.CloudFront.ListFieldLevelEncryptionConfigs.ListFieldLevelEncryptionConfigs
instance Network.AWS.Types.AWSRequest Network.AWS.CloudFront.ListFieldLevelEncryptionConfigs.ListFieldLevelEncryptionConfigs
instance Control.DeepSeq.NFData Network.AWS.CloudFront.ListFieldLevelEncryptionConfigs.ListFieldLevelEncryptionConfigsResponse
instance Data.Hashable.Class.Hashable Network.AWS.CloudFront.ListFieldLevelEncryptionConfigs.ListFieldLevelEncryptionConfigs
instance Control.DeepSeq.NFData Network.AWS.CloudFront.ListFieldLevelEncryptionConfigs.ListFieldLevelEncryptionConfigs
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CloudFront.ListFieldLevelEncryptionConfigs.ListFieldLevelEncryptionConfigs
instance Network.AWS.Data.Path.ToPath Network.AWS.CloudFront.ListFieldLevelEncryptionConfigs.ListFieldLevelEncryptionConfigs
instance Network.AWS.Data.Query.ToQuery Network.AWS.CloudFront.ListFieldLevelEncryptionConfigs.ListFieldLevelEncryptionConfigs


-- | List the distributions that are associated with a specified AWS WAF
--   web ACL.
module Network.AWS.CloudFront.ListDistributionsByWebACLId

-- | Creates a value of <a>ListDistributionsByWebACLId</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>ldbwaiMarker</a> - Use <tt>Marker</tt> and <tt>MaxItems</tt> to
--   control pagination of results. If you have more than <tt>MaxItems</tt>
--   distributions that satisfy the request, the response includes a
--   <tt>NextMarker</tt> element. To get the next page of results, submit
--   another request. For the value of <tt>Marker</tt> , specify the value
--   of <tt>NextMarker</tt> from the last response. (For the first request,
--   omit <tt>Marker</tt> .)</li>
--   <li><a>ldbwaiMaxItems</a> - The maximum number of distributions that
--   you want CloudFront to return in the response body. The maximum and
--   default values are both 100.</li>
--   <li><a>ldbwaiWebACLId</a> - The ID of the AWS WAF web ACL that you
--   want to list the associated distributions. If you specify "null" for
--   the ID, the request returns a list of the distributions that aren't
--   associated with a web ACL.</li>
--   </ul>
listDistributionsByWebACLId :: Text -> ListDistributionsByWebACLId

-- | The request to list distributions that are associated with a specified
--   AWS WAF web ACL.
--   
--   <i>See:</i> <a>listDistributionsByWebACLId</a> smart constructor.
data ListDistributionsByWebACLId

-- | Use <tt>Marker</tt> and <tt>MaxItems</tt> to control pagination of
--   results. If you have more than <tt>MaxItems</tt> distributions that
--   satisfy the request, the response includes a <tt>NextMarker</tt>
--   element. To get the next page of results, submit another request. For
--   the value of <tt>Marker</tt> , specify the value of
--   <tt>NextMarker</tt> from the last response. (For the first request,
--   omit <tt>Marker</tt> .)
ldbwaiMarker :: Lens' ListDistributionsByWebACLId (Maybe Text)

-- | The maximum number of distributions that you want CloudFront to return
--   in the response body. The maximum and default values are both 100.
ldbwaiMaxItems :: Lens' ListDistributionsByWebACLId (Maybe Text)

-- | The ID of the AWS WAF web ACL that you want to list the associated
--   distributions. If you specify "null" for the ID, the request returns a
--   list of the distributions that aren't associated with a web ACL.
ldbwaiWebACLId :: Lens' ListDistributionsByWebACLId Text

-- | Creates a value of <a>ListDistributionsByWebACLIdResponse</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>ldbwairsDistributionList</a> - The <tt>DistributionList</tt>
--   type.</li>
--   <li><a>ldbwairsResponseStatus</a> - -- | The response status
--   code.</li>
--   </ul>
listDistributionsByWebACLIdResponse :: Int -> ListDistributionsByWebACLIdResponse

-- | The response to a request to list the distributions that are
--   associated with a specified AWS WAF web ACL.
--   
--   <i>See:</i> <a>listDistributionsByWebACLIdResponse</a> smart
--   constructor.
data ListDistributionsByWebACLIdResponse

-- | The <tt>DistributionList</tt> type.
ldbwairsDistributionList :: Lens' ListDistributionsByWebACLIdResponse (Maybe DistributionList)

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
ldbwairsResponseStatus :: Lens' ListDistributionsByWebACLIdResponse Int
instance GHC.Generics.Generic Network.AWS.CloudFront.ListDistributionsByWebACLId.ListDistributionsByWebACLIdResponse
instance Data.Data.Data Network.AWS.CloudFront.ListDistributionsByWebACLId.ListDistributionsByWebACLIdResponse
instance GHC.Show.Show Network.AWS.CloudFront.ListDistributionsByWebACLId.ListDistributionsByWebACLIdResponse
instance GHC.Read.Read Network.AWS.CloudFront.ListDistributionsByWebACLId.ListDistributionsByWebACLIdResponse
instance GHC.Classes.Eq Network.AWS.CloudFront.ListDistributionsByWebACLId.ListDistributionsByWebACLIdResponse
instance GHC.Generics.Generic Network.AWS.CloudFront.ListDistributionsByWebACLId.ListDistributionsByWebACLId
instance Data.Data.Data Network.AWS.CloudFront.ListDistributionsByWebACLId.ListDistributionsByWebACLId
instance GHC.Show.Show Network.AWS.CloudFront.ListDistributionsByWebACLId.ListDistributionsByWebACLId
instance GHC.Read.Read Network.AWS.CloudFront.ListDistributionsByWebACLId.ListDistributionsByWebACLId
instance GHC.Classes.Eq Network.AWS.CloudFront.ListDistributionsByWebACLId.ListDistributionsByWebACLId
instance Network.AWS.Types.AWSRequest Network.AWS.CloudFront.ListDistributionsByWebACLId.ListDistributionsByWebACLId
instance Control.DeepSeq.NFData Network.AWS.CloudFront.ListDistributionsByWebACLId.ListDistributionsByWebACLIdResponse
instance Data.Hashable.Class.Hashable Network.AWS.CloudFront.ListDistributionsByWebACLId.ListDistributionsByWebACLId
instance Control.DeepSeq.NFData Network.AWS.CloudFront.ListDistributionsByWebACLId.ListDistributionsByWebACLId
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CloudFront.ListDistributionsByWebACLId.ListDistributionsByWebACLId
instance Network.AWS.Data.Path.ToPath Network.AWS.CloudFront.ListDistributionsByWebACLId.ListDistributionsByWebACLId
instance Network.AWS.Data.Query.ToQuery Network.AWS.CloudFront.ListDistributionsByWebACLId.ListDistributionsByWebACLId


-- | List distributions.
--   
--   This operation returns paginated results.
module Network.AWS.CloudFront.ListDistributions

-- | Creates a value of <a>ListDistributions</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>ldMarker</a> - Use this when paginating results to indicate
--   where to begin in your list of distributions. The results include
--   distributions in the list that occur after the marker. To get the next
--   page of results, set the <tt>Marker</tt> to the value of the
--   <tt>NextMarker</tt> from the current page's response (which is also
--   the ID of the last distribution on that page).</li>
--   <li><a>ldMaxItems</a> - The maximum number of distributions you want
--   in the response body.</li>
--   </ul>
listDistributions :: ListDistributions

-- | The request to list your distributions.
--   
--   <i>See:</i> <a>listDistributions</a> smart constructor.
data ListDistributions

-- | Use this when paginating results to indicate where to begin in your
--   list of distributions. The results include distributions in the list
--   that occur after the marker. To get the next page of results, set the
--   <tt>Marker</tt> to the value of the <tt>NextMarker</tt> from the
--   current page's response (which is also the ID of the last distribution
--   on that page).
ldMarker :: Lens' ListDistributions (Maybe Text)

-- | The maximum number of distributions you want in the response body.
ldMaxItems :: Lens' ListDistributions (Maybe Text)

-- | Creates a value of <a>ListDistributionsResponse</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>ldrsResponseStatus</a> - -- | The response status code.</li>
--   <li><a>ldrsDistributionList</a> - The <tt>DistributionList</tt>
--   type.</li>
--   </ul>
listDistributionsResponse :: Int -> DistributionList -> ListDistributionsResponse

-- | The returned result of the corresponding request.
--   
--   <i>See:</i> <a>listDistributionsResponse</a> smart constructor.
data ListDistributionsResponse

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
ldrsResponseStatus :: Lens' ListDistributionsResponse Int

-- | The <tt>DistributionList</tt> type.
ldrsDistributionList :: Lens' ListDistributionsResponse DistributionList
instance GHC.Generics.Generic Network.AWS.CloudFront.ListDistributions.ListDistributionsResponse
instance Data.Data.Data Network.AWS.CloudFront.ListDistributions.ListDistributionsResponse
instance GHC.Show.Show Network.AWS.CloudFront.ListDistributions.ListDistributionsResponse
instance GHC.Read.Read Network.AWS.CloudFront.ListDistributions.ListDistributionsResponse
instance GHC.Classes.Eq Network.AWS.CloudFront.ListDistributions.ListDistributionsResponse
instance GHC.Generics.Generic Network.AWS.CloudFront.ListDistributions.ListDistributions
instance Data.Data.Data Network.AWS.CloudFront.ListDistributions.ListDistributions
instance GHC.Show.Show Network.AWS.CloudFront.ListDistributions.ListDistributions
instance GHC.Read.Read Network.AWS.CloudFront.ListDistributions.ListDistributions
instance GHC.Classes.Eq Network.AWS.CloudFront.ListDistributions.ListDistributions
instance Network.AWS.Types.AWSRequest Network.AWS.CloudFront.ListDistributions.ListDistributions
instance Control.DeepSeq.NFData Network.AWS.CloudFront.ListDistributions.ListDistributionsResponse
instance Network.AWS.Pager.AWSPager Network.AWS.CloudFront.ListDistributions.ListDistributions
instance Data.Hashable.Class.Hashable Network.AWS.CloudFront.ListDistributions.ListDistributions
instance Control.DeepSeq.NFData Network.AWS.CloudFront.ListDistributions.ListDistributions
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CloudFront.ListDistributions.ListDistributions
instance Network.AWS.Data.Path.ToPath Network.AWS.CloudFront.ListDistributions.ListDistributions
instance Network.AWS.Data.Query.ToQuery Network.AWS.CloudFront.ListDistributions.ListDistributions


-- | Lists origin access identities.
--   
--   This operation returns paginated results.
module Network.AWS.CloudFront.ListCloudFrontOriginAccessIdentities

-- | Creates a value of <a>ListCloudFrontOriginAccessIdentities</a> with
--   the minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>lcfoaiMarker</a> - Use this when paginating results to indicate
--   where to begin in your list of origin access identities. The results
--   include identities in the list that occur after the marker. To get the
--   next page of results, set the <tt>Marker</tt> to the value of the
--   <tt>NextMarker</tt> from the current page's response (which is also
--   the ID of the last identity on that page).</li>
--   <li><a>lcfoaiMaxItems</a> - The maximum number of origin access
--   identities you want in the response body.</li>
--   </ul>
listCloudFrontOriginAccessIdentities :: ListCloudFrontOriginAccessIdentities

-- | The request to list origin access identities.
--   
--   <i>See:</i> <a>listCloudFrontOriginAccessIdentities</a> smart
--   constructor.
data ListCloudFrontOriginAccessIdentities

-- | Use this when paginating results to indicate where to begin in your
--   list of origin access identities. The results include identities in
--   the list that occur after the marker. To get the next page of results,
--   set the <tt>Marker</tt> to the value of the <tt>NextMarker</tt> from
--   the current page's response (which is also the ID of the last identity
--   on that page).
lcfoaiMarker :: Lens' ListCloudFrontOriginAccessIdentities (Maybe Text)

-- | The maximum number of origin access identities you want in the
--   response body.
lcfoaiMaxItems :: Lens' ListCloudFrontOriginAccessIdentities (Maybe Text)

-- | Creates a value of <a>ListCloudFrontOriginAccessIdentitiesResponse</a>
--   with the minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>lcfoairsResponseStatus</a> - -- | The response status
--   code.</li>
--   <li><a>lcfoairsCloudFrontOriginAccessIdentityList</a> - The
--   <tt>CloudFrontOriginAccessIdentityList</tt> type.</li>
--   </ul>
listCloudFrontOriginAccessIdentitiesResponse :: Int -> CloudFrontOriginAccessIdentityList -> ListCloudFrontOriginAccessIdentitiesResponse

-- | The returned result of the corresponding request.
--   
--   <i>See:</i> <a>listCloudFrontOriginAccessIdentitiesResponse</a> smart
--   constructor.
data ListCloudFrontOriginAccessIdentitiesResponse

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
lcfoairsResponseStatus :: Lens' ListCloudFrontOriginAccessIdentitiesResponse Int

-- | The <tt>CloudFrontOriginAccessIdentityList</tt> type.
lcfoairsCloudFrontOriginAccessIdentityList :: Lens' ListCloudFrontOriginAccessIdentitiesResponse CloudFrontOriginAccessIdentityList
instance GHC.Generics.Generic Network.AWS.CloudFront.ListCloudFrontOriginAccessIdentities.ListCloudFrontOriginAccessIdentitiesResponse
instance Data.Data.Data Network.AWS.CloudFront.ListCloudFrontOriginAccessIdentities.ListCloudFrontOriginAccessIdentitiesResponse
instance GHC.Show.Show Network.AWS.CloudFront.ListCloudFrontOriginAccessIdentities.ListCloudFrontOriginAccessIdentitiesResponse
instance GHC.Read.Read Network.AWS.CloudFront.ListCloudFrontOriginAccessIdentities.ListCloudFrontOriginAccessIdentitiesResponse
instance GHC.Classes.Eq Network.AWS.CloudFront.ListCloudFrontOriginAccessIdentities.ListCloudFrontOriginAccessIdentitiesResponse
instance GHC.Generics.Generic Network.AWS.CloudFront.ListCloudFrontOriginAccessIdentities.ListCloudFrontOriginAccessIdentities
instance Data.Data.Data Network.AWS.CloudFront.ListCloudFrontOriginAccessIdentities.ListCloudFrontOriginAccessIdentities
instance GHC.Show.Show Network.AWS.CloudFront.ListCloudFrontOriginAccessIdentities.ListCloudFrontOriginAccessIdentities
instance GHC.Read.Read Network.AWS.CloudFront.ListCloudFrontOriginAccessIdentities.ListCloudFrontOriginAccessIdentities
instance GHC.Classes.Eq Network.AWS.CloudFront.ListCloudFrontOriginAccessIdentities.ListCloudFrontOriginAccessIdentities
instance Network.AWS.Types.AWSRequest Network.AWS.CloudFront.ListCloudFrontOriginAccessIdentities.ListCloudFrontOriginAccessIdentities
instance Control.DeepSeq.NFData Network.AWS.CloudFront.ListCloudFrontOriginAccessIdentities.ListCloudFrontOriginAccessIdentitiesResponse
instance Network.AWS.Pager.AWSPager Network.AWS.CloudFront.ListCloudFrontOriginAccessIdentities.ListCloudFrontOriginAccessIdentities
instance Data.Hashable.Class.Hashable Network.AWS.CloudFront.ListCloudFrontOriginAccessIdentities.ListCloudFrontOriginAccessIdentities
instance Control.DeepSeq.NFData Network.AWS.CloudFront.ListCloudFrontOriginAccessIdentities.ListCloudFrontOriginAccessIdentities
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CloudFront.ListCloudFrontOriginAccessIdentities.ListCloudFrontOriginAccessIdentities
instance Network.AWS.Data.Path.ToPath Network.AWS.CloudFront.ListCloudFrontOriginAccessIdentities.ListCloudFrontOriginAccessIdentities
instance Network.AWS.Data.Query.ToQuery Network.AWS.CloudFront.ListCloudFrontOriginAccessIdentities.ListCloudFrontOriginAccessIdentities


-- | Get the configuration information about a streaming distribution.
module Network.AWS.CloudFront.GetStreamingDistributionConfig

-- | Creates a value of <a>GetStreamingDistributionConfig</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>gsdcId</a> - The streaming distribution's ID.</li>
--   </ul>
getStreamingDistributionConfig :: Text -> GetStreamingDistributionConfig

-- | To request to get a streaming distribution configuration.
--   
--   <i>See:</i> <a>getStreamingDistributionConfig</a> smart constructor.
data GetStreamingDistributionConfig

-- | The streaming distribution's ID.
gsdcId :: Lens' GetStreamingDistributionConfig Text

-- | Creates a value of <a>GetStreamingDistributionConfigResponse</a> with
--   the minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>gsdcrsStreamingDistributionConfig</a> - The streaming
--   distribution's configuration information.</li>
--   <li><a>gsdcrsETag</a> - The current version of the configuration. For
--   example: <tt>E2QWRUHAPOMQZL</tt> .</li>
--   <li><a>gsdcrsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
getStreamingDistributionConfigResponse :: Int -> GetStreamingDistributionConfigResponse

-- | The returned result of the corresponding request.
--   
--   <i>See:</i> <a>getStreamingDistributionConfigResponse</a> smart
--   constructor.
data GetStreamingDistributionConfigResponse

-- | The streaming distribution's configuration information.
gsdcrsStreamingDistributionConfig :: Lens' GetStreamingDistributionConfigResponse (Maybe StreamingDistributionConfig)

-- | The current version of the configuration. For example:
--   <tt>E2QWRUHAPOMQZL</tt> .
gsdcrsETag :: Lens' GetStreamingDistributionConfigResponse (Maybe Text)

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
gsdcrsResponseStatus :: Lens' GetStreamingDistributionConfigResponse Int
instance GHC.Generics.Generic Network.AWS.CloudFront.GetStreamingDistributionConfig.GetStreamingDistributionConfigResponse
instance Data.Data.Data Network.AWS.CloudFront.GetStreamingDistributionConfig.GetStreamingDistributionConfigResponse
instance GHC.Show.Show Network.AWS.CloudFront.GetStreamingDistributionConfig.GetStreamingDistributionConfigResponse
instance GHC.Read.Read Network.AWS.CloudFront.GetStreamingDistributionConfig.GetStreamingDistributionConfigResponse
instance GHC.Classes.Eq Network.AWS.CloudFront.GetStreamingDistributionConfig.GetStreamingDistributionConfigResponse
instance GHC.Generics.Generic Network.AWS.CloudFront.GetStreamingDistributionConfig.GetStreamingDistributionConfig
instance Data.Data.Data Network.AWS.CloudFront.GetStreamingDistributionConfig.GetStreamingDistributionConfig
instance GHC.Show.Show Network.AWS.CloudFront.GetStreamingDistributionConfig.GetStreamingDistributionConfig
instance GHC.Read.Read Network.AWS.CloudFront.GetStreamingDistributionConfig.GetStreamingDistributionConfig
instance GHC.Classes.Eq Network.AWS.CloudFront.GetStreamingDistributionConfig.GetStreamingDistributionConfig
instance Network.AWS.Types.AWSRequest Network.AWS.CloudFront.GetStreamingDistributionConfig.GetStreamingDistributionConfig
instance Control.DeepSeq.NFData Network.AWS.CloudFront.GetStreamingDistributionConfig.GetStreamingDistributionConfigResponse
instance Data.Hashable.Class.Hashable Network.AWS.CloudFront.GetStreamingDistributionConfig.GetStreamingDistributionConfig
instance Control.DeepSeq.NFData Network.AWS.CloudFront.GetStreamingDistributionConfig.GetStreamingDistributionConfig
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CloudFront.GetStreamingDistributionConfig.GetStreamingDistributionConfig
instance Network.AWS.Data.Path.ToPath Network.AWS.CloudFront.GetStreamingDistributionConfig.GetStreamingDistributionConfig
instance Network.AWS.Data.Query.ToQuery Network.AWS.CloudFront.GetStreamingDistributionConfig.GetStreamingDistributionConfig


-- | Gets information about a specified RTMP distribution, including the
--   distribution configuration.
module Network.AWS.CloudFront.GetStreamingDistribution

-- | Creates a value of <a>GetStreamingDistribution</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>gsdId</a> - The streaming distribution's ID.</li>
--   </ul>
getStreamingDistribution :: Text -> GetStreamingDistribution

-- | The request to get a streaming distribution's information.
--   
--   <i>See:</i> <a>getStreamingDistribution</a> smart constructor.
data GetStreamingDistribution

-- | The streaming distribution's ID.
gsdId :: Lens' GetStreamingDistribution Text

-- | Creates a value of <a>GetStreamingDistributionResponse</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>gsdrsETag</a> - The current version of the streaming
--   distribution's information. For example: <tt>E2QWRUHAPOMQZL</tt>
--   .</li>
--   <li><a>gsdrsStreamingDistribution</a> - The streaming distribution's
--   information.</li>
--   <li><a>gsdrsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
getStreamingDistributionResponse :: Int -> GetStreamingDistributionResponse

-- | The returned result of the corresponding request.
--   
--   <i>See:</i> <a>getStreamingDistributionResponse</a> smart constructor.
data GetStreamingDistributionResponse

-- | The current version of the streaming distribution's information. For
--   example: <tt>E2QWRUHAPOMQZL</tt> .
gsdrsETag :: Lens' GetStreamingDistributionResponse (Maybe Text)

-- | The streaming distribution's information.
gsdrsStreamingDistribution :: Lens' GetStreamingDistributionResponse (Maybe StreamingDistribution)

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
gsdrsResponseStatus :: Lens' GetStreamingDistributionResponse Int
instance GHC.Generics.Generic Network.AWS.CloudFront.GetStreamingDistribution.GetStreamingDistributionResponse
instance Data.Data.Data Network.AWS.CloudFront.GetStreamingDistribution.GetStreamingDistributionResponse
instance GHC.Show.Show Network.AWS.CloudFront.GetStreamingDistribution.GetStreamingDistributionResponse
instance GHC.Read.Read Network.AWS.CloudFront.GetStreamingDistribution.GetStreamingDistributionResponse
instance GHC.Classes.Eq Network.AWS.CloudFront.GetStreamingDistribution.GetStreamingDistributionResponse
instance GHC.Generics.Generic Network.AWS.CloudFront.GetStreamingDistribution.GetStreamingDistribution
instance Data.Data.Data Network.AWS.CloudFront.GetStreamingDistribution.GetStreamingDistribution
instance GHC.Show.Show Network.AWS.CloudFront.GetStreamingDistribution.GetStreamingDistribution
instance GHC.Read.Read Network.AWS.CloudFront.GetStreamingDistribution.GetStreamingDistribution
instance GHC.Classes.Eq Network.AWS.CloudFront.GetStreamingDistribution.GetStreamingDistribution
instance Network.AWS.Types.AWSRequest Network.AWS.CloudFront.GetStreamingDistribution.GetStreamingDistribution
instance Control.DeepSeq.NFData Network.AWS.CloudFront.GetStreamingDistribution.GetStreamingDistributionResponse
instance Data.Hashable.Class.Hashable Network.AWS.CloudFront.GetStreamingDistribution.GetStreamingDistribution
instance Control.DeepSeq.NFData Network.AWS.CloudFront.GetStreamingDistribution.GetStreamingDistribution
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CloudFront.GetStreamingDistribution.GetStreamingDistribution
instance Network.AWS.Data.Path.ToPath Network.AWS.CloudFront.GetStreamingDistribution.GetStreamingDistribution
instance Network.AWS.Data.Query.ToQuery Network.AWS.CloudFront.GetStreamingDistribution.GetStreamingDistribution


-- | Return public key configuration informaation
module Network.AWS.CloudFront.GetPublicKeyConfig

-- | Creates a value of <a>GetPublicKeyConfig</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>gpkcId</a> - Request the ID for the public key
--   configuration.</li>
--   </ul>
getPublicKeyConfig :: Text -> GetPublicKeyConfig

-- | <i>See:</i> <a>getPublicKeyConfig</a> smart constructor.
data GetPublicKeyConfig

-- | Request the ID for the public key configuration.
gpkcId :: Lens' GetPublicKeyConfig Text

-- | Creates a value of <a>GetPublicKeyConfigResponse</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>gpkcrsETag</a> - The current version of the public key
--   configuration. For example: <tt>E2QWRUHAPOMQZL</tt> .</li>
--   <li><a>gpkcrsPublicKeyConfig</a> - Return the result for the public
--   key configuration.</li>
--   <li><a>gpkcrsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
getPublicKeyConfigResponse :: Int -> GetPublicKeyConfigResponse

-- | <i>See:</i> <a>getPublicKeyConfigResponse</a> smart constructor.
data GetPublicKeyConfigResponse

-- | The current version of the public key configuration. For example:
--   <tt>E2QWRUHAPOMQZL</tt> .
gpkcrsETag :: Lens' GetPublicKeyConfigResponse (Maybe Text)

-- | Return the result for the public key configuration.
gpkcrsPublicKeyConfig :: Lens' GetPublicKeyConfigResponse (Maybe PublicKeyConfig)

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
gpkcrsResponseStatus :: Lens' GetPublicKeyConfigResponse Int
instance GHC.Generics.Generic Network.AWS.CloudFront.GetPublicKeyConfig.GetPublicKeyConfigResponse
instance Data.Data.Data Network.AWS.CloudFront.GetPublicKeyConfig.GetPublicKeyConfigResponse
instance GHC.Show.Show Network.AWS.CloudFront.GetPublicKeyConfig.GetPublicKeyConfigResponse
instance GHC.Read.Read Network.AWS.CloudFront.GetPublicKeyConfig.GetPublicKeyConfigResponse
instance GHC.Classes.Eq Network.AWS.CloudFront.GetPublicKeyConfig.GetPublicKeyConfigResponse
instance GHC.Generics.Generic Network.AWS.CloudFront.GetPublicKeyConfig.GetPublicKeyConfig
instance Data.Data.Data Network.AWS.CloudFront.GetPublicKeyConfig.GetPublicKeyConfig
instance GHC.Show.Show Network.AWS.CloudFront.GetPublicKeyConfig.GetPublicKeyConfig
instance GHC.Read.Read Network.AWS.CloudFront.GetPublicKeyConfig.GetPublicKeyConfig
instance GHC.Classes.Eq Network.AWS.CloudFront.GetPublicKeyConfig.GetPublicKeyConfig
instance Network.AWS.Types.AWSRequest Network.AWS.CloudFront.GetPublicKeyConfig.GetPublicKeyConfig
instance Control.DeepSeq.NFData Network.AWS.CloudFront.GetPublicKeyConfig.GetPublicKeyConfigResponse
instance Data.Hashable.Class.Hashable Network.AWS.CloudFront.GetPublicKeyConfig.GetPublicKeyConfig
instance Control.DeepSeq.NFData Network.AWS.CloudFront.GetPublicKeyConfig.GetPublicKeyConfig
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CloudFront.GetPublicKeyConfig.GetPublicKeyConfig
instance Network.AWS.Data.Path.ToPath Network.AWS.CloudFront.GetPublicKeyConfig.GetPublicKeyConfig
instance Network.AWS.Data.Query.ToQuery Network.AWS.CloudFront.GetPublicKeyConfig.GetPublicKeyConfig


-- | Get the public key information.
module Network.AWS.CloudFront.GetPublicKey

-- | Creates a value of <a>GetPublicKey</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>gpkId</a> - Request the ID for the public key.</li>
--   </ul>
getPublicKey :: Text -> GetPublicKey

-- | <i>See:</i> <a>getPublicKey</a> smart constructor.
data GetPublicKey

-- | Request the ID for the public key.
gpkId :: Lens' GetPublicKey Text

-- | Creates a value of <a>GetPublicKeyResponse</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>gpkrsETag</a> - The current version of the public key. For
--   example: <tt>E2QWRUHAPOMQZL</tt> .</li>
--   <li><a>gpkrsPublicKey</a> - Return the public key.</li>
--   <li><a>gpkrsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
getPublicKeyResponse :: Int -> GetPublicKeyResponse

-- | <i>See:</i> <a>getPublicKeyResponse</a> smart constructor.
data GetPublicKeyResponse

-- | The current version of the public key. For example:
--   <tt>E2QWRUHAPOMQZL</tt> .
gpkrsETag :: Lens' GetPublicKeyResponse (Maybe Text)

-- | Return the public key.
gpkrsPublicKey :: Lens' GetPublicKeyResponse (Maybe PublicKey)

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
gpkrsResponseStatus :: Lens' GetPublicKeyResponse Int
instance GHC.Generics.Generic Network.AWS.CloudFront.GetPublicKey.GetPublicKeyResponse
instance Data.Data.Data Network.AWS.CloudFront.GetPublicKey.GetPublicKeyResponse
instance GHC.Show.Show Network.AWS.CloudFront.GetPublicKey.GetPublicKeyResponse
instance GHC.Read.Read Network.AWS.CloudFront.GetPublicKey.GetPublicKeyResponse
instance GHC.Classes.Eq Network.AWS.CloudFront.GetPublicKey.GetPublicKeyResponse
instance GHC.Generics.Generic Network.AWS.CloudFront.GetPublicKey.GetPublicKey
instance Data.Data.Data Network.AWS.CloudFront.GetPublicKey.GetPublicKey
instance GHC.Show.Show Network.AWS.CloudFront.GetPublicKey.GetPublicKey
instance GHC.Read.Read Network.AWS.CloudFront.GetPublicKey.GetPublicKey
instance GHC.Classes.Eq Network.AWS.CloudFront.GetPublicKey.GetPublicKey
instance Network.AWS.Types.AWSRequest Network.AWS.CloudFront.GetPublicKey.GetPublicKey
instance Control.DeepSeq.NFData Network.AWS.CloudFront.GetPublicKey.GetPublicKeyResponse
instance Data.Hashable.Class.Hashable Network.AWS.CloudFront.GetPublicKey.GetPublicKey
instance Control.DeepSeq.NFData Network.AWS.CloudFront.GetPublicKey.GetPublicKey
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CloudFront.GetPublicKey.GetPublicKey
instance Network.AWS.Data.Path.ToPath Network.AWS.CloudFront.GetPublicKey.GetPublicKey
instance Network.AWS.Data.Query.ToQuery Network.AWS.CloudFront.GetPublicKey.GetPublicKey


-- | Get the information about an invalidation.
module Network.AWS.CloudFront.GetInvalidation

-- | Creates a value of <a>GetInvalidation</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>giDistributionId</a> - The distribution's ID.</li>
--   <li><a>giId</a> - The identifier for the invalidation request, for
--   example, <tt>IDFDVBD632BHDS5</tt> .</li>
--   </ul>
getInvalidation :: Text -> Text -> GetInvalidation

-- | The request to get an invalidation's information.
--   
--   <i>See:</i> <a>getInvalidation</a> smart constructor.
data GetInvalidation

-- | The distribution's ID.
giDistributionId :: Lens' GetInvalidation Text

-- | The identifier for the invalidation request, for example,
--   <tt>IDFDVBD632BHDS5</tt> .
giId :: Lens' GetInvalidation Text

-- | Creates a value of <a>GetInvalidationResponse</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>girsInvalidation</a> - The invalidation's information. For more
--   information, see <a>Invalidation Complex Type</a> .</li>
--   <li><a>girsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
getInvalidationResponse :: Int -> GetInvalidationResponse

-- | The returned result of the corresponding request.
--   
--   <i>See:</i> <a>getInvalidationResponse</a> smart constructor.
data GetInvalidationResponse

-- | The invalidation's information. For more information, see
--   <a>Invalidation Complex Type</a> .
girsInvalidation :: Lens' GetInvalidationResponse (Maybe Invalidation)

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
girsResponseStatus :: Lens' GetInvalidationResponse Int
instance GHC.Generics.Generic Network.AWS.CloudFront.GetInvalidation.GetInvalidationResponse
instance Data.Data.Data Network.AWS.CloudFront.GetInvalidation.GetInvalidationResponse
instance GHC.Show.Show Network.AWS.CloudFront.GetInvalidation.GetInvalidationResponse
instance GHC.Read.Read Network.AWS.CloudFront.GetInvalidation.GetInvalidationResponse
instance GHC.Classes.Eq Network.AWS.CloudFront.GetInvalidation.GetInvalidationResponse
instance GHC.Generics.Generic Network.AWS.CloudFront.GetInvalidation.GetInvalidation
instance Data.Data.Data Network.AWS.CloudFront.GetInvalidation.GetInvalidation
instance GHC.Show.Show Network.AWS.CloudFront.GetInvalidation.GetInvalidation
instance GHC.Read.Read Network.AWS.CloudFront.GetInvalidation.GetInvalidation
instance GHC.Classes.Eq Network.AWS.CloudFront.GetInvalidation.GetInvalidation
instance Network.AWS.Types.AWSRequest Network.AWS.CloudFront.GetInvalidation.GetInvalidation
instance Control.DeepSeq.NFData Network.AWS.CloudFront.GetInvalidation.GetInvalidationResponse
instance Data.Hashable.Class.Hashable Network.AWS.CloudFront.GetInvalidation.GetInvalidation
instance Control.DeepSeq.NFData Network.AWS.CloudFront.GetInvalidation.GetInvalidation
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CloudFront.GetInvalidation.GetInvalidation
instance Network.AWS.Data.Path.ToPath Network.AWS.CloudFront.GetInvalidation.GetInvalidation
instance Network.AWS.Data.Query.ToQuery Network.AWS.CloudFront.GetInvalidation.GetInvalidation


-- | Get the field-level encryption profile configuration information.
module Network.AWS.CloudFront.GetFieldLevelEncryptionProfileConfig

-- | Creates a value of <a>GetFieldLevelEncryptionProfileConfig</a> with
--   the minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>gflepcId</a> - Get the ID for the field-level encryption
--   profile configuration information.</li>
--   </ul>
getFieldLevelEncryptionProfileConfig :: Text -> GetFieldLevelEncryptionProfileConfig

-- | <i>See:</i> <a>getFieldLevelEncryptionProfileConfig</a> smart
--   constructor.
data GetFieldLevelEncryptionProfileConfig

-- | Get the ID for the field-level encryption profile configuration
--   information.
gflepcId :: Lens' GetFieldLevelEncryptionProfileConfig Text

-- | Creates a value of <a>GetFieldLevelEncryptionProfileConfigResponse</a>
--   with the minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>gflepcrsETag</a> - The current version of the field-level
--   encryption profile configuration result. For example:
--   <tt>E2QWRUHAPOMQZL</tt> .</li>
--   <li><a>gflepcrsFieldLevelEncryptionProfileConfig</a> - Return the
--   field-level encryption profile configuration information.</li>
--   <li><a>gflepcrsResponseStatus</a> - -- | The response status
--   code.</li>
--   </ul>
getFieldLevelEncryptionProfileConfigResponse :: Int -> GetFieldLevelEncryptionProfileConfigResponse

-- | <i>See:</i> <a>getFieldLevelEncryptionProfileConfigResponse</a> smart
--   constructor.
data GetFieldLevelEncryptionProfileConfigResponse

-- | The current version of the field-level encryption profile
--   configuration result. For example: <tt>E2QWRUHAPOMQZL</tt> .
gflepcrsETag :: Lens' GetFieldLevelEncryptionProfileConfigResponse (Maybe Text)

-- | Return the field-level encryption profile configuration information.
gflepcrsFieldLevelEncryptionProfileConfig :: Lens' GetFieldLevelEncryptionProfileConfigResponse (Maybe FieldLevelEncryptionProfileConfig)

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
gflepcrsResponseStatus :: Lens' GetFieldLevelEncryptionProfileConfigResponse Int
instance GHC.Generics.Generic Network.AWS.CloudFront.GetFieldLevelEncryptionProfileConfig.GetFieldLevelEncryptionProfileConfigResponse
instance Data.Data.Data Network.AWS.CloudFront.GetFieldLevelEncryptionProfileConfig.GetFieldLevelEncryptionProfileConfigResponse
instance GHC.Show.Show Network.AWS.CloudFront.GetFieldLevelEncryptionProfileConfig.GetFieldLevelEncryptionProfileConfigResponse
instance GHC.Read.Read Network.AWS.CloudFront.GetFieldLevelEncryptionProfileConfig.GetFieldLevelEncryptionProfileConfigResponse
instance GHC.Classes.Eq Network.AWS.CloudFront.GetFieldLevelEncryptionProfileConfig.GetFieldLevelEncryptionProfileConfigResponse
instance GHC.Generics.Generic Network.AWS.CloudFront.GetFieldLevelEncryptionProfileConfig.GetFieldLevelEncryptionProfileConfig
instance Data.Data.Data Network.AWS.CloudFront.GetFieldLevelEncryptionProfileConfig.GetFieldLevelEncryptionProfileConfig
instance GHC.Show.Show Network.AWS.CloudFront.GetFieldLevelEncryptionProfileConfig.GetFieldLevelEncryptionProfileConfig
instance GHC.Read.Read Network.AWS.CloudFront.GetFieldLevelEncryptionProfileConfig.GetFieldLevelEncryptionProfileConfig
instance GHC.Classes.Eq Network.AWS.CloudFront.GetFieldLevelEncryptionProfileConfig.GetFieldLevelEncryptionProfileConfig
instance Network.AWS.Types.AWSRequest Network.AWS.CloudFront.GetFieldLevelEncryptionProfileConfig.GetFieldLevelEncryptionProfileConfig
instance Control.DeepSeq.NFData Network.AWS.CloudFront.GetFieldLevelEncryptionProfileConfig.GetFieldLevelEncryptionProfileConfigResponse
instance Data.Hashable.Class.Hashable Network.AWS.CloudFront.GetFieldLevelEncryptionProfileConfig.GetFieldLevelEncryptionProfileConfig
instance Control.DeepSeq.NFData Network.AWS.CloudFront.GetFieldLevelEncryptionProfileConfig.GetFieldLevelEncryptionProfileConfig
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CloudFront.GetFieldLevelEncryptionProfileConfig.GetFieldLevelEncryptionProfileConfig
instance Network.AWS.Data.Path.ToPath Network.AWS.CloudFront.GetFieldLevelEncryptionProfileConfig.GetFieldLevelEncryptionProfileConfig
instance Network.AWS.Data.Query.ToQuery Network.AWS.CloudFront.GetFieldLevelEncryptionProfileConfig.GetFieldLevelEncryptionProfileConfig


-- | Get the field-level encryption profile information.
module Network.AWS.CloudFront.GetFieldLevelEncryptionProfile

-- | Creates a value of <a>GetFieldLevelEncryptionProfile</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>gflepId</a> - Get the ID for the field-level encryption profile
--   information.</li>
--   </ul>
getFieldLevelEncryptionProfile :: Text -> GetFieldLevelEncryptionProfile

-- | <i>See:</i> <a>getFieldLevelEncryptionProfile</a> smart constructor.
data GetFieldLevelEncryptionProfile

-- | Get the ID for the field-level encryption profile information.
gflepId :: Lens' GetFieldLevelEncryptionProfile Text

-- | Creates a value of <a>GetFieldLevelEncryptionProfileResponse</a> with
--   the minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>gfleprsETag</a> - The current version of the field level
--   encryption profile. For example: <tt>E2QWRUHAPOMQZL</tt> .</li>
--   <li><a>gfleprsFieldLevelEncryptionProfile</a> - Return the field-level
--   encryption profile information.</li>
--   <li><a>gfleprsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
getFieldLevelEncryptionProfileResponse :: Int -> GetFieldLevelEncryptionProfileResponse

-- | <i>See:</i> <a>getFieldLevelEncryptionProfileResponse</a> smart
--   constructor.
data GetFieldLevelEncryptionProfileResponse

-- | The current version of the field level encryption profile. For
--   example: <tt>E2QWRUHAPOMQZL</tt> .
gfleprsETag :: Lens' GetFieldLevelEncryptionProfileResponse (Maybe Text)

-- | Return the field-level encryption profile information.
gfleprsFieldLevelEncryptionProfile :: Lens' GetFieldLevelEncryptionProfileResponse (Maybe FieldLevelEncryptionProfile)

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
gfleprsResponseStatus :: Lens' GetFieldLevelEncryptionProfileResponse Int
instance GHC.Generics.Generic Network.AWS.CloudFront.GetFieldLevelEncryptionProfile.GetFieldLevelEncryptionProfileResponse
instance Data.Data.Data Network.AWS.CloudFront.GetFieldLevelEncryptionProfile.GetFieldLevelEncryptionProfileResponse
instance GHC.Show.Show Network.AWS.CloudFront.GetFieldLevelEncryptionProfile.GetFieldLevelEncryptionProfileResponse
instance GHC.Read.Read Network.AWS.CloudFront.GetFieldLevelEncryptionProfile.GetFieldLevelEncryptionProfileResponse
instance GHC.Classes.Eq Network.AWS.CloudFront.GetFieldLevelEncryptionProfile.GetFieldLevelEncryptionProfileResponse
instance GHC.Generics.Generic Network.AWS.CloudFront.GetFieldLevelEncryptionProfile.GetFieldLevelEncryptionProfile
instance Data.Data.Data Network.AWS.CloudFront.GetFieldLevelEncryptionProfile.GetFieldLevelEncryptionProfile
instance GHC.Show.Show Network.AWS.CloudFront.GetFieldLevelEncryptionProfile.GetFieldLevelEncryptionProfile
instance GHC.Read.Read Network.AWS.CloudFront.GetFieldLevelEncryptionProfile.GetFieldLevelEncryptionProfile
instance GHC.Classes.Eq Network.AWS.CloudFront.GetFieldLevelEncryptionProfile.GetFieldLevelEncryptionProfile
instance Network.AWS.Types.AWSRequest Network.AWS.CloudFront.GetFieldLevelEncryptionProfile.GetFieldLevelEncryptionProfile
instance Control.DeepSeq.NFData Network.AWS.CloudFront.GetFieldLevelEncryptionProfile.GetFieldLevelEncryptionProfileResponse
instance Data.Hashable.Class.Hashable Network.AWS.CloudFront.GetFieldLevelEncryptionProfile.GetFieldLevelEncryptionProfile
instance Control.DeepSeq.NFData Network.AWS.CloudFront.GetFieldLevelEncryptionProfile.GetFieldLevelEncryptionProfile
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CloudFront.GetFieldLevelEncryptionProfile.GetFieldLevelEncryptionProfile
instance Network.AWS.Data.Path.ToPath Network.AWS.CloudFront.GetFieldLevelEncryptionProfile.GetFieldLevelEncryptionProfile
instance Network.AWS.Data.Query.ToQuery Network.AWS.CloudFront.GetFieldLevelEncryptionProfile.GetFieldLevelEncryptionProfile


-- | Get the field-level encryption configuration information.
module Network.AWS.CloudFront.GetFieldLevelEncryptionConfig

-- | Creates a value of <a>GetFieldLevelEncryptionConfig</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>gflecId</a> - Request the ID for the field-level encryption
--   configuration information.</li>
--   </ul>
getFieldLevelEncryptionConfig :: Text -> GetFieldLevelEncryptionConfig

-- | <i>See:</i> <a>getFieldLevelEncryptionConfig</a> smart constructor.
data GetFieldLevelEncryptionConfig

-- | Request the ID for the field-level encryption configuration
--   information.
gflecId :: Lens' GetFieldLevelEncryptionConfig Text

-- | Creates a value of <a>GetFieldLevelEncryptionConfigResponse</a> with
--   the minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>gflecrsETag</a> - The current version of the field level
--   encryption configuration. For example: <tt>E2QWRUHAPOMQZL</tt> .</li>
--   <li><a>gflecrsFieldLevelEncryptionConfig</a> - Return the field-level
--   encryption configuration information.</li>
--   <li><a>gflecrsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
getFieldLevelEncryptionConfigResponse :: Int -> GetFieldLevelEncryptionConfigResponse

-- | <i>See:</i> <a>getFieldLevelEncryptionConfigResponse</a> smart
--   constructor.
data GetFieldLevelEncryptionConfigResponse

-- | The current version of the field level encryption configuration. For
--   example: <tt>E2QWRUHAPOMQZL</tt> .
gflecrsETag :: Lens' GetFieldLevelEncryptionConfigResponse (Maybe Text)

-- | Return the field-level encryption configuration information.
gflecrsFieldLevelEncryptionConfig :: Lens' GetFieldLevelEncryptionConfigResponse (Maybe FieldLevelEncryptionConfig)

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
gflecrsResponseStatus :: Lens' GetFieldLevelEncryptionConfigResponse Int
instance GHC.Generics.Generic Network.AWS.CloudFront.GetFieldLevelEncryptionConfig.GetFieldLevelEncryptionConfigResponse
instance Data.Data.Data Network.AWS.CloudFront.GetFieldLevelEncryptionConfig.GetFieldLevelEncryptionConfigResponse
instance GHC.Show.Show Network.AWS.CloudFront.GetFieldLevelEncryptionConfig.GetFieldLevelEncryptionConfigResponse
instance GHC.Read.Read Network.AWS.CloudFront.GetFieldLevelEncryptionConfig.GetFieldLevelEncryptionConfigResponse
instance GHC.Classes.Eq Network.AWS.CloudFront.GetFieldLevelEncryptionConfig.GetFieldLevelEncryptionConfigResponse
instance GHC.Generics.Generic Network.AWS.CloudFront.GetFieldLevelEncryptionConfig.GetFieldLevelEncryptionConfig
instance Data.Data.Data Network.AWS.CloudFront.GetFieldLevelEncryptionConfig.GetFieldLevelEncryptionConfig
instance GHC.Show.Show Network.AWS.CloudFront.GetFieldLevelEncryptionConfig.GetFieldLevelEncryptionConfig
instance GHC.Read.Read Network.AWS.CloudFront.GetFieldLevelEncryptionConfig.GetFieldLevelEncryptionConfig
instance GHC.Classes.Eq Network.AWS.CloudFront.GetFieldLevelEncryptionConfig.GetFieldLevelEncryptionConfig
instance Network.AWS.Types.AWSRequest Network.AWS.CloudFront.GetFieldLevelEncryptionConfig.GetFieldLevelEncryptionConfig
instance Control.DeepSeq.NFData Network.AWS.CloudFront.GetFieldLevelEncryptionConfig.GetFieldLevelEncryptionConfigResponse
instance Data.Hashable.Class.Hashable Network.AWS.CloudFront.GetFieldLevelEncryptionConfig.GetFieldLevelEncryptionConfig
instance Control.DeepSeq.NFData Network.AWS.CloudFront.GetFieldLevelEncryptionConfig.GetFieldLevelEncryptionConfig
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CloudFront.GetFieldLevelEncryptionConfig.GetFieldLevelEncryptionConfig
instance Network.AWS.Data.Path.ToPath Network.AWS.CloudFront.GetFieldLevelEncryptionConfig.GetFieldLevelEncryptionConfig
instance Network.AWS.Data.Query.ToQuery Network.AWS.CloudFront.GetFieldLevelEncryptionConfig.GetFieldLevelEncryptionConfig


-- | Get the field-level encryption configuration information.
module Network.AWS.CloudFront.GetFieldLevelEncryption

-- | Creates a value of <a>GetFieldLevelEncryption</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>gfleId</a> - Request the ID for the field-level encryption
--   configuration information.</li>
--   </ul>
getFieldLevelEncryption :: Text -> GetFieldLevelEncryption

-- | <i>See:</i> <a>getFieldLevelEncryption</a> smart constructor.
data GetFieldLevelEncryption

-- | Request the ID for the field-level encryption configuration
--   information.
gfleId :: Lens' GetFieldLevelEncryption Text

-- | Creates a value of <a>GetFieldLevelEncryptionResponse</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>gflersETag</a> - The current version of the field level
--   encryption configuration. For example: <tt>E2QWRUHAPOMQZL</tt> .</li>
--   <li><a>gflersFieldLevelEncryption</a> - Return the field-level
--   encryption configuration information.</li>
--   <li><a>gflersResponseStatus</a> - -- | The response status code.</li>
--   </ul>
getFieldLevelEncryptionResponse :: Int -> GetFieldLevelEncryptionResponse

-- | <i>See:</i> <a>getFieldLevelEncryptionResponse</a> smart constructor.
data GetFieldLevelEncryptionResponse

-- | The current version of the field level encryption configuration. For
--   example: <tt>E2QWRUHAPOMQZL</tt> .
gflersETag :: Lens' GetFieldLevelEncryptionResponse (Maybe Text)

-- | Return the field-level encryption configuration information.
gflersFieldLevelEncryption :: Lens' GetFieldLevelEncryptionResponse (Maybe FieldLevelEncryption)

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
gflersResponseStatus :: Lens' GetFieldLevelEncryptionResponse Int
instance GHC.Generics.Generic Network.AWS.CloudFront.GetFieldLevelEncryption.GetFieldLevelEncryptionResponse
instance Data.Data.Data Network.AWS.CloudFront.GetFieldLevelEncryption.GetFieldLevelEncryptionResponse
instance GHC.Show.Show Network.AWS.CloudFront.GetFieldLevelEncryption.GetFieldLevelEncryptionResponse
instance GHC.Read.Read Network.AWS.CloudFront.GetFieldLevelEncryption.GetFieldLevelEncryptionResponse
instance GHC.Classes.Eq Network.AWS.CloudFront.GetFieldLevelEncryption.GetFieldLevelEncryptionResponse
instance GHC.Generics.Generic Network.AWS.CloudFront.GetFieldLevelEncryption.GetFieldLevelEncryption
instance Data.Data.Data Network.AWS.CloudFront.GetFieldLevelEncryption.GetFieldLevelEncryption
instance GHC.Show.Show Network.AWS.CloudFront.GetFieldLevelEncryption.GetFieldLevelEncryption
instance GHC.Read.Read Network.AWS.CloudFront.GetFieldLevelEncryption.GetFieldLevelEncryption
instance GHC.Classes.Eq Network.AWS.CloudFront.GetFieldLevelEncryption.GetFieldLevelEncryption
instance Network.AWS.Types.AWSRequest Network.AWS.CloudFront.GetFieldLevelEncryption.GetFieldLevelEncryption
instance Control.DeepSeq.NFData Network.AWS.CloudFront.GetFieldLevelEncryption.GetFieldLevelEncryptionResponse
instance Data.Hashable.Class.Hashable Network.AWS.CloudFront.GetFieldLevelEncryption.GetFieldLevelEncryption
instance Control.DeepSeq.NFData Network.AWS.CloudFront.GetFieldLevelEncryption.GetFieldLevelEncryption
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CloudFront.GetFieldLevelEncryption.GetFieldLevelEncryption
instance Network.AWS.Data.Path.ToPath Network.AWS.CloudFront.GetFieldLevelEncryption.GetFieldLevelEncryption
instance Network.AWS.Data.Query.ToQuery Network.AWS.CloudFront.GetFieldLevelEncryption.GetFieldLevelEncryption


-- | Get the configuration information about a distribution.
module Network.AWS.CloudFront.GetDistributionConfig

-- | Creates a value of <a>GetDistributionConfig</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>gdcId</a> - The distribution's ID.</li>
--   </ul>
getDistributionConfig :: Text -> GetDistributionConfig

-- | The request to get a distribution configuration.
--   
--   <i>See:</i> <a>getDistributionConfig</a> smart constructor.
data GetDistributionConfig

-- | The distribution's ID.
gdcId :: Lens' GetDistributionConfig Text

-- | Creates a value of <a>GetDistributionConfigResponse</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>gdcrsETag</a> - The current version of the configuration. For
--   example: <tt>E2QWRUHAPOMQZL</tt> .</li>
--   <li><a>gdcrsDistributionConfig</a> - The distribution's configuration
--   information.</li>
--   <li><a>gdcrsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
getDistributionConfigResponse :: Int -> GetDistributionConfigResponse

-- | The returned result of the corresponding request.
--   
--   <i>See:</i> <a>getDistributionConfigResponse</a> smart constructor.
data GetDistributionConfigResponse

-- | The current version of the configuration. For example:
--   <tt>E2QWRUHAPOMQZL</tt> .
gdcrsETag :: Lens' GetDistributionConfigResponse (Maybe Text)

-- | The distribution's configuration information.
gdcrsDistributionConfig :: Lens' GetDistributionConfigResponse (Maybe DistributionConfig)

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
gdcrsResponseStatus :: Lens' GetDistributionConfigResponse Int
instance GHC.Generics.Generic Network.AWS.CloudFront.GetDistributionConfig.GetDistributionConfigResponse
instance Data.Data.Data Network.AWS.CloudFront.GetDistributionConfig.GetDistributionConfigResponse
instance GHC.Show.Show Network.AWS.CloudFront.GetDistributionConfig.GetDistributionConfigResponse
instance GHC.Read.Read Network.AWS.CloudFront.GetDistributionConfig.GetDistributionConfigResponse
instance GHC.Classes.Eq Network.AWS.CloudFront.GetDistributionConfig.GetDistributionConfigResponse
instance GHC.Generics.Generic Network.AWS.CloudFront.GetDistributionConfig.GetDistributionConfig
instance Data.Data.Data Network.AWS.CloudFront.GetDistributionConfig.GetDistributionConfig
instance GHC.Show.Show Network.AWS.CloudFront.GetDistributionConfig.GetDistributionConfig
instance GHC.Read.Read Network.AWS.CloudFront.GetDistributionConfig.GetDistributionConfig
instance GHC.Classes.Eq Network.AWS.CloudFront.GetDistributionConfig.GetDistributionConfig
instance Network.AWS.Types.AWSRequest Network.AWS.CloudFront.GetDistributionConfig.GetDistributionConfig
instance Control.DeepSeq.NFData Network.AWS.CloudFront.GetDistributionConfig.GetDistributionConfigResponse
instance Data.Hashable.Class.Hashable Network.AWS.CloudFront.GetDistributionConfig.GetDistributionConfig
instance Control.DeepSeq.NFData Network.AWS.CloudFront.GetDistributionConfig.GetDistributionConfig
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CloudFront.GetDistributionConfig.GetDistributionConfig
instance Network.AWS.Data.Path.ToPath Network.AWS.CloudFront.GetDistributionConfig.GetDistributionConfig
instance Network.AWS.Data.Query.ToQuery Network.AWS.CloudFront.GetDistributionConfig.GetDistributionConfig


-- | Get the information about a distribution.
module Network.AWS.CloudFront.GetDistribution

-- | Creates a value of <a>GetDistribution</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>gdId</a> - The distribution's ID.</li>
--   </ul>
getDistribution :: Text -> GetDistribution

-- | The request to get a distribution's information.
--   
--   <i>See:</i> <a>getDistribution</a> smart constructor.
data GetDistribution

-- | The distribution's ID.
gdId :: Lens' GetDistribution Text

-- | Creates a value of <a>GetDistributionResponse</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>gdrsETag</a> - The current version of the distribution's
--   information. For example: <tt>E2QWRUHAPOMQZL</tt> .</li>
--   <li><a>gdrsDistribution</a> - The distribution's information.</li>
--   <li><a>gdrsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
getDistributionResponse :: Int -> GetDistributionResponse

-- | The returned result of the corresponding request.
--   
--   <i>See:</i> <a>getDistributionResponse</a> smart constructor.
data GetDistributionResponse

-- | The current version of the distribution's information. For example:
--   <tt>E2QWRUHAPOMQZL</tt> .
gdrsETag :: Lens' GetDistributionResponse (Maybe Text)

-- | The distribution's information.
gdrsDistribution :: Lens' GetDistributionResponse (Maybe Distribution)

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
gdrsResponseStatus :: Lens' GetDistributionResponse Int
instance GHC.Generics.Generic Network.AWS.CloudFront.GetDistribution.GetDistributionResponse
instance Data.Data.Data Network.AWS.CloudFront.GetDistribution.GetDistributionResponse
instance GHC.Show.Show Network.AWS.CloudFront.GetDistribution.GetDistributionResponse
instance GHC.Read.Read Network.AWS.CloudFront.GetDistribution.GetDistributionResponse
instance GHC.Classes.Eq Network.AWS.CloudFront.GetDistribution.GetDistributionResponse
instance GHC.Generics.Generic Network.AWS.CloudFront.GetDistribution.GetDistribution
instance Data.Data.Data Network.AWS.CloudFront.GetDistribution.GetDistribution
instance GHC.Show.Show Network.AWS.CloudFront.GetDistribution.GetDistribution
instance GHC.Read.Read Network.AWS.CloudFront.GetDistribution.GetDistribution
instance GHC.Classes.Eq Network.AWS.CloudFront.GetDistribution.GetDistribution
instance Network.AWS.Types.AWSRequest Network.AWS.CloudFront.GetDistribution.GetDistribution
instance Control.DeepSeq.NFData Network.AWS.CloudFront.GetDistribution.GetDistributionResponse
instance Data.Hashable.Class.Hashable Network.AWS.CloudFront.GetDistribution.GetDistribution
instance Control.DeepSeq.NFData Network.AWS.CloudFront.GetDistribution.GetDistribution
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CloudFront.GetDistribution.GetDistribution
instance Network.AWS.Data.Path.ToPath Network.AWS.CloudFront.GetDistribution.GetDistribution
instance Network.AWS.Data.Query.ToQuery Network.AWS.CloudFront.GetDistribution.GetDistribution


-- | Get the configuration information about an origin access identity.
module Network.AWS.CloudFront.GetCloudFrontOriginAccessIdentityConfig

-- | Creates a value of <a>GetCloudFrontOriginAccessIdentityConfig</a> with
--   the minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>gcfoaicId</a> - The identity's ID.</li>
--   </ul>
getCloudFrontOriginAccessIdentityConfig :: Text -> GetCloudFrontOriginAccessIdentityConfig

-- | The origin access identity's configuration information. For more
--   information, see
--   <tt>CloudFrontOriginAccessIdentityConfigComplexType</tt> .
--   
--   <i>See:</i> <a>getCloudFrontOriginAccessIdentityConfig</a> smart
--   constructor.
data GetCloudFrontOriginAccessIdentityConfig

-- | The identity's ID.
gcfoaicId :: Lens' GetCloudFrontOriginAccessIdentityConfig Text

-- | Creates a value of
--   <a>GetCloudFrontOriginAccessIdentityConfigResponse</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>gcfoaicrsCloudFrontOriginAccessIdentityConfig</a> - The origin
--   access identity's configuration information.</li>
--   <li><a>gcfoaicrsETag</a> - The current version of the configuration.
--   For example: <tt>E2QWRUHAPOMQZL</tt> .</li>
--   <li><a>gcfoaicrsResponseStatus</a> - -- | The response status
--   code.</li>
--   </ul>
getCloudFrontOriginAccessIdentityConfigResponse :: Int -> GetCloudFrontOriginAccessIdentityConfigResponse

-- | The returned result of the corresponding request.
--   
--   <i>See:</i> <a>getCloudFrontOriginAccessIdentityConfigResponse</a>
--   smart constructor.
data GetCloudFrontOriginAccessIdentityConfigResponse

-- | The origin access identity's configuration information.
gcfoaicrsCloudFrontOriginAccessIdentityConfig :: Lens' GetCloudFrontOriginAccessIdentityConfigResponse (Maybe CloudFrontOriginAccessIdentityConfig)

-- | The current version of the configuration. For example:
--   <tt>E2QWRUHAPOMQZL</tt> .
gcfoaicrsETag :: Lens' GetCloudFrontOriginAccessIdentityConfigResponse (Maybe Text)

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
gcfoaicrsResponseStatus :: Lens' GetCloudFrontOriginAccessIdentityConfigResponse Int
instance GHC.Generics.Generic Network.AWS.CloudFront.GetCloudFrontOriginAccessIdentityConfig.GetCloudFrontOriginAccessIdentityConfigResponse
instance Data.Data.Data Network.AWS.CloudFront.GetCloudFrontOriginAccessIdentityConfig.GetCloudFrontOriginAccessIdentityConfigResponse
instance GHC.Show.Show Network.AWS.CloudFront.GetCloudFrontOriginAccessIdentityConfig.GetCloudFrontOriginAccessIdentityConfigResponse
instance GHC.Read.Read Network.AWS.CloudFront.GetCloudFrontOriginAccessIdentityConfig.GetCloudFrontOriginAccessIdentityConfigResponse
instance GHC.Classes.Eq Network.AWS.CloudFront.GetCloudFrontOriginAccessIdentityConfig.GetCloudFrontOriginAccessIdentityConfigResponse
instance GHC.Generics.Generic Network.AWS.CloudFront.GetCloudFrontOriginAccessIdentityConfig.GetCloudFrontOriginAccessIdentityConfig
instance Data.Data.Data Network.AWS.CloudFront.GetCloudFrontOriginAccessIdentityConfig.GetCloudFrontOriginAccessIdentityConfig
instance GHC.Show.Show Network.AWS.CloudFront.GetCloudFrontOriginAccessIdentityConfig.GetCloudFrontOriginAccessIdentityConfig
instance GHC.Read.Read Network.AWS.CloudFront.GetCloudFrontOriginAccessIdentityConfig.GetCloudFrontOriginAccessIdentityConfig
instance GHC.Classes.Eq Network.AWS.CloudFront.GetCloudFrontOriginAccessIdentityConfig.GetCloudFrontOriginAccessIdentityConfig
instance Network.AWS.Types.AWSRequest Network.AWS.CloudFront.GetCloudFrontOriginAccessIdentityConfig.GetCloudFrontOriginAccessIdentityConfig
instance Control.DeepSeq.NFData Network.AWS.CloudFront.GetCloudFrontOriginAccessIdentityConfig.GetCloudFrontOriginAccessIdentityConfigResponse
instance Data.Hashable.Class.Hashable Network.AWS.CloudFront.GetCloudFrontOriginAccessIdentityConfig.GetCloudFrontOriginAccessIdentityConfig
instance Control.DeepSeq.NFData Network.AWS.CloudFront.GetCloudFrontOriginAccessIdentityConfig.GetCloudFrontOriginAccessIdentityConfig
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CloudFront.GetCloudFrontOriginAccessIdentityConfig.GetCloudFrontOriginAccessIdentityConfig
instance Network.AWS.Data.Path.ToPath Network.AWS.CloudFront.GetCloudFrontOriginAccessIdentityConfig.GetCloudFrontOriginAccessIdentityConfig
instance Network.AWS.Data.Query.ToQuery Network.AWS.CloudFront.GetCloudFrontOriginAccessIdentityConfig.GetCloudFrontOriginAccessIdentityConfig


-- | Get the information about an origin access identity.
module Network.AWS.CloudFront.GetCloudFrontOriginAccessIdentity

-- | Creates a value of <a>GetCloudFrontOriginAccessIdentity</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>gcfoaiId</a> - The identity's ID.</li>
--   </ul>
getCloudFrontOriginAccessIdentity :: Text -> GetCloudFrontOriginAccessIdentity

-- | The request to get an origin access identity's information.
--   
--   <i>See:</i> <a>getCloudFrontOriginAccessIdentity</a> smart
--   constructor.
data GetCloudFrontOriginAccessIdentity

-- | The identity's ID.
gcfoaiId :: Lens' GetCloudFrontOriginAccessIdentity Text

-- | Creates a value of <a>GetCloudFrontOriginAccessIdentityResponse</a>
--   with the minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>gcfoairsETag</a> - The current version of the origin access
--   identity's information. For example: <tt>E2QWRUHAPOMQZL</tt> .</li>
--   <li><a>gcfoairsCloudFrontOriginAccessIdentity</a> - The origin access
--   identity's information.</li>
--   <li><a>gcfoairsResponseStatus</a> - -- | The response status
--   code.</li>
--   </ul>
getCloudFrontOriginAccessIdentityResponse :: Int -> GetCloudFrontOriginAccessIdentityResponse

-- | The returned result of the corresponding request.
--   
--   <i>See:</i> <a>getCloudFrontOriginAccessIdentityResponse</a> smart
--   constructor.
data GetCloudFrontOriginAccessIdentityResponse

-- | The current version of the origin access identity's information. For
--   example: <tt>E2QWRUHAPOMQZL</tt> .
gcfoairsETag :: Lens' GetCloudFrontOriginAccessIdentityResponse (Maybe Text)

-- | The origin access identity's information.
gcfoairsCloudFrontOriginAccessIdentity :: Lens' GetCloudFrontOriginAccessIdentityResponse (Maybe CloudFrontOriginAccessIdentity)

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
gcfoairsResponseStatus :: Lens' GetCloudFrontOriginAccessIdentityResponse Int
instance GHC.Generics.Generic Network.AWS.CloudFront.GetCloudFrontOriginAccessIdentity.GetCloudFrontOriginAccessIdentityResponse
instance Data.Data.Data Network.AWS.CloudFront.GetCloudFrontOriginAccessIdentity.GetCloudFrontOriginAccessIdentityResponse
instance GHC.Show.Show Network.AWS.CloudFront.GetCloudFrontOriginAccessIdentity.GetCloudFrontOriginAccessIdentityResponse
instance GHC.Read.Read Network.AWS.CloudFront.GetCloudFrontOriginAccessIdentity.GetCloudFrontOriginAccessIdentityResponse
instance GHC.Classes.Eq Network.AWS.CloudFront.GetCloudFrontOriginAccessIdentity.GetCloudFrontOriginAccessIdentityResponse
instance GHC.Generics.Generic Network.AWS.CloudFront.GetCloudFrontOriginAccessIdentity.GetCloudFrontOriginAccessIdentity
instance Data.Data.Data Network.AWS.CloudFront.GetCloudFrontOriginAccessIdentity.GetCloudFrontOriginAccessIdentity
instance GHC.Show.Show Network.AWS.CloudFront.GetCloudFrontOriginAccessIdentity.GetCloudFrontOriginAccessIdentity
instance GHC.Read.Read Network.AWS.CloudFront.GetCloudFrontOriginAccessIdentity.GetCloudFrontOriginAccessIdentity
instance GHC.Classes.Eq Network.AWS.CloudFront.GetCloudFrontOriginAccessIdentity.GetCloudFrontOriginAccessIdentity
instance Network.AWS.Types.AWSRequest Network.AWS.CloudFront.GetCloudFrontOriginAccessIdentity.GetCloudFrontOriginAccessIdentity
instance Control.DeepSeq.NFData Network.AWS.CloudFront.GetCloudFrontOriginAccessIdentity.GetCloudFrontOriginAccessIdentityResponse
instance Data.Hashable.Class.Hashable Network.AWS.CloudFront.GetCloudFrontOriginAccessIdentity.GetCloudFrontOriginAccessIdentity
instance Control.DeepSeq.NFData Network.AWS.CloudFront.GetCloudFrontOriginAccessIdentity.GetCloudFrontOriginAccessIdentity
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CloudFront.GetCloudFrontOriginAccessIdentity.GetCloudFrontOriginAccessIdentity
instance Network.AWS.Data.Path.ToPath Network.AWS.CloudFront.GetCloudFrontOriginAccessIdentity.GetCloudFrontOriginAccessIdentity
instance Network.AWS.Data.Query.ToQuery Network.AWS.CloudFront.GetCloudFrontOriginAccessIdentity.GetCloudFrontOriginAccessIdentity


-- | Delete a streaming distribution. To delete an RTMP distribution using
--   the CloudFront API, perform the following steps.
--   
--   <b>To delete an RTMP distribution using the CloudFront API</b> :
--   
--   <ul>
--   <li>Disable the RTMP distribution.</li>
--   <li>Submit a <tt>GET Streaming Distribution Config</tt> request to get
--   the current configuration and the <tt>Etag</tt> header for the
--   distribution.</li>
--   <li>Update the XML document that was returned in the response to your
--   <tt>GET Streaming Distribution Config</tt> request to change the value
--   of <tt>Enabled</tt> to <tt>false</tt> .</li>
--   <li>Submit a <tt>PUT Streaming Distribution Config</tt> request to
--   update the configuration for your distribution. In the request body,
--   include the XML document that you updated in Step 3. Then set the
--   value of the HTTP <tt>If-Match</tt> header to the value of the
--   <tt>ETag</tt> header that CloudFront returned when you submitted the
--   <tt>GET Streaming Distribution Config</tt> request in Step 2.</li>
--   <li>Review the response to the <tt>PUT Streaming Distribution
--   Config</tt> request to confirm that the distribution was successfully
--   disabled.</li>
--   <li>Submit a <tt>GET Streaming Distribution Config</tt> request to
--   confirm that your changes have propagated. When propagation is
--   complete, the value of <tt>Status</tt> is <tt>Deployed</tt> .</li>
--   <li>Submit a <tt>DELETE Streaming Distribution</tt> request. Set the
--   value of the HTTP <tt>If-Match</tt> header to the value of the
--   <tt>ETag</tt> header that CloudFront returned when you submitted the
--   <tt>GET Streaming Distribution Config</tt> request in Step 2.</li>
--   <li>Review the response to your <tt>DELETE Streaming Distribution</tt>
--   request to confirm that the distribution was successfully
--   deleted.</li>
--   </ul>
--   
--   For information about deleting a distribution using the CloudFront
--   console, see <a>Deleting a Distribution</a> in the <i>Amazon
--   CloudFront Developer Guide</i> .
module Network.AWS.CloudFront.DeleteStreamingDistribution

-- | Creates a value of <a>DeleteStreamingDistribution</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>dsdIfMatch</a> - The value of the <tt>ETag</tt> header that you
--   received when you disabled the streaming distribution. For example:
--   <tt>E2QWRUHAPOMQZL</tt> .</li>
--   <li><a>dsdId</a> - The distribution ID.</li>
--   </ul>
deleteStreamingDistribution :: Text -> DeleteStreamingDistribution

-- | The request to delete a streaming distribution.
--   
--   <i>See:</i> <a>deleteStreamingDistribution</a> smart constructor.
data DeleteStreamingDistribution

-- | The value of the <tt>ETag</tt> header that you received when you
--   disabled the streaming distribution. For example:
--   <tt>E2QWRUHAPOMQZL</tt> .
dsdIfMatch :: Lens' DeleteStreamingDistribution (Maybe Text)

-- | The distribution ID.
dsdId :: Lens' DeleteStreamingDistribution Text

-- | Creates a value of <a>DeleteStreamingDistributionResponse</a> with the
--   minimum fields required to make a request.
deleteStreamingDistributionResponse :: DeleteStreamingDistributionResponse

-- | <i>See:</i> <a>deleteStreamingDistributionResponse</a> smart
--   constructor.
data DeleteStreamingDistributionResponse
instance GHC.Generics.Generic Network.AWS.CloudFront.DeleteStreamingDistribution.DeleteStreamingDistributionResponse
instance Data.Data.Data Network.AWS.CloudFront.DeleteStreamingDistribution.DeleteStreamingDistributionResponse
instance GHC.Show.Show Network.AWS.CloudFront.DeleteStreamingDistribution.DeleteStreamingDistributionResponse
instance GHC.Read.Read Network.AWS.CloudFront.DeleteStreamingDistribution.DeleteStreamingDistributionResponse
instance GHC.Classes.Eq Network.AWS.CloudFront.DeleteStreamingDistribution.DeleteStreamingDistributionResponse
instance GHC.Generics.Generic Network.AWS.CloudFront.DeleteStreamingDistribution.DeleteStreamingDistribution
instance Data.Data.Data Network.AWS.CloudFront.DeleteStreamingDistribution.DeleteStreamingDistribution
instance GHC.Show.Show Network.AWS.CloudFront.DeleteStreamingDistribution.DeleteStreamingDistribution
instance GHC.Read.Read Network.AWS.CloudFront.DeleteStreamingDistribution.DeleteStreamingDistribution
instance GHC.Classes.Eq Network.AWS.CloudFront.DeleteStreamingDistribution.DeleteStreamingDistribution
instance Network.AWS.Types.AWSRequest Network.AWS.CloudFront.DeleteStreamingDistribution.DeleteStreamingDistribution
instance Control.DeepSeq.NFData Network.AWS.CloudFront.DeleteStreamingDistribution.DeleteStreamingDistributionResponse
instance Data.Hashable.Class.Hashable Network.AWS.CloudFront.DeleteStreamingDistribution.DeleteStreamingDistribution
instance Control.DeepSeq.NFData Network.AWS.CloudFront.DeleteStreamingDistribution.DeleteStreamingDistribution
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CloudFront.DeleteStreamingDistribution.DeleteStreamingDistribution
instance Network.AWS.Data.Path.ToPath Network.AWS.CloudFront.DeleteStreamingDistribution.DeleteStreamingDistribution
instance Network.AWS.Data.Query.ToQuery Network.AWS.CloudFront.DeleteStreamingDistribution.DeleteStreamingDistribution


-- | Undocumented operation.
module Network.AWS.CloudFront.DeleteServiceLinkedRole

-- | Creates a value of <a>DeleteServiceLinkedRole</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>dslrRoleName</a> - Undocumented member.</li>
--   </ul>
deleteServiceLinkedRole :: Text -> DeleteServiceLinkedRole

-- | <i>See:</i> <a>deleteServiceLinkedRole</a> smart constructor.
data DeleteServiceLinkedRole

-- | Undocumented member.
dslrRoleName :: Lens' DeleteServiceLinkedRole Text

-- | Creates a value of <a>DeleteServiceLinkedRoleResponse</a> with the
--   minimum fields required to make a request.
deleteServiceLinkedRoleResponse :: DeleteServiceLinkedRoleResponse

-- | <i>See:</i> <a>deleteServiceLinkedRoleResponse</a> smart constructor.
data DeleteServiceLinkedRoleResponse
instance GHC.Generics.Generic Network.AWS.CloudFront.DeleteServiceLinkedRole.DeleteServiceLinkedRoleResponse
instance Data.Data.Data Network.AWS.CloudFront.DeleteServiceLinkedRole.DeleteServiceLinkedRoleResponse
instance GHC.Show.Show Network.AWS.CloudFront.DeleteServiceLinkedRole.DeleteServiceLinkedRoleResponse
instance GHC.Read.Read Network.AWS.CloudFront.DeleteServiceLinkedRole.DeleteServiceLinkedRoleResponse
instance GHC.Classes.Eq Network.AWS.CloudFront.DeleteServiceLinkedRole.DeleteServiceLinkedRoleResponse
instance GHC.Generics.Generic Network.AWS.CloudFront.DeleteServiceLinkedRole.DeleteServiceLinkedRole
instance Data.Data.Data Network.AWS.CloudFront.DeleteServiceLinkedRole.DeleteServiceLinkedRole
instance GHC.Show.Show Network.AWS.CloudFront.DeleteServiceLinkedRole.DeleteServiceLinkedRole
instance GHC.Read.Read Network.AWS.CloudFront.DeleteServiceLinkedRole.DeleteServiceLinkedRole
instance GHC.Classes.Eq Network.AWS.CloudFront.DeleteServiceLinkedRole.DeleteServiceLinkedRole
instance Network.AWS.Types.AWSRequest Network.AWS.CloudFront.DeleteServiceLinkedRole.DeleteServiceLinkedRole
instance Control.DeepSeq.NFData Network.AWS.CloudFront.DeleteServiceLinkedRole.DeleteServiceLinkedRoleResponse
instance Data.Hashable.Class.Hashable Network.AWS.CloudFront.DeleteServiceLinkedRole.DeleteServiceLinkedRole
instance Control.DeepSeq.NFData Network.AWS.CloudFront.DeleteServiceLinkedRole.DeleteServiceLinkedRole
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CloudFront.DeleteServiceLinkedRole.DeleteServiceLinkedRole
instance Network.AWS.Data.Path.ToPath Network.AWS.CloudFront.DeleteServiceLinkedRole.DeleteServiceLinkedRole
instance Network.AWS.Data.Query.ToQuery Network.AWS.CloudFront.DeleteServiceLinkedRole.DeleteServiceLinkedRole


-- | Remove a public key you previously added to CloudFront.
module Network.AWS.CloudFront.DeletePublicKey

-- | Creates a value of <a>DeletePublicKey</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>dpkIfMatch</a> - The value of the <tt>ETag</tt> header that you
--   received when retrieving the public key identity to delete. For
--   example: <tt>E2QWRUHAPOMQZL</tt> .</li>
--   <li><a>dpkId</a> - The ID of the public key you want to remove from
--   CloudFront.</li>
--   </ul>
deletePublicKey :: Text -> DeletePublicKey

-- | <i>See:</i> <a>deletePublicKey</a> smart constructor.
data DeletePublicKey

-- | The value of the <tt>ETag</tt> header that you received when
--   retrieving the public key identity to delete. For example:
--   <tt>E2QWRUHAPOMQZL</tt> .
dpkIfMatch :: Lens' DeletePublicKey (Maybe Text)

-- | The ID of the public key you want to remove from CloudFront.
dpkId :: Lens' DeletePublicKey Text

-- | Creates a value of <a>DeletePublicKeyResponse</a> with the minimum
--   fields required to make a request.
deletePublicKeyResponse :: DeletePublicKeyResponse

-- | <i>See:</i> <a>deletePublicKeyResponse</a> smart constructor.
data DeletePublicKeyResponse
instance GHC.Generics.Generic Network.AWS.CloudFront.DeletePublicKey.DeletePublicKeyResponse
instance Data.Data.Data Network.AWS.CloudFront.DeletePublicKey.DeletePublicKeyResponse
instance GHC.Show.Show Network.AWS.CloudFront.DeletePublicKey.DeletePublicKeyResponse
instance GHC.Read.Read Network.AWS.CloudFront.DeletePublicKey.DeletePublicKeyResponse
instance GHC.Classes.Eq Network.AWS.CloudFront.DeletePublicKey.DeletePublicKeyResponse
instance GHC.Generics.Generic Network.AWS.CloudFront.DeletePublicKey.DeletePublicKey
instance Data.Data.Data Network.AWS.CloudFront.DeletePublicKey.DeletePublicKey
instance GHC.Show.Show Network.AWS.CloudFront.DeletePublicKey.DeletePublicKey
instance GHC.Read.Read Network.AWS.CloudFront.DeletePublicKey.DeletePublicKey
instance GHC.Classes.Eq Network.AWS.CloudFront.DeletePublicKey.DeletePublicKey
instance Network.AWS.Types.AWSRequest Network.AWS.CloudFront.DeletePublicKey.DeletePublicKey
instance Control.DeepSeq.NFData Network.AWS.CloudFront.DeletePublicKey.DeletePublicKeyResponse
instance Data.Hashable.Class.Hashable Network.AWS.CloudFront.DeletePublicKey.DeletePublicKey
instance Control.DeepSeq.NFData Network.AWS.CloudFront.DeletePublicKey.DeletePublicKey
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CloudFront.DeletePublicKey.DeletePublicKey
instance Network.AWS.Data.Path.ToPath Network.AWS.CloudFront.DeletePublicKey.DeletePublicKey
instance Network.AWS.Data.Query.ToQuery Network.AWS.CloudFront.DeletePublicKey.DeletePublicKey


-- | Remove a field-level encryption profile.
module Network.AWS.CloudFront.DeleteFieldLevelEncryptionProfile

-- | Creates a value of <a>DeleteFieldLevelEncryptionProfile</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>dflepIfMatch</a> - The value of the <tt>ETag</tt> header that
--   you received when retrieving the profile to delete. For example:
--   <tt>E2QWRUHAPOMQZL</tt> .</li>
--   <li><a>dflepId</a> - Request the ID of the profile you want to delete
--   from CloudFront.</li>
--   </ul>
deleteFieldLevelEncryptionProfile :: Text -> DeleteFieldLevelEncryptionProfile

-- | <i>See:</i> <a>deleteFieldLevelEncryptionProfile</a> smart
--   constructor.
data DeleteFieldLevelEncryptionProfile

-- | The value of the <tt>ETag</tt> header that you received when
--   retrieving the profile to delete. For example: <tt>E2QWRUHAPOMQZL</tt>
--   .
dflepIfMatch :: Lens' DeleteFieldLevelEncryptionProfile (Maybe Text)

-- | Request the ID of the profile you want to delete from CloudFront.
dflepId :: Lens' DeleteFieldLevelEncryptionProfile Text

-- | Creates a value of <a>DeleteFieldLevelEncryptionProfileResponse</a>
--   with the minimum fields required to make a request.
deleteFieldLevelEncryptionProfileResponse :: DeleteFieldLevelEncryptionProfileResponse

-- | <i>See:</i> <a>deleteFieldLevelEncryptionProfileResponse</a> smart
--   constructor.
data DeleteFieldLevelEncryptionProfileResponse
instance GHC.Generics.Generic Network.AWS.CloudFront.DeleteFieldLevelEncryptionProfile.DeleteFieldLevelEncryptionProfileResponse
instance Data.Data.Data Network.AWS.CloudFront.DeleteFieldLevelEncryptionProfile.DeleteFieldLevelEncryptionProfileResponse
instance GHC.Show.Show Network.AWS.CloudFront.DeleteFieldLevelEncryptionProfile.DeleteFieldLevelEncryptionProfileResponse
instance GHC.Read.Read Network.AWS.CloudFront.DeleteFieldLevelEncryptionProfile.DeleteFieldLevelEncryptionProfileResponse
instance GHC.Classes.Eq Network.AWS.CloudFront.DeleteFieldLevelEncryptionProfile.DeleteFieldLevelEncryptionProfileResponse
instance GHC.Generics.Generic Network.AWS.CloudFront.DeleteFieldLevelEncryptionProfile.DeleteFieldLevelEncryptionProfile
instance Data.Data.Data Network.AWS.CloudFront.DeleteFieldLevelEncryptionProfile.DeleteFieldLevelEncryptionProfile
instance GHC.Show.Show Network.AWS.CloudFront.DeleteFieldLevelEncryptionProfile.DeleteFieldLevelEncryptionProfile
instance GHC.Read.Read Network.AWS.CloudFront.DeleteFieldLevelEncryptionProfile.DeleteFieldLevelEncryptionProfile
instance GHC.Classes.Eq Network.AWS.CloudFront.DeleteFieldLevelEncryptionProfile.DeleteFieldLevelEncryptionProfile
instance Network.AWS.Types.AWSRequest Network.AWS.CloudFront.DeleteFieldLevelEncryptionProfile.DeleteFieldLevelEncryptionProfile
instance Control.DeepSeq.NFData Network.AWS.CloudFront.DeleteFieldLevelEncryptionProfile.DeleteFieldLevelEncryptionProfileResponse
instance Data.Hashable.Class.Hashable Network.AWS.CloudFront.DeleteFieldLevelEncryptionProfile.DeleteFieldLevelEncryptionProfile
instance Control.DeepSeq.NFData Network.AWS.CloudFront.DeleteFieldLevelEncryptionProfile.DeleteFieldLevelEncryptionProfile
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CloudFront.DeleteFieldLevelEncryptionProfile.DeleteFieldLevelEncryptionProfile
instance Network.AWS.Data.Path.ToPath Network.AWS.CloudFront.DeleteFieldLevelEncryptionProfile.DeleteFieldLevelEncryptionProfile
instance Network.AWS.Data.Query.ToQuery Network.AWS.CloudFront.DeleteFieldLevelEncryptionProfile.DeleteFieldLevelEncryptionProfile


-- | Remove a field-level encryption configuration.
module Network.AWS.CloudFront.DeleteFieldLevelEncryptionConfig

-- | Creates a value of <a>DeleteFieldLevelEncryptionConfig</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>dflecIfMatch</a> - The value of the <tt>ETag</tt> header that
--   you received when retrieving the configuration identity to delete. For
--   example: <tt>E2QWRUHAPOMQZL</tt> .</li>
--   <li><a>dflecId</a> - The ID of the configuration you want to delete
--   from CloudFront.</li>
--   </ul>
deleteFieldLevelEncryptionConfig :: Text -> DeleteFieldLevelEncryptionConfig

-- | <i>See:</i> <a>deleteFieldLevelEncryptionConfig</a> smart constructor.
data DeleteFieldLevelEncryptionConfig

-- | The value of the <tt>ETag</tt> header that you received when
--   retrieving the configuration identity to delete. For example:
--   <tt>E2QWRUHAPOMQZL</tt> .
dflecIfMatch :: Lens' DeleteFieldLevelEncryptionConfig (Maybe Text)

-- | The ID of the configuration you want to delete from CloudFront.
dflecId :: Lens' DeleteFieldLevelEncryptionConfig Text

-- | Creates a value of <a>DeleteFieldLevelEncryptionConfigResponse</a>
--   with the minimum fields required to make a request.
deleteFieldLevelEncryptionConfigResponse :: DeleteFieldLevelEncryptionConfigResponse

-- | <i>See:</i> <a>deleteFieldLevelEncryptionConfigResponse</a> smart
--   constructor.
data DeleteFieldLevelEncryptionConfigResponse
instance GHC.Generics.Generic Network.AWS.CloudFront.DeleteFieldLevelEncryptionConfig.DeleteFieldLevelEncryptionConfigResponse
instance Data.Data.Data Network.AWS.CloudFront.DeleteFieldLevelEncryptionConfig.DeleteFieldLevelEncryptionConfigResponse
instance GHC.Show.Show Network.AWS.CloudFront.DeleteFieldLevelEncryptionConfig.DeleteFieldLevelEncryptionConfigResponse
instance GHC.Read.Read Network.AWS.CloudFront.DeleteFieldLevelEncryptionConfig.DeleteFieldLevelEncryptionConfigResponse
instance GHC.Classes.Eq Network.AWS.CloudFront.DeleteFieldLevelEncryptionConfig.DeleteFieldLevelEncryptionConfigResponse
instance GHC.Generics.Generic Network.AWS.CloudFront.DeleteFieldLevelEncryptionConfig.DeleteFieldLevelEncryptionConfig
instance Data.Data.Data Network.AWS.CloudFront.DeleteFieldLevelEncryptionConfig.DeleteFieldLevelEncryptionConfig
instance GHC.Show.Show Network.AWS.CloudFront.DeleteFieldLevelEncryptionConfig.DeleteFieldLevelEncryptionConfig
instance GHC.Read.Read Network.AWS.CloudFront.DeleteFieldLevelEncryptionConfig.DeleteFieldLevelEncryptionConfig
instance GHC.Classes.Eq Network.AWS.CloudFront.DeleteFieldLevelEncryptionConfig.DeleteFieldLevelEncryptionConfig
instance Network.AWS.Types.AWSRequest Network.AWS.CloudFront.DeleteFieldLevelEncryptionConfig.DeleteFieldLevelEncryptionConfig
instance Control.DeepSeq.NFData Network.AWS.CloudFront.DeleteFieldLevelEncryptionConfig.DeleteFieldLevelEncryptionConfigResponse
instance Data.Hashable.Class.Hashable Network.AWS.CloudFront.DeleteFieldLevelEncryptionConfig.DeleteFieldLevelEncryptionConfig
instance Control.DeepSeq.NFData Network.AWS.CloudFront.DeleteFieldLevelEncryptionConfig.DeleteFieldLevelEncryptionConfig
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CloudFront.DeleteFieldLevelEncryptionConfig.DeleteFieldLevelEncryptionConfig
instance Network.AWS.Data.Path.ToPath Network.AWS.CloudFront.DeleteFieldLevelEncryptionConfig.DeleteFieldLevelEncryptionConfig
instance Network.AWS.Data.Query.ToQuery Network.AWS.CloudFront.DeleteFieldLevelEncryptionConfig.DeleteFieldLevelEncryptionConfig


-- | Delete a distribution.
module Network.AWS.CloudFront.DeleteDistribution

-- | Creates a value of <a>DeleteDistribution</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>ddIfMatch</a> - The value of the <tt>ETag</tt> header that you
--   received when you disabled the distribution. For example:
--   <tt>E2QWRUHAPOMQZL</tt> .</li>
--   <li><a>ddId</a> - The distribution ID.</li>
--   </ul>
deleteDistribution :: Text -> DeleteDistribution

-- | This action deletes a web distribution. To delete a web distribution
--   using the CloudFront API, perform the following steps.
--   
--   <b>To delete a web distribution using the CloudFront API:</b>
--   
--   <ul>
--   <li>Disable the web distribution</li>
--   <li>Submit a <tt>GET Distribution Config</tt> request to get the
--   current configuration and the <tt>Etag</tt> header for the
--   distribution.</li>
--   <li>Update the XML document that was returned in the response to your
--   <tt>GET Distribution Config</tt> request to change the value of
--   <tt>Enabled</tt> to <tt>false</tt> .</li>
--   <li>Submit a <tt>PUT Distribution Config</tt> request to update the
--   configuration for your distribution. In the request body, include the
--   XML document that you updated in Step 3. Set the value of the HTTP
--   <tt>If-Match</tt> header to the value of the <tt>ETag</tt> header that
--   CloudFront returned when you submitted the <tt>GET Distribution
--   Config</tt> request in Step 2.</li>
--   <li>Review the response to the <tt>PUT Distribution Config</tt>
--   request to confirm that the distribution was successfully
--   disabled.</li>
--   <li>Submit a <tt>GET Distribution</tt> request to confirm that your
--   changes have propagated. When propagation is complete, the value of
--   <tt>Status</tt> is <tt>Deployed</tt> .</li>
--   <li>Submit a <tt>DELETE Distribution</tt> request. Set the value of
--   the HTTP <tt>If-Match</tt> header to the value of the <tt>ETag</tt>
--   header that CloudFront returned when you submitted the <tt>GET
--   Distribution Config</tt> request in Step 6.</li>
--   <li>Review the response to your <tt>DELETE Distribution</tt> request
--   to confirm that the distribution was successfully deleted.</li>
--   </ul>
--   
--   For information about deleting a distribution using the CloudFront
--   console, see <a>Deleting a Distribution</a> in the <i>Amazon
--   CloudFront Developer Guide</i> .
--   
--   <i>See:</i> <a>deleteDistribution</a> smart constructor.
data DeleteDistribution

-- | The value of the <tt>ETag</tt> header that you received when you
--   disabled the distribution. For example: <tt>E2QWRUHAPOMQZL</tt> .
ddIfMatch :: Lens' DeleteDistribution (Maybe Text)

-- | The distribution ID.
ddId :: Lens' DeleteDistribution Text

-- | Creates a value of <a>DeleteDistributionResponse</a> with the minimum
--   fields required to make a request.
deleteDistributionResponse :: DeleteDistributionResponse

-- | <i>See:</i> <a>deleteDistributionResponse</a> smart constructor.
data DeleteDistributionResponse
instance GHC.Generics.Generic Network.AWS.CloudFront.DeleteDistribution.DeleteDistributionResponse
instance Data.Data.Data Network.AWS.CloudFront.DeleteDistribution.DeleteDistributionResponse
instance GHC.Show.Show Network.AWS.CloudFront.DeleteDistribution.DeleteDistributionResponse
instance GHC.Read.Read Network.AWS.CloudFront.DeleteDistribution.DeleteDistributionResponse
instance GHC.Classes.Eq Network.AWS.CloudFront.DeleteDistribution.DeleteDistributionResponse
instance GHC.Generics.Generic Network.AWS.CloudFront.DeleteDistribution.DeleteDistribution
instance Data.Data.Data Network.AWS.CloudFront.DeleteDistribution.DeleteDistribution
instance GHC.Show.Show Network.AWS.CloudFront.DeleteDistribution.DeleteDistribution
instance GHC.Read.Read Network.AWS.CloudFront.DeleteDistribution.DeleteDistribution
instance GHC.Classes.Eq Network.AWS.CloudFront.DeleteDistribution.DeleteDistribution
instance Network.AWS.Types.AWSRequest Network.AWS.CloudFront.DeleteDistribution.DeleteDistribution
instance Control.DeepSeq.NFData Network.AWS.CloudFront.DeleteDistribution.DeleteDistributionResponse
instance Data.Hashable.Class.Hashable Network.AWS.CloudFront.DeleteDistribution.DeleteDistribution
instance Control.DeepSeq.NFData Network.AWS.CloudFront.DeleteDistribution.DeleteDistribution
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CloudFront.DeleteDistribution.DeleteDistribution
instance Network.AWS.Data.Path.ToPath Network.AWS.CloudFront.DeleteDistribution.DeleteDistribution
instance Network.AWS.Data.Query.ToQuery Network.AWS.CloudFront.DeleteDistribution.DeleteDistribution


-- | Delete an origin access identity.
module Network.AWS.CloudFront.DeleteCloudFrontOriginAccessIdentity

-- | Creates a value of <a>DeleteCloudFrontOriginAccessIdentity</a> with
--   the minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>dcfoaiIfMatch</a> - The value of the <tt>ETag</tt> header you
--   received from a previous <tt>GET</tt> or <tt>PUT</tt> request. For
--   example: <tt>E2QWRUHAPOMQZL</tt> .</li>
--   <li><a>dcfoaiId</a> - The origin access identity's ID.</li>
--   </ul>
deleteCloudFrontOriginAccessIdentity :: Text -> DeleteCloudFrontOriginAccessIdentity

-- | Deletes a origin access identity.
--   
--   <i>See:</i> <a>deleteCloudFrontOriginAccessIdentity</a> smart
--   constructor.
data DeleteCloudFrontOriginAccessIdentity

-- | The value of the <tt>ETag</tt> header you received from a previous
--   <tt>GET</tt> or <tt>PUT</tt> request. For example:
--   <tt>E2QWRUHAPOMQZL</tt> .
dcfoaiIfMatch :: Lens' DeleteCloudFrontOriginAccessIdentity (Maybe Text)

-- | The origin access identity's ID.
dcfoaiId :: Lens' DeleteCloudFrontOriginAccessIdentity Text

-- | Creates a value of <a>DeleteCloudFrontOriginAccessIdentityResponse</a>
--   with the minimum fields required to make a request.
deleteCloudFrontOriginAccessIdentityResponse :: DeleteCloudFrontOriginAccessIdentityResponse

-- | <i>See:</i> <a>deleteCloudFrontOriginAccessIdentityResponse</a> smart
--   constructor.
data DeleteCloudFrontOriginAccessIdentityResponse
instance GHC.Generics.Generic Network.AWS.CloudFront.DeleteCloudFrontOriginAccessIdentity.DeleteCloudFrontOriginAccessIdentityResponse
instance Data.Data.Data Network.AWS.CloudFront.DeleteCloudFrontOriginAccessIdentity.DeleteCloudFrontOriginAccessIdentityResponse
instance GHC.Show.Show Network.AWS.CloudFront.DeleteCloudFrontOriginAccessIdentity.DeleteCloudFrontOriginAccessIdentityResponse
instance GHC.Read.Read Network.AWS.CloudFront.DeleteCloudFrontOriginAccessIdentity.DeleteCloudFrontOriginAccessIdentityResponse
instance GHC.Classes.Eq Network.AWS.CloudFront.DeleteCloudFrontOriginAccessIdentity.DeleteCloudFrontOriginAccessIdentityResponse
instance GHC.Generics.Generic Network.AWS.CloudFront.DeleteCloudFrontOriginAccessIdentity.DeleteCloudFrontOriginAccessIdentity
instance Data.Data.Data Network.AWS.CloudFront.DeleteCloudFrontOriginAccessIdentity.DeleteCloudFrontOriginAccessIdentity
instance GHC.Show.Show Network.AWS.CloudFront.DeleteCloudFrontOriginAccessIdentity.DeleteCloudFrontOriginAccessIdentity
instance GHC.Read.Read Network.AWS.CloudFront.DeleteCloudFrontOriginAccessIdentity.DeleteCloudFrontOriginAccessIdentity
instance GHC.Classes.Eq Network.AWS.CloudFront.DeleteCloudFrontOriginAccessIdentity.DeleteCloudFrontOriginAccessIdentity
instance Network.AWS.Types.AWSRequest Network.AWS.CloudFront.DeleteCloudFrontOriginAccessIdentity.DeleteCloudFrontOriginAccessIdentity
instance Control.DeepSeq.NFData Network.AWS.CloudFront.DeleteCloudFrontOriginAccessIdentity.DeleteCloudFrontOriginAccessIdentityResponse
instance Data.Hashable.Class.Hashable Network.AWS.CloudFront.DeleteCloudFrontOriginAccessIdentity.DeleteCloudFrontOriginAccessIdentity
instance Control.DeepSeq.NFData Network.AWS.CloudFront.DeleteCloudFrontOriginAccessIdentity.DeleteCloudFrontOriginAccessIdentity
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CloudFront.DeleteCloudFrontOriginAccessIdentity.DeleteCloudFrontOriginAccessIdentity
instance Network.AWS.Data.Path.ToPath Network.AWS.CloudFront.DeleteCloudFrontOriginAccessIdentity.DeleteCloudFrontOriginAccessIdentity
instance Network.AWS.Data.Query.ToQuery Network.AWS.CloudFront.DeleteCloudFrontOriginAccessIdentity.DeleteCloudFrontOriginAccessIdentity


-- | Create a new streaming distribution with tags.
module Network.AWS.CloudFront.CreateStreamingDistributionWithTags

-- | Creates a value of <a>CreateStreamingDistributionWithTags</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>csdwtStreamingDistributionConfigWithTags</a> - The streaming
--   distribution's configuration information.</li>
--   </ul>
createStreamingDistributionWithTags :: StreamingDistributionConfigWithTags -> CreateStreamingDistributionWithTags

-- | The request to create a new streaming distribution with tags.
--   
--   <i>See:</i> <a>createStreamingDistributionWithTags</a> smart
--   constructor.
data CreateStreamingDistributionWithTags

-- | The streaming distribution's configuration information.
csdwtStreamingDistributionConfigWithTags :: Lens' CreateStreamingDistributionWithTags StreamingDistributionConfigWithTags

-- | Creates a value of <a>CreateStreamingDistributionWithTagsResponse</a>
--   with the minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>csdwtrsETag</a> - Undocumented member.</li>
--   <li><a>csdwtrsLocation</a> - The fully qualified URI of the new
--   streaming distribution resource just created. For
--   example:<tt><a>https://cloudfront.amazonaws.com/2010-11-01/streaming-distribution/EGTXBD79H29TRA8</a></tt>
--   .</li>
--   <li><a>csdwtrsStreamingDistribution</a> - The streaming distribution's
--   information.</li>
--   <li><a>csdwtrsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
createStreamingDistributionWithTagsResponse :: Int -> CreateStreamingDistributionWithTagsResponse

-- | The returned result of the corresponding request.
--   
--   <i>See:</i> <a>createStreamingDistributionWithTagsResponse</a> smart
--   constructor.
data CreateStreamingDistributionWithTagsResponse

-- | Undocumented member.
csdwtrsETag :: Lens' CreateStreamingDistributionWithTagsResponse (Maybe Text)

-- | The fully qualified URI of the new streaming distribution resource
--   just created. For
--   example:<tt><a>https://cloudfront.amazonaws.com/2010-11-01/streaming-distribution/EGTXBD79H29TRA8</a></tt>
--   .
csdwtrsLocation :: Lens' CreateStreamingDistributionWithTagsResponse (Maybe Text)

-- | The streaming distribution's information.
csdwtrsStreamingDistribution :: Lens' CreateStreamingDistributionWithTagsResponse (Maybe StreamingDistribution)

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
csdwtrsResponseStatus :: Lens' CreateStreamingDistributionWithTagsResponse Int
instance GHC.Generics.Generic Network.AWS.CloudFront.CreateStreamingDistributionWithTags.CreateStreamingDistributionWithTagsResponse
instance Data.Data.Data Network.AWS.CloudFront.CreateStreamingDistributionWithTags.CreateStreamingDistributionWithTagsResponse
instance GHC.Show.Show Network.AWS.CloudFront.CreateStreamingDistributionWithTags.CreateStreamingDistributionWithTagsResponse
instance GHC.Read.Read Network.AWS.CloudFront.CreateStreamingDistributionWithTags.CreateStreamingDistributionWithTagsResponse
instance GHC.Classes.Eq Network.AWS.CloudFront.CreateStreamingDistributionWithTags.CreateStreamingDistributionWithTagsResponse
instance GHC.Generics.Generic Network.AWS.CloudFront.CreateStreamingDistributionWithTags.CreateStreamingDistributionWithTags
instance Data.Data.Data Network.AWS.CloudFront.CreateStreamingDistributionWithTags.CreateStreamingDistributionWithTags
instance GHC.Show.Show Network.AWS.CloudFront.CreateStreamingDistributionWithTags.CreateStreamingDistributionWithTags
instance GHC.Read.Read Network.AWS.CloudFront.CreateStreamingDistributionWithTags.CreateStreamingDistributionWithTags
instance GHC.Classes.Eq Network.AWS.CloudFront.CreateStreamingDistributionWithTags.CreateStreamingDistributionWithTags
instance Network.AWS.Types.AWSRequest Network.AWS.CloudFront.CreateStreamingDistributionWithTags.CreateStreamingDistributionWithTags
instance Control.DeepSeq.NFData Network.AWS.CloudFront.CreateStreamingDistributionWithTags.CreateStreamingDistributionWithTagsResponse
instance Data.Hashable.Class.Hashable Network.AWS.CloudFront.CreateStreamingDistributionWithTags.CreateStreamingDistributionWithTags
instance Control.DeepSeq.NFData Network.AWS.CloudFront.CreateStreamingDistributionWithTags.CreateStreamingDistributionWithTags
instance Network.AWS.Data.XML.ToElement Network.AWS.CloudFront.CreateStreamingDistributionWithTags.CreateStreamingDistributionWithTags
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CloudFront.CreateStreamingDistributionWithTags.CreateStreamingDistributionWithTags
instance Network.AWS.Data.Path.ToPath Network.AWS.CloudFront.CreateStreamingDistributionWithTags.CreateStreamingDistributionWithTags
instance Network.AWS.Data.Query.ToQuery Network.AWS.CloudFront.CreateStreamingDistributionWithTags.CreateStreamingDistributionWithTags


-- | Creates a new RMTP distribution. An RTMP distribution is similar to a
--   web distribution, but an RTMP distribution streams media files using
--   the Adobe Real-Time Messaging Protocol (RTMP) instead of serving files
--   using HTTP.
--   
--   To create a new web distribution, submit a <tt>POST</tt> request to
--   the <i>CloudFront API version</i> <i>distribution resource. The
--   request body must include a document with a
--   </i>StreamingDistributionConfig/ element. The response echoes the
--   <tt>StreamingDistributionConfig</tt> element and returns other
--   information about the RTMP distribution.
--   
--   To get the status of your request, use the <i>GET
--   StreamingDistribution</i> API action. When the value of
--   <tt>Enabled</tt> is <tt>true</tt> and the value of <tt>Status</tt> is
--   <tt>Deployed</tt> , your distribution is ready. A distribution usually
--   deploys in less than 15 minutes.
--   
--   For more information about web distributions, see <a>Working with RTMP
--   Distributions</a> in the <i>Amazon CloudFront Developer Guide</i> .
--   
--   <i>Important:</i> Beginning with the 2012-05-05 version of the
--   CloudFront API, we made substantial changes to the format of the XML
--   document that you include in the request body when you create or
--   update a web distribution or an RTMP distribution, and when you
--   invalidate objects. With previous versions of the API, we discovered
--   that it was too easy to accidentally delete one or more values for an
--   element that accepts multiple values, for example, CNAMEs and trusted
--   signers. Our changes for the 2012-05-05 release are intended to
--   prevent these accidental deletions and to notify you when there's a
--   mismatch between the number of values you say you're specifying in the
--   <tt>Quantity</tt> element and the number of values specified.
module Network.AWS.CloudFront.CreateStreamingDistribution

-- | Creates a value of <a>CreateStreamingDistribution</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>csdStreamingDistributionConfig</a> - The streaming
--   distribution's configuration information.</li>
--   </ul>
createStreamingDistribution :: StreamingDistributionConfig -> CreateStreamingDistribution

-- | The request to create a new streaming distribution.
--   
--   <i>See:</i> <a>createStreamingDistribution</a> smart constructor.
data CreateStreamingDistribution

-- | The streaming distribution's configuration information.
csdStreamingDistributionConfig :: Lens' CreateStreamingDistribution StreamingDistributionConfig

-- | Creates a value of <a>CreateStreamingDistributionResponse</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>csdrsETag</a> - The current version of the streaming
--   distribution created.</li>
--   <li><a>csdrsLocation</a> - The fully qualified URI of the new
--   streaming distribution resource just created. For example:
--   <tt><a>https://cloudfront.amazonaws.com/2010-11-01/streaming-distribution/EGTXBD79H29TRA8</a></tt>
--   .</li>
--   <li><a>csdrsStreamingDistribution</a> - The streaming distribution's
--   information.</li>
--   <li><a>csdrsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
createStreamingDistributionResponse :: Int -> CreateStreamingDistributionResponse

-- | The returned result of the corresponding request.
--   
--   <i>See:</i> <a>createStreamingDistributionResponse</a> smart
--   constructor.
data CreateStreamingDistributionResponse

-- | The current version of the streaming distribution created.
csdrsETag :: Lens' CreateStreamingDistributionResponse (Maybe Text)

-- | The fully qualified URI of the new streaming distribution resource
--   just created. For example:
--   <tt><a>https://cloudfront.amazonaws.com/2010-11-01/streaming-distribution/EGTXBD79H29TRA8</a></tt>
--   .
csdrsLocation :: Lens' CreateStreamingDistributionResponse (Maybe Text)

-- | The streaming distribution's information.
csdrsStreamingDistribution :: Lens' CreateStreamingDistributionResponse (Maybe StreamingDistribution)

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
csdrsResponseStatus :: Lens' CreateStreamingDistributionResponse Int
instance GHC.Generics.Generic Network.AWS.CloudFront.CreateStreamingDistribution.CreateStreamingDistributionResponse
instance Data.Data.Data Network.AWS.CloudFront.CreateStreamingDistribution.CreateStreamingDistributionResponse
instance GHC.Show.Show Network.AWS.CloudFront.CreateStreamingDistribution.CreateStreamingDistributionResponse
instance GHC.Read.Read Network.AWS.CloudFront.CreateStreamingDistribution.CreateStreamingDistributionResponse
instance GHC.Classes.Eq Network.AWS.CloudFront.CreateStreamingDistribution.CreateStreamingDistributionResponse
instance GHC.Generics.Generic Network.AWS.CloudFront.CreateStreamingDistribution.CreateStreamingDistribution
instance Data.Data.Data Network.AWS.CloudFront.CreateStreamingDistribution.CreateStreamingDistribution
instance GHC.Show.Show Network.AWS.CloudFront.CreateStreamingDistribution.CreateStreamingDistribution
instance GHC.Read.Read Network.AWS.CloudFront.CreateStreamingDistribution.CreateStreamingDistribution
instance GHC.Classes.Eq Network.AWS.CloudFront.CreateStreamingDistribution.CreateStreamingDistribution
instance Network.AWS.Types.AWSRequest Network.AWS.CloudFront.CreateStreamingDistribution.CreateStreamingDistribution
instance Control.DeepSeq.NFData Network.AWS.CloudFront.CreateStreamingDistribution.CreateStreamingDistributionResponse
instance Data.Hashable.Class.Hashable Network.AWS.CloudFront.CreateStreamingDistribution.CreateStreamingDistribution
instance Control.DeepSeq.NFData Network.AWS.CloudFront.CreateStreamingDistribution.CreateStreamingDistribution
instance Network.AWS.Data.XML.ToElement Network.AWS.CloudFront.CreateStreamingDistribution.CreateStreamingDistribution
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CloudFront.CreateStreamingDistribution.CreateStreamingDistribution
instance Network.AWS.Data.Path.ToPath Network.AWS.CloudFront.CreateStreamingDistribution.CreateStreamingDistribution
instance Network.AWS.Data.Query.ToQuery Network.AWS.CloudFront.CreateStreamingDistribution.CreateStreamingDistribution


-- | Add a new public key to CloudFront to use, for example, for
--   field-level encryption. You can add a maximum of 10 public keys with
--   one AWS account.
module Network.AWS.CloudFront.CreatePublicKey

-- | Creates a value of <a>CreatePublicKey</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>cpkPublicKeyConfig</a> - The request to add a public key to
--   CloudFront.</li>
--   </ul>
createPublicKey :: PublicKeyConfig -> CreatePublicKey

-- | <i>See:</i> <a>createPublicKey</a> smart constructor.
data CreatePublicKey

-- | The request to add a public key to CloudFront.
cpkPublicKeyConfig :: Lens' CreatePublicKey PublicKeyConfig

-- | Creates a value of <a>CreatePublicKeyResponse</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>cpkrsETag</a> - The current version of the public key. For
--   example: <tt>E2QWRUHAPOMQZL</tt> .</li>
--   <li><a>cpkrsLocation</a> - The fully qualified URI of the new public
--   key resource just created. For example:
--   <tt><a>https://cloudfront.amazonaws.com/2010-11-01/cloudfront-public-key/EDFDVBD632BHDS5</a></tt>
--   .</li>
--   <li><a>cpkrsPublicKey</a> - Returned when you add a public key.</li>
--   <li><a>cpkrsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
createPublicKeyResponse :: Int -> CreatePublicKeyResponse

-- | <i>See:</i> <a>createPublicKeyResponse</a> smart constructor.
data CreatePublicKeyResponse

-- | The current version of the public key. For example:
--   <tt>E2QWRUHAPOMQZL</tt> .
cpkrsETag :: Lens' CreatePublicKeyResponse (Maybe Text)

-- | The fully qualified URI of the new public key resource just created.
--   For example:
--   <tt><a>https://cloudfront.amazonaws.com/2010-11-01/cloudfront-public-key/EDFDVBD632BHDS5</a></tt>
--   .
cpkrsLocation :: Lens' CreatePublicKeyResponse (Maybe Text)

-- | Returned when you add a public key.
cpkrsPublicKey :: Lens' CreatePublicKeyResponse (Maybe PublicKey)

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
cpkrsResponseStatus :: Lens' CreatePublicKeyResponse Int
instance GHC.Generics.Generic Network.AWS.CloudFront.CreatePublicKey.CreatePublicKeyResponse
instance Data.Data.Data Network.AWS.CloudFront.CreatePublicKey.CreatePublicKeyResponse
instance GHC.Show.Show Network.AWS.CloudFront.CreatePublicKey.CreatePublicKeyResponse
instance GHC.Read.Read Network.AWS.CloudFront.CreatePublicKey.CreatePublicKeyResponse
instance GHC.Classes.Eq Network.AWS.CloudFront.CreatePublicKey.CreatePublicKeyResponse
instance GHC.Generics.Generic Network.AWS.CloudFront.CreatePublicKey.CreatePublicKey
instance Data.Data.Data Network.AWS.CloudFront.CreatePublicKey.CreatePublicKey
instance GHC.Show.Show Network.AWS.CloudFront.CreatePublicKey.CreatePublicKey
instance GHC.Read.Read Network.AWS.CloudFront.CreatePublicKey.CreatePublicKey
instance GHC.Classes.Eq Network.AWS.CloudFront.CreatePublicKey.CreatePublicKey
instance Network.AWS.Types.AWSRequest Network.AWS.CloudFront.CreatePublicKey.CreatePublicKey
instance Control.DeepSeq.NFData Network.AWS.CloudFront.CreatePublicKey.CreatePublicKeyResponse
instance Data.Hashable.Class.Hashable Network.AWS.CloudFront.CreatePublicKey.CreatePublicKey
instance Control.DeepSeq.NFData Network.AWS.CloudFront.CreatePublicKey.CreatePublicKey
instance Network.AWS.Data.XML.ToElement Network.AWS.CloudFront.CreatePublicKey.CreatePublicKey
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CloudFront.CreatePublicKey.CreatePublicKey
instance Network.AWS.Data.Path.ToPath Network.AWS.CloudFront.CreatePublicKey.CreatePublicKey
instance Network.AWS.Data.Query.ToQuery Network.AWS.CloudFront.CreatePublicKey.CreatePublicKey


-- | Create a new invalidation.
module Network.AWS.CloudFront.CreateInvalidation

-- | Creates a value of <a>CreateInvalidation</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>ciDistributionId</a> - The distribution's id.</li>
--   <li><a>ciInvalidationBatch</a> - The batch information for the
--   invalidation.</li>
--   </ul>
createInvalidation :: Text -> InvalidationBatch -> CreateInvalidation

-- | The request to create an invalidation.
--   
--   <i>See:</i> <a>createInvalidation</a> smart constructor.
data CreateInvalidation

-- | The distribution's id.
ciDistributionId :: Lens' CreateInvalidation Text

-- | The batch information for the invalidation.
ciInvalidationBatch :: Lens' CreateInvalidation InvalidationBatch

-- | Creates a value of <a>CreateInvalidationResponse</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>cirsInvalidation</a> - The invalidation's information.</li>
--   <li><a>cirsLocation</a> - The fully qualified URI of the distribution
--   and invalidation batch request, including the <tt>Invalidation ID</tt>
--   .</li>
--   <li><a>cirsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
createInvalidationResponse :: Int -> CreateInvalidationResponse

-- | The returned result of the corresponding request.
--   
--   <i>See:</i> <a>createInvalidationResponse</a> smart constructor.
data CreateInvalidationResponse

-- | The invalidation's information.
cirsInvalidation :: Lens' CreateInvalidationResponse (Maybe Invalidation)

-- | The fully qualified URI of the distribution and invalidation batch
--   request, including the <tt>Invalidation ID</tt> .
cirsLocation :: Lens' CreateInvalidationResponse (Maybe Text)

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
cirsResponseStatus :: Lens' CreateInvalidationResponse Int
instance GHC.Generics.Generic Network.AWS.CloudFront.CreateInvalidation.CreateInvalidationResponse
instance Data.Data.Data Network.AWS.CloudFront.CreateInvalidation.CreateInvalidationResponse
instance GHC.Show.Show Network.AWS.CloudFront.CreateInvalidation.CreateInvalidationResponse
instance GHC.Read.Read Network.AWS.CloudFront.CreateInvalidation.CreateInvalidationResponse
instance GHC.Classes.Eq Network.AWS.CloudFront.CreateInvalidation.CreateInvalidationResponse
instance GHC.Generics.Generic Network.AWS.CloudFront.CreateInvalidation.CreateInvalidation
instance Data.Data.Data Network.AWS.CloudFront.CreateInvalidation.CreateInvalidation
instance GHC.Show.Show Network.AWS.CloudFront.CreateInvalidation.CreateInvalidation
instance GHC.Read.Read Network.AWS.CloudFront.CreateInvalidation.CreateInvalidation
instance GHC.Classes.Eq Network.AWS.CloudFront.CreateInvalidation.CreateInvalidation
instance Network.AWS.Types.AWSRequest Network.AWS.CloudFront.CreateInvalidation.CreateInvalidation
instance Control.DeepSeq.NFData Network.AWS.CloudFront.CreateInvalidation.CreateInvalidationResponse
instance Data.Hashable.Class.Hashable Network.AWS.CloudFront.CreateInvalidation.CreateInvalidation
instance Control.DeepSeq.NFData Network.AWS.CloudFront.CreateInvalidation.CreateInvalidation
instance Network.AWS.Data.XML.ToElement Network.AWS.CloudFront.CreateInvalidation.CreateInvalidation
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CloudFront.CreateInvalidation.CreateInvalidation
instance Network.AWS.Data.Path.ToPath Network.AWS.CloudFront.CreateInvalidation.CreateInvalidation
instance Network.AWS.Data.Query.ToQuery Network.AWS.CloudFront.CreateInvalidation.CreateInvalidation


-- | Create a field-level encryption profile.
module Network.AWS.CloudFront.CreateFieldLevelEncryptionProfile

-- | Creates a value of <a>CreateFieldLevelEncryptionProfile</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>cflepFieldLevelEncryptionProfileConfig</a> - The request to
--   create a field-level encryption profile.</li>
--   </ul>
createFieldLevelEncryptionProfile :: FieldLevelEncryptionProfileConfig -> CreateFieldLevelEncryptionProfile

-- | <i>See:</i> <a>createFieldLevelEncryptionProfile</a> smart
--   constructor.
data CreateFieldLevelEncryptionProfile

-- | The request to create a field-level encryption profile.
cflepFieldLevelEncryptionProfileConfig :: Lens' CreateFieldLevelEncryptionProfile FieldLevelEncryptionProfileConfig

-- | Creates a value of <a>CreateFieldLevelEncryptionProfileResponse</a>
--   with the minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>cfleprsETag</a> - The current version of the field level
--   encryption profile. For example: <tt>E2QWRUHAPOMQZL</tt> .</li>
--   <li><a>cfleprsLocation</a> - The fully qualified URI of the new
--   profile resource just created. For example:
--   <tt><a>https://cloudfront.amazonaws.com/2010-11-01/field-level-encryption-profile/EDFDVBD632BHDS5</a></tt>
--   .</li>
--   <li><a>cfleprsFieldLevelEncryptionProfile</a> - Returned when you
--   create a new field-level encryption profile.</li>
--   <li><a>cfleprsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
createFieldLevelEncryptionProfileResponse :: Int -> CreateFieldLevelEncryptionProfileResponse

-- | <i>See:</i> <a>createFieldLevelEncryptionProfileResponse</a> smart
--   constructor.
data CreateFieldLevelEncryptionProfileResponse

-- | The current version of the field level encryption profile. For
--   example: <tt>E2QWRUHAPOMQZL</tt> .
cfleprsETag :: Lens' CreateFieldLevelEncryptionProfileResponse (Maybe Text)

-- | The fully qualified URI of the new profile resource just created. For
--   example:
--   <tt><a>https://cloudfront.amazonaws.com/2010-11-01/field-level-encryption-profile/EDFDVBD632BHDS5</a></tt>
--   .
cfleprsLocation :: Lens' CreateFieldLevelEncryptionProfileResponse (Maybe Text)

-- | Returned when you create a new field-level encryption profile.
cfleprsFieldLevelEncryptionProfile :: Lens' CreateFieldLevelEncryptionProfileResponse (Maybe FieldLevelEncryptionProfile)

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
cfleprsResponseStatus :: Lens' CreateFieldLevelEncryptionProfileResponse Int
instance GHC.Generics.Generic Network.AWS.CloudFront.CreateFieldLevelEncryptionProfile.CreateFieldLevelEncryptionProfileResponse
instance Data.Data.Data Network.AWS.CloudFront.CreateFieldLevelEncryptionProfile.CreateFieldLevelEncryptionProfileResponse
instance GHC.Show.Show Network.AWS.CloudFront.CreateFieldLevelEncryptionProfile.CreateFieldLevelEncryptionProfileResponse
instance GHC.Read.Read Network.AWS.CloudFront.CreateFieldLevelEncryptionProfile.CreateFieldLevelEncryptionProfileResponse
instance GHC.Classes.Eq Network.AWS.CloudFront.CreateFieldLevelEncryptionProfile.CreateFieldLevelEncryptionProfileResponse
instance GHC.Generics.Generic Network.AWS.CloudFront.CreateFieldLevelEncryptionProfile.CreateFieldLevelEncryptionProfile
instance Data.Data.Data Network.AWS.CloudFront.CreateFieldLevelEncryptionProfile.CreateFieldLevelEncryptionProfile
instance GHC.Show.Show Network.AWS.CloudFront.CreateFieldLevelEncryptionProfile.CreateFieldLevelEncryptionProfile
instance GHC.Read.Read Network.AWS.CloudFront.CreateFieldLevelEncryptionProfile.CreateFieldLevelEncryptionProfile
instance GHC.Classes.Eq Network.AWS.CloudFront.CreateFieldLevelEncryptionProfile.CreateFieldLevelEncryptionProfile
instance Network.AWS.Types.AWSRequest Network.AWS.CloudFront.CreateFieldLevelEncryptionProfile.CreateFieldLevelEncryptionProfile
instance Control.DeepSeq.NFData Network.AWS.CloudFront.CreateFieldLevelEncryptionProfile.CreateFieldLevelEncryptionProfileResponse
instance Data.Hashable.Class.Hashable Network.AWS.CloudFront.CreateFieldLevelEncryptionProfile.CreateFieldLevelEncryptionProfile
instance Control.DeepSeq.NFData Network.AWS.CloudFront.CreateFieldLevelEncryptionProfile.CreateFieldLevelEncryptionProfile
instance Network.AWS.Data.XML.ToElement Network.AWS.CloudFront.CreateFieldLevelEncryptionProfile.CreateFieldLevelEncryptionProfile
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CloudFront.CreateFieldLevelEncryptionProfile.CreateFieldLevelEncryptionProfile
instance Network.AWS.Data.Path.ToPath Network.AWS.CloudFront.CreateFieldLevelEncryptionProfile.CreateFieldLevelEncryptionProfile
instance Network.AWS.Data.Query.ToQuery Network.AWS.CloudFront.CreateFieldLevelEncryptionProfile.CreateFieldLevelEncryptionProfile


-- | Create a new field-level encryption configuration.
module Network.AWS.CloudFront.CreateFieldLevelEncryptionConfig

-- | Creates a value of <a>CreateFieldLevelEncryptionConfig</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>cflecFieldLevelEncryptionConfig</a> - The request to create a
--   new field-level encryption configuration.</li>
--   </ul>
createFieldLevelEncryptionConfig :: FieldLevelEncryptionConfig -> CreateFieldLevelEncryptionConfig

-- | <i>See:</i> <a>createFieldLevelEncryptionConfig</a> smart constructor.
data CreateFieldLevelEncryptionConfig

-- | The request to create a new field-level encryption configuration.
cflecFieldLevelEncryptionConfig :: Lens' CreateFieldLevelEncryptionConfig FieldLevelEncryptionConfig

-- | Creates a value of <a>CreateFieldLevelEncryptionConfigResponse</a>
--   with the minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>cflecrsETag</a> - The current version of the field level
--   encryption configuration. For example: <tt>E2QWRUHAPOMQZL</tt> .</li>
--   <li><a>cflecrsLocation</a> - The fully qualified URI of the new
--   configuration resource just created. For example:
--   <tt><a>https://cloudfront.amazonaws.com/2010-11-01/field-level-encryption-config/EDFDVBD632BHDS5</a></tt>
--   .</li>
--   <li><a>cflecrsFieldLevelEncryption</a> - Returned when you create a
--   new field-level encryption configuration.</li>
--   <li><a>cflecrsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
createFieldLevelEncryptionConfigResponse :: Int -> CreateFieldLevelEncryptionConfigResponse

-- | <i>See:</i> <a>createFieldLevelEncryptionConfigResponse</a> smart
--   constructor.
data CreateFieldLevelEncryptionConfigResponse

-- | The current version of the field level encryption configuration. For
--   example: <tt>E2QWRUHAPOMQZL</tt> .
cflecrsETag :: Lens' CreateFieldLevelEncryptionConfigResponse (Maybe Text)

-- | The fully qualified URI of the new configuration resource just
--   created. For example:
--   <tt><a>https://cloudfront.amazonaws.com/2010-11-01/field-level-encryption-config/EDFDVBD632BHDS5</a></tt>
--   .
cflecrsLocation :: Lens' CreateFieldLevelEncryptionConfigResponse (Maybe Text)

-- | Returned when you create a new field-level encryption configuration.
cflecrsFieldLevelEncryption :: Lens' CreateFieldLevelEncryptionConfigResponse (Maybe FieldLevelEncryption)

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
cflecrsResponseStatus :: Lens' CreateFieldLevelEncryptionConfigResponse Int
instance GHC.Generics.Generic Network.AWS.CloudFront.CreateFieldLevelEncryptionConfig.CreateFieldLevelEncryptionConfigResponse
instance Data.Data.Data Network.AWS.CloudFront.CreateFieldLevelEncryptionConfig.CreateFieldLevelEncryptionConfigResponse
instance GHC.Show.Show Network.AWS.CloudFront.CreateFieldLevelEncryptionConfig.CreateFieldLevelEncryptionConfigResponse
instance GHC.Read.Read Network.AWS.CloudFront.CreateFieldLevelEncryptionConfig.CreateFieldLevelEncryptionConfigResponse
instance GHC.Classes.Eq Network.AWS.CloudFront.CreateFieldLevelEncryptionConfig.CreateFieldLevelEncryptionConfigResponse
instance GHC.Generics.Generic Network.AWS.CloudFront.CreateFieldLevelEncryptionConfig.CreateFieldLevelEncryptionConfig
instance Data.Data.Data Network.AWS.CloudFront.CreateFieldLevelEncryptionConfig.CreateFieldLevelEncryptionConfig
instance GHC.Show.Show Network.AWS.CloudFront.CreateFieldLevelEncryptionConfig.CreateFieldLevelEncryptionConfig
instance GHC.Read.Read Network.AWS.CloudFront.CreateFieldLevelEncryptionConfig.CreateFieldLevelEncryptionConfig
instance GHC.Classes.Eq Network.AWS.CloudFront.CreateFieldLevelEncryptionConfig.CreateFieldLevelEncryptionConfig
instance Network.AWS.Types.AWSRequest Network.AWS.CloudFront.CreateFieldLevelEncryptionConfig.CreateFieldLevelEncryptionConfig
instance Control.DeepSeq.NFData Network.AWS.CloudFront.CreateFieldLevelEncryptionConfig.CreateFieldLevelEncryptionConfigResponse
instance Data.Hashable.Class.Hashable Network.AWS.CloudFront.CreateFieldLevelEncryptionConfig.CreateFieldLevelEncryptionConfig
instance Control.DeepSeq.NFData Network.AWS.CloudFront.CreateFieldLevelEncryptionConfig.CreateFieldLevelEncryptionConfig
instance Network.AWS.Data.XML.ToElement Network.AWS.CloudFront.CreateFieldLevelEncryptionConfig.CreateFieldLevelEncryptionConfig
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CloudFront.CreateFieldLevelEncryptionConfig.CreateFieldLevelEncryptionConfig
instance Network.AWS.Data.Path.ToPath Network.AWS.CloudFront.CreateFieldLevelEncryptionConfig.CreateFieldLevelEncryptionConfig
instance Network.AWS.Data.Query.ToQuery Network.AWS.CloudFront.CreateFieldLevelEncryptionConfig.CreateFieldLevelEncryptionConfig


-- | Create a new distribution with tags.
module Network.AWS.CloudFront.CreateDistributionWithTags

-- | Creates a value of <a>CreateDistributionWithTags</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>cdwtDistributionConfigWithTags</a> - The distribution's
--   configuration information.</li>
--   </ul>
createDistributionWithTags :: DistributionConfigWithTags -> CreateDistributionWithTags

-- | The request to create a new distribution with tags.
--   
--   <i>See:</i> <a>createDistributionWithTags</a> smart constructor.
data CreateDistributionWithTags

-- | The distribution's configuration information.
cdwtDistributionConfigWithTags :: Lens' CreateDistributionWithTags DistributionConfigWithTags

-- | Creates a value of <a>CreateDistributionWithTagsResponse</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>cdwtrsETag</a> - The current version of the distribution
--   created.</li>
--   <li><a>cdwtrsDistribution</a> - The distribution's information.</li>
--   <li><a>cdwtrsLocation</a> - The fully qualified URI of the new
--   distribution resource just created. For example:
--   <tt><a>https://cloudfront.amazonaws.com/2010-11-01/distribution/EDFDVBD632BHDS5</a></tt>
--   .</li>
--   <li><a>cdwtrsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
createDistributionWithTagsResponse :: Int -> CreateDistributionWithTagsResponse

-- | The returned result of the corresponding request.
--   
--   <i>See:</i> <a>createDistributionWithTagsResponse</a> smart
--   constructor.
data CreateDistributionWithTagsResponse

-- | The current version of the distribution created.
cdwtrsETag :: Lens' CreateDistributionWithTagsResponse (Maybe Text)

-- | The distribution's information.
cdwtrsDistribution :: Lens' CreateDistributionWithTagsResponse (Maybe Distribution)

-- | The fully qualified URI of the new distribution resource just created.
--   For example:
--   <tt><a>https://cloudfront.amazonaws.com/2010-11-01/distribution/EDFDVBD632BHDS5</a></tt>
--   .
cdwtrsLocation :: Lens' CreateDistributionWithTagsResponse (Maybe Text)

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
cdwtrsResponseStatus :: Lens' CreateDistributionWithTagsResponse Int
instance GHC.Generics.Generic Network.AWS.CloudFront.CreateDistributionWithTags.CreateDistributionWithTagsResponse
instance Data.Data.Data Network.AWS.CloudFront.CreateDistributionWithTags.CreateDistributionWithTagsResponse
instance GHC.Show.Show Network.AWS.CloudFront.CreateDistributionWithTags.CreateDistributionWithTagsResponse
instance GHC.Read.Read Network.AWS.CloudFront.CreateDistributionWithTags.CreateDistributionWithTagsResponse
instance GHC.Classes.Eq Network.AWS.CloudFront.CreateDistributionWithTags.CreateDistributionWithTagsResponse
instance GHC.Generics.Generic Network.AWS.CloudFront.CreateDistributionWithTags.CreateDistributionWithTags
instance Data.Data.Data Network.AWS.CloudFront.CreateDistributionWithTags.CreateDistributionWithTags
instance GHC.Show.Show Network.AWS.CloudFront.CreateDistributionWithTags.CreateDistributionWithTags
instance GHC.Read.Read Network.AWS.CloudFront.CreateDistributionWithTags.CreateDistributionWithTags
instance GHC.Classes.Eq Network.AWS.CloudFront.CreateDistributionWithTags.CreateDistributionWithTags
instance Network.AWS.Types.AWSRequest Network.AWS.CloudFront.CreateDistributionWithTags.CreateDistributionWithTags
instance Control.DeepSeq.NFData Network.AWS.CloudFront.CreateDistributionWithTags.CreateDistributionWithTagsResponse
instance Data.Hashable.Class.Hashable Network.AWS.CloudFront.CreateDistributionWithTags.CreateDistributionWithTags
instance Control.DeepSeq.NFData Network.AWS.CloudFront.CreateDistributionWithTags.CreateDistributionWithTags
instance Network.AWS.Data.XML.ToElement Network.AWS.CloudFront.CreateDistributionWithTags.CreateDistributionWithTags
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CloudFront.CreateDistributionWithTags.CreateDistributionWithTags
instance Network.AWS.Data.Path.ToPath Network.AWS.CloudFront.CreateDistributionWithTags.CreateDistributionWithTags
instance Network.AWS.Data.Query.ToQuery Network.AWS.CloudFront.CreateDistributionWithTags.CreateDistributionWithTags


-- | Creates a new web distribution. Send a <tt>POST</tt> request to the
--   <tt>/<i>CloudFront API version</i> /distribution</tt>
--   /<tt>distribution ID</tt> resource.
module Network.AWS.CloudFront.CreateDistribution

-- | Creates a value of <a>CreateDistribution</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>cdDistributionConfig</a> - The distribution's configuration
--   information.</li>
--   </ul>
createDistribution :: DistributionConfig -> CreateDistribution

-- | The request to create a new distribution.
--   
--   <i>See:</i> <a>createDistribution</a> smart constructor.
data CreateDistribution

-- | The distribution's configuration information.
cdDistributionConfig :: Lens' CreateDistribution DistributionConfig

-- | Creates a value of <a>CreateDistributionResponse</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>cdrsETag</a> - The current version of the distribution
--   created.</li>
--   <li><a>cdrsDistribution</a> - The distribution's information.</li>
--   <li><a>cdrsLocation</a> - The fully qualified URI of the new
--   distribution resource just created. For example:
--   <tt><a>https://cloudfront.amazonaws.com/2010-11-01/distribution/EDFDVBD632BHDS5</a></tt>
--   .</li>
--   <li><a>cdrsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
createDistributionResponse :: Int -> CreateDistributionResponse

-- | The returned result of the corresponding request.
--   
--   <i>See:</i> <a>createDistributionResponse</a> smart constructor.
data CreateDistributionResponse

-- | The current version of the distribution created.
cdrsETag :: Lens' CreateDistributionResponse (Maybe Text)

-- | The distribution's information.
cdrsDistribution :: Lens' CreateDistributionResponse (Maybe Distribution)

-- | The fully qualified URI of the new distribution resource just created.
--   For example:
--   <tt><a>https://cloudfront.amazonaws.com/2010-11-01/distribution/EDFDVBD632BHDS5</a></tt>
--   .
cdrsLocation :: Lens' CreateDistributionResponse (Maybe Text)

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
cdrsResponseStatus :: Lens' CreateDistributionResponse Int
instance GHC.Generics.Generic Network.AWS.CloudFront.CreateDistribution.CreateDistributionResponse
instance Data.Data.Data Network.AWS.CloudFront.CreateDistribution.CreateDistributionResponse
instance GHC.Show.Show Network.AWS.CloudFront.CreateDistribution.CreateDistributionResponse
instance GHC.Read.Read Network.AWS.CloudFront.CreateDistribution.CreateDistributionResponse
instance GHC.Classes.Eq Network.AWS.CloudFront.CreateDistribution.CreateDistributionResponse
instance GHC.Generics.Generic Network.AWS.CloudFront.CreateDistribution.CreateDistribution
instance Data.Data.Data Network.AWS.CloudFront.CreateDistribution.CreateDistribution
instance GHC.Show.Show Network.AWS.CloudFront.CreateDistribution.CreateDistribution
instance GHC.Read.Read Network.AWS.CloudFront.CreateDistribution.CreateDistribution
instance GHC.Classes.Eq Network.AWS.CloudFront.CreateDistribution.CreateDistribution
instance Network.AWS.Types.AWSRequest Network.AWS.CloudFront.CreateDistribution.CreateDistribution
instance Control.DeepSeq.NFData Network.AWS.CloudFront.CreateDistribution.CreateDistributionResponse
instance Data.Hashable.Class.Hashable Network.AWS.CloudFront.CreateDistribution.CreateDistribution
instance Control.DeepSeq.NFData Network.AWS.CloudFront.CreateDistribution.CreateDistribution
instance Network.AWS.Data.XML.ToElement Network.AWS.CloudFront.CreateDistribution.CreateDistribution
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CloudFront.CreateDistribution.CreateDistribution
instance Network.AWS.Data.Path.ToPath Network.AWS.CloudFront.CreateDistribution.CreateDistribution
instance Network.AWS.Data.Query.ToQuery Network.AWS.CloudFront.CreateDistribution.CreateDistribution


-- | Creates a new origin access identity. If you're using Amazon S3 for
--   your origin, you can use an origin access identity to require users to
--   access your content using a CloudFront URL instead of the Amazon S3
--   URL. For more information about how to use origin access identities,
--   see <a>Serving Private Content through CloudFront</a> in the <i>Amazon
--   CloudFront Developer Guide</i> .
module Network.AWS.CloudFront.CreateCloudFrontOriginAccessIdentity

-- | Creates a value of <a>CreateCloudFrontOriginAccessIdentity</a> with
--   the minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>ccfoaiCloudFrontOriginAccessIdentityConfig</a> - The current
--   configuration information for the identity.</li>
--   </ul>
createCloudFrontOriginAccessIdentity :: CloudFrontOriginAccessIdentityConfig -> CreateCloudFrontOriginAccessIdentity

-- | The request to create a new origin access identity.
--   
--   <i>See:</i> <a>createCloudFrontOriginAccessIdentity</a> smart
--   constructor.
data CreateCloudFrontOriginAccessIdentity

-- | The current configuration information for the identity.
ccfoaiCloudFrontOriginAccessIdentityConfig :: Lens' CreateCloudFrontOriginAccessIdentity CloudFrontOriginAccessIdentityConfig

-- | Creates a value of <a>CreateCloudFrontOriginAccessIdentityResponse</a>
--   with the minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>ccfoairsETag</a> - The current version of the origin access
--   identity created.</li>
--   <li><a>ccfoairsLocation</a> - The fully qualified URI of the new
--   origin access identity just created. For example:
--   <tt><a>https://cloudfront.amazonaws.com/2010-11-01/origin-access-identity/cloudfront/E74FTE3AJFJ256A</a></tt>
--   .</li>
--   <li><a>ccfoairsCloudFrontOriginAccessIdentity</a> - The origin access
--   identity's information.</li>
--   <li><a>ccfoairsResponseStatus</a> - -- | The response status
--   code.</li>
--   </ul>
createCloudFrontOriginAccessIdentityResponse :: Int -> CreateCloudFrontOriginAccessIdentityResponse

-- | The returned result of the corresponding request.
--   
--   <i>See:</i> <a>createCloudFrontOriginAccessIdentityResponse</a> smart
--   constructor.
data CreateCloudFrontOriginAccessIdentityResponse

-- | The current version of the origin access identity created.
ccfoairsETag :: Lens' CreateCloudFrontOriginAccessIdentityResponse (Maybe Text)

-- | The fully qualified URI of the new origin access identity just
--   created. For example:
--   <tt><a>https://cloudfront.amazonaws.com/2010-11-01/origin-access-identity/cloudfront/E74FTE3AJFJ256A</a></tt>
--   .
ccfoairsLocation :: Lens' CreateCloudFrontOriginAccessIdentityResponse (Maybe Text)

-- | The origin access identity's information.
ccfoairsCloudFrontOriginAccessIdentity :: Lens' CreateCloudFrontOriginAccessIdentityResponse (Maybe CloudFrontOriginAccessIdentity)

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
ccfoairsResponseStatus :: Lens' CreateCloudFrontOriginAccessIdentityResponse Int
instance GHC.Generics.Generic Network.AWS.CloudFront.CreateCloudFrontOriginAccessIdentity.CreateCloudFrontOriginAccessIdentityResponse
instance Data.Data.Data Network.AWS.CloudFront.CreateCloudFrontOriginAccessIdentity.CreateCloudFrontOriginAccessIdentityResponse
instance GHC.Show.Show Network.AWS.CloudFront.CreateCloudFrontOriginAccessIdentity.CreateCloudFrontOriginAccessIdentityResponse
instance GHC.Read.Read Network.AWS.CloudFront.CreateCloudFrontOriginAccessIdentity.CreateCloudFrontOriginAccessIdentityResponse
instance GHC.Classes.Eq Network.AWS.CloudFront.CreateCloudFrontOriginAccessIdentity.CreateCloudFrontOriginAccessIdentityResponse
instance GHC.Generics.Generic Network.AWS.CloudFront.CreateCloudFrontOriginAccessIdentity.CreateCloudFrontOriginAccessIdentity
instance Data.Data.Data Network.AWS.CloudFront.CreateCloudFrontOriginAccessIdentity.CreateCloudFrontOriginAccessIdentity
instance GHC.Show.Show Network.AWS.CloudFront.CreateCloudFrontOriginAccessIdentity.CreateCloudFrontOriginAccessIdentity
instance GHC.Read.Read Network.AWS.CloudFront.CreateCloudFrontOriginAccessIdentity.CreateCloudFrontOriginAccessIdentity
instance GHC.Classes.Eq Network.AWS.CloudFront.CreateCloudFrontOriginAccessIdentity.CreateCloudFrontOriginAccessIdentity
instance Network.AWS.Types.AWSRequest Network.AWS.CloudFront.CreateCloudFrontOriginAccessIdentity.CreateCloudFrontOriginAccessIdentity
instance Control.DeepSeq.NFData Network.AWS.CloudFront.CreateCloudFrontOriginAccessIdentity.CreateCloudFrontOriginAccessIdentityResponse
instance Data.Hashable.Class.Hashable Network.AWS.CloudFront.CreateCloudFrontOriginAccessIdentity.CreateCloudFrontOriginAccessIdentity
instance Control.DeepSeq.NFData Network.AWS.CloudFront.CreateCloudFrontOriginAccessIdentity.CreateCloudFrontOriginAccessIdentity
instance Network.AWS.Data.XML.ToElement Network.AWS.CloudFront.CreateCloudFrontOriginAccessIdentity.CreateCloudFrontOriginAccessIdentity
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CloudFront.CreateCloudFrontOriginAccessIdentity.CreateCloudFrontOriginAccessIdentity
instance Network.AWS.Data.Path.ToPath Network.AWS.CloudFront.CreateCloudFrontOriginAccessIdentity.CreateCloudFrontOriginAccessIdentity
instance Network.AWS.Data.Query.ToQuery Network.AWS.CloudFront.CreateCloudFrontOriginAccessIdentity.CreateCloudFrontOriginAccessIdentity


-- | Remove tags from a CloudFront resource.
module Network.AWS.CloudFront.UntagResource

-- | Creates a value of <a>UntagResource</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>urResource</a> - An ARN of a CloudFront resource.</li>
--   <li><a>urTagKeys</a> - A complex type that contains zero or more
--   <tt>Tag</tt> key elements.</li>
--   </ul>
untagResource :: Text -> TagKeys -> UntagResource

-- | The request to remove tags from a CloudFront resource.
--   
--   <i>See:</i> <a>untagResource</a> smart constructor.
data UntagResource

-- | An ARN of a CloudFront resource.
urResource :: Lens' UntagResource Text

-- | A complex type that contains zero or more <tt>Tag</tt> key elements.
urTagKeys :: Lens' UntagResource TagKeys

-- | Creates a value of <a>UntagResourceResponse</a> with the minimum
--   fields required to make a request.
untagResourceResponse :: UntagResourceResponse

-- | <i>See:</i> <a>untagResourceResponse</a> smart constructor.
data UntagResourceResponse
instance GHC.Generics.Generic Network.AWS.CloudFront.UntagResource.UntagResourceResponse
instance Data.Data.Data Network.AWS.CloudFront.UntagResource.UntagResourceResponse
instance GHC.Show.Show Network.AWS.CloudFront.UntagResource.UntagResourceResponse
instance GHC.Read.Read Network.AWS.CloudFront.UntagResource.UntagResourceResponse
instance GHC.Classes.Eq Network.AWS.CloudFront.UntagResource.UntagResourceResponse
instance GHC.Generics.Generic Network.AWS.CloudFront.UntagResource.UntagResource
instance Data.Data.Data Network.AWS.CloudFront.UntagResource.UntagResource
instance GHC.Show.Show Network.AWS.CloudFront.UntagResource.UntagResource
instance GHC.Read.Read Network.AWS.CloudFront.UntagResource.UntagResource
instance GHC.Classes.Eq Network.AWS.CloudFront.UntagResource.UntagResource
instance Network.AWS.Types.AWSRequest Network.AWS.CloudFront.UntagResource.UntagResource
instance Control.DeepSeq.NFData Network.AWS.CloudFront.UntagResource.UntagResourceResponse
instance Data.Hashable.Class.Hashable Network.AWS.CloudFront.UntagResource.UntagResource
instance Control.DeepSeq.NFData Network.AWS.CloudFront.UntagResource.UntagResource
instance Network.AWS.Data.XML.ToElement Network.AWS.CloudFront.UntagResource.UntagResource
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CloudFront.UntagResource.UntagResource
instance Network.AWS.Data.Path.ToPath Network.AWS.CloudFront.UntagResource.UntagResource
instance Network.AWS.Data.Query.ToQuery Network.AWS.CloudFront.UntagResource.UntagResource


-- | Update an origin access identity.
module Network.AWS.CloudFront.UpdateCloudFrontOriginAccessIdentity

-- | Creates a value of <a>UpdateCloudFrontOriginAccessIdentity</a> with
--   the minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>ucfoaiIfMatch</a> - The value of the <tt>ETag</tt> header that
--   you received when retrieving the identity's configuration. For
--   example: <tt>E2QWRUHAPOMQZL</tt> .</li>
--   <li><a>ucfoaiCloudFrontOriginAccessIdentityConfig</a> - The identity's
--   configuration information.</li>
--   <li><a>ucfoaiId</a> - The identity's id.</li>
--   </ul>
updateCloudFrontOriginAccessIdentity :: CloudFrontOriginAccessIdentityConfig -> Text -> UpdateCloudFrontOriginAccessIdentity

-- | The request to update an origin access identity.
--   
--   <i>See:</i> <a>updateCloudFrontOriginAccessIdentity</a> smart
--   constructor.
data UpdateCloudFrontOriginAccessIdentity

-- | The value of the <tt>ETag</tt> header that you received when
--   retrieving the identity's configuration. For example:
--   <tt>E2QWRUHAPOMQZL</tt> .
ucfoaiIfMatch :: Lens' UpdateCloudFrontOriginAccessIdentity (Maybe Text)

-- | The identity's configuration information.
ucfoaiCloudFrontOriginAccessIdentityConfig :: Lens' UpdateCloudFrontOriginAccessIdentity CloudFrontOriginAccessIdentityConfig

-- | The identity's id.
ucfoaiId :: Lens' UpdateCloudFrontOriginAccessIdentity Text

-- | Creates a value of <a>UpdateCloudFrontOriginAccessIdentityResponse</a>
--   with the minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>ucfoairsETag</a> - The current version of the configuration.
--   For example: <tt>E2QWRUHAPOMQZL</tt> .</li>
--   <li><a>ucfoairsCloudFrontOriginAccessIdentity</a> - The origin access
--   identity's information.</li>
--   <li><a>ucfoairsResponseStatus</a> - -- | The response status
--   code.</li>
--   </ul>
updateCloudFrontOriginAccessIdentityResponse :: Int -> UpdateCloudFrontOriginAccessIdentityResponse

-- | The returned result of the corresponding request.
--   
--   <i>See:</i> <a>updateCloudFrontOriginAccessIdentityResponse</a> smart
--   constructor.
data UpdateCloudFrontOriginAccessIdentityResponse

-- | The current version of the configuration. For example:
--   <tt>E2QWRUHAPOMQZL</tt> .
ucfoairsETag :: Lens' UpdateCloudFrontOriginAccessIdentityResponse (Maybe Text)

-- | The origin access identity's information.
ucfoairsCloudFrontOriginAccessIdentity :: Lens' UpdateCloudFrontOriginAccessIdentityResponse (Maybe CloudFrontOriginAccessIdentity)

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
ucfoairsResponseStatus :: Lens' UpdateCloudFrontOriginAccessIdentityResponse Int
instance GHC.Generics.Generic Network.AWS.CloudFront.UpdateCloudFrontOriginAccessIdentity.UpdateCloudFrontOriginAccessIdentityResponse
instance Data.Data.Data Network.AWS.CloudFront.UpdateCloudFrontOriginAccessIdentity.UpdateCloudFrontOriginAccessIdentityResponse
instance GHC.Show.Show Network.AWS.CloudFront.UpdateCloudFrontOriginAccessIdentity.UpdateCloudFrontOriginAccessIdentityResponse
instance GHC.Read.Read Network.AWS.CloudFront.UpdateCloudFrontOriginAccessIdentity.UpdateCloudFrontOriginAccessIdentityResponse
instance GHC.Classes.Eq Network.AWS.CloudFront.UpdateCloudFrontOriginAccessIdentity.UpdateCloudFrontOriginAccessIdentityResponse
instance GHC.Generics.Generic Network.AWS.CloudFront.UpdateCloudFrontOriginAccessIdentity.UpdateCloudFrontOriginAccessIdentity
instance Data.Data.Data Network.AWS.CloudFront.UpdateCloudFrontOriginAccessIdentity.UpdateCloudFrontOriginAccessIdentity
instance GHC.Show.Show Network.AWS.CloudFront.UpdateCloudFrontOriginAccessIdentity.UpdateCloudFrontOriginAccessIdentity
instance GHC.Read.Read Network.AWS.CloudFront.UpdateCloudFrontOriginAccessIdentity.UpdateCloudFrontOriginAccessIdentity
instance GHC.Classes.Eq Network.AWS.CloudFront.UpdateCloudFrontOriginAccessIdentity.UpdateCloudFrontOriginAccessIdentity
instance Network.AWS.Types.AWSRequest Network.AWS.CloudFront.UpdateCloudFrontOriginAccessIdentity.UpdateCloudFrontOriginAccessIdentity
instance Control.DeepSeq.NFData Network.AWS.CloudFront.UpdateCloudFrontOriginAccessIdentity.UpdateCloudFrontOriginAccessIdentityResponse
instance Data.Hashable.Class.Hashable Network.AWS.CloudFront.UpdateCloudFrontOriginAccessIdentity.UpdateCloudFrontOriginAccessIdentity
instance Control.DeepSeq.NFData Network.AWS.CloudFront.UpdateCloudFrontOriginAccessIdentity.UpdateCloudFrontOriginAccessIdentity
instance Network.AWS.Data.XML.ToElement Network.AWS.CloudFront.UpdateCloudFrontOriginAccessIdentity.UpdateCloudFrontOriginAccessIdentity
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CloudFront.UpdateCloudFrontOriginAccessIdentity.UpdateCloudFrontOriginAccessIdentity
instance Network.AWS.Data.Path.ToPath Network.AWS.CloudFront.UpdateCloudFrontOriginAccessIdentity.UpdateCloudFrontOriginAccessIdentity
instance Network.AWS.Data.Query.ToQuery Network.AWS.CloudFront.UpdateCloudFrontOriginAccessIdentity.UpdateCloudFrontOriginAccessIdentity


-- | Updates the configuration for a web distribution. Perform the
--   following steps.
--   
--   For information about updating a distribution using the CloudFront
--   console, see <a>Creating or Updating a Web Distribution Using the
--   CloudFront Console</a> in the <i>Amazon CloudFront Developer Guide</i>
--   .
--   
--   <b>To update a web distribution using the CloudFront API</b>
--   
--   <ul>
--   <li>Submit a <tt>GetDistributionConfig</tt> request to get the current
--   configuration and an <tt>Etag</tt> header for the distribution.</li>
--   <li>Update the XML document that was returned in the response to your
--   <tt>GetDistributionConfig</tt> request to include the desired changes.
--   You can't change the value of <tt>CallerReference</tt> . If you try to
--   change this value, CloudFront returns an <tt>IllegalUpdate</tt>
--   error.</li>
--   </ul>
--   
--   <i>Important:</i> The new configuration replaces the existing
--   configuration; the values that you specify in an
--   <tt>UpdateDistribution</tt> request are not merged into the existing
--   configuration. When you add, delete, or replace values in an element
--   that allows multiple values (for example, <tt>CNAME</tt> ), you must
--   specify all of the values that you want to appear in the updated
--   distribution. In addition, you must update the corresponding
--   <tt>Quantity</tt> element.
--   
--   <ul>
--   <li>Submit an <tt>UpdateDistribution</tt> request to update the
--   configuration for your distribution:</li>
--   <li>In the request body, include the XML document that you updated in
--   Step 2. The request body must include an XML document with a
--   <tt>DistributionConfig</tt> element.</li>
--   <li>Set the value of the HTTP <tt>If-Match</tt> header to the value of
--   the <tt>ETag</tt> header that CloudFront returned when you submitted
--   the <tt>GetDistributionConfig</tt> request in Step 1.</li>
--   <li>Review the response to the <tt>UpdateDistribution</tt> request to
--   confirm that the configuration was successfully updated.</li>
--   <li>Optional: Submit a <tt>GetDistribution</tt> request to confirm
--   that your changes have propagated. When propagation is complete, the
--   value of <tt>Status</tt> is <tt>Deployed</tt> .</li>
--   </ul>
--   
--   <i>Important:</i> Beginning with the 2012-05-05 version of the
--   CloudFront API, we made substantial changes to the format of the XML
--   document that you include in the request body when you create or
--   update a distribution. With previous versions of the API, we
--   discovered that it was too easy to accidentally delete one or more
--   values for an element that accepts multiple values, for example,
--   CNAMEs and trusted signers. Our changes for the 2012-05-05 release are
--   intended to prevent these accidental deletions and to notify you when
--   there's a mismatch between the number of values you say you're
--   specifying in the <tt>Quantity</tt> element and the number of values
--   you're actually specifying.
module Network.AWS.CloudFront.UpdateDistribution

-- | Creates a value of <a>UpdateDistribution</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>udIfMatch</a> - The value of the <tt>ETag</tt> header that you
--   received when retrieving the distribution's configuration. For
--   example: <tt>E2QWRUHAPOMQZL</tt> .</li>
--   <li><a>udDistributionConfig</a> - The distribution's configuration
--   information.</li>
--   <li><a>udId</a> - The distribution's id.</li>
--   </ul>
updateDistribution :: DistributionConfig -> Text -> UpdateDistribution

-- | The request to update a distribution.
--   
--   <i>See:</i> <a>updateDistribution</a> smart constructor.
data UpdateDistribution

-- | The value of the <tt>ETag</tt> header that you received when
--   retrieving the distribution's configuration. For example:
--   <tt>E2QWRUHAPOMQZL</tt> .
udIfMatch :: Lens' UpdateDistribution (Maybe Text)

-- | The distribution's configuration information.
udDistributionConfig :: Lens' UpdateDistribution DistributionConfig

-- | The distribution's id.
udId :: Lens' UpdateDistribution Text

-- | Creates a value of <a>UpdateDistributionResponse</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>udrsETag</a> - The current version of the configuration. For
--   example: <tt>E2QWRUHAPOMQZL</tt> .</li>
--   <li><a>udrsDistribution</a> - The distribution's information.</li>
--   <li><a>udrsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
updateDistributionResponse :: Int -> UpdateDistributionResponse

-- | The returned result of the corresponding request.
--   
--   <i>See:</i> <a>updateDistributionResponse</a> smart constructor.
data UpdateDistributionResponse

-- | The current version of the configuration. For example:
--   <tt>E2QWRUHAPOMQZL</tt> .
udrsETag :: Lens' UpdateDistributionResponse (Maybe Text)

-- | The distribution's information.
udrsDistribution :: Lens' UpdateDistributionResponse (Maybe Distribution)

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
udrsResponseStatus :: Lens' UpdateDistributionResponse Int
instance GHC.Generics.Generic Network.AWS.CloudFront.UpdateDistribution.UpdateDistributionResponse
instance Data.Data.Data Network.AWS.CloudFront.UpdateDistribution.UpdateDistributionResponse
instance GHC.Show.Show Network.AWS.CloudFront.UpdateDistribution.UpdateDistributionResponse
instance GHC.Read.Read Network.AWS.CloudFront.UpdateDistribution.UpdateDistributionResponse
instance GHC.Classes.Eq Network.AWS.CloudFront.UpdateDistribution.UpdateDistributionResponse
instance GHC.Generics.Generic Network.AWS.CloudFront.UpdateDistribution.UpdateDistribution
instance Data.Data.Data Network.AWS.CloudFront.UpdateDistribution.UpdateDistribution
instance GHC.Show.Show Network.AWS.CloudFront.UpdateDistribution.UpdateDistribution
instance GHC.Read.Read Network.AWS.CloudFront.UpdateDistribution.UpdateDistribution
instance GHC.Classes.Eq Network.AWS.CloudFront.UpdateDistribution.UpdateDistribution
instance Network.AWS.Types.AWSRequest Network.AWS.CloudFront.UpdateDistribution.UpdateDistribution
instance Control.DeepSeq.NFData Network.AWS.CloudFront.UpdateDistribution.UpdateDistributionResponse
instance Data.Hashable.Class.Hashable Network.AWS.CloudFront.UpdateDistribution.UpdateDistribution
instance Control.DeepSeq.NFData Network.AWS.CloudFront.UpdateDistribution.UpdateDistribution
instance Network.AWS.Data.XML.ToElement Network.AWS.CloudFront.UpdateDistribution.UpdateDistribution
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CloudFront.UpdateDistribution.UpdateDistribution
instance Network.AWS.Data.Path.ToPath Network.AWS.CloudFront.UpdateDistribution.UpdateDistribution
instance Network.AWS.Data.Query.ToQuery Network.AWS.CloudFront.UpdateDistribution.UpdateDistribution


-- | Update a field-level encryption configuration.
module Network.AWS.CloudFront.UpdateFieldLevelEncryptionConfig

-- | Creates a value of <a>UpdateFieldLevelEncryptionConfig</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>uflecIfMatch</a> - The value of the <tt>ETag</tt> header that
--   you received when retrieving the configuration identity to update. For
--   example: <tt>E2QWRUHAPOMQZL</tt> .</li>
--   <li><a>uflecFieldLevelEncryptionConfig</a> - Request to update a
--   field-level encryption configuration.</li>
--   <li><a>uflecId</a> - The ID of the configuration you want to
--   update.</li>
--   </ul>
updateFieldLevelEncryptionConfig :: FieldLevelEncryptionConfig -> Text -> UpdateFieldLevelEncryptionConfig

-- | <i>See:</i> <a>updateFieldLevelEncryptionConfig</a> smart constructor.
data UpdateFieldLevelEncryptionConfig

-- | The value of the <tt>ETag</tt> header that you received when
--   retrieving the configuration identity to update. For example:
--   <tt>E2QWRUHAPOMQZL</tt> .
uflecIfMatch :: Lens' UpdateFieldLevelEncryptionConfig (Maybe Text)

-- | Request to update a field-level encryption configuration.
uflecFieldLevelEncryptionConfig :: Lens' UpdateFieldLevelEncryptionConfig FieldLevelEncryptionConfig

-- | The ID of the configuration you want to update.
uflecId :: Lens' UpdateFieldLevelEncryptionConfig Text

-- | Creates a value of <a>UpdateFieldLevelEncryptionConfigResponse</a>
--   with the minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>uflecrsETag</a> - The value of the <tt>ETag</tt> header that
--   you received when updating the configuration. For example:
--   <tt>E2QWRUHAPOMQZL</tt> .</li>
--   <li><a>uflecrsFieldLevelEncryption</a> - Return the results of
--   updating the configuration.</li>
--   <li><a>uflecrsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
updateFieldLevelEncryptionConfigResponse :: Int -> UpdateFieldLevelEncryptionConfigResponse

-- | <i>See:</i> <a>updateFieldLevelEncryptionConfigResponse</a> smart
--   constructor.
data UpdateFieldLevelEncryptionConfigResponse

-- | The value of the <tt>ETag</tt> header that you received when updating
--   the configuration. For example: <tt>E2QWRUHAPOMQZL</tt> .
uflecrsETag :: Lens' UpdateFieldLevelEncryptionConfigResponse (Maybe Text)

-- | Return the results of updating the configuration.
uflecrsFieldLevelEncryption :: Lens' UpdateFieldLevelEncryptionConfigResponse (Maybe FieldLevelEncryption)

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
uflecrsResponseStatus :: Lens' UpdateFieldLevelEncryptionConfigResponse Int
instance GHC.Generics.Generic Network.AWS.CloudFront.UpdateFieldLevelEncryptionConfig.UpdateFieldLevelEncryptionConfigResponse
instance Data.Data.Data Network.AWS.CloudFront.UpdateFieldLevelEncryptionConfig.UpdateFieldLevelEncryptionConfigResponse
instance GHC.Show.Show Network.AWS.CloudFront.UpdateFieldLevelEncryptionConfig.UpdateFieldLevelEncryptionConfigResponse
instance GHC.Read.Read Network.AWS.CloudFront.UpdateFieldLevelEncryptionConfig.UpdateFieldLevelEncryptionConfigResponse
instance GHC.Classes.Eq Network.AWS.CloudFront.UpdateFieldLevelEncryptionConfig.UpdateFieldLevelEncryptionConfigResponse
instance GHC.Generics.Generic Network.AWS.CloudFront.UpdateFieldLevelEncryptionConfig.UpdateFieldLevelEncryptionConfig
instance Data.Data.Data Network.AWS.CloudFront.UpdateFieldLevelEncryptionConfig.UpdateFieldLevelEncryptionConfig
instance GHC.Show.Show Network.AWS.CloudFront.UpdateFieldLevelEncryptionConfig.UpdateFieldLevelEncryptionConfig
instance GHC.Read.Read Network.AWS.CloudFront.UpdateFieldLevelEncryptionConfig.UpdateFieldLevelEncryptionConfig
instance GHC.Classes.Eq Network.AWS.CloudFront.UpdateFieldLevelEncryptionConfig.UpdateFieldLevelEncryptionConfig
instance Network.AWS.Types.AWSRequest Network.AWS.CloudFront.UpdateFieldLevelEncryptionConfig.UpdateFieldLevelEncryptionConfig
instance Control.DeepSeq.NFData Network.AWS.CloudFront.UpdateFieldLevelEncryptionConfig.UpdateFieldLevelEncryptionConfigResponse
instance Data.Hashable.Class.Hashable Network.AWS.CloudFront.UpdateFieldLevelEncryptionConfig.UpdateFieldLevelEncryptionConfig
instance Control.DeepSeq.NFData Network.AWS.CloudFront.UpdateFieldLevelEncryptionConfig.UpdateFieldLevelEncryptionConfig
instance Network.AWS.Data.XML.ToElement Network.AWS.CloudFront.UpdateFieldLevelEncryptionConfig.UpdateFieldLevelEncryptionConfig
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CloudFront.UpdateFieldLevelEncryptionConfig.UpdateFieldLevelEncryptionConfig
instance Network.AWS.Data.Path.ToPath Network.AWS.CloudFront.UpdateFieldLevelEncryptionConfig.UpdateFieldLevelEncryptionConfig
instance Network.AWS.Data.Query.ToQuery Network.AWS.CloudFront.UpdateFieldLevelEncryptionConfig.UpdateFieldLevelEncryptionConfig


-- | Update a field-level encryption profile.
module Network.AWS.CloudFront.UpdateFieldLevelEncryptionProfile

-- | Creates a value of <a>UpdateFieldLevelEncryptionProfile</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>uflepIfMatch</a> - The value of the <tt>ETag</tt> header that
--   you received when retrieving the profile identity to update. For
--   example: <tt>E2QWRUHAPOMQZL</tt> .</li>
--   <li><a>uflepFieldLevelEncryptionProfileConfig</a> - Request to update
--   a field-level encryption profile.</li>
--   <li><a>uflepId</a> - The ID of the field-level encryption profile
--   request.</li>
--   </ul>
updateFieldLevelEncryptionProfile :: FieldLevelEncryptionProfileConfig -> Text -> UpdateFieldLevelEncryptionProfile

-- | <i>See:</i> <a>updateFieldLevelEncryptionProfile</a> smart
--   constructor.
data UpdateFieldLevelEncryptionProfile

-- | The value of the <tt>ETag</tt> header that you received when
--   retrieving the profile identity to update. For example:
--   <tt>E2QWRUHAPOMQZL</tt> .
uflepIfMatch :: Lens' UpdateFieldLevelEncryptionProfile (Maybe Text)

-- | Request to update a field-level encryption profile.
uflepFieldLevelEncryptionProfileConfig :: Lens' UpdateFieldLevelEncryptionProfile FieldLevelEncryptionProfileConfig

-- | The ID of the field-level encryption profile request.
uflepId :: Lens' UpdateFieldLevelEncryptionProfile Text

-- | Creates a value of <a>UpdateFieldLevelEncryptionProfileResponse</a>
--   with the minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>ufleprsETag</a> - The result of the field-level encryption
--   profile request.</li>
--   <li><a>ufleprsFieldLevelEncryptionProfile</a> - Return the results of
--   updating the profile.</li>
--   <li><a>ufleprsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
updateFieldLevelEncryptionProfileResponse :: Int -> UpdateFieldLevelEncryptionProfileResponse

-- | <i>See:</i> <a>updateFieldLevelEncryptionProfileResponse</a> smart
--   constructor.
data UpdateFieldLevelEncryptionProfileResponse

-- | The result of the field-level encryption profile request.
ufleprsETag :: Lens' UpdateFieldLevelEncryptionProfileResponse (Maybe Text)

-- | Return the results of updating the profile.
ufleprsFieldLevelEncryptionProfile :: Lens' UpdateFieldLevelEncryptionProfileResponse (Maybe FieldLevelEncryptionProfile)

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
ufleprsResponseStatus :: Lens' UpdateFieldLevelEncryptionProfileResponse Int
instance GHC.Generics.Generic Network.AWS.CloudFront.UpdateFieldLevelEncryptionProfile.UpdateFieldLevelEncryptionProfileResponse
instance Data.Data.Data Network.AWS.CloudFront.UpdateFieldLevelEncryptionProfile.UpdateFieldLevelEncryptionProfileResponse
instance GHC.Show.Show Network.AWS.CloudFront.UpdateFieldLevelEncryptionProfile.UpdateFieldLevelEncryptionProfileResponse
instance GHC.Read.Read Network.AWS.CloudFront.UpdateFieldLevelEncryptionProfile.UpdateFieldLevelEncryptionProfileResponse
instance GHC.Classes.Eq Network.AWS.CloudFront.UpdateFieldLevelEncryptionProfile.UpdateFieldLevelEncryptionProfileResponse
instance GHC.Generics.Generic Network.AWS.CloudFront.UpdateFieldLevelEncryptionProfile.UpdateFieldLevelEncryptionProfile
instance Data.Data.Data Network.AWS.CloudFront.UpdateFieldLevelEncryptionProfile.UpdateFieldLevelEncryptionProfile
instance GHC.Show.Show Network.AWS.CloudFront.UpdateFieldLevelEncryptionProfile.UpdateFieldLevelEncryptionProfile
instance GHC.Read.Read Network.AWS.CloudFront.UpdateFieldLevelEncryptionProfile.UpdateFieldLevelEncryptionProfile
instance GHC.Classes.Eq Network.AWS.CloudFront.UpdateFieldLevelEncryptionProfile.UpdateFieldLevelEncryptionProfile
instance Network.AWS.Types.AWSRequest Network.AWS.CloudFront.UpdateFieldLevelEncryptionProfile.UpdateFieldLevelEncryptionProfile
instance Control.DeepSeq.NFData Network.AWS.CloudFront.UpdateFieldLevelEncryptionProfile.UpdateFieldLevelEncryptionProfileResponse
instance Data.Hashable.Class.Hashable Network.AWS.CloudFront.UpdateFieldLevelEncryptionProfile.UpdateFieldLevelEncryptionProfile
instance Control.DeepSeq.NFData Network.AWS.CloudFront.UpdateFieldLevelEncryptionProfile.UpdateFieldLevelEncryptionProfile
instance Network.AWS.Data.XML.ToElement Network.AWS.CloudFront.UpdateFieldLevelEncryptionProfile.UpdateFieldLevelEncryptionProfile
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CloudFront.UpdateFieldLevelEncryptionProfile.UpdateFieldLevelEncryptionProfile
instance Network.AWS.Data.Path.ToPath Network.AWS.CloudFront.UpdateFieldLevelEncryptionProfile.UpdateFieldLevelEncryptionProfile
instance Network.AWS.Data.Query.ToQuery Network.AWS.CloudFront.UpdateFieldLevelEncryptionProfile.UpdateFieldLevelEncryptionProfile


-- | Update public key information. Note that the only value you can change
--   is the comment.
module Network.AWS.CloudFront.UpdatePublicKey

-- | Creates a value of <a>UpdatePublicKey</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>upkIfMatch</a> - The value of the <tt>ETag</tt> header that you
--   received when retrieving the public key to update. For example:
--   <tt>E2QWRUHAPOMQZL</tt> .</li>
--   <li><a>upkPublicKeyConfig</a> - Request to update public key
--   information.</li>
--   <li><a>upkId</a> - ID of the public key to be updated.</li>
--   </ul>
updatePublicKey :: PublicKeyConfig -> Text -> UpdatePublicKey

-- | <i>See:</i> <a>updatePublicKey</a> smart constructor.
data UpdatePublicKey

-- | The value of the <tt>ETag</tt> header that you received when
--   retrieving the public key to update. For example:
--   <tt>E2QWRUHAPOMQZL</tt> .
upkIfMatch :: Lens' UpdatePublicKey (Maybe Text)

-- | Request to update public key information.
upkPublicKeyConfig :: Lens' UpdatePublicKey PublicKeyConfig

-- | ID of the public key to be updated.
upkId :: Lens' UpdatePublicKey Text

-- | Creates a value of <a>UpdatePublicKeyResponse</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>upkrsETag</a> - The current version of the update public key
--   result. For example: <tt>E2QWRUHAPOMQZL</tt> .</li>
--   <li><a>upkrsPublicKey</a> - Return the results of updating the public
--   key.</li>
--   <li><a>upkrsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
updatePublicKeyResponse :: Int -> UpdatePublicKeyResponse

-- | <i>See:</i> <a>updatePublicKeyResponse</a> smart constructor.
data UpdatePublicKeyResponse

-- | The current version of the update public key result. For example:
--   <tt>E2QWRUHAPOMQZL</tt> .
upkrsETag :: Lens' UpdatePublicKeyResponse (Maybe Text)

-- | Return the results of updating the public key.
upkrsPublicKey :: Lens' UpdatePublicKeyResponse (Maybe PublicKey)

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
upkrsResponseStatus :: Lens' UpdatePublicKeyResponse Int
instance GHC.Generics.Generic Network.AWS.CloudFront.UpdatePublicKey.UpdatePublicKeyResponse
instance Data.Data.Data Network.AWS.CloudFront.UpdatePublicKey.UpdatePublicKeyResponse
instance GHC.Show.Show Network.AWS.CloudFront.UpdatePublicKey.UpdatePublicKeyResponse
instance GHC.Read.Read Network.AWS.CloudFront.UpdatePublicKey.UpdatePublicKeyResponse
instance GHC.Classes.Eq Network.AWS.CloudFront.UpdatePublicKey.UpdatePublicKeyResponse
instance GHC.Generics.Generic Network.AWS.CloudFront.UpdatePublicKey.UpdatePublicKey
instance Data.Data.Data Network.AWS.CloudFront.UpdatePublicKey.UpdatePublicKey
instance GHC.Show.Show Network.AWS.CloudFront.UpdatePublicKey.UpdatePublicKey
instance GHC.Read.Read Network.AWS.CloudFront.UpdatePublicKey.UpdatePublicKey
instance GHC.Classes.Eq Network.AWS.CloudFront.UpdatePublicKey.UpdatePublicKey
instance Network.AWS.Types.AWSRequest Network.AWS.CloudFront.UpdatePublicKey.UpdatePublicKey
instance Control.DeepSeq.NFData Network.AWS.CloudFront.UpdatePublicKey.UpdatePublicKeyResponse
instance Data.Hashable.Class.Hashable Network.AWS.CloudFront.UpdatePublicKey.UpdatePublicKey
instance Control.DeepSeq.NFData Network.AWS.CloudFront.UpdatePublicKey.UpdatePublicKey
instance Network.AWS.Data.XML.ToElement Network.AWS.CloudFront.UpdatePublicKey.UpdatePublicKey
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CloudFront.UpdatePublicKey.UpdatePublicKey
instance Network.AWS.Data.Path.ToPath Network.AWS.CloudFront.UpdatePublicKey.UpdatePublicKey
instance Network.AWS.Data.Query.ToQuery Network.AWS.CloudFront.UpdatePublicKey.UpdatePublicKey


-- | Update a streaming distribution.
module Network.AWS.CloudFront.UpdateStreamingDistribution

-- | Creates a value of <a>UpdateStreamingDistribution</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>usdIfMatch</a> - The value of the <tt>ETag</tt> header that you
--   received when retrieving the streaming distribution's configuration.
--   For example: <tt>E2QWRUHAPOMQZL</tt> .</li>
--   <li><a>usdStreamingDistributionConfig</a> - The streaming
--   distribution's configuration information.</li>
--   <li><a>usdId</a> - The streaming distribution's id.</li>
--   </ul>
updateStreamingDistribution :: StreamingDistributionConfig -> Text -> UpdateStreamingDistribution

-- | The request to update a streaming distribution.
--   
--   <i>See:</i> <a>updateStreamingDistribution</a> smart constructor.
data UpdateStreamingDistribution

-- | The value of the <tt>ETag</tt> header that you received when
--   retrieving the streaming distribution's configuration. For example:
--   <tt>E2QWRUHAPOMQZL</tt> .
usdIfMatch :: Lens' UpdateStreamingDistribution (Maybe Text)

-- | The streaming distribution's configuration information.
usdStreamingDistributionConfig :: Lens' UpdateStreamingDistribution StreamingDistributionConfig

-- | The streaming distribution's id.
usdId :: Lens' UpdateStreamingDistribution Text

-- | Creates a value of <a>UpdateStreamingDistributionResponse</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>usdrsETag</a> - The current version of the configuration. For
--   example: <tt>E2QWRUHAPOMQZL</tt> .</li>
--   <li><a>usdrsStreamingDistribution</a> - The streaming distribution's
--   information.</li>
--   <li><a>usdrsResponseStatus</a> - -- | The response status code.</li>
--   </ul>
updateStreamingDistributionResponse :: Int -> UpdateStreamingDistributionResponse

-- | The returned result of the corresponding request.
--   
--   <i>See:</i> <a>updateStreamingDistributionResponse</a> smart
--   constructor.
data UpdateStreamingDistributionResponse

-- | The current version of the configuration. For example:
--   <tt>E2QWRUHAPOMQZL</tt> .
usdrsETag :: Lens' UpdateStreamingDistributionResponse (Maybe Text)

-- | The streaming distribution's information.
usdrsStreamingDistribution :: Lens' UpdateStreamingDistributionResponse (Maybe StreamingDistribution)

-- | <ul>
--   <li>- | The response status code.</li>
--   </ul>
usdrsResponseStatus :: Lens' UpdateStreamingDistributionResponse Int
instance GHC.Generics.Generic Network.AWS.CloudFront.UpdateStreamingDistribution.UpdateStreamingDistributionResponse
instance Data.Data.Data Network.AWS.CloudFront.UpdateStreamingDistribution.UpdateStreamingDistributionResponse
instance GHC.Show.Show Network.AWS.CloudFront.UpdateStreamingDistribution.UpdateStreamingDistributionResponse
instance GHC.Read.Read Network.AWS.CloudFront.UpdateStreamingDistribution.UpdateStreamingDistributionResponse
instance GHC.Classes.Eq Network.AWS.CloudFront.UpdateStreamingDistribution.UpdateStreamingDistributionResponse
instance GHC.Generics.Generic Network.AWS.CloudFront.UpdateStreamingDistribution.UpdateStreamingDistribution
instance Data.Data.Data Network.AWS.CloudFront.UpdateStreamingDistribution.UpdateStreamingDistribution
instance GHC.Show.Show Network.AWS.CloudFront.UpdateStreamingDistribution.UpdateStreamingDistribution
instance GHC.Read.Read Network.AWS.CloudFront.UpdateStreamingDistribution.UpdateStreamingDistribution
instance GHC.Classes.Eq Network.AWS.CloudFront.UpdateStreamingDistribution.UpdateStreamingDistribution
instance Network.AWS.Types.AWSRequest Network.AWS.CloudFront.UpdateStreamingDistribution.UpdateStreamingDistribution
instance Control.DeepSeq.NFData Network.AWS.CloudFront.UpdateStreamingDistribution.UpdateStreamingDistributionResponse
instance Data.Hashable.Class.Hashable Network.AWS.CloudFront.UpdateStreamingDistribution.UpdateStreamingDistribution
instance Control.DeepSeq.NFData Network.AWS.CloudFront.UpdateStreamingDistribution.UpdateStreamingDistribution
instance Network.AWS.Data.XML.ToElement Network.AWS.CloudFront.UpdateStreamingDistribution.UpdateStreamingDistribution
instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CloudFront.UpdateStreamingDistribution.UpdateStreamingDistribution
instance Network.AWS.Data.Path.ToPath Network.AWS.CloudFront.UpdateStreamingDistribution.UpdateStreamingDistribution
instance Network.AWS.Data.Query.ToQuery Network.AWS.CloudFront.UpdateStreamingDistribution.UpdateStreamingDistribution


module Network.AWS.CloudFront.Waiters

-- | Polls <a>GetStreamingDistribution</a> every 60 seconds until a
--   successful state is reached. An error is returned after 25 failed
--   checks.
streamingDistributionDeployed :: Wait GetStreamingDistribution

-- | Polls <a>GetDistribution</a> every 60 seconds until a successful state
--   is reached. An error is returned after 25 failed checks.
distributionDeployed :: Wait GetDistribution

-- | Polls <a>GetInvalidation</a> every 20 seconds until a successful state
--   is reached. An error is returned after 30 failed checks.
invalidationCompleted :: Wait GetInvalidation


-- | Amazon CloudFront is a web service that speeds up distribution of your
--   static and dynamic web content, for example, .html, .css, .php, image,
--   and media files, to end users. CloudFront delivers your content
--   through a worldwide network of edge locations. When an end user
--   requests content that you're serving with CloudFront, the user is
--   routed to the edge location that provides the lowest latency, so
--   content is delivered with the best possible performance. If the
--   content is already in that edge location, CloudFront delivers it
--   immediately. If the content is not currently in that edge location,
--   CloudFront retrieves it from an Amazon S3 bucket or an HTTP server
--   (for example, a web server) that you have identified as the source for
--   the definitive version of your content.
module Network.AWS.CloudFront

-- | API version <tt>2017-10-30</tt> of the Amazon CloudFront SDK
--   configuration.
cloudFront :: Service

-- | Prism for TooManyOriginCustomHeaders' errors.
_TooManyOriginCustomHeaders :: AsError a => Getting (First ServiceError) a ServiceError

-- | Prism for InvalidTagging' errors.
_InvalidTagging :: AsError a => Getting (First ServiceError) a ServiceError

-- | Prism for InvalidErrorCode' errors.
_InvalidErrorCode :: AsError a => Getting (First ServiceError) a ServiceError

-- | The specified profile for field-level encryption doesn't exist.
_NoSuchFieldLevelEncryptionProfile :: AsError a => Getting (First ServiceError) a ServiceError

-- | The specified profile for field-level encryption is in use.
_FieldLevelEncryptionProfileInUse :: AsError a => Getting (First ServiceError) a ServiceError

-- | Prism for InvalidOriginReadTimeout' errors.
_InvalidOriginReadTimeout :: AsError a => Getting (First ServiceError) a ServiceError

-- | The maximum number of profiles for field-level encryption have been
--   created.
_TooManyFieldLevelEncryptionProfiles :: AsError a => Getting (First ServiceError) a ServiceError

-- | You cannot create more cache behaviors for the distribution.
_TooManyCacheBehaviors :: AsError a => Getting (First ServiceError) a ServiceError

-- | Processing your request would cause you to exceed the maximum number
--   of origin access identities allowed.
_TooManyCloudFrontOriginAccessIdentities :: AsError a => Getting (First ServiceError) a ServiceError

-- | The origin access identity is not valid or doesn't exist.
_InvalidOriginAccessIdentity :: AsError a => Getting (First ServiceError) a ServiceError

-- | Prism for DistributionNotDisabled' errors.
_DistributionNotDisabled :: AsError a => Getting (First ServiceError) a ServiceError

-- | The specified streaming distribution does not exist.
_NoSuchStreamingDistribution :: AsError a => Getting (First ServiceError) a ServiceError

-- | The value of <tt>Quantity</tt> and the size of <tt>Items</tt> don't
--   match.
_InconsistentQuantities :: AsError a => Getting (First ServiceError) a ServiceError

-- | The argument is invalid.
_InvalidArgument :: AsError a => Getting (First ServiceError) a ServiceError

-- | Prism for InvalidOriginKeepaliveTimeout' errors.
_InvalidOriginKeepaliveTimeout :: AsError a => Getting (First ServiceError) a ServiceError

-- | You have exceeded the maximum number of allowable InProgress
--   invalidation batch requests, or invalidation objects.
_TooManyInvalidationsInProgress :: AsError a => Getting (First ServiceError) a ServiceError

-- | Prism for InvalidWebACLId' errors.
_InvalidWebACLId :: AsError a => Getting (First ServiceError) a ServiceError

-- | Prism for TooManyQueryStringParameters' errors.
_TooManyQueryStringParameters :: AsError a => Getting (First ServiceError) a ServiceError

-- | The maximum number of query arg profiles for field-level encryption
--   have been created.
_TooManyFieldLevelEncryptionQueryArgProfiles :: AsError a => Getting (First ServiceError) a ServiceError

-- | Your request contains more CNAMEs than are allowed per distribution.
_TooManyDistributionCNAMEs :: AsError a => Getting (First ServiceError) a ServiceError

-- | The specified origin access identity does not exist.
_NoSuchCloudFrontOriginAccessIdentity :: AsError a => Getting (First ServiceError) a ServiceError

-- | Prism for CloudFrontOriginAccessIdentityInUse' errors.
_CloudFrontOriginAccessIdentityInUse :: AsError a => Getting (First ServiceError) a ServiceError

-- | Processing your request would cause you to exceed the maximum number
--   of streaming distributions allowed.
_TooManyStreamingDistributions :: AsError a => Getting (First ServiceError) a ServiceError

-- | You can't change the value of a public key.
_CannotChangeImmutablePublicKeyFields :: AsError a => Getting (First ServiceError) a ServiceError

-- | Prism for BatchTooLarge' errors.
_BatchTooLarge :: AsError a => Getting (First ServiceError) a ServiceError

-- | Your request contains more cookie names in the whitelist than are
--   allowed per cache behavior.
_TooManyCookieNamesInWhiteList :: AsError a => Getting (First ServiceError) a ServiceError

-- | The specified Lambda function association is invalid.
_InvalidLambdaFunctionAssociation :: AsError a => Getting (First ServiceError) a ServiceError

-- | Your request contains forward cookies option which doesn't match with
--   the expectation for the <tt>whitelisted</tt> list of cookie names.
--   Either list of cookie names has been specified when not allowed or
--   list of cookie names is missing when expected.
_InvalidForwardCookies :: AsError a => Getting (First ServiceError) a ServiceError

-- | The specified configuration for field-level encryption is in use.
_FieldLevelEncryptionConfigInUse :: AsError a => Getting (First ServiceError) a ServiceError

-- | Your request contains more trusted signers than are allowed per
--   distribution.
_TooManyTrustedSigners :: AsError a => Getting (First ServiceError) a ServiceError

-- | The Amazon S3 origin server specified does not refer to a valid Amazon
--   S3 bucket.
_InvalidOrigin :: AsError a => Getting (First ServiceError) a ServiceError

-- | The specified invalidation does not exist.
_NoSuchInvalidation :: AsError a => Getting (First ServiceError) a ServiceError

-- | The specified public key already exists.
_PublicKeyAlreadyExists :: AsError a => Getting (First ServiceError) a ServiceError

-- | No origin exists with the specified <tt>Origin Id</tt> .
_NoSuchOrigin :: AsError a => Getting (First ServiceError) a ServiceError

-- | Prism for InvalidTTLOrder' errors.
_InvalidTTLOrder :: AsError a => Getting (First ServiceError) a ServiceError

-- | Prism for StreamingDistributionNotDisabled' errors.
_StreamingDistributionNotDisabled :: AsError a => Getting (First ServiceError) a ServiceError

-- | Prism for TooManyHeadersInForwardedValues' errors.
_TooManyHeadersInForwardedValues :: AsError a => Getting (First ServiceError) a ServiceError

-- | Prism for NoSuchResource' errors.
_NoSuchResource :: AsError a => Getting (First ServiceError) a ServiceError

-- | The maximum number of encryption entities for field-level encryption
--   have been created.
_TooManyFieldLevelEncryptionEncryptionEntities :: AsError a => Getting (First ServiceError) a ServiceError

-- | Prism for TooManyStreamingDistributionCNAMEs' errors.
_TooManyStreamingDistributionCNAMEs :: AsError a => Getting (First ServiceError) a ServiceError

-- | The specified profile for field-level encryption already exists.
_FieldLevelEncryptionProfileAlreadyExists :: AsError a => Getting (First ServiceError) a ServiceError

-- | Prism for ResourceInUse' errors.
_ResourceInUse :: AsError a => Getting (First ServiceError) a ServiceError

-- | This operation requires the HTTPS protocol. Ensure that you specify
--   the HTTPS protocol in your request, or omit the
--   <tt>RequiredProtocols</tt> element from your distribution
--   configuration.
_InvalidRequiredProtocol :: AsError a => Getting (First ServiceError) a ServiceError

-- | Processing your request would cause you to exceed the maximum number
--   of distributions allowed.
_TooManyDistributions :: AsError a => Getting (First ServiceError) a ServiceError

-- | You cannot create anymore custom SSL/TLS certificates.
_TooManyCertificates :: AsError a => Getting (First ServiceError) a ServiceError

-- | The caller reference you attempted to create the distribution with is
--   associated with another distribution.
_DistributionAlreadyExists :: AsError a => Getting (First ServiceError) a ServiceError

-- | The maximum number of distributions have been associated with the
--   specified configuration for field-level encryption.
_TooManyDistributionsAssociatedToFieldLevelEncryptionConfig :: AsError a => Getting (First ServiceError) a ServiceError

-- | Prism for InvalidQueryStringParameters' errors.
_InvalidQueryStringParameters :: AsError a => Getting (First ServiceError) a ServiceError

-- | This operation requires a body. Ensure that the body is present and
--   the <tt>Content-Type</tt> header is set.
_MissingBody :: AsError a => Getting (First ServiceError) a ServiceError

-- | The specified configuration for field-level encryption can't be
--   associated with the specified cache behavior.
_IllegalFieldLevelEncryptionConfigAssociationWithCacheBehavior :: AsError a => Getting (First ServiceError) a ServiceError

-- | Origin and <tt>CallerReference</tt> cannot be updated.
_IllegalUpdate :: AsError a => Getting (First ServiceError) a ServiceError

-- | The <tt>If-Match</tt> version is missing or not valid for the
--   distribution.
_InvalidIfMatchVersion :: AsError a => Getting (First ServiceError) a ServiceError

-- | The specified configuration for field-level encryption already exists.
_FieldLevelEncryptionConfigAlreadyExists :: AsError a => Getting (First ServiceError) a ServiceError

-- | The precondition given in one or more of the request-header fields
--   evaluated to <tt>false</tt> .
_PreconditionFailed :: AsError a => Getting (First ServiceError) a ServiceError

-- | Prism for InvalidResponseCode' errors.
_InvalidResponseCode :: AsError a => Getting (First ServiceError) a ServiceError

-- | Prism for InvalidHeadersForS3Origin' errors.
_InvalidHeadersForS3Origin :: AsError a => Getting (First ServiceError) a ServiceError

-- | Prism for CNAMEAlreadyExists' errors.
_CNAMEAlreadyExists :: AsError a => Getting (First ServiceError) a ServiceError

-- | The specified public key doesn't exist.
_NoSuchPublicKey :: AsError a => Getting (First ServiceError) a ServiceError

-- | The specified public key is in use.
_PublicKeyInUse :: AsError a => Getting (First ServiceError) a ServiceError

-- | One or more of your trusted signers don't exist.
_TrustedSignerDoesNotExist :: AsError a => Getting (First ServiceError) a ServiceError

-- | You cannot specify SSLv3 as the minimum protocol version if you only
--   want to support only clients that support Server Name Indication
--   (SNI).
_InvalidProtocolSettings :: AsError a => Getting (First ServiceError) a ServiceError

-- | The maximum number of public keys for field-level encryption have been
--   created. To create a new public key, delete one of the existing keys.
_TooManyPublicKeys :: AsError a => Getting (First ServiceError) a ServiceError

-- | The specified configuration for field-level encryption doesn't exist.
_NoSuchFieldLevelEncryptionConfig :: AsError a => Getting (First ServiceError) a ServiceError

-- | The maximum number of content type profiles for field-level encryption
--   have been created.
_TooManyFieldLevelEncryptionContentTypeProfiles :: AsError a => Getting (First ServiceError) a ServiceError

-- | The maximum number of field patterns for field-level encryption have
--   been created.
_TooManyFieldLevelEncryptionFieldPatterns :: AsError a => Getting (First ServiceError) a ServiceError

-- | The maximum number of configurations for field-level encryption have
--   been created.
_TooManyFieldLevelEncryptionConfigs :: AsError a => Getting (First ServiceError) a ServiceError

-- | Your request contains more Lambda function associations than are
--   allowed per distribution.
_TooManyLambdaFunctionAssociations :: AsError a => Getting (First ServiceError) a ServiceError

-- | If the <tt>CallerReference</tt> is a value you already sent in a
--   previous request to create an identity but the content of the
--   <tt>CloudFrontOriginAccessIdentityConfig</tt> is different from the
--   original request, CloudFront returns a
--   <tt>CloudFrontOriginAccessIdentityAlreadyExists</tt> error.
_CloudFrontOriginAccessIdentityAlreadyExists :: AsError a => Getting (First ServiceError) a ServiceError

-- | You cannot create more origins for the distribution.
_TooManyOrigins :: AsError a => Getting (First ServiceError) a ServiceError

-- | The relative path is too big, is not URL-encoded, or does not begin
--   with a slash (/).
_InvalidRelativePath :: AsError a => Getting (First ServiceError) a ServiceError

-- | Prism for StreamingDistributionAlreadyExists' errors.
_StreamingDistributionAlreadyExists :: AsError a => Getting (First ServiceError) a ServiceError

-- | No profile specified for the field-level encryption query argument.
_QueryArgProfileEmpty :: AsError a => Getting (First ServiceError) a ServiceError

-- | Prism for InvalidMinimumProtocolVersion' errors.
_InvalidMinimumProtocolVersion :: AsError a => Getting (First ServiceError) a ServiceError

-- | Access denied.
_AccessDenied :: AsError a => Getting (First ServiceError) a ServiceError

-- | Prism for InvalidViewerCertificate' errors.
_InvalidViewerCertificate :: AsError a => Getting (First ServiceError) a ServiceError

-- | The specified distribution does not exist.
_NoSuchDistribution :: AsError a => Getting (First ServiceError) a ServiceError

-- | The maximum size of a profile for field-level encryption was exceeded.
_FieldLevelEncryptionProfileSizeExceeded :: AsError a => Getting (First ServiceError) a ServiceError

-- | The default root object file name is too big or contains an invalid
--   character.
_InvalidDefaultRootObject :: AsError a => Getting (First ServiceError) a ServiceError

-- | Processing your request would cause the maximum number of
--   distributions with Lambda function associations per owner to be
--   exceeded.
_TooManyDistributionsWithLambdaAssociations :: AsError a => Getting (First ServiceError) a ServiceError

-- | Prism for InvalidGeoRestrictionParameter' errors.
_InvalidGeoRestrictionParameter :: AsError a => Getting (First ServiceError) a ServiceError

-- | Prism for InvalidLocationCode' errors.
_InvalidLocationCode :: AsError a => Getting (First ServiceError) a ServiceError

-- | Polls <a>GetStreamingDistribution</a> every 60 seconds until a
--   successful state is reached. An error is returned after 25 failed
--   checks.
streamingDistributionDeployed :: Wait GetStreamingDistribution

-- | Polls <a>GetDistribution</a> every 60 seconds until a successful state
--   is reached. An error is returned after 25 failed checks.
distributionDeployed :: Wait GetDistribution

-- | Polls <a>GetInvalidation</a> every 20 seconds until a successful state
--   is reached. An error is returned after 30 failed checks.
invalidationCompleted :: Wait GetInvalidation
data CertificateSource
Acm :: CertificateSource
Cloudfront :: CertificateSource
IAM :: CertificateSource
data EventType
OriginRequest :: EventType
OriginResponse :: EventType
ViewerRequest :: EventType
ViewerResponse :: EventType
data Format
URLEncoded :: Format
data GeoRestrictionType
Blacklist :: GeoRestrictionType
None :: GeoRestrictionType
Whitelist :: GeoRestrictionType
data HTTPVersion
HTTP1_1 :: HTTPVersion
HTTP2 :: HTTPVersion
data ItemSelection
ISAll :: ItemSelection
ISNone :: ItemSelection
ISWhitelist :: ItemSelection
data Method
Delete :: Method
Get :: Method
Head :: Method
Options :: Method
Patch :: Method
Post :: Method
Put :: Method
data MinimumProtocolVersion
MPVSSLV3 :: MinimumProtocolVersion
MPVTLSV1 :: MinimumProtocolVersion
MPVTLSV12016 :: MinimumProtocolVersion
MPVTLSV1_12016 :: MinimumProtocolVersion
MPVTLSV1_22018 :: MinimumProtocolVersion
data OriginProtocolPolicy
HTTPOnly :: OriginProtocolPolicy
HTTPSOnly :: OriginProtocolPolicy
MatchViewer :: OriginProtocolPolicy
data PriceClass
PriceClass100 :: PriceClass
PriceClass200 :: PriceClass
PriceClassAll :: PriceClass
data SSLProtocol
SSLV3 :: SSLProtocol
TLSV1 :: SSLProtocol
TLSV1_1 :: SSLProtocol
TLSV1_2 :: SSLProtocol
data SSLSupportMethod
SNIOnly :: SSLSupportMethod
VIP :: SSLSupportMethod
data ViewerProtocolPolicy
VPPAllowAll :: ViewerProtocolPolicy
VPPHTTPSOnly :: ViewerProtocolPolicy
VPPRedirectToHTTPS :: ViewerProtocolPolicy

-- | A complex type that lists the AWS accounts, if any, that you included
--   in the <tt>TrustedSigners</tt> complex type for this distribution.
--   These are the accounts that you want to allow to create signed URLs
--   for private content.
--   
--   The <tt>Signer</tt> complex type lists the AWS account number of the
--   trusted signer or <tt>self</tt> if the signer is the AWS account that
--   created the distribution. The <tt>Signer</tt> element also includes
--   the IDs of any active CloudFront key pairs that are associated with
--   the trusted signer's AWS account. If no <tt>KeyPairId</tt> element
--   appears for a <tt>Signer</tt> , that signer can't create signed URLs.
--   
--   For more information, see <a>Serving Private Content through
--   CloudFront</a> in the <i>Amazon CloudFront Developer Guide</i> .
--   
--   <i>See:</i> <a>activeTrustedSigners</a> smart constructor.
data ActiveTrustedSigners

-- | Creates a value of <a>ActiveTrustedSigners</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>atsItems</a> - A complex type that contains one <tt>Signer</tt>
--   complex type for each trusted signer that is specified in the
--   <tt>TrustedSigners</tt> complex type. For more information, see
--   <a>ActiveTrustedSigners</a> .</li>
--   <li><a>atsEnabled</a> - Enabled is <tt>true</tt> if any of the AWS
--   accounts listed in the <tt>TrustedSigners</tt> complex type for this
--   RTMP distribution have active CloudFront key pairs. If not,
--   <tt>Enabled</tt> is <tt>false</tt> . For more information, see
--   <a>ActiveTrustedSigners</a> .</li>
--   <li><a>atsQuantity</a> - A complex type that contains one
--   <tt>Signer</tt> complex type for each trusted signer specified in the
--   <tt>TrustedSigners</tt> complex type. For more information, see
--   <a>ActiveTrustedSigners</a> .</li>
--   </ul>
activeTrustedSigners :: Bool -> Int -> ActiveTrustedSigners

-- | A complex type that contains one <tt>Signer</tt> complex type for each
--   trusted signer that is specified in the <tt>TrustedSigners</tt>
--   complex type. For more information, see <a>ActiveTrustedSigners</a> .
atsItems :: Lens' ActiveTrustedSigners [Signer]

-- | Enabled is <tt>true</tt> if any of the AWS accounts listed in the
--   <tt>TrustedSigners</tt> complex type for this RTMP distribution have
--   active CloudFront key pairs. If not, <tt>Enabled</tt> is
--   <tt>false</tt> . For more information, see <a>ActiveTrustedSigners</a>
--   .
atsEnabled :: Lens' ActiveTrustedSigners Bool

-- | A complex type that contains one <tt>Signer</tt> complex type for each
--   trusted signer specified in the <tt>TrustedSigners</tt> complex type.
--   For more information, see <a>ActiveTrustedSigners</a> .
atsQuantity :: Lens' ActiveTrustedSigners Int

-- | A complex type that contains information about CNAMEs (alternate
--   domain names), if any, for this distribution.
--   
--   <i>See:</i> <a>aliases</a> smart constructor.
data Aliases

-- | Creates a value of <a>Aliases</a> with the minimum fields required to
--   make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>aItems</a> - A complex type that contains the CNAME aliases, if
--   any, that you want to associate with this distribution.</li>
--   <li><a>aQuantity</a> - The number of CNAME aliases, if any, that you
--   want to associate with this distribution.</li>
--   </ul>
aliases :: Int -> Aliases

-- | A complex type that contains the CNAME aliases, if any, that you want
--   to associate with this distribution.
aItems :: Lens' Aliases [Text]

-- | The number of CNAME aliases, if any, that you want to associate with
--   this distribution.
aQuantity :: Lens' Aliases Int

-- | A complex type that controls which HTTP methods CloudFront processes
--   and forwards to your Amazon S3 bucket or your custom origin. There are
--   three choices:
--   
--   <ul>
--   <li>CloudFront forwards only <tt>GET</tt> and <tt>HEAD</tt>
--   requests.</li>
--   <li>CloudFront forwards only <tt>GET</tt> , <tt>HEAD</tt> , and
--   <tt>OPTIONS</tt> requests.</li>
--   <li>CloudFront forwards <tt>GET, HEAD, OPTIONS, PUT, PATCH, POST</tt>
--   , and <tt>DELETE</tt> requests.</li>
--   </ul>
--   
--   If you pick the third choice, you may need to restrict access to your
--   Amazon S3 bucket or to your custom origin so users can't perform
--   operations that you don't want them to. For example, you might not
--   want users to have permissions to delete objects from your origin.
--   
--   <i>See:</i> <a>allowedMethods</a> smart constructor.
data AllowedMethods

-- | Creates a value of <a>AllowedMethods</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>amCachedMethods</a> - Undocumented member.</li>
--   <li><a>amQuantity</a> - The number of HTTP methods that you want
--   CloudFront to forward to your origin. Valid values are 2 (for
--   <tt>GET</tt> and <tt>HEAD</tt> requests), 3 (for <tt>GET</tt> ,
--   <tt>HEAD</tt> , and <tt>OPTIONS</tt> requests) and 7 (for <tt>GET,
--   HEAD, OPTIONS, PUT, PATCH, POST</tt> , and <tt>DELETE</tt>
--   requests).</li>
--   <li><a>amItems</a> - A complex type that contains the HTTP methods
--   that you want CloudFront to process and forward to your origin.</li>
--   </ul>
allowedMethods :: Int -> AllowedMethods

-- | Undocumented member.
amCachedMethods :: Lens' AllowedMethods (Maybe CachedMethods)

-- | The number of HTTP methods that you want CloudFront to forward to your
--   origin. Valid values are 2 (for <tt>GET</tt> and <tt>HEAD</tt>
--   requests), 3 (for <tt>GET</tt> , <tt>HEAD</tt> , and <tt>OPTIONS</tt>
--   requests) and 7 (for <tt>GET, HEAD, OPTIONS, PUT, PATCH, POST</tt> ,
--   and <tt>DELETE</tt> requests).
amQuantity :: Lens' AllowedMethods Int

-- | A complex type that contains the HTTP methods that you want CloudFront
--   to process and forward to your origin.
amItems :: Lens' AllowedMethods [Method]

-- | A complex type that describes how CloudFront processes requests.
--   
--   You must create at least as many cache behaviors (including the
--   default cache behavior) as you have origins if you want CloudFront to
--   distribute objects from all of the origins. Each cache behavior
--   specifies the one origin from which you want CloudFront to get
--   objects. If you have two origins and only the default cache behavior,
--   the default cache behavior will cause CloudFront to get objects from
--   one of the origins, but the other origin is never used.
--   
--   For the current limit on the number of cache behaviors that you can
--   add to a distribution, see <a>Amazon CloudFront Limits</a> in the
--   <i>AWS General Reference</i> .
--   
--   If you don't want to specify any cache behaviors, include only an
--   empty <tt>CacheBehaviors</tt> element. Don't include an empty
--   <tt>CacheBehavior</tt> element, or CloudFront returns a
--   <tt>MalformedXML</tt> error.
--   
--   To delete all cache behaviors in an existing distribution, update the
--   distribution configuration and include only an empty
--   <tt>CacheBehaviors</tt> element.
--   
--   To add, change, or remove one or more cache behaviors, update the
--   distribution configuration and specify all of the cache behaviors that
--   you want to include in the updated distribution.
--   
--   For more information about cache behaviors, see <a>Cache Behaviors</a>
--   in the <i>Amazon CloudFront Developer Guide</i> .
--   
--   <i>See:</i> <a>cacheBehavior</a> smart constructor.
data CacheBehavior

-- | Creates a value of <a>CacheBehavior</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>cbAllowedMethods</a> - Undocumented member.</li>
--   <li><a>cbLambdaFunctionAssociations</a> - A complex type that contains
--   zero or more Lambda function associations for a cache behavior.</li>
--   <li><a>cbMaxTTL</a> - The maximum amount of time that you want objects
--   to stay in CloudFront caches before CloudFront forwards another
--   request to your origin to determine whether the object has been
--   updated. The value that you specify applies only when your origin adds
--   HTTP headers such as <tt>Cache-Control max-age</tt> ,
--   <tt>Cache-Control s-maxage</tt> , and <tt>Expires</tt> to objects. For
--   more information, see <a>Specifying How Long Objects and Errors Stay
--   in a CloudFront Edge Cache (Expiration)</a> in the <i>Amazon
--   CloudFront Developer Guide</i> .</li>
--   <li><a>cbCompress</a> - Whether you want CloudFront to automatically
--   compress certain files for this cache behavior. If so, specify true;
--   if not, specify false. For more information, see <a>Serving Compressed
--   Files</a> in the <i>Amazon CloudFront Developer Guide</i> .</li>
--   <li><a>cbSmoothStreaming</a> - Indicates whether you want to
--   distribute media files in the Microsoft Smooth Streaming format using
--   the origin that is associated with this cache behavior. If so, specify
--   <tt>true</tt> ; if not, specify <tt>false</tt> . If you specify
--   <tt>true</tt> for <tt>SmoothStreaming</tt> , you can still distribute
--   other content using this cache behavior if the content matches the
--   value of <tt>PathPattern</tt> .</li>
--   <li><a>cbDefaultTTL</a> - The default amount of time that you want
--   objects to stay in CloudFront caches before CloudFront forwards
--   another request to your origin to determine whether the object has
--   been updated. The value that you specify applies only when your origin
--   does not add HTTP headers such as <tt>Cache-Control max-age</tt> ,
--   <tt>Cache-Control s-maxage</tt> , and <tt>Expires</tt> to objects. For
--   more information, see <a>Specifying How Long Objects and Errors Stay
--   in a CloudFront Edge Cache (Expiration)</a> in the <i>Amazon
--   CloudFront Developer Guide</i> .</li>
--   <li><a>cbFieldLevelEncryptionId</a> - Undocumented member.</li>
--   <li><a>cbPathPattern</a> - The pattern (for example,
--   <tt>images/*.jpg</tt> ) that specifies which requests to apply the
--   behavior to. When CloudFront receives a viewer request, the requested
--   path is compared with path patterns in the order in which cache
--   behaviors are listed in the distribution. The path pattern for the
--   default cache behavior is <tt>*</tt> and cannot be changed. If the
--   request for an object does not match the path pattern for any cache
--   behaviors, CloudFront applies the behavior in the default cache
--   behavior. For more information, see <a>Path Pattern</a> in the
--   <i>Amazon CloudFront Developer Guide</i> .</li>
--   <li><a>cbTargetOriginId</a> - The value of <tt>ID</tt> for the origin
--   that you want CloudFront to route requests to when a request matches
--   the path pattern either for a cache behavior or for the default cache
--   behavior.</li>
--   <li><a>cbForwardedValues</a> - A complex type that specifies how
--   CloudFront handles query strings and cookies.</li>
--   <li><a>cbTrustedSigners</a> - A complex type that specifies the AWS
--   accounts, if any, that you want to allow to create signed URLs for
--   private content. If you want to require signed URLs in requests for
--   objects in the target origin that match the <tt>PathPattern</tt> for
--   this cache behavior, specify <tt>true</tt> for <tt>Enabled</tt> , and
--   specify the applicable values for <tt>Quantity</tt> and <tt>Items</tt>
--   . For more information, see <a>Serving Private Content through
--   CloudFront</a> in the <i>Amazon Amazon CloudFront Developer Guide</i>
--   . If you don't want to require signed URLs in requests for objects
--   that match <tt>PathPattern</tt> , specify <tt>false</tt> for
--   <tt>Enabled</tt> and <tt>0</tt> for <tt>Quantity</tt> . Omit
--   <tt>Items</tt> . To add, change, or remove one or more trusted
--   signers, change <tt>Enabled</tt> to <tt>true</tt> (if it's currently
--   <tt>false</tt> ), change <tt>Quantity</tt> as applicable, and specify
--   all of the trusted signers that you want to include in the updated
--   distribution.</li>
--   <li><a>cbViewerProtocolPolicy</a> - The protocol that viewers can use
--   to access the files in the origin specified by <tt>TargetOriginId</tt>
--   when a request matches the path pattern in <tt>PathPattern</tt> . You
--   can specify the following options: * <tt>allow-all</tt> : Viewers can
--   use HTTP or HTTPS. * <tt>redirect-to-https</tt> : If a viewer submits
--   an HTTP request, CloudFront returns an HTTP status code of 301 (Moved
--   Permanently) to the viewer along with the HTTPS URL. The viewer then
--   resubmits the request using the new URL. * <tt>https-only</tt> : If a
--   viewer sends an HTTP request, CloudFront returns an HTTP status code
--   of 403 (Forbidden). For more information about requiring the HTTPS
--   protocol, see <a>Using an HTTPS Connection to Access Your Objects</a>
--   in the <i>Amazon CloudFront Developer Guide</i> .</li>
--   <li><a>cbMinTTL</a> - The minimum amount of time that you want objects
--   to stay in CloudFront caches before CloudFront forwards another
--   request to your origin to determine whether the object has been
--   updated. For more information, see <a>Specifying How Long Objects and
--   Errors Stay in a CloudFront Edge Cache (Expiration)</a> in the
--   <i>Amazon Amazon CloudFront Developer Guide</i> . You must specify
--   <tt>0</tt> for <tt>MinTTL</tt> if you configure CloudFront to forward
--   all headers to your origin (under <tt>Headers</tt> , if you specify
--   <tt>1</tt> for <tt>Quantity</tt> and <tt>*</tt> for <tt>Name</tt>
--   ).</li>
--   </ul>
cacheBehavior :: Text -> Text -> ForwardedValues -> TrustedSigners -> ViewerProtocolPolicy -> Integer -> CacheBehavior

-- | Undocumented member.
cbAllowedMethods :: Lens' CacheBehavior (Maybe AllowedMethods)

-- | A complex type that contains zero or more Lambda function associations
--   for a cache behavior.
cbLambdaFunctionAssociations :: Lens' CacheBehavior (Maybe LambdaFunctionAssociations)

-- | The maximum amount of time that you want objects to stay in CloudFront
--   caches before CloudFront forwards another request to your origin to
--   determine whether the object has been updated. The value that you
--   specify applies only when your origin adds HTTP headers such as
--   <tt>Cache-Control max-age</tt> , <tt>Cache-Control s-maxage</tt> , and
--   <tt>Expires</tt> to objects. For more information, see <a>Specifying
--   How Long Objects and Errors Stay in a CloudFront Edge Cache
--   (Expiration)</a> in the <i>Amazon CloudFront Developer Guide</i> .
cbMaxTTL :: Lens' CacheBehavior (Maybe Integer)

-- | Whether you want CloudFront to automatically compress certain files
--   for this cache behavior. If so, specify true; if not, specify false.
--   For more information, see <a>Serving Compressed Files</a> in the
--   <i>Amazon CloudFront Developer Guide</i> .
cbCompress :: Lens' CacheBehavior (Maybe Bool)

-- | Indicates whether you want to distribute media files in the Microsoft
--   Smooth Streaming format using the origin that is associated with this
--   cache behavior. If so, specify <tt>true</tt> ; if not, specify
--   <tt>false</tt> . If you specify <tt>true</tt> for
--   <tt>SmoothStreaming</tt> , you can still distribute other content
--   using this cache behavior if the content matches the value of
--   <tt>PathPattern</tt> .
cbSmoothStreaming :: Lens' CacheBehavior (Maybe Bool)

-- | The default amount of time that you want objects to stay in CloudFront
--   caches before CloudFront forwards another request to your origin to
--   determine whether the object has been updated. The value that you
--   specify applies only when your origin does not add HTTP headers such
--   as <tt>Cache-Control max-age</tt> , <tt>Cache-Control s-maxage</tt> ,
--   and <tt>Expires</tt> to objects. For more information, see
--   <a>Specifying How Long Objects and Errors Stay in a CloudFront Edge
--   Cache (Expiration)</a> in the <i>Amazon CloudFront Developer Guide</i>
--   .
cbDefaultTTL :: Lens' CacheBehavior (Maybe Integer)

-- | Undocumented member.
cbFieldLevelEncryptionId :: Lens' CacheBehavior (Maybe Text)

-- | The pattern (for example, <tt>images/*.jpg</tt> ) that specifies which
--   requests to apply the behavior to. When CloudFront receives a viewer
--   request, the requested path is compared with path patterns in the
--   order in which cache behaviors are listed in the distribution. The
--   path pattern for the default cache behavior is <tt>*</tt> and cannot
--   be changed. If the request for an object does not match the path
--   pattern for any cache behaviors, CloudFront applies the behavior in
--   the default cache behavior. For more information, see <a>Path
--   Pattern</a> in the <i>Amazon CloudFront Developer Guide</i> .
cbPathPattern :: Lens' CacheBehavior Text

-- | The value of <tt>ID</tt> for the origin that you want CloudFront to
--   route requests to when a request matches the path pattern either for a
--   cache behavior or for the default cache behavior.
cbTargetOriginId :: Lens' CacheBehavior Text

-- | A complex type that specifies how CloudFront handles query strings and
--   cookies.
cbForwardedValues :: Lens' CacheBehavior ForwardedValues

-- | A complex type that specifies the AWS accounts, if any, that you want
--   to allow to create signed URLs for private content. If you want to
--   require signed URLs in requests for objects in the target origin that
--   match the <tt>PathPattern</tt> for this cache behavior, specify
--   <tt>true</tt> for <tt>Enabled</tt> , and specify the applicable values
--   for <tt>Quantity</tt> and <tt>Items</tt> . For more information, see
--   <a>Serving Private Content through CloudFront</a> in the <i>Amazon
--   Amazon CloudFront Developer Guide</i> . If you don't want to require
--   signed URLs in requests for objects that match <tt>PathPattern</tt> ,
--   specify <tt>false</tt> for <tt>Enabled</tt> and <tt>0</tt> for
--   <tt>Quantity</tt> . Omit <tt>Items</tt> . To add, change, or remove
--   one or more trusted signers, change <tt>Enabled</tt> to <tt>true</tt>
--   (if it's currently <tt>false</tt> ), change <tt>Quantity</tt> as
--   applicable, and specify all of the trusted signers that you want to
--   include in the updated distribution.
cbTrustedSigners :: Lens' CacheBehavior TrustedSigners

-- | The protocol that viewers can use to access the files in the origin
--   specified by <tt>TargetOriginId</tt> when a request matches the path
--   pattern in <tt>PathPattern</tt> . You can specify the following
--   options: * <tt>allow-all</tt> : Viewers can use HTTP or HTTPS. *
--   <tt>redirect-to-https</tt> : If a viewer submits an HTTP request,
--   CloudFront returns an HTTP status code of 301 (Moved Permanently) to
--   the viewer along with the HTTPS URL. The viewer then resubmits the
--   request using the new URL. * <tt>https-only</tt> : If a viewer sends
--   an HTTP request, CloudFront returns an HTTP status code of 403
--   (Forbidden). For more information about requiring the HTTPS protocol,
--   see <a>Using an HTTPS Connection to Access Your Objects</a> in the
--   <i>Amazon CloudFront Developer Guide</i> .
cbViewerProtocolPolicy :: Lens' CacheBehavior ViewerProtocolPolicy

-- | The minimum amount of time that you want objects to stay in CloudFront
--   caches before CloudFront forwards another request to your origin to
--   determine whether the object has been updated. For more information,
--   see <a>Specifying How Long Objects and Errors Stay in a CloudFront
--   Edge Cache (Expiration)</a> in the <i>Amazon Amazon CloudFront
--   Developer Guide</i> . You must specify <tt>0</tt> for <tt>MinTTL</tt>
--   if you configure CloudFront to forward all headers to your origin
--   (under <tt>Headers</tt> , if you specify <tt>1</tt> for
--   <tt>Quantity</tt> and <tt>*</tt> for <tt>Name</tt> ).
cbMinTTL :: Lens' CacheBehavior Integer

-- | A complex type that contains zero or more <tt>CacheBehavior</tt>
--   elements.
--   
--   <i>See:</i> <a>cacheBehaviors</a> smart constructor.
data CacheBehaviors

-- | Creates a value of <a>CacheBehaviors</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>cbItems</a> - Optional: A complex type that contains cache
--   behaviors for this distribution. If <tt>Quantity</tt> is <tt>0</tt> ,
--   you can omit <tt>Items</tt> .</li>
--   <li><a>cbQuantity</a> - The number of cache behaviors for this
--   distribution.</li>
--   </ul>
cacheBehaviors :: Int -> CacheBehaviors

-- | Optional: A complex type that contains cache behaviors for this
--   distribution. If <tt>Quantity</tt> is <tt>0</tt> , you can omit
--   <tt>Items</tt> .
cbItems :: Lens' CacheBehaviors [CacheBehavior]

-- | The number of cache behaviors for this distribution.
cbQuantity :: Lens' CacheBehaviors Int

-- | A complex type that controls whether CloudFront caches the response to
--   requests using the specified HTTP methods. There are two choices:
--   
--   <ul>
--   <li>CloudFront caches responses to <tt>GET</tt> and <tt>HEAD</tt>
--   requests.</li>
--   <li>CloudFront caches responses to <tt>GET</tt> , <tt>HEAD</tt> , and
--   <tt>OPTIONS</tt> requests.</li>
--   </ul>
--   
--   If you pick the second choice for your Amazon S3 Origin, you may need
--   to forward Access-Control-Request-Method,
--   Access-Control-Request-Headers, and Origin headers for the responses
--   to be cached correctly.
--   
--   <i>See:</i> <a>cachedMethods</a> smart constructor.
data CachedMethods

-- | Creates a value of <a>CachedMethods</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>cmQuantity</a> - The number of HTTP methods for which you want
--   CloudFront to cache responses. Valid values are <tt>2</tt> (for
--   caching responses to <tt>GET</tt> and <tt>HEAD</tt> requests) and
--   <tt>3</tt> (for caching responses to <tt>GET</tt> , <tt>HEAD</tt> ,
--   and <tt>OPTIONS</tt> requests).</li>
--   <li><a>cmItems</a> - A complex type that contains the HTTP methods
--   that you want CloudFront to cache responses to.</li>
--   </ul>
cachedMethods :: Int -> CachedMethods

-- | The number of HTTP methods for which you want CloudFront to cache
--   responses. Valid values are <tt>2</tt> (for caching responses to
--   <tt>GET</tt> and <tt>HEAD</tt> requests) and <tt>3</tt> (for caching
--   responses to <tt>GET</tt> , <tt>HEAD</tt> , and <tt>OPTIONS</tt>
--   requests).
cmQuantity :: Lens' CachedMethods Int

-- | A complex type that contains the HTTP methods that you want CloudFront
--   to cache responses to.
cmItems :: Lens' CachedMethods [Method]

-- | CloudFront origin access identity.
--   
--   <i>See:</i> <a>cloudFrontOriginAccessIdentity</a> smart constructor.
data CloudFrontOriginAccessIdentity

-- | Creates a value of <a>CloudFrontOriginAccessIdentity</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>cfoaiCloudFrontOriginAccessIdentityConfig</a> - The current
--   configuration information for the identity.</li>
--   <li><a>cfoaiId</a> - The ID for the origin access identity, for
--   example, <tt>E74FTE3AJFJ256A</tt> .</li>
--   <li><a>cfoaiS3CanonicalUserId</a> - The Amazon S3 canonical user ID
--   for the origin access identity, used when giving the origin access
--   identity read permission to an object in Amazon S3.</li>
--   </ul>
cloudFrontOriginAccessIdentity :: Text -> Text -> CloudFrontOriginAccessIdentity

-- | The current configuration information for the identity.
cfoaiCloudFrontOriginAccessIdentityConfig :: Lens' CloudFrontOriginAccessIdentity (Maybe CloudFrontOriginAccessIdentityConfig)

-- | The ID for the origin access identity, for example,
--   <tt>E74FTE3AJFJ256A</tt> .
cfoaiId :: Lens' CloudFrontOriginAccessIdentity Text

-- | The Amazon S3 canonical user ID for the origin access identity, used
--   when giving the origin access identity read permission to an object in
--   Amazon S3.
cfoaiS3CanonicalUserId :: Lens' CloudFrontOriginAccessIdentity Text

-- | Origin access identity configuration. Send a <tt>GET</tt> request to
--   the <tt>/<i>CloudFront API version</i> <i>CloudFront</i>identity
--   ID/config</tt> resource.
--   
--   <i>See:</i> <a>cloudFrontOriginAccessIdentityConfig</a> smart
--   constructor.
data CloudFrontOriginAccessIdentityConfig

-- | Creates a value of <a>CloudFrontOriginAccessIdentityConfig</a> with
--   the minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>cfoaicCallerReference</a> - A unique number that ensures the
--   request can't be replayed. If the <tt>CallerReference</tt> is new (no
--   matter the content of the
--   <tt>CloudFrontOriginAccessIdentityConfig</tt> object), a new origin
--   access identity is created. If the <tt>CallerReference</tt> is a value
--   already sent in a previous identity request, and the content of the
--   <tt>CloudFrontOriginAccessIdentityConfig</tt> is identical to the
--   original request (ignoring white space), the response includes the
--   same information returned to the original request. If the
--   <tt>CallerReference</tt> is a value you already sent in a previous
--   request to create an identity, but the content of the
--   <tt>CloudFrontOriginAccessIdentityConfig</tt> is different from the
--   original request, CloudFront returns a
--   <tt>CloudFrontOriginAccessIdentityAlreadyExists</tt> error.</li>
--   <li><a>cfoaicComment</a> - Any comments you want to include about the
--   origin access identity.</li>
--   </ul>
cloudFrontOriginAccessIdentityConfig :: Text -> Text -> CloudFrontOriginAccessIdentityConfig

-- | A unique number that ensures the request can't be replayed. If the
--   <tt>CallerReference</tt> is new (no matter the content of the
--   <tt>CloudFrontOriginAccessIdentityConfig</tt> object), a new origin
--   access identity is created. If the <tt>CallerReference</tt> is a value
--   already sent in a previous identity request, and the content of the
--   <tt>CloudFrontOriginAccessIdentityConfig</tt> is identical to the
--   original request (ignoring white space), the response includes the
--   same information returned to the original request. If the
--   <tt>CallerReference</tt> is a value you already sent in a previous
--   request to create an identity, but the content of the
--   <tt>CloudFrontOriginAccessIdentityConfig</tt> is different from the
--   original request, CloudFront returns a
--   <tt>CloudFrontOriginAccessIdentityAlreadyExists</tt> error.
cfoaicCallerReference :: Lens' CloudFrontOriginAccessIdentityConfig Text

-- | Any comments you want to include about the origin access identity.
cfoaicComment :: Lens' CloudFrontOriginAccessIdentityConfig Text

-- | Lists the origin access identities for CloudFront.Send a <tt>GET</tt>
--   request to the <tt>/<i>CloudFront API version</i>
--   <i>origin-access-identity</i>cloudfront</tt> resource. The response
--   includes a <tt>CloudFrontOriginAccessIdentityList</tt> element with
--   zero or more <tt>CloudFrontOriginAccessIdentitySummary</tt> child
--   elements. By default, your entire list of origin access identities is
--   returned in one single page. If the list is long, you can paginate it
--   using the <tt>MaxItems</tt> and <tt>Marker</tt> parameters.
--   
--   <i>See:</i> <a>cloudFrontOriginAccessIdentityList</a> smart
--   constructor.
data CloudFrontOriginAccessIdentityList

-- | Creates a value of <a>CloudFrontOriginAccessIdentityList</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>cfoailItems</a> - A complex type that contains one
--   <tt>CloudFrontOriginAccessIdentitySummary</tt> element for each origin
--   access identity that was created by the current AWS account.</li>
--   <li><a>cfoailNextMarker</a> - If <tt>IsTruncated</tt> is <tt>true</tt>
--   , this element is present and contains the value you can use for the
--   <tt>Marker</tt> request parameter to continue listing your origin
--   access identities where they left off.</li>
--   <li><a>cfoailMarker</a> - Use this when paginating results to indicate
--   where to begin in your list of origin access identities. The results
--   include identities in the list that occur after the marker. To get the
--   next page of results, set the <tt>Marker</tt> to the value of the
--   <tt>NextMarker</tt> from the current page's response (which is also
--   the ID of the last identity on that page).</li>
--   <li><a>cfoailMaxItems</a> - The maximum number of origin access
--   identities you want in the response body.</li>
--   <li><a>cfoailIsTruncated</a> - A flag that indicates whether more
--   origin access identities remain to be listed. If your results were
--   truncated, you can make a follow-up pagination request using the
--   <tt>Marker</tt> request parameter to retrieve more items in the
--   list.</li>
--   <li><a>cfoailQuantity</a> - The number of CloudFront origin access
--   identities that were created by the current AWS account.</li>
--   </ul>
cloudFrontOriginAccessIdentityList :: Text -> Int -> Bool -> Int -> CloudFrontOriginAccessIdentityList

-- | A complex type that contains one
--   <tt>CloudFrontOriginAccessIdentitySummary</tt> element for each origin
--   access identity that was created by the current AWS account.
cfoailItems :: Lens' CloudFrontOriginAccessIdentityList [CloudFrontOriginAccessIdentitySummary]

-- | If <tt>IsTruncated</tt> is <tt>true</tt> , this element is present and
--   contains the value you can use for the <tt>Marker</tt> request
--   parameter to continue listing your origin access identities where they
--   left off.
cfoailNextMarker :: Lens' CloudFrontOriginAccessIdentityList (Maybe Text)

-- | Use this when paginating results to indicate where to begin in your
--   list of origin access identities. The results include identities in
--   the list that occur after the marker. To get the next page of results,
--   set the <tt>Marker</tt> to the value of the <tt>NextMarker</tt> from
--   the current page's response (which is also the ID of the last identity
--   on that page).
cfoailMarker :: Lens' CloudFrontOriginAccessIdentityList Text

-- | The maximum number of origin access identities you want in the
--   response body.
cfoailMaxItems :: Lens' CloudFrontOriginAccessIdentityList Int

-- | A flag that indicates whether more origin access identities remain to
--   be listed. If your results were truncated, you can make a follow-up
--   pagination request using the <tt>Marker</tt> request parameter to
--   retrieve more items in the list.
cfoailIsTruncated :: Lens' CloudFrontOriginAccessIdentityList Bool

-- | The number of CloudFront origin access identities that were created by
--   the current AWS account.
cfoailQuantity :: Lens' CloudFrontOriginAccessIdentityList Int

-- | Summary of the information about a CloudFront origin access identity.
--   
--   <i>See:</i> <a>cloudFrontOriginAccessIdentitySummary</a> smart
--   constructor.
data CloudFrontOriginAccessIdentitySummary

-- | Creates a value of <a>CloudFrontOriginAccessIdentitySummary</a> with
--   the minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>cfoaisId</a> - The ID for the origin access identity. For
--   example: <tt>E74FTE3AJFJ256A</tt> .</li>
--   <li><a>cfoaisS3CanonicalUserId</a> - The Amazon S3 canonical user ID
--   for the origin access identity, which you use when giving the origin
--   access identity read permission to an object in Amazon S3.</li>
--   <li><a>cfoaisComment</a> - The comment for this origin access
--   identity, as originally specified when created.</li>
--   </ul>
cloudFrontOriginAccessIdentitySummary :: Text -> Text -> Text -> CloudFrontOriginAccessIdentitySummary

-- | The ID for the origin access identity. For example:
--   <tt>E74FTE3AJFJ256A</tt> .
cfoaisId :: Lens' CloudFrontOriginAccessIdentitySummary Text

-- | The Amazon S3 canonical user ID for the origin access identity, which
--   you use when giving the origin access identity read permission to an
--   object in Amazon S3.
cfoaisS3CanonicalUserId :: Lens' CloudFrontOriginAccessIdentitySummary Text

-- | The comment for this origin access identity, as originally specified
--   when created.
cfoaisComment :: Lens' CloudFrontOriginAccessIdentitySummary Text

-- | A field-level encryption content type profile.
--   
--   <i>See:</i> <a>contentTypeProfile</a> smart constructor.
data ContentTypeProfile

-- | Creates a value of <a>ContentTypeProfile</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>ctpProfileId</a> - The profile ID for a field-level encryption
--   content type-profile mapping.</li>
--   <li><a>ctpFormat</a> - The format for a field-level encryption content
--   type-profile mapping.</li>
--   <li><a>ctpContentType</a> - The content type for a field-level
--   encryption content type-profile mapping.</li>
--   </ul>
contentTypeProfile :: Format -> Text -> ContentTypeProfile

-- | The profile ID for a field-level encryption content type-profile
--   mapping.
ctpProfileId :: Lens' ContentTypeProfile (Maybe Text)

-- | The format for a field-level encryption content type-profile mapping.
ctpFormat :: Lens' ContentTypeProfile Format

-- | The content type for a field-level encryption content type-profile
--   mapping.
ctpContentType :: Lens' ContentTypeProfile Text

-- | The configuration for a field-level encryption content type-profile
--   mapping.
--   
--   <i>See:</i> <a>contentTypeProfileConfig</a> smart constructor.
data ContentTypeProfileConfig

-- | Creates a value of <a>ContentTypeProfileConfig</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>ctpcContentTypeProfiles</a> - The configuration for a
--   field-level encryption content type-profile.</li>
--   <li><a>ctpcForwardWhenContentTypeIsUnknown</a> - The setting in a
--   field-level encryption content type-profile mapping that specifies
--   what to do when an unknown content type is provided for the profile.
--   If true, content is forwarded without being encrypted when the content
--   type is unknown. If false (the default), an error is returned when the
--   content type is unknown.</li>
--   </ul>
contentTypeProfileConfig :: Bool -> ContentTypeProfileConfig

-- | The configuration for a field-level encryption content type-profile.
ctpcContentTypeProfiles :: Lens' ContentTypeProfileConfig (Maybe ContentTypeProfiles)

-- | The setting in a field-level encryption content type-profile mapping
--   that specifies what to do when an unknown content type is provided for
--   the profile. If true, content is forwarded without being encrypted
--   when the content type is unknown. If false (the default), an error is
--   returned when the content type is unknown.
ctpcForwardWhenContentTypeIsUnknown :: Lens' ContentTypeProfileConfig Bool

-- | Field-level encryption content type-profile.
--   
--   <i>See:</i> <a>contentTypeProfiles</a> smart constructor.
data ContentTypeProfiles

-- | Creates a value of <a>ContentTypeProfiles</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>ctpItems</a> - Items in a field-level encryption content
--   type-profile mapping.</li>
--   <li><a>ctpQuantity</a> - The number of field-level encryption content
--   type-profile mappings.</li>
--   </ul>
contentTypeProfiles :: Int -> ContentTypeProfiles

-- | Items in a field-level encryption content type-profile mapping.
ctpItems :: Lens' ContentTypeProfiles [ContentTypeProfile]

-- | The number of field-level encryption content type-profile mappings.
ctpQuantity :: Lens' ContentTypeProfiles Int

-- | A complex type that specifies whether you want CloudFront to forward
--   cookies to the origin and, if so, which ones. For more information
--   about forwarding cookies to the origin, see <a>How CloudFront
--   Forwards, Caches, and Logs Cookies</a> in the <i>Amazon CloudFront
--   Developer Guide</i> .
--   
--   <i>See:</i> <a>cookieNames</a> smart constructor.
data CookieNames

-- | Creates a value of <a>CookieNames</a> with the minimum fields required
--   to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>cnItems</a> - A complex type that contains one <tt>Name</tt>
--   element for each cookie that you want CloudFront to forward to the
--   origin for this cache behavior.</li>
--   <li><a>cnQuantity</a> - The number of different cookies that you want
--   CloudFront to forward to the origin for this cache behavior.</li>
--   </ul>
cookieNames :: Int -> CookieNames

-- | A complex type that contains one <tt>Name</tt> element for each cookie
--   that you want CloudFront to forward to the origin for this cache
--   behavior.
cnItems :: Lens' CookieNames [Text]

-- | The number of different cookies that you want CloudFront to forward to
--   the origin for this cache behavior.
cnQuantity :: Lens' CookieNames Int

-- | A complex type that specifies whether you want CloudFront to forward
--   cookies to the origin and, if so, which ones. For more information
--   about forwarding cookies to the origin, see <a>How CloudFront
--   Forwards, Caches, and Logs Cookies</a> in the <i>Amazon CloudFront
--   Developer Guide</i> .
--   
--   <i>See:</i> <a>cookiePreference</a> smart constructor.
data CookiePreference

-- | Creates a value of <a>CookiePreference</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>cpWhitelistedNames</a> - Required if you specify
--   <tt>whitelist</tt> for the value of <tt>Forward:</tt> . A complex type
--   that specifies how many different cookies you want CloudFront to
--   forward to the origin for this cache behavior and, if you want to
--   forward selected cookies, the names of those cookies. If you specify
--   <tt>all</tt> or none for the value of <tt>Forward</tt> , omit
--   <tt>WhitelistedNames</tt> . If you change the value of
--   <tt>Forward</tt> from <tt>whitelist</tt> to all or none and you don't
--   delete the <tt>WhitelistedNames</tt> element and its child elements,
--   CloudFront deletes them automatically. For the current limit on the
--   number of cookie names that you can whitelist for each cache behavior,
--   see <a>Amazon CloudFront Limits</a> in the <i>AWS General
--   Reference</i> .</li>
--   <li><a>cpForward</a> - Specifies which cookies to forward to the
--   origin for this cache behavior: all, none, or the list of cookies
--   specified in the <tt>WhitelistedNames</tt> complex type. Amazon S3
--   doesn't process cookies. When the cache behavior is forwarding
--   requests to an Amazon S3 origin, specify none for the <tt>Forward</tt>
--   element.</li>
--   </ul>
cookiePreference :: ItemSelection -> CookiePreference

-- | Required if you specify <tt>whitelist</tt> for the value of
--   <tt>Forward:</tt> . A complex type that specifies how many different
--   cookies you want CloudFront to forward to the origin for this cache
--   behavior and, if you want to forward selected cookies, the names of
--   those cookies. If you specify <tt>all</tt> or none for the value of
--   <tt>Forward</tt> , omit <tt>WhitelistedNames</tt> . If you change the
--   value of <tt>Forward</tt> from <tt>whitelist</tt> to all or none and
--   you don't delete the <tt>WhitelistedNames</tt> element and its child
--   elements, CloudFront deletes them automatically. For the current limit
--   on the number of cookie names that you can whitelist for each cache
--   behavior, see <a>Amazon CloudFront Limits</a> in the <i>AWS General
--   Reference</i> .
cpWhitelistedNames :: Lens' CookiePreference (Maybe CookieNames)

-- | Specifies which cookies to forward to the origin for this cache
--   behavior: all, none, or the list of cookies specified in the
--   <tt>WhitelistedNames</tt> complex type. Amazon S3 doesn't process
--   cookies. When the cache behavior is forwarding requests to an Amazon
--   S3 origin, specify none for the <tt>Forward</tt> element.
cpForward :: Lens' CookiePreference ItemSelection

-- | A complex type that controls:
--   
--   <ul>
--   <li>Whether CloudFront replaces HTTP status codes in the 4xx and 5xx
--   range with custom error messages before returning the response to the
--   viewer.</li>
--   <li>How long CloudFront caches HTTP status codes in the 4xx and 5xx
--   range.</li>
--   </ul>
--   
--   For more information about custom error pages, see <a>Customizing
--   Error Responses</a> in the <i>Amazon CloudFront Developer Guide</i> .
--   
--   <i>See:</i> <a>customErrorResponse</a> smart constructor.
data CustomErrorResponse

-- | Creates a value of <a>CustomErrorResponse</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>ceResponsePagePath</a> - The path to the custom error page that
--   you want CloudFront to return to a viewer when your origin returns the
--   HTTP status code specified by <tt>ErrorCode</tt> , for example,
--   <tt><i>4xx-errors</i>403-forbidden.html</tt> . If you want to store
--   your objects and your custom error pages in different locations, your
--   distribution must include a cache behavior for which the following is
--   true: * The value of <tt>PathPattern</tt> matches the path to your
--   custom error messages. For example, suppose you saved custom error
--   pages for 4xx errors in an Amazon S3 bucket in a directory named
--   <tt>/4xx-errors</tt> . Your distribution must include a cache behavior
--   for which the path pattern routes requests for your custom error pages
--   to that location, for example, <tt><i>4xx-errors</i>*</tt> . * The
--   value of <tt>TargetOriginId</tt> specifies the value of the
--   <tt>ID</tt> element for the origin that contains your custom error
--   pages. If you specify a value for <tt>ResponsePagePath</tt> , you must
--   also specify a value for <tt>ResponseCode</tt> . If you don't want to
--   specify a value, include an empty element,
--   <tt><a>ResponsePagePath</a></tt> , in the XML document. We recommend
--   that you store custom error pages in an Amazon S3 bucket. If you store
--   custom error pages on an HTTP server and the server starts to return
--   5xx errors, CloudFront can't get the files that you want to return to
--   viewers because the origin server is unavailable.</li>
--   <li><a>ceResponseCode</a> - The HTTP status code that you want
--   CloudFront to return to the viewer along with the custom error page.
--   There are a variety of reasons that you might want CloudFront to
--   return a status code different from the status code that your origin
--   returned to CloudFront, for example: * Some Internet devices (some
--   firewalls and corporate proxies, for example) intercept HTTP 4xx and
--   5xx and prevent the response from being returned to the viewer. If you
--   substitute <tt>200</tt> , the response typically won't be intercepted.
--   * If you don't care about distinguishing among different client errors
--   or server errors, you can specify <tt>400</tt> or <tt>500</tt> as the
--   <tt>ResponseCode</tt> for all 4xx or 5xx errors. * You might want to
--   return a <tt>200</tt> status code (OK) and static website so your
--   customers don't know that your website is down. If you specify a value
--   for <tt>ResponseCode</tt> , you must also specify a value for
--   <tt>ResponsePagePath</tt> . If you don't want to specify a value,
--   include an empty element, <tt><a>ResponseCode</a></tt> , in the XML
--   document.</li>
--   <li><a>ceErrorCachingMinTTL</a> - The minimum amount of time, in
--   seconds, that you want CloudFront to cache the HTTP status code
--   specified in <tt>ErrorCode</tt> . When this time period has elapsed,
--   CloudFront queries your origin to see whether the problem that caused
--   the error has been resolved and the requested object is now available.
--   If you don't want to specify a value, include an empty element,
--   <tt><a>ErrorCachingMinTTL</a></tt> , in the XML document. For more
--   information, see <a>Customizing Error Responses</a> in the <i>Amazon
--   CloudFront Developer Guide</i> .</li>
--   <li><a>ceErrorCode</a> - The HTTP status code for which you want to
--   specify a custom error page and/or a caching duration.</li>
--   </ul>
customErrorResponse :: Int -> CustomErrorResponse

-- | The path to the custom error page that you want CloudFront to return
--   to a viewer when your origin returns the HTTP status code specified by
--   <tt>ErrorCode</tt> , for example,
--   <tt><i>4xx-errors</i>403-forbidden.html</tt> . If you want to store
--   your objects and your custom error pages in different locations, your
--   distribution must include a cache behavior for which the following is
--   true: * The value of <tt>PathPattern</tt> matches the path to your
--   custom error messages. For example, suppose you saved custom error
--   pages for 4xx errors in an Amazon S3 bucket in a directory named
--   <tt>/4xx-errors</tt> . Your distribution must include a cache behavior
--   for which the path pattern routes requests for your custom error pages
--   to that location, for example, <tt><i>4xx-errors</i>*</tt> . * The
--   value of <tt>TargetOriginId</tt> specifies the value of the
--   <tt>ID</tt> element for the origin that contains your custom error
--   pages. If you specify a value for <tt>ResponsePagePath</tt> , you must
--   also specify a value for <tt>ResponseCode</tt> . If you don't want to
--   specify a value, include an empty element,
--   <tt><a>ResponsePagePath</a></tt> , in the XML document. We recommend
--   that you store custom error pages in an Amazon S3 bucket. If you store
--   custom error pages on an HTTP server and the server starts to return
--   5xx errors, CloudFront can't get the files that you want to return to
--   viewers because the origin server is unavailable.
ceResponsePagePath :: Lens' CustomErrorResponse (Maybe Text)

-- | The HTTP status code that you want CloudFront to return to the viewer
--   along with the custom error page. There are a variety of reasons that
--   you might want CloudFront to return a status code different from the
--   status code that your origin returned to CloudFront, for example: *
--   Some Internet devices (some firewalls and corporate proxies, for
--   example) intercept HTTP 4xx and 5xx and prevent the response from
--   being returned to the viewer. If you substitute <tt>200</tt> , the
--   response typically won't be intercepted. * If you don't care about
--   distinguishing among different client errors or server errors, you can
--   specify <tt>400</tt> or <tt>500</tt> as the <tt>ResponseCode</tt> for
--   all 4xx or 5xx errors. * You might want to return a <tt>200</tt>
--   status code (OK) and static website so your customers don't know that
--   your website is down. If you specify a value for <tt>ResponseCode</tt>
--   , you must also specify a value for <tt>ResponsePagePath</tt> . If you
--   don't want to specify a value, include an empty element,
--   <tt><a>ResponseCode</a></tt> , in the XML document.
ceResponseCode :: Lens' CustomErrorResponse (Maybe Text)

-- | The minimum amount of time, in seconds, that you want CloudFront to
--   cache the HTTP status code specified in <tt>ErrorCode</tt> . When this
--   time period has elapsed, CloudFront queries your origin to see whether
--   the problem that caused the error has been resolved and the requested
--   object is now available. If you don't want to specify a value, include
--   an empty element, <tt><a>ErrorCachingMinTTL</a></tt> , in the XML
--   document. For more information, see <a>Customizing Error Responses</a>
--   in the <i>Amazon CloudFront Developer Guide</i> .
ceErrorCachingMinTTL :: Lens' CustomErrorResponse (Maybe Integer)

-- | The HTTP status code for which you want to specify a custom error page
--   and/or a caching duration.
ceErrorCode :: Lens' CustomErrorResponse Int

-- | A complex type that controls:
--   
--   <ul>
--   <li>Whether CloudFront replaces HTTP status codes in the 4xx and 5xx
--   range with custom error messages before returning the response to the
--   viewer.</li>
--   <li>How long CloudFront caches HTTP status codes in the 4xx and 5xx
--   range.</li>
--   </ul>
--   
--   For more information about custom error pages, see <a>Customizing
--   Error Responses</a> in the <i>Amazon CloudFront Developer Guide</i> .
--   
--   <i>See:</i> <a>customErrorResponses</a> smart constructor.
data CustomErrorResponses

-- | Creates a value of <a>CustomErrorResponses</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>cerItems</a> - A complex type that contains a
--   <tt>CustomErrorResponse</tt> element for each HTTP status code for
--   which you want to specify a custom error page and/or a caching
--   duration.</li>
--   <li><a>cerQuantity</a> - The number of HTTP status codes for which you
--   want to specify a custom error page and/or a caching duration. If
--   <tt>Quantity</tt> is <tt>0</tt> , you can omit <tt>Items</tt> .</li>
--   </ul>
customErrorResponses :: Int -> CustomErrorResponses

-- | A complex type that contains a <tt>CustomErrorResponse</tt> element
--   for each HTTP status code for which you want to specify a custom error
--   page and/or a caching duration.
cerItems :: Lens' CustomErrorResponses [CustomErrorResponse]

-- | The number of HTTP status codes for which you want to specify a custom
--   error page and/or a caching duration. If <tt>Quantity</tt> is
--   <tt>0</tt> , you can omit <tt>Items</tt> .
cerQuantity :: Lens' CustomErrorResponses Int

-- | A complex type that contains the list of Custom Headers for each
--   origin.
--   
--   <i>See:</i> <a>customHeaders</a> smart constructor.
data CustomHeaders

-- | Creates a value of <a>CustomHeaders</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>chItems</a> - <b>Optional</b> : A list that contains one
--   <tt>OriginCustomHeader</tt> element for each custom header that you
--   want CloudFront to forward to the origin. If Quantity is <tt>0</tt> ,
--   omit <tt>Items</tt> .</li>
--   <li><a>chQuantity</a> - The number of custom headers, if any, for this
--   distribution.</li>
--   </ul>
customHeaders :: Int -> CustomHeaders

-- | <b>Optional</b> : A list that contains one <tt>OriginCustomHeader</tt>
--   element for each custom header that you want CloudFront to forward to
--   the origin. If Quantity is <tt>0</tt> , omit <tt>Items</tt> .
chItems :: Lens' CustomHeaders [OriginCustomHeader]

-- | The number of custom headers, if any, for this distribution.
chQuantity :: Lens' CustomHeaders Int

-- | A customer origin.
--   
--   <i>See:</i> <a>customOriginConfig</a> smart constructor.
data CustomOriginConfig

-- | Creates a value of <a>CustomOriginConfig</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>cocOriginKeepaliveTimeout</a> - You can create a custom
--   keep-alive timeout. All timeout units are in seconds. The default
--   keep-alive timeout is 5 seconds, but you can configure custom timeout
--   lengths using the CloudFront API. The minimum timeout length is 1
--   second; the maximum is 60 seconds. If you need to increase the maximum
--   time limit, contact the <a>AWS Support Center</a> .</li>
--   <li><a>cocOriginReadTimeout</a> - You can create a custom origin read
--   timeout. All timeout units are in seconds. The default origin read
--   timeout is 30 seconds, but you can configure custom timeout lengths
--   using the CloudFront API. The minimum timeout length is 4 seconds; the
--   maximum is 60 seconds. If you need to increase the maximum time limit,
--   contact the <a>AWS Support Center</a> .</li>
--   <li><a>cocOriginSSLProtocols</a> - The SSL/TLS protocols that you want
--   CloudFront to use when communicating with your origin over HTTPS.</li>
--   <li><a>cocHTTPPort</a> - The HTTP port the custom origin listens
--   on.</li>
--   <li><a>cocHTTPSPort</a> - The HTTPS port the custom origin listens
--   on.</li>
--   <li><a>cocOriginProtocolPolicy</a> - The origin protocol policy to
--   apply to your origin.</li>
--   </ul>
customOriginConfig :: Int -> Int -> OriginProtocolPolicy -> CustomOriginConfig

-- | You can create a custom keep-alive timeout. All timeout units are in
--   seconds. The default keep-alive timeout is 5 seconds, but you can
--   configure custom timeout lengths using the CloudFront API. The minimum
--   timeout length is 1 second; the maximum is 60 seconds. If you need to
--   increase the maximum time limit, contact the <a>AWS Support Center</a>
--   .
cocOriginKeepaliveTimeout :: Lens' CustomOriginConfig (Maybe Int)

-- | You can create a custom origin read timeout. All timeout units are in
--   seconds. The default origin read timeout is 30 seconds, but you can
--   configure custom timeout lengths using the CloudFront API. The minimum
--   timeout length is 4 seconds; the maximum is 60 seconds. If you need to
--   increase the maximum time limit, contact the <a>AWS Support Center</a>
--   .
cocOriginReadTimeout :: Lens' CustomOriginConfig (Maybe Int)

-- | The SSL/TLS protocols that you want CloudFront to use when
--   communicating with your origin over HTTPS.
cocOriginSSLProtocols :: Lens' CustomOriginConfig (Maybe OriginSSLProtocols)

-- | The HTTP port the custom origin listens on.
cocHTTPPort :: Lens' CustomOriginConfig Int

-- | The HTTPS port the custom origin listens on.
cocHTTPSPort :: Lens' CustomOriginConfig Int

-- | The origin protocol policy to apply to your origin.
cocOriginProtocolPolicy :: Lens' CustomOriginConfig OriginProtocolPolicy

-- | A complex type that describes the default cache behavior if you don't
--   specify a <tt>CacheBehavior</tt> element or if files don't match any
--   of the values of <tt>PathPattern</tt> in <tt>CacheBehavior</tt>
--   elements. You must create exactly one default cache behavior.
--   
--   <i>See:</i> <a>defaultCacheBehavior</a> smart constructor.
data DefaultCacheBehavior

-- | Creates a value of <a>DefaultCacheBehavior</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>dcbAllowedMethods</a> - Undocumented member.</li>
--   <li><a>dcbLambdaFunctionAssociations</a> - A complex type that
--   contains zero or more Lambda function associations for a cache
--   behavior.</li>
--   <li><a>dcbMaxTTL</a> - Undocumented member.</li>
--   <li><a>dcbCompress</a> - Whether you want CloudFront to automatically
--   compress certain files for this cache behavior. If so, specify
--   <tt>true</tt> ; if not, specify <tt>false</tt> . For more information,
--   see <a>Serving Compressed Files</a> in the <i>Amazon CloudFront
--   Developer Guide</i> .</li>
--   <li><a>dcbSmoothStreaming</a> - Indicates whether you want to
--   distribute media files in the Microsoft Smooth Streaming format using
--   the origin that is associated with this cache behavior. If so, specify
--   <tt>true</tt> ; if not, specify <tt>false</tt> . If you specify
--   <tt>true</tt> for <tt>SmoothStreaming</tt> , you can still distribute
--   other content using this cache behavior if the content matches the
--   value of <tt>PathPattern</tt> .</li>
--   <li><a>dcbDefaultTTL</a> - The default amount of time that you want
--   objects to stay in CloudFront caches before CloudFront forwards
--   another request to your origin to determine whether the object has
--   been updated. The value that you specify applies only when your origin
--   does not add HTTP headers such as <tt>Cache-Control max-age</tt> ,
--   <tt>Cache-Control s-maxage</tt> , and <tt>Expires</tt> to objects. For
--   more information, see <a>Specifying How Long Objects and Errors Stay
--   in a CloudFront Edge Cache (Expiration)</a> in the <i>Amazon
--   CloudFront Developer Guide</i> .</li>
--   <li><a>dcbFieldLevelEncryptionId</a> - Undocumented member.</li>
--   <li><a>dcbTargetOriginId</a> - The value of <tt>ID</tt> for the origin
--   that you want CloudFront to route requests to when a request matches
--   the path pattern either for a cache behavior or for the default cache
--   behavior.</li>
--   <li><a>dcbForwardedValues</a> - A complex type that specifies how
--   CloudFront handles query strings and cookies.</li>
--   <li><a>dcbTrustedSigners</a> - A complex type that specifies the AWS
--   accounts, if any, that you want to allow to create signed URLs for
--   private content. If you want to require signed URLs in requests for
--   objects in the target origin that match the <tt>PathPattern</tt> for
--   this cache behavior, specify <tt>true</tt> for <tt>Enabled</tt> , and
--   specify the applicable values for <tt>Quantity</tt> and <tt>Items</tt>
--   . For more information, see <a>Serving Private Content through
--   CloudFront</a> in the <i>Amazon Amazon CloudFront Developer Guide</i>
--   . If you don't want to require signed URLs in requests for objects
--   that match <tt>PathPattern</tt> , specify <tt>false</tt> for
--   <tt>Enabled</tt> and <tt>0</tt> for <tt>Quantity</tt> . Omit
--   <tt>Items</tt> . To add, change, or remove one or more trusted
--   signers, change <tt>Enabled</tt> to <tt>true</tt> (if it's currently
--   <tt>false</tt> ), change <tt>Quantity</tt> as applicable, and specify
--   all of the trusted signers that you want to include in the updated
--   distribution.</li>
--   <li><a>dcbViewerProtocolPolicy</a> - The protocol that viewers can use
--   to access the files in the origin specified by <tt>TargetOriginId</tt>
--   when a request matches the path pattern in <tt>PathPattern</tt> . You
--   can specify the following options: * <tt>allow-all</tt> : Viewers can
--   use HTTP or HTTPS. * <tt>redirect-to-https</tt> : If a viewer submits
--   an HTTP request, CloudFront returns an HTTP status code of 301 (Moved
--   Permanently) to the viewer along with the HTTPS URL. The viewer then
--   resubmits the request using the new URL. * <tt>https-only</tt> : If a
--   viewer sends an HTTP request, CloudFront returns an HTTP status code
--   of 403 (Forbidden). For more information about requiring the HTTPS
--   protocol, see <a>Using an HTTPS Connection to Access Your Objects</a>
--   in the <i>Amazon CloudFront Developer Guide</i> .</li>
--   <li><a>dcbMinTTL</a> - The minimum amount of time that you want
--   objects to stay in CloudFront caches before CloudFront forwards
--   another request to your origin to determine whether the object has
--   been updated. For more information, see <a>Specifying How Long Objects
--   and Errors Stay in a CloudFront Edge Cache (Expiration)</a> in the
--   <i>Amazon Amazon CloudFront Developer Guide</i> . You must specify
--   <tt>0</tt> for <tt>MinTTL</tt> if you configure CloudFront to forward
--   all headers to your origin (under <tt>Headers</tt> , if you specify
--   <tt>1</tt> for <tt>Quantity</tt> and <tt>*</tt> for <tt>Name</tt>
--   ).</li>
--   </ul>
defaultCacheBehavior :: Text -> ForwardedValues -> TrustedSigners -> ViewerProtocolPolicy -> Integer -> DefaultCacheBehavior

-- | Undocumented member.
dcbAllowedMethods :: Lens' DefaultCacheBehavior (Maybe AllowedMethods)

-- | A complex type that contains zero or more Lambda function associations
--   for a cache behavior.
dcbLambdaFunctionAssociations :: Lens' DefaultCacheBehavior (Maybe LambdaFunctionAssociations)

-- | Undocumented member.
dcbMaxTTL :: Lens' DefaultCacheBehavior (Maybe Integer)

-- | Whether you want CloudFront to automatically compress certain files
--   for this cache behavior. If so, specify <tt>true</tt> ; if not,
--   specify <tt>false</tt> . For more information, see <a>Serving
--   Compressed Files</a> in the <i>Amazon CloudFront Developer Guide</i> .
dcbCompress :: Lens' DefaultCacheBehavior (Maybe Bool)

-- | Indicates whether you want to distribute media files in the Microsoft
--   Smooth Streaming format using the origin that is associated with this
--   cache behavior. If so, specify <tt>true</tt> ; if not, specify
--   <tt>false</tt> . If you specify <tt>true</tt> for
--   <tt>SmoothStreaming</tt> , you can still distribute other content
--   using this cache behavior if the content matches the value of
--   <tt>PathPattern</tt> .
dcbSmoothStreaming :: Lens' DefaultCacheBehavior (Maybe Bool)

-- | The default amount of time that you want objects to stay in CloudFront
--   caches before CloudFront forwards another request to your origin to
--   determine whether the object has been updated. The value that you
--   specify applies only when your origin does not add HTTP headers such
--   as <tt>Cache-Control max-age</tt> , <tt>Cache-Control s-maxage</tt> ,
--   and <tt>Expires</tt> to objects. For more information, see
--   <a>Specifying How Long Objects and Errors Stay in a CloudFront Edge
--   Cache (Expiration)</a> in the <i>Amazon CloudFront Developer Guide</i>
--   .
dcbDefaultTTL :: Lens' DefaultCacheBehavior (Maybe Integer)

-- | Undocumented member.
dcbFieldLevelEncryptionId :: Lens' DefaultCacheBehavior (Maybe Text)

-- | The value of <tt>ID</tt> for the origin that you want CloudFront to
--   route requests to when a request matches the path pattern either for a
--   cache behavior or for the default cache behavior.
dcbTargetOriginId :: Lens' DefaultCacheBehavior Text

-- | A complex type that specifies how CloudFront handles query strings and
--   cookies.
dcbForwardedValues :: Lens' DefaultCacheBehavior ForwardedValues

-- | A complex type that specifies the AWS accounts, if any, that you want
--   to allow to create signed URLs for private content. If you want to
--   require signed URLs in requests for objects in the target origin that
--   match the <tt>PathPattern</tt> for this cache behavior, specify
--   <tt>true</tt> for <tt>Enabled</tt> , and specify the applicable values
--   for <tt>Quantity</tt> and <tt>Items</tt> . For more information, see
--   <a>Serving Private Content through CloudFront</a> in the <i>Amazon
--   Amazon CloudFront Developer Guide</i> . If you don't want to require
--   signed URLs in requests for objects that match <tt>PathPattern</tt> ,
--   specify <tt>false</tt> for <tt>Enabled</tt> and <tt>0</tt> for
--   <tt>Quantity</tt> . Omit <tt>Items</tt> . To add, change, or remove
--   one or more trusted signers, change <tt>Enabled</tt> to <tt>true</tt>
--   (if it's currently <tt>false</tt> ), change <tt>Quantity</tt> as
--   applicable, and specify all of the trusted signers that you want to
--   include in the updated distribution.
dcbTrustedSigners :: Lens' DefaultCacheBehavior TrustedSigners

-- | The protocol that viewers can use to access the files in the origin
--   specified by <tt>TargetOriginId</tt> when a request matches the path
--   pattern in <tt>PathPattern</tt> . You can specify the following
--   options: * <tt>allow-all</tt> : Viewers can use HTTP or HTTPS. *
--   <tt>redirect-to-https</tt> : If a viewer submits an HTTP request,
--   CloudFront returns an HTTP status code of 301 (Moved Permanently) to
--   the viewer along with the HTTPS URL. The viewer then resubmits the
--   request using the new URL. * <tt>https-only</tt> : If a viewer sends
--   an HTTP request, CloudFront returns an HTTP status code of 403
--   (Forbidden). For more information about requiring the HTTPS protocol,
--   see <a>Using an HTTPS Connection to Access Your Objects</a> in the
--   <i>Amazon CloudFront Developer Guide</i> .
dcbViewerProtocolPolicy :: Lens' DefaultCacheBehavior ViewerProtocolPolicy

-- | The minimum amount of time that you want objects to stay in CloudFront
--   caches before CloudFront forwards another request to your origin to
--   determine whether the object has been updated. For more information,
--   see <a>Specifying How Long Objects and Errors Stay in a CloudFront
--   Edge Cache (Expiration)</a> in the <i>Amazon Amazon CloudFront
--   Developer Guide</i> . You must specify <tt>0</tt> for <tt>MinTTL</tt>
--   if you configure CloudFront to forward all headers to your origin
--   (under <tt>Headers</tt> , if you specify <tt>1</tt> for
--   <tt>Quantity</tt> and <tt>*</tt> for <tt>Name</tt> ).
dcbMinTTL :: Lens' DefaultCacheBehavior Integer

-- | The distribution's information.
--   
--   <i>See:</i> <a>distribution</a> smart constructor.
data Distribution

-- | Creates a value of <a>Distribution</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>dId</a> - The identifier for the distribution. For example:
--   <tt>EDFDVBD632BHDS5</tt> .</li>
--   <li><a>dARN</a> - The ARN (Amazon Resource Name) for the distribution.
--   For example:
--   <tt>arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5</tt>
--   , where <tt>123456789012</tt> is your AWS account ID.</li>
--   <li><a>dStatus</a> - This response element indicates the current
--   status of the distribution. When the status is <tt>Deployed</tt> , the
--   distribution's information is fully propagated to all CloudFront edge
--   locations.</li>
--   <li><a>dLastModifiedTime</a> - The date and time the distribution was
--   last modified.</li>
--   <li><a>dInProgressInvalidationBatches</a> - The number of invalidation
--   batches currently in progress.</li>
--   <li><a>dDomainName</a> - The domain name corresponding to the
--   distribution, for example, <tt>d111111abcdef8.cloudfront.net</tt>
--   .</li>
--   <li><a>dActiveTrustedSigners</a> - CloudFront automatically adds this
--   element to the response only if you've set up the distribution to
--   serve private content with signed URLs. The element lists the key pair
--   IDs that CloudFront is aware of for each trusted signer. The
--   <tt>Signer</tt> child element lists the AWS account number of the
--   trusted signer (or an empty <tt>Self</tt> element if the signer is
--   you). The <tt>Signer</tt> element also includes the IDs of any active
--   key pairs associated with the trusted signer's AWS account. If no
--   <tt>KeyPairId</tt> element appears for a <tt>Signer</tt> , that signer
--   can't create working signed URLs.</li>
--   <li><a>dDistributionConfig</a> - The current configuration information
--   for the distribution. Send a <tt>GET</tt> request to the
--   <tt>/<i>CloudFront API version</i> <i>distribution ID</i>config</tt>
--   resource.</li>
--   </ul>
distribution :: Text -> Text -> Text -> UTCTime -> Int -> Text -> ActiveTrustedSigners -> DistributionConfig -> Distribution

-- | The identifier for the distribution. For example:
--   <tt>EDFDVBD632BHDS5</tt> .
dId :: Lens' Distribution Text

-- | The ARN (Amazon Resource Name) for the distribution. For example:
--   <tt>arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5</tt>
--   , where <tt>123456789012</tt> is your AWS account ID.
dARN :: Lens' Distribution Text

-- | This response element indicates the current status of the
--   distribution. When the status is <tt>Deployed</tt> , the
--   distribution's information is fully propagated to all CloudFront edge
--   locations.
dStatus :: Lens' Distribution Text

-- | The date and time the distribution was last modified.
dLastModifiedTime :: Lens' Distribution UTCTime

-- | The number of invalidation batches currently in progress.
dInProgressInvalidationBatches :: Lens' Distribution Int

-- | The domain name corresponding to the distribution, for example,
--   <tt>d111111abcdef8.cloudfront.net</tt> .
dDomainName :: Lens' Distribution Text

-- | CloudFront automatically adds this element to the response only if
--   you've set up the distribution to serve private content with signed
--   URLs. The element lists the key pair IDs that CloudFront is aware of
--   for each trusted signer. The <tt>Signer</tt> child element lists the
--   AWS account number of the trusted signer (or an empty <tt>Self</tt>
--   element if the signer is you). The <tt>Signer</tt> element also
--   includes the IDs of any active key pairs associated with the trusted
--   signer's AWS account. If no <tt>KeyPairId</tt> element appears for a
--   <tt>Signer</tt> , that signer can't create working signed URLs.
dActiveTrustedSigners :: Lens' Distribution ActiveTrustedSigners

-- | The current configuration information for the distribution. Send a
--   <tt>GET</tt> request to the <tt>/<i>CloudFront API version</i>
--   <i>distribution ID</i>config</tt> resource.
dDistributionConfig :: Lens' Distribution DistributionConfig

-- | A distribution configuration.
--   
--   <i>See:</i> <a>distributionConfig</a> smart constructor.
data DistributionConfig

-- | Creates a value of <a>DistributionConfig</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>dcHTTPVersion</a> - (Optional) Specify the maximum HTTP version
--   that you want viewers to use to communicate with CloudFront. The
--   default value for new web distributions is http2. Viewers that don't
--   support HTTP<i>2 automatically use an earlier HTTP version. For
--   viewers and CloudFront to use HTTP</i>2, viewers must support TLS 1.2
--   or later, and must support Server Name Identification (SNI). In
--   general, configuring CloudFront to communicate with viewers using
--   HTTP<i>2 reduces latency. You can improve performance by optimizing
--   for HTTP</i>2. For more information, do an Internet search for "http/2
--   optimization."</li>
--   <li><a>dcAliases</a> - A complex type that contains information about
--   CNAMEs (alternate domain names), if any, for this distribution.</li>
--   <li><a>dcDefaultRootObject</a> - The object that you want CloudFront
--   to request from your origin (for example, <tt>index.html</tt> ) when a
--   viewer requests the root URL for your distribution
--   (<tt><a>http://www.example.com</a></tt> ) instead of an object in your
--   distribution
--   (<tt><a>http://www.example.com/product-description.html</a></tt> ).
--   Specifying a default root object avoids exposing the contents of your
--   distribution. Specify only the object name, for example,
--   <tt>index.html</tt> . Don't add a <tt>/</tt> before the object name.
--   If you don't want to specify a default root object when you create a
--   distribution, include an empty <tt>DefaultRootObject</tt> element. To
--   delete the default root object from an existing distribution, update
--   the distribution configuration and include an empty
--   <tt>DefaultRootObject</tt> element. To replace the default root
--   object, update the distribution configuration and specify the new
--   object. For more information about the default root object, see
--   <a>Creating a Default Root Object</a> in the <i>Amazon CloudFront
--   Developer Guide</i> .</li>
--   <li><a>dcPriceClass</a> - The price class that corresponds with the
--   maximum price that you want to pay for CloudFront service. If you
--   specify <tt>PriceClass_All</tt> , CloudFront responds to requests for
--   your objects from all CloudFront edge locations. If you specify a
--   price class other than <tt>PriceClass_All</tt> , CloudFront serves
--   your objects from the CloudFront edge location that has the lowest
--   latency among the edge locations in your price class. Viewers who are
--   in or near regions that are excluded from your specified price class
--   may encounter slower performance. For more information about price
--   classes, see <a>Choosing the Price Class for a CloudFront
--   Distribution</a> in the <i>Amazon CloudFront Developer Guide</i> . For
--   information about CloudFront pricing, including how price classes map
--   to CloudFront regions, see <a>Amazon CloudFront Pricing</a> .</li>
--   <li><a>dcCustomErrorResponses</a> - A complex type that controls the
--   following: * Whether CloudFront replaces HTTP status codes in the 4xx
--   and 5xx range with custom error messages before returning the response
--   to the viewer. * How long CloudFront caches HTTP status codes in the
--   4xx and 5xx range. For more information about custom error pages, see
--   <a>Customizing Error Responses</a> in the <i>Amazon CloudFront
--   Developer Guide</i> .</li>
--   <li><a>dcWebACLId</a> - A unique identifier that specifies the AWS WAF
--   web ACL, if any, to associate with this distribution. AWS WAF is a web
--   application firewall that lets you monitor the HTTP and HTTPS requests
--   that are forwarded to CloudFront, and lets you control access to your
--   content. Based on conditions that you specify, such as the IP
--   addresses that requests originate from or the values of query strings,
--   CloudFront responds to requests either with the requested content or
--   with an HTTP 403 status code (Forbidden). You can also configure
--   CloudFront to return a custom error page when a request is blocked.
--   For more information about AWS WAF, see the <a>AWS WAF Developer
--   Guide</a> .</li>
--   <li><a>dcViewerCertificate</a> - Undocumented member.</li>
--   <li><a>dcRestrictions</a> - Undocumented member.</li>
--   <li><a>dcLogging</a> - A complex type that controls whether access
--   logs are written for the distribution. For more information about
--   logging, see <a>Access Logs</a> in the <i>Amazon CloudFront Developer
--   Guide</i> .</li>
--   <li><a>dcCacheBehaviors</a> - A complex type that contains zero or
--   more <tt>CacheBehavior</tt> elements.</li>
--   <li><a>dcIsIPV6Enabled</a> - If you want CloudFront to respond to IPv6
--   DNS requests with an IPv6 address for your distribution, specify
--   <tt>true</tt> . If you specify <tt>false</tt> , CloudFront responds to
--   IPv6 DNS requests with the DNS response code <tt>NOERROR</tt> and with
--   no IP addresses. This allows viewers to submit a second request, for
--   an IPv4 address for your distribution. In general, you should enable
--   IPv6 if you have users on IPv6 networks who want to access your
--   content. However, if you're using signed URLs or signed cookies to
--   restrict access to your content, and if you're using a custom policy
--   that includes the <tt>IpAddress</tt> parameter to restrict the IP
--   addresses that can access your content, don't enable IPv6. If you want
--   to restrict access to some content by IP address and not restrict
--   access to other content (or restrict access but not by IP address),
--   you can create two distributions. For more information, see
--   <a>Creating a Signed URL Using a Custom Policy</a> in the <i>Amazon
--   CloudFront Developer Guide</i> . If you're using an Amazon Route 53
--   alias resource record set to route traffic to your CloudFront
--   distribution, you need to create a second alias resource record set
--   when both of the following are true: * You enable IPv6 for the
--   distribution * You're using alternate domain names in the URLs for
--   your objects For more information, see <a>Routing Traffic to an Amazon
--   CloudFront Web Distribution by Using Your Domain Name</a> in the
--   <i>Amazon Route 53 Developer Guide</i> . If you created a CNAME
--   resource record set, either with Amazon Route 53 or with another DNS
--   service, you don't need to make any changes. A CNAME record will route
--   traffic to your distribution regardless of the IP address format of
--   the viewer request.</li>
--   <li><a>dcCallerReference</a> - A unique value (for example, a
--   date-time stamp) that ensures that the request can't be replayed. If
--   the value of <tt>CallerReference</tt> is new (regardless of the
--   content of the <tt>DistributionConfig</tt> object), CloudFront creates
--   a new distribution. If <tt>CallerReference</tt> is a value you already
--   sent in a previous request to create a distribution, and if the
--   content of the <tt>DistributionConfig</tt> is identical to the
--   original request (ignoring white space), CloudFront returns the same
--   the response that it returned to the original request. If
--   <tt>CallerReference</tt> is a value you already sent in a previous
--   request to create a distribution but the content of the
--   <tt>DistributionConfig</tt> is different from the original request,
--   CloudFront returns a <tt>DistributionAlreadyExists</tt> error.</li>
--   <li><a>dcOrigins</a> - A complex type that contains information about
--   origins for this distribution.</li>
--   <li><a>dcDefaultCacheBehavior</a> - A complex type that describes the
--   default cache behavior if you don't specify a <tt>CacheBehavior</tt>
--   element or if files don't match any of the values of
--   <tt>PathPattern</tt> in <tt>CacheBehavior</tt> elements. You must
--   create exactly one default cache behavior.</li>
--   <li><a>dcComment</a> - Any comments you want to include about the
--   distribution. If you don't want to specify a comment, include an empty
--   <tt>Comment</tt> element. To delete an existing comment, update the
--   distribution configuration and include an empty <tt>Comment</tt>
--   element. To add or change a comment, update the distribution
--   configuration and specify the new comment.</li>
--   <li><a>dcEnabled</a> - From this field, you can enable or disable the
--   selected distribution. If you specify <tt>false</tt> for
--   <tt>Enabled</tt> but you specify values for <tt>Bucket</tt> and
--   <tt>Prefix</tt> , the values are automatically deleted.</li>
--   </ul>
distributionConfig :: Text -> Origins -> DefaultCacheBehavior -> Text -> Bool -> DistributionConfig

-- | (Optional) Specify the maximum HTTP version that you want viewers to
--   use to communicate with CloudFront. The default value for new web
--   distributions is http2. Viewers that don't support HTTP<i>2
--   automatically use an earlier HTTP version. For viewers and CloudFront
--   to use HTTP</i>2, viewers must support TLS 1.2 or later, and must
--   support Server Name Identification (SNI). In general, configuring
--   CloudFront to communicate with viewers using HTTP<i>2 reduces latency.
--   You can improve performance by optimizing for HTTP</i>2. For more
--   information, do an Internet search for "http/2 optimization."
dcHTTPVersion :: Lens' DistributionConfig (Maybe HTTPVersion)

-- | A complex type that contains information about CNAMEs (alternate
--   domain names), if any, for this distribution.
dcAliases :: Lens' DistributionConfig (Maybe Aliases)

-- | The object that you want CloudFront to request from your origin (for
--   example, <tt>index.html</tt> ) when a viewer requests the root URL for
--   your distribution (<tt><a>http://www.example.com</a></tt> ) instead of
--   an object in your distribution
--   (<tt><a>http://www.example.com/product-description.html</a></tt> ).
--   Specifying a default root object avoids exposing the contents of your
--   distribution. Specify only the object name, for example,
--   <tt>index.html</tt> . Don't add a <tt>/</tt> before the object name.
--   If you don't want to specify a default root object when you create a
--   distribution, include an empty <tt>DefaultRootObject</tt> element. To
--   delete the default root object from an existing distribution, update
--   the distribution configuration and include an empty
--   <tt>DefaultRootObject</tt> element. To replace the default root
--   object, update the distribution configuration and specify the new
--   object. For more information about the default root object, see
--   <a>Creating a Default Root Object</a> in the <i>Amazon CloudFront
--   Developer Guide</i> .
dcDefaultRootObject :: Lens' DistributionConfig (Maybe Text)

-- | The price class that corresponds with the maximum price that you want
--   to pay for CloudFront service. If you specify <tt>PriceClass_All</tt>
--   , CloudFront responds to requests for your objects from all CloudFront
--   edge locations. If you specify a price class other than
--   <tt>PriceClass_All</tt> , CloudFront serves your objects from the
--   CloudFront edge location that has the lowest latency among the edge
--   locations in your price class. Viewers who are in or near regions that
--   are excluded from your specified price class may encounter slower
--   performance. For more information about price classes, see <a>Choosing
--   the Price Class for a CloudFront Distribution</a> in the <i>Amazon
--   CloudFront Developer Guide</i> . For information about CloudFront
--   pricing, including how price classes map to CloudFront regions, see
--   <a>Amazon CloudFront Pricing</a> .
dcPriceClass :: Lens' DistributionConfig (Maybe PriceClass)

-- | A complex type that controls the following: * Whether CloudFront
--   replaces HTTP status codes in the 4xx and 5xx range with custom error
--   messages before returning the response to the viewer. * How long
--   CloudFront caches HTTP status codes in the 4xx and 5xx range. For more
--   information about custom error pages, see <a>Customizing Error
--   Responses</a> in the <i>Amazon CloudFront Developer Guide</i> .
dcCustomErrorResponses :: Lens' DistributionConfig (Maybe CustomErrorResponses)

-- | A unique identifier that specifies the AWS WAF web ACL, if any, to
--   associate with this distribution. AWS WAF is a web application
--   firewall that lets you monitor the HTTP and HTTPS requests that are
--   forwarded to CloudFront, and lets you control access to your content.
--   Based on conditions that you specify, such as the IP addresses that
--   requests originate from or the values of query strings, CloudFront
--   responds to requests either with the requested content or with an HTTP
--   403 status code (Forbidden). You can also configure CloudFront to
--   return a custom error page when a request is blocked. For more
--   information about AWS WAF, see the <a>AWS WAF Developer Guide</a> .
dcWebACLId :: Lens' DistributionConfig (Maybe Text)

-- | Undocumented member.
dcViewerCertificate :: Lens' DistributionConfig (Maybe ViewerCertificate)

-- | Undocumented member.
dcRestrictions :: Lens' DistributionConfig (Maybe Restrictions)

-- | A complex type that controls whether access logs are written for the
--   distribution. For more information about logging, see <a>Access
--   Logs</a> in the <i>Amazon CloudFront Developer Guide</i> .
dcLogging :: Lens' DistributionConfig (Maybe LoggingConfig)

-- | A complex type that contains zero or more <tt>CacheBehavior</tt>
--   elements.
dcCacheBehaviors :: Lens' DistributionConfig (Maybe CacheBehaviors)

-- | If you want CloudFront to respond to IPv6 DNS requests with an IPv6
--   address for your distribution, specify <tt>true</tt> . If you specify
--   <tt>false</tt> , CloudFront responds to IPv6 DNS requests with the DNS
--   response code <tt>NOERROR</tt> and with no IP addresses. This allows
--   viewers to submit a second request, for an IPv4 address for your
--   distribution. In general, you should enable IPv6 if you have users on
--   IPv6 networks who want to access your content. However, if you're
--   using signed URLs or signed cookies to restrict access to your
--   content, and if you're using a custom policy that includes the
--   <tt>IpAddress</tt> parameter to restrict the IP addresses that can
--   access your content, don't enable IPv6. If you want to restrict access
--   to some content by IP address and not restrict access to other content
--   (or restrict access but not by IP address), you can create two
--   distributions. For more information, see <a>Creating a Signed URL
--   Using a Custom Policy</a> in the <i>Amazon CloudFront Developer
--   Guide</i> . If you're using an Amazon Route 53 alias resource record
--   set to route traffic to your CloudFront distribution, you need to
--   create a second alias resource record set when both of the following
--   are true: * You enable IPv6 for the distribution * You're using
--   alternate domain names in the URLs for your objects For more
--   information, see <a>Routing Traffic to an Amazon CloudFront Web
--   Distribution by Using Your Domain Name</a> in the <i>Amazon Route 53
--   Developer Guide</i> . If you created a CNAME resource record set,
--   either with Amazon Route 53 or with another DNS service, you don't
--   need to make any changes. A CNAME record will route traffic to your
--   distribution regardless of the IP address format of the viewer
--   request.
dcIsIPV6Enabled :: Lens' DistributionConfig (Maybe Bool)

-- | A unique value (for example, a date-time stamp) that ensures that the
--   request can't be replayed. If the value of <tt>CallerReference</tt> is
--   new (regardless of the content of the <tt>DistributionConfig</tt>
--   object), CloudFront creates a new distribution. If
--   <tt>CallerReference</tt> is a value you already sent in a previous
--   request to create a distribution, and if the content of the
--   <tt>DistributionConfig</tt> is identical to the original request
--   (ignoring white space), CloudFront returns the same the response that
--   it returned to the original request. If <tt>CallerReference</tt> is a
--   value you already sent in a previous request to create a distribution
--   but the content of the <tt>DistributionConfig</tt> is different from
--   the original request, CloudFront returns a
--   <tt>DistributionAlreadyExists</tt> error.
dcCallerReference :: Lens' DistributionConfig Text

-- | A complex type that contains information about origins for this
--   distribution.
dcOrigins :: Lens' DistributionConfig Origins

-- | A complex type that describes the default cache behavior if you don't
--   specify a <tt>CacheBehavior</tt> element or if files don't match any
--   of the values of <tt>PathPattern</tt> in <tt>CacheBehavior</tt>
--   elements. You must create exactly one default cache behavior.
dcDefaultCacheBehavior :: Lens' DistributionConfig DefaultCacheBehavior

-- | Any comments you want to include about the distribution. If you don't
--   want to specify a comment, include an empty <tt>Comment</tt> element.
--   To delete an existing comment, update the distribution configuration
--   and include an empty <tt>Comment</tt> element. To add or change a
--   comment, update the distribution configuration and specify the new
--   comment.
dcComment :: Lens' DistributionConfig Text

-- | From this field, you can enable or disable the selected distribution.
--   If you specify <tt>false</tt> for <tt>Enabled</tt> but you specify
--   values for <tt>Bucket</tt> and <tt>Prefix</tt> , the values are
--   automatically deleted.
dcEnabled :: Lens' DistributionConfig Bool

-- | A distribution Configuration and a list of tags to be associated with
--   the distribution.
--   
--   <i>See:</i> <a>distributionConfigWithTags</a> smart constructor.
data DistributionConfigWithTags

-- | Creates a value of <a>DistributionConfigWithTags</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>dcwtDistributionConfig</a> - A distribution configuration.</li>
--   <li><a>dcwtTags</a> - A complex type that contains zero or more
--   <tt>Tag</tt> elements.</li>
--   </ul>
distributionConfigWithTags :: DistributionConfig -> Tags -> DistributionConfigWithTags

-- | A distribution configuration.
dcwtDistributionConfig :: Lens' DistributionConfigWithTags DistributionConfig

-- | A complex type that contains zero or more <tt>Tag</tt> elements.
dcwtTags :: Lens' DistributionConfigWithTags Tags

-- | A distribution list.
--   
--   <i>See:</i> <a>distributionList</a> smart constructor.
data DistributionList

-- | Creates a value of <a>DistributionList</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>dlItems</a> - A complex type that contains one
--   <tt>DistributionSummary</tt> element for each distribution that was
--   created by the current AWS account.</li>
--   <li><a>dlNextMarker</a> - If <tt>IsTruncated</tt> is <tt>true</tt> ,
--   this element is present and contains the value you can use for the
--   <tt>Marker</tt> request parameter to continue listing your
--   distributions where they left off.</li>
--   <li><a>dlMarker</a> - The value you provided for the <tt>Marker</tt>
--   request parameter.</li>
--   <li><a>dlMaxItems</a> - The value you provided for the
--   <tt>MaxItems</tt> request parameter.</li>
--   <li><a>dlIsTruncated</a> - A flag that indicates whether more
--   distributions remain to be listed. If your results were truncated, you
--   can make a follow-up pagination request using the <tt>Marker</tt>
--   request parameter to retrieve more distributions in the list.</li>
--   <li><a>dlQuantity</a> - The number of distributions that were created
--   by the current AWS account.</li>
--   </ul>
distributionList :: Text -> Int -> Bool -> Int -> DistributionList

-- | A complex type that contains one <tt>DistributionSummary</tt> element
--   for each distribution that was created by the current AWS account.
dlItems :: Lens' DistributionList [DistributionSummary]

-- | If <tt>IsTruncated</tt> is <tt>true</tt> , this element is present and
--   contains the value you can use for the <tt>Marker</tt> request
--   parameter to continue listing your distributions where they left off.
dlNextMarker :: Lens' DistributionList (Maybe Text)

-- | The value you provided for the <tt>Marker</tt> request parameter.
dlMarker :: Lens' DistributionList Text

-- | The value you provided for the <tt>MaxItems</tt> request parameter.
dlMaxItems :: Lens' DistributionList Int

-- | A flag that indicates whether more distributions remain to be listed.
--   If your results were truncated, you can make a follow-up pagination
--   request using the <tt>Marker</tt> request parameter to retrieve more
--   distributions in the list.
dlIsTruncated :: Lens' DistributionList Bool

-- | The number of distributions that were created by the current AWS
--   account.
dlQuantity :: Lens' DistributionList Int

-- | A summary of the information about a CloudFront distribution.
--   
--   <i>See:</i> <a>distributionSummary</a> smart constructor.
data DistributionSummary

-- | Creates a value of <a>DistributionSummary</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>dsId</a> - The identifier for the distribution. For example:
--   <tt>EDFDVBD632BHDS5</tt> .</li>
--   <li><a>dsARN</a> - The ARN (Amazon Resource Name) for the
--   distribution. For example:
--   <tt>arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5</tt>
--   , where <tt>123456789012</tt> is your AWS account ID.</li>
--   <li><a>dsStatus</a> - The current status of the distribution. When the
--   status is <tt>Deployed</tt> , the distribution's information is
--   propagated to all CloudFront edge locations.</li>
--   <li><a>dsLastModifiedTime</a> - The date and time the distribution was
--   last modified.</li>
--   <li><a>dsDomainName</a> - The domain name that corresponds to the
--   distribution, for example, <tt>d111111abcdef8.cloudfront.net</tt>
--   .</li>
--   <li><a>dsAliases</a> - A complex type that contains information about
--   CNAMEs (alternate domain names), if any, for this distribution.</li>
--   <li><a>dsOrigins</a> - A complex type that contains information about
--   origins for this distribution.</li>
--   <li><a>dsDefaultCacheBehavior</a> - A complex type that describes the
--   default cache behavior if you don't specify a <tt>CacheBehavior</tt>
--   element or if files don't match any of the values of
--   <tt>PathPattern</tt> in <tt>CacheBehavior</tt> elements. You must
--   create exactly one default cache behavior.</li>
--   <li><a>dsCacheBehaviors</a> - A complex type that contains zero or
--   more <tt>CacheBehavior</tt> elements.</li>
--   <li><a>dsCustomErrorResponses</a> - A complex type that contains zero
--   or more <tt>CustomErrorResponses</tt> elements.</li>
--   <li><a>dsComment</a> - The comment originally specified when this
--   distribution was created.</li>
--   <li><a>dsPriceClass</a> - Undocumented member.</li>
--   <li><a>dsEnabled</a> - Whether the distribution is enabled to accept
--   user requests for content.</li>
--   <li><a>dsViewerCertificate</a> - Undocumented member.</li>
--   <li><a>dsRestrictions</a> - Undocumented member.</li>
--   <li><a>dsWebACLId</a> - The Web ACL Id (if any) associated with the
--   distribution.</li>
--   <li><a>dsHTTPVersion</a> - Specify the maximum HTTP version that you
--   want viewers to use to communicate with CloudFront. The default value
--   for new web distributions is <tt>http2</tt> . Viewers that don't
--   support <tt>HTTP/2</tt> will automatically use an earlier
--   version.</li>
--   <li><a>dsIsIPV6Enabled</a> - Whether CloudFront responds to IPv6 DNS
--   requests with an IPv6 address for your distribution.</li>
--   </ul>
distributionSummary :: Text -> Text -> Text -> UTCTime -> Text -> Aliases -> Origins -> DefaultCacheBehavior -> CacheBehaviors -> CustomErrorResponses -> Text -> PriceClass -> Bool -> ViewerCertificate -> Restrictions -> Text -> HTTPVersion -> Bool -> DistributionSummary

-- | The identifier for the distribution. For example:
--   <tt>EDFDVBD632BHDS5</tt> .
dsId :: Lens' DistributionSummary Text

-- | The ARN (Amazon Resource Name) for the distribution. For example:
--   <tt>arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5</tt>
--   , where <tt>123456789012</tt> is your AWS account ID.
dsARN :: Lens' DistributionSummary Text

-- | The current status of the distribution. When the status is
--   <tt>Deployed</tt> , the distribution's information is propagated to
--   all CloudFront edge locations.
dsStatus :: Lens' DistributionSummary Text

-- | The date and time the distribution was last modified.
dsLastModifiedTime :: Lens' DistributionSummary UTCTime

-- | The domain name that corresponds to the distribution, for example,
--   <tt>d111111abcdef8.cloudfront.net</tt> .
dsDomainName :: Lens' DistributionSummary Text

-- | A complex type that contains information about CNAMEs (alternate
--   domain names), if any, for this distribution.
dsAliases :: Lens' DistributionSummary Aliases

-- | A complex type that contains information about origins for this
--   distribution.
dsOrigins :: Lens' DistributionSummary Origins

-- | A complex type that describes the default cache behavior if you don't
--   specify a <tt>CacheBehavior</tt> element or if files don't match any
--   of the values of <tt>PathPattern</tt> in <tt>CacheBehavior</tt>
--   elements. You must create exactly one default cache behavior.
dsDefaultCacheBehavior :: Lens' DistributionSummary DefaultCacheBehavior

-- | A complex type that contains zero or more <tt>CacheBehavior</tt>
--   elements.
dsCacheBehaviors :: Lens' DistributionSummary CacheBehaviors

-- | A complex type that contains zero or more
--   <tt>CustomErrorResponses</tt> elements.
dsCustomErrorResponses :: Lens' DistributionSummary CustomErrorResponses

-- | The comment originally specified when this distribution was created.
dsComment :: Lens' DistributionSummary Text

-- | Undocumented member.
dsPriceClass :: Lens' DistributionSummary PriceClass

-- | Whether the distribution is enabled to accept user requests for
--   content.
dsEnabled :: Lens' DistributionSummary Bool

-- | Undocumented member.
dsViewerCertificate :: Lens' DistributionSummary ViewerCertificate

-- | Undocumented member.
dsRestrictions :: Lens' DistributionSummary Restrictions

-- | The Web ACL Id (if any) associated with the distribution.
dsWebACLId :: Lens' DistributionSummary Text

-- | Specify the maximum HTTP version that you want viewers to use to
--   communicate with CloudFront. The default value for new web
--   distributions is <tt>http2</tt> . Viewers that don't support
--   <tt>HTTP/2</tt> will automatically use an earlier version.
dsHTTPVersion :: Lens' DistributionSummary HTTPVersion

-- | Whether CloudFront responds to IPv6 DNS requests with an IPv6 address
--   for your distribution.
dsIsIPV6Enabled :: Lens' DistributionSummary Bool

-- | Complex data type for field-level encryption profiles that includes
--   all of the encryption entities.
--   
--   <i>See:</i> <a>encryptionEntities</a> smart constructor.
data EncryptionEntities

-- | Creates a value of <a>EncryptionEntities</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>eeItems</a> - An array of field patterns in a field-level
--   encryption content type-profile mapping.</li>
--   <li><a>eeQuantity</a> - Number of field pattern items in a field-level
--   encryption content type-profile mapping.</li>
--   </ul>
encryptionEntities :: Int -> EncryptionEntities

-- | An array of field patterns in a field-level encryption content
--   type-profile mapping.
eeItems :: Lens' EncryptionEntities [EncryptionEntity]

-- | Number of field pattern items in a field-level encryption content
--   type-profile mapping.
eeQuantity :: Lens' EncryptionEntities Int

-- | Complex data type for field-level encryption profiles that includes
--   the encryption key and field pattern specifications.
--   
--   <i>See:</i> <a>encryptionEntity</a> smart constructor.
data EncryptionEntity

-- | Creates a value of <a>EncryptionEntity</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>eePublicKeyId</a> - The public key associated with a set of
--   field-level encryption patterns, to be used when encrypting the fields
--   that match the patterns.</li>
--   <li><a>eeProviderId</a> - The provider associated with the public key
--   being used for encryption. This value must also be provided with the
--   private key for applications to be able to decrypt data.</li>
--   <li><a>eeFieldPatterns</a> - Field patterns in a field-level
--   encryption content type profile specify the fields that you want to be
--   encrypted. You can provide the full field name, or any beginning
--   characters followed by a wildcard (*). You can't overlap field
--   patterns. For example, you can't have both ABC* and AB*. Note that
--   field patterns are case-sensitive.</li>
--   </ul>
encryptionEntity :: Text -> Text -> FieldPatterns -> EncryptionEntity

-- | The public key associated with a set of field-level encryption
--   patterns, to be used when encrypting the fields that match the
--   patterns.
eePublicKeyId :: Lens' EncryptionEntity Text

-- | The provider associated with the public key being used for encryption.
--   This value must also be provided with the private key for applications
--   to be able to decrypt data.
eeProviderId :: Lens' EncryptionEntity Text

-- | Field patterns in a field-level encryption content type profile
--   specify the fields that you want to be encrypted. You can provide the
--   full field name, or any beginning characters followed by a wildcard
--   (*). You can't overlap field patterns. For example, you can't have
--   both ABC* and AB*. Note that field patterns are case-sensitive.
eeFieldPatterns :: Lens' EncryptionEntity FieldPatterns

-- | A complex data type that includes the profile configurations and other
--   options specified for field-level encryption.
--   
--   <i>See:</i> <a>fieldLevelEncryption</a> smart constructor.
data FieldLevelEncryption

-- | Creates a value of <a>FieldLevelEncryption</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>fleId</a> - The configuration ID for a field-level encryption
--   configuration which includes a set of profiles that specify certain
--   selected data fields to be encrypted by specific public keys.</li>
--   <li><a>fleLastModifiedTime</a> - The last time the field-level
--   encryption configuration was changed.</li>
--   <li><a>fleFieldLevelEncryptionConfig</a> - A complex data type that
--   includes the profile configurations specified for field-level
--   encryption.</li>
--   </ul>
fieldLevelEncryption :: Text -> UTCTime -> FieldLevelEncryptionConfig -> FieldLevelEncryption

-- | The configuration ID for a field-level encryption configuration which
--   includes a set of profiles that specify certain selected data fields
--   to be encrypted by specific public keys.
fleId :: Lens' FieldLevelEncryption Text

-- | The last time the field-level encryption configuration was changed.
fleLastModifiedTime :: Lens' FieldLevelEncryption UTCTime

-- | A complex data type that includes the profile configurations specified
--   for field-level encryption.
fleFieldLevelEncryptionConfig :: Lens' FieldLevelEncryption FieldLevelEncryptionConfig

-- | A complex data type that includes the profile configurations specified
--   for field-level encryption.
--   
--   <i>See:</i> <a>fieldLevelEncryptionConfig</a> smart constructor.
data FieldLevelEncryptionConfig

-- | Creates a value of <a>FieldLevelEncryptionConfig</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>flecQueryArgProfileConfig</a> - A complex data type that
--   specifies when to forward content if a profile isn't found and the
--   profile that can be provided as a query argument in a request.</li>
--   <li><a>flecContentTypeProfileConfig</a> - A complex data type that
--   specifies when to forward content if a content type isn't recognized
--   and profiles to use as by default in a request if a query argument
--   doesn't specify a profile to use.</li>
--   <li><a>flecComment</a> - An optional comment about the
--   configuration.</li>
--   <li><a>flecCallerReference</a> - A unique number that ensures the
--   request can't be replayed.</li>
--   </ul>
fieldLevelEncryptionConfig :: Text -> FieldLevelEncryptionConfig

-- | A complex data type that specifies when to forward content if a
--   profile isn't found and the profile that can be provided as a query
--   argument in a request.
flecQueryArgProfileConfig :: Lens' FieldLevelEncryptionConfig (Maybe QueryArgProfileConfig)

-- | A complex data type that specifies when to forward content if a
--   content type isn't recognized and profiles to use as by default in a
--   request if a query argument doesn't specify a profile to use.
flecContentTypeProfileConfig :: Lens' FieldLevelEncryptionConfig (Maybe ContentTypeProfileConfig)

-- | An optional comment about the configuration.
flecComment :: Lens' FieldLevelEncryptionConfig (Maybe Text)

-- | A unique number that ensures the request can't be replayed.
flecCallerReference :: Lens' FieldLevelEncryptionConfig Text

-- | List of field-level encrpytion configurations.
--   
--   <i>See:</i> <a>fieldLevelEncryptionList</a> smart constructor.
data FieldLevelEncryptionList

-- | Creates a value of <a>FieldLevelEncryptionList</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>flelItems</a> - An array of field-level encryption items.</li>
--   <li><a>flelNextMarker</a> - If there are more elements to be listed,
--   this element is present and contains the value that you can use for
--   the <tt>Marker</tt> request parameter to continue listing your
--   configurations where you left off.</li>
--   <li><a>flelMaxItems</a> - The maximum number of elements you want in
--   the response body.</li>
--   <li><a>flelQuantity</a> - The number of field-level encryption
--   items.</li>
--   </ul>
fieldLevelEncryptionList :: Int -> Int -> FieldLevelEncryptionList

-- | An array of field-level encryption items.
flelItems :: Lens' FieldLevelEncryptionList [FieldLevelEncryptionSummary]

-- | If there are more elements to be listed, this element is present and
--   contains the value that you can use for the <tt>Marker</tt> request
--   parameter to continue listing your configurations where you left off.
flelNextMarker :: Lens' FieldLevelEncryptionList (Maybe Text)

-- | The maximum number of elements you want in the response body.
flelMaxItems :: Lens' FieldLevelEncryptionList Int

-- | The number of field-level encryption items.
flelQuantity :: Lens' FieldLevelEncryptionList Int

-- | A complex data type for field-level encryption profiles.
--   
--   <i>See:</i> <a>fieldLevelEncryptionProfile</a> smart constructor.
data FieldLevelEncryptionProfile

-- | Creates a value of <a>FieldLevelEncryptionProfile</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>flepId</a> - The ID for a field-level encryption profile
--   configuration which includes a set of profiles that specify certain
--   selected data fields to be encrypted by specific public keys.</li>
--   <li><a>flepLastModifiedTime</a> - The last time the field-level
--   encryption profile was updated.</li>
--   <li><a>flepFieldLevelEncryptionProfileConfig</a> - A complex data type
--   that includes the profile name and the encryption entities for the
--   field-level encryption profile.</li>
--   </ul>
fieldLevelEncryptionProfile :: Text -> UTCTime -> FieldLevelEncryptionProfileConfig -> FieldLevelEncryptionProfile

-- | The ID for a field-level encryption profile configuration which
--   includes a set of profiles that specify certain selected data fields
--   to be encrypted by specific public keys.
flepId :: Lens' FieldLevelEncryptionProfile Text

-- | The last time the field-level encryption profile was updated.
flepLastModifiedTime :: Lens' FieldLevelEncryptionProfile UTCTime

-- | A complex data type that includes the profile name and the encryption
--   entities for the field-level encryption profile.
flepFieldLevelEncryptionProfileConfig :: Lens' FieldLevelEncryptionProfile FieldLevelEncryptionProfileConfig

-- | A complex data type of profiles for the field-level encryption.
--   
--   <i>See:</i> <a>fieldLevelEncryptionProfileConfig</a> smart
--   constructor.
data FieldLevelEncryptionProfileConfig

-- | Creates a value of <a>FieldLevelEncryptionProfileConfig</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>flepcComment</a> - An optional comment for the field-level
--   encryption profile.</li>
--   <li><a>flepcName</a> - Profile name for the field-level encryption
--   profile.</li>
--   <li><a>flepcCallerReference</a> - A unique number that ensures the
--   request can't be replayed.</li>
--   <li><a>flepcEncryptionEntities</a> - A complex data type of encryption
--   entities for the field-level encryption profile that include the
--   public key ID, provider, and field patterns for specifying which
--   fields to encrypt with this key.</li>
--   </ul>
fieldLevelEncryptionProfileConfig :: Text -> Text -> EncryptionEntities -> FieldLevelEncryptionProfileConfig

-- | An optional comment for the field-level encryption profile.
flepcComment :: Lens' FieldLevelEncryptionProfileConfig (Maybe Text)

-- | Profile name for the field-level encryption profile.
flepcName :: Lens' FieldLevelEncryptionProfileConfig Text

-- | A unique number that ensures the request can't be replayed.
flepcCallerReference :: Lens' FieldLevelEncryptionProfileConfig Text

-- | A complex data type of encryption entities for the field-level
--   encryption profile that include the public key ID, provider, and field
--   patterns for specifying which fields to encrypt with this key.
flepcEncryptionEntities :: Lens' FieldLevelEncryptionProfileConfig EncryptionEntities

-- | List of field-level encryption profiles.
--   
--   <i>See:</i> <a>fieldLevelEncryptionProfileList</a> smart constructor.
data FieldLevelEncryptionProfileList

-- | Creates a value of <a>FieldLevelEncryptionProfileList</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>fleplItems</a> - The field-level encryption profile items.</li>
--   <li><a>fleplNextMarker</a> - If there are more elements to be listed,
--   this element is present and contains the value that you can use for
--   the <tt>Marker</tt> request parameter to continue listing your
--   profiles where you left off.</li>
--   <li><a>fleplMaxItems</a> - The maximum number of field-level
--   encryption profiles you want in the response body.</li>
--   <li><a>fleplQuantity</a> - The number of field-level encryption
--   profiles.</li>
--   </ul>
fieldLevelEncryptionProfileList :: Int -> Int -> FieldLevelEncryptionProfileList

-- | The field-level encryption profile items.
fleplItems :: Lens' FieldLevelEncryptionProfileList [FieldLevelEncryptionProfileSummary]

-- | If there are more elements to be listed, this element is present and
--   contains the value that you can use for the <tt>Marker</tt> request
--   parameter to continue listing your profiles where you left off.
fleplNextMarker :: Lens' FieldLevelEncryptionProfileList (Maybe Text)

-- | The maximum number of field-level encryption profiles you want in the
--   response body.
fleplMaxItems :: Lens' FieldLevelEncryptionProfileList Int

-- | The number of field-level encryption profiles.
fleplQuantity :: Lens' FieldLevelEncryptionProfileList Int

-- | The field-level encryption profile summary.
--   
--   <i>See:</i> <a>fieldLevelEncryptionProfileSummary</a> smart
--   constructor.
data FieldLevelEncryptionProfileSummary

-- | Creates a value of <a>FieldLevelEncryptionProfileSummary</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>flepsComment</a> - An optional comment for the field-level
--   encryption profile summary.</li>
--   <li><a>flepsId</a> - ID for the field-level encryption profile
--   summary.</li>
--   <li><a>flepsLastModifiedTime</a> - The time when the the field-level
--   encryption profile summary was last updated.</li>
--   <li><a>flepsName</a> - Name for the field-level encryption profile
--   summary.</li>
--   <li><a>flepsEncryptionEntities</a> - A complex data type of encryption
--   entities for the field-level encryption profile that include the
--   public key ID, provider, and field patterns for specifying which
--   fields to encrypt with this key.</li>
--   </ul>
fieldLevelEncryptionProfileSummary :: Text -> UTCTime -> Text -> EncryptionEntities -> FieldLevelEncryptionProfileSummary

-- | An optional comment for the field-level encryption profile summary.
flepsComment :: Lens' FieldLevelEncryptionProfileSummary (Maybe Text)

-- | ID for the field-level encryption profile summary.
flepsId :: Lens' FieldLevelEncryptionProfileSummary Text

-- | The time when the the field-level encryption profile summary was last
--   updated.
flepsLastModifiedTime :: Lens' FieldLevelEncryptionProfileSummary UTCTime

-- | Name for the field-level encryption profile summary.
flepsName :: Lens' FieldLevelEncryptionProfileSummary Text

-- | A complex data type of encryption entities for the field-level
--   encryption profile that include the public key ID, provider, and field
--   patterns for specifying which fields to encrypt with this key.
flepsEncryptionEntities :: Lens' FieldLevelEncryptionProfileSummary EncryptionEntities

-- | A summary of a field-level encryption item.
--   
--   <i>See:</i> <a>fieldLevelEncryptionSummary</a> smart constructor.
data FieldLevelEncryptionSummary

-- | Creates a value of <a>FieldLevelEncryptionSummary</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>flesQueryArgProfileConfig</a> - A summary of a query
--   argument-profile mapping.</li>
--   <li><a>flesContentTypeProfileConfig</a> - A summary of a content
--   type-profile mapping.</li>
--   <li><a>flesComment</a> - An optional comment about the field-level
--   encryption item.</li>
--   <li><a>flesId</a> - The unique ID of a field-level encryption
--   item.</li>
--   <li><a>flesLastModifiedTime</a> - The last time that the summary of
--   field-level encryption items was modified.</li>
--   </ul>
fieldLevelEncryptionSummary :: Text -> UTCTime -> FieldLevelEncryptionSummary

-- | A summary of a query argument-profile mapping.
flesQueryArgProfileConfig :: Lens' FieldLevelEncryptionSummary (Maybe QueryArgProfileConfig)

-- | A summary of a content type-profile mapping.
flesContentTypeProfileConfig :: Lens' FieldLevelEncryptionSummary (Maybe ContentTypeProfileConfig)

-- | An optional comment about the field-level encryption item.
flesComment :: Lens' FieldLevelEncryptionSummary (Maybe Text)

-- | The unique ID of a field-level encryption item.
flesId :: Lens' FieldLevelEncryptionSummary Text

-- | The last time that the summary of field-level encryption items was
--   modified.
flesLastModifiedTime :: Lens' FieldLevelEncryptionSummary UTCTime

-- | A complex data type that includes the field patterns to match for
--   field-level encryption.
--   
--   <i>See:</i> <a>fieldPatterns</a> smart constructor.
data FieldPatterns

-- | Creates a value of <a>FieldPatterns</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>fpItems</a> - An array of the field-level encryption field
--   patterns.</li>
--   <li><a>fpQuantity</a> - The number of field-level encryption field
--   patterns.</li>
--   </ul>
fieldPatterns :: Int -> FieldPatterns

-- | An array of the field-level encryption field patterns.
fpItems :: Lens' FieldPatterns [Text]

-- | The number of field-level encryption field patterns.
fpQuantity :: Lens' FieldPatterns Int

-- | A complex type that specifies how CloudFront handles query strings and
--   cookies.
--   
--   <i>See:</i> <a>forwardedValues</a> smart constructor.
data ForwardedValues

-- | Creates a value of <a>ForwardedValues</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>fvQueryStringCacheKeys</a> - A complex type that contains
--   information about the query string parameters that you want CloudFront
--   to use for caching for this cache behavior.</li>
--   <li><a>fvHeaders</a> - A complex type that specifies the
--   <tt>Headers</tt> , if any, that you want CloudFront to base caching on
--   for this cache behavior.</li>
--   <li><a>fvQueryString</a> - Indicates whether you want CloudFront to
--   forward query strings to the origin that is associated with this cache
--   behavior and cache based on the query string parameters. CloudFront
--   behavior depends on the value of <tt>QueryString</tt> and on the
--   values that you specify for <tt>QueryStringCacheKeys</tt> , if any: If
--   you specify true for <tt>QueryString</tt> and you don't specify any
--   values for <tt>QueryStringCacheKeys</tt> , CloudFront forwards all
--   query string parameters to the origin and caches based on all query
--   string parameters. Depending on how many query string parameters and
--   values you have, this can adversely affect performance because
--   CloudFront must forward more requests to the origin. If you specify
--   true for <tt>QueryString</tt> and you specify one or more values for
--   <tt>QueryStringCacheKeys</tt> , CloudFront forwards all query string
--   parameters to the origin, but it only caches based on the query string
--   parameters that you specify. If you specify false for
--   <tt>QueryString</tt> , CloudFront doesn't forward any query string
--   parameters to the origin, and doesn't cache based on query string
--   parameters. For more information, see <a>Configuring CloudFront to
--   Cache Based on Query String Parameters</a> in the <i>Amazon CloudFront
--   Developer Guide</i> .</li>
--   <li><a>fvCookies</a> - A complex type that specifies whether you want
--   CloudFront to forward cookies to the origin and, if so, which ones.
--   For more information about forwarding cookies to the origin, see
--   <a>How CloudFront Forwards, Caches, and Logs Cookies</a> in the
--   <i>Amazon CloudFront Developer Guide</i> .</li>
--   </ul>
forwardedValues :: Bool -> CookiePreference -> ForwardedValues

-- | A complex type that contains information about the query string
--   parameters that you want CloudFront to use for caching for this cache
--   behavior.
fvQueryStringCacheKeys :: Lens' ForwardedValues (Maybe QueryStringCacheKeys)

-- | A complex type that specifies the <tt>Headers</tt> , if any, that you
--   want CloudFront to base caching on for this cache behavior.
fvHeaders :: Lens' ForwardedValues (Maybe Headers)

-- | Indicates whether you want CloudFront to forward query strings to the
--   origin that is associated with this cache behavior and cache based on
--   the query string parameters. CloudFront behavior depends on the value
--   of <tt>QueryString</tt> and on the values that you specify for
--   <tt>QueryStringCacheKeys</tt> , if any: If you specify true for
--   <tt>QueryString</tt> and you don't specify any values for
--   <tt>QueryStringCacheKeys</tt> , CloudFront forwards all query string
--   parameters to the origin and caches based on all query string
--   parameters. Depending on how many query string parameters and values
--   you have, this can adversely affect performance because CloudFront
--   must forward more requests to the origin. If you specify true for
--   <tt>QueryString</tt> and you specify one or more values for
--   <tt>QueryStringCacheKeys</tt> , CloudFront forwards all query string
--   parameters to the origin, but it only caches based on the query string
--   parameters that you specify. If you specify false for
--   <tt>QueryString</tt> , CloudFront doesn't forward any query string
--   parameters to the origin, and doesn't cache based on query string
--   parameters. For more information, see <a>Configuring CloudFront to
--   Cache Based on Query String Parameters</a> in the <i>Amazon CloudFront
--   Developer Guide</i> .
fvQueryString :: Lens' ForwardedValues Bool

-- | A complex type that specifies whether you want CloudFront to forward
--   cookies to the origin and, if so, which ones. For more information
--   about forwarding cookies to the origin, see <a>How CloudFront
--   Forwards, Caches, and Logs Cookies</a> in the <i>Amazon CloudFront
--   Developer Guide</i> .
fvCookies :: Lens' ForwardedValues CookiePreference

-- | A complex type that controls the countries in which your content is
--   distributed. CloudFront determines the location of your users using
--   <tt>MaxMind</tt> GeoIP databases.
--   
--   <i>See:</i> <a>geoRestriction</a> smart constructor.
data GeoRestriction

-- | Creates a value of <a>GeoRestriction</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>grItems</a> - A complex type that contains a <tt>Location</tt>
--   element for each country in which you want CloudFront either to
--   distribute your content (<tt>whitelist</tt> ) or not distribute your
--   content (<tt>blacklist</tt> ). The <tt>Location</tt> element is a
--   two-letter, uppercase country code for a country that you want to
--   include in your <tt>blacklist</tt> or <tt>whitelist</tt> . Include one
--   <tt>Location</tt> element for each country. CloudFront and
--   <tt>MaxMind</tt> both use <tt>ISO 3166</tt> country codes. For the
--   current list of countries and the corresponding codes, see <tt>ISO
--   3166-1-alpha-2</tt> code on the <i>International Organization for
--   Standardization</i> website. You can also refer to the country list on
--   the CloudFront console, which includes both country names and
--   codes.</li>
--   <li><a>grRestrictionType</a> - The method that you want to use to
--   restrict distribution of your content by country: * <tt>none</tt> : No
--   geo restriction is enabled, meaning access to content is not
--   restricted by client geo location. * <tt>blacklist</tt> : The
--   <tt>Location</tt> elements specify the countries in which you don't
--   want CloudFront to distribute your content. * <tt>whitelist</tt> : The
--   <tt>Location</tt> elements specify the countries in which you want
--   CloudFront to distribute your content.</li>
--   <li><a>grQuantity</a> - When geo restriction is <tt>enabled</tt> ,
--   this is the number of countries in your <tt>whitelist</tt> or
--   <tt>blacklist</tt> . Otherwise, when it is not enabled,
--   <tt>Quantity</tt> is <tt>0</tt> , and you can omit <tt>Items</tt>
--   .</li>
--   </ul>
geoRestriction :: GeoRestrictionType -> Int -> GeoRestriction

-- | A complex type that contains a <tt>Location</tt> element for each
--   country in which you want CloudFront either to distribute your content
--   (<tt>whitelist</tt> ) or not distribute your content
--   (<tt>blacklist</tt> ). The <tt>Location</tt> element is a two-letter,
--   uppercase country code for a country that you want to include in your
--   <tt>blacklist</tt> or <tt>whitelist</tt> . Include one
--   <tt>Location</tt> element for each country. CloudFront and
--   <tt>MaxMind</tt> both use <tt>ISO 3166</tt> country codes. For the
--   current list of countries and the corresponding codes, see <tt>ISO
--   3166-1-alpha-2</tt> code on the <i>International Organization for
--   Standardization</i> website. You can also refer to the country list on
--   the CloudFront console, which includes both country names and codes.
grItems :: Lens' GeoRestriction [Text]

-- | The method that you want to use to restrict distribution of your
--   content by country: * <tt>none</tt> : No geo restriction is enabled,
--   meaning access to content is not restricted by client geo location. *
--   <tt>blacklist</tt> : The <tt>Location</tt> elements specify the
--   countries in which you don't want CloudFront to distribute your
--   content. * <tt>whitelist</tt> : The <tt>Location</tt> elements specify
--   the countries in which you want CloudFront to distribute your content.
grRestrictionType :: Lens' GeoRestriction GeoRestrictionType

-- | When geo restriction is <tt>enabled</tt> , this is the number of
--   countries in your <tt>whitelist</tt> or <tt>blacklist</tt> .
--   Otherwise, when it is not enabled, <tt>Quantity</tt> is <tt>0</tt> ,
--   and you can omit <tt>Items</tt> .
grQuantity :: Lens' GeoRestriction Int

-- | A complex type that specifies the request headers, if any, that you
--   want CloudFront to base caching on for this cache behavior.
--   
--   For the headers that you specify, CloudFront caches separate versions
--   of a specified object based on the header values in viewer requests.
--   For example, suppose viewer requests for <tt>logo.jpg</tt> contain a
--   custom <tt>product</tt> header that has a value of either
--   <tt>acme</tt> or <tt>apex</tt> , and you configure CloudFront to cache
--   your content based on values in the <tt>product</tt> header.
--   CloudFront forwards the <tt>product</tt> header to the origin and
--   caches the response from the origin once for each header value. For
--   more information about caching based on header values, see <a>How
--   CloudFront Forwards and Caches Headers</a> in the <i>Amazon CloudFront
--   Developer Guide</i> .
--   
--   <i>See:</i> <a>headers</a> smart constructor.
data Headers

-- | Creates a value of <a>Headers</a> with the minimum fields required to
--   make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>hItems</a> - A list that contains one <tt>Name</tt> element for
--   each header that you want CloudFront to use for caching in this cache
--   behavior. If <tt>Quantity</tt> is <tt>0</tt> , omit <tt>Items</tt>
--   .</li>
--   <li><a>hQuantity</a> - The number of different headers that you want
--   CloudFront to base caching on for this cache behavior. You can
--   configure each cache behavior in a web distribution to do one of the
--   following: * <b>Forward all headers to your origin</b> : Specify
--   <tt>1</tt> for <tt>Quantity</tt> and <tt>*</tt> for <tt>Name</tt> .
--   <i>Important:</i> CloudFront doesn't cache the objects that are
--   associated with this cache behavior. Instead, CloudFront sends every
--   request to the origin. * <b>Forward a whitelist of headers you
--   specify</b> : Specify the number of headers that you want CloudFront
--   to base caching on. Then specify the header names in <tt>Name</tt>
--   elements. CloudFront caches your objects based on the values in the
--   specified headers. * <b>Forward only the default headers</b> : Specify
--   <tt>0</tt> for <tt>Quantity</tt> and omit <tt>Items</tt> . In this
--   configuration, CloudFront doesn't cache based on the values in the
--   request headers. Regardless of which option you choose, CloudFront
--   forwards headers to your origin based on whether the origin is an S3
--   bucket or a custom origin. See the following documentation: * <b>S3
--   bucket</b> : See <a>HTTP Request Headers That CloudFront Removes or
--   Updates</a> * <b>Custom origin</b> : See <a>HTTP Request Headers and
--   CloudFront Behavior</a></li>
--   </ul>
headers :: Int -> Headers

-- | A list that contains one <tt>Name</tt> element for each header that
--   you want CloudFront to use for caching in this cache behavior. If
--   <tt>Quantity</tt> is <tt>0</tt> , omit <tt>Items</tt> .
hItems :: Lens' Headers [Text]

-- | The number of different headers that you want CloudFront to base
--   caching on for this cache behavior. You can configure each cache
--   behavior in a web distribution to do one of the following: *
--   <b>Forward all headers to your origin</b> : Specify <tt>1</tt> for
--   <tt>Quantity</tt> and <tt>*</tt> for <tt>Name</tt> . <i>Important:</i>
--   CloudFront doesn't cache the objects that are associated with this
--   cache behavior. Instead, CloudFront sends every request to the origin.
--   * <b>Forward a whitelist of headers you specify</b> : Specify the
--   number of headers that you want CloudFront to base caching on. Then
--   specify the header names in <tt>Name</tt> elements. CloudFront caches
--   your objects based on the values in the specified headers. *
--   <b>Forward only the default headers</b> : Specify <tt>0</tt> for
--   <tt>Quantity</tt> and omit <tt>Items</tt> . In this configuration,
--   CloudFront doesn't cache based on the values in the request headers.
--   Regardless of which option you choose, CloudFront forwards headers to
--   your origin based on whether the origin is an S3 bucket or a custom
--   origin. See the following documentation: * <b>S3 bucket</b> : See
--   <a>HTTP Request Headers That CloudFront Removes or Updates</a> *
--   <b>Custom origin</b> : See <a>HTTP Request Headers and CloudFront
--   Behavior</a>
hQuantity :: Lens' Headers Int

-- | An invalidation.
--   
--   <i>See:</i> <a>invalidation</a> smart constructor.
data Invalidation

-- | Creates a value of <a>Invalidation</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>iId</a> - The identifier for the invalidation request. For
--   example: <tt>IDFDVBD632BHDS5</tt> .</li>
--   <li><a>iStatus</a> - The status of the invalidation request. When the
--   invalidation batch is finished, the status is <tt>Completed</tt>
--   .</li>
--   <li><a>iCreateTime</a> - The date and time the invalidation request
--   was first made.</li>
--   <li><a>iInvalidationBatch</a> - The current invalidation information
--   for the batch request.</li>
--   </ul>
invalidation :: Text -> Text -> UTCTime -> InvalidationBatch -> Invalidation

-- | The identifier for the invalidation request. For example:
--   <tt>IDFDVBD632BHDS5</tt> .
iId :: Lens' Invalidation Text

-- | The status of the invalidation request. When the invalidation batch is
--   finished, the status is <tt>Completed</tt> .
iStatus :: Lens' Invalidation Text

-- | The date and time the invalidation request was first made.
iCreateTime :: Lens' Invalidation UTCTime

-- | The current invalidation information for the batch request.
iInvalidationBatch :: Lens' Invalidation InvalidationBatch

-- | An invalidation batch.
--   
--   <i>See:</i> <a>invalidationBatch</a> smart constructor.
data InvalidationBatch

-- | Creates a value of <a>InvalidationBatch</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>ibPaths</a> - A complex type that contains information about
--   the objects that you want to invalidate. For more information, see
--   <a>Specifying the Objects to Invalidate</a> in the <i>Amazon
--   CloudFront Developer Guide</i> .</li>
--   <li><a>ibCallerReference</a> - A value that you specify to uniquely
--   identify an invalidation request. CloudFront uses the value to prevent
--   you from accidentally resubmitting an identical request. Whenever you
--   create a new invalidation request, you must specify a new value for
--   <tt>CallerReference</tt> and change other values in the request as
--   applicable. One way to ensure that the value of
--   <tt>CallerReference</tt> is unique is to use a <tt>timestamp</tt> ,
--   for example, <tt>20120301090000</tt> . If you make a second
--   invalidation request with the same value for <tt>CallerReference</tt>
--   , and if the rest of the request is the same, CloudFront doesn't
--   create a new invalidation request. Instead, CloudFront returns
--   information about the invalidation request that you previously created
--   with the same <tt>CallerReference</tt> . If <tt>CallerReference</tt>
--   is a value you already sent in a previous invalidation batch request
--   but the content of any <tt>Path</tt> is different from the original
--   request, CloudFront returns an <tt>InvalidationBatchAlreadyExists</tt>
--   error.</li>
--   </ul>
invalidationBatch :: Paths -> Text -> InvalidationBatch

-- | A complex type that contains information about the objects that you
--   want to invalidate. For more information, see <a>Specifying the
--   Objects to Invalidate</a> in the <i>Amazon CloudFront Developer
--   Guide</i> .
ibPaths :: Lens' InvalidationBatch Paths

-- | A value that you specify to uniquely identify an invalidation request.
--   CloudFront uses the value to prevent you from accidentally
--   resubmitting an identical request. Whenever you create a new
--   invalidation request, you must specify a new value for
--   <tt>CallerReference</tt> and change other values in the request as
--   applicable. One way to ensure that the value of
--   <tt>CallerReference</tt> is unique is to use a <tt>timestamp</tt> ,
--   for example, <tt>20120301090000</tt> . If you make a second
--   invalidation request with the same value for <tt>CallerReference</tt>
--   , and if the rest of the request is the same, CloudFront doesn't
--   create a new invalidation request. Instead, CloudFront returns
--   information about the invalidation request that you previously created
--   with the same <tt>CallerReference</tt> . If <tt>CallerReference</tt>
--   is a value you already sent in a previous invalidation batch request
--   but the content of any <tt>Path</tt> is different from the original
--   request, CloudFront returns an <tt>InvalidationBatchAlreadyExists</tt>
--   error.
ibCallerReference :: Lens' InvalidationBatch Text

-- | The <tt>InvalidationList</tt> complex type describes the list of
--   invalidation objects. For more information about invalidation, see
--   <a>Invalidating Objects (Web Distributions Only)</a> in the <i>Amazon
--   CloudFront Developer Guide</i> .
--   
--   <i>See:</i> <a>invalidationList</a> smart constructor.
data InvalidationList

-- | Creates a value of <a>InvalidationList</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>ilItems</a> - A complex type that contains one
--   <tt>InvalidationSummary</tt> element for each invalidation batch
--   created by the current AWS account.</li>
--   <li><a>ilNextMarker</a> - If <tt>IsTruncated</tt> is <tt>true</tt> ,
--   this element is present and contains the value that you can use for
--   the <tt>Marker</tt> request parameter to continue listing your
--   invalidation batches where they left off.</li>
--   <li><a>ilMarker</a> - The value that you provided for the
--   <tt>Marker</tt> request parameter.</li>
--   <li><a>ilMaxItems</a> - The value that you provided for the
--   <tt>MaxItems</tt> request parameter.</li>
--   <li><a>ilIsTruncated</a> - A flag that indicates whether more
--   invalidation batch requests remain to be listed. If your results were
--   truncated, you can make a follow-up pagination request using the
--   <tt>Marker</tt> request parameter to retrieve more invalidation
--   batches in the list.</li>
--   <li><a>ilQuantity</a> - The number of invalidation batches that were
--   created by the current AWS account.</li>
--   </ul>
invalidationList :: Text -> Int -> Bool -> Int -> InvalidationList

-- | A complex type that contains one <tt>InvalidationSummary</tt> element
--   for each invalidation batch created by the current AWS account.
ilItems :: Lens' InvalidationList [InvalidationSummary]

-- | If <tt>IsTruncated</tt> is <tt>true</tt> , this element is present and
--   contains the value that you can use for the <tt>Marker</tt> request
--   parameter to continue listing your invalidation batches where they
--   left off.
ilNextMarker :: Lens' InvalidationList (Maybe Text)

-- | The value that you provided for the <tt>Marker</tt> request parameter.
ilMarker :: Lens' InvalidationList Text

-- | The value that you provided for the <tt>MaxItems</tt> request
--   parameter.
ilMaxItems :: Lens' InvalidationList Int

-- | A flag that indicates whether more invalidation batch requests remain
--   to be listed. If your results were truncated, you can make a follow-up
--   pagination request using the <tt>Marker</tt> request parameter to
--   retrieve more invalidation batches in the list.
ilIsTruncated :: Lens' InvalidationList Bool

-- | The number of invalidation batches that were created by the current
--   AWS account.
ilQuantity :: Lens' InvalidationList Int

-- | A summary of an invalidation request.
--   
--   <i>See:</i> <a>invalidationSummary</a> smart constructor.
data InvalidationSummary

-- | Creates a value of <a>InvalidationSummary</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>isId</a> - The unique ID for an invalidation request.</li>
--   <li><a>isCreateTime</a> - Undocumented member.</li>
--   <li><a>isStatus</a> - The status of an invalidation request.</li>
--   </ul>
invalidationSummary :: Text -> UTCTime -> Text -> InvalidationSummary

-- | The unique ID for an invalidation request.
isId :: Lens' InvalidationSummary Text

-- | Undocumented member.
isCreateTime :: Lens' InvalidationSummary UTCTime

-- | The status of an invalidation request.
isStatus :: Lens' InvalidationSummary Text

-- | A complex type that lists the active CloudFront key pairs, if any,
--   that are associated with <tt>AwsAccountNumber</tt> .
--   
--   For more information, see <a>ActiveTrustedSigners</a> .
--   
--   <i>See:</i> <a>keyPairIds</a> smart constructor.
data KeyPairIds

-- | Creates a value of <a>KeyPairIds</a> with the minimum fields required
--   to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>kpiItems</a> - A complex type that lists the active CloudFront
--   key pairs, if any, that are associated with <tt>AwsAccountNumber</tt>
--   . For more information, see <a>ActiveTrustedSigners</a> .</li>
--   <li><a>kpiQuantity</a> - The number of active CloudFront key pairs for
--   <tt>AwsAccountNumber</tt> . For more information, see
--   <a>ActiveTrustedSigners</a> .</li>
--   </ul>
keyPairIds :: Int -> KeyPairIds

-- | A complex type that lists the active CloudFront key pairs, if any,
--   that are associated with <tt>AwsAccountNumber</tt> . For more
--   information, see <a>ActiveTrustedSigners</a> .
kpiItems :: Lens' KeyPairIds [Text]

-- | The number of active CloudFront key pairs for
--   <tt>AwsAccountNumber</tt> . For more information, see
--   <a>ActiveTrustedSigners</a> .
kpiQuantity :: Lens' KeyPairIds Int

-- | A complex type that contains a Lambda function association.
--   
--   <i>See:</i> <a>lambdaFunctionAssociation</a> smart constructor.
data LambdaFunctionAssociation

-- | Creates a value of <a>LambdaFunctionAssociation</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>lfaLambdaFunctionARN</a> - The ARN of the Lambda function. You
--   must specify the ARN of a function version; you can't specify a Lambda
--   alias or $LATEST.</li>
--   <li><a>lfaEventType</a> - Specifies the event type that triggers a
--   Lambda function invocation. You can specify the following values: *
--   <tt>viewer-request</tt> : The function executes when CloudFront
--   receives a request from a viewer and before it checks to see whether
--   the requested object is in the edge cache. * <tt>origin-request</tt> :
--   The function executes only when CloudFront forwards a request to your
--   origin. When the requested object is in the edge cache, the function
--   doesn't execute. * <tt>origin-response</tt> : The function executes
--   after CloudFront receives a response from the origin and before it
--   caches the object in the response. When the requested object is in the
--   edge cache, the function doesn't execute. If the origin returns an
--   HTTP status code other than HTTP 200 (OK), the function doesn't
--   execute. * <tt>viewer-response</tt> : The function executes before
--   CloudFront returns the requested object to the viewer. The function
--   executes regardless of whether the object was already in the edge
--   cache. If the origin returns an HTTP status code other than HTTP 200
--   (OK), the function doesn't execute.</li>
--   </ul>
lambdaFunctionAssociation :: Text -> EventType -> LambdaFunctionAssociation

-- | The ARN of the Lambda function. You must specify the ARN of a function
--   version; you can't specify a Lambda alias or $LATEST.
lfaLambdaFunctionARN :: Lens' LambdaFunctionAssociation Text

-- | Specifies the event type that triggers a Lambda function invocation.
--   You can specify the following values: * <tt>viewer-request</tt> : The
--   function executes when CloudFront receives a request from a viewer and
--   before it checks to see whether the requested object is in the edge
--   cache. * <tt>origin-request</tt> : The function executes only when
--   CloudFront forwards a request to your origin. When the requested
--   object is in the edge cache, the function doesn't execute. *
--   <tt>origin-response</tt> : The function executes after CloudFront
--   receives a response from the origin and before it caches the object in
--   the response. When the requested object is in the edge cache, the
--   function doesn't execute. If the origin returns an HTTP status code
--   other than HTTP 200 (OK), the function doesn't execute. *
--   <tt>viewer-response</tt> : The function executes before CloudFront
--   returns the requested object to the viewer. The function executes
--   regardless of whether the object was already in the edge cache. If the
--   origin returns an HTTP status code other than HTTP 200 (OK), the
--   function doesn't execute.
lfaEventType :: Lens' LambdaFunctionAssociation EventType

-- | A complex type that specifies a list of Lambda functions associations
--   for a cache behavior.
--   
--   If you want to invoke one or more Lambda functions triggered by
--   requests that match the <tt>PathPattern</tt> of the cache behavior,
--   specify the applicable values for <tt>Quantity</tt> and <tt>Items</tt>
--   . Note that there can be up to 4 <tt>LambdaFunctionAssociation</tt>
--   items in this list (one for each possible value of <tt>EventType</tt>
--   ) and each <tt>EventType</tt> can be associated with the Lambda
--   function only once.
--   
--   If you don't want to invoke any Lambda functions for the requests that
--   match <tt>PathPattern</tt> , specify <tt>0</tt> for <tt>Quantity</tt>
--   and omit <tt>Items</tt> .
--   
--   <i>See:</i> <a>lambdaFunctionAssociations</a> smart constructor.
data LambdaFunctionAssociations

-- | Creates a value of <a>LambdaFunctionAssociations</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>lfaItems</a> - <b>Optional</b> : A complex type that contains
--   <tt>LambdaFunctionAssociation</tt> items for this cache behavior. If
--   <tt>Quantity</tt> is <tt>0</tt> , you can omit <tt>Items</tt> .</li>
--   <li><a>lfaQuantity</a> - The number of Lambda function associations
--   for this cache behavior.</li>
--   </ul>
lambdaFunctionAssociations :: Int -> LambdaFunctionAssociations

-- | <b>Optional</b> : A complex type that contains
--   <tt>LambdaFunctionAssociation</tt> items for this cache behavior. If
--   <tt>Quantity</tt> is <tt>0</tt> , you can omit <tt>Items</tt> .
lfaItems :: Lens' LambdaFunctionAssociations [LambdaFunctionAssociation]

-- | The number of Lambda function associations for this cache behavior.
lfaQuantity :: Lens' LambdaFunctionAssociations Int

-- | A complex type that controls whether access logs are written for the
--   distribution.
--   
--   <i>See:</i> <a>loggingConfig</a> smart constructor.
data LoggingConfig

-- | Creates a value of <a>LoggingConfig</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>lcEnabled</a> - Specifies whether you want CloudFront to save
--   access logs to an Amazon S3 bucket. If you don't want to enable
--   logging when you create a distribution or if you want to disable
--   logging for an existing distribution, specify <tt>false</tt> for
--   <tt>Enabled</tt> , and specify empty <tt>Bucket</tt> and
--   <tt>Prefix</tt> elements. If you specify <tt>false</tt> for
--   <tt>Enabled</tt> but you specify values for <tt>Bucket</tt> ,
--   <tt>prefix</tt> , and <tt>IncludeCookies</tt> , the values are
--   automatically deleted.</li>
--   <li><a>lcIncludeCookies</a> - Specifies whether you want CloudFront to
--   include cookies in access logs, specify <tt>true</tt> for
--   <tt>IncludeCookies</tt> . If you choose to include cookies in logs,
--   CloudFront logs all cookies regardless of how you configure the cache
--   behaviors for this distribution. If you don't want to include cookies
--   when you create a distribution or if you want to disable include
--   cookies for an existing distribution, specify <tt>false</tt> for
--   <tt>IncludeCookies</tt> .</li>
--   <li><a>lcBucket</a> - The Amazon S3 bucket to store the access logs
--   in, for example, <tt>myawslogbucket.s3.amazonaws.com</tt> .</li>
--   <li><a>lcPrefix</a> - An optional string that you want CloudFront to
--   prefix to the access log <tt>filenames</tt> for this distribution, for
--   example, <tt>myprefix/</tt> . If you want to enable logging, but you
--   don't want to specify a prefix, you still must include an empty
--   <tt>Prefix</tt> element in the <tt>Logging</tt> element.</li>
--   </ul>
loggingConfig :: Bool -> Bool -> Text -> Text -> LoggingConfig

-- | Specifies whether you want CloudFront to save access logs to an Amazon
--   S3 bucket. If you don't want to enable logging when you create a
--   distribution or if you want to disable logging for an existing
--   distribution, specify <tt>false</tt> for <tt>Enabled</tt> , and
--   specify empty <tt>Bucket</tt> and <tt>Prefix</tt> elements. If you
--   specify <tt>false</tt> for <tt>Enabled</tt> but you specify values for
--   <tt>Bucket</tt> , <tt>prefix</tt> , and <tt>IncludeCookies</tt> , the
--   values are automatically deleted.
lcEnabled :: Lens' LoggingConfig Bool

-- | Specifies whether you want CloudFront to include cookies in access
--   logs, specify <tt>true</tt> for <tt>IncludeCookies</tt> . If you
--   choose to include cookies in logs, CloudFront logs all cookies
--   regardless of how you configure the cache behaviors for this
--   distribution. If you don't want to include cookies when you create a
--   distribution or if you want to disable include cookies for an existing
--   distribution, specify <tt>false</tt> for <tt>IncludeCookies</tt> .
lcIncludeCookies :: Lens' LoggingConfig Bool

-- | The Amazon S3 bucket to store the access logs in, for example,
--   <tt>myawslogbucket.s3.amazonaws.com</tt> .
lcBucket :: Lens' LoggingConfig Text

-- | An optional string that you want CloudFront to prefix to the access
--   log <tt>filenames</tt> for this distribution, for example,
--   <tt>myprefix/</tt> . If you want to enable logging, but you don't want
--   to specify a prefix, you still must include an empty <tt>Prefix</tt>
--   element in the <tt>Logging</tt> element.
lcPrefix :: Lens' LoggingConfig Text

-- | A complex type that describes the Amazon S3 bucket or the HTTP server
--   (for example, a web server) from which CloudFront gets your files. You
--   must create at least one origin.
--   
--   For the current limit on the number of origins that you can create for
--   a distribution, see <a>Amazon CloudFront Limits</a> in the <i>AWS
--   General Reference</i> .
--   
--   <i>See:</i> <a>origin</a> smart constructor.
data Origin

-- | Creates a value of <a>Origin</a> with the minimum fields required to
--   make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>oCustomHeaders</a> - A complex type that contains names and
--   values for the custom headers that you want.</li>
--   <li><a>oCustomOriginConfig</a> - A complex type that contains
--   information about a custom origin. If the origin is an Amazon S3
--   bucket, use the <tt>S3OriginConfig</tt> element instead.</li>
--   <li><a>oS3OriginConfig</a> - A complex type that contains information
--   about the Amazon S3 origin. If the origin is a custom origin, use the
--   <tt>CustomOriginConfig</tt> element instead.</li>
--   <li><a>oOriginPath</a> - An optional element that causes CloudFront to
--   request your content from a directory in your Amazon S3 bucket or your
--   custom origin. When you include the <tt>OriginPath</tt> element,
--   specify the directory name, beginning with a <tt>/</tt> . CloudFront
--   appends the directory name to the value of <tt>DomainName</tt> , for
--   example, <tt>example.com/production</tt> . Do not include a <tt>/</tt>
--   at the end of the directory name. For example, suppose you've
--   specified the following values for your distribution: *
--   <tt>DomainName</tt> : An Amazon S3 bucket named <tt>myawsbucket</tt> .
--   * <tt>OriginPath</tt> : <tt>/production</tt> * <tt>CNAME</tt> :
--   <tt>example.com</tt> When a user enters
--   <tt>example.com/index.html</tt> in a browser, CloudFront sends a
--   request to Amazon S3 for
--   <tt>myawsbucket<i>production</i>index.html</tt> . When a user enters
--   <tt>example.com<i>acme</i>index.html</tt> in a browser, CloudFront
--   sends a request to Amazon S3 for
--   <tt>myawsbucket<i>production</i>acme/index.html</tt> .</li>
--   <li><a>oId</a> - A unique identifier for the origin. The value of
--   <tt>Id</tt> must be unique within the distribution. When you specify
--   the value of <tt>TargetOriginId</tt> for the default cache behavior or
--   for another cache behavior, you indicate the origin to which you want
--   the cache behavior to route requests by specifying the value of the
--   <tt>Id</tt> element for that origin. When a request matches the path
--   pattern for that cache behavior, CloudFront routes the request to the
--   specified origin. For more information, see <a>Cache Behavior
--   Settings</a> in the <i>Amazon CloudFront Developer Guide</i> .</li>
--   <li><a>oDomainName</a> - <b>Amazon S3 origins</b> : The DNS name of
--   the Amazon S3 bucket from which you want CloudFront to get objects for
--   this origin, for example, <tt>myawsbucket.s3.amazonaws.com</tt> .
--   Constraints for Amazon S3 origins: * If you configured Amazon S3
--   Transfer Acceleration for your bucket, don't specify the
--   <tt>s3-accelerate</tt> endpoint for <tt>DomainName</tt> . * The bucket
--   name must be between 3 and 63 characters long (inclusive). * The
--   bucket name must contain only lowercase characters, numbers, periods,
--   underscores, and dashes. * The bucket name must not contain adjacent
--   periods. <b>Custom Origins</b> : The DNS domain name for the HTTP
--   server from which you want CloudFront to get objects for this origin,
--   for example, <tt>www.example.com</tt> . Constraints for custom
--   origins: * <tt>DomainName</tt> must be a valid DNS name that contains
--   only a-z, A-Z, 0-9, dot (.), hyphen (-), or underscore (_) characters.
--   * The name cannot exceed 128 characters.</li>
--   </ul>
origin :: Text -> Text -> Origin

-- | A complex type that contains names and values for the custom headers
--   that you want.
oCustomHeaders :: Lens' Origin (Maybe CustomHeaders)

-- | A complex type that contains information about a custom origin. If the
--   origin is an Amazon S3 bucket, use the <tt>S3OriginConfig</tt> element
--   instead.
oCustomOriginConfig :: Lens' Origin (Maybe CustomOriginConfig)

-- | A complex type that contains information about the Amazon S3 origin.
--   If the origin is a custom origin, use the <tt>CustomOriginConfig</tt>
--   element instead.
oS3OriginConfig :: Lens' Origin (Maybe S3OriginConfig)

-- | An optional element that causes CloudFront to request your content
--   from a directory in your Amazon S3 bucket or your custom origin. When
--   you include the <tt>OriginPath</tt> element, specify the directory
--   name, beginning with a <tt>/</tt> . CloudFront appends the directory
--   name to the value of <tt>DomainName</tt> , for example,
--   <tt>example.com/production</tt> . Do not include a <tt>/</tt> at the
--   end of the directory name. For example, suppose you've specified the
--   following values for your distribution: * <tt>DomainName</tt> : An
--   Amazon S3 bucket named <tt>myawsbucket</tt> . * <tt>OriginPath</tt> :
--   <tt>/production</tt> * <tt>CNAME</tt> : <tt>example.com</tt> When a
--   user enters <tt>example.com/index.html</tt> in a browser, CloudFront
--   sends a request to Amazon S3 for
--   <tt>myawsbucket<i>production</i>index.html</tt> . When a user enters
--   <tt>example.com<i>acme</i>index.html</tt> in a browser, CloudFront
--   sends a request to Amazon S3 for
--   <tt>myawsbucket<i>production</i>acme/index.html</tt> .
oOriginPath :: Lens' Origin (Maybe Text)

-- | A unique identifier for the origin. The value of <tt>Id</tt> must be
--   unique within the distribution. When you specify the value of
--   <tt>TargetOriginId</tt> for the default cache behavior or for another
--   cache behavior, you indicate the origin to which you want the cache
--   behavior to route requests by specifying the value of the <tt>Id</tt>
--   element for that origin. When a request matches the path pattern for
--   that cache behavior, CloudFront routes the request to the specified
--   origin. For more information, see <a>Cache Behavior Settings</a> in
--   the <i>Amazon CloudFront Developer Guide</i> .
oId :: Lens' Origin Text

-- | <b>Amazon S3 origins</b> : The DNS name of the Amazon S3 bucket from
--   which you want CloudFront to get objects for this origin, for example,
--   <tt>myawsbucket.s3.amazonaws.com</tt> . Constraints for Amazon S3
--   origins: * If you configured Amazon S3 Transfer Acceleration for your
--   bucket, don't specify the <tt>s3-accelerate</tt> endpoint for
--   <tt>DomainName</tt> . * The bucket name must be between 3 and 63
--   characters long (inclusive). * The bucket name must contain only
--   lowercase characters, numbers, periods, underscores, and dashes. * The
--   bucket name must not contain adjacent periods. <b>Custom Origins</b> :
--   The DNS domain name for the HTTP server from which you want CloudFront
--   to get objects for this origin, for example, <tt>www.example.com</tt>
--   . Constraints for custom origins: * <tt>DomainName</tt> must be a
--   valid DNS name that contains only a-z, A-Z, 0-9, dot (.), hyphen (-),
--   or underscore (_) characters. * The name cannot exceed 128 characters.
oDomainName :: Lens' Origin Text

-- | A complex type that contains <tt>HeaderName</tt> and
--   <tt>HeaderValue</tt> elements, if any, for this distribution.
--   
--   <i>See:</i> <a>originCustomHeader</a> smart constructor.
data OriginCustomHeader

-- | Creates a value of <a>OriginCustomHeader</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>ochHeaderName</a> - The name of a header that you want
--   CloudFront to forward to your origin. For more information, see
--   <a>Forwarding Custom Headers to Your Origin (Web Distributions
--   Only)</a> in the <i>Amazon Amazon CloudFront Developer Guide</i>
--   .</li>
--   <li><a>ochHeaderValue</a> - The value for the header that you
--   specified in the <tt>HeaderName</tt> field.</li>
--   </ul>
originCustomHeader :: Text -> Text -> OriginCustomHeader

-- | The name of a header that you want CloudFront to forward to your
--   origin. For more information, see <a>Forwarding Custom Headers to Your
--   Origin (Web Distributions Only)</a> in the <i>Amazon Amazon CloudFront
--   Developer Guide</i> .
ochHeaderName :: Lens' OriginCustomHeader Text

-- | The value for the header that you specified in the <tt>HeaderName</tt>
--   field.
ochHeaderValue :: Lens' OriginCustomHeader Text

-- | A complex type that contains information about the SSL/TLS protocols
--   that CloudFront can use when establishing an HTTPS connection with
--   your origin.
--   
--   <i>See:</i> <a>originSSLProtocols</a> smart constructor.
data OriginSSLProtocols

-- | Creates a value of <a>OriginSSLProtocols</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>ospQuantity</a> - The number of SSL/TLS protocols that you want
--   to allow CloudFront to use when establishing an HTTPS connection with
--   this origin.</li>
--   <li><a>ospItems</a> - A list that contains allowed SSL/TLS protocols
--   for this distribution.</li>
--   </ul>
originSSLProtocols :: Int -> OriginSSLProtocols

-- | The number of SSL/TLS protocols that you want to allow CloudFront to
--   use when establishing an HTTPS connection with this origin.
ospQuantity :: Lens' OriginSSLProtocols Int

-- | A list that contains allowed SSL/TLS protocols for this distribution.
ospItems :: Lens' OriginSSLProtocols [SSLProtocol]

-- | A complex type that contains information about origins for this
--   distribution.
--   
--   <i>See:</i> <a>origins</a> smart constructor.
data Origins

-- | Creates a value of <a>Origins</a> with the minimum fields required to
--   make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>oItems</a> - A complex type that contains origins for this
--   distribution.</li>
--   <li><a>oQuantity</a> - The number of origins for this
--   distribution.</li>
--   </ul>
origins :: Int -> Origins

-- | A complex type that contains origins for this distribution.
oItems :: Lens' Origins (Maybe (NonEmpty Origin))

-- | The number of origins for this distribution.
oQuantity :: Lens' Origins Int

-- | A complex type that contains information about the objects that you
--   want to invalidate. For more information, see <a>Specifying the
--   Objects to Invalidate</a> in the <i>Amazon CloudFront Developer
--   Guide</i> .
--   
--   <i>See:</i> <a>paths</a> smart constructor.
data Paths

-- | Creates a value of <a>Paths</a> with the minimum fields required to
--   make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>pItems</a> - A complex type that contains a list of the paths
--   that you want to invalidate.</li>
--   <li><a>pQuantity</a> - The number of objects that you want to
--   invalidate.</li>
--   </ul>
paths :: Int -> Paths

-- | A complex type that contains a list of the paths that you want to
--   invalidate.
pItems :: Lens' Paths [Text]

-- | The number of objects that you want to invalidate.
pQuantity :: Lens' Paths Int

-- | A complex data type of public keys you add to CloudFront to use with
--   features like field-level encryption.
--   
--   <i>See:</i> <a>publicKey</a> smart constructor.
data PublicKey

-- | Creates a value of <a>PublicKey</a> with the minimum fields required
--   to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>pkId</a> - A unique ID assigned to a public key you've added to
--   CloudFront.</li>
--   <li><a>pkCreatedTime</a> - A time you added a public key to
--   CloudFront.</li>
--   <li><a>pkPublicKeyConfig</a> - A complex data type for a public key
--   you add to CloudFront to use with features like field-level
--   encryption.</li>
--   </ul>
publicKey :: Text -> UTCTime -> PublicKeyConfig -> PublicKey

-- | A unique ID assigned to a public key you've added to CloudFront.
pkId :: Lens' PublicKey Text

-- | A time you added a public key to CloudFront.
pkCreatedTime :: Lens' PublicKey UTCTime

-- | A complex data type for a public key you add to CloudFront to use with
--   features like field-level encryption.
pkPublicKeyConfig :: Lens' PublicKey PublicKeyConfig

-- | Information about a public key you add to CloudFront to use with
--   features like field-level encryption.
--   
--   <i>See:</i> <a>publicKeyConfig</a> smart constructor.
data PublicKeyConfig

-- | Creates a value of <a>PublicKeyConfig</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>pkcComment</a> - An optional comment about a public key.</li>
--   <li><a>pkcCallerReference</a> - A unique number that ensures the
--   request can't be replayed.</li>
--   <li><a>pkcName</a> - The name for a public key you add to CloudFront
--   to use with features like field-level encryption.</li>
--   <li><a>pkcEncodedKey</a> - The encoded public key that you want to add
--   to CloudFront to use with features like field-level encryption.</li>
--   </ul>
publicKeyConfig :: Text -> Text -> Text -> PublicKeyConfig

-- | An optional comment about a public key.
pkcComment :: Lens' PublicKeyConfig (Maybe Text)

-- | A unique number that ensures the request can't be replayed.
pkcCallerReference :: Lens' PublicKeyConfig Text

-- | The name for a public key you add to CloudFront to use with features
--   like field-level encryption.
pkcName :: Lens' PublicKeyConfig Text

-- | The encoded public key that you want to add to CloudFront to use with
--   features like field-level encryption.
pkcEncodedKey :: Lens' PublicKeyConfig Text

-- | A list of public keys you've added to CloudFront to use with features
--   like field-level encryption.
--   
--   <i>See:</i> <a>publicKeyList</a> smart constructor.
data PublicKeyList

-- | Creates a value of <a>PublicKeyList</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>pklItems</a> - An array of information about a public key you
--   add to CloudFront to use with features like field-level
--   encryption.</li>
--   <li><a>pklNextMarker</a> - If there are more elements to be listed,
--   this element is present and contains the value that you can use for
--   the <tt>Marker</tt> request parameter to continue listing your public
--   keys where you left off.</li>
--   <li><a>pklMaxItems</a> - The maximum number of public keys you want in
--   the response body.</li>
--   <li><a>pklQuantity</a> - The number of public keys you added to
--   CloudFront to use with features like field-level encryption.</li>
--   </ul>
publicKeyList :: Int -> Int -> PublicKeyList

-- | An array of information about a public key you add to CloudFront to
--   use with features like field-level encryption.
pklItems :: Lens' PublicKeyList [PublicKeySummary]

-- | If there are more elements to be listed, this element is present and
--   contains the value that you can use for the <tt>Marker</tt> request
--   parameter to continue listing your public keys where you left off.
pklNextMarker :: Lens' PublicKeyList (Maybe Text)

-- | The maximum number of public keys you want in the response body.
pklMaxItems :: Lens' PublicKeyList Int

-- | The number of public keys you added to CloudFront to use with features
--   like field-level encryption.
pklQuantity :: Lens' PublicKeyList Int

-- | Public key information summary.
--   
--   <i>See:</i> <a>publicKeySummary</a> smart constructor.
data PublicKeySummary

-- | Creates a value of <a>PublicKeySummary</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>pksComment</a> - Comment for public key information
--   summary.</li>
--   <li><a>pksId</a> - ID for public key information summary.</li>
--   <li><a>pksName</a> - Name for public key information summary.</li>
--   <li><a>pksCreatedTime</a> - Creation time for public key information
--   summary.</li>
--   <li><a>pksEncodedKey</a> - Encoded key for public key information
--   summary.</li>
--   </ul>
publicKeySummary :: Text -> Text -> UTCTime -> Text -> PublicKeySummary

-- | Comment for public key information summary.
pksComment :: Lens' PublicKeySummary (Maybe Text)

-- | ID for public key information summary.
pksId :: Lens' PublicKeySummary Text

-- | Name for public key information summary.
pksName :: Lens' PublicKeySummary Text

-- | Creation time for public key information summary.
pksCreatedTime :: Lens' PublicKeySummary UTCTime

-- | Encoded key for public key information summary.
pksEncodedKey :: Lens' PublicKeySummary Text

-- | Query argument-profile mapping for field-level encryption.
--   
--   <i>See:</i> <a>queryArgProfile</a> smart constructor.
data QueryArgProfile

-- | Creates a value of <a>QueryArgProfile</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>qapQueryArg</a> - Query argument for field-level encryption
--   query argument-profile mapping.</li>
--   <li><a>qapProfileId</a> - ID of profile to use for field-level
--   encryption query argument-profile mapping</li>
--   </ul>
queryArgProfile :: Text -> Text -> QueryArgProfile

-- | Query argument for field-level encryption query argument-profile
--   mapping.
qapQueryArg :: Lens' QueryArgProfile Text

-- | ID of profile to use for field-level encryption query argument-profile
--   mapping
qapProfileId :: Lens' QueryArgProfile Text

-- | Configuration for query argument-profile mapping for field-level
--   encryption.
--   
--   <i>See:</i> <a>queryArgProfileConfig</a> smart constructor.
data QueryArgProfileConfig

-- | Creates a value of <a>QueryArgProfileConfig</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>qapcQueryArgProfiles</a> - Profiles specified for query
--   argument-profile mapping for field-level encryption.</li>
--   <li><a>qapcForwardWhenQueryArgProfileIsUnknown</a> - Flag to set if
--   you want a request to be forwarded to the origin even if the profile
--   specified by the field-level encryption query argument, fle-profile,
--   is unknown.</li>
--   </ul>
queryArgProfileConfig :: Bool -> QueryArgProfileConfig

-- | Profiles specified for query argument-profile mapping for field-level
--   encryption.
qapcQueryArgProfiles :: Lens' QueryArgProfileConfig (Maybe QueryArgProfiles)

-- | Flag to set if you want a request to be forwarded to the origin even
--   if the profile specified by the field-level encryption query argument,
--   fle-profile, is unknown.
qapcForwardWhenQueryArgProfileIsUnknown :: Lens' QueryArgProfileConfig Bool

-- | Query argument-profile mapping for field-level encryption.
--   
--   <i>See:</i> <a>queryArgProfiles</a> smart constructor.
data QueryArgProfiles

-- | Creates a value of <a>QueryArgProfiles</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>qapItems</a> - Number of items for query argument-profile
--   mapping for field-level encryption.</li>
--   <li><a>qapQuantity</a> - Number of profiles for query argument-profile
--   mapping for field-level encryption.</li>
--   </ul>
queryArgProfiles :: Int -> QueryArgProfiles

-- | Number of items for query argument-profile mapping for field-level
--   encryption.
qapItems :: Lens' QueryArgProfiles [QueryArgProfile]

-- | Number of profiles for query argument-profile mapping for field-level
--   encryption.
qapQuantity :: Lens' QueryArgProfiles Int

-- | <i>See:</i> <a>queryStringCacheKeys</a> smart constructor.
data QueryStringCacheKeys

-- | Creates a value of <a>QueryStringCacheKeys</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>qsckItems</a> - (Optional) A list that contains the query
--   string parameters that you want CloudFront to use as a basis for
--   caching for this cache behavior. If <tt>Quantity</tt> is 0, you can
--   omit <tt>Items</tt> .</li>
--   <li><a>qsckQuantity</a> - The number of <tt>whitelisted</tt> query
--   string parameters for this cache behavior.</li>
--   </ul>
queryStringCacheKeys :: Int -> QueryStringCacheKeys

-- | (Optional) A list that contains the query string parameters that you
--   want CloudFront to use as a basis for caching for this cache behavior.
--   If <tt>Quantity</tt> is 0, you can omit <tt>Items</tt> .
qsckItems :: Lens' QueryStringCacheKeys [Text]

-- | The number of <tt>whitelisted</tt> query string parameters for this
--   cache behavior.
qsckQuantity :: Lens' QueryStringCacheKeys Int

-- | A complex type that identifies ways in which you want to restrict
--   distribution of your content.
--   
--   <i>See:</i> <a>restrictions</a> smart constructor.
data Restrictions

-- | Creates a value of <a>Restrictions</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>rGeoRestriction</a> - Undocumented member.</li>
--   </ul>
restrictions :: GeoRestriction -> Restrictions

-- | Undocumented member.
rGeoRestriction :: Lens' Restrictions GeoRestriction

-- | A complex type that contains information about the Amazon S3 bucket
--   from which you want CloudFront to get your media files for
--   distribution.
--   
--   <i>See:</i> <a>s3Origin</a> smart constructor.
data S3Origin

-- | Creates a value of <a>S3Origin</a> with the minimum fields required to
--   make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>soDomainName</a> - The DNS name of the Amazon S3 origin.</li>
--   <li><a>soOriginAccessIdentity</a> - The CloudFront origin access
--   identity to associate with the RTMP distribution. Use an origin access
--   identity to configure the distribution so that end users can only
--   access objects in an Amazon S3 bucket through CloudFront. If you want
--   end users to be able to access objects using either the CloudFront URL
--   or the Amazon S3 URL, specify an empty <tt>OriginAccessIdentity</tt>
--   element. To delete the origin access identity from an existing
--   distribution, update the distribution configuration and include an
--   empty <tt>OriginAccessIdentity</tt> element. To replace the origin
--   access identity, update the distribution configuration and specify the
--   new origin access identity. For more information, see <a>Using an
--   Origin Access Identity to Restrict Access to Your Amazon S3
--   Content</a> in the <i>Amazon Amazon CloudFront Developer Guide</i>
--   .</li>
--   </ul>
s3Origin :: Text -> Text -> S3Origin

-- | The DNS name of the Amazon S3 origin.
soDomainName :: Lens' S3Origin Text

-- | The CloudFront origin access identity to associate with the RTMP
--   distribution. Use an origin access identity to configure the
--   distribution so that end users can only access objects in an Amazon S3
--   bucket through CloudFront. If you want end users to be able to access
--   objects using either the CloudFront URL or the Amazon S3 URL, specify
--   an empty <tt>OriginAccessIdentity</tt> element. To delete the origin
--   access identity from an existing distribution, update the distribution
--   configuration and include an empty <tt>OriginAccessIdentity</tt>
--   element. To replace the origin access identity, update the
--   distribution configuration and specify the new origin access identity.
--   For more information, see <a>Using an Origin Access Identity to
--   Restrict Access to Your Amazon S3 Content</a> in the <i>Amazon Amazon
--   CloudFront Developer Guide</i> .
soOriginAccessIdentity :: Lens' S3Origin Text

-- | A complex type that contains information about the Amazon S3 origin.
--   If the origin is a custom origin, use the <tt>CustomOriginConfig</tt>
--   element instead.
--   
--   <i>See:</i> <a>s3OriginConfig</a> smart constructor.
data S3OriginConfig

-- | Creates a value of <a>S3OriginConfig</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>socOriginAccessIdentity</a> - The CloudFront origin access
--   identity to associate with the origin. Use an origin access identity
--   to configure the origin so that viewers can <i>only</i> access objects
--   in an Amazon S3 bucket through CloudFront. The format of the value is:
--   origin-access-identity<i>cloudfront</i><i>ID-of-origin-access-identity</i>
--   where <tt><i>ID-of-origin-access-identity</i> </tt> is the value that
--   CloudFront returned in the <tt>ID</tt> element when you created the
--   origin access identity. If you want viewers to be able to access
--   objects using either the CloudFront URL or the Amazon S3 URL, specify
--   an empty <tt>OriginAccessIdentity</tt> element. To delete the origin
--   access identity from an existing distribution, update the distribution
--   configuration and include an empty <tt>OriginAccessIdentity</tt>
--   element. To replace the origin access identity, update the
--   distribution configuration and specify the new origin access identity.
--   For more information about the origin access identity, see <a>Serving
--   Private Content through CloudFront</a> in the <i>Amazon CloudFront
--   Developer Guide</i> .</li>
--   </ul>
s3OriginConfig :: Text -> S3OriginConfig

-- | The CloudFront origin access identity to associate with the origin.
--   Use an origin access identity to configure the origin so that viewers
--   can <i>only</i> access objects in an Amazon S3 bucket through
--   CloudFront. The format of the value is:
--   origin-access-identity<i>cloudfront</i><i>ID-of-origin-access-identity</i>
--   where <tt><i>ID-of-origin-access-identity</i> </tt> is the value that
--   CloudFront returned in the <tt>ID</tt> element when you created the
--   origin access identity. If you want viewers to be able to access
--   objects using either the CloudFront URL or the Amazon S3 URL, specify
--   an empty <tt>OriginAccessIdentity</tt> element. To delete the origin
--   access identity from an existing distribution, update the distribution
--   configuration and include an empty <tt>OriginAccessIdentity</tt>
--   element. To replace the origin access identity, update the
--   distribution configuration and specify the new origin access identity.
--   For more information about the origin access identity, see <a>Serving
--   Private Content through CloudFront</a> in the <i>Amazon CloudFront
--   Developer Guide</i> .
socOriginAccessIdentity :: Lens' S3OriginConfig Text

-- | A complex type that lists the AWS accounts that were included in the
--   <tt>TrustedSigners</tt> complex type, as well as their active
--   CloudFront key pair IDs, if any.
--   
--   <i>See:</i> <a>signer</a> smart constructor.
data Signer

-- | Creates a value of <a>Signer</a> with the minimum fields required to
--   make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>sAWSAccountNumber</a> - An AWS account that is included in the
--   <tt>TrustedSigners</tt> complex type for this RTMP distribution. Valid
--   values include: * <tt>self</tt> , which is the AWS account used to
--   create the distribution. * An AWS account number.</li>
--   <li><a>sKeyPairIds</a> - A complex type that lists the active
--   CloudFront key pairs, if any, that are associated with
--   <tt>AwsAccountNumber</tt> .</li>
--   </ul>
signer :: Signer

-- | An AWS account that is included in the <tt>TrustedSigners</tt> complex
--   type for this RTMP distribution. Valid values include: * <tt>self</tt>
--   , which is the AWS account used to create the distribution. * An AWS
--   account number.
sAWSAccountNumber :: Lens' Signer (Maybe Text)

-- | A complex type that lists the active CloudFront key pairs, if any,
--   that are associated with <tt>AwsAccountNumber</tt> .
sKeyPairIds :: Lens' Signer (Maybe KeyPairIds)

-- | A streaming distribution.
--   
--   <i>See:</i> <a>streamingDistribution</a> smart constructor.
data StreamingDistribution

-- | Creates a value of <a>StreamingDistribution</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>sdLastModifiedTime</a> - The date and time that the
--   distribution was last modified.</li>
--   <li><a>sdId</a> - The identifier for the RTMP distribution. For
--   example: <tt>EGTXBD79EXAMPLE</tt> .</li>
--   <li><a>sdARN</a> - Undocumented member.</li>
--   <li><a>sdStatus</a> - The current status of the RTMP distribution.
--   When the status is <tt>Deployed</tt> , the distribution's information
--   is propagated to all CloudFront edge locations.</li>
--   <li><a>sdDomainName</a> - The domain name that corresponds to the
--   streaming distribution, for example,
--   <tt>s5c39gqb8ow64r.cloudfront.net</tt> .</li>
--   <li><a>sdActiveTrustedSigners</a> - A complex type that lists the AWS
--   accounts, if any, that you included in the <tt>TrustedSigners</tt>
--   complex type for this distribution. These are the accounts that you
--   want to allow to create signed URLs for private content. The
--   <tt>Signer</tt> complex type lists the AWS account number of the
--   trusted signer or <tt>self</tt> if the signer is the AWS account that
--   created the distribution. The <tt>Signer</tt> element also includes
--   the IDs of any active CloudFront key pairs that are associated with
--   the trusted signer's AWS account. If no <tt>KeyPairId</tt> element
--   appears for a <tt>Signer</tt> , that signer can't create signed URLs.
--   For more information, see <a>Serving Private Content through
--   CloudFront</a> in the <i>Amazon CloudFront Developer Guide</i> .</li>
--   <li><a>sdStreamingDistributionConfig</a> - The current configuration
--   information for the RTMP distribution.</li>
--   </ul>
streamingDistribution :: Text -> Text -> Text -> Text -> ActiveTrustedSigners -> StreamingDistributionConfig -> StreamingDistribution

-- | The date and time that the distribution was last modified.
sdLastModifiedTime :: Lens' StreamingDistribution (Maybe UTCTime)

-- | The identifier for the RTMP distribution. For example:
--   <tt>EGTXBD79EXAMPLE</tt> .
sdId :: Lens' StreamingDistribution Text

-- | Undocumented member.
sdARN :: Lens' StreamingDistribution Text

-- | The current status of the RTMP distribution. When the status is
--   <tt>Deployed</tt> , the distribution's information is propagated to
--   all CloudFront edge locations.
sdStatus :: Lens' StreamingDistribution Text

-- | The domain name that corresponds to the streaming distribution, for
--   example, <tt>s5c39gqb8ow64r.cloudfront.net</tt> .
sdDomainName :: Lens' StreamingDistribution Text

-- | A complex type that lists the AWS accounts, if any, that you included
--   in the <tt>TrustedSigners</tt> complex type for this distribution.
--   These are the accounts that you want to allow to create signed URLs
--   for private content. The <tt>Signer</tt> complex type lists the AWS
--   account number of the trusted signer or <tt>self</tt> if the signer is
--   the AWS account that created the distribution. The <tt>Signer</tt>
--   element also includes the IDs of any active CloudFront key pairs that
--   are associated with the trusted signer's AWS account. If no
--   <tt>KeyPairId</tt> element appears for a <tt>Signer</tt> , that signer
--   can't create signed URLs. For more information, see <a>Serving Private
--   Content through CloudFront</a> in the <i>Amazon CloudFront Developer
--   Guide</i> .
sdActiveTrustedSigners :: Lens' StreamingDistribution ActiveTrustedSigners

-- | The current configuration information for the RTMP distribution.
sdStreamingDistributionConfig :: Lens' StreamingDistribution StreamingDistributionConfig

-- | The RTMP distribution's configuration information.
--   
--   <i>See:</i> <a>streamingDistributionConfig</a> smart constructor.
data StreamingDistributionConfig

-- | Creates a value of <a>StreamingDistributionConfig</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>sdcAliases</a> - A complex type that contains information about
--   CNAMEs (alternate domain names), if any, for this streaming
--   distribution.</li>
--   <li><a>sdcPriceClass</a> - A complex type that contains information
--   about price class for this streaming distribution.</li>
--   <li><a>sdcLogging</a> - A complex type that controls whether access
--   logs are written for the streaming distribution.</li>
--   <li><a>sdcCallerReference</a> - A unique number that ensures that the
--   request can't be replayed. If the <tt>CallerReference</tt> is new (no
--   matter the content of the <tt>StreamingDistributionConfig</tt>
--   object), a new streaming distribution is created. If the
--   <tt>CallerReference</tt> is a value that you already sent in a
--   previous request to create a streaming distribution, and the content
--   of the <tt>StreamingDistributionConfig</tt> is identical to the
--   original request (ignoring white space), the response includes the
--   same information returned to the original request. If the
--   <tt>CallerReference</tt> is a value that you already sent in a
--   previous request to create a streaming distribution but the content of
--   the <tt>StreamingDistributionConfig</tt> is different from the
--   original request, CloudFront returns a
--   <tt>DistributionAlreadyExists</tt> error.</li>
--   <li><a>sdcS3Origin</a> - A complex type that contains information
--   about the Amazon S3 bucket from which you want CloudFront to get your
--   media files for distribution.</li>
--   <li><a>sdcComment</a> - Any comments you want to include about the
--   streaming distribution.</li>
--   <li><a>sdcTrustedSigners</a> - A complex type that specifies any AWS
--   accounts that you want to permit to create signed URLs for private
--   content. If you want the distribution to use signed URLs, include this
--   element; if you want the distribution to use public URLs, remove this
--   element. For more information, see <a>Serving Private Content through
--   CloudFront</a> in the <i>Amazon CloudFront Developer Guide</i> .</li>
--   <li><a>sdcEnabled</a> - Whether the streaming distribution is enabled
--   to accept user requests for content.</li>
--   </ul>
streamingDistributionConfig :: Text -> S3Origin -> Text -> TrustedSigners -> Bool -> StreamingDistributionConfig

-- | A complex type that contains information about CNAMEs (alternate
--   domain names), if any, for this streaming distribution.
sdcAliases :: Lens' StreamingDistributionConfig (Maybe Aliases)

-- | A complex type that contains information about price class for this
--   streaming distribution.
sdcPriceClass :: Lens' StreamingDistributionConfig (Maybe PriceClass)

-- | A complex type that controls whether access logs are written for the
--   streaming distribution.
sdcLogging :: Lens' StreamingDistributionConfig (Maybe StreamingLoggingConfig)

-- | A unique number that ensures that the request can't be replayed. If
--   the <tt>CallerReference</tt> is new (no matter the content of the
--   <tt>StreamingDistributionConfig</tt> object), a new streaming
--   distribution is created. If the <tt>CallerReference</tt> is a value
--   that you already sent in a previous request to create a streaming
--   distribution, and the content of the
--   <tt>StreamingDistributionConfig</tt> is identical to the original
--   request (ignoring white space), the response includes the same
--   information returned to the original request. If the
--   <tt>CallerReference</tt> is a value that you already sent in a
--   previous request to create a streaming distribution but the content of
--   the <tt>StreamingDistributionConfig</tt> is different from the
--   original request, CloudFront returns a
--   <tt>DistributionAlreadyExists</tt> error.
sdcCallerReference :: Lens' StreamingDistributionConfig Text

-- | A complex type that contains information about the Amazon S3 bucket
--   from which you want CloudFront to get your media files for
--   distribution.
sdcS3Origin :: Lens' StreamingDistributionConfig S3Origin

-- | Any comments you want to include about the streaming distribution.
sdcComment :: Lens' StreamingDistributionConfig Text

-- | A complex type that specifies any AWS accounts that you want to permit
--   to create signed URLs for private content. If you want the
--   distribution to use signed URLs, include this element; if you want the
--   distribution to use public URLs, remove this element. For more
--   information, see <a>Serving Private Content through CloudFront</a> in
--   the <i>Amazon CloudFront Developer Guide</i> .
sdcTrustedSigners :: Lens' StreamingDistributionConfig TrustedSigners

-- | Whether the streaming distribution is enabled to accept user requests
--   for content.
sdcEnabled :: Lens' StreamingDistributionConfig Bool

-- | A streaming distribution Configuration and a list of tags to be
--   associated with the streaming distribution.
--   
--   <i>See:</i> <a>streamingDistributionConfigWithTags</a> smart
--   constructor.
data StreamingDistributionConfigWithTags

-- | Creates a value of <a>StreamingDistributionConfigWithTags</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>sdcwtStreamingDistributionConfig</a> - A streaming distribution
--   Configuration.</li>
--   <li><a>sdcwtTags</a> - A complex type that contains zero or more
--   <tt>Tag</tt> elements.</li>
--   </ul>
streamingDistributionConfigWithTags :: StreamingDistributionConfig -> Tags -> StreamingDistributionConfigWithTags

-- | A streaming distribution Configuration.
sdcwtStreamingDistributionConfig :: Lens' StreamingDistributionConfigWithTags StreamingDistributionConfig

-- | A complex type that contains zero or more <tt>Tag</tt> elements.
sdcwtTags :: Lens' StreamingDistributionConfigWithTags Tags

-- | A streaming distribution list.
--   
--   <i>See:</i> <a>streamingDistributionList</a> smart constructor.
data StreamingDistributionList

-- | Creates a value of <a>StreamingDistributionList</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>sdlItems</a> - A complex type that contains one
--   <tt>StreamingDistributionSummary</tt> element for each distribution
--   that was created by the current AWS account.</li>
--   <li><a>sdlNextMarker</a> - If <tt>IsTruncated</tt> is <tt>true</tt> ,
--   this element is present and contains the value you can use for the
--   <tt>Marker</tt> request parameter to continue listing your RTMP
--   distributions where they left off.</li>
--   <li><a>sdlMarker</a> - The value you provided for the <tt>Marker</tt>
--   request parameter.</li>
--   <li><a>sdlMaxItems</a> - The value you provided for the
--   <tt>MaxItems</tt> request parameter.</li>
--   <li><a>sdlIsTruncated</a> - A flag that indicates whether more
--   streaming distributions remain to be listed. If your results were
--   truncated, you can make a follow-up pagination request using the
--   <tt>Marker</tt> request parameter to retrieve more distributions in
--   the list.</li>
--   <li><a>sdlQuantity</a> - The number of streaming distributions that
--   were created by the current AWS account.</li>
--   </ul>
streamingDistributionList :: Text -> Int -> Bool -> Int -> StreamingDistributionList

-- | A complex type that contains one <tt>StreamingDistributionSummary</tt>
--   element for each distribution that was created by the current AWS
--   account.
sdlItems :: Lens' StreamingDistributionList [StreamingDistributionSummary]

-- | If <tt>IsTruncated</tt> is <tt>true</tt> , this element is present and
--   contains the value you can use for the <tt>Marker</tt> request
--   parameter to continue listing your RTMP distributions where they left
--   off.
sdlNextMarker :: Lens' StreamingDistributionList (Maybe Text)

-- | The value you provided for the <tt>Marker</tt> request parameter.
sdlMarker :: Lens' StreamingDistributionList Text

-- | The value you provided for the <tt>MaxItems</tt> request parameter.
sdlMaxItems :: Lens' StreamingDistributionList Int

-- | A flag that indicates whether more streaming distributions remain to
--   be listed. If your results were truncated, you can make a follow-up
--   pagination request using the <tt>Marker</tt> request parameter to
--   retrieve more distributions in the list.
sdlIsTruncated :: Lens' StreamingDistributionList Bool

-- | The number of streaming distributions that were created by the current
--   AWS account.
sdlQuantity :: Lens' StreamingDistributionList Int

-- | A summary of the information for an Amazon CloudFront streaming
--   distribution.
--   
--   <i>See:</i> <a>streamingDistributionSummary</a> smart constructor.
data StreamingDistributionSummary

-- | Creates a value of <a>StreamingDistributionSummary</a> with the
--   minimum fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>sdsId</a> - The identifier for the distribution, for example,
--   <tt>EDFDVBD632BHDS5</tt> .</li>
--   <li><a>sdsARN</a> - The ARN (Amazon Resource Name) for the streaming
--   distribution. For example:
--   <tt>arn:aws:cloudfront::123456789012:streaming-distribution/EDFDVBD632BHDS5</tt>
--   , where <tt>123456789012</tt> is your AWS account ID.</li>
--   <li><a>sdsStatus</a> - Indicates the current status of the
--   distribution. When the status is <tt>Deployed</tt> , the
--   distribution's information is fully propagated throughout the Amazon
--   CloudFront system.</li>
--   <li><a>sdsLastModifiedTime</a> - The date and time the distribution
--   was last modified.</li>
--   <li><a>sdsDomainName</a> - The domain name corresponding to the
--   distribution, for example, <tt>d111111abcdef8.cloudfront.net</tt>
--   .</li>
--   <li><a>sdsS3Origin</a> - A complex type that contains information
--   about the Amazon S3 bucket from which you want CloudFront to get your
--   media files for distribution.</li>
--   <li><a>sdsAliases</a> - A complex type that contains information about
--   CNAMEs (alternate domain names), if any, for this streaming
--   distribution.</li>
--   <li><a>sdsTrustedSigners</a> - A complex type that specifies the AWS
--   accounts, if any, that you want to allow to create signed URLs for
--   private content. If you want to require signed URLs in requests for
--   objects in the target origin that match the <tt>PathPattern</tt> for
--   this cache behavior, specify <tt>true</tt> for <tt>Enabled</tt> , and
--   specify the applicable values for <tt>Quantity</tt> and <tt>Items</tt>
--   .If you don't want to require signed URLs in requests for objects that
--   match <tt>PathPattern</tt> , specify <tt>false</tt> for
--   <tt>Enabled</tt> and <tt>0</tt> for <tt>Quantity</tt> . Omit
--   <tt>Items</tt> . To add, change, or remove one or more trusted
--   signers, change <tt>Enabled</tt> to <tt>true</tt> (if it's currently
--   <tt>false</tt> ), change <tt>Quantity</tt> as applicable, and specify
--   all of the trusted signers that you want to include in the updated
--   distribution.</li>
--   <li><a>sdsComment</a> - The comment originally specified when this
--   distribution was created.</li>
--   <li><a>sdsPriceClass</a> - Undocumented member.</li>
--   <li><a>sdsEnabled</a> - Whether the distribution is enabled to accept
--   end user requests for content.</li>
--   </ul>
streamingDistributionSummary :: Text -> Text -> Text -> UTCTime -> Text -> S3Origin -> Aliases -> TrustedSigners -> Text -> PriceClass -> Bool -> StreamingDistributionSummary

-- | The identifier for the distribution, for example,
--   <tt>EDFDVBD632BHDS5</tt> .
sdsId :: Lens' StreamingDistributionSummary Text

-- | The ARN (Amazon Resource Name) for the streaming distribution. For
--   example:
--   <tt>arn:aws:cloudfront::123456789012:streaming-distribution/EDFDVBD632BHDS5</tt>
--   , where <tt>123456789012</tt> is your AWS account ID.
sdsARN :: Lens' StreamingDistributionSummary Text

-- | Indicates the current status of the distribution. When the status is
--   <tt>Deployed</tt> , the distribution's information is fully propagated
--   throughout the Amazon CloudFront system.
sdsStatus :: Lens' StreamingDistributionSummary Text

-- | The date and time the distribution was last modified.
sdsLastModifiedTime :: Lens' StreamingDistributionSummary UTCTime

-- | The domain name corresponding to the distribution, for example,
--   <tt>d111111abcdef8.cloudfront.net</tt> .
sdsDomainName :: Lens' StreamingDistributionSummary Text

-- | A complex type that contains information about the Amazon S3 bucket
--   from which you want CloudFront to get your media files for
--   distribution.
sdsS3Origin :: Lens' StreamingDistributionSummary S3Origin

-- | A complex type that contains information about CNAMEs (alternate
--   domain names), if any, for this streaming distribution.
sdsAliases :: Lens' StreamingDistributionSummary Aliases

-- | A complex type that specifies the AWS accounts, if any, that you want
--   to allow to create signed URLs for private content. If you want to
--   require signed URLs in requests for objects in the target origin that
--   match the <tt>PathPattern</tt> for this cache behavior, specify
--   <tt>true</tt> for <tt>Enabled</tt> , and specify the applicable values
--   for <tt>Quantity</tt> and <tt>Items</tt> .If you don't want to require
--   signed URLs in requests for objects that match <tt>PathPattern</tt> ,
--   specify <tt>false</tt> for <tt>Enabled</tt> and <tt>0</tt> for
--   <tt>Quantity</tt> . Omit <tt>Items</tt> . To add, change, or remove
--   one or more trusted signers, change <tt>Enabled</tt> to <tt>true</tt>
--   (if it's currently <tt>false</tt> ), change <tt>Quantity</tt> as
--   applicable, and specify all of the trusted signers that you want to
--   include in the updated distribution.
sdsTrustedSigners :: Lens' StreamingDistributionSummary TrustedSigners

-- | The comment originally specified when this distribution was created.
sdsComment :: Lens' StreamingDistributionSummary Text

-- | Undocumented member.
sdsPriceClass :: Lens' StreamingDistributionSummary PriceClass

-- | Whether the distribution is enabled to accept end user requests for
--   content.
sdsEnabled :: Lens' StreamingDistributionSummary Bool

-- | A complex type that controls whether access logs are written for this
--   streaming distribution.
--   
--   <i>See:</i> <a>streamingLoggingConfig</a> smart constructor.
data StreamingLoggingConfig

-- | Creates a value of <a>StreamingLoggingConfig</a> with the minimum
--   fields required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>slcEnabled</a> - Specifies whether you want CloudFront to save
--   access logs to an Amazon S3 bucket. If you don't want to enable
--   logging when you create a streaming distribution or if you want to
--   disable logging for an existing streaming distribution, specify
--   <tt>false</tt> for <tt>Enabled</tt> , and specify <tt>empty
--   Bucket</tt> and <tt>Prefix</tt> elements. If you specify
--   <tt>false</tt> for <tt>Enabled</tt> but you specify values for
--   <tt>Bucket</tt> and <tt>Prefix</tt> , the values are automatically
--   deleted.</li>
--   <li><a>slcBucket</a> - The Amazon S3 bucket to store the access logs
--   in, for example, <tt>myawslogbucket.s3.amazonaws.com</tt> .</li>
--   <li><a>slcPrefix</a> - An optional string that you want CloudFront to
--   prefix to the access log filenames for this streaming distribution,
--   for example, <tt>myprefix/</tt> . If you want to enable logging, but
--   you don't want to specify a prefix, you still must include an empty
--   <tt>Prefix</tt> element in the <tt>Logging</tt> element.</li>
--   </ul>
streamingLoggingConfig :: Bool -> Text -> Text -> StreamingLoggingConfig

-- | Specifies whether you want CloudFront to save access logs to an Amazon
--   S3 bucket. If you don't want to enable logging when you create a
--   streaming distribution or if you want to disable logging for an
--   existing streaming distribution, specify <tt>false</tt> for
--   <tt>Enabled</tt> , and specify <tt>empty Bucket</tt> and
--   <tt>Prefix</tt> elements. If you specify <tt>false</tt> for
--   <tt>Enabled</tt> but you specify values for <tt>Bucket</tt> and
--   <tt>Prefix</tt> , the values are automatically deleted.
slcEnabled :: Lens' StreamingLoggingConfig Bool

-- | The Amazon S3 bucket to store the access logs in, for example,
--   <tt>myawslogbucket.s3.amazonaws.com</tt> .
slcBucket :: Lens' StreamingLoggingConfig Text

-- | An optional string that you want CloudFront to prefix to the access
--   log filenames for this streaming distribution, for example,
--   <tt>myprefix/</tt> . If you want to enable logging, but you don't want
--   to specify a prefix, you still must include an empty <tt>Prefix</tt>
--   element in the <tt>Logging</tt> element.
slcPrefix :: Lens' StreamingLoggingConfig Text

-- | A complex type that contains <tt>Tag</tt> key and <tt>Tag</tt> value.
--   
--   <i>See:</i> <a>tag</a> smart constructor.
data Tag

-- | Creates a value of <a>Tag</a> with the minimum fields required to make
--   a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>tagValue</a> - A string that contains an optional <tt>Tag</tt>
--   value. The string length should be between 0 and 256 characters. Valid
--   characters include <tt>a-z</tt> , <tt>A-Z</tt> , <tt>0-9</tt> , space,
--   and the special characters <tt>_ - . : / = + </tt>@ .</li>
--   <li><a>tagKey</a> - A string that contains <tt>Tag</tt> key. The
--   string length should be between 1 and 128 characters. Valid characters
--   include <tt>a-z</tt> , <tt>A-Z</tt> , <tt>0-9</tt> , space, and the
--   special characters <tt>_ - . : / = + </tt>@ .</li>
--   </ul>
tag :: Text -> Tag

-- | A string that contains an optional <tt>Tag</tt> value. The string
--   length should be between 0 and 256 characters. Valid characters
--   include <tt>a-z</tt> , <tt>A-Z</tt> , <tt>0-9</tt> , space, and the
--   special characters <tt>_ - . : / = + </tt>@ .
tagValue :: Lens' Tag (Maybe Text)

-- | A string that contains <tt>Tag</tt> key. The string length should be
--   between 1 and 128 characters. Valid characters include <tt>a-z</tt> ,
--   <tt>A-Z</tt> , <tt>0-9</tt> , space, and the special characters <tt>_
--   - . : / = + </tt>@ .
tagKey :: Lens' Tag Text

-- | A complex type that contains zero or more <tt>Tag</tt> elements.
--   
--   <i>See:</i> <a>tagKeys</a> smart constructor.
data TagKeys

-- | Creates a value of <a>TagKeys</a> with the minimum fields required to
--   make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>tkItems</a> - A complex type that contains <tt>Tag</tt> key
--   elements.</li>
--   </ul>
tagKeys :: TagKeys

-- | A complex type that contains <tt>Tag</tt> key elements.
tkItems :: Lens' TagKeys [Text]

-- | A complex type that contains zero or more <tt>Tag</tt> elements.
--   
--   <i>See:</i> <a>tags</a> smart constructor.
data Tags

-- | Creates a value of <a>Tags</a> with the minimum fields required to
--   make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>tItems</a> - A complex type that contains <tt>Tag</tt>
--   elements.</li>
--   </ul>
tags :: Tags

-- | A complex type that contains <tt>Tag</tt> elements.
tItems :: Lens' Tags [Tag]

-- | A complex type that specifies the AWS accounts, if any, that you want
--   to allow to create signed URLs for private content.
--   
--   If you want to require signed URLs in requests for objects in the
--   target origin that match the <tt>PathPattern</tt> for this cache
--   behavior, specify <tt>true</tt> for <tt>Enabled</tt> , and specify the
--   applicable values for <tt>Quantity</tt> and <tt>Items</tt> . For more
--   information, see <a>Serving Private Content through CloudFront</a> in
--   the <i>Amazon Amazon CloudFront Developer Guide</i> .
--   
--   If you don't want to require signed URLs in requests for objects that
--   match <tt>PathPattern</tt> , specify <tt>false</tt> for
--   <tt>Enabled</tt> and <tt>0</tt> for <tt>Quantity</tt> . Omit
--   <tt>Items</tt> .
--   
--   To add, change, or remove one or more trusted signers, change
--   <tt>Enabled</tt> to <tt>true</tt> (if it's currently <tt>false</tt> ),
--   change <tt>Quantity</tt> as applicable, and specify all of the trusted
--   signers that you want to include in the updated distribution.
--   
--   For more information about updating the distribution configuration,
--   see <a>DistributionConfig</a> .
--   
--   <i>See:</i> <a>trustedSigners</a> smart constructor.
data TrustedSigners

-- | Creates a value of <a>TrustedSigners</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>tsItems</a> - <b>Optional</b> : A complex type that contains
--   trusted signers for this cache behavior. If <tt>Quantity</tt> is
--   <tt>0</tt> , you can omit <tt>Items</tt> .</li>
--   <li><a>tsEnabled</a> - Specifies whether you want to require viewers
--   to use signed URLs to access the files specified by
--   <tt>PathPattern</tt> and <tt>TargetOriginId</tt> .</li>
--   <li><a>tsQuantity</a> - The number of trusted signers for this cache
--   behavior.</li>
--   </ul>
trustedSigners :: Bool -> Int -> TrustedSigners

-- | <b>Optional</b> : A complex type that contains trusted signers for
--   this cache behavior. If <tt>Quantity</tt> is <tt>0</tt> , you can omit
--   <tt>Items</tt> .
tsItems :: Lens' TrustedSigners [Text]

-- | Specifies whether you want to require viewers to use signed URLs to
--   access the files specified by <tt>PathPattern</tt> and
--   <tt>TargetOriginId</tt> .
tsEnabled :: Lens' TrustedSigners Bool

-- | The number of trusted signers for this cache behavior.
tsQuantity :: Lens' TrustedSigners Int

-- | A complex type that specifies the following:
--   
--   <ul>
--   <li>Whether you want viewers to use HTTP or HTTPS to request your
--   objects.</li>
--   <li>If you want viewers to use HTTPS, whether you're using an
--   alternate domain name such as <tt>example.com</tt> or the CloudFront
--   domain name for your distribution, such as
--   <tt>d111111abcdef8.cloudfront.net</tt> .</li>
--   <li>If you're using an alternate domain name, whether AWS Certificate
--   Manager (ACM) provided the certificate, or you purchased a certificate
--   from a third-party certificate authority and imported it into ACM or
--   uploaded it to the IAM certificate store.</li>
--   </ul>
--   
--   You must specify only one of the following values:
--   
--   <ul>
--   <li>'ViewerCertificate$ACMCertificateArn'</li>
--   <li>'ViewerCertificate$IAMCertificateId'</li>
--   <li>'ViewerCertificate$CloudFrontDefaultCertificate'</li>
--   </ul>
--   
--   Don't specify <tt>false</tt> for <tt>CloudFrontDefaultCertificate</tt>
--   .
--   
--   <b>If you want viewers to use HTTP instead of HTTPS to request your
--   objects</b> : Specify the following value:
--   
--   <pre>
--   <a>CloudFrontDefaultCertificate</a>true<a>CloudFrontDefaultCertificate</a>
--   </pre>
--   
--   In addition, specify <tt>allow-all</tt> for
--   <tt>ViewerProtocolPolicy</tt> for all of your cache behaviors.
--   
--   <b>If you want viewers to use HTTPS to request your objects</b> :
--   Choose the type of certificate that you want to use based on whether
--   you're using an alternate domain name for your objects or the
--   CloudFront domain name:
--   
--   <ul>
--   <li><b>If you're using an alternate domain name, such as
--   example.com</b> : Specify one of the following values, depending on
--   whether ACM provided your certificate or you purchased your
--   certificate from third-party certificate authority:</li>
--   <li><tt><a>ACMCertificateArn</a><i>ARN for ACM SSL/TLS certificate</i>
--   <a>ACMCertificateArn</a></tt> where <tt><i>ARN for ACM SSL/TLS
--   certificate</i> </tt> is the ARN for the ACM SSL/TLS certificate that
--   you want to use for this distribution.</li>
--   <li><tt><a>IAMCertificateId</a><i>IAM certificate ID</i>
--   <a>IAMCertificateId</a></tt> where <tt><i>IAM certificate ID</i> </tt>
--   is the ID that IAM returned when you added the certificate to the IAM
--   certificate store.</li>
--   </ul>
--   
--   If you specify <tt>ACMCertificateArn</tt> or <tt>IAMCertificateId</tt>
--   , you must also specify a value for <tt>SSLSupportMethod</tt> .
--   
--   If you choose to use an ACM certificate or a certificate in the IAM
--   certificate store, we recommend that you use only an alternate domain
--   name in your object URLs (<tt><a>https://example.com/logo.jpg</a></tt>
--   ). If you use the domain name that is associated with your CloudFront
--   distribution (such as
--   <tt><a>https://d111111abcdef8.cloudfront.net/logo.jpg</a></tt> ) and
--   the viewer supports <tt>SNI</tt> , then CloudFront behaves normally.
--   However, if the browser does not support SNI, the user's experience
--   depends on the value that you choose for <tt>SSLSupportMethod</tt> :
--   
--   <ul>
--   <li><tt>vip</tt> : The viewer displays a warning because there is a
--   mismatch between the CloudFront domain name and the domain name in
--   your SSL/TLS certificate.</li>
--   <li><tt>sni-only</tt> : CloudFront drops the connection with the
--   browser without returning the object.</li>
--   <li><b>If you're using the CloudFront domain name for your
--   distribution, such as <tt>d111111abcdef8.cloudfront.net</tt> </b> :
--   Specify the following value:</li>
--   </ul>
--   
--   <pre>
--   <a>CloudFrontDefaultCertificate</a>true<a>CloudFrontDefaultCertificate</a>
--   </pre>
--   
--   If you want viewers to use HTTPS, you must also specify one of the
--   following values in your cache behaviors:
--   
--   <ul>
--   
--   <li><pre><a>ViewerProtocolPolicy</a>https-only<a>ViewerProtocolPolicy</a></pre></li>
--   
--   <li><pre><a>ViewerProtocolPolicy</a>redirect-to-https<a>ViewerProtocolPolicy</a></pre></li>
--   </ul>
--   
--   You can also optionally require that CloudFront use HTTPS to
--   communicate with your origin by specifying one of the following values
--   for the applicable origins:
--   
--   <ul>
--   
--   <li><pre><a>OriginProtocolPolicy</a>https-only<a>OriginProtocolPolicy</a></pre></li>
--   
--   <li><pre><a>OriginProtocolPolicy</a>match-viewer<a>OriginProtocolPolicy</a></pre></li>
--   </ul>
--   
--   For more information, see <a>Using Alternate Domain Names and
--   HTTPS</a> in the <i>Amazon CloudFront Developer Guide</i> .
--   
--   <i>See:</i> <a>viewerCertificate</a> smart constructor.
data ViewerCertificate

-- | Creates a value of <a>ViewerCertificate</a> with the minimum fields
--   required to make a request.
--   
--   Use one of the following lenses to modify other fields as desired:
--   
--   <ul>
--   <li><a>vcSSLSupportMethod</a> - If you specify a value for
--   'ViewerCertificate$ACMCertificateArn' or for
--   'ViewerCertificate$IAMCertificateId' , you must also specify how you
--   want CloudFront to serve HTTPS requests: using a method that works for
--   all clients or one that works for most clients: * <tt>vip</tt> :
--   CloudFront uses dedicated IP addresses for your content and can
--   respond to HTTPS requests from any viewer. However, you will incur
--   additional monthly charges. * <tt>sni-only</tt> : CloudFront can
--   respond to HTTPS requests from viewers that support Server Name
--   Indication (SNI). All modern browsers support SNI, but some browsers
--   still in use don't support SNI. If some of your users' browsers don't
--   support SNI, we recommend that you do one of the following: * Use the
--   <tt>vip</tt> option (dedicated IP addresses) instead of
--   <tt>sni-only</tt> . * Use the CloudFront SSL<i>TLS certificate instead
--   of a custom certificate. This requires that you use the CloudFront
--   domain name of your distribution in the URLs for your objects, for
--   example, @https:</i><i>d111111abcdef8.cloudfront.net</i>logo.png<tt> .
--   * If you can control which browser your users use, upgrade the browser
--   to one that supports SNI. * Use HTTP instead of HTTPS. Don't specify a
--   value for </tt>SSLSupportMethod<tt> if you specified
--   </tt><a>CloudFrontDefaultCertificate</a>true<a>CloudFrontDefaultCertificate</a>@
--   . For more information, see <a>Using Alternate Domain Names and
--   HTTPS</a> in the <i>Amazon CloudFront Developer Guide</i> .</li>
--   <li><a>vcACMCertificateARN</a> - For information about how and when to
--   use <tt>ACMCertificateArn</tt> , see <a>ViewerCertificate</a> .</li>
--   <li><a>vcCertificateSource</a> - This field has been deprecated. Use
--   one of the following fields instead: *
--   'ViewerCertificate$ACMCertificateArn' *
--   'ViewerCertificate$IAMCertificateId' *
--   'ViewerCertificate$CloudFrontDefaultCertificate'</li>
--   <li><a>vcMinimumProtocolVersion</a> - Specify the security policy that
--   you want CloudFront to use for HTTPS connections. A security policy
--   determines two settings: * The minimum SSL<i>TLS protocol that
--   CloudFront uses to communicate with viewers * The cipher that
--   CloudFront uses to encrypt the content that it returns to viewers We
--   recommend that you specify <tt>TLSv1.1_2016</tt> unless your users are
--   using browsers or devices that do not support TLSv1.1 or later. When
--   both of the following are true, you must specify <tt>TLSv1</tt> or
--   later for the security policy: * You're using a custom certificate:
--   you specified a value for <tt>ACMCertificateArn</tt> or for
--   <tt>IAMCertificateId</tt> * You're using SNI: you specified
--   <tt>sni-only</tt> for <tt>SSLSupportMethod</tt> If you specify
--   <tt>true</tt> for <tt>CloudFrontDefaultCertificate</tt> , CloudFront
--   automatically sets the security policy to <tt>TLSv1</tt> regardless of
--   the value that you specify for <tt>MinimumProtocolVersion</tt> . For
--   information about the relationship between the security policy that
--   you choose and the protocols and ciphers that CloudFront uses to
--   communicate with viewers, see
--   &lt;http:</i><i>docs.aws.amazon.com</i>AmazonCloudFront<i>latest</i>DeveloperGuide<i>secure-connections-supported-viewer-protocols-ciphers.html#secure-connections-supported-ciphers
--   Supported SSL</i>TLS Protocols and Ciphers for Communication Between
--   Viewers and CloudFront&gt; in the <i>Amazon CloudFront Developer
--   Guide</i> .</li>
--   <li><a>vcCertificate</a> - This field has been deprecated. Use one of
--   the following fields instead: * 'ViewerCertificate$ACMCertificateArn'
--   * 'ViewerCertificate$IAMCertificateId' *
--   'ViewerCertificate$CloudFrontDefaultCertificate'</li>
--   <li><a>vcIAMCertificateId</a> - For information about how and when to
--   use <tt>IAMCertificateId</tt> , see <a>ViewerCertificate</a> .</li>
--   <li><a>vcCloudFrontDefaultCertificate</a> - For information about how
--   and when to use <tt>CloudFrontDefaultCertificate</tt> , see
--   <a>ViewerCertificate</a> .</li>
--   </ul>
viewerCertificate :: ViewerCertificate

-- | If you specify a value for 'ViewerCertificate$ACMCertificateArn' or
--   for 'ViewerCertificate$IAMCertificateId' , you must also specify how
--   you want CloudFront to serve HTTPS requests: using a method that works
--   for all clients or one that works for most clients: * <tt>vip</tt> :
--   CloudFront uses dedicated IP addresses for your content and can
--   respond to HTTPS requests from any viewer. However, you will incur
--   additional monthly charges. * <tt>sni-only</tt> : CloudFront can
--   respond to HTTPS requests from viewers that support Server Name
--   Indication (SNI). All modern browsers support SNI, but some browsers
--   still in use don't support SNI. If some of your users' browsers don't
--   support SNI, we recommend that you do one of the following: * Use the
--   <tt>vip</tt> option (dedicated IP addresses) instead of
--   <tt>sni-only</tt> . * Use the CloudFront SSL<i>TLS certificate instead
--   of a custom certificate. This requires that you use the CloudFront
--   domain name of your distribution in the URLs for your objects, for
--   example, @https:</i><i>d111111abcdef8.cloudfront.net</i>logo.png<tt> .
--   * If you can control which browser your users use, upgrade the browser
--   to one that supports SNI. * Use HTTP instead of HTTPS. Don't specify a
--   value for </tt>SSLSupportMethod<tt> if you specified
--   </tt><a>CloudFrontDefaultCertificate</a>true<a>CloudFrontDefaultCertificate</a>@
--   . For more information, see <a>Using Alternate Domain Names and
--   HTTPS</a> in the <i>Amazon CloudFront Developer Guide</i> .
vcSSLSupportMethod :: Lens' ViewerCertificate (Maybe SSLSupportMethod)

-- | For information about how and when to use <tt>ACMCertificateArn</tt> ,
--   see <a>ViewerCertificate</a> .
vcACMCertificateARN :: Lens' ViewerCertificate (Maybe Text)

-- | This field has been deprecated. Use one of the following fields
--   instead: * 'ViewerCertificate$ACMCertificateArn' *
--   'ViewerCertificate$IAMCertificateId' *
--   'ViewerCertificate$CloudFrontDefaultCertificate'
vcCertificateSource :: Lens' ViewerCertificate (Maybe CertificateSource)

-- | Specify the security policy that you want CloudFront to use for HTTPS
--   connections. A security policy determines two settings: * The minimum
--   SSL<i>TLS protocol that CloudFront uses to communicate with viewers *
--   The cipher that CloudFront uses to encrypt the content that it returns
--   to viewers We recommend that you specify <tt>TLSv1.1_2016</tt> unless
--   your users are using browsers or devices that do not support TLSv1.1
--   or later. When both of the following are true, you must specify
--   <tt>TLSv1</tt> or later for the security policy: * You're using a
--   custom certificate: you specified a value for
--   <tt>ACMCertificateArn</tt> or for <tt>IAMCertificateId</tt> * You're
--   using SNI: you specified <tt>sni-only</tt> for
--   <tt>SSLSupportMethod</tt> If you specify <tt>true</tt> for
--   <tt>CloudFrontDefaultCertificate</tt> , CloudFront automatically sets
--   the security policy to <tt>TLSv1</tt> regardless of the value that you
--   specify for <tt>MinimumProtocolVersion</tt> . For information about
--   the relationship between the security policy that you choose and the
--   protocols and ciphers that CloudFront uses to communicate with
--   viewers, see
--   &lt;http:</i><i>docs.aws.amazon.com</i>AmazonCloudFront<i>latest</i>DeveloperGuide<i>secure-connections-supported-viewer-protocols-ciphers.html#secure-connections-supported-ciphers
--   Supported SSL</i>TLS Protocols and Ciphers for Communication Between
--   Viewers and CloudFront&gt; in the <i>Amazon CloudFront Developer
--   Guide</i> .
vcMinimumProtocolVersion :: Lens' ViewerCertificate (Maybe MinimumProtocolVersion)

-- | This field has been deprecated. Use one of the following fields
--   instead: * 'ViewerCertificate$ACMCertificateArn' *
--   'ViewerCertificate$IAMCertificateId' *
--   'ViewerCertificate$CloudFrontDefaultCertificate'
vcCertificate :: Lens' ViewerCertificate (Maybe Text)

-- | For information about how and when to use <tt>IAMCertificateId</tt> ,
--   see <a>ViewerCertificate</a> .
vcIAMCertificateId :: Lens' ViewerCertificate (Maybe Text)

-- | For information about how and when to use
--   <tt>CloudFrontDefaultCertificate</tt> , see <a>ViewerCertificate</a> .
vcCloudFrontDefaultCertificate :: Lens' ViewerCertificate (Maybe Bool)
