import { IComGithubExternalSecretsExternalSecretsApisExternalsecretsV1AzureKVAuth } from "./AzureKVAuth.js";
import { IComGithubExternalSecretsExternalSecretsApisExternalsecretsV1AzureAuthType } from "./AzureAuthType.js";
import { IComGithubExternalSecretsExternalSecretsApisExternalsecretsV1AzureEnvironmentType } from "./AzureEnvironmentType.js";
import { IComGithubExternalSecretsExternalSecretsApisMetaV1ServiceAccountSelector } from "../../github.com/external-secrets/external-secrets/apis/meta/v1/ServiceAccountSelector.js";
import { ModelData, Model } from "@kubernetes-models/base";
/**
 * Configures an store to sync secrets using Azure KV.
 */
export interface IAzureKVProvider {
    /**
     * Auth configures how the operator authenticates with Azure. Required for ServicePrincipal auth type. Optional for WorkloadIdentity.
     */
    "authSecretRef"?: IComGithubExternalSecretsExternalSecretsApisExternalsecretsV1AzureKVAuth;
    /**
     * Auth type defines how to authenticate to the keyvault service.
     * Valid values are:
     * - "ServicePrincipal" (default): Using a service principal (tenantId, clientId, clientSecret)
     * - "ManagedIdentity": Using Managed Identity assigned to the pod (see aad-pod-identity)
     */
    "authType"?: IComGithubExternalSecretsExternalSecretsApisExternalsecretsV1AzureAuthType;
    /**
     * EnvironmentType specifies the Azure cloud environment endpoints to use for
     * connecting and authenticating with Azure. By default it points to the public cloud AAD endpoint.
     * The following endpoints are available, also see here: https://github.com/Azure/go-autorest/blob/main/autorest/azure/environments.go#L152
     * PublicCloud, USGovernmentCloud, ChinaCloud, GermanCloud
     */
    "environmentType"?: IComGithubExternalSecretsExternalSecretsApisExternalsecretsV1AzureEnvironmentType;
    /**
     * If multiple Managed Identity is assigned to the pod, you can select the one to be used
     */
    "identityId"?: string;
    /**
     * ServiceAccountRef specified the service account
     * that should be used when authenticating with WorkloadIdentity.
     */
    "serviceAccountRef"?: IComGithubExternalSecretsExternalSecretsApisMetaV1ServiceAccountSelector;
    /**
     * TenantID configures the Azure Tenant to send requests to. Required for ServicePrincipal auth type. Optional for WorkloadIdentity.
     */
    "tenantId"?: string;
    /**
     * Vault Url from which the secrets to be fetched from.
     */
    "vaultUrl": string;
}
/**
 * Configures an store to sync secrets using Azure KV.
 */
export declare class AzureKVProvider extends Model<IAzureKVProvider> implements IAzureKVProvider {
    "authSecretRef"?: IComGithubExternalSecretsExternalSecretsApisExternalsecretsV1AzureKVAuth;
    "authType"?: IComGithubExternalSecretsExternalSecretsApisExternalsecretsV1AzureAuthType;
    "environmentType"?: IComGithubExternalSecretsExternalSecretsApisExternalsecretsV1AzureEnvironmentType;
    "identityId"?: string;
    "serviceAccountRef"?: IComGithubExternalSecretsExternalSecretsApisMetaV1ServiceAccountSelector;
    "tenantId"?: string;
    "vaultUrl": string;
    constructor(data?: ModelData<IAzureKVProvider>);
}
export type { IAzureKVProvider as IComGithubExternalSecretsExternalSecretsApisExternalsecretsV1AzureKVProvider, AzureKVProvider as ComGithubExternalSecretsExternalSecretsApisExternalsecretsV1AzureKVProvider };