import * as pulumi from "@pulumi/pulumi";
import * as inputs from "../types/input";
import * as outputs from "../types/output";
/**
 * Manages a Key Vault Managed Hardware Security Module Role Definition. This resource works together with Managed hardware security module resource.
 *
 * ## Example Usage
 *
 * ```typescript
 * import * as pulumi from "@pulumi/pulumi";
 * import * as azure from "@pulumi/azure";
 *
 * const example = new azure.keyvault.ManagedHardwareSecurityModule("example", {
 *     name: "example",
 *     resourceGroupName: exampleAzurermResourceGroup.name,
 *     location: exampleAzurermResourceGroup.location,
 *     skuName: "Standard_B1",
 *     tenantId: current.tenantId,
 *     adminObjectIds: [current.objectId],
 *     purgeProtectionEnabled: false,
 *     activeConfig: [{
 *         securityDomainCertificate: [
 *             cert[0].id,
 *             cert[1].id,
 *             cert[2].id,
 *         ],
 *         securityDomainQuorum: 2,
 *     }],
 * });
 * const exampleManagedHardwareSecurityModuleRoleDefinition = new azure.keyvault.ManagedHardwareSecurityModuleRoleDefinition("example", {
 *     name: "7d206142-bf01-11ed-80bc-00155d61ee9e",
 *     managedHsmId: example.id,
 *     description: "desc foo",
 *     permissions: [{
 *         dataActions: ["Microsoft.KeyVault/managedHsm/keys/read/action"],
 *     }],
 * });
 * ```
 *
 * ## Import
 *
 * Key Vault Managed Hardware Security Module Role Definitions can be imported using the `resource id`, e.g.
 *
 * ```sh
 * $ pulumi import azure:keyvault/managedHardwareSecurityModuleRoleDefinition:ManagedHardwareSecurityModuleRoleDefinition example https://0000.managedhsm.azure.net///RoleDefinition/00000000-0000-0000-0000-000000000000
 * ```
 */
export declare class ManagedHardwareSecurityModuleRoleDefinition extends pulumi.CustomResource {
    /**
     * Get an existing ManagedHardwareSecurityModuleRoleDefinition resource's state with the given name, ID, and optional extra
     * properties used to qualify the lookup.
     *
     * @param name The _unique_ name of the resulting resource.
     * @param id The _unique_ provider ID of the resource to lookup.
     * @param state Any extra arguments used during the lookup.
     * @param opts Optional settings to control the behavior of the CustomResource.
     */
    static get(name: string, id: pulumi.Input<pulumi.ID>, state?: ManagedHardwareSecurityModuleRoleDefinitionState, opts?: pulumi.CustomResourceOptions): ManagedHardwareSecurityModuleRoleDefinition;
    /**
     * Returns true if the given object is an instance of ManagedHardwareSecurityModuleRoleDefinition.  This is designed to work even
     * when multiple copies of the Pulumi SDK have been loaded into the same process.
     */
    static isInstance(obj: any): obj is ManagedHardwareSecurityModuleRoleDefinition;
    /**
     * Specifies a text description about this Key Vault Managed Hardware Security Module Role Definition.
     */
    readonly description: pulumi.Output<string | undefined>;
    /**
     * The ID of the Key Vault Managed Hardware Security Module. Changing this forces a new Key Vault Managed Hardware Security Module Role Definition to be created.
     */
    readonly managedHsmId: pulumi.Output<string>;
    /**
     * The name in UUID notation of this Key Vault Managed Hardware Security Module Role Definition. Changing this forces a new Key Vault Managed Hardware Security Module Role Definition to be created.
     */
    readonly name: pulumi.Output<string>;
    /**
     * One or more `permission` blocks as defined below.
     */
    readonly permissions: pulumi.Output<outputs.keyvault.ManagedHardwareSecurityModuleRoleDefinitionPermission[] | undefined>;
    /**
     * The ID of the role definition resource without Key Vault base URL.
     */
    readonly resourceManagerId: pulumi.Output<string>;
    /**
     * Specify a display name for this Key Vault Managed Hardware Security Module Role Definition.
     */
    readonly roleName: pulumi.Output<string | undefined>;
    /**
     * The type of the role definition. Possible values are `AKVBuiltInRole` and `CustomRole`.
     */
    readonly roleType: pulumi.Output<string>;
    /**
     * Create a ManagedHardwareSecurityModuleRoleDefinition resource with the given unique name, arguments, and options.
     *
     * @param name The _unique_ name of the resource.
     * @param args The arguments to use to populate this resource's properties.
     * @param opts A bag of options that control this resource's behavior.
     */
    constructor(name: string, args: ManagedHardwareSecurityModuleRoleDefinitionArgs, opts?: pulumi.CustomResourceOptions);
}
/**
 * Input properties used for looking up and filtering ManagedHardwareSecurityModuleRoleDefinition resources.
 */
export interface ManagedHardwareSecurityModuleRoleDefinitionState {
    /**
     * Specifies a text description about this Key Vault Managed Hardware Security Module Role Definition.
     */
    description?: pulumi.Input<string>;
    /**
     * The ID of the Key Vault Managed Hardware Security Module. Changing this forces a new Key Vault Managed Hardware Security Module Role Definition to be created.
     */
    managedHsmId?: pulumi.Input<string>;
    /**
     * The name in UUID notation of this Key Vault Managed Hardware Security Module Role Definition. Changing this forces a new Key Vault Managed Hardware Security Module Role Definition to be created.
     */
    name?: pulumi.Input<string>;
    /**
     * One or more `permission` blocks as defined below.
     */
    permissions?: pulumi.Input<pulumi.Input<inputs.keyvault.ManagedHardwareSecurityModuleRoleDefinitionPermission>[]>;
    /**
     * The ID of the role definition resource without Key Vault base URL.
     */
    resourceManagerId?: pulumi.Input<string>;
    /**
     * Specify a display name for this Key Vault Managed Hardware Security Module Role Definition.
     */
    roleName?: pulumi.Input<string>;
    /**
     * The type of the role definition. Possible values are `AKVBuiltInRole` and `CustomRole`.
     */
    roleType?: pulumi.Input<string>;
}
/**
 * The set of arguments for constructing a ManagedHardwareSecurityModuleRoleDefinition resource.
 */
export interface ManagedHardwareSecurityModuleRoleDefinitionArgs {
    /**
     * Specifies a text description about this Key Vault Managed Hardware Security Module Role Definition.
     */
    description?: pulumi.Input<string>;
    /**
     * The ID of the Key Vault Managed Hardware Security Module. Changing this forces a new Key Vault Managed Hardware Security Module Role Definition to be created.
     */
    managedHsmId: pulumi.Input<string>;
    /**
     * The name in UUID notation of this Key Vault Managed Hardware Security Module Role Definition. Changing this forces a new Key Vault Managed Hardware Security Module Role Definition to be created.
     */
    name?: pulumi.Input<string>;
    /**
     * One or more `permission` blocks as defined below.
     */
    permissions?: pulumi.Input<pulumi.Input<inputs.keyvault.ManagedHardwareSecurityModuleRoleDefinitionPermission>[]>;
    /**
     * Specify a display name for this Key Vault Managed Hardware Security Module Role Definition.
     */
    roleName?: pulumi.Input<string>;
}