import * as pulumi from "@pulumi/pulumi";
import * as inputs from "../types/input";
import * as outputs from "../types/output";
/**
 * Some security policies are preset for common scenarios. If the system preset policies do not meet your needs, you can also customize security policies
 *
 * ## Example Usage
 *
 * ```typescript
 * import * as pulumi from "@pulumi/pulumi";
 * import * as volcenginecc from "@volcengine/pulumi-volcenginecc";
 *
 * const cLBNLBSecurityPolicyDemo = new volcenginecc.clb.NlbSecurityPolicy("CLBNLBSecurityPolicyDemo", {
 *     ciphers: [
 *         "TLS_AES_128_CCM_SHA256",
 *         "TLS_AES_128_GCM_SHA256",
 *     ],
 *     projectName: "default",
 *     securityPolicyName: "ccapi-test-1",
 *     tags: [{
 *         key: "env",
 *         value: "test",
 *     }],
 *     tlsVersions: ["TLSv1.3"],
 * });
 * ```
 *
 * ## Import
 *
 * ```sh
 * $ pulumi import volcenginecc:clb/nlbSecurityPolicy:NlbSecurityPolicy example "security_policy_id"
 * ```
 */
export declare class NlbSecurityPolicy extends pulumi.CustomResource {
    /**
     * Get an existing NlbSecurityPolicy resource's state with the given name, ID, and optional extra
     * properties used to qualify the lookup.
     *
     * @param name The _unique_ name of the resulting resource.
     * @param id The _unique_ provider ID of the resource to lookup.
     * @param state Any extra arguments used during the lookup.
     * @param opts Optional settings to control the behavior of the CustomResource.
     */
    static get(name: string, id: pulumi.Input<pulumi.ID>, state?: NlbSecurityPolicyState, opts?: pulumi.CustomResourceOptions): NlbSecurityPolicy;
    /**
     * Returns true if the given object is an instance of NlbSecurityPolicy.  This is designed to work even
     * when multiple copies of the Pulumi SDK have been loaded into the same process.
     */
    static isInstance(obj: any): obj is NlbSecurityPolicy;
    /**
     * Account ID associated with the TLS security policy
     */
    readonly accountId: pulumi.Output<string>;
    /**
     * Cipher suites for the TLS custom security policy. Supported cipher suites for different TLS protocol versions are as follows: TLSv1.0 & TLSv1.1: ECDHE-ECDSA-AES128-SHA, ECDHE-ECDSA-AES256-SHA, ECDHE-RSA-AES128-SHA, ECDHE-RSA-AES256-SHA, AES128-SHA, AES256-SHA, DES-CBC3-SHA. TLSv1.2: ECDHE-ECDSA-AES128-GCM-SHA256, ECDHE-ECDSA-AES256-GCM-SHA384, ECDHE-ECDSA-AES128-SHA256, ECDHE-ECDSA-AES256-SHA384, ECDHE-RSA-AES128-GCM-SHA256, ECDHE-RSA-AES256-GCM-SHA384, ECDHE-RSA-AES128-SHA256, ECDHE-RSA-AES256-SHA384, AES128-GCM-SHA256, AES256-GCM-SHA384, AES128-SHA256, AES256-SHA256. TLSv1.3: TLS*CHACHA20*POLY1305*SHA256, TLS*AES*256*GCM*SHA384, TLS*AES*128*GCM*SHA256, TLS*AES*128*CCM*8*SHA256, TLS*AES*128*CCM*SHA256, TLS*SM4*GCM*SM3, TLS*SM4*CCM*SM3. When specifying this parameter, you must provide all supported cipher suites. Adding or removing cipher suites individually is not supported via this interface. If only Ciphers.N is provided and TlsVersions.N is not, validation is based on the TLS protocol versions supported by the current listener and the cipher suites specified in the request. If both TlsVersions.N and Ciphers.N are provided, validation is based on the TLS protocol versions and cipher suites specified in the request. TLS*SM4*GCM*SM3 and TLS*SM4*CCM*SM3 are currently in pilot testing. To request access, please contact your account manager
     */
    readonly ciphers: pulumi.Output<string[]>;
    /**
     * Creation time
     */
    readonly createdTime: pulumi.Output<string>;
    /**
     * Name of the project to which the TLS custom security policy belongs. If not specified, defaults to default
     */
    readonly projectName: pulumi.Output<string>;
    /**
     * Listener associated with the TLS security policy
     */
    readonly relatedListenerIds: pulumi.Output<string[]>;
    /**
     * Security policy ID
     */
    readonly securityPolicyId: pulumi.Output<string>;
    /**
     * Security policy name. Must start with a letter, number, or Chinese character, and can include the following special characters: period (.), underscore (_), and hyphen (-). Length must be between 1 and 128 characters. If this parameter is not specified, defaults to the policy ID
     */
    readonly securityPolicyName: pulumi.Output<string>;
    /**
     * TLS custom security policy status. Creating: Being created. Configuring: Being configured. Active: Active. Deleting: Being deleted.
     */
    readonly status: pulumi.Output<string>;
    readonly tags: pulumi.Output<outputs.clb.NlbSecurityPolicyTag[]>;
    /**
     * Update the TLS protocol versions for the TLS custom security policy. Valid values: TLSv1.0, TLSv1.1, TLSv1.2, TLSv1.3. When specifying this parameter, you must provide all supported TLS versions. Adding or removing TLS protocol versions individually is not supported via this interface. If only TlsVersions.N is provided and Ciphers.N is not, validation is based on the TLS protocol versions in the request and the cipher suites supported by the current listener. If both TlsVersions.N and Ciphers.N are provided, validation is based on the TLS protocol versions and cipher suites specified in the request
     */
    readonly tlsVersions: pulumi.Output<string[]>;
    /**
     * Update time
     */
    readonly updatedTime: pulumi.Output<string>;
    /**
     * Create a NlbSecurityPolicy resource with the given unique name, arguments, and options.
     *
     * @param name The _unique_ name of the resource.
     * @param args The arguments to use to populate this resource's properties.
     * @param opts A bag of options that control this resource's behavior.
     */
    constructor(name: string, args: NlbSecurityPolicyArgs, opts?: pulumi.CustomResourceOptions);
}
/**
 * Input properties used for looking up and filtering NlbSecurityPolicy resources.
 */
export interface NlbSecurityPolicyState {
    /**
     * Account ID associated with the TLS security policy
     */
    accountId?: pulumi.Input<string>;
    /**
     * Cipher suites for the TLS custom security policy. Supported cipher suites for different TLS protocol versions are as follows: TLSv1.0 & TLSv1.1: ECDHE-ECDSA-AES128-SHA, ECDHE-ECDSA-AES256-SHA, ECDHE-RSA-AES128-SHA, ECDHE-RSA-AES256-SHA, AES128-SHA, AES256-SHA, DES-CBC3-SHA. TLSv1.2: ECDHE-ECDSA-AES128-GCM-SHA256, ECDHE-ECDSA-AES256-GCM-SHA384, ECDHE-ECDSA-AES128-SHA256, ECDHE-ECDSA-AES256-SHA384, ECDHE-RSA-AES128-GCM-SHA256, ECDHE-RSA-AES256-GCM-SHA384, ECDHE-RSA-AES128-SHA256, ECDHE-RSA-AES256-SHA384, AES128-GCM-SHA256, AES256-GCM-SHA384, AES128-SHA256, AES256-SHA256. TLSv1.3: TLS*CHACHA20*POLY1305*SHA256, TLS*AES*256*GCM*SHA384, TLS*AES*128*GCM*SHA256, TLS*AES*128*CCM*8*SHA256, TLS*AES*128*CCM*SHA256, TLS*SM4*GCM*SM3, TLS*SM4*CCM*SM3. When specifying this parameter, you must provide all supported cipher suites. Adding or removing cipher suites individually is not supported via this interface. If only Ciphers.N is provided and TlsVersions.N is not, validation is based on the TLS protocol versions supported by the current listener and the cipher suites specified in the request. If both TlsVersions.N and Ciphers.N are provided, validation is based on the TLS protocol versions and cipher suites specified in the request. TLS*SM4*GCM*SM3 and TLS*SM4*CCM*SM3 are currently in pilot testing. To request access, please contact your account manager
     */
    ciphers?: pulumi.Input<pulumi.Input<string>[]>;
    /**
     * Creation time
     */
    createdTime?: pulumi.Input<string>;
    /**
     * Name of the project to which the TLS custom security policy belongs. If not specified, defaults to default
     */
    projectName?: pulumi.Input<string>;
    /**
     * Listener associated with the TLS security policy
     */
    relatedListenerIds?: pulumi.Input<pulumi.Input<string>[]>;
    /**
     * Security policy ID
     */
    securityPolicyId?: pulumi.Input<string>;
    /**
     * Security policy name. Must start with a letter, number, or Chinese character, and can include the following special characters: period (.), underscore (_), and hyphen (-). Length must be between 1 and 128 characters. If this parameter is not specified, defaults to the policy ID
     */
    securityPolicyName?: pulumi.Input<string>;
    /**
     * TLS custom security policy status. Creating: Being created. Configuring: Being configured. Active: Active. Deleting: Being deleted.
     */
    status?: pulumi.Input<string>;
    tags?: pulumi.Input<pulumi.Input<inputs.clb.NlbSecurityPolicyTag>[]>;
    /**
     * Update the TLS protocol versions for the TLS custom security policy. Valid values: TLSv1.0, TLSv1.1, TLSv1.2, TLSv1.3. When specifying this parameter, you must provide all supported TLS versions. Adding or removing TLS protocol versions individually is not supported via this interface. If only TlsVersions.N is provided and Ciphers.N is not, validation is based on the TLS protocol versions in the request and the cipher suites supported by the current listener. If both TlsVersions.N and Ciphers.N are provided, validation is based on the TLS protocol versions and cipher suites specified in the request
     */
    tlsVersions?: pulumi.Input<pulumi.Input<string>[]>;
    /**
     * Update time
     */
    updatedTime?: pulumi.Input<string>;
}
/**
 * The set of arguments for constructing a NlbSecurityPolicy resource.
 */
export interface NlbSecurityPolicyArgs {
    /**
     * Cipher suites for the TLS custom security policy. Supported cipher suites for different TLS protocol versions are as follows: TLSv1.0 & TLSv1.1: ECDHE-ECDSA-AES128-SHA, ECDHE-ECDSA-AES256-SHA, ECDHE-RSA-AES128-SHA, ECDHE-RSA-AES256-SHA, AES128-SHA, AES256-SHA, DES-CBC3-SHA. TLSv1.2: ECDHE-ECDSA-AES128-GCM-SHA256, ECDHE-ECDSA-AES256-GCM-SHA384, ECDHE-ECDSA-AES128-SHA256, ECDHE-ECDSA-AES256-SHA384, ECDHE-RSA-AES128-GCM-SHA256, ECDHE-RSA-AES256-GCM-SHA384, ECDHE-RSA-AES128-SHA256, ECDHE-RSA-AES256-SHA384, AES128-GCM-SHA256, AES256-GCM-SHA384, AES128-SHA256, AES256-SHA256. TLSv1.3: TLS*CHACHA20*POLY1305*SHA256, TLS*AES*256*GCM*SHA384, TLS*AES*128*GCM*SHA256, TLS*AES*128*CCM*8*SHA256, TLS*AES*128*CCM*SHA256, TLS*SM4*GCM*SM3, TLS*SM4*CCM*SM3. When specifying this parameter, you must provide all supported cipher suites. Adding or removing cipher suites individually is not supported via this interface. If only Ciphers.N is provided and TlsVersions.N is not, validation is based on the TLS protocol versions supported by the current listener and the cipher suites specified in the request. If both TlsVersions.N and Ciphers.N are provided, validation is based on the TLS protocol versions and cipher suites specified in the request. TLS*SM4*GCM*SM3 and TLS*SM4*CCM*SM3 are currently in pilot testing. To request access, please contact your account manager
     */
    ciphers: pulumi.Input<pulumi.Input<string>[]>;
    /**
     * Name of the project to which the TLS custom security policy belongs. If not specified, defaults to default
     */
    projectName?: pulumi.Input<string>;
    /**
     * Security policy name. Must start with a letter, number, or Chinese character, and can include the following special characters: period (.), underscore (_), and hyphen (-). Length must be between 1 and 128 characters. If this parameter is not specified, defaults to the policy ID
     */
    securityPolicyName?: pulumi.Input<string>;
    tags?: pulumi.Input<pulumi.Input<inputs.clb.NlbSecurityPolicyTag>[]>;
    /**
     * Update the TLS protocol versions for the TLS custom security policy. Valid values: TLSv1.0, TLSv1.1, TLSv1.2, TLSv1.3. When specifying this parameter, you must provide all supported TLS versions. Adding or removing TLS protocol versions individually is not supported via this interface. If only TlsVersions.N is provided and Ciphers.N is not, validation is based on the TLS protocol versions in the request and the cipher suites supported by the current listener. If both TlsVersions.N and Ciphers.N are provided, validation is based on the TLS protocol versions and cipher suites specified in the request
     */
    tlsVersions: pulumi.Input<pulumi.Input<string>[]>;
}