import { aws_apigateway as apigateway, aws_ec2 as ec2, aws_elasticloadbalancingv2 as elb, aws_route53 as route53 } from "aws-cdk-lib";
import { IVpc, SubnetSelection } from "aws-cdk-lib/aws-ec2";
import { Construct } from "constructs";
/**
 * Properties for InternalService
 */
export interface InternalServiceProps {
    /**
     * VPC attached to the application load balancer.
     */
    readonly vpc: IVpc;
    /**
     * Subnets attached to the application load balancer.
     */
    readonly subnetSelection: SubnetSelection;
    /**
     * VPC endpoint ip addresses attached to the load balancer`s target group
     */
    readonly vpcEndpointIPAddresses: Array<string>;
    /**
     * List of alternative domains attached to the solution.
     */
    readonly subjectAlternativeNames: string[];
    /**
     * Subdomain attached to hosted zone name.
     */
    readonly subDomain: string;
    /**
     * Hosted zone that will be used for the custom domain.
     */
    readonly hostedZone: route53.IHostedZone;
    /**
     * SSLPolicy attached to the load balancer listener.
     *
     * @default elb.SslPolicy.FORWARD_SECRECY_TLS12_RES_GCM
     */
    readonly loadBalancerListenerSSLPolicy?: elb.SslPolicy;
    /**
     * SSLPolicy attached to the apigateway custom domain.
     *
     * @default apigateway.SslPolicy.TLS_1_2
     */
    readonly customDomainSSLPolicy?: apigateway.SecurityPolicy;
    /**
     * Use a custom security group used for the load balancer.
     * By default, a security group will be created with inbound access to the typical private network CIDR ranges 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16 and port 443.
     * Any inbound access (0.0.0.0/0) is blocked by default to follow AWS best practices for security.
     * Outbound traffic is allowed to all destinations.
     */
    readonly loadBalancerSecurityGroup?: ec2.ISecurityGroup;
    /**
     * Enable or disable access logs for the load balancer to follow AWS best practices for security.
     *
     * @default true
     */
    readonly enableLoadBalancerAccessLogs?: boolean;
    /**
     * Add load balancer redirect from port 80 to 443.
     *
     * @default true
     */
    readonly addLoadBalancerRedirect?: boolean;
}
export declare class InternalService extends Construct {
    /**
     * List of domains created by the internal service stack and shared with the api gateway stack.
     */
    readonly domains: apigateway.IDomainName[];
    /**
     * The application load balancer created by the internal service stack.
     */
    readonly applicationLoadBalancer: elb.ApplicationLoadBalancer;
    constructor(scope: Construct, id: string, props: InternalServiceProps);
}