import * as pulumi from "@pulumi/pulumi";
/**
 * Provides an OpenSearch security user. Please refer to the OpenSearch Access Control documentation for details.
 *
 * ## Example Usage
 *
 * ```typescript
 * import * as pulumi from "@pulumi/pulumi";
 * import * as opensearch from "@piclemx/pulumi-opensearch";
 *
 * // Create a user
 * const mapper = new opensearch.User("mapper", {
 *     username: "app-reasdder",
 *     password: "SuperSekret123!",
 *     description: "a reader role for our app",
 * });
 * // And a full user, role and role mapping example:
 * const readerRole = new opensearch.Role("readerRole", {
 *     roleName: "app_reader",
 *     description: "App Reader Role",
 *     indexPermissions: [{
 *         indexPatterns: ["app-*"],
 *         allowedActions: [
 *             "get",
 *             "read",
 *             "search",
 *         ],
 *     }],
 * });
 * const readerUser = new opensearch.User("readerUser", {
 *     username: "app-reader",
 *     password: _var.password,
 * });
 * const readerRolesMapping = new opensearch.RolesMapping("readerRolesMapping", {
 *     roleName: readerRole.id,
 *     description: "App Reader Role",
 *     users: [readerUser.id],
 * });
 * ```
 *
 * ## Import
 *
 * ```sh
 *  $ pulumi import opensearch:index/user:User reader app_reader
 * ```
 */
export declare class User extends pulumi.CustomResource {
    /**
     * Get an existing User resource's state with the given name, ID, and optional extra
     * properties used to qualify the lookup.
     *
     * @param name The _unique_ name of the resulting resource.
     * @param id The _unique_ provider ID of the resource to lookup.
     * @param state Any extra arguments used during the lookup.
     * @param opts Optional settings to control the behavior of the CustomResource.
     */
    static get(name: string, id: pulumi.Input<pulumi.ID>, state?: UserState, opts?: pulumi.CustomResourceOptions): User;
    /**
     * Returns true if the given object is an instance of User.  This is designed to work even
     * when multiple copies of the Pulumi SDK have been loaded into the same process.
     */
    static isInstance(obj: any): obj is User;
    /**
     * A map of arbitrary key value string pairs stored alongside of users.
     */
    readonly attributes: pulumi.Output<{
        [key: string]: string;
    } | undefined>;
    /**
     * A list of backend roles.
     */
    readonly backendRoles: pulumi.Output<string[] | undefined>;
    /**
     * Description of the user.
     */
    readonly description: pulumi.Output<string | undefined>;
    /**
     * The plain text password for the user, cannot be specified with `passwordHash`. Some implementations may enforce a password policy. Invalid passwords may cause a non-descriptive HTTP 400 Bad Request error. For AWS OpenSearch domains "password must be at least 8 characters long and contain at least one uppercase letter, one lowercase letter, one digit, and one special character".
     */
    readonly password: pulumi.Output<string | undefined>;
    /**
     * The pre-hashed password for the user, cannot be specified with `password`.
     */
    readonly passwordHash: pulumi.Output<string | undefined>;
    /**
     * The name of the security user.
     */
    readonly username: pulumi.Output<string>;
    /**
     * Create a User resource with the given unique name, arguments, and options.
     *
     * @param name The _unique_ name of the resource.
     * @param args The arguments to use to populate this resource's properties.
     * @param opts A bag of options that control this resource's behavior.
     */
    constructor(name: string, args: UserArgs, opts?: pulumi.CustomResourceOptions);
}
/**
 * Input properties used for looking up and filtering User resources.
 */
export interface UserState {
    /**
     * A map of arbitrary key value string pairs stored alongside of users.
     */
    attributes?: pulumi.Input<{
        [key: string]: pulumi.Input<string>;
    }>;
    /**
     * A list of backend roles.
     */
    backendRoles?: pulumi.Input<pulumi.Input<string>[]>;
    /**
     * Description of the user.
     */
    description?: pulumi.Input<string>;
    /**
     * The plain text password for the user, cannot be specified with `passwordHash`. Some implementations may enforce a password policy. Invalid passwords may cause a non-descriptive HTTP 400 Bad Request error. For AWS OpenSearch domains "password must be at least 8 characters long and contain at least one uppercase letter, one lowercase letter, one digit, and one special character".
     */
    password?: pulumi.Input<string>;
    /**
     * The pre-hashed password for the user, cannot be specified with `password`.
     */
    passwordHash?: pulumi.Input<string>;
    /**
     * The name of the security user.
     */
    username?: pulumi.Input<string>;
}
/**
 * The set of arguments for constructing a User resource.
 */
export interface UserArgs {
    /**
     * A map of arbitrary key value string pairs stored alongside of users.
     */
    attributes?: pulumi.Input<{
        [key: string]: pulumi.Input<string>;
    }>;
    /**
     * A list of backend roles.
     */
    backendRoles?: pulumi.Input<pulumi.Input<string>[]>;
    /**
     * Description of the user.
     */
    description?: pulumi.Input<string>;
    /**
     * The plain text password for the user, cannot be specified with `passwordHash`. Some implementations may enforce a password policy. Invalid passwords may cause a non-descriptive HTTP 400 Bad Request error. For AWS OpenSearch domains "password must be at least 8 characters long and contain at least one uppercase letter, one lowercase letter, one digit, and one special character".
     */
    password?: pulumi.Input<string>;
    /**
     * The pre-hashed password for the user, cannot be specified with `password`.
     */
    passwordHash?: pulumi.Input<string>;
    /**
     * The name of the security user.
     */
    username: pulumi.Input<string>;
}
