import * as pulumi from "@pulumi/pulumi";
import * as inputs from "../types/input";
import * as outputs from "../types/output";
/**
 * A `CryptoKeyVersion` represents an individual cryptographic key, and the associated key material.
 *
 * Destroying a cryptoKeyVersion will not delete the resource from the project.
 *
 * To get more information about CryptoKeyVersion, see:
 *
 * * [API documentation](https://cloud.google.com/kms/docs/reference/rest/v1/projects.locations.keyRings.cryptoKeys.cryptoKeyVersions)
 * * How-to Guides
 *     * [Creating a key Version](https://cloud.google.com/kms/docs/reference/rest/v1/projects.locations.keyRings.cryptoKeys.cryptoKeyVersions/create)
 *
 * ## Example Usage
 *
 * ### Kms Crypto Key Version Basic
 *
 * ```typescript
 * import * as pulumi from "@pulumi/pulumi";
 * import * as gcp from "@pulumi/gcp";
 *
 * const keyring = new gcp.kms.KeyRing("keyring", {
 *     name: "keyring-example",
 *     location: "global",
 * });
 * const cryptokey = new gcp.kms.CryptoKey("cryptokey", {
 *     name: "crypto-key-example",
 *     keyRing: keyring.id,
 *     rotationPeriod: "7776000s",
 * });
 * const example_key = new gcp.kms.CryptoKeyVersion("example-key", {cryptoKey: cryptokey.id});
 * ```
 *
 * ## Import
 *
 * CryptoKeyVersion can be imported using any of these accepted formats:
 *
 * * `{{name}}`
 *
 * When using the `pulumi import` command, CryptoKeyVersion can be imported using one of the formats above. For example:
 *
 * ```sh
 * $ pulumi import gcp:kms/cryptoKeyVersion:CryptoKeyVersion default {{name}}
 * ```
 */
export declare class CryptoKeyVersion extends pulumi.CustomResource {
    /**
     * Get an existing CryptoKeyVersion resource's state with the given name, ID, and optional extra
     * properties used to qualify the lookup.
     *
     * @param name The _unique_ name of the resulting resource.
     * @param id The _unique_ provider ID of the resource to lookup.
     * @param state Any extra arguments used during the lookup.
     * @param opts Optional settings to control the behavior of the CustomResource.
     */
    static get(name: string, id: pulumi.Input<pulumi.ID>, state?: CryptoKeyVersionState, opts?: pulumi.CustomResourceOptions): CryptoKeyVersion;
    /**
     * Returns true if the given object is an instance of CryptoKeyVersion.  This is designed to work even
     * when multiple copies of the Pulumi SDK have been loaded into the same process.
     */
    static isInstance(obj: any): obj is CryptoKeyVersion;
    /**
     * The CryptoKeyVersionAlgorithm that this CryptoKeyVersion supports.
     */
    readonly algorithm: pulumi.Output<string>;
    /**
     * Statement that was generated and signed by the HSM at key creation time. Use this statement to verify attributes of the key as stored on the HSM, independently of Google.
     * Only provided for key versions with protectionLevel HSM.
     * Structure is documented below.
     */
    readonly attestations: pulumi.Output<outputs.kms.CryptoKeyVersionAttestation[]>;
    /**
     * The name of the cryptoKey associated with the CryptoKeyVersions.
     * Format: `'projects/{{project}}/locations/{{location}}/keyRings/{{keyring}}/cryptoKeys/{{cryptoKey}}'`
     *
     *
     * - - -
     */
    readonly cryptoKey: pulumi.Output<string>;
    /**
     * ExternalProtectionLevelOptions stores a group of additional fields for configuring a CryptoKeyVersion that are specific to the EXTERNAL protection level and EXTERNAL_VPC protection levels.
     * Structure is documented below.
     */
    readonly externalProtectionLevelOptions: pulumi.Output<outputs.kms.CryptoKeyVersionExternalProtectionLevelOptions | undefined>;
    /**
     * The time this CryptoKeyVersion key material was generated
     */
    readonly generateTime: pulumi.Output<string>;
    /**
     * The resource name for this CryptoKeyVersion.
     */
    readonly name: pulumi.Output<string>;
    /**
     * The ProtectionLevel describing how crypto operations are performed with this CryptoKeyVersion.
     */
    readonly protectionLevel: pulumi.Output<string>;
    /**
     * The current state of the CryptoKeyVersion. Note: you can only specify this field to manually `ENABLE` or `DISABLE` the CryptoKeyVersion,
     * otherwise the value of this field is always retrieved automatically.
     * Possible values are: `PENDING_GENERATION`, `ENABLED`, `DISABLED`, `DESTROYED`, `DESTROY_SCHEDULED`, `PENDING_IMPORT`, `IMPORT_FAILED`.
     */
    readonly state: pulumi.Output<string>;
    /**
     * Create a CryptoKeyVersion resource with the given unique name, arguments, and options.
     *
     * @param name The _unique_ name of the resource.
     * @param args The arguments to use to populate this resource's properties.
     * @param opts A bag of options that control this resource's behavior.
     */
    constructor(name: string, args: CryptoKeyVersionArgs, opts?: pulumi.CustomResourceOptions);
}
/**
 * Input properties used for looking up and filtering CryptoKeyVersion resources.
 */
export interface CryptoKeyVersionState {
    /**
     * The CryptoKeyVersionAlgorithm that this CryptoKeyVersion supports.
     */
    algorithm?: pulumi.Input<string>;
    /**
     * Statement that was generated and signed by the HSM at key creation time. Use this statement to verify attributes of the key as stored on the HSM, independently of Google.
     * Only provided for key versions with protectionLevel HSM.
     * Structure is documented below.
     */
    attestations?: pulumi.Input<pulumi.Input<inputs.kms.CryptoKeyVersionAttestation>[]>;
    /**
     * The name of the cryptoKey associated with the CryptoKeyVersions.
     * Format: `'projects/{{project}}/locations/{{location}}/keyRings/{{keyring}}/cryptoKeys/{{cryptoKey}}'`
     *
     *
     * - - -
     */
    cryptoKey?: pulumi.Input<string>;
    /**
     * ExternalProtectionLevelOptions stores a group of additional fields for configuring a CryptoKeyVersion that are specific to the EXTERNAL protection level and EXTERNAL_VPC protection levels.
     * Structure is documented below.
     */
    externalProtectionLevelOptions?: pulumi.Input<inputs.kms.CryptoKeyVersionExternalProtectionLevelOptions>;
    /**
     * The time this CryptoKeyVersion key material was generated
     */
    generateTime?: pulumi.Input<string>;
    /**
     * The resource name for this CryptoKeyVersion.
     */
    name?: pulumi.Input<string>;
    /**
     * The ProtectionLevel describing how crypto operations are performed with this CryptoKeyVersion.
     */
    protectionLevel?: pulumi.Input<string>;
    /**
     * The current state of the CryptoKeyVersion. Note: you can only specify this field to manually `ENABLE` or `DISABLE` the CryptoKeyVersion,
     * otherwise the value of this field is always retrieved automatically.
     * Possible values are: `PENDING_GENERATION`, `ENABLED`, `DISABLED`, `DESTROYED`, `DESTROY_SCHEDULED`, `PENDING_IMPORT`, `IMPORT_FAILED`.
     */
    state?: pulumi.Input<string>;
}
/**
 * The set of arguments for constructing a CryptoKeyVersion resource.
 */
export interface CryptoKeyVersionArgs {
    /**
     * The name of the cryptoKey associated with the CryptoKeyVersions.
     * Format: `'projects/{{project}}/locations/{{location}}/keyRings/{{keyring}}/cryptoKeys/{{cryptoKey}}'`
     *
     *
     * - - -
     */
    cryptoKey: pulumi.Input<string>;
    /**
     * ExternalProtectionLevelOptions stores a group of additional fields for configuring a CryptoKeyVersion that are specific to the EXTERNAL protection level and EXTERNAL_VPC protection levels.
     * Structure is documented below.
     */
    externalProtectionLevelOptions?: pulumi.Input<inputs.kms.CryptoKeyVersionExternalProtectionLevelOptions>;
    /**
     * The current state of the CryptoKeyVersion. Note: you can only specify this field to manually `ENABLE` or `DISABLE` the CryptoKeyVersion,
     * otherwise the value of this field is always retrieved automatically.
     * Possible values are: `PENDING_GENERATION`, `ENABLED`, `DISABLED`, `DESTROYED`, `DESTROY_SCHEDULED`, `PENDING_IMPORT`, `IMPORT_FAILED`.
     */
    state?: pulumi.Input<string>;
}