import * as pulumi from "@pulumi/pulumi";
/**
 * Manages the VPC Service Controls configuration for a service
 * networking connection
 *
 * When enabled, Google Cloud makes the following
 * route configuration changes in the service producer VPC network:
 * - Removes the IPv4 default route (destination 0.0.0.0/0,
 *   next hop default internet gateway), Google Cloud then creates an
 *   IPv4 route for destination 199.36.153.4/30 using the default
 *   internet gateway next hop.
 * - Creates Cloud DNS managed private zones and authorizes those zones
 *   for the service producer VPC network. The zones include
 *   googleapis.com, gcr.io, pkg.dev, notebooks.cloud.google.com,
 *   kernels.googleusercontent.com, backupdr.cloud.google.com, and
 *   backupdr.googleusercontent.com as necessary domains or host names
 *   for Google APIs and services that are compatible with VPC Service
 *   Controls. Record data in the zones resolves all host names to
 *   199.36.153.4, 199.36.153.5, 199.36.153.6, and 199.36.153.7.
 *
 * When disabled, Google Cloud makes the following route configuration
 * changes in the service producer VPC network:
 * - Restores a default route (destination 0.0.0.0/0, next hop default
 *   internet gateway)
 * - Deletes the Cloud DNS managed private zones that provided the host
 *   name overrides.
 *
 * To get more information about VPCServiceControls, see:
 *
 * * [API documentation](https://cloud.google.com/service-infrastructure/docs/service-networking/reference/rest/v1/services)
 * * How-to Guides
 *     * [Enable VPC Service Controls for service networking](https://cloud.google.com/sdk/gcloud/reference/services/vpc-peerings/enable-vpc-service-controls)
 *     * [Private Google Access with VPC Service Controls](https://cloud.google.com/vpc-service-controls/docs/private-connectivity)
 *     * [Set up private connectivity to Google APIs and services](https://cloud.google.com/vpc-service-controls/docs/set-up-private-connectivity)
 *
 * > **Note:** Destroying a `gcp.servicenetworking.VpcServiceControls`
 * resource will remove it from state, but will not change the
 * underlying VPC Service Controls configuration for the service
 * producer network.
 *
 * ## Example Usage
 *
 * ### Service Networking Vpc Service Controls Basic
 *
 * ```typescript
 * import * as pulumi from "@pulumi/pulumi";
 * import * as gcp from "@pulumi/gcp";
 *
 * // Create a VPC
 * const _default = new gcp.compute.Network("default", {name: "example-network"});
 * // Create an IP address
 * const defaultGlobalAddress = new gcp.compute.GlobalAddress("default", {
 *     name: "psa-range",
 *     purpose: "VPC_PEERING",
 *     addressType: "INTERNAL",
 *     prefixLength: 16,
 *     network: _default.id,
 * });
 * // Create a private connection
 * const defaultConnection = new gcp.servicenetworking.Connection("default", {
 *     network: _default.id,
 *     service: "servicenetworking.googleapis.com",
 *     reservedPeeringRanges: [defaultGlobalAddress.name],
 * });
 * // Enable VPC-SC on the producer network
 * const defaultVpcServiceControls = new gcp.servicenetworking.VpcServiceControls("default", {
 *     network: _default.name,
 *     service: "servicenetworking.googleapis.com",
 *     enabled: true,
 * }, {
 *     dependsOn: [defaultConnection],
 * });
 * ```
 *
 * ## Import
 *
 * VPCServiceControls can be imported using any of these accepted formats:
 *
 * * `services/{{service}}/projects/{{project}}/networks/{{network}}`
 *
 * * `{{service}}/{{project}}/{{network}}`
 *
 * * `{{service}}/{{network}}`
 *
 * When using the `pulumi import` command, VPCServiceControls can be imported using one of the formats above. For example:
 *
 * ```sh
 * $ pulumi import gcp:servicenetworking/vpcServiceControls:VpcServiceControls default services/{{service}}/projects/{{project}}/networks/{{network}}
 * ```
 *
 * ```sh
 * $ pulumi import gcp:servicenetworking/vpcServiceControls:VpcServiceControls default {{service}}/{{project}}/{{network}}
 * ```
 *
 * ```sh
 * $ pulumi import gcp:servicenetworking/vpcServiceControls:VpcServiceControls default {{service}}/{{network}}
 * ```
 */
export declare class VpcServiceControls extends pulumi.CustomResource {
    /**
     * Get an existing VpcServiceControls resource's state with the given name, ID, and optional extra
     * properties used to qualify the lookup.
     *
     * @param name The _unique_ name of the resulting resource.
     * @param id The _unique_ provider ID of the resource to lookup.
     * @param state Any extra arguments used during the lookup.
     * @param opts Optional settings to control the behavior of the CustomResource.
     */
    static get(name: string, id: pulumi.Input<pulumi.ID>, state?: VpcServiceControlsState, opts?: pulumi.CustomResourceOptions): VpcServiceControls;
    /**
     * Returns true if the given object is an instance of VpcServiceControls.  This is designed to work even
     * when multiple copies of the Pulumi SDK have been loaded into the same process.
     */
    static isInstance(obj: any): obj is VpcServiceControls;
    /**
     * Desired VPC Service Controls state service producer VPC network, as
     * described at the top of this page.
     */
    readonly enabled: pulumi.Output<boolean>;
    /**
     * The network that the consumer is using to connect with services.
     */
    readonly network: pulumi.Output<string>;
    /**
     * The id of the Google Cloud project containing the consumer network.
     */
    readonly project: pulumi.Output<string | undefined>;
    /**
     * The service that is managing peering connectivity for a service
     * producer's organization. For Google services that support this
     * functionality, this value is `servicenetworking.googleapis.com`.
     *
     *
     * - - -
     */
    readonly service: pulumi.Output<string>;
    /**
     * Create a VpcServiceControls resource with the given unique name, arguments, and options.
     *
     * @param name The _unique_ name of the resource.
     * @param args The arguments to use to populate this resource's properties.
     * @param opts A bag of options that control this resource's behavior.
     */
    constructor(name: string, args: VpcServiceControlsArgs, opts?: pulumi.CustomResourceOptions);
}
/**
 * Input properties used for looking up and filtering VpcServiceControls resources.
 */
export interface VpcServiceControlsState {
    /**
     * Desired VPC Service Controls state service producer VPC network, as
     * described at the top of this page.
     */
    enabled?: pulumi.Input<boolean>;
    /**
     * The network that the consumer is using to connect with services.
     */
    network?: pulumi.Input<string>;
    /**
     * The id of the Google Cloud project containing the consumer network.
     */
    project?: pulumi.Input<string>;
    /**
     * The service that is managing peering connectivity for a service
     * producer's organization. For Google services that support this
     * functionality, this value is `servicenetworking.googleapis.com`.
     *
     *
     * - - -
     */
    service?: pulumi.Input<string>;
}
/**
 * The set of arguments for constructing a VpcServiceControls resource.
 */
export interface VpcServiceControlsArgs {
    /**
     * Desired VPC Service Controls state service producer VPC network, as
     * described at the top of this page.
     */
    enabled: pulumi.Input<boolean>;
    /**
     * The network that the consumer is using to connect with services.
     */
    network: pulumi.Input<string>;
    /**
     * The id of the Google Cloud project containing the consumer network.
     */
    project?: pulumi.Input<string>;
    /**
     * The service that is managing peering connectivity for a service
     * producer's organization. For Google services that support this
     * functionality, this value is `servicenetworking.googleapis.com`.
     *
     *
     * - - -
     */
    service: pulumi.Input<string>;
}