import * as pulumi from "@pulumi/pulumi";
import * as inputs from "./types/input";
import * as outputs from "./types/output";
/**
 * Configuration to manage external JSON Web Token (JWT) Issuers for authentication to the CockroachDB Cloud API.
 *
 * ## Import
 *
 * JWT Issuer ID can be found by running a GET against the Cockroach Cloud API to
 *
 * list all existing JWT issuers.
 *
 * https://www.cockroachlabs.com/docs/api/cloud/v1#get-/api/v1/jwt-issuers
 *
 * format: <jwt issuer id>
 *
 * ```sh
 * $ pulumi import cockroach:index/jwtIssuer:JwtIssuer my_issuer 1f69fdd2-600a-4cfc-a9ba-16995df0d77d
 * ```
 */
export declare class JwtIssuer extends pulumi.CustomResource {
    /**
     * Get an existing JwtIssuer resource's state with the given name, ID, and optional extra
     * properties used to qualify the lookup.
     *
     * @param name The _unique_ name of the resulting resource.
     * @param id The _unique_ provider ID of the resource to lookup.
     * @param state Any extra arguments used during the lookup.
     * @param opts Optional settings to control the behavior of the CustomResource.
     */
    static get(name: string, id: pulumi.Input<pulumi.ID>, state?: JwtIssuerState, opts?: pulumi.CustomResourceOptions): JwtIssuer;
    /**
     * Returns true if the given object is an instance of JwtIssuer.  This is designed to work even
     * when multiple copies of the Pulumi SDK have been loaded into the same process.
     */
    static isInstance(obj: any): obj is JwtIssuer;
    /**
     * The intended audience for consuming the JWT.
     */
    readonly audience: pulumi.Output<string>;
    /**
     * Used to identify the user from the external Identity Provider. Defaults to "sub".
     */
    readonly claim: pulumi.Output<string | undefined>;
    /**
     * A list of mappings to map the external token identity into CockroachDB Cloud.
     */
    readonly identityMaps: pulumi.Output<outputs.JwtIssuerIdentityMap[] | undefined>;
    /**
     * The URL of the server issuing JWTs.
     */
    readonly issuerUrl: pulumi.Output<string>;
    /**
     * A set of public keys (JWKS) used to verify the JWT.
     */
    readonly jwks: pulumi.Output<string | undefined>;
    /**
     * Create a JwtIssuer resource with the given unique name, arguments, and options.
     *
     * @param name The _unique_ name of the resource.
     * @param args The arguments to use to populate this resource's properties.
     * @param opts A bag of options that control this resource's behavior.
     */
    constructor(name: string, args: JwtIssuerArgs, opts?: pulumi.CustomResourceOptions);
}
/**
 * Input properties used for looking up and filtering JwtIssuer resources.
 */
export interface JwtIssuerState {
    /**
     * The intended audience for consuming the JWT.
     */
    audience?: pulumi.Input<string>;
    /**
     * Used to identify the user from the external Identity Provider. Defaults to "sub".
     */
    claim?: pulumi.Input<string>;
    /**
     * A list of mappings to map the external token identity into CockroachDB Cloud.
     */
    identityMaps?: pulumi.Input<pulumi.Input<inputs.JwtIssuerIdentityMap>[]>;
    /**
     * The URL of the server issuing JWTs.
     */
    issuerUrl?: pulumi.Input<string>;
    /**
     * A set of public keys (JWKS) used to verify the JWT.
     */
    jwks?: pulumi.Input<string>;
}
/**
 * The set of arguments for constructing a JwtIssuer resource.
 */
export interface JwtIssuerArgs {
    /**
     * The intended audience for consuming the JWT.
     */
    audience: pulumi.Input<string>;
    /**
     * Used to identify the user from the external Identity Provider. Defaults to "sub".
     */
    claim?: pulumi.Input<string>;
    /**
     * A list of mappings to map the external token identity into CockroachDB Cloud.
     */
    identityMaps?: pulumi.Input<pulumi.Input<inputs.JwtIssuerIdentityMap>[]>;
    /**
     * The URL of the server issuing JWTs.
     */
    issuerUrl: pulumi.Input<string>;
    /**
     * A set of public keys (JWKS) used to verify the JWT.
     */
    jwks?: pulumi.Input<string>;
}
