import * as pulumi from "@pulumi/pulumi";
/**
 * * [Official documentation](https://grafana.com/docs/grafana-cloud/security-and-account-management/authentication-and-permissions/access-policies/)
 * * [API documentation](https://grafana.com/docs/grafana-cloud/developer-resources/api-reference/cloud-api/#create-a-token)
 *
 * Required access policy scopes:
 *
 * * accesspolicies:read
 * * accesspolicies:write
 * * accesspolicies:delete
 *
 * This is similar to the grafana.cloud.AccessPolicyToken resource, but it represents a token that will be rotated automatically over time.
 *
 * ## Example Usage
 *
 * ```typescript
 * import * as pulumi from "@pulumi/pulumi";
 * import * as grafana from "@pulumiverse/grafana";
 *
 * const current = grafana.cloud.getOrganization({
 *     slug: "<your org slug>",
 * });
 * const test = new grafana.cloud.AccessPolicy("test", {
 *     region: "prod-us-east-0",
 *     name: "my-policy",
 *     displayName: "My Policy",
 *     scopes: [
 *         "metrics:read",
 *         "logs:read",
 *     ],
 *     realms: [{
 *         type: "org",
 *         identifier: current.then(current => current.id),
 *         labelPolicies: [{
 *             selector: "{namespace=\"default\"}",
 *         }],
 *     }],
 * });
 * const testAccessPolicyRotatingToken = new grafana.cloud.AccessPolicyRotatingToken("test", {
 *     region: "prod-us-east-0",
 *     accessPolicyId: test.policyId,
 *     namePrefix: "my-policy-rotating-token",
 *     displayName: "My Policy Rotating Token",
 *     expireAfter: "720h",
 *     earlyRotationWindow: "24h",
 * });
 * ```
 *
 * ## Import
 *
 * ```sh
 * terraform import grafana_cloud_access_policy_rotating_token.name "{{ region }}:{{ tokenId }}"
 * ```
 */
export declare class AccessPolicyRotatingToken extends pulumi.CustomResource {
    /**
     * Get an existing AccessPolicyRotatingToken resource's state with the given name, ID, and optional extra
     * properties used to qualify the lookup.
     *
     * @param name The _unique_ name of the resulting resource.
     * @param id The _unique_ provider ID of the resource to lookup.
     * @param state Any extra arguments used during the lookup.
     * @param opts Optional settings to control the behavior of the CustomResource.
     */
    static get(name: string, id: pulumi.Input<pulumi.ID>, state?: AccessPolicyRotatingTokenState, opts?: pulumi.CustomResourceOptions): AccessPolicyRotatingToken;
    /**
     * Returns true if the given object is an instance of AccessPolicyRotatingToken.  This is designed to work even
     * when multiple copies of the Pulumi SDK have been loaded into the same process.
     */
    static isInstance(obj: any): obj is AccessPolicyRotatingToken;
    /**
     * ID of the access policy for which to create a token.
     */
    readonly accessPolicyId: pulumi.Output<string>;
    /**
     * Creation date of the access policy token.
     */
    readonly createdAt: pulumi.Output<string>;
    /**
     * Deletes the token in Grafana Cloud when the resource is destroyed in Terraform, instead of leaving it to expire at its `expiresAt` time. Use it with `lifecycle { createBeforeDestroy = true }` to make sure that the new token is created before the old one is deleted. Defaults to `false`.
     */
    readonly deleteOnDestroy: pulumi.Output<boolean | undefined>;
    /**
     * Display name of the access policy token. Defaults to the name.
     */
    readonly displayName: pulumi.Output<string | undefined>;
    /**
     * Duration of the window before expiring where the token can be rotated (e.g. '24h', '30m', '1h30m'). Valid units are 's' (seconds), 'm' (minutes) and 'h' (hours).
     */
    readonly earlyRotationWindow: pulumi.Output<string>;
    /**
     * Duration after which the token will expire (e.g. '24h', '30m', '1h30m'). Valid units are 's' (seconds), 'm' (minutes) and 'h' (hours).
     */
    readonly expireAfter: pulumi.Output<string>;
    /**
     * Expiration date of the access policy token.
     */
    readonly expiresAt: pulumi.Output<string>;
    /**
     * Name of the access policy token.
     */
    readonly name: pulumi.Output<string>;
    /**
     * Prefix for the name of the access policy token. The actual name will be stored in the computed field `name`, which will be in the format '\n\n-\n\n'
     */
    readonly namePrefix: pulumi.Output<string>;
    /**
     * Signals that the token is either expired or within the period to be early rotated.
     */
    readonly readyForRotation: pulumi.Output<boolean>;
    /**
     * Region of the access policy. Should be set to the same region as the access policy. Use the region list API to get the list of available regions: https://grafana.com/docs/grafana-cloud/developer-resources/api-reference/cloud-api/#list-regions.
     */
    readonly region: pulumi.Output<string>;
    readonly token: pulumi.Output<string>;
    /**
     * Last update date of the access policy token.
     */
    readonly updatedAt: pulumi.Output<string>;
    /**
     * Create a AccessPolicyRotatingToken resource with the given unique name, arguments, and options.
     *
     * @param name The _unique_ name of the resource.
     * @param args The arguments to use to populate this resource's properties.
     * @param opts A bag of options that control this resource's behavior.
     */
    constructor(name: string, args: AccessPolicyRotatingTokenArgs, opts?: pulumi.CustomResourceOptions);
}
/**
 * Input properties used for looking up and filtering AccessPolicyRotatingToken resources.
 */
export interface AccessPolicyRotatingTokenState {
    /**
     * ID of the access policy for which to create a token.
     */
    accessPolicyId?: pulumi.Input<string>;
    /**
     * Creation date of the access policy token.
     */
    createdAt?: pulumi.Input<string>;
    /**
     * Deletes the token in Grafana Cloud when the resource is destroyed in Terraform, instead of leaving it to expire at its `expiresAt` time. Use it with `lifecycle { createBeforeDestroy = true }` to make sure that the new token is created before the old one is deleted. Defaults to `false`.
     */
    deleteOnDestroy?: pulumi.Input<boolean>;
    /**
     * Display name of the access policy token. Defaults to the name.
     */
    displayName?: pulumi.Input<string>;
    /**
     * Duration of the window before expiring where the token can be rotated (e.g. '24h', '30m', '1h30m'). Valid units are 's' (seconds), 'm' (minutes) and 'h' (hours).
     */
    earlyRotationWindow?: pulumi.Input<string>;
    /**
     * Duration after which the token will expire (e.g. '24h', '30m', '1h30m'). Valid units are 's' (seconds), 'm' (minutes) and 'h' (hours).
     */
    expireAfter?: pulumi.Input<string>;
    /**
     * Expiration date of the access policy token.
     */
    expiresAt?: pulumi.Input<string>;
    /**
     * Name of the access policy token.
     */
    name?: pulumi.Input<string>;
    /**
     * Prefix for the name of the access policy token. The actual name will be stored in the computed field `name`, which will be in the format '\n\n-\n\n'
     */
    namePrefix?: pulumi.Input<string>;
    /**
     * Signals that the token is either expired or within the period to be early rotated.
     */
    readyForRotation?: pulumi.Input<boolean>;
    /**
     * Region of the access policy. Should be set to the same region as the access policy. Use the region list API to get the list of available regions: https://grafana.com/docs/grafana-cloud/developer-resources/api-reference/cloud-api/#list-regions.
     */
    region?: pulumi.Input<string>;
    token?: pulumi.Input<string>;
    /**
     * Last update date of the access policy token.
     */
    updatedAt?: pulumi.Input<string>;
}
/**
 * The set of arguments for constructing a AccessPolicyRotatingToken resource.
 */
export interface AccessPolicyRotatingTokenArgs {
    /**
     * ID of the access policy for which to create a token.
     */
    accessPolicyId: pulumi.Input<string>;
    /**
     * Deletes the token in Grafana Cloud when the resource is destroyed in Terraform, instead of leaving it to expire at its `expiresAt` time. Use it with `lifecycle { createBeforeDestroy = true }` to make sure that the new token is created before the old one is deleted. Defaults to `false`.
     */
    deleteOnDestroy?: pulumi.Input<boolean>;
    /**
     * Display name of the access policy token. Defaults to the name.
     */
    displayName?: pulumi.Input<string>;
    /**
     * Duration of the window before expiring where the token can be rotated (e.g. '24h', '30m', '1h30m'). Valid units are 's' (seconds), 'm' (minutes) and 'h' (hours).
     */
    earlyRotationWindow: pulumi.Input<string>;
    /**
     * Duration after which the token will expire (e.g. '24h', '30m', '1h30m'). Valid units are 's' (seconds), 'm' (minutes) and 'h' (hours).
     */
    expireAfter: pulumi.Input<string>;
    /**
     * Prefix for the name of the access policy token. The actual name will be stored in the computed field `name`, which will be in the format '\n\n-\n\n'
     */
    namePrefix: pulumi.Input<string>;
    /**
     * Region of the access policy. Should be set to the same region as the access policy. Use the region list API to get the list of available regions: https://grafana.com/docs/grafana-cloud/developer-resources/api-reference/cloud-api/#list-regions.
     */
    region: pulumi.Input<string>;
}