import * as pulumi from "@pulumi/pulumi";
import * as inputs from "../types/input";
import * as outputs from "../types/output";
/**
 * Creates and manages Scaleway compute Instance security groups. For more information, see the [API documentation](https://www.scaleway.com/en/developers/api/instance/#path-security-groups-list-security-groups).
 *
 * ## Example Usage
 *
 * ### Basic
 *
 * ```typescript
 * import * as pulumi from "@pulumi/pulumi";
 * import * as scaleway from "@pulumiverse/scaleway";
 *
 * const allowAll = new scaleway.instance.SecurityGroup("allow_all", {});
 * const web = new scaleway.instance.SecurityGroup("web", {
 *     inboundDefaultPolicy: "drop",
 *     inboundRules: [
 *         {
 *             action: "accept",
 *             port: 22,
 *             ipRange: "212.47.225.64/32",
 *         },
 *         {
 *             action: "accept",
 *             port: 80,
 *         },
 *         {
 *             action: "accept",
 *             protocol: "UDP",
 *             portRange: "22-23",
 *         },
 *     ],
 * });
 * ```
 *
 * ### Web server with banned IP and restricted internet access
 *
 * ```typescript
 * import * as pulumi from "@pulumi/pulumi";
 * import * as scaleway from "@pulumiverse/scaleway";
 *
 * const web = new scaleway.instance.SecurityGroup("web", {
 *     inboundDefaultPolicy: "drop",
 *     outboundDefaultPolicy: "drop",
 *     inboundRules: [
 *         {
 *             action: "drop",
 *             ipRange: "1.1.1.1/32",
 *         },
 *         {
 *             action: "accept",
 *             port: 22,
 *             ipRange: "212.47.225.64/32",
 *         },
 *         {
 *             action: "accept",
 *             port: 443,
 *         },
 *     ],
 *     outboundRules: [{
 *         action: "accept",
 *         ipRange: "8.8.8.8/32",
 *     }],
 * });
 * ```
 *
 * ### Trusted IP for SSH access (using for_each)
 *
 * If you use terraform >= 0.12.6, you can leverage the `forEach` feature with this resource.
 *
 * ```typescript
 * import * as pulumi from "@pulumi/pulumi";
 * import * as scaleway from "@pulumiverse/scaleway";
 *
 * const trusted = [
 *     "192.168.0.1",
 *     "192.168.0.2",
 *     "192.168.0.3",
 * ];
 * const dummy = new scaleway.instance.SecurityGroup("dummy", {
 *     inboundRules: trusted.map(entry => ({
 *         action: "accept",
 *         port: 22,
 *         ipRange: entry,
 *     })),
 *     inboundDefaultPolicy: "drop",
 *     outboundDefaultPolicy: "accept",
 * });
 * ```
 *
 * ## Import
 *
 * Instance security group can be imported using the `{zone}/{id}`, e.g.
 *
 * ```sh
 * $ pulumi import scaleway:instance/securityGroup:SecurityGroup web fr-par-1/11111111-1111-1111-1111-111111111111
 * ```
 */
export declare class SecurityGroup extends pulumi.CustomResource {
    /**
     * Get an existing SecurityGroup resource's state with the given name, ID, and optional extra
     * properties used to qualify the lookup.
     *
     * @param name The _unique_ name of the resulting resource.
     * @param id The _unique_ provider ID of the resource to lookup.
     * @param state Any extra arguments used during the lookup.
     * @param opts Optional settings to control the behavior of the CustomResource.
     */
    static get(name: string, id: pulumi.Input<pulumi.ID>, state?: SecurityGroupState, opts?: pulumi.CustomResourceOptions): SecurityGroup;
    /**
     * Returns true if the given object is an instance of SecurityGroup.  This is designed to work even
     * when multiple copies of the Pulumi SDK have been loaded into the same process.
     */
    static isInstance(obj: any): obj is SecurityGroup;
    /**
     * The description of the security group.
     */
    readonly description: pulumi.Output<string | undefined>;
    /**
     * Whether to block SMTP on IPv4/IPv6 (Port 25, 465, 587). Set to false will unblock SMTP if your account is authorized to. If your organization is not yet authorized to send SMTP traffic, [open a support ticket](https://console.scaleway.com/support/tickets).
     */
    readonly enableDefaultSecurity: pulumi.Output<boolean | undefined>;
    /**
     * A boolean to specify whether to use instance_security_group_rules.
     * If `externalRules` is set to `true`, `inboundRule` and `outboundRule` can not be set directly in the security group.
     */
    readonly externalRules: pulumi.Output<boolean | undefined>;
    /**
     * The default policy on incoming traffic. Possible values are: `accept` or `drop`.
     */
    readonly inboundDefaultPolicy: pulumi.Output<string | undefined>;
    /**
     * A list of inbound rule to add to the security group. (Structure is documented below.)
     */
    readonly inboundRules: pulumi.Output<outputs.instance.SecurityGroupInboundRule[] | undefined>;
    /**
     * The name of the security group.
     */
    readonly name: pulumi.Output<string>;
    /**
     * The organization ID the security group is associated with.
     */
    readonly organizationId: pulumi.Output<string>;
    /**
     * The default policy on outgoing traffic. Possible values are: `accept` or `drop`.
     */
    readonly outboundDefaultPolicy: pulumi.Output<string | undefined>;
    /**
     * A list of outbound rule to add to the security group. (Structure is documented below.)
     */
    readonly outboundRules: pulumi.Output<outputs.instance.SecurityGroupOutboundRule[] | undefined>;
    /**
     * `projectId`) The ID of the project the security group is associated with.
     */
    readonly projectId: pulumi.Output<string>;
    /**
     * A boolean to specify whether the security group should be stateful or not.
     */
    readonly stateful: pulumi.Output<boolean | undefined>;
    /**
     * The tags of the security group.
     */
    readonly tags: pulumi.Output<string[] | undefined>;
    /**
     * `zone`) The zone in which the security group should be created.
     */
    readonly zone: pulumi.Output<string | undefined>;
    /**
     * Create a SecurityGroup resource with the given unique name, arguments, and options.
     *
     * @param name The _unique_ name of the resource.
     * @param args The arguments to use to populate this resource's properties.
     * @param opts A bag of options that control this resource's behavior.
     */
    constructor(name: string, args?: SecurityGroupArgs, opts?: pulumi.CustomResourceOptions);
}
/**
 * Input properties used for looking up and filtering SecurityGroup resources.
 */
export interface SecurityGroupState {
    /**
     * The description of the security group.
     */
    description?: pulumi.Input<string | undefined>;
    /**
     * Whether to block SMTP on IPv4/IPv6 (Port 25, 465, 587). Set to false will unblock SMTP if your account is authorized to. If your organization is not yet authorized to send SMTP traffic, [open a support ticket](https://console.scaleway.com/support/tickets).
     */
    enableDefaultSecurity?: pulumi.Input<boolean | undefined>;
    /**
     * A boolean to specify whether to use instance_security_group_rules.
     * If `externalRules` is set to `true`, `inboundRule` and `outboundRule` can not be set directly in the security group.
     */
    externalRules?: pulumi.Input<boolean | undefined>;
    /**
     * The default policy on incoming traffic. Possible values are: `accept` or `drop`.
     */
    inboundDefaultPolicy?: pulumi.Input<string | undefined>;
    /**
     * A list of inbound rule to add to the security group. (Structure is documented below.)
     */
    inboundRules?: pulumi.Input<pulumi.Input<inputs.instance.SecurityGroupInboundRule>[] | undefined>;
    /**
     * The name of the security group.
     */
    name?: pulumi.Input<string | undefined>;
    /**
     * The organization ID the security group is associated with.
     */
    organizationId?: pulumi.Input<string | undefined>;
    /**
     * The default policy on outgoing traffic. Possible values are: `accept` or `drop`.
     */
    outboundDefaultPolicy?: pulumi.Input<string | undefined>;
    /**
     * A list of outbound rule to add to the security group. (Structure is documented below.)
     */
    outboundRules?: pulumi.Input<pulumi.Input<inputs.instance.SecurityGroupOutboundRule>[] | undefined>;
    /**
     * `projectId`) The ID of the project the security group is associated with.
     */
    projectId?: pulumi.Input<string | undefined>;
    /**
     * A boolean to specify whether the security group should be stateful or not.
     */
    stateful?: pulumi.Input<boolean | undefined>;
    /**
     * The tags of the security group.
     */
    tags?: pulumi.Input<pulumi.Input<string>[] | undefined>;
    /**
     * `zone`) The zone in which the security group should be created.
     */
    zone?: pulumi.Input<string | undefined>;
}
/**
 * The set of arguments for constructing a SecurityGroup resource.
 */
export interface SecurityGroupArgs {
    /**
     * The description of the security group.
     */
    description?: pulumi.Input<string | undefined>;
    /**
     * Whether to block SMTP on IPv4/IPv6 (Port 25, 465, 587). Set to false will unblock SMTP if your account is authorized to. If your organization is not yet authorized to send SMTP traffic, [open a support ticket](https://console.scaleway.com/support/tickets).
     */
    enableDefaultSecurity?: pulumi.Input<boolean | undefined>;
    /**
     * A boolean to specify whether to use instance_security_group_rules.
     * If `externalRules` is set to `true`, `inboundRule` and `outboundRule` can not be set directly in the security group.
     */
    externalRules?: pulumi.Input<boolean | undefined>;
    /**
     * The default policy on incoming traffic. Possible values are: `accept` or `drop`.
     */
    inboundDefaultPolicy?: pulumi.Input<string | undefined>;
    /**
     * A list of inbound rule to add to the security group. (Structure is documented below.)
     */
    inboundRules?: pulumi.Input<pulumi.Input<inputs.instance.SecurityGroupInboundRule>[] | undefined>;
    /**
     * The name of the security group.
     */
    name?: pulumi.Input<string | undefined>;
    /**
     * The default policy on outgoing traffic. Possible values are: `accept` or `drop`.
     */
    outboundDefaultPolicy?: pulumi.Input<string | undefined>;
    /**
     * A list of outbound rule to add to the security group. (Structure is documented below.)
     */
    outboundRules?: pulumi.Input<pulumi.Input<inputs.instance.SecurityGroupOutboundRule>[] | undefined>;
    /**
     * `projectId`) The ID of the project the security group is associated with.
     */
    projectId?: pulumi.Input<string | undefined>;
    /**
     * A boolean to specify whether the security group should be stateful or not.
     */
    stateful?: pulumi.Input<boolean | undefined>;
    /**
     * The tags of the security group.
     */
    tags?: pulumi.Input<pulumi.Input<string>[] | undefined>;
    /**
     * `zone`) The zone in which the security group should be created.
     */
    zone?: pulumi.Input<string | undefined>;
}
//# sourceMappingURL=securityGroup.d.ts.map