import * as pulumi from "@pulumi/pulumi";
/**
 * Provides a resource to manage kms re encrypt
 * ## Example Usage
 *
 * ```typescript
 * import * as pulumi from "@pulumi/pulumi";
 * import * as volcengine from "@volcengine/pulumi";
 *
 * const encryptStable = new volcengine.kms.Ciphertext("encryptStable", {
 *     keyId: "c44870c3-f33b-421a-****-a2bba37c993e",
 *     plaintext: "VGhpcyBpcyBhIHBsYWludGV4dCBleGFtcGxlLg==",
 * });
 * const reEncryptStable = new volcengine.kms.ReEncrypt("reEncryptStable", {
 *     newKeyId: "33e6ae1f-62f6-415a-****-579f526274cc",
 *     sourceCiphertextBlob: encryptStable.ciphertextBlob,
 * });
 * ```
 *
 * ## Import
 *
 * The KmsReEncrypt is not support import.
 */
export declare class ReEncrypt extends pulumi.CustomResource {
    /**
     * Get an existing ReEncrypt resource's state with the given name, ID, and optional extra
     * properties used to qualify the lookup.
     *
     * @param name The _unique_ name of the resulting resource.
     * @param id The _unique_ provider ID of the resource to lookup.
     * @param state Any extra arguments used during the lookup.
     * @param opts Optional settings to control the behavior of the CustomResource.
     */
    static get(name: string, id: pulumi.Input<pulumi.ID>, state?: ReEncryptState, opts?: pulumi.CustomResourceOptions): ReEncrypt;
    /**
     * Returns true if the given object is an instance of ReEncrypt.  This is designed to work even
     * when multiple copies of the Pulumi SDK have been loaded into the same process.
     */
    static isInstance(obj: any): obj is ReEncrypt;
    /**
     * The re-encrypted ciphertext, Base64 encoded. The data stays stable across applies. If a changing ciphertext is needed use the `volcengine.kms.getReEncrypts` data source.
     */
    readonly ciphertextBlob: pulumi.Output<string>;
    /**
     * The new encryption context JSON string.
     */
    readonly newEncryptionContext: pulumi.Output<string | undefined>;
    /**
     * The new key id. When newKeyId is not specified, both newKeyringName and newKeyName must be specified.
     */
    readonly newKeyId: pulumi.Output<string | undefined>;
    /**
     * The new key name.
     */
    readonly newKeyName: pulumi.Output<string | undefined>;
    /**
     * The new keyring name.
     */
    readonly newKeyringName: pulumi.Output<string | undefined>;
    /**
     * The old encryption context JSON string.
     */
    readonly oldEncryptionContext: pulumi.Output<string | undefined>;
    /**
     * The source ciphertext, Base64 encoded.
     */
    readonly sourceCiphertextBlob: pulumi.Output<string>;
    /**
     * Create a ReEncrypt resource with the given unique name, arguments, and options.
     *
     * @param name The _unique_ name of the resource.
     * @param args The arguments to use to populate this resource's properties.
     * @param opts A bag of options that control this resource's behavior.
     */
    constructor(name: string, args: ReEncryptArgs, opts?: pulumi.CustomResourceOptions);
}
/**
 * Input properties used for looking up and filtering ReEncrypt resources.
 */
export interface ReEncryptState {
    /**
     * The re-encrypted ciphertext, Base64 encoded. The data stays stable across applies. If a changing ciphertext is needed use the `volcengine.kms.getReEncrypts` data source.
     */
    ciphertextBlob?: pulumi.Input<string>;
    /**
     * The new encryption context JSON string.
     */
    newEncryptionContext?: pulumi.Input<string>;
    /**
     * The new key id. When newKeyId is not specified, both newKeyringName and newKeyName must be specified.
     */
    newKeyId?: pulumi.Input<string>;
    /**
     * The new key name.
     */
    newKeyName?: pulumi.Input<string>;
    /**
     * The new keyring name.
     */
    newKeyringName?: pulumi.Input<string>;
    /**
     * The old encryption context JSON string.
     */
    oldEncryptionContext?: pulumi.Input<string>;
    /**
     * The source ciphertext, Base64 encoded.
     */
    sourceCiphertextBlob?: pulumi.Input<string>;
}
/**
 * The set of arguments for constructing a ReEncrypt resource.
 */
export interface ReEncryptArgs {
    /**
     * The new encryption context JSON string.
     */
    newEncryptionContext?: pulumi.Input<string>;
    /**
     * The new key id. When newKeyId is not specified, both newKeyringName and newKeyName must be specified.
     */
    newKeyId?: pulumi.Input<string>;
    /**
     * The new key name.
     */
    newKeyName?: pulumi.Input<string>;
    /**
     * The new keyring name.
     */
    newKeyringName?: pulumi.Input<string>;
    /**
     * The old encryption context JSON string.
     */
    oldEncryptionContext?: pulumi.Input<string>;
    /**
     * The source ciphertext, Base64 encoded.
     */
    sourceCiphertextBlob: pulumi.Input<string>;
}
