import type { IConnectable } from './connections';
/**
 * Common configuration properties shared by ingress and egress security group rules
 */
export interface RuleConfig {
    /**
     * The IPv4 address range, in CIDR format
     *
     * @default - No IPv4 CIDR
     */
    readonly cidrIp?: string;
    /**
     * The IPv6 address range, in CIDR format
     *
     * @default - No IPv6 CIDR
     */
    readonly cidrIpv6?: string;
}
/**
 * Configuration for an ingress security group rule
 *
 * @see https://docs.aws.amazon.com/AWSCloudFormation/latest/TemplateReference/aws-properties-ec2-securitygroup-ingress.html
 */
export interface IngressRuleConfig extends RuleConfig {
    /**
     * The ID of a source prefix list
     *
     * @default - No source prefix list
     */
    readonly sourcePrefixListId?: string;
    /**
     * The ID of a source security group
     *
     * @default - No source security group
     */
    readonly sourceSecurityGroupId?: string;
    /**
     * The AWS account ID of the owner of a source security group
     *
     * @default - No source security group owner ID
     */
    readonly sourceSecurityGroupOwnerId?: string;
}
/**
 * Configuration for an egress security group rule
 *
 * @see https://docs.aws.amazon.com/AWSCloudFormation/latest/TemplateReference/aws-properties-ec2-securitygroup-egress.html
 */
export interface EgressRuleConfig extends RuleConfig {
    /**
     * The ID of a destination prefix list
     *
     * @default - No destination prefix list
     */
    readonly destinationPrefixListId?: string;
    /**
     * The ID of a destination security group
     *
     * @default - No destination security group
     */
    readonly destinationSecurityGroupId?: string;
}
/**
 * Interface for classes that provide the peer-specification parts of a security group rule
 */
export interface IPeer extends IConnectable {
    /**
     * Whether the rule can be inlined into a SecurityGroup or not
     */
    readonly canInlineRule: boolean;
    /**
     * A unique identifier for this connection peer
     */
    readonly uniqueId: string;
    /**
     * Produce the ingress rule JSON for the given connection
     */
    toIngressRuleConfig(): IngressRuleConfig;
    /**
     * Produce the egress rule JSON for the given connection
     */
    toEgressRuleConfig(): EgressRuleConfig;
}
/**
 * Peer object factories (to be used in Security Group management)
 *
 * The static methods on this object can be used to create peer objects
 * which represent a connection partner in Security Group rules.
 *
 * Use this object if you need to represent connection partners using plain IP
 * addresses, or a prefix list ID.
 *
 * If you want to address a connection partner by Security Group, you can just
 * use the Security Group (or the construct that contains a Security Group)
 * directly, as it already implements `IPeer`.
 */
export declare class Peer {
    /**
     * Create an IPv4 peer from a CIDR
     */
    static ipv4(cidrIp: string): IPeer;
    /**
     * Any IPv4 address
     */
    static anyIpv4(): IPeer;
    /**
     * Create an IPv6 peer from a CIDR
     */
    static ipv6(cidrIp: string): IPeer;
    /**
     * Any IPv6 address
     */
    static anyIpv6(): IPeer;
    /**
     * A prefix list
     */
    static prefixList(prefixListId: string): IPeer;
    /**
     * A security group ID
     */
    static securityGroupId(securityGroupId: string, sourceSecurityGroupOwnerId?: string): IPeer;
    protected constructor();
}