import * as pulumi from "@pulumi/pulumi";
import * as inputs from "../../types/input";
export interface AccountIamArgs {
    /**
     * The alias to be used for IAM.
     */
    alias?: pulumi.Input<string>;
    /**
     * The IAM password policy configuration.
     */
    passwordPolicy?: pulumi.Input<inputs.landingzone.AccountPasswordPolicyArgs>;
}
export interface AccountPasswordPolicyArgs {
    /**
     * Enable the creation of IAM Password Policy. Defaults to 'true'.
     */
    enabled?: pulumi.Input<boolean>;
    /**
     * The rules to be applied to the IAM Password Policy
     */
    rules?: pulumi.Input<inputs.landingzone.AccountPasswordPolicyRulesArgs>;
}
export interface AccountPasswordPolicyRulesArgs {
    /**
     * Whether to allow users to change their own password. Defaults to 'true'.
     */
    allowUsersToChangePassword?: pulumi.Input<boolean>;
    /**
     * Whether users are prevented from setting a new password after their password has expired (i.e., require administrator reset). Defaults to 'true'.
     */
    hardExpiry?: pulumi.Input<boolean>;
    /**
     * The number of days that an user password is valid. Defaults to '90'.
     */
    maxPasswordAge?: pulumi.Input<number>;
    /**
     * Minimum length to require for user passwords. Defaults to '14'.
     */
    minimumPasswordLength?: pulumi.Input<number>;
    /**
     * The number of previous passwords that users are prevented from reusing. Defaults to '0'.
     */
    passwordReusePrevention?: pulumi.Input<number>;
    /**
     * Whether to require lowercase characters for user passwords. Defaults to 'true'.
     */
    requireLowercaseCharacters?: pulumi.Input<boolean>;
    /**
     * Whether to require numbers for user passwords. Defaults to 'true'.
     */
    requireNumbers?: pulumi.Input<boolean>;
    /**
     * Whether to require symbols for user passwords. Defaults to 'true'.
     */
    requireSymbols?: pulumi.Input<boolean>;
    /**
     * Whether to require uppercase characters for user passwords. Defaults to 'true'.
     */
    requireUppercaseCharacters?: pulumi.Input<boolean>;
}
export interface AuditLoggingCloudWatchArgs {
    /**
     * Enable storing audit logs in CloudWatch. Defaults to 'false'.
     */
    enabled: pulumi.Input<boolean>;
    /**
     * The data retention in days. Defaults to '1'.
     */
    retentionDays?: pulumi.Input<number>;
}
export interface IamTrustedAccountRoleArgs {
    name: pulumi.Input<string>;
}
export interface IamTrustingAccountRoleArgs {
    name: pulumi.Input<string>;
    policyNames: pulumi.Input<pulumi.Input<string>[]>;
}
export interface LandingZoneAuditArgs {
    /**
     * Select the Organization account to be used to store the audit logs.
     */
    accountName?: pulumi.Input<string>;
    /**
     * Store the audit logs in CloudWatch to enable easy searching.
     */
    cloudwatch?: pulumi.Input<inputs.landingzone.LandingZoneAuditCloudWatchArgs>;
    /**
     * Enable audit logging. Defaults to 'true'.
     */
    enabled?: pulumi.Input<boolean>;
    /**
     * The data retention in days. Defaults to '7'.
     */
    retentionDays?: pulumi.Input<number>;
}
export interface LandingZoneAuditCloudWatchArgs {
    /**
     * Enable storing audit logs in CloudWatch. Defaults to 'false'.
     */
    enabled: pulumi.Input<boolean>;
    /**
     * The data retention in days. Defaults to '1'.
     */
    retentionDays?: pulumi.Input<number>;
}
export interface LandingZoneIamArgs {
    accountName?: pulumi.Input<string>;
    roles?: pulumi.Input<pulumi.Input<inputs.landingzone.LandingZoneIamRoleArgs>[]>;
}
export interface LandingZoneIamRoleArgs {
    name: pulumi.Input<string>;
    policyNames: pulumi.Input<pulumi.Input<string>[]>;
}
export interface OrganizationArgs {
    /**
     * The list of AWS Account to be configured in the Organization.
     */
    accounts?: pulumi.Input<pulumi.Input<inputs.landingzone.OrganizationAccountArgs>[]>;
    /**
     * The list of enabled Organizations Policies in the organization.
     */
    enabledPolicies?: pulumi.Input<pulumi.Input<string>[]>;
    /**
     * The FeatureSet in the Organization..
     */
    featureSet?: pulumi.Input<string>;
    /**
     * The organization ID to import the Organization in the stack. If not set a new AWS Organization will be created. Defaults to undefined.
     */
    organizationId?: pulumi.Input<string>;
    /**
     * The Organization policies to be applied.
     */
    policies?: pulumi.Input<inputs.landingzone.OrganizationPoliciesArgs>;
    /**
     * The list of AWS Service Access Principals enabled in the organization.
     */
    services?: pulumi.Input<pulumi.Input<string>[]>;
}
export interface OrganizationAccountArgs {
    /**
     * The AWS Account ID to be used to import the Account in the Organization. If not set, a new AWS Account will be created.
     */
    accountId?: pulumi.Input<string>;
    /**
     * Admin role for the IAM Account.
     */
    adminRoleName?: pulumi.Input<string>;
    /**
     * The email associated to the IAM Account.
     */
    email: pulumi.Input<string>;
    /**
     * The configuration for IAM.
     */
    iam: pulumi.Input<inputs.landingzone.AccountIamArgs>;
    /**
     * The name of the IAM Account.
     */
    name: pulumi.Input<string>;
    ou?: pulumi.Input<string>;
    /**
     * The parentId of the imported account.
     */
    parentId?: pulumi.Input<string>;
}
export interface OrganizationPoliciesArgs {
    /**
     * Deny IAM Account to leave the organization. Enabled by default.
     */
    denyLeaveOrganization?: pulumi.Input<inputs.landingzone.OrganizationPolicyArgs>;
}
export interface OrganizationPolicyArgs {
    /**
     * Enable the policy/
     */
    enabled?: pulumi.Input<boolean>;
    /**
     * Import the policy with the given id
     */
    policyId?: pulumi.Input<string>;
}