import * as pulumi from "@pulumi/pulumi";
/**
 * The `scaleway.ObjectBucketPolicy` resource allows you to create and manage bucket policies for [Scaleway Object storage](https://www.scaleway.com/en/docs/storage/object/).
 *
 * Refer to the [dedicated documentation](https://www.scaleway.com/en/docs/storage/object/api-cli/bucket-policy/) for more information on Object Storage bucket policies.
 *
 * ## Example Usage
 *
 * ### Example Usage with an IAM user
 *
 * ```typescript
 * import * as pulumi from "@pulumi/pulumi";
 * import * as scaleway from "@ediri/scaleway";
 * import * as scaleway from "@pulumi/scaleway";
 *
 * const default = scaleway.getAccountProject({
 *     name: "default",
 * });
 * const user = scaleway.getIamUser({
 *     email: "user@scaleway.com",
 * });
 * const policyIamPolicy = new scaleway.IamPolicy("policyIamPolicy", {
 *     userId: user.then(user => user.id),
 *     rules: [{
 *         projectIds: [_default.then(_default => _default.id)],
 *         permissionSetNames: ["ObjectStorageFullAccess"],
 *     }],
 * });
 * // Object storage configuration
 * const bucket = new scaleway.ObjectBucket("bucket", {});
 * const policyObjectBucketPolicy = new scaleway.ObjectBucketPolicy("policyObjectBucketPolicy", {
 *     bucket: bucket.name,
 *     policy: pulumi.jsonStringify({
 *         Version: "2023-04-17",
 *         Id: "MyBucketPolicy",
 *         Statement: [{
 *             Effect: "Allow",
 *             Action: ["s3:*"],
 *             Principal: {
 *                 SCW: user.then(user => `user_id:${user.id}`),
 *             },
 *             Resource: [
 *                 bucket.name,
 *                 pulumi.interpolate`${bucket.name}/*`,
 *             ],
 *         }],
 *     }),
 * });
 * ```
 *
 * ### Example with an IAM application
 *
 * ### Creating a bucket and delegating read access to an application
 *
 * ```typescript
 * import * as pulumi from "@pulumi/pulumi";
 * import * as scaleway from "@ediri/scaleway";
 * import * as scaleway from "@pulumi/scaleway";
 *
 * const default = scaleway.getAccountProject({
 *     name: "default",
 * });
 * // IAM configuration
 * const reading_app = new scaleway.IamApplication("reading-app", {});
 * const policyIamPolicy = new scaleway.IamPolicy("policyIamPolicy", {
 *     applicationId: reading_app.id,
 *     rules: [{
 *         projectIds: [_default.then(_default => _default.id)],
 *         permissionSetNames: ["ObjectStorageBucketsRead"],
 *     }],
 * });
 * // Object storage configuration
 * const bucket = new scaleway.ObjectBucket("bucket", {});
 * const policyObjectBucketPolicy = new scaleway.ObjectBucketPolicy("policyObjectBucketPolicy", {
 *     bucket: bucket.id,
 *     policy: pulumi.jsonStringify({
 *         Version: "2023-04-17",
 *         Statement: [{
 *             Sid: "Delegate read access",
 *             Effect: "Allow",
 *             Principal: {
 *                 SCW: pulumi.interpolate`application_id:${reading_app.id}`,
 *             },
 *             Action: [
 *                 "s3:ListBucket",
 *                 "s3:GetObject",
 *             ],
 *             Resource: [
 *                 bucket.name,
 *                 pulumi.interpolate`${bucket.name}/*`,
 *             ],
 *         }],
 *     }),
 * });
 * ```
 *
 * ### Reading the bucket with the application
 *
 * ```typescript
 * import * as pulumi from "@pulumi/pulumi";
 * import * as scaleway from "@ediri/scaleway";
 * import * as scaleway from "@pulumi/scaleway";
 *
 * const reading-app = scaleway.getIamApplication({
 *     name: "reading-app",
 * });
 * const reading_api_key = new scaleway.IamApiKey("reading-api-key", {applicationId: reading_app.then(reading_app => reading_app.id)});
 * const reading_profile = new scaleway.Provider("reading-profile", {
 *     accessKey: reading_api_key.accessKey,
 *     secretKey: reading_api_key.secretKey,
 * });
 * const bucket = scaleway.getObjectBucket({
 *     name: "some-unique-name",
 * });
 * ```
 *
 * ### Example with AWS provider
 *
 * ```typescript
 * import * as pulumi from "@pulumi/pulumi";
 * import * as aws from "@pulumi/aws";
 * import * as scaleway from "@ediri/scaleway";
 * import * as scaleway from "@pulumi/scaleway";
 *
 * const default = scaleway.getAccountProject({
 *     name: "default",
 * });
 * // Object storage configuration
 * const bucket = new scaleway.ObjectBucket("bucket", {});
 * const policy = aws.iam.getPolicyDocumentOutput({
 *     version: "2012-10-17",
 *     statements: [{
 *         sid: "Delegate access",
 *         effect: "Allow",
 *         principals: [{
 *             type: "SCW",
 *             identifiers: [_default.then(_default => `project_id:${_default.id}`)],
 *         }],
 *         actions: ["s3:ListBucket"],
 *         resources: [
 *             bucket.name,
 *             pulumi.interpolate`${bucket.name}/*`,
 *         ],
 *     }],
 * });
 * const main = new scaleway.ObjectBucketPolicy("main", {
 *     bucket: bucket.id,
 *     policy: policy.apply(policy => policy.json),
 * });
 * ```
 *
 * ### Example with deprecated version 2012-10-17
 *
 * ```typescript
 * import * as pulumi from "@pulumi/pulumi";
 * import * as scaleway from "@ediri/scaleway";
 * import * as scaleway from "@pulumi/scaleway";
 *
 * const default = scaleway.getAccountProject({
 *     name: "default",
 * });
 * // Object storage configuration
 * const bucket = new scaleway.ObjectBucket("bucket", {region: "fr-par"});
 * const policy = new scaleway.ObjectBucketPolicy("policy", {
 *     bucket: bucket.name,
 *     policy: pulumi.jsonStringify({
 *         Version: "2012-10-17",
 *         Statement: [{
 *             Effect: "Allow",
 *             Action: [
 *                 "s3:ListBucket",
 *                 "s3:GetObjectTagging",
 *             ],
 *             Principal: {
 *                 SCW: _default.then(_default => `project_id:${_default.id}`),
 *             },
 *             Resource: [
 *                 bucket.name,
 *                 pulumi.interpolate`${bucket.name}/*`,
 *             ],
 *         }],
 *     }),
 * });
 * ```
 *
 * **NB:** To configure the AWS provider with Scaleway credentials, refer to the [dedicated documentation](https://www.scaleway.com/en/docs/storage/object/api-cli/object-storage-aws-cli/).
 *
 * ## Import
 *
 * Bucket policies can be imported using the `{region}/{bucketName}` identifier, as shown below:
 *
 * bash
 *
 * ```sh
 * $ pulumi import scaleway:index/objectBucketPolicy:ObjectBucketPolicy some_bucket fr-par/some-bucket
 * ```
 *
 * ~> **Important:** The `project_id` attribute has a particular behavior with s3 products because the s3 API is scoped by project.
 *
 * If you are using a project different from the default one, you have to specify the project ID at the end of the import command.
 *
 * bash
 *
 * ```sh
 * $ pulumi import scaleway:index/objectBucketPolicy:ObjectBucketPolicy some_bucket fr-par/some-bucket@xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxx
 * ```
 */
export declare class ObjectBucketPolicy extends pulumi.CustomResource {
    /**
     * Get an existing ObjectBucketPolicy resource's state with the given name, ID, and optional extra
     * properties used to qualify the lookup.
     *
     * @param name The _unique_ name of the resulting resource.
     * @param id The _unique_ provider ID of the resource to lookup.
     * @param state Any extra arguments used during the lookup.
     * @param opts Optional settings to control the behavior of the CustomResource.
     */
    static get(name: string, id: pulumi.Input<pulumi.ID>, state?: ObjectBucketPolicyState, opts?: pulumi.CustomResourceOptions): ObjectBucketPolicy;
    /**
     * Returns true if the given object is an instance of ObjectBucketPolicy.  This is designed to work even
     * when multiple copies of the Pulumi SDK have been loaded into the same process.
     */
    static isInstance(obj: any): obj is ObjectBucketPolicy;
    /**
     * The bucket's name or regional ID.
     */
    readonly bucket: pulumi.Output<string>;
    /**
     * The text of the policy.
     */
    readonly policy: pulumi.Output<string>;
    /**
     * The projectId you want to attach the resource to
     */
    readonly projectId: pulumi.Output<string>;
    /**
     * The Scaleway region this bucket resides in.
     */
    readonly region: pulumi.Output<string>;
    /**
     * Create a ObjectBucketPolicy resource with the given unique name, arguments, and options.
     *
     * @param name The _unique_ name of the resource.
     * @param args The arguments to use to populate this resource's properties.
     * @param opts A bag of options that control this resource's behavior.
     */
    constructor(name: string, args: ObjectBucketPolicyArgs, opts?: pulumi.CustomResourceOptions);
}
/**
 * Input properties used for looking up and filtering ObjectBucketPolicy resources.
 */
export interface ObjectBucketPolicyState {
    /**
     * The bucket's name or regional ID.
     */
    bucket?: pulumi.Input<string>;
    /**
     * The text of the policy.
     */
    policy?: pulumi.Input<string>;
    /**
     * The projectId you want to attach the resource to
     */
    projectId?: pulumi.Input<string>;
    /**
     * The Scaleway region this bucket resides in.
     */
    region?: pulumi.Input<string>;
}
/**
 * The set of arguments for constructing a ObjectBucketPolicy resource.
 */
export interface ObjectBucketPolicyArgs {
    /**
     * The bucket's name or regional ID.
     */
    bucket: pulumi.Input<string>;
    /**
     * The text of the policy.
     */
    policy: pulumi.Input<string>;
    /**
     * The projectId you want to attach the resource to
     */
    projectId?: pulumi.Input<string>;
    /**
     * The Scaleway region this bucket resides in.
     */
    region?: pulumi.Input<string>;
}