import * as pulumi from "@pulumi/pulumi";
/**
 * Manages ACLs on the Proxmox cluster.
 *
 * ACLs are used to control access to resources in the Proxmox cluster.
 * Each ACL consists of a path, a user, group or token, a role, and a flag to allow propagation of permissions.
 *
 * ## Example Usage
 *
 * ```typescript
 * import * as pulumi from "@pulumi/pulumi";
 * import * as proxmoxve from "@muhlba91/pulumi-proxmoxve";
 *
 * const operationsAutomation = new proxmoxve.permission.User("operationsAutomation", {
 *     comment: "Managed by Pulumi",
 *     password: "a-strong-password",
 *     userId: "operations-automation@pve",
 * });
 * const operationsMonitoring = new proxmoxve.permission.Role("operationsMonitoring", {
 *     roleId: "operations-monitoring",
 *     privileges: ["VM.Monitor"],
 * });
 * const operationsAutomationMonitoring = new proxmoxve.Acl("operationsAutomationMonitoring", {
 *     userId: operationsAutomation.userId,
 *     roleId: operationsMonitoring.roleId,
 *     path: "/vms/1234",
 *     propagate: true,
 * });
 * ```
 *
 * ## Import
 *
 * #!/usr/bin/env sh
 *
 * ACL can be imported using its unique identifier, e.g.: {path}?{group|user@realm|user@realm!token}?{role}
 *
 * ```sh
 * $ pulumi import proxmoxve:index/acl:Acl operations_automation_monitoring /?monitor@pve?operations-monitoring
 * ```
 */
export declare class Acl extends pulumi.CustomResource {
    /**
     * Get an existing Acl resource's state with the given name, ID, and optional extra
     * properties used to qualify the lookup.
     *
     * @param name The _unique_ name of the resulting resource.
     * @param id The _unique_ provider ID of the resource to lookup.
     * @param state Any extra arguments used during the lookup.
     * @param opts Optional settings to control the behavior of the CustomResource.
     */
    static get(name: string, id: pulumi.Input<pulumi.ID>, state?: AclState, opts?: pulumi.CustomResourceOptions): Acl;
    /**
     * Returns true if the given object is an instance of Acl.  This is designed to work even
     * when multiple copies of the Pulumi SDK have been loaded into the same process.
     */
    static isInstance(obj: any): obj is Acl;
    /**
     * The group the ACL should apply to (mutually exclusive with `tokenId` and `userId`)
     */
    readonly groupId: pulumi.Output<string | undefined>;
    /**
     * Access control path
     */
    readonly path: pulumi.Output<string>;
    /**
     * Allow to propagate (inherit) permissions.
     */
    readonly propagate: pulumi.Output<boolean>;
    /**
     * The role to apply
     */
    readonly roleId: pulumi.Output<string>;
    /**
     * The token the ACL should apply to (mutually exclusive with `groupId` and `userId`)
     */
    readonly tokenId: pulumi.Output<string | undefined>;
    /**
     * The user the ACL should apply to (mutually exclusive with `groupId` and `tokenId`)
     */
    readonly userId: pulumi.Output<string | undefined>;
    /**
     * Create a Acl resource with the given unique name, arguments, and options.
     *
     * @param name The _unique_ name of the resource.
     * @param args The arguments to use to populate this resource's properties.
     * @param opts A bag of options that control this resource's behavior.
     */
    constructor(name: string, args: AclArgs, opts?: pulumi.CustomResourceOptions);
}
/**
 * Input properties used for looking up and filtering Acl resources.
 */
export interface AclState {
    /**
     * The group the ACL should apply to (mutually exclusive with `tokenId` and `userId`)
     */
    groupId?: pulumi.Input<string>;
    /**
     * Access control path
     */
    path?: pulumi.Input<string>;
    /**
     * Allow to propagate (inherit) permissions.
     */
    propagate?: pulumi.Input<boolean>;
    /**
     * The role to apply
     */
    roleId?: pulumi.Input<string>;
    /**
     * The token the ACL should apply to (mutually exclusive with `groupId` and `userId`)
     */
    tokenId?: pulumi.Input<string>;
    /**
     * The user the ACL should apply to (mutually exclusive with `groupId` and `tokenId`)
     */
    userId?: pulumi.Input<string>;
}
/**
 * The set of arguments for constructing a Acl resource.
 */
export interface AclArgs {
    /**
     * The group the ACL should apply to (mutually exclusive with `tokenId` and `userId`)
     */
    groupId?: pulumi.Input<string>;
    /**
     * Access control path
     */
    path: pulumi.Input<string>;
    /**
     * Allow to propagate (inherit) permissions.
     */
    propagate?: pulumi.Input<boolean>;
    /**
     * The role to apply
     */
    roleId: pulumi.Input<string>;
    /**
     * The token the ACL should apply to (mutually exclusive with `groupId` and `userId`)
     */
    tokenId?: pulumi.Input<string>;
    /**
     * The user the ACL should apply to (mutually exclusive with `groupId` and `tokenId`)
     */
    userId?: pulumi.Input<string>;
}