import * as pulumi from "@pulumi/pulumi";
import * as inputs from "../types/input";
import * as outputs from "../types/output";
/**
 * Manages a Sentinel Automation Rule.
 *
 * ## Example Usage
 *
 * ```typescript
 * import * as pulumi from "@pulumi/pulumi";
 * import * as azure from "@pulumi/azure";
 *
 * const example = new azure.core.ResourceGroup("example", {
 *     name: "example-rg",
 *     location: "west europe",
 * });
 * const exampleAnalyticsWorkspace = new azure.operationalinsights.AnalyticsWorkspace("example", {
 *     name: "example-workspace",
 *     location: example.location,
 *     resourceGroupName: example.name,
 *     sku: "PerGB2018",
 * });
 * const exampleLogAnalyticsWorkspaceOnboarding = new azure.sentinel.LogAnalyticsWorkspaceOnboarding("example", {workspaceId: exampleAnalyticsWorkspace.id});
 * const exampleAutomationRule = new azure.sentinel.AutomationRule("example", {
 *     name: "56094f72-ac3f-40e7-a0c0-47bd95f70336",
 *     logAnalyticsWorkspaceId: exampleLogAnalyticsWorkspaceOnboarding.workspaceId,
 *     displayName: "automation_rule1",
 *     order: 1,
 *     actionIncidents: [{
 *         order: 1,
 *         status: "Active",
 *     }],
 * });
 * ```
 *
 * ## API Providers
 *
 * <!-- This section is generated, changes will be overwritten -->
 * This resource uses the following Azure API Providers:
 *
 * * `Microsoft.OperationalInsights` - 2024-09-01
 *
 * ## Import
 *
 * Sentinel Automation Rules can be imported using the `resource id`, e.g.
 *
 * ```sh
 * $ pulumi import azure:sentinel/authomationRule:AuthomationRule example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/group1/providers/Microsoft.OperationalInsights/workspaces/workspace1/providers/Microsoft.SecurityInsights/automationRules/rule1
 * ```
 *
 * @deprecated azure.sentinel.AuthomationRule has been deprecated in favor of azure.sentinel.AutomationRule
 */
export declare class AuthomationRule extends pulumi.CustomResource {
    /**
     * Get an existing AuthomationRule resource's state with the given name, ID, and optional extra
     * properties used to qualify the lookup.
     *
     * @param name The _unique_ name of the resulting resource.
     * @param id The _unique_ provider ID of the resource to lookup.
     * @param state Any extra arguments used during the lookup.
     * @param opts Optional settings to control the behavior of the CustomResource.
     */
    static get(name: string, id: pulumi.Input<pulumi.ID>, state?: AuthomationRuleState, opts?: pulumi.CustomResourceOptions): AuthomationRule;
    /**
     * Returns true if the given object is an instance of AuthomationRule.  This is designed to work even
     * when multiple copies of the Pulumi SDK have been loaded into the same process.
     */
    static isInstance(obj: any): obj is AuthomationRule;
    /**
     * One or more `actionIncidentTask` blocks as defined below.
     */
    readonly actionIncidentTasks: pulumi.Output<outputs.sentinel.AuthomationRuleActionIncidentTask[] | undefined>;
    /**
     * One or more `actionIncident` blocks as defined below.
     */
    readonly actionIncidents: pulumi.Output<outputs.sentinel.AuthomationRuleActionIncident[] | undefined>;
    /**
     * One or more `actionPlaybook` blocks as defined below.
     *
     * > **Note:** Either one `actionIncident` block or `actionPlaybook` block has to be specified.
     */
    readonly actionPlaybooks: pulumi.Output<outputs.sentinel.AuthomationRuleActionPlaybook[] | undefined>;
    /**
     * A JSON array of one or more condition JSON objects as is defined [here](https://learn.microsoft.com/en-us/rest/api/securityinsights/preview/automation-rules/create-or-update?tabs=HTTP#automationruletriggeringlogic).
     */
    readonly conditionJson: pulumi.Output<string | undefined>;
    /**
     * The display name which should be used for this Sentinel Automation Rule.
     */
    readonly displayName: pulumi.Output<string>;
    /**
     * Whether this Sentinel Automation Rule is enabled? Defaults to `true`.
     */
    readonly enabled: pulumi.Output<boolean | undefined>;
    /**
     * The time in RFC3339 format of kind `UTC` that determines when this Automation Rule should expire and be disabled.
     */
    readonly expiration: pulumi.Output<string | undefined>;
    /**
     * The ID of the Log Analytics Workspace where this Sentinel applies to. Changing this forces a new Sentinel Automation Rule to be created.
     */
    readonly logAnalyticsWorkspaceId: pulumi.Output<string>;
    /**
     * The UUID which should be used for this Sentinel Automation Rule. Changing this forces a new Sentinel Automation Rule to be created.
     */
    readonly name: pulumi.Output<string>;
    /**
     * The order of this Sentinel Automation Rule. Possible values varies between `1` and `1000`.
     */
    readonly order: pulumi.Output<number>;
    /**
     * Specifies what triggers this automation rule. Possible values are `Alerts` and `Incidents`. Defaults to `Incidents`.
     */
    readonly triggersOn: pulumi.Output<string | undefined>;
    /**
     * Specifies when will this automation rule be triggered. Possible values are `Created` and `Updated`. Defaults to `Created`.
     */
    readonly triggersWhen: pulumi.Output<string | undefined>;
    /**
     * Create a AuthomationRule resource with the given unique name, arguments, and options.
     *
     * @param name The _unique_ name of the resource.
     * @param args The arguments to use to populate this resource's properties.
     * @param opts A bag of options that control this resource's behavior.
     */
    /** @deprecated azure.sentinel.AuthomationRule has been deprecated in favor of azure.sentinel.AutomationRule */
    constructor(name: string, args: AuthomationRuleArgs, opts?: pulumi.CustomResourceOptions);
}
/**
 * Input properties used for looking up and filtering AuthomationRule resources.
 */
export interface AuthomationRuleState {
    /**
     * One or more `actionIncidentTask` blocks as defined below.
     */
    actionIncidentTasks?: pulumi.Input<pulumi.Input<inputs.sentinel.AuthomationRuleActionIncidentTask>[]>;
    /**
     * One or more `actionIncident` blocks as defined below.
     */
    actionIncidents?: pulumi.Input<pulumi.Input<inputs.sentinel.AuthomationRuleActionIncident>[]>;
    /**
     * One or more `actionPlaybook` blocks as defined below.
     *
     * > **Note:** Either one `actionIncident` block or `actionPlaybook` block has to be specified.
     */
    actionPlaybooks?: pulumi.Input<pulumi.Input<inputs.sentinel.AuthomationRuleActionPlaybook>[]>;
    /**
     * A JSON array of one or more condition JSON objects as is defined [here](https://learn.microsoft.com/en-us/rest/api/securityinsights/preview/automation-rules/create-or-update?tabs=HTTP#automationruletriggeringlogic).
     */
    conditionJson?: pulumi.Input<string>;
    /**
     * The display name which should be used for this Sentinel Automation Rule.
     */
    displayName?: pulumi.Input<string>;
    /**
     * Whether this Sentinel Automation Rule is enabled? Defaults to `true`.
     */
    enabled?: pulumi.Input<boolean>;
    /**
     * The time in RFC3339 format of kind `UTC` that determines when this Automation Rule should expire and be disabled.
     */
    expiration?: pulumi.Input<string>;
    /**
     * The ID of the Log Analytics Workspace where this Sentinel applies to. Changing this forces a new Sentinel Automation Rule to be created.
     */
    logAnalyticsWorkspaceId?: pulumi.Input<string>;
    /**
     * The UUID which should be used for this Sentinel Automation Rule. Changing this forces a new Sentinel Automation Rule to be created.
     */
    name?: pulumi.Input<string>;
    /**
     * The order of this Sentinel Automation Rule. Possible values varies between `1` and `1000`.
     */
    order?: pulumi.Input<number>;
    /**
     * Specifies what triggers this automation rule. Possible values are `Alerts` and `Incidents`. Defaults to `Incidents`.
     */
    triggersOn?: pulumi.Input<string>;
    /**
     * Specifies when will this automation rule be triggered. Possible values are `Created` and `Updated`. Defaults to `Created`.
     */
    triggersWhen?: pulumi.Input<string>;
}
/**
 * The set of arguments for constructing a AuthomationRule resource.
 */
export interface AuthomationRuleArgs {
    /**
     * One or more `actionIncidentTask` blocks as defined below.
     */
    actionIncidentTasks?: pulumi.Input<pulumi.Input<inputs.sentinel.AuthomationRuleActionIncidentTask>[]>;
    /**
     * One or more `actionIncident` blocks as defined below.
     */
    actionIncidents?: pulumi.Input<pulumi.Input<inputs.sentinel.AuthomationRuleActionIncident>[]>;
    /**
     * One or more `actionPlaybook` blocks as defined below.
     *
     * > **Note:** Either one `actionIncident` block or `actionPlaybook` block has to be specified.
     */
    actionPlaybooks?: pulumi.Input<pulumi.Input<inputs.sentinel.AuthomationRuleActionPlaybook>[]>;
    /**
     * A JSON array of one or more condition JSON objects as is defined [here](https://learn.microsoft.com/en-us/rest/api/securityinsights/preview/automation-rules/create-or-update?tabs=HTTP#automationruletriggeringlogic).
     */
    conditionJson?: pulumi.Input<string>;
    /**
     * The display name which should be used for this Sentinel Automation Rule.
     */
    displayName: pulumi.Input<string>;
    /**
     * Whether this Sentinel Automation Rule is enabled? Defaults to `true`.
     */
    enabled?: pulumi.Input<boolean>;
    /**
     * The time in RFC3339 format of kind `UTC` that determines when this Automation Rule should expire and be disabled.
     */
    expiration?: pulumi.Input<string>;
    /**
     * The ID of the Log Analytics Workspace where this Sentinel applies to. Changing this forces a new Sentinel Automation Rule to be created.
     */
    logAnalyticsWorkspaceId: pulumi.Input<string>;
    /**
     * The UUID which should be used for this Sentinel Automation Rule. Changing this forces a new Sentinel Automation Rule to be created.
     */
    name?: pulumi.Input<string>;
    /**
     * The order of this Sentinel Automation Rule. Possible values varies between `1` and `1000`.
     */
    order: pulumi.Input<number>;
    /**
     * Specifies what triggers this automation rule. Possible values are `Alerts` and `Incidents`. Defaults to `Incidents`.
     */
    triggersOn?: pulumi.Input<string>;
    /**
     * Specifies when will this automation rule be triggered. Possible values are `Created` and `Updated`. Defaults to `Created`.
     */
    triggersWhen?: pulumi.Input<string>;
}