import * as pulumi from "@pulumi/pulumi";
/**
 * An authorized organizations description describes a list of organizations
 * (1) that have been authorized to use certain asset (for example, device) data
 * owned by different organizations at the enforcement points, or (2) with certain
 * asset (for example, device) have been authorized to access the resources in
 * another organization at the enforcement points.
 *
 * To get more information about AuthorizedOrgsDesc, see:
 *
 * * [API documentation](https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies.authorizedOrgsDescs)
 * * How-to Guides
 *     * [gcloud docs](https://cloud.google.com/beyondcorp-enterprise/docs/cross-org-authorization)
 *
 * > **Warning:** If you are using User ADCs (Application Default Credentials) with this resource,
 * you must specify a `billingProject` and set `userProjectOverride` to true
 * in the provider configuration. Otherwise the ACM API will return a 403 error.
 * Your account must have the `serviceusage.services.use` permission on the
 * `billingProject` you defined.
 *
 * ## Example Usage
 *
 * ### Access Context Manager Authorized Orgs Desc Basic
 *
 * ```typescript
 * import * as pulumi from "@pulumi/pulumi";
 * import * as gcp from "@pulumi/gcp";
 *
 * const test_access = new gcp.accesscontextmanager.AccessPolicy("test-access", {
 *     parent: "organizations/123456789",
 *     title: "my policy",
 * });
 * const authorized_orgs_desc = new gcp.accesscontextmanager.AuthorizedOrgsDesc("authorized-orgs-desc", {
 *     parent: pulumi.interpolate`accessPolicies/${test_access.name}`,
 *     name: pulumi.interpolate`accessPolicies/${test_access.name}/authorizedOrgsDescs/fakeDescName`,
 *     authorizationType: "AUTHORIZATION_TYPE_TRUST",
 *     assetType: "ASSET_TYPE_CREDENTIAL_STRENGTH",
 *     authorizationDirection: "AUTHORIZATION_DIRECTION_TO",
 *     orgs: [
 *         "organizations/12345",
 *         "organizations/98765",
 *     ],
 * });
 * ```
 *
 * ## Import
 *
 * AuthorizedOrgsDesc can be imported using any of these accepted formats:
 *
 * * `{{name}}`
 *
 * When using the `pulumi import` command, AuthorizedOrgsDesc can be imported using one of the formats above. For example:
 *
 * ```sh
 * $ pulumi import gcp:accesscontextmanager/authorizedOrgsDesc:AuthorizedOrgsDesc default {{name}}
 * ```
 */
export declare class AuthorizedOrgsDesc extends pulumi.CustomResource {
    /**
     * Get an existing AuthorizedOrgsDesc resource's state with the given name, ID, and optional extra
     * properties used to qualify the lookup.
     *
     * @param name The _unique_ name of the resulting resource.
     * @param id The _unique_ provider ID of the resource to lookup.
     * @param state Any extra arguments used during the lookup.
     * @param opts Optional settings to control the behavior of the CustomResource.
     */
    static get(name: string, id: pulumi.Input<pulumi.ID>, state?: AuthorizedOrgsDescState, opts?: pulumi.CustomResourceOptions): AuthorizedOrgsDesc;
    /**
     * Returns true if the given object is an instance of AuthorizedOrgsDesc.  This is designed to work even
     * when multiple copies of the Pulumi SDK have been loaded into the same process.
     */
    static isInstance(obj: any): obj is AuthorizedOrgsDesc;
    /**
     * The type of entities that need to use the authorization relationship during
     * evaluation, such as a device. Valid values are "ASSET_TYPE_DEVICE" and
     * "ASSET_TYPE_CREDENTIAL_STRENGTH".
     * Possible values are: `ASSET_TYPE_DEVICE`, `ASSET_TYPE_CREDENTIAL_STRENGTH`.
     */
    readonly assetType: pulumi.Output<string | undefined>;
    /**
     * The direction of the authorization relationship between this organization
     * and the organizations listed in the "orgs" field. The valid values for this
     * field include the following:
     * AUTHORIZATION_DIRECTION_FROM: Allows this organization to evaluate traffic
     * in the organizations listed in the `orgs` field.
     * AUTHORIZATION_DIRECTION_TO: Allows the organizations listed in the `orgs`
     * field to evaluate the traffic in this organization.
     * For the authorization relationship to take effect, all of the organizations
     * must authorize and specify the appropriate relationship direction. For
     * example, if organization A authorized organization B and C to evaluate its
     * traffic, by specifying "AUTHORIZATION_DIRECTION_TO" as the authorization
     * direction, organizations B and C must specify
     * "AUTHORIZATION_DIRECTION_FROM" as the authorization direction in their
     * "AuthorizedOrgsDesc" resource.
     * Possible values are: `AUTHORIZATION_DIRECTION_TO`, `AUTHORIZATION_DIRECTION_FROM`.
     */
    readonly authorizationDirection: pulumi.Output<string | undefined>;
    /**
     * A granular control type for authorization levels. Valid value is "AUTHORIZATION_TYPE_TRUST".
     * Possible values are: `AUTHORIZATION_TYPE_TRUST`.
     */
    readonly authorizationType: pulumi.Output<string | undefined>;
    /**
     * Time the AuthorizedOrgsDesc was created in UTC.
     */
    readonly createTime: pulumi.Output<string>;
    /**
     * Resource name for the `AuthorizedOrgsDesc`. Format:
     * `accessPolicies/{access_policy}/authorizedOrgsDescs/{authorized_orgs_desc}`.
     * The `authorizedOrgsDesc` component must begin with a letter, followed by
     * alphanumeric characters or `_`.
     * After you create an `AuthorizedOrgsDesc`, you cannot change its `name`.
     */
    readonly name: pulumi.Output<string>;
    /**
     * The list of organization ids in this AuthorizedOrgsDesc.
     * Format: `organizations/<org_number>`
     * Example: `organizations/123456`
     */
    readonly orgs: pulumi.Output<string[] | undefined>;
    /**
     * Required. Resource name for the access policy which owns this `AuthorizedOrgsDesc`.
     */
    readonly parent: pulumi.Output<string>;
    /**
     * Time the AuthorizedOrgsDesc was updated in UTC.
     */
    readonly updateTime: pulumi.Output<string>;
    /**
     * Create a AuthorizedOrgsDesc resource with the given unique name, arguments, and options.
     *
     * @param name The _unique_ name of the resource.
     * @param args The arguments to use to populate this resource's properties.
     * @param opts A bag of options that control this resource's behavior.
     */
    constructor(name: string, args: AuthorizedOrgsDescArgs, opts?: pulumi.CustomResourceOptions);
}
/**
 * Input properties used for looking up and filtering AuthorizedOrgsDesc resources.
 */
export interface AuthorizedOrgsDescState {
    /**
     * The type of entities that need to use the authorization relationship during
     * evaluation, such as a device. Valid values are "ASSET_TYPE_DEVICE" and
     * "ASSET_TYPE_CREDENTIAL_STRENGTH".
     * Possible values are: `ASSET_TYPE_DEVICE`, `ASSET_TYPE_CREDENTIAL_STRENGTH`.
     */
    assetType?: pulumi.Input<string>;
    /**
     * The direction of the authorization relationship between this organization
     * and the organizations listed in the "orgs" field. The valid values for this
     * field include the following:
     * AUTHORIZATION_DIRECTION_FROM: Allows this organization to evaluate traffic
     * in the organizations listed in the `orgs` field.
     * AUTHORIZATION_DIRECTION_TO: Allows the organizations listed in the `orgs`
     * field to evaluate the traffic in this organization.
     * For the authorization relationship to take effect, all of the organizations
     * must authorize and specify the appropriate relationship direction. For
     * example, if organization A authorized organization B and C to evaluate its
     * traffic, by specifying "AUTHORIZATION_DIRECTION_TO" as the authorization
     * direction, organizations B and C must specify
     * "AUTHORIZATION_DIRECTION_FROM" as the authorization direction in their
     * "AuthorizedOrgsDesc" resource.
     * Possible values are: `AUTHORIZATION_DIRECTION_TO`, `AUTHORIZATION_DIRECTION_FROM`.
     */
    authorizationDirection?: pulumi.Input<string>;
    /**
     * A granular control type for authorization levels. Valid value is "AUTHORIZATION_TYPE_TRUST".
     * Possible values are: `AUTHORIZATION_TYPE_TRUST`.
     */
    authorizationType?: pulumi.Input<string>;
    /**
     * Time the AuthorizedOrgsDesc was created in UTC.
     */
    createTime?: pulumi.Input<string>;
    /**
     * Resource name for the `AuthorizedOrgsDesc`. Format:
     * `accessPolicies/{access_policy}/authorizedOrgsDescs/{authorized_orgs_desc}`.
     * The `authorizedOrgsDesc` component must begin with a letter, followed by
     * alphanumeric characters or `_`.
     * After you create an `AuthorizedOrgsDesc`, you cannot change its `name`.
     */
    name?: pulumi.Input<string>;
    /**
     * The list of organization ids in this AuthorizedOrgsDesc.
     * Format: `organizations/<org_number>`
     * Example: `organizations/123456`
     */
    orgs?: pulumi.Input<pulumi.Input<string>[]>;
    /**
     * Required. Resource name for the access policy which owns this `AuthorizedOrgsDesc`.
     */
    parent?: pulumi.Input<string>;
    /**
     * Time the AuthorizedOrgsDesc was updated in UTC.
     */
    updateTime?: pulumi.Input<string>;
}
/**
 * The set of arguments for constructing a AuthorizedOrgsDesc resource.
 */
export interface AuthorizedOrgsDescArgs {
    /**
     * The type of entities that need to use the authorization relationship during
     * evaluation, such as a device. Valid values are "ASSET_TYPE_DEVICE" and
     * "ASSET_TYPE_CREDENTIAL_STRENGTH".
     * Possible values are: `ASSET_TYPE_DEVICE`, `ASSET_TYPE_CREDENTIAL_STRENGTH`.
     */
    assetType?: pulumi.Input<string>;
    /**
     * The direction of the authorization relationship between this organization
     * and the organizations listed in the "orgs" field. The valid values for this
     * field include the following:
     * AUTHORIZATION_DIRECTION_FROM: Allows this organization to evaluate traffic
     * in the organizations listed in the `orgs` field.
     * AUTHORIZATION_DIRECTION_TO: Allows the organizations listed in the `orgs`
     * field to evaluate the traffic in this organization.
     * For the authorization relationship to take effect, all of the organizations
     * must authorize and specify the appropriate relationship direction. For
     * example, if organization A authorized organization B and C to evaluate its
     * traffic, by specifying "AUTHORIZATION_DIRECTION_TO" as the authorization
     * direction, organizations B and C must specify
     * "AUTHORIZATION_DIRECTION_FROM" as the authorization direction in their
     * "AuthorizedOrgsDesc" resource.
     * Possible values are: `AUTHORIZATION_DIRECTION_TO`, `AUTHORIZATION_DIRECTION_FROM`.
     */
    authorizationDirection?: pulumi.Input<string>;
    /**
     * A granular control type for authorization levels. Valid value is "AUTHORIZATION_TYPE_TRUST".
     * Possible values are: `AUTHORIZATION_TYPE_TRUST`.
     */
    authorizationType?: pulumi.Input<string>;
    /**
     * Resource name for the `AuthorizedOrgsDesc`. Format:
     * `accessPolicies/{access_policy}/authorizedOrgsDescs/{authorized_orgs_desc}`.
     * The `authorizedOrgsDesc` component must begin with a letter, followed by
     * alphanumeric characters or `_`.
     * After you create an `AuthorizedOrgsDesc`, you cannot change its `name`.
     */
    name?: pulumi.Input<string>;
    /**
     * The list of organization ids in this AuthorizedOrgsDesc.
     * Format: `organizations/<org_number>`
     * Example: `organizations/123456`
     */
    orgs?: pulumi.Input<pulumi.Input<string>[]>;
    /**
     * Required. Resource name for the access policy which owns this `AuthorizedOrgsDesc`.
     */
    parent: pulumi.Input<string>;
}