import * as pulumi from "@pulumi/pulumi";
/**
 * Authorize the Synchronizer to download environment data from the control plane.
 *
 * To get more information about SyncAuthorization, see:
 *
 * * [API documentation](https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations#getsyncauthorization)
 * * How-to Guides
 *     * [Enable Synchronizer access](https://cloud.google.com/apigee/docs/hybrid/v1.8/synchronizer-access#enable-synchronizer-access)
 *
 * ## Example Usage
 *
 * ### Apigee Sync Authorization Basic Test
 *
 * ```typescript
 * import * as pulumi from "@pulumi/pulumi";
 * import * as gcp from "@pulumi/gcp";
 *
 * const project = new gcp.organizations.Project("project", {
 *     projectId: "my-project",
 *     name: "my-project",
 *     orgId: "123456789",
 *     billingAccount: "000000-0000000-0000000-000000",
 *     deletionPolicy: "DELETE",
 * });
 * const apigee = new gcp.projects.Service("apigee", {
 *     project: project.projectId,
 *     service: "apigee.googleapis.com",
 * });
 * const apigeeOrg = new gcp.apigee.Organization("apigee_org", {
 *     analyticsRegion: "us-central1",
 *     projectId: project.projectId,
 *     runtimeType: "HYBRID",
 * }, {
 *     dependsOn: [apigee],
 * });
 * const serviceAccount = new gcp.serviceaccount.Account("service_account", {
 *     accountId: "my-account",
 *     displayName: "Service Account",
 * });
 * const synchronizer_iam = new gcp.projects.IAMMember("synchronizer-iam", {
 *     project: project.projectId,
 *     role: "roles/apigee.synchronizerManager",
 *     member: pulumi.interpolate`serviceAccount:${serviceAccount.email}`,
 * });
 * const apigeeSyncAuthorization = new gcp.apigee.SyncAuthorization("apigee_sync_authorization", {
 *     name: apigeeOrg.name,
 *     identities: [pulumi.interpolate`serviceAccount:${serviceAccount.email}`],
 * }, {
 *     dependsOn: [synchronizer_iam],
 * });
 * ```
 *
 * ## Import
 *
 * SyncAuthorization can be imported using any of these accepted formats:
 *
 * * `organizations/{{name}}/syncAuthorization`
 *
 * * `{{name}}`
 *
 * When using the `pulumi import` command, SyncAuthorization can be imported using one of the formats above. For example:
 *
 * ```sh
 * $ pulumi import gcp:apigee/syncAuthorization:SyncAuthorization default organizations/{{name}}/syncAuthorization
 * ```
 *
 * ```sh
 * $ pulumi import gcp:apigee/syncAuthorization:SyncAuthorization default {{name}}
 * ```
 */
export declare class SyncAuthorization extends pulumi.CustomResource {
    /**
     * Get an existing SyncAuthorization resource's state with the given name, ID, and optional extra
     * properties used to qualify the lookup.
     *
     * @param name The _unique_ name of the resulting resource.
     * @param id The _unique_ provider ID of the resource to lookup.
     * @param state Any extra arguments used during the lookup.
     * @param opts Optional settings to control the behavior of the CustomResource.
     */
    static get(name: string, id: pulumi.Input<pulumi.ID>, state?: SyncAuthorizationState, opts?: pulumi.CustomResourceOptions): SyncAuthorization;
    /**
     * Returns true if the given object is an instance of SyncAuthorization.  This is designed to work even
     * when multiple copies of the Pulumi SDK have been loaded into the same process.
     */
    static isInstance(obj: any): obj is SyncAuthorization;
    /**
     * Entity tag (ETag) used for optimistic concurrency control as a way to help prevent simultaneous updates from overwriting each other.
     * Used internally during updates.
     */
    readonly etag: pulumi.Output<string>;
    /**
     * Array of service accounts to grant access to control plane resources, each specified using the following format: `serviceAccount:service-account-name`.
     * The `service-account-name` is formatted like an email address. For example: my-synchronizer-manager-serviceAccount@my_project_id.iam.gserviceaccount.com
     * You might specify multiple service accounts, for example, if you have multiple environments and wish to assign a unique service account to each one.
     * The service accounts must have **Apigee Synchronizer Manager** role. See also [Create service accounts](https://cloud.google.com/apigee/docs/hybrid/v1.8/sa-about#create-the-service-accounts).
     */
    readonly identities: pulumi.Output<string[]>;
    /**
     * Name of the Apigee organization.
     */
    readonly name: pulumi.Output<string>;
    /**
     * Create a SyncAuthorization resource with the given unique name, arguments, and options.
     *
     * @param name The _unique_ name of the resource.
     * @param args The arguments to use to populate this resource's properties.
     * @param opts A bag of options that control this resource's behavior.
     */
    constructor(name: string, args: SyncAuthorizationArgs, opts?: pulumi.CustomResourceOptions);
}
/**
 * Input properties used for looking up and filtering SyncAuthorization resources.
 */
export interface SyncAuthorizationState {
    /**
     * Entity tag (ETag) used for optimistic concurrency control as a way to help prevent simultaneous updates from overwriting each other.
     * Used internally during updates.
     */
    etag?: pulumi.Input<string>;
    /**
     * Array of service accounts to grant access to control plane resources, each specified using the following format: `serviceAccount:service-account-name`.
     * The `service-account-name` is formatted like an email address. For example: my-synchronizer-manager-serviceAccount@my_project_id.iam.gserviceaccount.com
     * You might specify multiple service accounts, for example, if you have multiple environments and wish to assign a unique service account to each one.
     * The service accounts must have **Apigee Synchronizer Manager** role. See also [Create service accounts](https://cloud.google.com/apigee/docs/hybrid/v1.8/sa-about#create-the-service-accounts).
     */
    identities?: pulumi.Input<pulumi.Input<string>[]>;
    /**
     * Name of the Apigee organization.
     */
    name?: pulumi.Input<string>;
}
/**
 * The set of arguments for constructing a SyncAuthorization resource.
 */
export interface SyncAuthorizationArgs {
    /**
     * Array of service accounts to grant access to control plane resources, each specified using the following format: `serviceAccount:service-account-name`.
     * The `service-account-name` is formatted like an email address. For example: my-synchronizer-manager-serviceAccount@my_project_id.iam.gserviceaccount.com
     * You might specify multiple service accounts, for example, if you have multiple environments and wish to assign a unique service account to each one.
     * The service accounts must have **Apigee Synchronizer Manager** role. See also [Create service accounts](https://cloud.google.com/apigee/docs/hybrid/v1.8/sa-about#create-the-service-accounts).
     */
    identities: pulumi.Input<pulumi.Input<string>[]>;
    /**
     * Name of the Apigee organization.
     */
    name?: pulumi.Input<string>;
}