import * as pulumi from "@pulumi/pulumi";
/**
 * Data Source schema for Volcengine::VKE::Permission
 */
export declare function getPermission(args: GetPermissionArgs, opts?: pulumi.InvokeOptions): Promise<GetPermissionResult>;
/**
 * A collection of arguments for invoking getPermission.
 */
export interface GetPermissionArgs {
    /**
     * Uniquely identifies the resource.
     */
    id: string;
}
/**
 * A collection of values returned by getPermission.
 */
export interface GetPermissionResult {
    /**
     * Time when the RBAC policy resource was authorized.
     */
    readonly authorizedAt: string;
    /**
     * Grantor ID. Can be an IAM user ID or an IAM role ID.
     */
    readonly authorizerId: number;
    /**
     * Grantor name
     */
    readonly authorizerName: string;
    /**
     * Type of grantor. Possible values: User: IAM user. Role: IAM role. Account: account.
     */
    readonly authorizerType: string;
    /**
     * Cluster ID to be authorized for the IAM user or role. This parameter is required when roleDomain is namespace or cluster.
     */
    readonly clusterId: string;
    /**
     * Time when the RBAC policy resource was created.
     */
    readonly createdTime: string;
    /**
     * Grantee ID. Can be an IAM user ID or an IAM role ID.
     */
    readonly granteeId: number;
    /**
     * Type of grantee. Possible values: User: IAM user. Role: IAM role. Account: account.
     */
    readonly granteeType: string;
    /**
     * Uniquely identifies the resource.
     */
    readonly id: string;
    /**
     * Whether the RBAC role granted to the grantee is a custom role. Possible values: true: custom role. false (default): system predefined role.
     */
    readonly isCustomRole: boolean;
    /**
     * The object name of the RBAC policy resource in Kubernetes.
     */
    readonly kubeRoleBindingName: string;
    /**
     * Authorization details message.
     */
    readonly message: string;
    /**
     * Namespace name to be authorized for the IAM user or role. This parameter is required when roleDomain equals namespace. If roleDomain does not equal namespace, this parameter is not effective.
     */
    readonly namespace: string;
    /**
     * RBAC policy resource ID.
     */
    readonly permissionId: string;
    /**
     * Project selector
     */
    readonly projectSelector: string;
    /**
     * Time when authorization is revoked.
     */
    readonly revokedAt: string;
    /**
     * The permission type granted to an IAM user or role. Possible values: namespace: grants permissions at the namespace level. cluster: grants permissions at the cluster level. all_clusters: grants permissions at the cluster level for all clusters under the current account.
     */
    readonly roleDomain: string;
    /**
     * Name of the RBAC role granted to the grantee. This parameter must be specified. When roleDomain is all_clusters, custom role names are not allowed.
     */
    readonly roleName: string;
    /**
     * Status of the RBAC access policy resource. Possible values: Success: authorization succeeded. Failed: authorization failed. Pending: authorization in progress. PartialSuccess: partial authorization succeeded.
     */
    readonly status: string;
}
/**
 * Data Source schema for Volcengine::VKE::Permission
 */
export declare function getPermissionOutput(args: GetPermissionOutputArgs, opts?: pulumi.InvokeOutputOptions): pulumi.Output<GetPermissionResult>;
/**
 * A collection of arguments for invoking getPermission.
 */
export interface GetPermissionOutputArgs {
    /**
     * Uniquely identifies the resource.
     */
    id: pulumi.Input<string>;
}