import * as pulumi from "@pulumi/pulumi";
import * as inputs from "../types/input";
import * as outputs from "../types/output";
/**
 * Resource Type definition for SSO PermissionSet
 */
export declare class PermissionSet extends pulumi.CustomResource {
    /**
     * Get an existing PermissionSet resource's state with the given name, ID, and optional extra
     * properties used to qualify the lookup.
     *
     * @param name The _unique_ name of the resulting resource.
     * @param id The _unique_ provider ID of the resource to lookup.
     * @param opts Optional settings to control the behavior of the CustomResource.
     */
    static get(name: string, id: pulumi.Input<pulumi.ID>, opts?: pulumi.CustomResourceOptions): PermissionSet;
    /**
     * Returns true if the given object is an instance of PermissionSet.  This is designed to work even
     * when multiple copies of the Pulumi SDK have been loaded into the same process.
     */
    static isInstance(obj: any): obj is PermissionSet;
    /**
     * Specifies the names and paths of the customer managed policies that you have attached to your permission set.
     */
    readonly customerManagedPolicyReferences: pulumi.Output<outputs.sso.PermissionSetCustomerManagedPolicyReference[] | undefined>;
    /**
     * The permission set description.
     */
    readonly description: pulumi.Output<string | undefined>;
    /**
     * The inline policy to put in permission set.
     *
     * Search the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::SSO::PermissionSet` for more information about the expected schema for this property.
     */
    readonly inlinePolicy: pulumi.Output<any | undefined>;
    /**
     * The sso instance arn that the permission set is owned.
     */
    readonly instanceArn: pulumi.Output<string>;
    /**
     * A structure that stores a list of managed policy ARNs that describe the associated AWS managed policy.
     */
    readonly managedPolicies: pulumi.Output<string[] | undefined>;
    /**
     * The name you want to assign to this permission set.
     */
    readonly name: pulumi.Output<string>;
    /**
     * The permission set that the policy will be attached to
     */
    readonly permissionSetArn: pulumi.Output<string>;
    /**
     * Specifies the configuration of the AWS managed or customer managed policy that you want to set as a permissions boundary. Specify either `CustomerManagedPolicyReference` to use the name and path of a customer managed policy, or `ManagedPolicyArn` to use the ARN of an AWS managed policy. A permissions boundary represents the maximum permissions that any policy can grant your role. For more information, see [Permissions boundaries for IAM entities](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) in the *IAM User Guide* .
     *
     * > Policies used as permissions boundaries don't provide permissions. You must also attach an IAM policy to the role. To learn how the effective permissions for a role are evaluated, see [IAM JSON policy evaluation logic](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html) in the *IAM User Guide* .
     */
    readonly permissionsBoundary: pulumi.Output<outputs.sso.PermissionSetPermissionsBoundary | undefined>;
    /**
     * The relay state URL that redirect links to any service in the AWS Management Console.
     */
    readonly relayStateType: pulumi.Output<string | undefined>;
    /**
     * The length of time that a user can be signed in to an AWS account.
     */
    readonly sessionDuration: pulumi.Output<string | undefined>;
    /**
     * The tags to attach to the new `PermissionSet` .
     */
    readonly tags: pulumi.Output<outputs.Tag[] | undefined>;
    /**
     * Create a PermissionSet resource with the given unique name, arguments, and options.
     *
     * @param name The _unique_ name of the resource.
     * @param args The arguments to use to populate this resource's properties.
     * @param opts A bag of options that control this resource's behavior.
     */
    constructor(name: string, args: PermissionSetArgs, opts?: pulumi.CustomResourceOptions);
}
/**
 * The set of arguments for constructing a PermissionSet resource.
 */
export interface PermissionSetArgs {
    /**
     * Specifies the names and paths of the customer managed policies that you have attached to your permission set.
     */
    customerManagedPolicyReferences?: pulumi.Input<pulumi.Input<inputs.sso.PermissionSetCustomerManagedPolicyReferenceArgs>[]>;
    /**
     * The permission set description.
     */
    description?: pulumi.Input<string>;
    /**
     * The inline policy to put in permission set.
     *
     * Search the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::SSO::PermissionSet` for more information about the expected schema for this property.
     */
    inlinePolicy?: any;
    /**
     * The sso instance arn that the permission set is owned.
     */
    instanceArn: pulumi.Input<string>;
    /**
     * A structure that stores a list of managed policy ARNs that describe the associated AWS managed policy.
     */
    managedPolicies?: pulumi.Input<pulumi.Input<string>[]>;
    /**
     * The name you want to assign to this permission set.
     */
    name?: pulumi.Input<string>;
    /**
     * Specifies the configuration of the AWS managed or customer managed policy that you want to set as a permissions boundary. Specify either `CustomerManagedPolicyReference` to use the name and path of a customer managed policy, or `ManagedPolicyArn` to use the ARN of an AWS managed policy. A permissions boundary represents the maximum permissions that any policy can grant your role. For more information, see [Permissions boundaries for IAM entities](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) in the *IAM User Guide* .
     *
     * > Policies used as permissions boundaries don't provide permissions. You must also attach an IAM policy to the role. To learn how the effective permissions for a role are evaluated, see [IAM JSON policy evaluation logic](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html) in the *IAM User Guide* .
     */
    permissionsBoundary?: pulumi.Input<inputs.sso.PermissionSetPermissionsBoundaryArgs>;
    /**
     * The relay state URL that redirect links to any service in the AWS Management Console.
     */
    relayStateType?: pulumi.Input<string>;
    /**
     * The length of time that a user can be signed in to an AWS account.
     */
    sessionDuration?: pulumi.Input<string>;
    /**
     * The tags to attach to the new `PermissionSet` .
     */
    tags?: pulumi.Input<pulumi.Input<inputs.TagArgs>[]>;
}
