import * as pulumi from "@pulumi/pulumi";
/**
 * This resource allows you to set entitlements to existing databricks_users, databricks.Group or databricks_service_principal.
 *
 * > You must define entitlements of a principal using either `databricks.Entitlements` or directly within one of databricks_users, databricks.Group or databricks_service_principal. Having entitlements defined in both resources will result in non-deterministic behaviour.
 *
 * ## Example Usage
 *
 * Setting entitlements for a regular user:
 *
 * ```typescript
 * import * as pulumi from "@pulumi/pulumi";
 * import * as databricks from "@pulumi/databricks";
 *
 * const me = databricks.getUser({
 *     userName: "me@example.com",
 * });
 * const meEntitlements = new databricks.Entitlements("me", {
 *     userId: me.then(me => me.id),
 *     allowClusterCreate: true,
 *     allowInstancePoolCreate: true,
 * });
 * ```
 *
 * Setting entitlements for a service principal:
 *
 * ```typescript
 * import * as pulumi from "@pulumi/pulumi";
 * import * as databricks from "@pulumi/databricks";
 *
 * const _this = databricks.getServicePrincipal({
 *     applicationId: "11111111-2222-3333-4444-555666777888",
 * });
 * const thisEntitlements = new databricks.Entitlements("this", {
 *     servicePrincipalId: _this.then(_this => _this.spId),
 *     allowClusterCreate: true,
 *     allowInstancePoolCreate: true,
 * });
 * ```
 *
 * Setting entitlements to all users in a workspace - referencing special `users` databricks.Group
 *
 * ```typescript
 * import * as pulumi from "@pulumi/pulumi";
 * import * as databricks from "@pulumi/databricks";
 *
 * const users = databricks.getGroup({
 *     displayName: "users",
 * });
 * const workspace_users = new databricks.Entitlements("workspace-users", {
 *     groupId: users.then(users => users.id),
 *     allowClusterCreate: true,
 *     allowInstancePoolCreate: true,
 * });
 * ```
 *
 * ## Related Resources
 *
 * The following resources are often used in the same context:
 *
 * * End to end workspace management guide.
 * * databricks.Group to manage [groups in Databricks Workspace](https://docs.databricks.com/administration-guide/users-groups/groups.html) or [Account Console](https://accounts.cloud.databricks.com/) (for AWS deployments).
 * * databricks.Group data to retrieve information about databricks.Group members, entitlements and instance profiles.
 * * databricks.GroupInstanceProfile to attach databricks.InstanceProfile (AWS) to databricks_group.
 * * databricks.GroupMember to attach users and groups as group members.
 * * databricks.InstanceProfile to manage AWS EC2 instance profiles that users can launch databricks.Cluster and access data, like databricks_mount.
 * * databricks.User data to retrieve information about databricks_user.
 *
 * ## Import
 *
 * The resource can be imported using a synthetic identifier. Examples of valid synthetic identifiers are:
 *
 * * `user/user_id` - user `user_id`.
 *
 * * `group/group_id` - group `group_id`.
 *
 * * `spn/spn_id` - service principal `spn_id`.
 *
 * bash
 *
 * ```sh
 * $ pulumi import databricks:index/entitlements:Entitlements me user/<user-id>
 * ```
 */
export declare class Entitlements extends pulumi.CustomResource {
    /**
     * Get an existing Entitlements resource's state with the given name, ID, and optional extra
     * properties used to qualify the lookup.
     *
     * @param name The _unique_ name of the resulting resource.
     * @param id The _unique_ provider ID of the resource to lookup.
     * @param state Any extra arguments used during the lookup.
     * @param opts Optional settings to control the behavior of the CustomResource.
     */
    static get(name: string, id: pulumi.Input<pulumi.ID>, state?: EntitlementsState, opts?: pulumi.CustomResourceOptions): Entitlements;
    /**
     * Returns true if the given object is an instance of Entitlements.  This is designed to work even
     * when multiple copies of the Pulumi SDK have been loaded into the same process.
     */
    static isInstance(obj: any): obj is Entitlements;
    /**
     * Allow the principal to have cluster create privileges. Defaults to false. More fine grained permissions could be assigned with databricks.Permissions and `clusterId` argument. Everyone without `allowClusterCreate` argument set, but with permission to use Cluster Policy would be able to create clusters, but within boundaries of that specific policy.
     */
    readonly allowClusterCreate: pulumi.Output<boolean | undefined>;
    /**
     * Allow the principal to have instance pool create privileges. Defaults to false. More fine grained permissions could be assigned with databricks.Permissions and instancePoolId argument.
     */
    readonly allowInstancePoolCreate: pulumi.Output<boolean | undefined>;
    /**
     * This is a field to allow the principal to have access to [Databricks SQL](https://databricks.com/product/databricks-sql) feature in User Interface and through databricks_sql_endpoint.
     */
    readonly databricksSqlAccess: pulumi.Output<boolean | undefined>;
    /**
     * Canonical unique identifier for the group.
     */
    readonly groupId: pulumi.Output<string | undefined>;
    /**
     * Canonical unique identifier for the service principal.
     *
     * The following entitlements are available.
     */
    readonly servicePrincipalId: pulumi.Output<string | undefined>;
    /**
     * Canonical unique identifier for the user.
     */
    readonly userId: pulumi.Output<string | undefined>;
    /**
     * This is a field to allow the principal to have access to Databricks Workspace.
     */
    readonly workspaceAccess: pulumi.Output<boolean | undefined>;
    /**
     * Create a Entitlements resource with the given unique name, arguments, and options.
     *
     * @param name The _unique_ name of the resource.
     * @param args The arguments to use to populate this resource's properties.
     * @param opts A bag of options that control this resource's behavior.
     */
    constructor(name: string, args?: EntitlementsArgs, opts?: pulumi.CustomResourceOptions);
}
/**
 * Input properties used for looking up and filtering Entitlements resources.
 */
export interface EntitlementsState {
    /**
     * Allow the principal to have cluster create privileges. Defaults to false. More fine grained permissions could be assigned with databricks.Permissions and `clusterId` argument. Everyone without `allowClusterCreate` argument set, but with permission to use Cluster Policy would be able to create clusters, but within boundaries of that specific policy.
     */
    allowClusterCreate?: pulumi.Input<boolean>;
    /**
     * Allow the principal to have instance pool create privileges. Defaults to false. More fine grained permissions could be assigned with databricks.Permissions and instancePoolId argument.
     */
    allowInstancePoolCreate?: pulumi.Input<boolean>;
    /**
     * This is a field to allow the principal to have access to [Databricks SQL](https://databricks.com/product/databricks-sql) feature in User Interface and through databricks_sql_endpoint.
     */
    databricksSqlAccess?: pulumi.Input<boolean>;
    /**
     * Canonical unique identifier for the group.
     */
    groupId?: pulumi.Input<string>;
    /**
     * Canonical unique identifier for the service principal.
     *
     * The following entitlements are available.
     */
    servicePrincipalId?: pulumi.Input<string>;
    /**
     * Canonical unique identifier for the user.
     */
    userId?: pulumi.Input<string>;
    /**
     * This is a field to allow the principal to have access to Databricks Workspace.
     */
    workspaceAccess?: pulumi.Input<boolean>;
}
/**
 * The set of arguments for constructing a Entitlements resource.
 */
export interface EntitlementsArgs {
    /**
     * Allow the principal to have cluster create privileges. Defaults to false. More fine grained permissions could be assigned with databricks.Permissions and `clusterId` argument. Everyone without `allowClusterCreate` argument set, but with permission to use Cluster Policy would be able to create clusters, but within boundaries of that specific policy.
     */
    allowClusterCreate?: pulumi.Input<boolean>;
    /**
     * Allow the principal to have instance pool create privileges. Defaults to false. More fine grained permissions could be assigned with databricks.Permissions and instancePoolId argument.
     */
    allowInstancePoolCreate?: pulumi.Input<boolean>;
    /**
     * This is a field to allow the principal to have access to [Databricks SQL](https://databricks.com/product/databricks-sql) feature in User Interface and through databricks_sql_endpoint.
     */
    databricksSqlAccess?: pulumi.Input<boolean>;
    /**
     * Canonical unique identifier for the group.
     */
    groupId?: pulumi.Input<string>;
    /**
     * Canonical unique identifier for the service principal.
     *
     * The following entitlements are available.
     */
    servicePrincipalId?: pulumi.Input<string>;
    /**
     * Canonical unique identifier for the user.
     */
    userId?: pulumi.Input<string>;
    /**
     * This is a field to allow the principal to have access to Databricks Workspace.
     */
    workspaceAccess?: pulumi.Input<boolean>;
}