import * as pulumi from "@pulumi/pulumi";
import * as inputs from "../types/input";
import * as outputs from "../types/output";
/**
 * Allows management of audit logging config for a given service for a Google Cloud Platform Organization.
 *
 * ## Example Usage
 *
 * ```typescript
 * import * as pulumi from "@pulumi/pulumi";
 * import * as gcp from "@pulumi/gcp";
 *
 * const config = new gcp.organizations.IamAuditConfig("config", {
 *     orgId: "your-organization-id",
 *     service: "allServices",
 *     auditLogConfigs: [{
 *         logType: "DATA_READ",
 *         exemptedMembers: ["user:joebloggs@example.com"],
 *     }],
 * });
 * ```
 *
 * ## Import
 *
 * IAM audit config imports use the identifier of the resource in question and the service, e.g.
 *
 * ```sh
 * $ pulumi import gcp:organizations/iamAuditConfig:IamAuditConfig config "your-organization-id foo.googleapis.com"
 * ```
 */
export declare class IamAuditConfig extends pulumi.CustomResource {
    /**
     * Get an existing IamAuditConfig resource's state with the given name, ID, and optional extra
     * properties used to qualify the lookup.
     *
     * @param name The _unique_ name of the resulting resource.
     * @param id The _unique_ provider ID of the resource to lookup.
     * @param state Any extra arguments used during the lookup.
     * @param opts Optional settings to control the behavior of the CustomResource.
     */
    static get(name: string, id: pulumi.Input<pulumi.ID>, state?: IamAuditConfigState, opts?: pulumi.CustomResourceOptions): IamAuditConfig;
    /**
     * Returns true if the given object is an instance of IamAuditConfig.  This is designed to work even
     * when multiple copies of the Pulumi SDK have been loaded into the same process.
     */
    static isInstance(obj: any): obj is IamAuditConfig;
    /**
     * The configuration for logging of each type of permission.  This can be specified multiple times.  Structure is documented below.
     */
    readonly auditLogConfigs: pulumi.Output<outputs.organizations.IamAuditConfigAuditLogConfig[]>;
    /**
     * The etag of iam policy
     */
    readonly etag: pulumi.Output<string>;
    /**
     * The numeric ID of the organization in which you want to manage the audit logging config.
     */
    readonly orgId: pulumi.Output<string>;
    /**
     * Service which will be enabled for audit logging.  The special value `allServices` covers all services.  Note that if there are google\_organization\_iam\_audit\_config resources covering both `allServices` and a specific service then the union of the two AuditConfigs is used for that service: the `logTypes` specified in each `auditLogConfig` are enabled, and the `exemptedMembers` in each `auditLogConfig` are exempted.
     */
    readonly service: pulumi.Output<string>;
    /**
     * Create a IamAuditConfig resource with the given unique name, arguments, and options.
     *
     * @param name The _unique_ name of the resource.
     * @param args The arguments to use to populate this resource's properties.
     * @param opts A bag of options that control this resource's behavior.
     */
    constructor(name: string, args: IamAuditConfigArgs, opts?: pulumi.CustomResourceOptions);
}
/**
 * Input properties used for looking up and filtering IamAuditConfig resources.
 */
export interface IamAuditConfigState {
    /**
     * The configuration for logging of each type of permission.  This can be specified multiple times.  Structure is documented below.
     */
    auditLogConfigs?: pulumi.Input<pulumi.Input<inputs.organizations.IamAuditConfigAuditLogConfig>[]>;
    /**
     * The etag of iam policy
     */
    etag?: pulumi.Input<string>;
    /**
     * The numeric ID of the organization in which you want to manage the audit logging config.
     */
    orgId?: pulumi.Input<string>;
    /**
     * Service which will be enabled for audit logging.  The special value `allServices` covers all services.  Note that if there are google\_organization\_iam\_audit\_config resources covering both `allServices` and a specific service then the union of the two AuditConfigs is used for that service: the `logTypes` specified in each `auditLogConfig` are enabled, and the `exemptedMembers` in each `auditLogConfig` are exempted.
     */
    service?: pulumi.Input<string>;
}
/**
 * The set of arguments for constructing a IamAuditConfig resource.
 */
export interface IamAuditConfigArgs {
    /**
     * The configuration for logging of each type of permission.  This can be specified multiple times.  Structure is documented below.
     */
    auditLogConfigs: pulumi.Input<pulumi.Input<inputs.organizations.IamAuditConfigAuditLogConfig>[]>;
    /**
     * The numeric ID of the organization in which you want to manage the audit logging config.
     */
    orgId: pulumi.Input<string>;
    /**
     * Service which will be enabled for audit logging.  The special value `allServices` covers all services.  Note that if there are google\_organization\_iam\_audit\_config resources covering both `allServices` and a specific service then the union of the two AuditConfigs is used for that service: the `logTypes` specified in each `auditLogConfig` are enabled, and the `exemptedMembers` in each `auditLogConfig` are exempted.
     */
    service: pulumi.Input<string>;
}