GaiaUser

checkpoint 3.2.0, Jun 15 26

Viewing docs for checkpoint 3.2.0
published on Monday, Jun 15, 2026 by checkpointsw

checkpointsw/terraform-provider-checkpoint

Viewing docs for checkpoint 3.2.0
published on Monday, Jun 15, 2026 by checkpointsw

checkpointsw/terraform-provider-checkpoint

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as checkpoint from "@pulumi/checkpoint";

const example = new checkpoint.GaiaUser("example", {
    name: "myusername",
    uid: 5555,
    password: "Mypass123!",
    shell: "no-login",
    allowAccessUsings: ["CLI"],
    primarySystemGroupId: 60,
});

import pulumi
import pulumi_checkpoint as checkpoint

example = checkpoint.GaiaUser("example",
    name="myusername",
    uid=5555,
    password="Mypass123!",
    shell="no-login",
    allow_access_usings=["CLI"],
    primary_system_group_id=60)

package main

import (
	"github.com/pulumi/pulumi-terraform-provider/sdks/go/checkpoint/v3/checkpoint"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := checkpoint.NewGaiaUser(ctx, "example", &checkpoint.GaiaUserArgs{
			Name:     pulumi.String("myusername"),
			Uid:      pulumi.Float64(5555),
			Password: pulumi.String("Mypass123!"),
			Shell:    pulumi.String("no-login"),
			AllowAccessUsings: pulumi.StringArray{
				pulumi.String("CLI"),
			},
			PrimarySystemGroupId: pulumi.Float64(60),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Checkpoint = Pulumi.Checkpoint;

return await Deployment.RunAsync(() => 
{
    var example = new Checkpoint.GaiaUser("example", new()
    {
        Name = "myusername",
        Uid = 5555,
        Password = "Mypass123!",
        Shell = "no-login",
        AllowAccessUsings = new[]
        {
            "CLI",
        },
        PrimarySystemGroupId = 60,
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.checkpoint.GaiaUser;
import com.pulumi.checkpoint.GaiaUserArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var example = new GaiaUser("example", GaiaUserArgs.builder()
            .name("myusername")
            .uid(5555.0)
            .password("Mypass123!")
            .shell("no-login")
            .allowAccessUsings("CLI")
            .primarySystemGroupId(60.0)
            .build());

    }
}

resources:
  example:
    type: checkpoint:GaiaUser
    properties:
      name: myusername
      uid: 5555
      password: Mypass123!
      shell: no-login
      allowAccessUsings:
        - CLI
      primarySystemGroupId: 60

Example coming soon!

Create GaiaUser Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new GaiaUser(name: string, args: GaiaUserArgs, opts?: CustomResourceOptions);

@overload
def GaiaUser(resource_name: str,
             args: GaiaUserArgs,
             opts: Optional[ResourceOptions] = None)

@overload
def GaiaUser(resource_name: str,
             opts: Optional[ResourceOptions] = None,
             uid: Optional[float] = None,
             password_hash: Optional[str] = None,
             real_name: Optional[str] = None,
             homedir: Optional[str] = None,
             member_id: Optional[str] = None,
             must_change_password: Optional[bool] = None,
             name: Optional[str] = None,
             gaia_user_id: Optional[str] = None,
             password: Optional[str] = None,
             primary_system_group_id: Optional[float] = None,
             allow_access_usings: Optional[Sequence[str]] = None,
             requires_two_factor_authentication: Optional[bool] = None,
             roles: Optional[Sequence[str]] = None,
             secondary_system_groups: Optional[Sequence[str]] = None,
             shell: Optional[str] = None,
             debug: Optional[bool] = None,
             unlock: Optional[bool] = None)

func NewGaiaUser(ctx *Context, name string, args GaiaUserArgs, opts ...ResourceOption) (*GaiaUser, error)

public GaiaUser(string name, GaiaUserArgs args, CustomResourceOptions? opts = null)

public GaiaUser(String name, GaiaUserArgs args)
public GaiaUser(String name, GaiaUserArgs args, CustomResourceOptions options)

type: checkpoint:GaiaUser
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

resource "checkpoint_gaiauser" "name" {
    # resource properties
}

Parameters

name string: The unique name of the resource.
args GaiaUserArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args GaiaUserArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args GaiaUserArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args GaiaUserArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args GaiaUserArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var gaiaUserResource = new Checkpoint.GaiaUser("gaiaUserResource", new()
{
    Uid = 0,
    PasswordHash = "string",
    RealName = "string",
    Homedir = "string",
    MemberId = "string",
    MustChangePassword = false,
    Name = "string",
    GaiaUserId = "string",
    Password = "string",
    PrimarySystemGroupId = 0,
    AllowAccessUsings = new[]
    {
        "string",
    },
    RequiresTwoFactorAuthentication = false,
    Roles = new[]
    {
        "string",
    },
    SecondarySystemGroups = new[]
    {
        "string",
    },
    Shell = "string",
    Debug = false,
    Unlock = false,
});

example, err := checkpoint.NewGaiaUser(ctx, "gaiaUserResource", &checkpoint.GaiaUserArgs{
	Uid:                  pulumi.Float64(0),
	PasswordHash:         pulumi.String("string"),
	RealName:             pulumi.String("string"),
	Homedir:              pulumi.String("string"),
	MemberId:             pulumi.String("string"),
	MustChangePassword:   pulumi.Bool(false),
	Name:                 pulumi.String("string"),
	GaiaUserId:           pulumi.String("string"),
	Password:             pulumi.String("string"),
	PrimarySystemGroupId: pulumi.Float64(0),
	AllowAccessUsings: pulumi.StringArray{
		pulumi.String("string"),
	},
	RequiresTwoFactorAuthentication: pulumi.Bool(false),
	Roles: pulumi.StringArray{
		pulumi.String("string"),
	},
	SecondarySystemGroups: pulumi.StringArray{
		pulumi.String("string"),
	},
	Shell:  pulumi.String("string"),
	Debug:  pulumi.Bool(false),
	Unlock: pulumi.Bool(false),
})

resource "checkpoint_gaiauser" "gaiaUserResource" {
  uid                                = 0
  password_hash                      = "string"
  real_name                          = "string"
  homedir                            = "string"
  member_id                          = "string"
  must_change_password               = false
  name                               = "string"
  gaia_user_id                       = "string"
  password                           = "string"
  primary_system_group_id            = 0
  allow_access_usings                = ["string"]
  requires_two_factor_authentication = false
  roles                              = ["string"]
  secondary_system_groups            = ["string"]
  shell                              = "string"
  debug                              = false
  unlock                             = false
}

var gaiaUserResource = new GaiaUser("gaiaUserResource", GaiaUserArgs.builder()
    .uid(0.0)
    .passwordHash("string")
    .realName("string")
    .homedir("string")
    .memberId("string")
    .mustChangePassword(false)
    .name("string")
    .gaiaUserId("string")
    .password("string")
    .primarySystemGroupId(0.0)
    .allowAccessUsings("string")
    .requiresTwoFactorAuthentication(false)
    .roles("string")
    .secondarySystemGroups("string")
    .shell("string")
    .debug(false)
    .unlock(false)
    .build());

gaia_user_resource = checkpoint.GaiaUser("gaiaUserResource",
    uid=float(0),
    password_hash="string",
    real_name="string",
    homedir="string",
    member_id="string",
    must_change_password=False,
    name="string",
    gaia_user_id="string",
    password="string",
    primary_system_group_id=float(0),
    allow_access_usings=["string"],
    requires_two_factor_authentication=False,
    roles=["string"],
    secondary_system_groups=["string"],
    shell="string",
    debug=False,
    unlock=False)

const gaiaUserResource = new checkpoint.GaiaUser("gaiaUserResource", {
    uid: 0,
    passwordHash: "string",
    realName: "string",
    homedir: "string",
    memberId: "string",
    mustChangePassword: false,
    name: "string",
    gaiaUserId: "string",
    password: "string",
    primarySystemGroupId: 0,
    allowAccessUsings: ["string"],
    requiresTwoFactorAuthentication: false,
    roles: ["string"],
    secondarySystemGroups: ["string"],
    shell: "string",
    debug: false,
    unlock: false,
});

type: checkpoint:GaiaUser
properties:
    allowAccessUsings:
        - string
    debug: false
    gaiaUserId: string
    homedir: string
    memberId: string
    mustChangePassword: false
    name: string
    password: string
    passwordHash: string
    primarySystemGroupId: 0
    realName: string
    requiresTwoFactorAuthentication: false
    roles:
        - string
    secondarySystemGroups:
        - string
    shell: string
    uid: 0
    unlock: false

GaiaUser Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The GaiaUser resource accepts the following input properties:

Uid double: Specifies a numeric user ID used to identify permissions of a user, duplicate UIDs are not allowed
AllowAccessUsings List<string>: Modify the access-mechanisms available for a user. Valid values: CLI, Web-UI, Gaia-API (supported from R81.10). allow_access_using blocks are documented below.
Debug bool: Enable debug logging for this resource.
GaiaUserId string
Homedir string: Specifies the user's home directory as the full UNIX path name where the user is placed on login. If the directory doesn't exist, it is created. Range: Must be under '/home' and must not contain colon (:).
MemberId string: Relevant for commands on Scalable and ElasticXL platforms only. When member-id is provided in the login request, show commands during the session will be executed on the specified member, unless a different member-id is provided in a successive requests Set operations will be performed on all members
MustChangePassword bool: Forcing password change is relevant only when a password is set. When set to 'True': Force the user to change their password the next time they log in. If they don't log in within the time limit configured in 'set password-controls expiration-lockout-days' they may not be able to log in at all. When set to 'False': If the user was being forced to change their password, cancel that. If the user was locked out due to failure to change their password within the time limit configured in 'set password-controls expiration-lockout-days' they will no longer be locked out.
Name string: N/A
Password string: Specifies new password on command line. Check Point recommends that a password be at least eight characters long. A password must contain at least six characters. Enforcement level can be modified via 'password control' feature.
PasswordHash string: An encrypted representation of the password.
PrimarySystemGroupId double: GID. Numeric ID which is used in identifying the primary group to which this user belongs.
RealName string: Specifies a string describing a user; conventionally it's the user's full name.
RequiresTwoFactorAuthentication bool: Force Two-Factor Authentication for this user. Upon their next login, if Two-Factor Authentication is not already set up, the user will be required to generate the authentication keys.
Roles List<string>: roles blocks are documented below.
SecondarySystemGroups List<string>: This operation assigns groups to the user. Valid values: must be names of known groups. secondary_system_groups blocks are documented below.
Shell string: Specifies the user's default command-line interpreter during login.
Unlock bool: If the user has been locked out, cancel that. True: cancel lock-out. False: do nothing.

Uid float64: Specifies a numeric user ID used to identify permissions of a user, duplicate UIDs are not allowed
AllowAccessUsings []string: Modify the access-mechanisms available for a user. Valid values: CLI, Web-UI, Gaia-API (supported from R81.10). allow_access_using blocks are documented below.
Debug bool: Enable debug logging for this resource.
GaiaUserId string
Homedir string: Specifies the user's home directory as the full UNIX path name where the user is placed on login. If the directory doesn't exist, it is created. Range: Must be under '/home' and must not contain colon (:).
MemberId string: Relevant for commands on Scalable and ElasticXL platforms only. When member-id is provided in the login request, show commands during the session will be executed on the specified member, unless a different member-id is provided in a successive requests Set operations will be performed on all members
MustChangePassword bool: Forcing password change is relevant only when a password is set. When set to 'True': Force the user to change their password the next time they log in. If they don't log in within the time limit configured in 'set password-controls expiration-lockout-days' they may not be able to log in at all. When set to 'False': If the user was being forced to change their password, cancel that. If the user was locked out due to failure to change their password within the time limit configured in 'set password-controls expiration-lockout-days' they will no longer be locked out.
Name string: N/A
Password string: Specifies new password on command line. Check Point recommends that a password be at least eight characters long. A password must contain at least six characters. Enforcement level can be modified via 'password control' feature.
PasswordHash string: An encrypted representation of the password.
PrimarySystemGroupId float64: GID. Numeric ID which is used in identifying the primary group to which this user belongs.
RealName string: Specifies a string describing a user; conventionally it's the user's full name.
RequiresTwoFactorAuthentication bool: Force Two-Factor Authentication for this user. Upon their next login, if Two-Factor Authentication is not already set up, the user will be required to generate the authentication keys.
Roles []string: roles blocks are documented below.
SecondarySystemGroups []string: This operation assigns groups to the user. Valid values: must be names of known groups. secondary_system_groups blocks are documented below.
Shell string: Specifies the user's default command-line interpreter during login.
Unlock bool: If the user has been locked out, cancel that. True: cancel lock-out. False: do nothing.

uid number: Specifies a numeric user ID used to identify permissions of a user, duplicate UIDs are not allowed
allow_access_usings list(string): Modify the access-mechanisms available for a user. Valid values: CLI, Web-UI, Gaia-API (supported from R81.10). allow_access_using blocks are documented below.
debug bool: Enable debug logging for this resource.
gaia_user_id string
homedir string: Specifies the user's home directory as the full UNIX path name where the user is placed on login. If the directory doesn't exist, it is created. Range: Must be under '/home' and must not contain colon (:).
member_id string: Relevant for commands on Scalable and ElasticXL platforms only. When member-id is provided in the login request, show commands during the session will be executed on the specified member, unless a different member-id is provided in a successive requests Set operations will be performed on all members
must_change_password bool: Forcing password change is relevant only when a password is set. When set to 'True': Force the user to change their password the next time they log in. If they don't log in within the time limit configured in 'set password-controls expiration-lockout-days' they may not be able to log in at all. When set to 'False': If the user was being forced to change their password, cancel that. If the user was locked out due to failure to change their password within the time limit configured in 'set password-controls expiration-lockout-days' they will no longer be locked out.
name string: N/A
password string: Specifies new password on command line. Check Point recommends that a password be at least eight characters long. A password must contain at least six characters. Enforcement level can be modified via 'password control' feature.
password_hash string: An encrypted representation of the password.
primary_system_group_id number: GID. Numeric ID which is used in identifying the primary group to which this user belongs.
real_name string: Specifies a string describing a user; conventionally it's the user's full name.
requires_two_factor_authentication bool: Force Two-Factor Authentication for this user. Upon their next login, if Two-Factor Authentication is not already set up, the user will be required to generate the authentication keys.
roles list(string): roles blocks are documented below.
secondary_system_groups list(string): This operation assigns groups to the user. Valid values: must be names of known groups. secondary_system_groups blocks are documented below.
shell string: Specifies the user's default command-line interpreter during login.
unlock bool: If the user has been locked out, cancel that. True: cancel lock-out. False: do nothing.

uid Double: Specifies a numeric user ID used to identify permissions of a user, duplicate UIDs are not allowed
allowAccessUsings List<String>: Modify the access-mechanisms available for a user. Valid values: CLI, Web-UI, Gaia-API (supported from R81.10). allow_access_using blocks are documented below.
debug Boolean: Enable debug logging for this resource.
gaiaUserId String
homedir String: Specifies the user's home directory as the full UNIX path name where the user is placed on login. If the directory doesn't exist, it is created. Range: Must be under '/home' and must not contain colon (:).
memberId String: Relevant for commands on Scalable and ElasticXL platforms only. When member-id is provided in the login request, show commands during the session will be executed on the specified member, unless a different member-id is provided in a successive requests Set operations will be performed on all members
mustChangePassword Boolean: Forcing password change is relevant only when a password is set. When set to 'True': Force the user to change their password the next time they log in. If they don't log in within the time limit configured in 'set password-controls expiration-lockout-days' they may not be able to log in at all. When set to 'False': If the user was being forced to change their password, cancel that. If the user was locked out due to failure to change their password within the time limit configured in 'set password-controls expiration-lockout-days' they will no longer be locked out.
name String: N/A
password String: Specifies new password on command line. Check Point recommends that a password be at least eight characters long. A password must contain at least six characters. Enforcement level can be modified via 'password control' feature.
passwordHash String: An encrypted representation of the password.
primarySystemGroupId Double: GID. Numeric ID which is used in identifying the primary group to which this user belongs.
realName String: Specifies a string describing a user; conventionally it's the user's full name.
requiresTwoFactorAuthentication Boolean: Force Two-Factor Authentication for this user. Upon their next login, if Two-Factor Authentication is not already set up, the user will be required to generate the authentication keys.
roles List<String>: roles blocks are documented below.
secondarySystemGroups List<String>: This operation assigns groups to the user. Valid values: must be names of known groups. secondary_system_groups blocks are documented below.
shell String: Specifies the user's default command-line interpreter during login.
unlock Boolean: If the user has been locked out, cancel that. True: cancel lock-out. False: do nothing.

uid number: Specifies a numeric user ID used to identify permissions of a user, duplicate UIDs are not allowed
allowAccessUsings string[]: Modify the access-mechanisms available for a user. Valid values: CLI, Web-UI, Gaia-API (supported from R81.10). allow_access_using blocks are documented below.
debug boolean: Enable debug logging for this resource.
gaiaUserId string
homedir string: Specifies the user's home directory as the full UNIX path name where the user is placed on login. If the directory doesn't exist, it is created. Range: Must be under '/home' and must not contain colon (:).
memberId string: Relevant for commands on Scalable and ElasticXL platforms only. When member-id is provided in the login request, show commands during the session will be executed on the specified member, unless a different member-id is provided in a successive requests Set operations will be performed on all members
mustChangePassword boolean: Forcing password change is relevant only when a password is set. When set to 'True': Force the user to change their password the next time they log in. If they don't log in within the time limit configured in 'set password-controls expiration-lockout-days' they may not be able to log in at all. When set to 'False': If the user was being forced to change their password, cancel that. If the user was locked out due to failure to change their password within the time limit configured in 'set password-controls expiration-lockout-days' they will no longer be locked out.
name string: N/A
password string: Specifies new password on command line. Check Point recommends that a password be at least eight characters long. A password must contain at least six characters. Enforcement level can be modified via 'password control' feature.
passwordHash string: An encrypted representation of the password.
primarySystemGroupId number: GID. Numeric ID which is used in identifying the primary group to which this user belongs.
realName string: Specifies a string describing a user; conventionally it's the user's full name.
requiresTwoFactorAuthentication boolean: Force Two-Factor Authentication for this user. Upon their next login, if Two-Factor Authentication is not already set up, the user will be required to generate the authentication keys.
roles string[]: roles blocks are documented below.
secondarySystemGroups string[]: This operation assigns groups to the user. Valid values: must be names of known groups. secondary_system_groups blocks are documented below.
shell string: Specifies the user's default command-line interpreter during login.
unlock boolean: If the user has been locked out, cancel that. True: cancel lock-out. False: do nothing.

uid float: Specifies a numeric user ID used to identify permissions of a user, duplicate UIDs are not allowed
allow_access_usings Sequence[str]: Modify the access-mechanisms available for a user. Valid values: CLI, Web-UI, Gaia-API (supported from R81.10). allow_access_using blocks are documented below.
debug bool: Enable debug logging for this resource.
gaia_user_id str
homedir str: Specifies the user's home directory as the full UNIX path name where the user is placed on login. If the directory doesn't exist, it is created. Range: Must be under '/home' and must not contain colon (:).
member_id str: Relevant for commands on Scalable and ElasticXL platforms only. When member-id is provided in the login request, show commands during the session will be executed on the specified member, unless a different member-id is provided in a successive requests Set operations will be performed on all members
must_change_password bool: Forcing password change is relevant only when a password is set. When set to 'True': Force the user to change their password the next time they log in. If they don't log in within the time limit configured in 'set password-controls expiration-lockout-days' they may not be able to log in at all. When set to 'False': If the user was being forced to change their password, cancel that. If the user was locked out due to failure to change their password within the time limit configured in 'set password-controls expiration-lockout-days' they will no longer be locked out.
name str: N/A
password str: Specifies new password on command line. Check Point recommends that a password be at least eight characters long. A password must contain at least six characters. Enforcement level can be modified via 'password control' feature.
password_hash str: An encrypted representation of the password.
primary_system_group_id float: GID. Numeric ID which is used in identifying the primary group to which this user belongs.
real_name str: Specifies a string describing a user; conventionally it's the user's full name.
requires_two_factor_authentication bool: Force Two-Factor Authentication for this user. Upon their next login, if Two-Factor Authentication is not already set up, the user will be required to generate the authentication keys.
roles Sequence[str]: roles blocks are documented below.
secondary_system_groups Sequence[str]: This operation assigns groups to the user. Valid values: must be names of known groups. secondary_system_groups blocks are documented below.
shell str: Specifies the user's default command-line interpreter during login.
unlock bool: If the user has been locked out, cancel that. True: cancel lock-out. False: do nothing.

uid Number: Specifies a numeric user ID used to identify permissions of a user, duplicate UIDs are not allowed
allowAccessUsings List<String>: Modify the access-mechanisms available for a user. Valid values: CLI, Web-UI, Gaia-API (supported from R81.10). allow_access_using blocks are documented below.
debug Boolean: Enable debug logging for this resource.
gaiaUserId String
homedir String: Specifies the user's home directory as the full UNIX path name where the user is placed on login. If the directory doesn't exist, it is created. Range: Must be under '/home' and must not contain colon (:).
memberId String: Relevant for commands on Scalable and ElasticXL platforms only. When member-id is provided in the login request, show commands during the session will be executed on the specified member, unless a different member-id is provided in a successive requests Set operations will be performed on all members
mustChangePassword Boolean: Forcing password change is relevant only when a password is set. When set to 'True': Force the user to change their password the next time they log in. If they don't log in within the time limit configured in 'set password-controls expiration-lockout-days' they may not be able to log in at all. When set to 'False': If the user was being forced to change their password, cancel that. If the user was locked out due to failure to change their password within the time limit configured in 'set password-controls expiration-lockout-days' they will no longer be locked out.
name String: N/A
password String: Specifies new password on command line. Check Point recommends that a password be at least eight characters long. A password must contain at least six characters. Enforcement level can be modified via 'password control' feature.
passwordHash String: An encrypted representation of the password.
primarySystemGroupId Number: GID. Numeric ID which is used in identifying the primary group to which this user belongs.
realName String: Specifies a string describing a user; conventionally it's the user's full name.
requiresTwoFactorAuthentication Boolean: Force Two-Factor Authentication for this user. Upon their next login, if Two-Factor Authentication is not already set up, the user will be required to generate the authentication keys.
roles List<String>: roles blocks are documented below.
secondarySystemGroups List<String>: This operation assigns groups to the user. Valid values: must be names of known groups. secondary_system_groups blocks are documented below.
shell String: Specifies the user's default command-line interpreter during login.
unlock Boolean: If the user has been locked out, cancel that. True: cancel lock-out. False: do nothing.

Outputs

All input properties are implicitly available as output properties. Additionally, the GaiaUser resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.
Locked bool: Computed field, returned in the response.

Id string: The provider-assigned unique ID for this managed resource.
Locked bool: Computed field, returned in the response.

id string: The provider-assigned unique ID for this managed resource.
locked bool: Computed field, returned in the response.

id String: The provider-assigned unique ID for this managed resource.
locked Boolean: Computed field, returned in the response.

id string: The provider-assigned unique ID for this managed resource.
locked boolean: Computed field, returned in the response.

id str: The provider-assigned unique ID for this managed resource.
locked bool: Computed field, returned in the response.

id String: The provider-assigned unique ID for this managed resource.
locked Boolean: Computed field, returned in the response.

Look up Existing GaiaUser Resource

Get an existing GaiaUser resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: GaiaUserState, opts?: CustomResourceOptions): GaiaUser

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        allow_access_usings: Optional[Sequence[str]] = None,
        debug: Optional[bool] = None,
        gaia_user_id: Optional[str] = None,
        homedir: Optional[str] = None,
        locked: Optional[bool] = None,
        member_id: Optional[str] = None,
        must_change_password: Optional[bool] = None,
        name: Optional[str] = None,
        password: Optional[str] = None,
        password_hash: Optional[str] = None,
        primary_system_group_id: Optional[float] = None,
        real_name: Optional[str] = None,
        requires_two_factor_authentication: Optional[bool] = None,
        roles: Optional[Sequence[str]] = None,
        secondary_system_groups: Optional[Sequence[str]] = None,
        shell: Optional[str] = None,
        uid: Optional[float] = None,
        unlock: Optional[bool] = None) -> GaiaUser

func GetGaiaUser(ctx *Context, name string, id IDInput, state *GaiaUserState, opts ...ResourceOption) (*GaiaUser, error)

public static GaiaUser Get(string name, Input<string> id, GaiaUserState? state, CustomResourceOptions? opts = null)

public static GaiaUser get(String name, Output<String> id, GaiaUserState state, CustomResourceOptions options)

resources:  _:    type: checkpoint:GaiaUser    get:      id: ${id}

import {
  to = checkpoint_gaiauser.example
  id = "${id}"
}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

AllowAccessUsings List<string>: Modify the access-mechanisms available for a user. Valid values: CLI, Web-UI, Gaia-API (supported from R81.10). allow_access_using blocks are documented below.
Debug bool: Enable debug logging for this resource.
GaiaUserId string
Homedir string: Specifies the user's home directory as the full UNIX path name where the user is placed on login. If the directory doesn't exist, it is created. Range: Must be under '/home' and must not contain colon (:).
Locked bool: Computed field, returned in the response.
MemberId string: Relevant for commands on Scalable and ElasticXL platforms only. When member-id is provided in the login request, show commands during the session will be executed on the specified member, unless a different member-id is provided in a successive requests Set operations will be performed on all members
MustChangePassword bool: Forcing password change is relevant only when a password is set. When set to 'True': Force the user to change their password the next time they log in. If they don't log in within the time limit configured in 'set password-controls expiration-lockout-days' they may not be able to log in at all. When set to 'False': If the user was being forced to change their password, cancel that. If the user was locked out due to failure to change their password within the time limit configured in 'set password-controls expiration-lockout-days' they will no longer be locked out.
Name string: N/A
Password string: Specifies new password on command line. Check Point recommends that a password be at least eight characters long. A password must contain at least six characters. Enforcement level can be modified via 'password control' feature.
PasswordHash string: An encrypted representation of the password.
PrimarySystemGroupId double: GID. Numeric ID which is used in identifying the primary group to which this user belongs.
RealName string: Specifies a string describing a user; conventionally it's the user's full name.
RequiresTwoFactorAuthentication bool: Force Two-Factor Authentication for this user. Upon their next login, if Two-Factor Authentication is not already set up, the user will be required to generate the authentication keys.
Roles List<string>: roles blocks are documented below.
SecondarySystemGroups List<string>: This operation assigns groups to the user. Valid values: must be names of known groups. secondary_system_groups blocks are documented below.
Shell string: Specifies the user's default command-line interpreter during login.
Uid double: Specifies a numeric user ID used to identify permissions of a user, duplicate UIDs are not allowed
Unlock bool: If the user has been locked out, cancel that. True: cancel lock-out. False: do nothing.

AllowAccessUsings []string: Modify the access-mechanisms available for a user. Valid values: CLI, Web-UI, Gaia-API (supported from R81.10). allow_access_using blocks are documented below.
Debug bool: Enable debug logging for this resource.
GaiaUserId string
Homedir string: Specifies the user's home directory as the full UNIX path name where the user is placed on login. If the directory doesn't exist, it is created. Range: Must be under '/home' and must not contain colon (:).
Locked bool: Computed field, returned in the response.
MemberId string: Relevant for commands on Scalable and ElasticXL platforms only. When member-id is provided in the login request, show commands during the session will be executed on the specified member, unless a different member-id is provided in a successive requests Set operations will be performed on all members
MustChangePassword bool: Forcing password change is relevant only when a password is set. When set to 'True': Force the user to change their password the next time they log in. If they don't log in within the time limit configured in 'set password-controls expiration-lockout-days' they may not be able to log in at all. When set to 'False': If the user was being forced to change their password, cancel that. If the user was locked out due to failure to change their password within the time limit configured in 'set password-controls expiration-lockout-days' they will no longer be locked out.
Name string: N/A
Password string: Specifies new password on command line. Check Point recommends that a password be at least eight characters long. A password must contain at least six characters. Enforcement level can be modified via 'password control' feature.
PasswordHash string: An encrypted representation of the password.
PrimarySystemGroupId float64: GID. Numeric ID which is used in identifying the primary group to which this user belongs.
RealName string: Specifies a string describing a user; conventionally it's the user's full name.
RequiresTwoFactorAuthentication bool: Force Two-Factor Authentication for this user. Upon their next login, if Two-Factor Authentication is not already set up, the user will be required to generate the authentication keys.
Roles []string: roles blocks are documented below.
SecondarySystemGroups []string: This operation assigns groups to the user. Valid values: must be names of known groups. secondary_system_groups blocks are documented below.
Shell string: Specifies the user's default command-line interpreter during login.
Uid float64: Specifies a numeric user ID used to identify permissions of a user, duplicate UIDs are not allowed
Unlock bool: If the user has been locked out, cancel that. True: cancel lock-out. False: do nothing.

allow_access_usings list(string): Modify the access-mechanisms available for a user. Valid values: CLI, Web-UI, Gaia-API (supported from R81.10). allow_access_using blocks are documented below.
debug bool: Enable debug logging for this resource.
gaia_user_id string
homedir string: Specifies the user's home directory as the full UNIX path name where the user is placed on login. If the directory doesn't exist, it is created. Range: Must be under '/home' and must not contain colon (:).
locked bool: Computed field, returned in the response.
member_id string: Relevant for commands on Scalable and ElasticXL platforms only. When member-id is provided in the login request, show commands during the session will be executed on the specified member, unless a different member-id is provided in a successive requests Set operations will be performed on all members
must_change_password bool: Forcing password change is relevant only when a password is set. When set to 'True': Force the user to change their password the next time they log in. If they don't log in within the time limit configured in 'set password-controls expiration-lockout-days' they may not be able to log in at all. When set to 'False': If the user was being forced to change their password, cancel that. If the user was locked out due to failure to change their password within the time limit configured in 'set password-controls expiration-lockout-days' they will no longer be locked out.
name string: N/A
password string: Specifies new password on command line. Check Point recommends that a password be at least eight characters long. A password must contain at least six characters. Enforcement level can be modified via 'password control' feature.
password_hash string: An encrypted representation of the password.
primary_system_group_id number: GID. Numeric ID which is used in identifying the primary group to which this user belongs.
real_name string: Specifies a string describing a user; conventionally it's the user's full name.
requires_two_factor_authentication bool: Force Two-Factor Authentication for this user. Upon their next login, if Two-Factor Authentication is not already set up, the user will be required to generate the authentication keys.
roles list(string): roles blocks are documented below.
secondary_system_groups list(string): This operation assigns groups to the user. Valid values: must be names of known groups. secondary_system_groups blocks are documented below.
shell string: Specifies the user's default command-line interpreter during login.
uid number: Specifies a numeric user ID used to identify permissions of a user, duplicate UIDs are not allowed
unlock bool: If the user has been locked out, cancel that. True: cancel lock-out. False: do nothing.

allowAccessUsings List<String>: Modify the access-mechanisms available for a user. Valid values: CLI, Web-UI, Gaia-API (supported from R81.10). allow_access_using blocks are documented below.
debug Boolean: Enable debug logging for this resource.
gaiaUserId String
homedir String: Specifies the user's home directory as the full UNIX path name where the user is placed on login. If the directory doesn't exist, it is created. Range: Must be under '/home' and must not contain colon (:).
locked Boolean: Computed field, returned in the response.
memberId String: Relevant for commands on Scalable and ElasticXL platforms only. When member-id is provided in the login request, show commands during the session will be executed on the specified member, unless a different member-id is provided in a successive requests Set operations will be performed on all members
mustChangePassword Boolean: Forcing password change is relevant only when a password is set. When set to 'True': Force the user to change their password the next time they log in. If they don't log in within the time limit configured in 'set password-controls expiration-lockout-days' they may not be able to log in at all. When set to 'False': If the user was being forced to change their password, cancel that. If the user was locked out due to failure to change their password within the time limit configured in 'set password-controls expiration-lockout-days' they will no longer be locked out.
name String: N/A
password String: Specifies new password on command line. Check Point recommends that a password be at least eight characters long. A password must contain at least six characters. Enforcement level can be modified via 'password control' feature.
passwordHash String: An encrypted representation of the password.
primarySystemGroupId Double: GID. Numeric ID which is used in identifying the primary group to which this user belongs.
realName String: Specifies a string describing a user; conventionally it's the user's full name.
requiresTwoFactorAuthentication Boolean: Force Two-Factor Authentication for this user. Upon their next login, if Two-Factor Authentication is not already set up, the user will be required to generate the authentication keys.
roles List<String>: roles blocks are documented below.
secondarySystemGroups List<String>: This operation assigns groups to the user. Valid values: must be names of known groups. secondary_system_groups blocks are documented below.
shell String: Specifies the user's default command-line interpreter during login.
uid Double: Specifies a numeric user ID used to identify permissions of a user, duplicate UIDs are not allowed
unlock Boolean: If the user has been locked out, cancel that. True: cancel lock-out. False: do nothing.

allowAccessUsings string[]: Modify the access-mechanisms available for a user. Valid values: CLI, Web-UI, Gaia-API (supported from R81.10). allow_access_using blocks are documented below.
debug boolean: Enable debug logging for this resource.
gaiaUserId string
homedir string: Specifies the user's home directory as the full UNIX path name where the user is placed on login. If the directory doesn't exist, it is created. Range: Must be under '/home' and must not contain colon (:).
locked boolean: Computed field, returned in the response.
memberId string: Relevant for commands on Scalable and ElasticXL platforms only. When member-id is provided in the login request, show commands during the session will be executed on the specified member, unless a different member-id is provided in a successive requests Set operations will be performed on all members
mustChangePassword boolean: Forcing password change is relevant only when a password is set. When set to 'True': Force the user to change their password the next time they log in. If they don't log in within the time limit configured in 'set password-controls expiration-lockout-days' they may not be able to log in at all. When set to 'False': If the user was being forced to change their password, cancel that. If the user was locked out due to failure to change their password within the time limit configured in 'set password-controls expiration-lockout-days' they will no longer be locked out.
name string: N/A
password string: Specifies new password on command line. Check Point recommends that a password be at least eight characters long. A password must contain at least six characters. Enforcement level can be modified via 'password control' feature.
passwordHash string: An encrypted representation of the password.
primarySystemGroupId number: GID. Numeric ID which is used in identifying the primary group to which this user belongs.
realName string: Specifies a string describing a user; conventionally it's the user's full name.
requiresTwoFactorAuthentication boolean: Force Two-Factor Authentication for this user. Upon their next login, if Two-Factor Authentication is not already set up, the user will be required to generate the authentication keys.
roles string[]: roles blocks are documented below.
secondarySystemGroups string[]: This operation assigns groups to the user. Valid values: must be names of known groups. secondary_system_groups blocks are documented below.
shell string: Specifies the user's default command-line interpreter during login.
uid number: Specifies a numeric user ID used to identify permissions of a user, duplicate UIDs are not allowed
unlock boolean: If the user has been locked out, cancel that. True: cancel lock-out. False: do nothing.

allow_access_usings Sequence[str]: Modify the access-mechanisms available for a user. Valid values: CLI, Web-UI, Gaia-API (supported from R81.10). allow_access_using blocks are documented below.
debug bool: Enable debug logging for this resource.
gaia_user_id str
homedir str: Specifies the user's home directory as the full UNIX path name where the user is placed on login. If the directory doesn't exist, it is created. Range: Must be under '/home' and must not contain colon (:).
locked bool: Computed field, returned in the response.
member_id str: Relevant for commands on Scalable and ElasticXL platforms only. When member-id is provided in the login request, show commands during the session will be executed on the specified member, unless a different member-id is provided in a successive requests Set operations will be performed on all members
must_change_password bool: Forcing password change is relevant only when a password is set. When set to 'True': Force the user to change their password the next time they log in. If they don't log in within the time limit configured in 'set password-controls expiration-lockout-days' they may not be able to log in at all. When set to 'False': If the user was being forced to change their password, cancel that. If the user was locked out due to failure to change their password within the time limit configured in 'set password-controls expiration-lockout-days' they will no longer be locked out.
name str: N/A
password str: Specifies new password on command line. Check Point recommends that a password be at least eight characters long. A password must contain at least six characters. Enforcement level can be modified via 'password control' feature.
password_hash str: An encrypted representation of the password.
primary_system_group_id float: GID. Numeric ID which is used in identifying the primary group to which this user belongs.
real_name str: Specifies a string describing a user; conventionally it's the user's full name.
requires_two_factor_authentication bool: Force Two-Factor Authentication for this user. Upon their next login, if Two-Factor Authentication is not already set up, the user will be required to generate the authentication keys.
roles Sequence[str]: roles blocks are documented below.
secondary_system_groups Sequence[str]: This operation assigns groups to the user. Valid values: must be names of known groups. secondary_system_groups blocks are documented below.
shell str: Specifies the user's default command-line interpreter during login.
uid float: Specifies a numeric user ID used to identify permissions of a user, duplicate UIDs are not allowed
unlock bool: If the user has been locked out, cancel that. True: cancel lock-out. False: do nothing.

allowAccessUsings List<String>: Modify the access-mechanisms available for a user. Valid values: CLI, Web-UI, Gaia-API (supported from R81.10). allow_access_using blocks are documented below.
debug Boolean: Enable debug logging for this resource.
gaiaUserId String
homedir String: Specifies the user's home directory as the full UNIX path name where the user is placed on login. If the directory doesn't exist, it is created. Range: Must be under '/home' and must not contain colon (:).
locked Boolean: Computed field, returned in the response.
memberId String: Relevant for commands on Scalable and ElasticXL platforms only. When member-id is provided in the login request, show commands during the session will be executed on the specified member, unless a different member-id is provided in a successive requests Set operations will be performed on all members
mustChangePassword Boolean: Forcing password change is relevant only when a password is set. When set to 'True': Force the user to change their password the next time they log in. If they don't log in within the time limit configured in 'set password-controls expiration-lockout-days' they may not be able to log in at all. When set to 'False': If the user was being forced to change their password, cancel that. If the user was locked out due to failure to change their password within the time limit configured in 'set password-controls expiration-lockout-days' they will no longer be locked out.
name String: N/A
password String: Specifies new password on command line. Check Point recommends that a password be at least eight characters long. A password must contain at least six characters. Enforcement level can be modified via 'password control' feature.
passwordHash String: An encrypted representation of the password.
primarySystemGroupId Number: GID. Numeric ID which is used in identifying the primary group to which this user belongs.
realName String: Specifies a string describing a user; conventionally it's the user's full name.
requiresTwoFactorAuthentication Boolean: Force Two-Factor Authentication for this user. Upon their next login, if Two-Factor Authentication is not already set up, the user will be required to generate the authentication keys.
roles List<String>: roles blocks are documented below.
secondarySystemGroups List<String>: This operation assigns groups to the user. Valid values: must be names of known groups. secondary_system_groups blocks are documented below.
shell String: Specifies the user's default command-line interpreter during login.
uid Number: Specifies a numeric user ID used to identify permissions of a user, duplicate UIDs are not allowed
unlock Boolean: If the user has been locked out, cancel that. True: cancel lock-out. False: do nothing.

Package Details

Repository: checkpoint checkpointsw/terraform-provider-checkpoint
License
Notes: This Pulumi package is based on the checkpoint Terraform Provider.

Viewing docs for checkpoint 3.2.0
published on Monday, Jun 15, 2026 by checkpointsw

Schema (JSON)

checkpointsw/terraform-provider-checkpoint

checkpoint.GaiaUser

On this page

On this page

Example Usage

Create GaiaUser Resource

Constructor syntax

Parameters

Constructor example

GaiaUser Resource Properties

Inputs

Outputs

Look up Existing GaiaUser Resource

Package Details

On this page

On this page

Try Pulumi Cloud free.
Your team will thank you.

checkpoint.GaiaUser

On this page

On this page

Example Usage

Create GaiaUser Resource

Constructor syntax

Parameters

Constructor example

GaiaUser Resource Properties

Inputs

Outputs

Look up Existing GaiaUser Resource

Package Details

On this page

On this page

Try Pulumi Cloud free.Your team will thank you.

Try Pulumi Cloud free.
Your team will thank you.