checkpoint.getManagementThreatProfile

checkpoint 3.0.0, Mar 30 26

Viewing docs for checkpoint 3.0.0
published on Monday, Mar 30, 2026 by checkpointsw

checkpointsw/terraform-provider-checkpoint

Viewing docs for checkpoint 3.0.0
published on Monday, Mar 30, 2026 by checkpointsw

checkpointsw/terraform-provider-checkpoint

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as checkpoint from "@pulumi/checkpoint";

const threatProfile = new checkpoint.ManagementThreatProfile("threat_profile", {
    name: "my threat profile",
    activeProtectionsPerformanceImpact: "high",
    activeProtectionsSeverity: "Critical",
});
const testThreatProfile = checkpoint.getManagementThreatProfileOutput({
    name: threatProfile.name,
});

import pulumi
import pulumi_checkpoint as checkpoint

threat_profile = checkpoint.ManagementThreatProfile("threat_profile",
    name="my threat profile",
    active_protections_performance_impact="high",
    active_protections_severity="Critical")
test_threat_profile = checkpoint.get_management_threat_profile_output(name=threat_profile.name)

package main

import (
	"github.com/pulumi/pulumi-terraform-provider/sdks/go/checkpoint/v3/checkpoint"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		threatProfile, err := checkpoint.NewManagementThreatProfile(ctx, "threat_profile", &checkpoint.ManagementThreatProfileArgs{
			Name:                               pulumi.String("my threat profile"),
			ActiveProtectionsPerformanceImpact: pulumi.String("high"),
			ActiveProtectionsSeverity:          pulumi.String("Critical"),
		})
		if err != nil {
			return err
		}
		_ = checkpoint.LookupManagementThreatProfileOutput(ctx, checkpoint.GetManagementThreatProfileOutputArgs{
			Name: threatProfile.Name,
		}, nil)
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Checkpoint = Pulumi.Checkpoint;

return await Deployment.RunAsync(() => 
{
    var threatProfile = new Checkpoint.ManagementThreatProfile("threat_profile", new()
    {
        Name = "my threat profile",
        ActiveProtectionsPerformanceImpact = "high",
        ActiveProtectionsSeverity = "Critical",
    });

    var testThreatProfile = Checkpoint.GetManagementThreatProfile.Invoke(new()
    {
        Name = threatProfile.Name,
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.checkpoint.ManagementThreatProfile;
import com.pulumi.checkpoint.ManagementThreatProfileArgs;
import com.pulumi.checkpoint.CheckpointFunctions;
import com.pulumi.checkpoint.inputs.GetManagementThreatProfileArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var threatProfile = new ManagementThreatProfile("threatProfile", ManagementThreatProfileArgs.builder()
            .name("my threat profile")
            .activeProtectionsPerformanceImpact("high")
            .activeProtectionsSeverity("Critical")
            .build());

        final var testThreatProfile = CheckpointFunctions.getManagementThreatProfile(GetManagementThreatProfileArgs.builder()
            .name(threatProfile.name())
            .build());

    }
}

resources:
  threatProfile:
    type: checkpoint:ManagementThreatProfile
    name: threat_profile
    properties:
      name: my threat profile
      activeProtectionsPerformanceImpact: high
      activeProtectionsSeverity: Critical
variables:
  testThreatProfile:
    fn::invoke:
      function: checkpoint:getManagementThreatProfile
      arguments:
        name: ${threatProfile.name}

Using getManagementThreatProfile

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getManagementThreatProfile(args: GetManagementThreatProfileArgs, opts?: InvokeOptions): Promise<GetManagementThreatProfileResult>
function getManagementThreatProfileOutput(args: GetManagementThreatProfileOutputArgs, opts?: InvokeOptions): Output<GetManagementThreatProfileResult>

def get_management_threat_profile(id: Optional[str] = None,
                                  name: Optional[str] = None,
                                  uid: Optional[str] = None,
                                  opts: Optional[InvokeOptions] = None) -> GetManagementThreatProfileResult
def get_management_threat_profile_output(id: Optional[pulumi.Input[str]] = None,
                                  name: Optional[pulumi.Input[str]] = None,
                                  uid: Optional[pulumi.Input[str]] = None,
                                  opts: Optional[InvokeOptions] = None) -> Output[GetManagementThreatProfileResult]

func LookupManagementThreatProfile(ctx *Context, args *LookupManagementThreatProfileArgs, opts ...InvokeOption) (*LookupManagementThreatProfileResult, error)
func LookupManagementThreatProfileOutput(ctx *Context, args *LookupManagementThreatProfileOutputArgs, opts ...InvokeOption) LookupManagementThreatProfileResultOutput

> Note: This function is named LookupManagementThreatProfile in the Go SDK.

public static class GetManagementThreatProfile 
{
    public static Task<GetManagementThreatProfileResult> InvokeAsync(GetManagementThreatProfileArgs args, InvokeOptions? opts = null)
    public static Output<GetManagementThreatProfileResult> Invoke(GetManagementThreatProfileInvokeArgs args, InvokeOptions? opts = null)
}

public static CompletableFuture<GetManagementThreatProfileResult> getManagementThreatProfile(GetManagementThreatProfileArgs args, InvokeOptions options)
public static Output<GetManagementThreatProfileResult> getManagementThreatProfile(GetManagementThreatProfileArgs args, InvokeOptions options)

fn::invoke:
  function: checkpoint:index/getManagementThreatProfile:getManagementThreatProfile
  arguments:
    # arguments dictionary

The following arguments are supported:

Id string
Name string: Object name. Should be unique in the domain.
Uid string

Id string
Name string: Object name. Should be unique in the domain.
Uid string

id String
name String: Object name. Should be unique in the domain.
uid String

id string
name string: Object name. Should be unique in the domain.
uid string

id str
name str: Object name. Should be unique in the domain.
uid str

id String
name String: Object name. Should be unique in the domain.
uid String

getManagementThreatProfile Result

The following output properties are available:

ActivateProtectionsByExtendedAttributes List<GetManagementThreatProfileActivateProtectionsByExtendedAttribute>
ActiveProtectionsPerformanceImpact string
ActiveProtectionsSeverity string
AntiBot bool
AntiVirus bool
Color string
Comments string
ConfidenceLevelHigh string
ConfidenceLevelLow string
ConfidenceLevelMedium string
DeactivateProtectionsByExtendedAttributes List<GetManagementThreatProfileDeactivateProtectionsByExtendedAttribute>
Id string
IndicatorOverrides List<GetManagementThreatProfileIndicatorOverride>
Ips bool
IpsSettings List<GetManagementThreatProfileIpsSetting>
MaliciousMailPolicySettings List<GetManagementThreatProfileMaliciousMailPolicySetting>
Overrides List<GetManagementThreatProfileOverride>
ScanMaliciousLinks List<GetManagementThreatProfileScanMaliciousLink>
Tags List<string>
ThreatEmulation bool
ThreatExtraction bool
UseExtendedAttributes bool
UseIndicators bool
ZeroPhishing bool
Name string
Uid string

ActivateProtectionsByExtendedAttributes []GetManagementThreatProfileActivateProtectionsByExtendedAttribute
ActiveProtectionsPerformanceImpact string
ActiveProtectionsSeverity string
AntiBot bool
AntiVirus bool
Color string
Comments string
ConfidenceLevelHigh string
ConfidenceLevelLow string
ConfidenceLevelMedium string
DeactivateProtectionsByExtendedAttributes []GetManagementThreatProfileDeactivateProtectionsByExtendedAttribute
Id string
IndicatorOverrides []GetManagementThreatProfileIndicatorOverride
Ips bool
IpsSettings []GetManagementThreatProfileIpsSetting
MaliciousMailPolicySettings []GetManagementThreatProfileMaliciousMailPolicySetting
Overrides []GetManagementThreatProfileOverride
ScanMaliciousLinks []GetManagementThreatProfileScanMaliciousLink
Tags []string
ThreatEmulation bool
ThreatExtraction bool
UseExtendedAttributes bool
UseIndicators bool
ZeroPhishing bool
Name string
Uid string

activateProtectionsByExtendedAttributes List<GetManagementThreatProfileActivateProtectionsByExtendedAttribute>
activeProtectionsPerformanceImpact String
activeProtectionsSeverity String
antiBot Boolean
antiVirus Boolean
color String
comments String
confidenceLevelHigh String
confidenceLevelLow String
confidenceLevelMedium String
deactivateProtectionsByExtendedAttributes List<GetManagementThreatProfileDeactivateProtectionsByExtendedAttribute>
id String
indicatorOverrides List<GetManagementThreatProfileIndicatorOverride>
ips Boolean
ipsSettings List<GetManagementThreatProfileIpsSetting>
maliciousMailPolicySettings List<GetManagementThreatProfileMaliciousMailPolicySetting>
overrides List<GetManagementThreatProfileOverride>
scanMaliciousLinks List<GetManagementThreatProfileScanMaliciousLink>
tags List<String>
threatEmulation Boolean
threatExtraction Boolean
useExtendedAttributes Boolean
useIndicators Boolean
zeroPhishing Boolean
name String
uid String

activateProtectionsByExtendedAttributes GetManagementThreatProfileActivateProtectionsByExtendedAttribute[]
activeProtectionsPerformanceImpact string
activeProtectionsSeverity string
antiBot boolean
antiVirus boolean
color string
comments string
confidenceLevelHigh string
confidenceLevelLow string
confidenceLevelMedium string
deactivateProtectionsByExtendedAttributes GetManagementThreatProfileDeactivateProtectionsByExtendedAttribute[]
id string
indicatorOverrides GetManagementThreatProfileIndicatorOverride[]
ips boolean
ipsSettings GetManagementThreatProfileIpsSetting[]
maliciousMailPolicySettings GetManagementThreatProfileMaliciousMailPolicySetting[]
overrides GetManagementThreatProfileOverride[]
scanMaliciousLinks GetManagementThreatProfileScanMaliciousLink[]
tags string[]
threatEmulation boolean
threatExtraction boolean
useExtendedAttributes boolean
useIndicators boolean
zeroPhishing boolean
name string
uid string

activate_protections_by_extended_attributes Sequence[GetManagementThreatProfileActivateProtectionsByExtendedAttribute]
active_protections_performance_impact str
active_protections_severity str
anti_bot bool
anti_virus bool
color str
comments str
confidence_level_high str
confidence_level_low str
confidence_level_medium str
deactivate_protections_by_extended_attributes Sequence[GetManagementThreatProfileDeactivateProtectionsByExtendedAttribute]
id str
indicator_overrides Sequence[GetManagementThreatProfileIndicatorOverride]
ips bool
ips_settings Sequence[GetManagementThreatProfileIpsSetting]
malicious_mail_policy_settings Sequence[GetManagementThreatProfileMaliciousMailPolicySetting]
overrides Sequence[GetManagementThreatProfileOverride]
scan_malicious_links Sequence[GetManagementThreatProfileScanMaliciousLink]
tags Sequence[str]
threat_emulation bool
threat_extraction bool
use_extended_attributes bool
use_indicators bool
zero_phishing bool
name str
uid str

activateProtectionsByExtendedAttributes List<Property Map>
activeProtectionsPerformanceImpact String
activeProtectionsSeverity String
antiBot Boolean
antiVirus Boolean
color String
comments String
confidenceLevelHigh String
confidenceLevelLow String
confidenceLevelMedium String
deactivateProtectionsByExtendedAttributes List<Property Map>
id String
indicatorOverrides List<Property Map>
ips Boolean
ipsSettings List<Property Map>
maliciousMailPolicySettings List<Property Map>
overrides List<Property Map>
scanMaliciousLinks List<Property Map>
tags List<String>
threatEmulation Boolean
threatExtraction Boolean
useExtendedAttributes Boolean
useIndicators Boolean
zeroPhishing Boolean
name String
uid String

Supporting Types

GetManagementThreatProfileActivateProtectionsByExtendedAttribute

Category string: IPS tag category name.
Name string: IPS tag name.
Uid string: IPS tag unique identifier.
Values List<GetManagementThreatProfileActivateProtectionsByExtendedAttributeValue>: Collection of IPS protection extended attribute values (name and uid).

Category string: IPS tag category name.
Name string: IPS tag name.
Uid string: IPS tag unique identifier.
Values []GetManagementThreatProfileActivateProtectionsByExtendedAttributeValue: Collection of IPS protection extended attribute values (name and uid).

category String: IPS tag category name.
name String: IPS tag name.
uid String: IPS tag unique identifier.
values List<GetManagementThreatProfileActivateProtectionsByExtendedAttributeValue>: Collection of IPS protection extended attribute values (name and uid).

category string: IPS tag category name.
name string: IPS tag name.
uid string: IPS tag unique identifier.
values GetManagementThreatProfileActivateProtectionsByExtendedAttributeValue[]: Collection of IPS protection extended attribute values (name and uid).

category str: IPS tag category name.
name str: IPS tag name.
uid str: IPS tag unique identifier.
values Sequence[GetManagementThreatProfileActivateProtectionsByExtendedAttributeValue]: Collection of IPS protection extended attribute values (name and uid).

category String: IPS tag category name.
name String: IPS tag name.
uid String: IPS tag unique identifier.
values List<Property Map>: Collection of IPS protection extended attribute values (name and uid).

GetManagementThreatProfileActivateProtectionsByExtendedAttributeValue

Name string: Object name. Should be unique in the domain.
Uid string

Name string: Object name. Should be unique in the domain.
Uid string

name String: Object name. Should be unique in the domain.
uid String

name string: Object name. Should be unique in the domain.
uid string

name str: Object name. Should be unique in the domain.
uid str

name String: Object name. Should be unique in the domain.
uid String

GetManagementThreatProfileDeactivateProtectionsByExtendedAttribute

Category string: IPS tag category name.
Name string: IPS tag name.
Uid string: IPS tag unique identifier.
Values List<GetManagementThreatProfileDeactivateProtectionsByExtendedAttributeValue>: Collection of IPS protection extended attribute values (name and uid).

Category string: IPS tag category name.
Name string: IPS tag name.
Uid string: IPS tag unique identifier.
Values []GetManagementThreatProfileDeactivateProtectionsByExtendedAttributeValue: Collection of IPS protection extended attribute values (name and uid).

category String: IPS tag category name.
name String: IPS tag name.
uid String: IPS tag unique identifier.
values List<GetManagementThreatProfileDeactivateProtectionsByExtendedAttributeValue>: Collection of IPS protection extended attribute values (name and uid).

category string: IPS tag category name.
name string: IPS tag name.
uid string: IPS tag unique identifier.
values GetManagementThreatProfileDeactivateProtectionsByExtendedAttributeValue[]: Collection of IPS protection extended attribute values (name and uid).

category str: IPS tag category name.
name str: IPS tag name.
uid str: IPS tag unique identifier.
values Sequence[GetManagementThreatProfileDeactivateProtectionsByExtendedAttributeValue]: Collection of IPS protection extended attribute values (name and uid).

category String: IPS tag category name.
name String: IPS tag name.
uid String: IPS tag unique identifier.
values List<Property Map>: Collection of IPS protection extended attribute values (name and uid).

GetManagementThreatProfileDeactivateProtectionsByExtendedAttributeValue

Name string: Object name. Should be unique in the domain.
Uid string

Name string: Object name. Should be unique in the domain.
Uid string

name String: Object name. Should be unique in the domain.
uid String

name string: Object name. Should be unique in the domain.
uid string

name str: Object name. Should be unique in the domain.
uid str

name String: Object name. Should be unique in the domain.
uid String

GetManagementThreatProfileIndicatorOverride

Action string: The indicator's action in this profile.
Indicator string: The indicator whose action is to be overriden.

Action string: The indicator's action in this profile.
Indicator string: The indicator whose action is to be overriden.

action String: The indicator's action in this profile.
indicator String: The indicator whose action is to be overriden.

action string: The indicator's action in this profile.
indicator string: The indicator whose action is to be overriden.

action str: The indicator's action in this profile.
indicator str: The indicator whose action is to be overriden.

action String: The indicator's action in this profile.
indicator String: The indicator whose action is to be overriden.

GetManagementThreatProfileIpsSetting

ExcludeProtectionWithPerformanceImpact bool: Whether to exclude protections depending on their level of performance impact.
ExcludeProtectionWithPerformanceImpactMode string: Exclude protections with this level of performance impact.
ExcludeProtectionWithSeverity bool: Whether to exclude protections depending on their level of severity.
ExcludeProtectionWithSeverityMode string: Exclude protections with this level of severity.
NewlyUpdatedProtections string: Activation of newly updated protections.

ExcludeProtectionWithPerformanceImpact bool: Whether to exclude protections depending on their level of performance impact.
ExcludeProtectionWithPerformanceImpactMode string: Exclude protections with this level of performance impact.
ExcludeProtectionWithSeverity bool: Whether to exclude protections depending on their level of severity.
ExcludeProtectionWithSeverityMode string: Exclude protections with this level of severity.
NewlyUpdatedProtections string: Activation of newly updated protections.

excludeProtectionWithPerformanceImpact Boolean: Whether to exclude protections depending on their level of performance impact.
excludeProtectionWithPerformanceImpactMode String: Exclude protections with this level of performance impact.
excludeProtectionWithSeverity Boolean: Whether to exclude protections depending on their level of severity.
excludeProtectionWithSeverityMode String: Exclude protections with this level of severity.
newlyUpdatedProtections String: Activation of newly updated protections.

excludeProtectionWithPerformanceImpact boolean: Whether to exclude protections depending on their level of performance impact.
excludeProtectionWithPerformanceImpactMode string: Exclude protections with this level of performance impact.
excludeProtectionWithSeverity boolean: Whether to exclude protections depending on their level of severity.
excludeProtectionWithSeverityMode string: Exclude protections with this level of severity.
newlyUpdatedProtections string: Activation of newly updated protections.

exclude_protection_with_performance_impact bool: Whether to exclude protections depending on their level of performance impact.
exclude_protection_with_performance_impact_mode str: Exclude protections with this level of performance impact.
exclude_protection_with_severity bool: Whether to exclude protections depending on their level of severity.
exclude_protection_with_severity_mode str: Exclude protections with this level of severity.
newly_updated_protections str: Activation of newly updated protections.

excludeProtectionWithPerformanceImpact Boolean: Whether to exclude protections depending on their level of performance impact.
excludeProtectionWithPerformanceImpactMode String: Exclude protections with this level of performance impact.
excludeProtectionWithSeverity Boolean: Whether to exclude protections depending on their level of severity.
excludeProtectionWithSeverityMode String: Exclude protections with this level of severity.
newlyUpdatedProtections String: Activation of newly updated protections.

GetManagementThreatProfileMaliciousMailPolicySetting

AddCustomizedTextToEmailBody bool: Add customized text to the malicious email body.
AddEmailSubjectPrefix bool: Add a prefix to the malicious email subject.
AddXHeaderToEmail bool: Add an X-Header to the malicious email.
EmailAction string: Block - block the entire malicious email. Allow - pass the malicious email and apply email changes (like: remove attachments and links, add x-header, etc...).
EmailBodyCustomizedText string: Customized text for the malicious email body. Available predefined fields: $verdicts$ - the malicious/error attachments/links verdict.
EmailSubjectPrefixText string: Prefix for the malicious email subject.
FailedToScanAttachmentsText string: Replace attachments that failed to be scanned with this text. Available predefined fields: $filename$ - the malicious file name. $md5$ - MD5 of the malicious file.
MaliciousAttachmentsText string: Replace malicious attachments with this text. Available predefined fields: $filename$ - the malicious file name. $md5$ - MD5 of the malicious file.
MaliciousLinksText string: Replace malicious links with this text. Available predefined fields: $neutralized_url$ - neutralized malicious link.
RemoveAttachmentsAndLinks bool: Remove attachments and links from the malicious email.
SendCopy bool: Send a copy of the malicious email to the recipient list.
SendCopyLists List<string>: Recipient list to send a copy of the malicious email.

AddCustomizedTextToEmailBody bool: Add customized text to the malicious email body.
AddEmailSubjectPrefix bool: Add a prefix to the malicious email subject.
AddXHeaderToEmail bool: Add an X-Header to the malicious email.
EmailAction string: Block - block the entire malicious email. Allow - pass the malicious email and apply email changes (like: remove attachments and links, add x-header, etc...).
EmailBodyCustomizedText string: Customized text for the malicious email body. Available predefined fields: $verdicts$ - the malicious/error attachments/links verdict.
EmailSubjectPrefixText string: Prefix for the malicious email subject.
FailedToScanAttachmentsText string: Replace attachments that failed to be scanned with this text. Available predefined fields: $filename$ - the malicious file name. $md5$ - MD5 of the malicious file.
MaliciousAttachmentsText string: Replace malicious attachments with this text. Available predefined fields: $filename$ - the malicious file name. $md5$ - MD5 of the malicious file.
MaliciousLinksText string: Replace malicious links with this text. Available predefined fields: $neutralized_url$ - neutralized malicious link.
RemoveAttachmentsAndLinks bool: Remove attachments and links from the malicious email.
SendCopy bool: Send a copy of the malicious email to the recipient list.
SendCopyLists []string: Recipient list to send a copy of the malicious email.

addCustomizedTextToEmailBody Boolean: Add customized text to the malicious email body.
addEmailSubjectPrefix Boolean: Add a prefix to the malicious email subject.
addXHeaderToEmail Boolean: Add an X-Header to the malicious email.
emailAction String: Block - block the entire malicious email. Allow - pass the malicious email and apply email changes (like: remove attachments and links, add x-header, etc...).
emailBodyCustomizedText String: Customized text for the malicious email body. Available predefined fields: $verdicts$ - the malicious/error attachments/links verdict.
emailSubjectPrefixText String: Prefix for the malicious email subject.
failedToScanAttachmentsText String: Replace attachments that failed to be scanned with this text. Available predefined fields: $filename$ - the malicious file name. $md5$ - MD5 of the malicious file.
maliciousAttachmentsText String: Replace malicious attachments with this text. Available predefined fields: $filename$ - the malicious file name. $md5$ - MD5 of the malicious file.
maliciousLinksText String: Replace malicious links with this text. Available predefined fields: $neutralized_url$ - neutralized malicious link.
removeAttachmentsAndLinks Boolean: Remove attachments and links from the malicious email.
sendCopy Boolean: Send a copy of the malicious email to the recipient list.
sendCopyLists List<String>: Recipient list to send a copy of the malicious email.

addCustomizedTextToEmailBody boolean: Add customized text to the malicious email body.
addEmailSubjectPrefix boolean: Add a prefix to the malicious email subject.
addXHeaderToEmail boolean: Add an X-Header to the malicious email.
emailAction string: Block - block the entire malicious email. Allow - pass the malicious email and apply email changes (like: remove attachments and links, add x-header, etc...).
emailBodyCustomizedText string: Customized text for the malicious email body. Available predefined fields: $verdicts$ - the malicious/error attachments/links verdict.
emailSubjectPrefixText string: Prefix for the malicious email subject.
failedToScanAttachmentsText string: Replace attachments that failed to be scanned with this text. Available predefined fields: $filename$ - the malicious file name. $md5$ - MD5 of the malicious file.
maliciousAttachmentsText string: Replace malicious attachments with this text. Available predefined fields: $filename$ - the malicious file name. $md5$ - MD5 of the malicious file.
maliciousLinksText string: Replace malicious links with this text. Available predefined fields: $neutralized_url$ - neutralized malicious link.
removeAttachmentsAndLinks boolean: Remove attachments and links from the malicious email.
sendCopy boolean: Send a copy of the malicious email to the recipient list.
sendCopyLists string[]: Recipient list to send a copy of the malicious email.

add_customized_text_to_email_body bool: Add customized text to the malicious email body.
add_email_subject_prefix bool: Add a prefix to the malicious email subject.
add_x_header_to_email bool: Add an X-Header to the malicious email.
email_action str: Block - block the entire malicious email. Allow - pass the malicious email and apply email changes (like: remove attachments and links, add x-header, etc...).
email_body_customized_text str: Customized text for the malicious email body. Available predefined fields: $verdicts$ - the malicious/error attachments/links verdict.
email_subject_prefix_text str: Prefix for the malicious email subject.
failed_to_scan_attachments_text str: Replace attachments that failed to be scanned with this text. Available predefined fields: $filename$ - the malicious file name. $md5$ - MD5 of the malicious file.
malicious_attachments_text str: Replace malicious attachments with this text. Available predefined fields: $filename$ - the malicious file name. $md5$ - MD5 of the malicious file.
malicious_links_text str: Replace malicious links with this text. Available predefined fields: $neutralized_url$ - neutralized malicious link.
remove_attachments_and_links bool: Remove attachments and links from the malicious email.
send_copy bool: Send a copy of the malicious email to the recipient list.
send_copy_lists Sequence[str]: Recipient list to send a copy of the malicious email.

addCustomizedTextToEmailBody Boolean: Add customized text to the malicious email body.
addEmailSubjectPrefix Boolean: Add a prefix to the malicious email subject.
addXHeaderToEmail Boolean: Add an X-Header to the malicious email.
emailAction String: Block - block the entire malicious email. Allow - pass the malicious email and apply email changes (like: remove attachments and links, add x-header, etc...).
emailBodyCustomizedText String: Customized text for the malicious email body. Available predefined fields: $verdicts$ - the malicious/error attachments/links verdict.
emailSubjectPrefixText String: Prefix for the malicious email subject.
failedToScanAttachmentsText String: Replace attachments that failed to be scanned with this text. Available predefined fields: $filename$ - the malicious file name. $md5$ - MD5 of the malicious file.
maliciousAttachmentsText String: Replace malicious attachments with this text. Available predefined fields: $filename$ - the malicious file name. $md5$ - MD5 of the malicious file.
maliciousLinksText String: Replace malicious links with this text. Available predefined fields: $neutralized_url$ - neutralized malicious link.
removeAttachmentsAndLinks Boolean: Remove attachments and links from the malicious email.
sendCopy Boolean: Send a copy of the malicious email to the recipient list.
sendCopyLists List<String>: Recipient list to send a copy of the malicious email.

GetManagementThreatProfileOverride

Action string: Protection action.
CapturePackets bool: Capture packets.
Defaults List<GetManagementThreatProfileOverrideDefault>: Default settings. default blocks are documented below.
Finals List<GetManagementThreatProfileOverrideFinal>: Final settings. final blocks are documented below.
Protection string: IPS protection identified by name.
ProtectionExternalInfos List<string>: Collection of industry reference (CVE).
ProtectionUid string: IPS protection unique identifier.
Track string: Tracking method for protection.

Action string: Protection action.
CapturePackets bool: Capture packets.
Defaults []GetManagementThreatProfileOverrideDefault: Default settings. default blocks are documented below.
Finals []GetManagementThreatProfileOverrideFinal: Final settings. final blocks are documented below.
Protection string: IPS protection identified by name.
ProtectionExternalInfos []string: Collection of industry reference (CVE).
ProtectionUid string: IPS protection unique identifier.
Track string: Tracking method for protection.

action String: Protection action.
capturePackets Boolean: Capture packets.
defaults List<GetManagementThreatProfileOverrideDefault>: Default settings. default blocks are documented below.
finals List<GetManagementThreatProfileOverrideFinal>: Final settings. final blocks are documented below.
protection String: IPS protection identified by name.
protectionExternalInfos List<String>: Collection of industry reference (CVE).
protectionUid String: IPS protection unique identifier.
track String: Tracking method for protection.

action string: Protection action.
capturePackets boolean: Capture packets.
defaults GetManagementThreatProfileOverrideDefault[]: Default settings. default blocks are documented below.
finals GetManagementThreatProfileOverrideFinal[]: Final settings. final blocks are documented below.
protection string: IPS protection identified by name.
protectionExternalInfos string[]: Collection of industry reference (CVE).
protectionUid string: IPS protection unique identifier.
track string: Tracking method for protection.

action str: Protection action.
capture_packets bool: Capture packets.
defaults Sequence[GetManagementThreatProfileOverrideDefault]: Default settings. default blocks are documented below.
finals Sequence[GetManagementThreatProfileOverrideFinal]: Final settings. final blocks are documented below.
protection str: IPS protection identified by name.
protection_external_infos Sequence[str]: Collection of industry reference (CVE).
protection_uid str: IPS protection unique identifier.
track str: Tracking method for protection.

action String: Protection action.
capturePackets Boolean: Capture packets.
defaults List<Property Map>: Default settings. default blocks are documented below.
finals List<Property Map>: Final settings. final blocks are documented below.
protection String: IPS protection identified by name.
protectionExternalInfos List<String>: Collection of industry reference (CVE).
protectionUid String: IPS protection unique identifier.
track String: Tracking method for protection.

GetManagementThreatProfileOverrideDefault

Action string: Protection action.
CapturePackets bool: Capture packets.
Track string: Tracking method for protection.

Action string: Protection action.
CapturePackets bool: Capture packets.
Track string: Tracking method for protection.

action String: Protection action.
capturePackets Boolean: Capture packets.
track String: Tracking method for protection.

action string: Protection action.
capturePackets boolean: Capture packets.
track string: Tracking method for protection.

action str: Protection action.
capture_packets bool: Capture packets.
track str: Tracking method for protection.

action String: Protection action.
capturePackets Boolean: Capture packets.
track String: Tracking method for protection.

GetManagementThreatProfileOverrideFinal

Action string: Protection action.
CapturePackets bool: Capture packets.
Track string: Tracking method for protection.

Action string: Protection action.
CapturePackets bool: Capture packets.
Track string: Tracking method for protection.

action String: Protection action.
capturePackets Boolean: Capture packets.
track String: Tracking method for protection.

action string: Protection action.
capturePackets boolean: Capture packets.
track string: Tracking method for protection.

action str: Protection action.
capture_packets bool: Capture packets.
track str: Tracking method for protection.

action String: Protection action.
capturePackets Boolean: Capture packets.
track String: Tracking method for protection.

GetManagementThreatProfileScanMaliciousLink

MaxBytes double: Scan links in the first bytes of the mail body.
MaxLinks double: Maximum links to scan in mail body.

MaxBytes float64: Scan links in the first bytes of the mail body.
MaxLinks float64: Maximum links to scan in mail body.

maxBytes Double: Scan links in the first bytes of the mail body.
maxLinks Double: Maximum links to scan in mail body.

maxBytes number: Scan links in the first bytes of the mail body.
maxLinks number: Maximum links to scan in mail body.

max_bytes float: Scan links in the first bytes of the mail body.
max_links float: Maximum links to scan in mail body.

maxBytes Number: Scan links in the first bytes of the mail body.
maxLinks Number: Maximum links to scan in mail body.

Package Details

Repository: checkpoint checkpointsw/terraform-provider-checkpoint
License
Notes: This Pulumi package is based on the checkpoint Terraform Provider.

Viewing docs for checkpoint 3.0.0
published on Monday, Mar 30, 2026 by checkpointsw

Schema (JSON)

checkpointsw/terraform-provider-checkpoint

checkpoint.getManagementThreatProfile

On this page

On this page

Example Usage

Using getManagementThreatProfile

getManagementThreatProfile Result

Supporting Types

GetManagementThreatProfileActivateProtectionsByExtendedAttribute

GetManagementThreatProfileActivateProtectionsByExtendedAttributeValue

GetManagementThreatProfileDeactivateProtectionsByExtendedAttribute

GetManagementThreatProfileDeactivateProtectionsByExtendedAttributeValue

GetManagementThreatProfileIndicatorOverride

GetManagementThreatProfileIpsSetting

GetManagementThreatProfileMaliciousMailPolicySetting

GetManagementThreatProfileOverride

GetManagementThreatProfileOverrideDefault

GetManagementThreatProfileOverrideFinal

GetManagementThreatProfileScanMaliciousLink

Package Details

On this page

On this page