checkpoint 2.9.0, Apr 14 25

checkpoint 2.9.0 published on Monday, Apr 14, 2025 by checkpointsw

checkpointsw/terraform-provider-checkpoint

checkpoint.ManagementCmeAccountsAws

Explore with Pulumi AI

checkpoint 2.9.0 published on Monday, Apr 14, 2025 by checkpointsw

checkpointsw/terraform-provider-checkpoint

Create ManagementCmeAccountsAws Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new ManagementCmeAccountsAws(name: string, args: ManagementCmeAccountsAwsArgs, opts?: CustomResourceOptions);

@overload
def ManagementCmeAccountsAws(resource_name: str,
                             args: ManagementCmeAccountsAwsArgs,
                             opts: Optional[ResourceOptions] = None)

@overload
def ManagementCmeAccountsAws(resource_name: str,
                             opts: Optional[ResourceOptions] = None,
                             regions: Optional[Sequence[str]] = None,
                             scan_gateways: Optional[bool] = None,
                             scan_vpn: Optional[bool] = None,
                             deletion_tolerance: Optional[float] = None,
                             domain: Optional[str] = None,
                             management_cme_accounts_aws_id: Optional[str] = None,
                             name: Optional[str] = None,
                             credentials_file: Optional[str] = None,
                             scan_load_balancers: Optional[bool] = None,
                             communities: Optional[Sequence[str]] = None,
                             scan_subnets: Optional[bool] = None,
                             access_key: Optional[str] = None,
                             secret_key: Optional[str] = None,
                             sts_external_id: Optional[str] = None,
                             sts_role: Optional[str] = None,
                             sub_accounts: Optional[Sequence[ManagementCmeAccountsAwsSubAccountArgs]] = None)

func NewManagementCmeAccountsAws(ctx *Context, name string, args ManagementCmeAccountsAwsArgs, opts ...ResourceOption) (*ManagementCmeAccountsAws, error)

public ManagementCmeAccountsAws(string name, ManagementCmeAccountsAwsArgs args, CustomResourceOptions? opts = null)

public ManagementCmeAccountsAws(String name, ManagementCmeAccountsAwsArgs args)
public ManagementCmeAccountsAws(String name, ManagementCmeAccountsAwsArgs args, CustomResourceOptions options)

type: checkpoint:ManagementCmeAccountsAws
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args ManagementCmeAccountsAwsArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args ManagementCmeAccountsAwsArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args ManagementCmeAccountsAwsArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args ManagementCmeAccountsAwsArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args ManagementCmeAccountsAwsArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var managementCmeAccountsAwsResource = new Checkpoint.ManagementCmeAccountsAws("managementCmeAccountsAwsResource", new()
{
    Regions = new[]
    {
        "string",
    },
    ScanGateways = false,
    ScanVpn = false,
    DeletionTolerance = 0,
    Domain = "string",
    ManagementCmeAccountsAwsId = "string",
    Name = "string",
    CredentialsFile = "string",
    ScanLoadBalancers = false,
    Communities = new[]
    {
        "string",
    },
    ScanSubnets = false,
    AccessKey = "string",
    SecretKey = "string",
    StsExternalId = "string",
    StsRole = "string",
    SubAccounts = new[]
    {
        new Checkpoint.Inputs.ManagementCmeAccountsAwsSubAccountArgs
        {
            Name = "string",
            AccessKey = "string",
            CredentialsFile = "string",
            SecretKey = "string",
            StsExternalId = "string",
            StsRole = "string",
        },
    },
});

example, err := checkpoint.NewManagementCmeAccountsAws(ctx, "managementCmeAccountsAwsResource", &checkpoint.ManagementCmeAccountsAwsArgs{
	Regions: pulumi.StringArray{
		pulumi.String("string"),
	},
	ScanGateways:               pulumi.Bool(false),
	ScanVpn:                    pulumi.Bool(false),
	DeletionTolerance:          pulumi.Float64(0),
	Domain:                     pulumi.String("string"),
	ManagementCmeAccountsAwsId: pulumi.String("string"),
	Name:                       pulumi.String("string"),
	CredentialsFile:            pulumi.String("string"),
	ScanLoadBalancers:          pulumi.Bool(false),
	Communities: pulumi.StringArray{
		pulumi.String("string"),
	},
	ScanSubnets:   pulumi.Bool(false),
	AccessKey:     pulumi.String("string"),
	SecretKey:     pulumi.String("string"),
	StsExternalId: pulumi.String("string"),
	StsRole:       pulumi.String("string"),
	SubAccounts: checkpoint.ManagementCmeAccountsAwsSubAccountArray{
		&checkpoint.ManagementCmeAccountsAwsSubAccountArgs{
			Name:            pulumi.String("string"),
			AccessKey:       pulumi.String("string"),
			CredentialsFile: pulumi.String("string"),
			SecretKey:       pulumi.String("string"),
			StsExternalId:   pulumi.String("string"),
			StsRole:         pulumi.String("string"),
		},
	},
})

var managementCmeAccountsAwsResource = new ManagementCmeAccountsAws("managementCmeAccountsAwsResource", ManagementCmeAccountsAwsArgs.builder()
    .regions("string")
    .scanGateways(false)
    .scanVpn(false)
    .deletionTolerance(0)
    .domain("string")
    .managementCmeAccountsAwsId("string")
    .name("string")
    .credentialsFile("string")
    .scanLoadBalancers(false)
    .communities("string")
    .scanSubnets(false)
    .accessKey("string")
    .secretKey("string")
    .stsExternalId("string")
    .stsRole("string")
    .subAccounts(ManagementCmeAccountsAwsSubAccountArgs.builder()
        .name("string")
        .accessKey("string")
        .credentialsFile("string")
        .secretKey("string")
        .stsExternalId("string")
        .stsRole("string")
        .build())
    .build());

management_cme_accounts_aws_resource = checkpoint.ManagementCmeAccountsAws("managementCmeAccountsAwsResource",
    regions=["string"],
    scan_gateways=False,
    scan_vpn=False,
    deletion_tolerance=0,
    domain="string",
    management_cme_accounts_aws_id="string",
    name="string",
    credentials_file="string",
    scan_load_balancers=False,
    communities=["string"],
    scan_subnets=False,
    access_key="string",
    secret_key="string",
    sts_external_id="string",
    sts_role="string",
    sub_accounts=[{
        "name": "string",
        "access_key": "string",
        "credentials_file": "string",
        "secret_key": "string",
        "sts_external_id": "string",
        "sts_role": "string",
    }])

const managementCmeAccountsAwsResource = new checkpoint.ManagementCmeAccountsAws("managementCmeAccountsAwsResource", {
    regions: ["string"],
    scanGateways: false,
    scanVpn: false,
    deletionTolerance: 0,
    domain: "string",
    managementCmeAccountsAwsId: "string",
    name: "string",
    credentialsFile: "string",
    scanLoadBalancers: false,
    communities: ["string"],
    scanSubnets: false,
    accessKey: "string",
    secretKey: "string",
    stsExternalId: "string",
    stsRole: "string",
    subAccounts: [{
        name: "string",
        accessKey: "string",
        credentialsFile: "string",
        secretKey: "string",
        stsExternalId: "string",
        stsRole: "string",
    }],
});

type: checkpoint:ManagementCmeAccountsAws
properties:
    accessKey: string
    communities:
        - string
    credentialsFile: string
    deletionTolerance: 0
    domain: string
    managementCmeAccountsAwsId: string
    name: string
    regions:
        - string
    scanGateways: false
    scanLoadBalancers: false
    scanSubnets: false
    scanVpn: false
    secretKey: string
    stsExternalId: string
    stsRole: string
    subAccounts:
        - accessKey: string
          credentialsFile: string
          name: string
          secretKey: string
          stsExternalId: string
          stsRole: string

ManagementCmeAccountsAws Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The ManagementCmeAccountsAws resource accepts the following input properties:

Regions List<string>

Comma-separated list of AWS regions in which the Gateways are being deployed.

AccessKey string

AWS access key.

Communities List<string>

Comma-separated list of communities that are allowed for VPN connections for AWS Transit Gateways that are discovered by this account.

CredentialsFile string

One of the these options:

The name of a text file containing AWS credentials that is located in $FWDIR/conf/ directory for a Management Server or $MDSDIR/conf/ directory for a Multi-Domain Management Server.
“IAM” to use an IAM role profile

DeletionTolerance double

The number of CME cycles to wait when the cloud provider does not return a Gateway until its deletion.

Domain string

The account's domain name in Multi-Domain Security Management Server environment.

ManagementCmeAccountsAwsId string

Name string

Unique account name for identification without spaces.

ScanGateways bool

Set true in order to scan gateways with AWS Transit Gateway.

ScanLoadBalancers bool

Set true in order to scan load balancers access and NAT rules with AWS Transit Gateway.

ScanSubnets bool

Set true in order to scan subnets with AWS Gateway Load Balancer.

ScanVpn bool

Set true in order to scan VPN with AWS Transit Gateway.

SecretKey string

AWS secret key.

StsExternalId string

AWS STS external id. Must exist with STS role.

StsRole string

AWS STS role.

SubAccounts List<ManagementCmeAccountsAwsSubAccount>

AWS sub-accounts. Supports these parameters:

Regions []string

Comma-separated list of AWS regions in which the Gateways are being deployed.

AccessKey string

AWS access key.

Communities []string

Comma-separated list of communities that are allowed for VPN connections for AWS Transit Gateways that are discovered by this account.

CredentialsFile string

One of the these options:

The name of a text file containing AWS credentials that is located in $FWDIR/conf/ directory for a Management Server or $MDSDIR/conf/ directory for a Multi-Domain Management Server.
“IAM” to use an IAM role profile

DeletionTolerance float64

The number of CME cycles to wait when the cloud provider does not return a Gateway until its deletion.

Domain string

The account's domain name in Multi-Domain Security Management Server environment.

ManagementCmeAccountsAwsId string

Name string

Unique account name for identification without spaces.

ScanGateways bool

Set true in order to scan gateways with AWS Transit Gateway.

ScanLoadBalancers bool

Set true in order to scan load balancers access and NAT rules with AWS Transit Gateway.

ScanSubnets bool

Set true in order to scan subnets with AWS Gateway Load Balancer.

ScanVpn bool

Set true in order to scan VPN with AWS Transit Gateway.

SecretKey string

AWS secret key.

StsExternalId string

AWS STS external id. Must exist with STS role.

StsRole string

AWS STS role.

SubAccounts []ManagementCmeAccountsAwsSubAccountArgs

AWS sub-accounts. Supports these parameters:

regions List<String>

Comma-separated list of AWS regions in which the Gateways are being deployed.

accessKey String

AWS access key.

communities List<String>

Comma-separated list of communities that are allowed for VPN connections for AWS Transit Gateways that are discovered by this account.

credentialsFile String

One of the these options:

The name of a text file containing AWS credentials that is located in $FWDIR/conf/ directory for a Management Server or $MDSDIR/conf/ directory for a Multi-Domain Management Server.
“IAM” to use an IAM role profile

deletionTolerance Double

The number of CME cycles to wait when the cloud provider does not return a Gateway until its deletion.

domain String

The account's domain name in Multi-Domain Security Management Server environment.

managementCmeAccountsAwsId String

name String

Unique account name for identification without spaces.

scanGateways Boolean

Set true in order to scan gateways with AWS Transit Gateway.

scanLoadBalancers Boolean

Set true in order to scan load balancers access and NAT rules with AWS Transit Gateway.

scanSubnets Boolean

Set true in order to scan subnets with AWS Gateway Load Balancer.

scanVpn Boolean

Set true in order to scan VPN with AWS Transit Gateway.

secretKey String

AWS secret key.

stsExternalId String

AWS STS external id. Must exist with STS role.

stsRole String

AWS STS role.

subAccounts List<ManagementCmeAccountsAwsSubAccount>

AWS sub-accounts. Supports these parameters:

regions string[]

Comma-separated list of AWS regions in which the Gateways are being deployed.

accessKey string

AWS access key.

communities string[]

Comma-separated list of communities that are allowed for VPN connections for AWS Transit Gateways that are discovered by this account.

credentialsFile string

One of the these options:

The name of a text file containing AWS credentials that is located in $FWDIR/conf/ directory for a Management Server or $MDSDIR/conf/ directory for a Multi-Domain Management Server.
“IAM” to use an IAM role profile

deletionTolerance number

The number of CME cycles to wait when the cloud provider does not return a Gateway until its deletion.

domain string

The account's domain name in Multi-Domain Security Management Server environment.

managementCmeAccountsAwsId string

name string

Unique account name for identification without spaces.

scanGateways boolean

Set true in order to scan gateways with AWS Transit Gateway.

scanLoadBalancers boolean

Set true in order to scan load balancers access and NAT rules with AWS Transit Gateway.

scanSubnets boolean

Set true in order to scan subnets with AWS Gateway Load Balancer.

scanVpn boolean

Set true in order to scan VPN with AWS Transit Gateway.

secretKey string

AWS secret key.

stsExternalId string

AWS STS external id. Must exist with STS role.

stsRole string

AWS STS role.

subAccounts ManagementCmeAccountsAwsSubAccount[]

AWS sub-accounts. Supports these parameters:

regions Sequence[str]

Comma-separated list of AWS regions in which the Gateways are being deployed.

access_key str

AWS access key.

communities Sequence[str]

Comma-separated list of communities that are allowed for VPN connections for AWS Transit Gateways that are discovered by this account.

credentials_file str

One of the these options:

The name of a text file containing AWS credentials that is located in $FWDIR/conf/ directory for a Management Server or $MDSDIR/conf/ directory for a Multi-Domain Management Server.
“IAM” to use an IAM role profile

deletion_tolerance float

The number of CME cycles to wait when the cloud provider does not return a Gateway until its deletion.

domain str

The account's domain name in Multi-Domain Security Management Server environment.

management_cme_accounts_aws_id str

name str

Unique account name for identification without spaces.

scan_gateways bool

Set true in order to scan gateways with AWS Transit Gateway.

scan_load_balancers bool

Set true in order to scan load balancers access and NAT rules with AWS Transit Gateway.

scan_subnets bool

Set true in order to scan subnets with AWS Gateway Load Balancer.

scan_vpn bool

Set true in order to scan VPN with AWS Transit Gateway.

secret_key str

AWS secret key.

sts_external_id str

AWS STS external id. Must exist with STS role.

sts_role str

AWS STS role.

sub_accounts Sequence[ManagementCmeAccountsAwsSubAccountArgs]

AWS sub-accounts. Supports these parameters:

regions List<String>

Comma-separated list of AWS regions in which the Gateways are being deployed.

accessKey String

AWS access key.

communities List<String>

Comma-separated list of communities that are allowed for VPN connections for AWS Transit Gateways that are discovered by this account.

credentialsFile String

One of the these options:

The name of a text file containing AWS credentials that is located in $FWDIR/conf/ directory for a Management Server or $MDSDIR/conf/ directory for a Multi-Domain Management Server.
“IAM” to use an IAM role profile

deletionTolerance Number

The number of CME cycles to wait when the cloud provider does not return a Gateway until its deletion.

domain String

The account's domain name in Multi-Domain Security Management Server environment.

managementCmeAccountsAwsId String

name String

Unique account name for identification without spaces.

scanGateways Boolean

Set true in order to scan gateways with AWS Transit Gateway.

scanLoadBalancers Boolean

Set true in order to scan load balancers access and NAT rules with AWS Transit Gateway.

scanSubnets Boolean

Set true in order to scan subnets with AWS Gateway Load Balancer.

scanVpn Boolean

Set true in order to scan VPN with AWS Transit Gateway.

secretKey String

AWS secret key.

stsExternalId String

AWS STS external id. Must exist with STS role.

stsRole String

AWS STS role.

subAccounts List<Property Map>

AWS sub-accounts. Supports these parameters:

Outputs

All input properties are implicitly available as output properties. Additionally, the ManagementCmeAccountsAws resource produces the following output properties:

GwConfigurations List<string>: A list of GW configurations attached to the account
Id string: The provider-assigned unique ID for this managed resource.
Platform string: The platform of the account.

GwConfigurations []string: A list of GW configurations attached to the account
Id string: The provider-assigned unique ID for this managed resource.
Platform string: The platform of the account.

gwConfigurations List<String>: A list of GW configurations attached to the account
id String: The provider-assigned unique ID for this managed resource.
platform String: The platform of the account.

gwConfigurations string[]: A list of GW configurations attached to the account
id string: The provider-assigned unique ID for this managed resource.
platform string: The platform of the account.

gw_configurations Sequence[str]: A list of GW configurations attached to the account
id str: The provider-assigned unique ID for this managed resource.
platform str: The platform of the account.

gwConfigurations List<String>: A list of GW configurations attached to the account
id String: The provider-assigned unique ID for this managed resource.
platform String: The platform of the account.

Look up Existing ManagementCmeAccountsAws Resource

Get an existing ManagementCmeAccountsAws resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: ManagementCmeAccountsAwsState, opts?: CustomResourceOptions): ManagementCmeAccountsAws

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        access_key: Optional[str] = None,
        communities: Optional[Sequence[str]] = None,
        credentials_file: Optional[str] = None,
        deletion_tolerance: Optional[float] = None,
        domain: Optional[str] = None,
        gw_configurations: Optional[Sequence[str]] = None,
        management_cme_accounts_aws_id: Optional[str] = None,
        name: Optional[str] = None,
        platform: Optional[str] = None,
        regions: Optional[Sequence[str]] = None,
        scan_gateways: Optional[bool] = None,
        scan_load_balancers: Optional[bool] = None,
        scan_subnets: Optional[bool] = None,
        scan_vpn: Optional[bool] = None,
        secret_key: Optional[str] = None,
        sts_external_id: Optional[str] = None,
        sts_role: Optional[str] = None,
        sub_accounts: Optional[Sequence[ManagementCmeAccountsAwsSubAccountArgs]] = None) -> ManagementCmeAccountsAws

func GetManagementCmeAccountsAws(ctx *Context, name string, id IDInput, state *ManagementCmeAccountsAwsState, opts ...ResourceOption) (*ManagementCmeAccountsAws, error)

public static ManagementCmeAccountsAws Get(string name, Input<string> id, ManagementCmeAccountsAwsState? state, CustomResourceOptions? opts = null)

public static ManagementCmeAccountsAws get(String name, Output<String> id, ManagementCmeAccountsAwsState state, CustomResourceOptions options)

resources:  _:    type: checkpoint:ManagementCmeAccountsAws    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

AccessKey string

AWS access key.

Communities List<string>

Comma-separated list of communities that are allowed for VPN connections for AWS Transit Gateways that are discovered by this account.

CredentialsFile string

One of the these options:

The name of a text file containing AWS credentials that is located in $FWDIR/conf/ directory for a Management Server or $MDSDIR/conf/ directory for a Multi-Domain Management Server.
“IAM” to use an IAM role profile

DeletionTolerance double

The number of CME cycles to wait when the cloud provider does not return a Gateway until its deletion.

Domain string

The account's domain name in Multi-Domain Security Management Server environment.

GwConfigurations List<string>

A list of GW configurations attached to the account

ManagementCmeAccountsAwsId string

Name string

Unique account name for identification without spaces.

Platform string

The platform of the account.

Regions List<string>

Comma-separated list of AWS regions in which the Gateways are being deployed.

ScanGateways bool

Set true in order to scan gateways with AWS Transit Gateway.

ScanLoadBalancers bool

Set true in order to scan load balancers access and NAT rules with AWS Transit Gateway.

ScanSubnets bool

Set true in order to scan subnets with AWS Gateway Load Balancer.

ScanVpn bool

Set true in order to scan VPN with AWS Transit Gateway.

SecretKey string

AWS secret key.

StsExternalId string

AWS STS external id. Must exist with STS role.

StsRole string

AWS STS role.

SubAccounts List<ManagementCmeAccountsAwsSubAccount>

AWS sub-accounts. Supports these parameters:

AccessKey string

AWS access key.

Communities []string

Comma-separated list of communities that are allowed for VPN connections for AWS Transit Gateways that are discovered by this account.

CredentialsFile string

One of the these options:

The name of a text file containing AWS credentials that is located in $FWDIR/conf/ directory for a Management Server or $MDSDIR/conf/ directory for a Multi-Domain Management Server.
“IAM” to use an IAM role profile

DeletionTolerance float64

The number of CME cycles to wait when the cloud provider does not return a Gateway until its deletion.

Domain string

The account's domain name in Multi-Domain Security Management Server environment.

GwConfigurations []string

A list of GW configurations attached to the account

ManagementCmeAccountsAwsId string

Name string

Unique account name for identification without spaces.

Platform string

The platform of the account.

Regions []string

Comma-separated list of AWS regions in which the Gateways are being deployed.

ScanGateways bool

Set true in order to scan gateways with AWS Transit Gateway.

ScanLoadBalancers bool

Set true in order to scan load balancers access and NAT rules with AWS Transit Gateway.

ScanSubnets bool

Set true in order to scan subnets with AWS Gateway Load Balancer.

ScanVpn bool

Set true in order to scan VPN with AWS Transit Gateway.

SecretKey string

AWS secret key.

StsExternalId string

AWS STS external id. Must exist with STS role.

StsRole string

AWS STS role.

SubAccounts []ManagementCmeAccountsAwsSubAccountArgs

AWS sub-accounts. Supports these parameters:

accessKey String

AWS access key.

communities List<String>

Comma-separated list of communities that are allowed for VPN connections for AWS Transit Gateways that are discovered by this account.

credentialsFile String

One of the these options:

The name of a text file containing AWS credentials that is located in $FWDIR/conf/ directory for a Management Server or $MDSDIR/conf/ directory for a Multi-Domain Management Server.
“IAM” to use an IAM role profile

deletionTolerance Double

The number of CME cycles to wait when the cloud provider does not return a Gateway until its deletion.

domain String

The account's domain name in Multi-Domain Security Management Server environment.

gwConfigurations List<String>

A list of GW configurations attached to the account

managementCmeAccountsAwsId String

name String

Unique account name for identification without spaces.

platform String

The platform of the account.

regions List<String>

Comma-separated list of AWS regions in which the Gateways are being deployed.

scanGateways Boolean

Set true in order to scan gateways with AWS Transit Gateway.

scanLoadBalancers Boolean

Set true in order to scan load balancers access and NAT rules with AWS Transit Gateway.

scanSubnets Boolean

Set true in order to scan subnets with AWS Gateway Load Balancer.

scanVpn Boolean

Set true in order to scan VPN with AWS Transit Gateway.

secretKey String

AWS secret key.

stsExternalId String

AWS STS external id. Must exist with STS role.

stsRole String

AWS STS role.

subAccounts List<ManagementCmeAccountsAwsSubAccount>

AWS sub-accounts. Supports these parameters:

accessKey string

AWS access key.

communities string[]

Comma-separated list of communities that are allowed for VPN connections for AWS Transit Gateways that are discovered by this account.

credentialsFile string

One of the these options:

The name of a text file containing AWS credentials that is located in $FWDIR/conf/ directory for a Management Server or $MDSDIR/conf/ directory for a Multi-Domain Management Server.
“IAM” to use an IAM role profile

deletionTolerance number

The number of CME cycles to wait when the cloud provider does not return a Gateway until its deletion.

domain string

The account's domain name in Multi-Domain Security Management Server environment.

gwConfigurations string[]

A list of GW configurations attached to the account

managementCmeAccountsAwsId string

name string

Unique account name for identification without spaces.

platform string

The platform of the account.

regions string[]

Comma-separated list of AWS regions in which the Gateways are being deployed.

scanGateways boolean

Set true in order to scan gateways with AWS Transit Gateway.

scanLoadBalancers boolean

Set true in order to scan load balancers access and NAT rules with AWS Transit Gateway.

scanSubnets boolean

Set true in order to scan subnets with AWS Gateway Load Balancer.

scanVpn boolean

Set true in order to scan VPN with AWS Transit Gateway.

secretKey string

AWS secret key.

stsExternalId string

AWS STS external id. Must exist with STS role.

stsRole string

AWS STS role.

subAccounts ManagementCmeAccountsAwsSubAccount[]

AWS sub-accounts. Supports these parameters:

access_key str

AWS access key.

communities Sequence[str]

Comma-separated list of communities that are allowed for VPN connections for AWS Transit Gateways that are discovered by this account.

credentials_file str

One of the these options:

The name of a text file containing AWS credentials that is located in $FWDIR/conf/ directory for a Management Server or $MDSDIR/conf/ directory for a Multi-Domain Management Server.
“IAM” to use an IAM role profile

deletion_tolerance float

The number of CME cycles to wait when the cloud provider does not return a Gateway until its deletion.

domain str

The account's domain name in Multi-Domain Security Management Server environment.

gw_configurations Sequence[str]

A list of GW configurations attached to the account

management_cme_accounts_aws_id str

name str

Unique account name for identification without spaces.

platform str

The platform of the account.

regions Sequence[str]

Comma-separated list of AWS regions in which the Gateways are being deployed.

scan_gateways bool

Set true in order to scan gateways with AWS Transit Gateway.

scan_load_balancers bool

Set true in order to scan load balancers access and NAT rules with AWS Transit Gateway.

scan_subnets bool

Set true in order to scan subnets with AWS Gateway Load Balancer.

scan_vpn bool

Set true in order to scan VPN with AWS Transit Gateway.

secret_key str

AWS secret key.

sts_external_id str

AWS STS external id. Must exist with STS role.

sts_role str

AWS STS role.

sub_accounts Sequence[ManagementCmeAccountsAwsSubAccountArgs]

AWS sub-accounts. Supports these parameters:

accessKey String

AWS access key.

communities List<String>

Comma-separated list of communities that are allowed for VPN connections for AWS Transit Gateways that are discovered by this account.

credentialsFile String

One of the these options:

The name of a text file containing AWS credentials that is located in $FWDIR/conf/ directory for a Management Server or $MDSDIR/conf/ directory for a Multi-Domain Management Server.
“IAM” to use an IAM role profile

deletionTolerance Number

The number of CME cycles to wait when the cloud provider does not return a Gateway until its deletion.

domain String

The account's domain name in Multi-Domain Security Management Server environment.

gwConfigurations List<String>

A list of GW configurations attached to the account

managementCmeAccountsAwsId String

name String

Unique account name for identification without spaces.

platform String

The platform of the account.

regions List<String>

Comma-separated list of AWS regions in which the Gateways are being deployed.

scanGateways Boolean

Set true in order to scan gateways with AWS Transit Gateway.

scanLoadBalancers Boolean

Set true in order to scan load balancers access and NAT rules with AWS Transit Gateway.

scanSubnets Boolean

Set true in order to scan subnets with AWS Gateway Load Balancer.

scanVpn Boolean

Set true in order to scan VPN with AWS Transit Gateway.

secretKey String

AWS secret key.

stsExternalId String

AWS STS external id. Must exist with STS role.

stsRole String

AWS STS role.

subAccounts List<Property Map>

AWS sub-accounts. Supports these parameters:

Supporting Types

ManagementCmeAccountsAwsSubAccount, ManagementCmeAccountsAwsSubAccountArgs

Name string: Sub-account name.
AccessKey string: Sub-account access key.
CredentialsFile string: Sub-account credentials file.
SecretKey string: Sub-account secret key.
StsExternalId string: Sub-account STS external id. Must exist with STS role.
StsRole string: Sub-account STS role.

Name string: Sub-account name.
AccessKey string: Sub-account access key.
CredentialsFile string: Sub-account credentials file.
SecretKey string: Sub-account secret key.
StsExternalId string: Sub-account STS external id. Must exist with STS role.
StsRole string: Sub-account STS role.

name String: Sub-account name.
accessKey String: Sub-account access key.
credentialsFile String: Sub-account credentials file.
secretKey String: Sub-account secret key.
stsExternalId String: Sub-account STS external id. Must exist with STS role.
stsRole String: Sub-account STS role.

name string: Sub-account name.
accessKey string: Sub-account access key.
credentialsFile string: Sub-account credentials file.
secretKey string: Sub-account secret key.
stsExternalId string: Sub-account STS external id. Must exist with STS role.
stsRole string: Sub-account STS role.

name str: Sub-account name.
access_key str: Sub-account access key.
credentials_file str: Sub-account credentials file.
secret_key str: Sub-account secret key.
sts_external_id str: Sub-account STS external id. Must exist with STS role.
sts_role str: Sub-account STS role.

name String: Sub-account name.
accessKey String: Sub-account access key.
credentialsFile String: Sub-account credentials file.
secretKey String: Sub-account secret key.
stsExternalId String: Sub-account STS external id. Must exist with STS role.
stsRole String: Sub-account STS role.

Package Details

Repository: checkpoint checkpointsw/terraform-provider-checkpoint
License
Notes: This Pulumi package is based on the checkpoint Terraform Provider.

checkpoint 2.9.0 published on Monday, Apr 14, 2025 by checkpointsw

checkpointsw/terraform-provider-checkpoint

checkpoint.ManagementCmeAccountsAws

On this page

On this page

Create ManagementCmeAccountsAws Resource

Constructor syntax

Parameters

Constructor example

ManagementCmeAccountsAws Resource Properties

Inputs

Outputs

Look up Existing ManagementCmeAccountsAws Resource

Supporting Types

ManagementCmeAccountsAwsSubAccount, ManagementCmeAccountsAwsSubAccountArgs

Package Details

On this page

On this page