checkpoint 2.9.0, Apr 14 25

checkpoint 2.9.0 published on Monday, Apr 14, 2025 by checkpointsw

checkpointsw/terraform-provider-checkpoint

checkpoint.ManagementOpsecTrustedCa

Explore with Pulumi AI

checkpoint 2.9.0 published on Monday, Apr 14, 2025 by checkpointsw

checkpointsw/terraform-provider-checkpoint

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as checkpoint from "@pulumi/checkpoint";

const example = new checkpoint.ManagementOpsecTrustedCa("example", {base64Certificate: "MIICwjCCAaqgAwIBAgIILdexblpVEMIwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAxMNd3d3Lm9wc2VjLmNvbTAeFw0yMzA2MjUwOTE3MDBaFw0yNTAzMzExNjAwMDBaMBgxFjAUBgNVBAMTDXd3dy5vcHNlYy5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjpqCxDaVg+I1b+wqnmjjYtL3v7Tlu/YpMbsKnv+M1gRz6QFUOoSVnxKLo0A7Y4kCqa1OPcHO/LtXuok43F1YZPVKm3xWpY8FmqGqf5ZuGmSwm1HPObcMjwGOyFgwpwEDF5e0UMZ7xtJF8BZ5KKBh3ZfQ1FbmbVqSUPcmOi+NE4JspPlHxX+m6es/yeSGR1A2ezKY7KePTlwVtDe8hiLrYyKG92nka5rkD1QyEIVJ0W5wrnU4nGEDIHeOfT09zroQxaNLkb51sl4Tog/qw+EraVGIBe/iFnSJoDF37i2mLJqI/t8bel+aGDAxgMx1pO85OClgjPSWL0UIXGI2xrR+JAgMBAAGjEDAOMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAHTs1AutAmSLHF2KRLJtrRNkso0lMyA7XI7k1TNpTk7TCZLNY0VbUliGbcl+POH4EG8ARUrftnwRDCTBd2BdJTqG2CyNADi+bw8aLvbxok7KH0GlQvGjyfq+sHK12wTl4ULNyYoAPZ01GhXOvkobROdSyjxvBVhxdVo90kj7mHFv3N83huNhfstDFUBcQCmMkbLuzDUZrl2a1OtqlOdNC6mNvb7Jq9W9vRxGA514e7jqyoM+PwHu5fILx/jmGT8suOUnvbtcDdFhjqixAPer6uSPR0CSbiJvuDy72DPH5mjZK5dQKewNYOZ/BQEsRIBe+Q6eGAoJqi+cD63cwlw0DCc="});

import pulumi
import pulumi_checkpoint as checkpoint

example = checkpoint.ManagementOpsecTrustedCa("example", base64_certificate="MIICwjCCAaqgAwIBAgIILdexblpVEMIwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAxMNd3d3Lm9wc2VjLmNvbTAeFw0yMzA2MjUwOTE3MDBaFw0yNTAzMzExNjAwMDBaMBgxFjAUBgNVBAMTDXd3dy5vcHNlYy5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjpqCxDaVg+I1b+wqnmjjYtL3v7Tlu/YpMbsKnv+M1gRz6QFUOoSVnxKLo0A7Y4kCqa1OPcHO/LtXuok43F1YZPVKm3xWpY8FmqGqf5ZuGmSwm1HPObcMjwGOyFgwpwEDF5e0UMZ7xtJF8BZ5KKBh3ZfQ1FbmbVqSUPcmOi+NE4JspPlHxX+m6es/yeSGR1A2ezKY7KePTlwVtDe8hiLrYyKG92nka5rkD1QyEIVJ0W5wrnU4nGEDIHeOfT09zroQxaNLkb51sl4Tog/qw+EraVGIBe/iFnSJoDF37i2mLJqI/t8bel+aGDAxgMx1pO85OClgjPSWL0UIXGI2xrR+JAgMBAAGjEDAOMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAHTs1AutAmSLHF2KRLJtrRNkso0lMyA7XI7k1TNpTk7TCZLNY0VbUliGbcl+POH4EG8ARUrftnwRDCTBd2BdJTqG2CyNADi+bw8aLvbxok7KH0GlQvGjyfq+sHK12wTl4ULNyYoAPZ01GhXOvkobROdSyjxvBVhxdVo90kj7mHFv3N83huNhfstDFUBcQCmMkbLuzDUZrl2a1OtqlOdNC6mNvb7Jq9W9vRxGA514e7jqyoM+PwHu5fILx/jmGT8suOUnvbtcDdFhjqixAPer6uSPR0CSbiJvuDy72DPH5mjZK5dQKewNYOZ/BQEsRIBe+Q6eGAoJqi+cD63cwlw0DCc=")

package main

import (
	"github.com/pulumi/pulumi-terraform-provider/sdks/go/checkpoint/v2/checkpoint"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := checkpoint.NewManagementOpsecTrustedCa(ctx, "example", &checkpoint.ManagementOpsecTrustedCaArgs{
			Base64Certificate: pulumi.String("MIICwjCCAaqgAwIBAgIILdexblpVEMIwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAxMNd3d3Lm9wc2VjLmNvbTAeFw0yMzA2MjUwOTE3MDBaFw0yNTAzMzExNjAwMDBaMBgxFjAUBgNVBAMTDXd3dy5vcHNlYy5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjpqCxDaVg+I1b+wqnmjjYtL3v7Tlu/YpMbsKnv+M1gRz6QFUOoSVnxKLo0A7Y4kCqa1OPcHO/LtXuok43F1YZPVKm3xWpY8FmqGqf5ZuGmSwm1HPObcMjwGOyFgwpwEDF5e0UMZ7xtJF8BZ5KKBh3ZfQ1FbmbVqSUPcmOi+NE4JspPlHxX+m6es/yeSGR1A2ezKY7KePTlwVtDe8hiLrYyKG92nka5rkD1QyEIVJ0W5wrnU4nGEDIHeOfT09zroQxaNLkb51sl4Tog/qw+EraVGIBe/iFnSJoDF37i2mLJqI/t8bel+aGDAxgMx1pO85OClgjPSWL0UIXGI2xrR+JAgMBAAGjEDAOMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAHTs1AutAmSLHF2KRLJtrRNkso0lMyA7XI7k1TNpTk7TCZLNY0VbUliGbcl+POH4EG8ARUrftnwRDCTBd2BdJTqG2CyNADi+bw8aLvbxok7KH0GlQvGjyfq+sHK12wTl4ULNyYoAPZ01GhXOvkobROdSyjxvBVhxdVo90kj7mHFv3N83huNhfstDFUBcQCmMkbLuzDUZrl2a1OtqlOdNC6mNvb7Jq9W9vRxGA514e7jqyoM+PwHu5fILx/jmGT8suOUnvbtcDdFhjqixAPer6uSPR0CSbiJvuDy72DPH5mjZK5dQKewNYOZ/BQEsRIBe+Q6eGAoJqi+cD63cwlw0DCc="),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Checkpoint = Pulumi.Checkpoint;

return await Deployment.RunAsync(() => 
{
    var example = new Checkpoint.ManagementOpsecTrustedCa("example", new()
    {
        Base64Certificate = "MIICwjCCAaqgAwIBAgIILdexblpVEMIwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAxMNd3d3Lm9wc2VjLmNvbTAeFw0yMzA2MjUwOTE3MDBaFw0yNTAzMzExNjAwMDBaMBgxFjAUBgNVBAMTDXd3dy5vcHNlYy5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjpqCxDaVg+I1b+wqnmjjYtL3v7Tlu/YpMbsKnv+M1gRz6QFUOoSVnxKLo0A7Y4kCqa1OPcHO/LtXuok43F1YZPVKm3xWpY8FmqGqf5ZuGmSwm1HPObcMjwGOyFgwpwEDF5e0UMZ7xtJF8BZ5KKBh3ZfQ1FbmbVqSUPcmOi+NE4JspPlHxX+m6es/yeSGR1A2ezKY7KePTlwVtDe8hiLrYyKG92nka5rkD1QyEIVJ0W5wrnU4nGEDIHeOfT09zroQxaNLkb51sl4Tog/qw+EraVGIBe/iFnSJoDF37i2mLJqI/t8bel+aGDAxgMx1pO85OClgjPSWL0UIXGI2xrR+JAgMBAAGjEDAOMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAHTs1AutAmSLHF2KRLJtrRNkso0lMyA7XI7k1TNpTk7TCZLNY0VbUliGbcl+POH4EG8ARUrftnwRDCTBd2BdJTqG2CyNADi+bw8aLvbxok7KH0GlQvGjyfq+sHK12wTl4ULNyYoAPZ01GhXOvkobROdSyjxvBVhxdVo90kj7mHFv3N83huNhfstDFUBcQCmMkbLuzDUZrl2a1OtqlOdNC6mNvb7Jq9W9vRxGA514e7jqyoM+PwHu5fILx/jmGT8suOUnvbtcDdFhjqixAPer6uSPR0CSbiJvuDy72DPH5mjZK5dQKewNYOZ/BQEsRIBe+Q6eGAoJqi+cD63cwlw0DCc=",
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.checkpoint.ManagementOpsecTrustedCa;
import com.pulumi.checkpoint.ManagementOpsecTrustedCaArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var example = new ManagementOpsecTrustedCa("example", ManagementOpsecTrustedCaArgs.builder()
            .base64Certificate("MIICwjCCAaqgAwIBAgIILdexblpVEMIwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAxMNd3d3Lm9wc2VjLmNvbTAeFw0yMzA2MjUwOTE3MDBaFw0yNTAzMzExNjAwMDBaMBgxFjAUBgNVBAMTDXd3dy5vcHNlYy5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjpqCxDaVg+I1b+wqnmjjYtL3v7Tlu/YpMbsKnv+M1gRz6QFUOoSVnxKLo0A7Y4kCqa1OPcHO/LtXuok43F1YZPVKm3xWpY8FmqGqf5ZuGmSwm1HPObcMjwGOyFgwpwEDF5e0UMZ7xtJF8BZ5KKBh3ZfQ1FbmbVqSUPcmOi+NE4JspPlHxX+m6es/yeSGR1A2ezKY7KePTlwVtDe8hiLrYyKG92nka5rkD1QyEIVJ0W5wrnU4nGEDIHeOfT09zroQxaNLkb51sl4Tog/qw+EraVGIBe/iFnSJoDF37i2mLJqI/t8bel+aGDAxgMx1pO85OClgjPSWL0UIXGI2xrR+JAgMBAAGjEDAOMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAHTs1AutAmSLHF2KRLJtrRNkso0lMyA7XI7k1TNpTk7TCZLNY0VbUliGbcl+POH4EG8ARUrftnwRDCTBd2BdJTqG2CyNADi+bw8aLvbxok7KH0GlQvGjyfq+sHK12wTl4ULNyYoAPZ01GhXOvkobROdSyjxvBVhxdVo90kj7mHFv3N83huNhfstDFUBcQCmMkbLuzDUZrl2a1OtqlOdNC6mNvb7Jq9W9vRxGA514e7jqyoM+PwHu5fILx/jmGT8suOUnvbtcDdFhjqixAPer6uSPR0CSbiJvuDy72DPH5mjZK5dQKewNYOZ/BQEsRIBe+Q6eGAoJqi+cD63cwlw0DCc=")
            .build());

    }
}

resources:
  example:
    type: checkpoint:ManagementOpsecTrustedCa
    properties:
      base64Certificate: MIICwjCCAaqgAwIBAgIILdexblpVEMIwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAxMNd3d3Lm9wc2VjLmNvbTAeFw0yMzA2MjUwOTE3MDBaFw0yNTAzMzExNjAwMDBaMBgxFjAUBgNVBAMTDXd3dy5vcHNlYy5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjpqCxDaVg+I1b+wqnmjjYtL3v7Tlu/YpMbsKnv+M1gRz6QFUOoSVnxKLo0A7Y4kCqa1OPcHO/LtXuok43F1YZPVKm3xWpY8FmqGqf5ZuGmSwm1HPObcMjwGOyFgwpwEDF5e0UMZ7xtJF8BZ5KKBh3ZfQ1FbmbVqSUPcmOi+NE4JspPlHxX+m6es/yeSGR1A2ezKY7KePTlwVtDe8hiLrYyKG92nka5rkD1QyEIVJ0W5wrnU4nGEDIHeOfT09zroQxaNLkb51sl4Tog/qw+EraVGIBe/iFnSJoDF37i2mLJqI/t8bel+aGDAxgMx1pO85OClgjPSWL0UIXGI2xrR+JAgMBAAGjEDAOMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAHTs1AutAmSLHF2KRLJtrRNkso0lMyA7XI7k1TNpTk7TCZLNY0VbUliGbcl+POH4EG8ARUrftnwRDCTBd2BdJTqG2CyNADi+bw8aLvbxok7KH0GlQvGjyfq+sHK12wTl4ULNyYoAPZ01GhXOvkobROdSyjxvBVhxdVo90kj7mHFv3N83huNhfstDFUBcQCmMkbLuzDUZrl2a1OtqlOdNC6mNvb7Jq9W9vRxGA514e7jqyoM+PwHu5fILx/jmGT8suOUnvbtcDdFhjqixAPer6uSPR0CSbiJvuDy72DPH5mjZK5dQKewNYOZ/BQEsRIBe+Q6eGAoJqi+cD63cwlw0DCc=

Create ManagementOpsecTrustedCa Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new ManagementOpsecTrustedCa(name: string, args: ManagementOpsecTrustedCaArgs, opts?: CustomResourceOptions);

@overload
def ManagementOpsecTrustedCa(resource_name: str,
                             args: ManagementOpsecTrustedCaArgs,
                             opts: Optional[ResourceOptions] = None)

@overload
def ManagementOpsecTrustedCa(resource_name: str,
                             opts: Optional[ResourceOptions] = None,
                             base64_certificate: Optional[str] = None,
                             crl_cache_timeout: Optional[float] = None,
                             ignore_errors: Optional[bool] = None,
                             branches: Optional[Sequence[str]] = None,
                             cache_crl: Optional[bool] = None,
                             color: Optional[str] = None,
                             comments: Optional[str] = None,
                             automatic_enrollment: Optional[ManagementOpsecTrustedCaAutomaticEnrollmentArgs] = None,
                             crl_cache_method: Optional[str] = None,
                             domains_to_processes: Optional[Sequence[str]] = None,
                             allow_certificates_from_branches: Optional[bool] = None,
                             ignore_warnings: Optional[bool] = None,
                             management_opsec_trusted_ca_id: Optional[str] = None,
                             name: Optional[str] = None,
                             retrieve_crl_from_http_servers: Optional[bool] = None,
                             retrieve_crl_from_ldap_servers: Optional[bool] = None,
                             tags: Optional[Sequence[str]] = None)

func NewManagementOpsecTrustedCa(ctx *Context, name string, args ManagementOpsecTrustedCaArgs, opts ...ResourceOption) (*ManagementOpsecTrustedCa, error)

public ManagementOpsecTrustedCa(string name, ManagementOpsecTrustedCaArgs args, CustomResourceOptions? opts = null)

public ManagementOpsecTrustedCa(String name, ManagementOpsecTrustedCaArgs args)
public ManagementOpsecTrustedCa(String name, ManagementOpsecTrustedCaArgs args, CustomResourceOptions options)

type: checkpoint:ManagementOpsecTrustedCa
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args ManagementOpsecTrustedCaArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args ManagementOpsecTrustedCaArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args ManagementOpsecTrustedCaArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args ManagementOpsecTrustedCaArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args ManagementOpsecTrustedCaArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var managementOpsecTrustedCaResource = new Checkpoint.ManagementOpsecTrustedCa("managementOpsecTrustedCaResource", new()
{
    Base64Certificate = "string",
    CrlCacheTimeout = 0,
    IgnoreErrors = false,
    Branches = new[]
    {
        "string",
    },
    CacheCrl = false,
    Color = "string",
    Comments = "string",
    AutomaticEnrollment = new Checkpoint.Inputs.ManagementOpsecTrustedCaAutomaticEnrollmentArgs
    {
        AutomaticallyEnrollCertificate = false,
        Cmpv1Settings = new Checkpoint.Inputs.ManagementOpsecTrustedCaAutomaticEnrollmentCmpv1SettingsArgs
        {
            DirectTcpSettings = new Checkpoint.Inputs.ManagementOpsecTrustedCaAutomaticEnrollmentCmpv1SettingsDirectTcpSettingsArgs
            {
                IpAddress = "string",
                Port = 0,
            },
        },
        Cmpv2Settings = new Checkpoint.Inputs.ManagementOpsecTrustedCaAutomaticEnrollmentCmpv2SettingsArgs
        {
            DirectTcpSettings = new Checkpoint.Inputs.ManagementOpsecTrustedCaAutomaticEnrollmentCmpv2SettingsDirectTcpSettingsArgs
            {
                IpAddress = "string",
                Port = 0,
            },
            HttpSettings = new Checkpoint.Inputs.ManagementOpsecTrustedCaAutomaticEnrollmentCmpv2SettingsHttpSettingsArgs
            {
                Url = "string",
            },
            TransportLayer = "string",
        },
        Protocol = "string",
        ScepSettings = new Checkpoint.Inputs.ManagementOpsecTrustedCaAutomaticEnrollmentScepSettingsArgs
        {
            CaIdentifier = "string",
            Url = "string",
        },
    },
    CrlCacheMethod = "string",
    DomainsToProcesses = new[]
    {
        "string",
    },
    AllowCertificatesFromBranches = false,
    IgnoreWarnings = false,
    ManagementOpsecTrustedCaId = "string",
    Name = "string",
    RetrieveCrlFromHttpServers = false,
    RetrieveCrlFromLdapServers = false,
    Tags = new[]
    {
        "string",
    },
});

example, err := checkpoint.NewManagementOpsecTrustedCa(ctx, "managementOpsecTrustedCaResource", &checkpoint.ManagementOpsecTrustedCaArgs{
	Base64Certificate: pulumi.String("string"),
	CrlCacheTimeout:   pulumi.Float64(0),
	IgnoreErrors:      pulumi.Bool(false),
	Branches: pulumi.StringArray{
		pulumi.String("string"),
	},
	CacheCrl: pulumi.Bool(false),
	Color:    pulumi.String("string"),
	Comments: pulumi.String("string"),
	AutomaticEnrollment: &checkpoint.ManagementOpsecTrustedCaAutomaticEnrollmentArgs{
		AutomaticallyEnrollCertificate: pulumi.Bool(false),
		Cmpv1Settings: &checkpoint.ManagementOpsecTrustedCaAutomaticEnrollmentCmpv1SettingsArgs{
			DirectTcpSettings: &checkpoint.ManagementOpsecTrustedCaAutomaticEnrollmentCmpv1SettingsDirectTcpSettingsArgs{
				IpAddress: pulumi.String("string"),
				Port:      pulumi.Float64(0),
			},
		},
		Cmpv2Settings: &checkpoint.ManagementOpsecTrustedCaAutomaticEnrollmentCmpv2SettingsArgs{
			DirectTcpSettings: &checkpoint.ManagementOpsecTrustedCaAutomaticEnrollmentCmpv2SettingsDirectTcpSettingsArgs{
				IpAddress: pulumi.String("string"),
				Port:      pulumi.Float64(0),
			},
			HttpSettings: &checkpoint.ManagementOpsecTrustedCaAutomaticEnrollmentCmpv2SettingsHttpSettingsArgs{
				Url: pulumi.String("string"),
			},
			TransportLayer: pulumi.String("string"),
		},
		Protocol: pulumi.String("string"),
		ScepSettings: &checkpoint.ManagementOpsecTrustedCaAutomaticEnrollmentScepSettingsArgs{
			CaIdentifier: pulumi.String("string"),
			Url:          pulumi.String("string"),
		},
	},
	CrlCacheMethod: pulumi.String("string"),
	DomainsToProcesses: pulumi.StringArray{
		pulumi.String("string"),
	},
	AllowCertificatesFromBranches: pulumi.Bool(false),
	IgnoreWarnings:                pulumi.Bool(false),
	ManagementOpsecTrustedCaId:    pulumi.String("string"),
	Name:                          pulumi.String("string"),
	RetrieveCrlFromHttpServers:    pulumi.Bool(false),
	RetrieveCrlFromLdapServers:    pulumi.Bool(false),
	Tags: pulumi.StringArray{
		pulumi.String("string"),
	},
})

var managementOpsecTrustedCaResource = new ManagementOpsecTrustedCa("managementOpsecTrustedCaResource", ManagementOpsecTrustedCaArgs.builder()
    .base64Certificate("string")
    .crlCacheTimeout(0)
    .ignoreErrors(false)
    .branches("string")
    .cacheCrl(false)
    .color("string")
    .comments("string")
    .automaticEnrollment(ManagementOpsecTrustedCaAutomaticEnrollmentArgs.builder()
        .automaticallyEnrollCertificate(false)
        .cmpv1Settings(ManagementOpsecTrustedCaAutomaticEnrollmentCmpv1SettingsArgs.builder()
            .directTcpSettings(ManagementOpsecTrustedCaAutomaticEnrollmentCmpv1SettingsDirectTcpSettingsArgs.builder()
                .ipAddress("string")
                .port(0)
                .build())
            .build())
        .cmpv2Settings(ManagementOpsecTrustedCaAutomaticEnrollmentCmpv2SettingsArgs.builder()
            .directTcpSettings(ManagementOpsecTrustedCaAutomaticEnrollmentCmpv2SettingsDirectTcpSettingsArgs.builder()
                .ipAddress("string")
                .port(0)
                .build())
            .httpSettings(ManagementOpsecTrustedCaAutomaticEnrollmentCmpv2SettingsHttpSettingsArgs.builder()
                .url("string")
                .build())
            .transportLayer("string")
            .build())
        .protocol("string")
        .scepSettings(ManagementOpsecTrustedCaAutomaticEnrollmentScepSettingsArgs.builder()
            .caIdentifier("string")
            .url("string")
            .build())
        .build())
    .crlCacheMethod("string")
    .domainsToProcesses("string")
    .allowCertificatesFromBranches(false)
    .ignoreWarnings(false)
    .managementOpsecTrustedCaId("string")
    .name("string")
    .retrieveCrlFromHttpServers(false)
    .retrieveCrlFromLdapServers(false)
    .tags("string")
    .build());

management_opsec_trusted_ca_resource = checkpoint.ManagementOpsecTrustedCa("managementOpsecTrustedCaResource",
    base64_certificate="string",
    crl_cache_timeout=0,
    ignore_errors=False,
    branches=["string"],
    cache_crl=False,
    color="string",
    comments="string",
    automatic_enrollment={
        "automatically_enroll_certificate": False,
        "cmpv1_settings": {
            "direct_tcp_settings": {
                "ip_address": "string",
                "port": 0,
            },
        },
        "cmpv2_settings": {
            "direct_tcp_settings": {
                "ip_address": "string",
                "port": 0,
            },
            "http_settings": {
                "url": "string",
            },
            "transport_layer": "string",
        },
        "protocol": "string",
        "scep_settings": {
            "ca_identifier": "string",
            "url": "string",
        },
    },
    crl_cache_method="string",
    domains_to_processes=["string"],
    allow_certificates_from_branches=False,
    ignore_warnings=False,
    management_opsec_trusted_ca_id="string",
    name="string",
    retrieve_crl_from_http_servers=False,
    retrieve_crl_from_ldap_servers=False,
    tags=["string"])

const managementOpsecTrustedCaResource = new checkpoint.ManagementOpsecTrustedCa("managementOpsecTrustedCaResource", {
    base64Certificate: "string",
    crlCacheTimeout: 0,
    ignoreErrors: false,
    branches: ["string"],
    cacheCrl: false,
    color: "string",
    comments: "string",
    automaticEnrollment: {
        automaticallyEnrollCertificate: false,
        cmpv1Settings: {
            directTcpSettings: {
                ipAddress: "string",
                port: 0,
            },
        },
        cmpv2Settings: {
            directTcpSettings: {
                ipAddress: "string",
                port: 0,
            },
            httpSettings: {
                url: "string",
            },
            transportLayer: "string",
        },
        protocol: "string",
        scepSettings: {
            caIdentifier: "string",
            url: "string",
        },
    },
    crlCacheMethod: "string",
    domainsToProcesses: ["string"],
    allowCertificatesFromBranches: false,
    ignoreWarnings: false,
    managementOpsecTrustedCaId: "string",
    name: "string",
    retrieveCrlFromHttpServers: false,
    retrieveCrlFromLdapServers: false,
    tags: ["string"],
});

type: checkpoint:ManagementOpsecTrustedCa
properties:
    allowCertificatesFromBranches: false
    automaticEnrollment:
        automaticallyEnrollCertificate: false
        cmpv1Settings:
            directTcpSettings:
                ipAddress: string
                port: 0
        cmpv2Settings:
            directTcpSettings:
                ipAddress: string
                port: 0
            httpSettings:
                url: string
            transportLayer: string
        protocol: string
        scepSettings:
            caIdentifier: string
            url: string
    base64Certificate: string
    branches:
        - string
    cacheCrl: false
    color: string
    comments: string
    crlCacheMethod: string
    crlCacheTimeout: 0
    domainsToProcesses:
        - string
    ignoreErrors: false
    ignoreWarnings: false
    managementOpsecTrustedCaId: string
    name: string
    retrieveCrlFromHttpServers: false
    retrieveCrlFromLdapServers: false
    tags:
        - string

ManagementOpsecTrustedCa Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The ManagementOpsecTrustedCa resource accepts the following input properties:

Base64Certificate string: Certificate file encoded in base64.
AllowCertificatesFromBranches bool: Allow only certificates from listed branches.
AutomaticEnrollment ManagementOpsecTrustedCaAutomaticEnrollment: Certificate automatic enrollment.automatic_enrollment blocks are documented below.
Branches List<string>: Branches to allow certificates from. Required only if "allow-certificates-from-branches" set to "true".branches blocks are documented below.
CacheCrl bool: Cache Certificate Revocation List on the Security Gateway.
Color string: Color of the object. Should be one of existing colors.
Comments string: Comments string.
CrlCacheMethod string: Weather to retrieve new Certificate Revocation List after the certificate expires or after a fixed period.
CrlCacheTimeout double: When to fetch new Certificate Revocation List (in minutes).
DomainsToProcesses List<string>: Indicates which domains to process the commands on. It cannot be used with the details-level full, must be run from the System Domain only and with ignore-warnings true. Valid values are: CURRENT_DOMAIN, ALL_DOMAINS_ON_THIS_SERVER.domains_to_process blocks are documented below.
IgnoreErrors bool: Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored.
IgnoreWarnings bool: Apply changes ignoring warnings.
ManagementOpsecTrustedCaId string
Name string: Object name.
RetrieveCrlFromHttpServers bool: Whether to retrieve Certificate Revocation List from http servers.
RetrieveCrlFromLdapServers bool: Whether to retrieve Certificate Revocation List from ldap servers.
Tags List<string>: Collection of tag identifiers.tags blocks are documented below.

Base64Certificate string: Certificate file encoded in base64.
AllowCertificatesFromBranches bool: Allow only certificates from listed branches.
AutomaticEnrollment ManagementOpsecTrustedCaAutomaticEnrollmentArgs: Certificate automatic enrollment.automatic_enrollment blocks are documented below.
Branches []string: Branches to allow certificates from. Required only if "allow-certificates-from-branches" set to "true".branches blocks are documented below.
CacheCrl bool: Cache Certificate Revocation List on the Security Gateway.
Color string: Color of the object. Should be one of existing colors.
Comments string: Comments string.
CrlCacheMethod string: Weather to retrieve new Certificate Revocation List after the certificate expires or after a fixed period.
CrlCacheTimeout float64: When to fetch new Certificate Revocation List (in minutes).
DomainsToProcesses []string: Indicates which domains to process the commands on. It cannot be used with the details-level full, must be run from the System Domain only and with ignore-warnings true. Valid values are: CURRENT_DOMAIN, ALL_DOMAINS_ON_THIS_SERVER.domains_to_process blocks are documented below.
IgnoreErrors bool: Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored.
IgnoreWarnings bool: Apply changes ignoring warnings.
ManagementOpsecTrustedCaId string
Name string: Object name.
RetrieveCrlFromHttpServers bool: Whether to retrieve Certificate Revocation List from http servers.
RetrieveCrlFromLdapServers bool: Whether to retrieve Certificate Revocation List from ldap servers.
Tags []string: Collection of tag identifiers.tags blocks are documented below.

base64Certificate String: Certificate file encoded in base64.
allowCertificatesFromBranches Boolean: Allow only certificates from listed branches.
automaticEnrollment ManagementOpsecTrustedCaAutomaticEnrollment: Certificate automatic enrollment.automatic_enrollment blocks are documented below.
branches List<String>: Branches to allow certificates from. Required only if "allow-certificates-from-branches" set to "true".branches blocks are documented below.
cacheCrl Boolean: Cache Certificate Revocation List on the Security Gateway.
color String: Color of the object. Should be one of existing colors.
comments String: Comments string.
crlCacheMethod String: Weather to retrieve new Certificate Revocation List after the certificate expires or after a fixed period.
crlCacheTimeout Double: When to fetch new Certificate Revocation List (in minutes).
domainsToProcesses List<String>: Indicates which domains to process the commands on. It cannot be used with the details-level full, must be run from the System Domain only and with ignore-warnings true. Valid values are: CURRENT_DOMAIN, ALL_DOMAINS_ON_THIS_SERVER.domains_to_process blocks are documented below.
ignoreErrors Boolean: Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored.
ignoreWarnings Boolean: Apply changes ignoring warnings.
managementOpsecTrustedCaId String
name String: Object name.
retrieveCrlFromHttpServers Boolean: Whether to retrieve Certificate Revocation List from http servers.
retrieveCrlFromLdapServers Boolean: Whether to retrieve Certificate Revocation List from ldap servers.
tags List<String>: Collection of tag identifiers.tags blocks are documented below.

base64Certificate string: Certificate file encoded in base64.
allowCertificatesFromBranches boolean: Allow only certificates from listed branches.
automaticEnrollment ManagementOpsecTrustedCaAutomaticEnrollment: Certificate automatic enrollment.automatic_enrollment blocks are documented below.
branches string[]: Branches to allow certificates from. Required only if "allow-certificates-from-branches" set to "true".branches blocks are documented below.
cacheCrl boolean: Cache Certificate Revocation List on the Security Gateway.
color string: Color of the object. Should be one of existing colors.
comments string: Comments string.
crlCacheMethod string: Weather to retrieve new Certificate Revocation List after the certificate expires or after a fixed period.
crlCacheTimeout number: When to fetch new Certificate Revocation List (in minutes).
domainsToProcesses string[]: Indicates which domains to process the commands on. It cannot be used with the details-level full, must be run from the System Domain only and with ignore-warnings true. Valid values are: CURRENT_DOMAIN, ALL_DOMAINS_ON_THIS_SERVER.domains_to_process blocks are documented below.
ignoreErrors boolean: Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored.
ignoreWarnings boolean: Apply changes ignoring warnings.
managementOpsecTrustedCaId string
name string: Object name.
retrieveCrlFromHttpServers boolean: Whether to retrieve Certificate Revocation List from http servers.
retrieveCrlFromLdapServers boolean: Whether to retrieve Certificate Revocation List from ldap servers.
tags string[]: Collection of tag identifiers.tags blocks are documented below.

base64_certificate str: Certificate file encoded in base64.
allow_certificates_from_branches bool: Allow only certificates from listed branches.
automatic_enrollment ManagementOpsecTrustedCaAutomaticEnrollmentArgs: Certificate automatic enrollment.automatic_enrollment blocks are documented below.
branches Sequence[str]: Branches to allow certificates from. Required only if "allow-certificates-from-branches" set to "true".branches blocks are documented below.
cache_crl bool: Cache Certificate Revocation List on the Security Gateway.
color str: Color of the object. Should be one of existing colors.
comments str: Comments string.
crl_cache_method str: Weather to retrieve new Certificate Revocation List after the certificate expires or after a fixed period.
crl_cache_timeout float: When to fetch new Certificate Revocation List (in minutes).
domains_to_processes Sequence[str]: Indicates which domains to process the commands on. It cannot be used with the details-level full, must be run from the System Domain only and with ignore-warnings true. Valid values are: CURRENT_DOMAIN, ALL_DOMAINS_ON_THIS_SERVER.domains_to_process blocks are documented below.
ignore_errors bool: Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored.
ignore_warnings bool: Apply changes ignoring warnings.
management_opsec_trusted_ca_id str
name str: Object name.
retrieve_crl_from_http_servers bool: Whether to retrieve Certificate Revocation List from http servers.
retrieve_crl_from_ldap_servers bool: Whether to retrieve Certificate Revocation List from ldap servers.
tags Sequence[str]: Collection of tag identifiers.tags blocks are documented below.

base64Certificate String: Certificate file encoded in base64.
allowCertificatesFromBranches Boolean: Allow only certificates from listed branches.
automaticEnrollment Property Map: Certificate automatic enrollment.automatic_enrollment blocks are documented below.
branches List<String>: Branches to allow certificates from. Required only if "allow-certificates-from-branches" set to "true".branches blocks are documented below.
cacheCrl Boolean: Cache Certificate Revocation List on the Security Gateway.
color String: Color of the object. Should be one of existing colors.
comments String: Comments string.
crlCacheMethod String: Weather to retrieve new Certificate Revocation List after the certificate expires or after a fixed period.
crlCacheTimeout Number: When to fetch new Certificate Revocation List (in minutes).
domainsToProcesses List<String>: Indicates which domains to process the commands on. It cannot be used with the details-level full, must be run from the System Domain only and with ignore-warnings true. Valid values are: CURRENT_DOMAIN, ALL_DOMAINS_ON_THIS_SERVER.domains_to_process blocks are documented below.
ignoreErrors Boolean: Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored.
ignoreWarnings Boolean: Apply changes ignoring warnings.
managementOpsecTrustedCaId String
name String: Object name.
retrieveCrlFromHttpServers Boolean: Whether to retrieve Certificate Revocation List from http servers.
retrieveCrlFromLdapServers Boolean: Whether to retrieve Certificate Revocation List from ldap servers.
tags List<String>: Collection of tag identifiers.tags blocks are documented below.

Outputs

All input properties are implicitly available as output properties. Additionally, the ManagementOpsecTrustedCa resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.

Id string: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

id string: The provider-assigned unique ID for this managed resource.

id str: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

Look up Existing ManagementOpsecTrustedCa Resource

Get an existing ManagementOpsecTrustedCa resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: ManagementOpsecTrustedCaState, opts?: CustomResourceOptions): ManagementOpsecTrustedCa

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        allow_certificates_from_branches: Optional[bool] = None,
        automatic_enrollment: Optional[ManagementOpsecTrustedCaAutomaticEnrollmentArgs] = None,
        base64_certificate: Optional[str] = None,
        branches: Optional[Sequence[str]] = None,
        cache_crl: Optional[bool] = None,
        color: Optional[str] = None,
        comments: Optional[str] = None,
        crl_cache_method: Optional[str] = None,
        crl_cache_timeout: Optional[float] = None,
        domains_to_processes: Optional[Sequence[str]] = None,
        ignore_errors: Optional[bool] = None,
        ignore_warnings: Optional[bool] = None,
        management_opsec_trusted_ca_id: Optional[str] = None,
        name: Optional[str] = None,
        retrieve_crl_from_http_servers: Optional[bool] = None,
        retrieve_crl_from_ldap_servers: Optional[bool] = None,
        tags: Optional[Sequence[str]] = None) -> ManagementOpsecTrustedCa

func GetManagementOpsecTrustedCa(ctx *Context, name string, id IDInput, state *ManagementOpsecTrustedCaState, opts ...ResourceOption) (*ManagementOpsecTrustedCa, error)

public static ManagementOpsecTrustedCa Get(string name, Input<string> id, ManagementOpsecTrustedCaState? state, CustomResourceOptions? opts = null)

public static ManagementOpsecTrustedCa get(String name, Output<String> id, ManagementOpsecTrustedCaState state, CustomResourceOptions options)

resources:  _:    type: checkpoint:ManagementOpsecTrustedCa    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

AllowCertificatesFromBranches bool: Allow only certificates from listed branches.
AutomaticEnrollment ManagementOpsecTrustedCaAutomaticEnrollment: Certificate automatic enrollment.automatic_enrollment blocks are documented below.
Base64Certificate string: Certificate file encoded in base64.
Branches List<string>: Branches to allow certificates from. Required only if "allow-certificates-from-branches" set to "true".branches blocks are documented below.
CacheCrl bool: Cache Certificate Revocation List on the Security Gateway.
Color string: Color of the object. Should be one of existing colors.
Comments string: Comments string.
CrlCacheMethod string: Weather to retrieve new Certificate Revocation List after the certificate expires or after a fixed period.
CrlCacheTimeout double: When to fetch new Certificate Revocation List (in minutes).
DomainsToProcesses List<string>: Indicates which domains to process the commands on. It cannot be used with the details-level full, must be run from the System Domain only and with ignore-warnings true. Valid values are: CURRENT_DOMAIN, ALL_DOMAINS_ON_THIS_SERVER.domains_to_process blocks are documented below.
IgnoreErrors bool: Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored.
IgnoreWarnings bool: Apply changes ignoring warnings.
ManagementOpsecTrustedCaId string
Name string: Object name.
RetrieveCrlFromHttpServers bool: Whether to retrieve Certificate Revocation List from http servers.
RetrieveCrlFromLdapServers bool: Whether to retrieve Certificate Revocation List from ldap servers.
Tags List<string>: Collection of tag identifiers.tags blocks are documented below.

AllowCertificatesFromBranches bool: Allow only certificates from listed branches.
AutomaticEnrollment ManagementOpsecTrustedCaAutomaticEnrollmentArgs: Certificate automatic enrollment.automatic_enrollment blocks are documented below.
Base64Certificate string: Certificate file encoded in base64.
Branches []string: Branches to allow certificates from. Required only if "allow-certificates-from-branches" set to "true".branches blocks are documented below.
CacheCrl bool: Cache Certificate Revocation List on the Security Gateway.
Color string: Color of the object. Should be one of existing colors.
Comments string: Comments string.
CrlCacheMethod string: Weather to retrieve new Certificate Revocation List after the certificate expires or after a fixed period.
CrlCacheTimeout float64: When to fetch new Certificate Revocation List (in minutes).
DomainsToProcesses []string: Indicates which domains to process the commands on. It cannot be used with the details-level full, must be run from the System Domain only and with ignore-warnings true. Valid values are: CURRENT_DOMAIN, ALL_DOMAINS_ON_THIS_SERVER.domains_to_process blocks are documented below.
IgnoreErrors bool: Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored.
IgnoreWarnings bool: Apply changes ignoring warnings.
ManagementOpsecTrustedCaId string
Name string: Object name.
RetrieveCrlFromHttpServers bool: Whether to retrieve Certificate Revocation List from http servers.
RetrieveCrlFromLdapServers bool: Whether to retrieve Certificate Revocation List from ldap servers.
Tags []string: Collection of tag identifiers.tags blocks are documented below.

allowCertificatesFromBranches Boolean: Allow only certificates from listed branches.
automaticEnrollment ManagementOpsecTrustedCaAutomaticEnrollment: Certificate automatic enrollment.automatic_enrollment blocks are documented below.
base64Certificate String: Certificate file encoded in base64.
branches List<String>: Branches to allow certificates from. Required only if "allow-certificates-from-branches" set to "true".branches blocks are documented below.
cacheCrl Boolean: Cache Certificate Revocation List on the Security Gateway.
color String: Color of the object. Should be one of existing colors.
comments String: Comments string.
crlCacheMethod String: Weather to retrieve new Certificate Revocation List after the certificate expires or after a fixed period.
crlCacheTimeout Double: When to fetch new Certificate Revocation List (in minutes).
domainsToProcesses List<String>: Indicates which domains to process the commands on. It cannot be used with the details-level full, must be run from the System Domain only and with ignore-warnings true. Valid values are: CURRENT_DOMAIN, ALL_DOMAINS_ON_THIS_SERVER.domains_to_process blocks are documented below.
ignoreErrors Boolean: Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored.
ignoreWarnings Boolean: Apply changes ignoring warnings.
managementOpsecTrustedCaId String
name String: Object name.
retrieveCrlFromHttpServers Boolean: Whether to retrieve Certificate Revocation List from http servers.
retrieveCrlFromLdapServers Boolean: Whether to retrieve Certificate Revocation List from ldap servers.
tags List<String>: Collection of tag identifiers.tags blocks are documented below.

allowCertificatesFromBranches boolean: Allow only certificates from listed branches.
automaticEnrollment ManagementOpsecTrustedCaAutomaticEnrollment: Certificate automatic enrollment.automatic_enrollment blocks are documented below.
base64Certificate string: Certificate file encoded in base64.
branches string[]: Branches to allow certificates from. Required only if "allow-certificates-from-branches" set to "true".branches blocks are documented below.
cacheCrl boolean: Cache Certificate Revocation List on the Security Gateway.
color string: Color of the object. Should be one of existing colors.
comments string: Comments string.
crlCacheMethod string: Weather to retrieve new Certificate Revocation List after the certificate expires or after a fixed period.
crlCacheTimeout number: When to fetch new Certificate Revocation List (in minutes).
domainsToProcesses string[]: Indicates which domains to process the commands on. It cannot be used with the details-level full, must be run from the System Domain only and with ignore-warnings true. Valid values are: CURRENT_DOMAIN, ALL_DOMAINS_ON_THIS_SERVER.domains_to_process blocks are documented below.
ignoreErrors boolean: Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored.
ignoreWarnings boolean: Apply changes ignoring warnings.
managementOpsecTrustedCaId string
name string: Object name.
retrieveCrlFromHttpServers boolean: Whether to retrieve Certificate Revocation List from http servers.
retrieveCrlFromLdapServers boolean: Whether to retrieve Certificate Revocation List from ldap servers.
tags string[]: Collection of tag identifiers.tags blocks are documented below.

allow_certificates_from_branches bool: Allow only certificates from listed branches.
automatic_enrollment ManagementOpsecTrustedCaAutomaticEnrollmentArgs: Certificate automatic enrollment.automatic_enrollment blocks are documented below.
base64_certificate str: Certificate file encoded in base64.
branches Sequence[str]: Branches to allow certificates from. Required only if "allow-certificates-from-branches" set to "true".branches blocks are documented below.
cache_crl bool: Cache Certificate Revocation List on the Security Gateway.
color str: Color of the object. Should be one of existing colors.
comments str: Comments string.
crl_cache_method str: Weather to retrieve new Certificate Revocation List after the certificate expires or after a fixed period.
crl_cache_timeout float: When to fetch new Certificate Revocation List (in minutes).
domains_to_processes Sequence[str]: Indicates which domains to process the commands on. It cannot be used with the details-level full, must be run from the System Domain only and with ignore-warnings true. Valid values are: CURRENT_DOMAIN, ALL_DOMAINS_ON_THIS_SERVER.domains_to_process blocks are documented below.
ignore_errors bool: Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored.
ignore_warnings bool: Apply changes ignoring warnings.
management_opsec_trusted_ca_id str
name str: Object name.
retrieve_crl_from_http_servers bool: Whether to retrieve Certificate Revocation List from http servers.
retrieve_crl_from_ldap_servers bool: Whether to retrieve Certificate Revocation List from ldap servers.
tags Sequence[str]: Collection of tag identifiers.tags blocks are documented below.

allowCertificatesFromBranches Boolean: Allow only certificates from listed branches.
automaticEnrollment Property Map: Certificate automatic enrollment.automatic_enrollment blocks are documented below.
base64Certificate String: Certificate file encoded in base64.
branches List<String>: Branches to allow certificates from. Required only if "allow-certificates-from-branches" set to "true".branches blocks are documented below.
cacheCrl Boolean: Cache Certificate Revocation List on the Security Gateway.
color String: Color of the object. Should be one of existing colors.
comments String: Comments string.
crlCacheMethod String: Weather to retrieve new Certificate Revocation List after the certificate expires or after a fixed period.
crlCacheTimeout Number: When to fetch new Certificate Revocation List (in minutes).
domainsToProcesses List<String>: Indicates which domains to process the commands on. It cannot be used with the details-level full, must be run from the System Domain only and with ignore-warnings true. Valid values are: CURRENT_DOMAIN, ALL_DOMAINS_ON_THIS_SERVER.domains_to_process blocks are documented below.
ignoreErrors Boolean: Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored.
ignoreWarnings Boolean: Apply changes ignoring warnings.
managementOpsecTrustedCaId String
name String: Object name.
retrieveCrlFromHttpServers Boolean: Whether to retrieve Certificate Revocation List from http servers.
retrieveCrlFromLdapServers Boolean: Whether to retrieve Certificate Revocation List from ldap servers.
tags List<String>: Collection of tag identifiers.tags blocks are documented below.

Supporting Types

ManagementOpsecTrustedCaAutomaticEnrollment, ManagementOpsecTrustedCaAutomaticEnrollmentArgs

AutomaticallyEnrollCertificate bool: Whether to automatically enroll certificate.
Cmpv1Settings ManagementOpsecTrustedCaAutomaticEnrollmentCmpv1Settings: Cmpv1 protocol settings. Available only if "protocol" is set to "cmpv1".cmpv1_settings blocks are documented below.
Cmpv2Settings ManagementOpsecTrustedCaAutomaticEnrollmentCmpv2Settings: Cmpv2 protocol settings. Available only if "protocol" is set to "cmpv1".cmpv2_settings blocks are documented below.
Protocol string: Protocol that communicates with the certificate authority. Available only if "automatically-enroll-certificate" parameter is set to true.
ScepSettings ManagementOpsecTrustedCaAutomaticEnrollmentScepSettings: Scep protocol settings. Available only if "protocol" is set to "scep".scep_settings blocks are documented below.

AutomaticallyEnrollCertificate bool: Whether to automatically enroll certificate.
Cmpv1Settings ManagementOpsecTrustedCaAutomaticEnrollmentCmpv1Settings: Cmpv1 protocol settings. Available only if "protocol" is set to "cmpv1".cmpv1_settings blocks are documented below.
Cmpv2Settings ManagementOpsecTrustedCaAutomaticEnrollmentCmpv2Settings: Cmpv2 protocol settings. Available only if "protocol" is set to "cmpv1".cmpv2_settings blocks are documented below.
Protocol string: Protocol that communicates with the certificate authority. Available only if "automatically-enroll-certificate" parameter is set to true.
ScepSettings ManagementOpsecTrustedCaAutomaticEnrollmentScepSettings: Scep protocol settings. Available only if "protocol" is set to "scep".scep_settings blocks are documented below.

automaticallyEnrollCertificate Boolean: Whether to automatically enroll certificate.
cmpv1Settings ManagementOpsecTrustedCaAutomaticEnrollmentCmpv1Settings: Cmpv1 protocol settings. Available only if "protocol" is set to "cmpv1".cmpv1_settings blocks are documented below.
cmpv2Settings ManagementOpsecTrustedCaAutomaticEnrollmentCmpv2Settings: Cmpv2 protocol settings. Available only if "protocol" is set to "cmpv1".cmpv2_settings blocks are documented below.
protocol String: Protocol that communicates with the certificate authority. Available only if "automatically-enroll-certificate" parameter is set to true.
scepSettings ManagementOpsecTrustedCaAutomaticEnrollmentScepSettings: Scep protocol settings. Available only if "protocol" is set to "scep".scep_settings blocks are documented below.

automaticallyEnrollCertificate boolean: Whether to automatically enroll certificate.
cmpv1Settings ManagementOpsecTrustedCaAutomaticEnrollmentCmpv1Settings: Cmpv1 protocol settings. Available only if "protocol" is set to "cmpv1".cmpv1_settings blocks are documented below.
cmpv2Settings ManagementOpsecTrustedCaAutomaticEnrollmentCmpv2Settings: Cmpv2 protocol settings. Available only if "protocol" is set to "cmpv1".cmpv2_settings blocks are documented below.
protocol string: Protocol that communicates with the certificate authority. Available only if "automatically-enroll-certificate" parameter is set to true.
scepSettings ManagementOpsecTrustedCaAutomaticEnrollmentScepSettings: Scep protocol settings. Available only if "protocol" is set to "scep".scep_settings blocks are documented below.

automatically_enroll_certificate bool: Whether to automatically enroll certificate.
cmpv1_settings ManagementOpsecTrustedCaAutomaticEnrollmentCmpv1Settings: Cmpv1 protocol settings. Available only if "protocol" is set to "cmpv1".cmpv1_settings blocks are documented below.
cmpv2_settings ManagementOpsecTrustedCaAutomaticEnrollmentCmpv2Settings: Cmpv2 protocol settings. Available only if "protocol" is set to "cmpv1".cmpv2_settings blocks are documented below.
protocol str: Protocol that communicates with the certificate authority. Available only if "automatically-enroll-certificate" parameter is set to true.
scep_settings ManagementOpsecTrustedCaAutomaticEnrollmentScepSettings: Scep protocol settings. Available only if "protocol" is set to "scep".scep_settings blocks are documented below.

automaticallyEnrollCertificate Boolean: Whether to automatically enroll certificate.
cmpv1Settings Property Map: Cmpv1 protocol settings. Available only if "protocol" is set to "cmpv1".cmpv1_settings blocks are documented below.
cmpv2Settings Property Map: Cmpv2 protocol settings. Available only if "protocol" is set to "cmpv1".cmpv2_settings blocks are documented below.
protocol String: Protocol that communicates with the certificate authority. Available only if "automatically-enroll-certificate" parameter is set to true.
scepSettings Property Map: Scep protocol settings. Available only if "protocol" is set to "scep".scep_settings blocks are documented below.

ManagementOpsecTrustedCaAutomaticEnrollmentCmpv1Settings, ManagementOpsecTrustedCaAutomaticEnrollmentCmpv1SettingsArgs

DirectTcpSettings ManagementOpsecTrustedCaAutomaticEnrollmentCmpv1SettingsDirectTcpSettings: Direct tcp transport layer settings.direct_tcp_settings blocks are documented below.

DirectTcpSettings ManagementOpsecTrustedCaAutomaticEnrollmentCmpv1SettingsDirectTcpSettings: Direct tcp transport layer settings.direct_tcp_settings blocks are documented below.

directTcpSettings ManagementOpsecTrustedCaAutomaticEnrollmentCmpv1SettingsDirectTcpSettings: Direct tcp transport layer settings.direct_tcp_settings blocks are documented below.

directTcpSettings ManagementOpsecTrustedCaAutomaticEnrollmentCmpv1SettingsDirectTcpSettings: Direct tcp transport layer settings.direct_tcp_settings blocks are documented below.

direct_tcp_settings ManagementOpsecTrustedCaAutomaticEnrollmentCmpv1SettingsDirectTcpSettings: Direct tcp transport layer settings.direct_tcp_settings blocks are documented below.

directTcpSettings Property Map: Direct tcp transport layer settings.direct_tcp_settings blocks are documented below.

ManagementOpsecTrustedCaAutomaticEnrollmentCmpv1SettingsDirectTcpSettings, ManagementOpsecTrustedCaAutomaticEnrollmentCmpv1SettingsDirectTcpSettingsArgs

IpAddress string: IP Address
Port double: Port number.

IpAddress string: IP Address
Port float64: Port number.

ipAddress String: IP Address
port Double: Port number.

ipAddress string: IP Address
port number: Port number.

ip_address str: IP Address
port float: Port number.

ipAddress String: IP Address
port Number: Port number.

ManagementOpsecTrustedCaAutomaticEnrollmentCmpv2Settings, ManagementOpsecTrustedCaAutomaticEnrollmentCmpv2SettingsArgs

DirectTcpSettings ManagementOpsecTrustedCaAutomaticEnrollmentCmpv2SettingsDirectTcpSettings: Direct tcp transport layer settings.direct_tcp_settings blocks are documented below.
HttpSettings ManagementOpsecTrustedCaAutomaticEnrollmentCmpv2SettingsHttpSettings: Http transport layer settings.http_settings blocks are documented below.
TransportLayer string: Transport layer.

DirectTcpSettings ManagementOpsecTrustedCaAutomaticEnrollmentCmpv2SettingsDirectTcpSettings: Direct tcp transport layer settings.direct_tcp_settings blocks are documented below.
HttpSettings ManagementOpsecTrustedCaAutomaticEnrollmentCmpv2SettingsHttpSettings: Http transport layer settings.http_settings blocks are documented below.
TransportLayer string: Transport layer.

directTcpSettings ManagementOpsecTrustedCaAutomaticEnrollmentCmpv2SettingsDirectTcpSettings: Direct tcp transport layer settings.direct_tcp_settings blocks are documented below.
httpSettings ManagementOpsecTrustedCaAutomaticEnrollmentCmpv2SettingsHttpSettings: Http transport layer settings.http_settings blocks are documented below.
transportLayer String: Transport layer.

directTcpSettings ManagementOpsecTrustedCaAutomaticEnrollmentCmpv2SettingsDirectTcpSettings: Direct tcp transport layer settings.direct_tcp_settings blocks are documented below.
httpSettings ManagementOpsecTrustedCaAutomaticEnrollmentCmpv2SettingsHttpSettings: Http transport layer settings.http_settings blocks are documented below.
transportLayer string: Transport layer.

direct_tcp_settings ManagementOpsecTrustedCaAutomaticEnrollmentCmpv2SettingsDirectTcpSettings: Direct tcp transport layer settings.direct_tcp_settings blocks are documented below.
http_settings ManagementOpsecTrustedCaAutomaticEnrollmentCmpv2SettingsHttpSettings: Http transport layer settings.http_settings blocks are documented below.
transport_layer str: Transport layer.

directTcpSettings Property Map: Direct tcp transport layer settings.direct_tcp_settings blocks are documented below.
httpSettings Property Map: Http transport layer settings.http_settings blocks are documented below.
transportLayer String: Transport layer.

ManagementOpsecTrustedCaAutomaticEnrollmentCmpv2SettingsDirectTcpSettings, ManagementOpsecTrustedCaAutomaticEnrollmentCmpv2SettingsDirectTcpSettingsArgs

IpAddress string: IP Address
Port double: Port number.

IpAddress string: IP Address
Port float64: Port number.

ipAddress String: IP Address
port Double: Port number.

ipAddress string: IP Address
port number: Port number.

ip_address str: IP Address
port float: Port number.

ipAddress String: IP Address
port Number: Port number.

ManagementOpsecTrustedCaAutomaticEnrollmentCmpv2SettingsHttpSettings, ManagementOpsecTrustedCaAutomaticEnrollmentCmpv2SettingsHttpSettingsArgs

Url string: Certificate authority URL.

Url string: Certificate authority URL.

url String: Certificate authority URL.

url string: Certificate authority URL.

url str: Certificate authority URL.

url String: Certificate authority URL.

ManagementOpsecTrustedCaAutomaticEnrollmentScepSettings, ManagementOpsecTrustedCaAutomaticEnrollmentScepSettingsArgs

CaIdentifier string: Certificate authority identifier.
Url string: Certificate authority URL.

CaIdentifier string: Certificate authority identifier.
Url string: Certificate authority URL.

caIdentifier String: Certificate authority identifier.
url String: Certificate authority URL.

caIdentifier string: Certificate authority identifier.
url string: Certificate authority URL.

ca_identifier str: Certificate authority identifier.
url str: Certificate authority URL.

caIdentifier String: Certificate authority identifier.
url String: Certificate authority URL.

Package Details

Repository: checkpoint checkpointsw/terraform-provider-checkpoint
License
Notes: This Pulumi package is based on the checkpoint Terraform Provider.

checkpoint 2.9.0 published on Monday, Apr 14, 2025 by checkpointsw

checkpointsw/terraform-provider-checkpoint

checkpoint.ManagementOpsecTrustedCa

On this page

On this page

Example Usage

Create ManagementOpsecTrustedCa Resource

Constructor syntax

Parameters

Constructor example

ManagementOpsecTrustedCa Resource Properties

Inputs

Outputs

Look up Existing ManagementOpsecTrustedCa Resource

Supporting Types

ManagementOpsecTrustedCaAutomaticEnrollment, ManagementOpsecTrustedCaAutomaticEnrollmentArgs

ManagementOpsecTrustedCaAutomaticEnrollmentCmpv1Settings, ManagementOpsecTrustedCaAutomaticEnrollmentCmpv1SettingsArgs

ManagementOpsecTrustedCaAutomaticEnrollmentCmpv1SettingsDirectTcpSettings, ManagementOpsecTrustedCaAutomaticEnrollmentCmpv1SettingsDirectTcpSettingsArgs

ManagementOpsecTrustedCaAutomaticEnrollmentCmpv2Settings, ManagementOpsecTrustedCaAutomaticEnrollmentCmpv2SettingsArgs

ManagementOpsecTrustedCaAutomaticEnrollmentCmpv2SettingsDirectTcpSettings, ManagementOpsecTrustedCaAutomaticEnrollmentCmpv2SettingsDirectTcpSettingsArgs

ManagementOpsecTrustedCaAutomaticEnrollmentCmpv2SettingsHttpSettings, ManagementOpsecTrustedCaAutomaticEnrollmentCmpv2SettingsHttpSettingsArgs

ManagementOpsecTrustedCaAutomaticEnrollmentScepSettings, ManagementOpsecTrustedCaAutomaticEnrollmentScepSettingsArgs

Package Details

On this page

On this page