@robinmordasiewicz/f5xc-terraform-mcp 2.3.0 → 2.4.3

package/dist/docs/resources/route.md

@@ -0,0 +1,724 @@
+---
+page_title: "f5xc_route Resource - terraform-provider-f5xc"
+subcategory: "Load Balancing"
+description: |-
+  [Category: Load Balancing] [Namespace: required] [DependsOn: namespace, http_loadbalancer] Manages a Route resource in F5 Distributed Cloud for defining traffic routing rules for load balancers.
+---
+
+# f5xc_route (Resource)
+
+[Category: Load Balancing] [Namespace: required] [DependsOn: namespace, http_loadbalancer] Manages a Route resource in F5 Distributed Cloud for defining traffic routing rules for load balancers.
+
+~> **Note** Please refer to [Route API docs](https://docs.cloud.f5.com/docs-v2/api/operate-route) to learn more.
+
+## Example Usage
+
+```terraform
+# Route Resource Example
+# [Category: Load Balancing] [Namespace: required] [DependsOn: namespace, http_loadbalancer] Manages a Route resource in F5 Distributed Cloud for defining traffic routing rules for load balancers.
+
+# Basic Route configuration
+resource "f5xc_route" "example" {
+  name      = "example-route"
+  namespace = "system"
+
+  labels = {
+    environment = "production"
+    managed_by  = "terraform"
+  }
+
+  annotations = {
+    "owner" = "platform-team"
+  }
+
+  # Route configuration
+  routes {
+    match {
+      path {
+        prefix = "/api/"
+      }
+    }
+    route_destination {
+      destinations {
+        cluster {
+          name      = "api-cluster"
+          namespace = "system"
+        }
+        weight = 100
+      }
+    }
+  }
+}
+```
+
+<!-- schema generated by tfplugindocs -->
+## Argument Reference
+
+### Metadata Argument Reference
+
+<a id="name"></a>&#x2022; [`name`](#name) - Required String<br>Name of the Route. Must be unique within the namespace
+
+<a id="namespace"></a>&#x2022; [`namespace`](#namespace) - Required String<br>Namespace where the Route will be created
+
+<a id="annotations"></a>&#x2022; [`annotations`](#annotations) - Optional Map<br>Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata
+
+<a id="description"></a>&#x2022; [`description`](#description) - Optional String<br>Human readable description for the object
+
+<a id="disable"></a>&#x2022; [`disable`](#disable) - Optional Bool<br>A value of true will administratively disable the object
+
+<a id="labels"></a>&#x2022; [`labels`](#labels) - Optional Map<br>Labels is a user defined key value map that can be attached to resources for organization and filtering
+
+### Spec Argument Reference
+
+<a id="routes"></a>&#x2022; [`routes`](#routes) - Optional Block<br>Routes. List of routes to match for incoming request<br>See [Routes](#routes) below for details.
+
+<a id="timeouts"></a>&#x2022; [`timeouts`](#timeouts) - Optional Block
+
+### Attributes Reference
+
+In addition to all arguments above, the following attributes are exported:
+
+<a id="id"></a>&#x2022; [`id`](#id) - Optional String<br>Unique identifier for the resource
+
+---
+
+#### Routes
+
+A [`routes`](#routes) block supports the following:
+
+<a id="routes-bot-defense-javascript-injection"></a>&#x2022; [`bot_defense_javascript_injection`](#routes-bot-defense-javascript-injection) - Optional Block<br>Bot Defense Javascript Injection Configuration for inline deployments. Bot Defense Javascript Injection Configuration for inline bot defense deployments<br>See [Bot Defense Javascript Injection](#routes-bot-defense-javascript-injection) below.
+
+<a id="routes-disable-location-add"></a>&#x2022; [`disable_location_add`](#routes-disable-location-add) - Optional Bool<br>Disable Location Addition. disables append of x-volterra-location = `<RE-site-name>` at route level, if it is configured at virtual-host level. This configuration is ignored on CE sites
+
+<a id="routes-inherited-bot-defense-javascript-injection"></a>&#x2022; [`inherited_bot_defense_javascript_injection`](#routes-inherited-bot-defense-javascript-injection) - Optional Block<br>Enable this option
+
+<a id="routes-inherited-waf-exclusion"></a>&#x2022; [`inherited_waf_exclusion`](#routes-inherited-waf-exclusion) - Optional Block<br>Enable this option
+
+<a id="routes-match"></a>&#x2022; [`match`](#routes-match) - Optional Block<br>Match. route match condition<br>See [Match](#routes-match) below.
+
+<a id="routes-request-cookies-to-add"></a>&#x2022; [`request_cookies_to_add`](#routes-request-cookies-to-add) - Optional Block<br>Add Cookies in Cookie Header. Cookies are key-value pairs to be added to HTTP request being routed towards upstream<br>See [Request Cookies To Add](#routes-request-cookies-to-add) below.
+
+<a id="routes-request-cookies-to-remove"></a>&#x2022; [`request_cookies_to_remove`](#routes-request-cookies-to-remove) - Optional List<br>Remove Cookies from Cookie Header. List of keys of Cookies to be removed from the HTTP request being sent towards upstream
+
+<a id="routes-request-headers-to-add"></a>&#x2022; [`request_headers_to_add`](#routes-request-headers-to-add) - Optional Block<br>Request Headers to Add. Headers are key-value pairs to be added to HTTP requests being sent towards upstream. Headers specified at this level are applied before headers from the enclosing VirtualHost object level<br>See [Request Headers To Add](#routes-request-headers-to-add) below.
+
+<a id="routes-request-headers-to-remove"></a>&#x2022; [`request_headers_to_remove`](#routes-request-headers-to-remove) - Optional List<br>Request Headers to Remove. List of keys of Headers to be removed from the HTTP request being sent towards upstream
+
+<a id="routes-response-cookies-to-add"></a>&#x2022; [`response_cookies_to_add`](#routes-response-cookies-to-add) - Optional Block<br>Add Set-Cookie Headers. Cookies are name-value pairs along with optional attribute parameters to be added to HTTP response being sent towards downstream<br>See [Response Cookies To Add](#routes-response-cookies-to-add) below.
+
+<a id="routes-response-cookies-to-remove"></a>&#x2022; [`response_cookies_to_remove`](#routes-response-cookies-to-remove) - Optional List<br>Remove Cookies from Set-Cookie Headers. List of name of Cookies to be removed from the HTTP response being sent towards downstream. Entire set-cookie header will be removed
+
+<a id="routes-response-headers-to-add"></a>&#x2022; [`response_headers_to_add`](#routes-response-headers-to-add) - Optional Block<br>Response Headers to Add. Headers are key-value pairs to be added to HTTP response being sent towards downstream. Headers specified at this level are applied before headers from the enclosing VirtualHost object level<br>See [Response Headers To Add](#routes-response-headers-to-add) below.
+
+<a id="routes-response-headers-to-remove"></a>&#x2022; [`response_headers_to_remove`](#routes-response-headers-to-remove) - Optional List<br>Response Headers to Remove. List of keys of Headers to be removed from the HTTP response being sent towards downstream
+
+<a id="routes-route-destination"></a>&#x2022; [`route_destination`](#routes-route-destination) - Optional Block<br>Destination List. List of destination to choose if the route is match<br>See [Route Destination](#routes-route-destination) below.
+
+<a id="routes-route-direct-response"></a>&#x2022; [`route_direct_response`](#routes-route-direct-response) - Optional Block<br>Direct Response. Send this direct response in case of route match action is direct response<br>See [Route Direct Response](#routes-route-direct-response) below.
+
+<a id="routes-route-redirect"></a>&#x2022; [`route_redirect`](#routes-route-redirect) - Optional Block<br>Redirect. route redirect parameters when match action is redirect<br>See [Route Redirect](#routes-route-redirect) below.
+
+<a id="routes-service-policy"></a>&#x2022; [`service_policy`](#routes-service-policy) - Optional Block<br>Service Policy Configuration. ServicePolicy configuration details at route level<br>See [Service Policy](#routes-service-policy) below.
+
+<a id="routes-waf-exclusion-policy"></a>&#x2022; [`waf_exclusion_policy`](#routes-waf-exclusion-policy) - Optional Block<br>Object reference. This type establishes a direct reference from one object(the referrer) to another(the referred). Such a reference is in form of tenant/namespace/name<br>See [WAF Exclusion Policy](#routes-waf-exclusion-policy) below.
+
+<a id="routes-waf-type"></a>&#x2022; [`waf_type`](#routes-waf-type) - Optional Block<br>WAF Instance. WAF instance will be pointing to an app_firewall object<br>See [WAF Type](#routes-waf-type) below.
+
+#### Routes Bot Defense Javascript Injection
+
+A [`bot_defense_javascript_injection`](#routes-bot-defense-javascript-injection) block (within [`routes`](#routes)) supports the following:
+
+<a id="routes-bot-defense-javascript-injection-javascript-location"></a>&#x2022; [`javascript_location`](#routes-bot-defense-javascript-injection-javascript-location) - Optional String  Defaults to `AFTER_HEAD`<br>Possible values are `AFTER_HEAD`, `AFTER_TITLE_END`, `BEFORE_SCRIPT`<br>[Enum: AFTER_HEAD|AFTER_TITLE_END|BEFORE_SCRIPT] JavaScript Location. All inside networks. Insert JavaScript after `<head>` tag Insert JavaScript after `</title>` tag. Insert JavaScript before first `<script>` tag
+
+<a id="routes-bot-defense-javascript-injection-javascript-tags"></a>&#x2022; [`javascript_tags`](#routes-bot-defense-javascript-injection-javascript-tags) - Optional Block<br>JavaScript Tags. Select Add item to configure your javascript tag. If adding both Bot Adv and Fraud, the Bot Javascript should be added first<br>See [Javascript Tags](#routes-bot-defense-javascript-injection-javascript-tags) below.
+
+#### Routes Bot Defense Javascript Injection Javascript Tags
+
+A [`javascript_tags`](#routes-bot-defense-javascript-injection-javascript-tags) block (within [`routes.bot_defense_javascript_injection`](#routes-bot-defense-javascript-injection)) supports the following:
+
+<a id="routes-bot-defense-javascript-injection-javascript-tags-javascript-url"></a>&#x2022; [`javascript_url`](#routes-bot-defense-javascript-injection-javascript-tags-javascript-url) - Optional String<br>URL. Please enter the full URL (include domain and path), or relative path
+
+<a id="routes-bot-defense-javascript-injection-javascript-tags-tag-attributes"></a>&#x2022; [`tag_attributes`](#routes-bot-defense-javascript-injection-javascript-tags-tag-attributes) - Optional Block<br>Tag Attributes. Add the tag attributes you want to include in your Javascript tag<br>See [Tag Attributes](#routes-bot-defense-javascript-injection-javascript-tags-tag-attributes) below.
+
+#### Routes Bot Defense Javascript Injection Javascript Tags Tag Attributes
+
+A [`tag_attributes`](#routes-bot-defense-javascript-injection-javascript-tags-tag-attributes) block (within [`routes.bot_defense_javascript_injection.javascript_tags`](#routes-bot-defense-javascript-injection-javascript-tags)) supports the following:
+
+<a id="routes-bot-defense-javascript-injection-javascript-tags-tag-attributes-javascript-tag"></a>&#x2022; [`javascript_tag`](#routes-bot-defense-javascript-injection-javascript-tags-tag-attributes-javascript-tag) - Optional String  Defaults to `JS_ATTR_ID`<br>Possible values are `JS_ATTR_ID`, `JS_ATTR_CID`, `JS_ATTR_CN`, `JS_ATTR_API_DOMAIN`, `JS_ATTR_API_URL`, `JS_ATTR_API_PATH`, `JS_ATTR_ASYNC`, `JS_ATTR_DEFER`<br>[Enum: JS_ATTR_ID|JS_ATTR_CID|JS_ATTR_CN|JS_ATTR_API_DOMAIN|JS_ATTR_API_URL|JS_ATTR_API_PATH|JS_ATTR_ASYNC|JS_ATTR_DEFER] Tag Attribute Name. Select from one of the predefined tag attributes
+
+<a id="routes-bot-defense-javascript-injection-javascript-tags-tag-attributes-tag-value"></a>&#x2022; [`tag_value`](#routes-bot-defense-javascript-injection-javascript-tags-tag-attributes-tag-value) - Optional String<br>Value. Add the tag attribute value
+
+#### Routes Match
+
+A [`match`](#routes-match) block (within [`routes`](#routes)) supports the following:
+
+<a id="routes-match-headers"></a>&#x2022; [`headers`](#routes-match-headers) - Optional Block<br>Headers. List of (key, value) headers<br>See [Headers](#routes-match-headers) below.
+
+<a id="routes-match-http-method"></a>&#x2022; [`http_method`](#routes-match-http-method) - Optional String  Defaults to `ANY`<br>Possible values are `ANY`, `GET`, `HEAD`, `POST`, `PUT`, `DELETE`, `CONNECT`, `OPTIONS`, `TRACE`, `PATCH`, `COPY`<br>[Enum: ANY|GET|HEAD|POST|PUT|DELETE|CONNECT|OPTIONS|TRACE|PATCH|COPY] HTTP Method. Specifies the HTTP method used to access a resource. Any HTTP Method
+
+<a id="routes-match-incoming-port"></a>&#x2022; [`incoming_port`](#routes-match-incoming-port) - Optional Block<br>Port to Match. Port match of the request can be a range or a specific port<br>See [Incoming Port](#routes-match-incoming-port) below.
+
+<a id="routes-match-path"></a>&#x2022; [`path`](#routes-match-path) - Optional Block<br>Path to Match. Path match of the URI can be either be, Prefix match or exact match or regular expression match<br>See [Path](#routes-match-path) below.
+
+<a id="routes-match-query-params"></a>&#x2022; [`query_params`](#routes-match-query-params) - Optional Block<br>Query Parameters. List of (key, value) query parameters<br>See [Query Params](#routes-match-query-params) below.
+
+#### Routes Match Headers
+
+A [`headers`](#routes-match-headers) block (within [`routes.match`](#routes-match)) supports the following:
+
+<a id="routes-match-headers-exact"></a>&#x2022; [`exact`](#routes-match-headers-exact) - Optional String<br>Exact. Header value to match exactly
+
+<a id="routes-match-headers-invert-match"></a>&#x2022; [`invert_match`](#routes-match-headers-invert-match) - Optional Bool<br>NOT of match. Invert the result of the match to detect missing header or non-matching value
+
+<a id="routes-match-headers-name"></a>&#x2022; [`name`](#routes-match-headers-name) - Optional String<br>Name. Name of the header
+
+<a id="routes-match-headers-presence"></a>&#x2022; [`presence`](#routes-match-headers-presence) - Optional Bool<br>Presence. If true, check for presence of header
+
+<a id="routes-match-headers-regex"></a>&#x2022; [`regex`](#routes-match-headers-regex) - Optional String<br>Regex. Regex match of the header value in re2 format
+
+#### Routes Match Incoming Port
+
+An [`incoming_port`](#routes-match-incoming-port) block (within [`routes.match`](#routes-match)) supports the following:
+
+<a id="routes-match-incoming-port-no-port-match"></a>&#x2022; [`no_port_match`](#routes-match-incoming-port-no-port-match) - Optional Block<br>Enable this option
+
+<a id="routes-match-incoming-port-port"></a>&#x2022; [`port`](#routes-match-incoming-port-port) - Optional Number<br>Port. Exact Port to match
+
+<a id="routes-match-incoming-port-port-ranges"></a>&#x2022; [`port_ranges`](#routes-match-incoming-port-port-ranges) - Optional String<br>Port range. Port range to match
+
+#### Routes Match Path
+
+A [`path`](#routes-match-path) block (within [`routes.match`](#routes-match)) supports the following:
+
+<a id="routes-match-path-path"></a>&#x2022; [`path`](#routes-match-path-path) - Optional String<br>Exact. Exact path value to match
+
+<a id="routes-match-path-prefix"></a>&#x2022; [`prefix`](#routes-match-path-prefix) - Optional String<br>Prefix. Path prefix to match (e.g. the value / will match on all paths)
+
+<a id="routes-match-path-regex"></a>&#x2022; [`regex`](#routes-match-path-regex) - Optional String<br>Regex. Regular expression of path match (e.g. the value .* will match on all paths)
+
+#### Routes Match Query Params
+
+A [`query_params`](#routes-match-query-params) block (within [`routes.match`](#routes-match)) supports the following:
+
+<a id="routes-match-query-params-exact"></a>&#x2022; [`exact`](#routes-match-query-params-exact) - Optional String<br>Exact. Exact match value for the query parameter key
+
+<a id="routes-match-query-params-key"></a>&#x2022; [`key`](#routes-match-query-params-key) - Optional String<br>Key. Query parameter key In the above example, assignee_username is the key
+
+<a id="routes-match-query-params-regex"></a>&#x2022; [`regex`](#routes-match-query-params-regex) - Optional String<br>Regex. Regex match value for the query parameter key
+
+#### Routes Request Cookies To Add
+
+A [`request_cookies_to_add`](#routes-request-cookies-to-add) block (within [`routes`](#routes)) supports the following:
+
+<a id="routes-request-cookies-to-add-name"></a>&#x2022; [`name`](#routes-request-cookies-to-add-name) - Optional String<br>Name. Name of the cookie in Cookie header
+
+<a id="routes-request-cookies-to-add-overwrite"></a>&#x2022; [`overwrite`](#routes-request-cookies-to-add-overwrite) - Optional Bool  Defaults to `do`<br>Overwrite. Should the value be overwritten? If true, the value is overwritten to existing values. not overwrite
+
+<a id="routes-request-cookies-to-add-secret-value"></a>&#x2022; [`secret_value`](#routes-request-cookies-to-add-secret-value) - Optional Block<br>Secret. SecretType is used in an object to indicate a sensitive/confidential field<br>See [Secret Value](#routes-request-cookies-to-add-secret-value) below.
+
+<a id="routes-request-cookies-to-add-value"></a>&#x2022; [`value`](#routes-request-cookies-to-add-value) - Optional String<br>Value. Value of the Cookie header
+
+#### Routes Request Cookies To Add Secret Value
+
+A [`secret_value`](#routes-request-cookies-to-add-secret-value) block (within [`routes.request_cookies_to_add`](#routes-request-cookies-to-add)) supports the following:
+
+<a id="routes-request-cookies-to-add-secret-value-blindfold-secret-info"></a>&#x2022; [`blindfold_secret_info`](#routes-request-cookies-to-add-secret-value-blindfold-secret-info) - Optional Block<br>Blindfold Secret. BlindfoldSecretInfoType specifies information about the Secret managed by F5XC Secret Management<br>See [Blindfold Secret Info](#routes-request-cookies-to-add-secret-value-blindfold-secret-info) below.
+
+<a id="routes-request-cookies-to-add-secret-value-clear-secret-info"></a>&#x2022; [`clear_secret_info`](#routes-request-cookies-to-add-secret-value-clear-secret-info) - Optional Block<br>In-Clear Secret. ClearSecretInfoType specifies information about the Secret that is not encrypted<br>See [Clear Secret Info](#routes-request-cookies-to-add-secret-value-clear-secret-info) below.
+
+#### Routes Request Cookies To Add Secret Value Blindfold Secret Info
+
+A [`blindfold_secret_info`](#routes-request-cookies-to-add-secret-value-blindfold-secret-info) block (within [`routes.request_cookies_to_add.secret_value`](#routes-request-cookies-to-add-secret-value)) supports the following:
+
+<a id="routes-request-cookies-to-add-secret-value-blindfold-secret-info-decryption-provider"></a>&#x2022; [`decryption_provider`](#routes-request-cookies-to-add-secret-value-blindfold-secret-info-decryption-provider) - Optional String<br>Decryption Provider. Name of the Secret Management Access object that contains information about the backend Secret Management service
+
+<a id="routes-request-cookies-to-add-secret-value-blindfold-secret-info-location"></a>&#x2022; [`location`](#routes-request-cookies-to-add-secret-value-blindfold-secret-info-location) - Optional String<br>Location. Location is the uri_ref. It could be in URL format for string:/// Or it could be a path if the store provider is an HTTP/HTTPS location
+
+<a id="routes-request-cookies-to-add-secret-value-blindfold-secret-info-store-provider"></a>&#x2022; [`store_provider`](#routes-request-cookies-to-add-secret-value-blindfold-secret-info-store-provider) - Optional String<br>Store Provider. Name of the Secret Management Access object that contains information about the store to get encrypted bytes This field needs to be provided only if the URL scheme is not string:///
+
+#### Routes Request Cookies To Add Secret Value Clear Secret Info
+
+A [`clear_secret_info`](#routes-request-cookies-to-add-secret-value-clear-secret-info) block (within [`routes.request_cookies_to_add.secret_value`](#routes-request-cookies-to-add-secret-value)) supports the following:
+
+<a id="routes-request-cookies-to-add-secret-value-clear-secret-info-provider-ref"></a>&#x2022; [`provider_ref`](#routes-request-cookies-to-add-secret-value-clear-secret-info-provider-ref) - Optional String<br>Provider. Name of the Secret Management Access object that contains information about the store to get encrypted bytes This field needs to be provided only if the URL scheme is not string:///
+
+<a id="routes-request-cookies-to-add-secret-value-clear-secret-info-url"></a>&#x2022; [`url`](#routes-request-cookies-to-add-secret-value-clear-secret-info-url) - Optional String<br>URL. URL of the secret. Currently supported URL schemes is string:///. For string:/// scheme, Secret needs to be encoded Base64 format. When asked for this secret, caller will get Secret bytes after Base64 decoding
+
+#### Routes Request Headers To Add
+
+A [`request_headers_to_add`](#routes-request-headers-to-add) block (within [`routes`](#routes)) supports the following:
+
+<a id="routes-request-headers-to-add-append"></a>&#x2022; [`append`](#routes-request-headers-to-add-append) - Optional Bool  Defaults to `do`<br>Append. Should the value be appended? If true, the value is appended to existing values. not append
+
+<a id="routes-request-headers-to-add-name"></a>&#x2022; [`name`](#routes-request-headers-to-add-name) - Optional String<br>Name. Name of the HTTP header
+
+<a id="routes-request-headers-to-add-secret-value"></a>&#x2022; [`secret_value`](#routes-request-headers-to-add-secret-value) - Optional Block<br>Secret. SecretType is used in an object to indicate a sensitive/confidential field<br>See [Secret Value](#routes-request-headers-to-add-secret-value) below.
+
+<a id="routes-request-headers-to-add-value"></a>&#x2022; [`value`](#routes-request-headers-to-add-value) - Optional String<br>Value. Value of the HTTP header
+
+#### Routes Request Headers To Add Secret Value
+
+A [`secret_value`](#routes-request-headers-to-add-secret-value) block (within [`routes.request_headers_to_add`](#routes-request-headers-to-add)) supports the following:
+
+<a id="routes-request-headers-to-add-secret-value-blindfold-secret-info"></a>&#x2022; [`blindfold_secret_info`](#routes-request-headers-to-add-secret-value-blindfold-secret-info) - Optional Block<br>Blindfold Secret. BlindfoldSecretInfoType specifies information about the Secret managed by F5XC Secret Management<br>See [Blindfold Secret Info](#routes-request-headers-to-add-secret-value-blindfold-secret-info) below.
+
+<a id="routes-request-headers-to-add-secret-value-clear-secret-info"></a>&#x2022; [`clear_secret_info`](#routes-request-headers-to-add-secret-value-clear-secret-info) - Optional Block<br>In-Clear Secret. ClearSecretInfoType specifies information about the Secret that is not encrypted<br>See [Clear Secret Info](#routes-request-headers-to-add-secret-value-clear-secret-info) below.
+
+#### Routes Request Headers To Add Secret Value Blindfold Secret Info
+
+A [`blindfold_secret_info`](#routes-request-headers-to-add-secret-value-blindfold-secret-info) block (within [`routes.request_headers_to_add.secret_value`](#routes-request-headers-to-add-secret-value)) supports the following:
+
+<a id="routes-request-headers-to-add-secret-value-blindfold-secret-info-decryption-provider"></a>&#x2022; [`decryption_provider`](#routes-request-headers-to-add-secret-value-blindfold-secret-info-decryption-provider) - Optional String<br>Decryption Provider. Name of the Secret Management Access object that contains information about the backend Secret Management service
+
+<a id="routes-request-headers-to-add-secret-value-blindfold-secret-info-location"></a>&#x2022; [`location`](#routes-request-headers-to-add-secret-value-blindfold-secret-info-location) - Optional String<br>Location. Location is the uri_ref. It could be in URL format for string:/// Or it could be a path if the store provider is an HTTP/HTTPS location
+
+<a id="routes-request-headers-to-add-secret-value-blindfold-secret-info-store-provider"></a>&#x2022; [`store_provider`](#routes-request-headers-to-add-secret-value-blindfold-secret-info-store-provider) - Optional String<br>Store Provider. Name of the Secret Management Access object that contains information about the store to get encrypted bytes This field needs to be provided only if the URL scheme is not string:///
+
+#### Routes Request Headers To Add Secret Value Clear Secret Info
+
+A [`clear_secret_info`](#routes-request-headers-to-add-secret-value-clear-secret-info) block (within [`routes.request_headers_to_add.secret_value`](#routes-request-headers-to-add-secret-value)) supports the following:
+
+<a id="routes-request-headers-to-add-secret-value-clear-secret-info-provider-ref"></a>&#x2022; [`provider_ref`](#routes-request-headers-to-add-secret-value-clear-secret-info-provider-ref) - Optional String<br>Provider. Name of the Secret Management Access object that contains information about the store to get encrypted bytes This field needs to be provided only if the URL scheme is not string:///
+
+<a id="routes-request-headers-to-add-secret-value-clear-secret-info-url"></a>&#x2022; [`url`](#routes-request-headers-to-add-secret-value-clear-secret-info-url) - Optional String<br>URL. URL of the secret. Currently supported URL schemes is string:///. For string:/// scheme, Secret needs to be encoded Base64 format. When asked for this secret, caller will get Secret bytes after Base64 decoding
+
+#### Routes Response Cookies To Add
+
+A [`response_cookies_to_add`](#routes-response-cookies-to-add) block (within [`routes`](#routes)) supports the following:
+
+<a id="routes-response-cookies-to-add-add-domain"></a>&#x2022; [`add_domain`](#routes-response-cookies-to-add-add-domain) - Optional String<br>Add Domain. Add domain attribute
+
+<a id="routes-response-cookies-to-add-add-expiry"></a>&#x2022; [`add_expiry`](#routes-response-cookies-to-add-add-expiry) - Optional String<br>Add expiry. Add expiry attribute
+
+<a id="routes-response-cookies-to-add-add-httponly"></a>&#x2022; [`add_httponly`](#routes-response-cookies-to-add-add-httponly) - Optional Block<br>Enable this option
+
+<a id="routes-response-cookies-to-add-add-partitioned"></a>&#x2022; [`add_partitioned`](#routes-response-cookies-to-add-add-partitioned) - Optional Block<br>Enable this option
+
+<a id="routes-response-cookies-to-add-add-path"></a>&#x2022; [`add_path`](#routes-response-cookies-to-add-add-path) - Optional String<br>Add path. Add path attribute
+
+<a id="routes-response-cookies-to-add-add-secure"></a>&#x2022; [`add_secure`](#routes-response-cookies-to-add-add-secure) - Optional Block<br>Enable this option
+
+<a id="routes-response-cookies-to-add-ignore-domain"></a>&#x2022; [`ignore_domain`](#routes-response-cookies-to-add-ignore-domain) - Optional Block<br>Enable this option
+
+<a id="routes-response-cookies-to-add-ignore-expiry"></a>&#x2022; [`ignore_expiry`](#routes-response-cookies-to-add-ignore-expiry) - Optional Block<br>Enable this option
+
+<a id="routes-response-cookies-to-add-ignore-httponly"></a>&#x2022; [`ignore_httponly`](#routes-response-cookies-to-add-ignore-httponly) - Optional Block<br>Enable this option
+
+<a id="routes-response-cookies-to-add-ignore-max-age"></a>&#x2022; [`ignore_max_age`](#routes-response-cookies-to-add-ignore-max-age) - Optional Block<br>Enable this option
+
+<a id="routes-response-cookies-to-add-ignore-partitioned"></a>&#x2022; [`ignore_partitioned`](#routes-response-cookies-to-add-ignore-partitioned) - Optional Block<br>Enable this option
+
+<a id="routes-response-cookies-to-add-ignore-path"></a>&#x2022; [`ignore_path`](#routes-response-cookies-to-add-ignore-path) - Optional Block<br>Enable this option
+
+<a id="routes-response-cookies-to-add-ignore-samesite"></a>&#x2022; [`ignore_samesite`](#routes-response-cookies-to-add-ignore-samesite) - Optional Block<br>Enable this option
+
+<a id="routes-response-cookies-to-add-ignore-secure"></a>&#x2022; [`ignore_secure`](#routes-response-cookies-to-add-ignore-secure) - Optional Block<br>Enable this option
+
+<a id="routes-response-cookies-to-add-ignore-value"></a>&#x2022; [`ignore_value`](#routes-response-cookies-to-add-ignore-value) - Optional Block<br>Enable this option
+
+<a id="routes-response-cookies-to-add-max-age-value"></a>&#x2022; [`max_age_value`](#routes-response-cookies-to-add-max-age-value) - Optional Number<br>Add Max Age. Add max age attribute
+
+<a id="routes-response-cookies-to-add-name"></a>&#x2022; [`name`](#routes-response-cookies-to-add-name) - Optional String<br>Name. Name of the cookie in Cookie header
+
+<a id="routes-response-cookies-to-add-overwrite"></a>&#x2022; [`overwrite`](#routes-response-cookies-to-add-overwrite) - Optional Bool  Defaults to `do`<br>Overwrite. Should the value be overwritten? If true, the value is overwritten to existing values. not overwrite
+
+<a id="routes-response-cookies-to-add-samesite-lax"></a>&#x2022; [`samesite_lax`](#routes-response-cookies-to-add-samesite-lax) - Optional Block<br>Enable this option
+
+<a id="routes-response-cookies-to-add-samesite-none"></a>&#x2022; [`samesite_none`](#routes-response-cookies-to-add-samesite-none) - Optional Block<br>Enable this option
+
+<a id="routes-response-cookies-to-add-samesite-strict"></a>&#x2022; [`samesite_strict`](#routes-response-cookies-to-add-samesite-strict) - Optional Block<br>Enable this option
+
+<a id="routes-response-cookies-to-add-secret-value"></a>&#x2022; [`secret_value`](#routes-response-cookies-to-add-secret-value) - Optional Block<br>Secret. SecretType is used in an object to indicate a sensitive/confidential field<br>See [Secret Value](#routes-response-cookies-to-add-secret-value) below.
+
+<a id="routes-response-cookies-to-add-value"></a>&#x2022; [`value`](#routes-response-cookies-to-add-value) - Optional String<br>Value. Value of the Cookie header
+
+#### Routes Response Cookies To Add Secret Value
+
+A [`secret_value`](#routes-response-cookies-to-add-secret-value) block (within [`routes.response_cookies_to_add`](#routes-response-cookies-to-add)) supports the following:
+
+<a id="routes-response-cookies-to-add-secret-value-blindfold-secret-info"></a>&#x2022; [`blindfold_secret_info`](#routes-response-cookies-to-add-secret-value-blindfold-secret-info) - Optional Block<br>Blindfold Secret. BlindfoldSecretInfoType specifies information about the Secret managed by F5XC Secret Management<br>See [Blindfold Secret Info](#routes-response-cookies-to-add-secret-value-blindfold-secret-info) below.
+
+<a id="routes-response-cookies-to-add-secret-value-clear-secret-info"></a>&#x2022; [`clear_secret_info`](#routes-response-cookies-to-add-secret-value-clear-secret-info) - Optional Block<br>In-Clear Secret. ClearSecretInfoType specifies information about the Secret that is not encrypted<br>See [Clear Secret Info](#routes-response-cookies-to-add-secret-value-clear-secret-info) below.
+
+#### Routes Response Cookies To Add Secret Value Blindfold Secret Info
+
+A [`blindfold_secret_info`](#routes-response-cookies-to-add-secret-value-blindfold-secret-info) block (within [`routes.response_cookies_to_add.secret_value`](#routes-response-cookies-to-add-secret-value)) supports the following:
+
+<a id="routes-response-cookies-to-add-secret-value-blindfold-secret-info-decryption-provider"></a>&#x2022; [`decryption_provider`](#routes-response-cookies-to-add-secret-value-blindfold-secret-info-decryption-provider) - Optional String<br>Decryption Provider. Name of the Secret Management Access object that contains information about the backend Secret Management service
+
+<a id="routes-response-cookies-to-add-secret-value-blindfold-secret-info-location"></a>&#x2022; [`location`](#routes-response-cookies-to-add-secret-value-blindfold-secret-info-location) - Optional String<br>Location. Location is the uri_ref. It could be in URL format for string:/// Or it could be a path if the store provider is an HTTP/HTTPS location
+
+<a id="routes-response-cookies-to-add-secret-value-blindfold-secret-info-store-provider"></a>&#x2022; [`store_provider`](#routes-response-cookies-to-add-secret-value-blindfold-secret-info-store-provider) - Optional String<br>Store Provider. Name of the Secret Management Access object that contains information about the store to get encrypted bytes This field needs to be provided only if the URL scheme is not string:///
+
+#### Routes Response Cookies To Add Secret Value Clear Secret Info
+
+A [`clear_secret_info`](#routes-response-cookies-to-add-secret-value-clear-secret-info) block (within [`routes.response_cookies_to_add.secret_value`](#routes-response-cookies-to-add-secret-value)) supports the following:
+
+<a id="routes-response-cookies-to-add-secret-value-clear-secret-info-provider-ref"></a>&#x2022; [`provider_ref`](#routes-response-cookies-to-add-secret-value-clear-secret-info-provider-ref) - Optional String<br>Provider. Name of the Secret Management Access object that contains information about the store to get encrypted bytes This field needs to be provided only if the URL scheme is not string:///
+
+<a id="routes-response-cookies-to-add-secret-value-clear-secret-info-url"></a>&#x2022; [`url`](#routes-response-cookies-to-add-secret-value-clear-secret-info-url) - Optional String<br>URL. URL of the secret. Currently supported URL schemes is string:///. For string:/// scheme, Secret needs to be encoded Base64 format. When asked for this secret, caller will get Secret bytes after Base64 decoding
+
+#### Routes Response Headers To Add
+
+A [`response_headers_to_add`](#routes-response-headers-to-add) block (within [`routes`](#routes)) supports the following:
+
+<a id="routes-response-headers-to-add-append"></a>&#x2022; [`append`](#routes-response-headers-to-add-append) - Optional Bool  Defaults to `do`<br>Append. Should the value be appended? If true, the value is appended to existing values. not append
+
+<a id="routes-response-headers-to-add-name"></a>&#x2022; [`name`](#routes-response-headers-to-add-name) - Optional String<br>Name. Name of the HTTP header
+
+<a id="routes-response-headers-to-add-secret-value"></a>&#x2022; [`secret_value`](#routes-response-headers-to-add-secret-value) - Optional Block<br>Secret. SecretType is used in an object to indicate a sensitive/confidential field<br>See [Secret Value](#routes-response-headers-to-add-secret-value) below.
+
+<a id="routes-response-headers-to-add-value"></a>&#x2022; [`value`](#routes-response-headers-to-add-value) - Optional String<br>Value. Value of the HTTP header
+
+#### Routes Response Headers To Add Secret Value
+
+A [`secret_value`](#routes-response-headers-to-add-secret-value) block (within [`routes.response_headers_to_add`](#routes-response-headers-to-add)) supports the following:
+
+<a id="routes-response-headers-to-add-secret-value-blindfold-secret-info"></a>&#x2022; [`blindfold_secret_info`](#routes-response-headers-to-add-secret-value-blindfold-secret-info) - Optional Block<br>Blindfold Secret. BlindfoldSecretInfoType specifies information about the Secret managed by F5XC Secret Management<br>See [Blindfold Secret Info](#routes-response-headers-to-add-secret-value-blindfold-secret-info) below.
+
+<a id="routes-response-headers-to-add-secret-value-clear-secret-info"></a>&#x2022; [`clear_secret_info`](#routes-response-headers-to-add-secret-value-clear-secret-info) - Optional Block<br>In-Clear Secret. ClearSecretInfoType specifies information about the Secret that is not encrypted<br>See [Clear Secret Info](#routes-response-headers-to-add-secret-value-clear-secret-info) below.
+
+#### Routes Response Headers To Add Secret Value Blindfold Secret Info
+
+A [`blindfold_secret_info`](#routes-response-headers-to-add-secret-value-blindfold-secret-info) block (within [`routes.response_headers_to_add.secret_value`](#routes-response-headers-to-add-secret-value)) supports the following:
+
+<a id="routes-response-headers-to-add-secret-value-blindfold-secret-info-decryption-provider"></a>&#x2022; [`decryption_provider`](#routes-response-headers-to-add-secret-value-blindfold-secret-info-decryption-provider) - Optional String<br>Decryption Provider. Name of the Secret Management Access object that contains information about the backend Secret Management service
+
+<a id="routes-response-headers-to-add-secret-value-blindfold-secret-info-location"></a>&#x2022; [`location`](#routes-response-headers-to-add-secret-value-blindfold-secret-info-location) - Optional String<br>Location. Location is the uri_ref. It could be in URL format for string:/// Or it could be a path if the store provider is an HTTP/HTTPS location
+
+<a id="routes-response-headers-to-add-secret-value-blindfold-secret-info-store-provider"></a>&#x2022; [`store_provider`](#routes-response-headers-to-add-secret-value-blindfold-secret-info-store-provider) - Optional String<br>Store Provider. Name of the Secret Management Access object that contains information about the store to get encrypted bytes This field needs to be provided only if the URL scheme is not string:///
+
+#### Routes Response Headers To Add Secret Value Clear Secret Info
+
+A [`clear_secret_info`](#routes-response-headers-to-add-secret-value-clear-secret-info) block (within [`routes.response_headers_to_add.secret_value`](#routes-response-headers-to-add-secret-value)) supports the following:
+
+<a id="routes-response-headers-to-add-secret-value-clear-secret-info-provider-ref"></a>&#x2022; [`provider_ref`](#routes-response-headers-to-add-secret-value-clear-secret-info-provider-ref) - Optional String<br>Provider. Name of the Secret Management Access object that contains information about the store to get encrypted bytes This field needs to be provided only if the URL scheme is not string:///
+
+<a id="routes-response-headers-to-add-secret-value-clear-secret-info-url"></a>&#x2022; [`url`](#routes-response-headers-to-add-secret-value-clear-secret-info-url) - Optional String<br>URL. URL of the secret. Currently supported URL schemes is string:///. For string:/// scheme, Secret needs to be encoded Base64 format. When asked for this secret, caller will get Secret bytes after Base64 decoding
+
+#### Routes Route Destination
+
+A [`route_destination`](#routes-route-destination) block (within [`routes`](#routes)) supports the following:
+
+<a id="routes-route-destination-auto-host-rewrite"></a>&#x2022; [`auto_host_rewrite`](#routes-route-destination-auto-host-rewrite) - Optional Bool<br>Automatic Host Rewrite. Indicates that during forwarding, the host header will be swapped with the hostname of the upstream host chosen by the cluster
+
+<a id="routes-route-destination-buffer-policy"></a>&#x2022; [`buffer_policy`](#routes-route-destination-buffer-policy) - Optional Block<br>Buffer Configuration. Some upstream applications are not capable of handling streamed data. This config enables buffering the entire request before sending to upstream application. We can specify the maximum buffer size and buffer interval with this config. Buffering can be enabled and disabled at VirtualHost and Route levels Route level buffer configuration takes precedence<br>See [Buffer Policy](#routes-route-destination-buffer-policy) below.
+
+<a id="routes-route-destination-cors-policy"></a>&#x2022; [`cors_policy`](#routes-route-destination-cors-policy) - Optional Block<br>CORS Policy. Cross-Origin Resource Sharing requests configuration specified at Virtual-host or Route level. Route level configuration takes precedence. An example of an Cross origin HTTP request GET /resources/public-data/ HTTP/1.1 Host: bar.other User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US; rv:1.9.1b3pre) Gecko/20081130 Minefield/3.1b3pre Accept: text/HTML,application/xhtml+XML,application/XML;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Connection: keep-alive Referrer: `HTTP://foo.example/examples/access-control/simpleXSInvocation.HTML` Origin: `HTTP://foo.example` HTTP/1.1 200 OK Date: Mon, 01 Dec 2008 00:23:53 GMT Server: Apache/2.0.61 Access-Control-Allow-Origin: \* Keep-Alive: timeout=2, max=100 Connection: Keep-Alive Transfer-Encoding: chunked Content-Type: application/XML An example for cross origin HTTP OPTIONS request with Access-Control-Request-* header OPTIONS /resources/post-here/ HTTP/1.1 Host: bar.other User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US; rv:1.9.1b3pre) Gecko/20081130 Minefield/3.1b3pre Accept: text/HTML,application/xhtml+XML,application/XML;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Connection: keep-alive Origin: `HTTP://foo.example` Access-Control-Request-Method: POST Access-Control-Request-Headers: X-PINGOTHER, Content-Type HTTP/1.1 204 No Content Date: Mon, 01 Dec 2008 01:15:39 GMT Server: Apache/2.0.61 (Unix) Access-Control-Allow-Origin: `HTTP://foo.example` Access-Control-Allow-Methods: POST, GET, OPTIONS Access-Control-Allow-Headers: X-PINGOTHER, Content-Type Access-Control-Max-Age: 86400 Vary: Accept-Encoding, Origin Keep-Alive: timeout=2, max=100 Connection: Keep-Alive<br>See [CORS Policy](#routes-route-destination-cors-policy) below.
+
+<a id="routes-route-destination-csrf-policy"></a>&#x2022; [`csrf_policy`](#routes-route-destination-csrf-policy) - Optional Block<br>CSRF Policy. To mitigate CSRF attack , the policy checks where a request is coming from to determine if the request's origin is the same as its detination.The policy relies on two pieces of information used in determining if a request originated from the same host. 1. The origin that caused the user agent to issue the request (source origin). 2. The origin that the request is going to (target origin). When the policy evaluating a request, it ensures both pieces of information are present and compare their values. If the source origin is missing or origins do not match the request is rejected. The exception to this being if the source-origin has been added to they policy as valid. Because CSRF attacks specifically target state-changing requests, the policy only acts on the HTTP requests that have state-changing method (PUT,POST, etc.)<br>See [CSRF Policy](#routes-route-destination-csrf-policy) below.
+
+<a id="routes-route-destination-destinations"></a>&#x2022; [`destinations`](#routes-route-destination-destinations) - Optional Block<br>Destination Origin pools (clusters). When requests have to distributed among multiple upstream clusters, multiple destinations are configured, each having its own cluster and weight. Traffic is distributed among clusters based on the weight configured. destinations: - cluster: - kind: ves.io.vega.cfg.adc.cluster.Object uid: cluster-1 weight: 20 - cluster: - kind: ves.io.vega.cfg.adc.cluster.Object uid: cluster-2 weight: 30 - cluster: - kind: ves.io.vega.cfg.adc.cluster.Object uid: cluster-3 weight: 50 This indicates that out of every 100 requests, 50 goes to cluster-3, 30 to cluster-2 and 20 to cluster-1 When single destination is configured, weight is ignored. All the requests are sent to the cluster specified in the destination<br>See [Destinations](#routes-route-destination-destinations) below.
+
+<a id="routes-route-destination-do-not-retract-cluster"></a>&#x2022; [`do_not_retract_cluster`](#routes-route-destination-do-not-retract-cluster) - Optional Block<br>Enable this option
+
+<a id="routes-route-destination-endpoint-subsets"></a>&#x2022; [`endpoint_subsets`](#routes-route-destination-endpoint-subsets) - Optional Block<br>Endpoint Subsets. Upstream cluster may be configured to divide its endpoints into subsets based on metadata attached to the endpoints. Routes may then specify the metadata that a endpoint must match in order to be selected by the load balancer Labels field of endpoint object's metadata is used for subset matching. For endpoint's which are discovered in K8S or Consul cluster, the label of the service is merged with endpoint's labels. In case of Consul, the label is derived from the 'Tag' field. For labels that are common between configured endpoint and discovered service, labels from discovered service takes precedence. List of key-value pairs that will be used as matching metadata. Only those endpoints of upstream cluster which match this metadata will be selected for load balancing
+
+<a id="routes-route-destination-hash-policy"></a>&#x2022; [`hash_policy`](#routes-route-destination-hash-policy) - Optional Block<br>Hash Policy. Specifies a list of hash policies to use for ring hash load balancing. Each hash policy is evaluated individually and the combined result is used to route the request<br>See [Hash Policy](#routes-route-destination-hash-policy) below.
+
+<a id="routes-route-destination-host-rewrite"></a>&#x2022; [`host_rewrite`](#routes-route-destination-host-rewrite) - Optional String<br>Host Rewrite. Indicates that during forwarding, the host header will be swapped with this value
+
+<a id="routes-route-destination-mirror-policy"></a>&#x2022; [`mirror_policy`](#routes-route-destination-mirror-policy) - Optional Block<br>Mirror Policy. MirrorPolicy is used for shadowing traffic from one cluster to another. The approach used is 'fire and forget', meaning it will not wait for the shadow cluster to respond before returning the response from the primary cluster. All normal statistics are collected for the shadow cluster making this feature useful for testing and troubleshooting<br>See [Mirror Policy](#routes-route-destination-mirror-policy) below.
+
+<a id="routes-route-destination-prefix-rewrite"></a>&#x2022; [`prefix_rewrite`](#routes-route-destination-prefix-rewrite) - Optional String<br>Prefix Rewrite. prefix_rewrite indicates that during forwarding, the matched prefix (or path) should be swapped with its value. When using regex path matching, the entire path (not including the query string) will be swapped with this value. This option allows application URLs to be rooted at a different path from those exposed at the reverse proxy layer. Example : gcSpec: routes: - match: - headers: [] path: prefix : /register/ query_params: [] - headers: [] path: prefix: /register query_params: [] routeDestination: prefixRewrite: '/' destinations: - cluster: - kind: cluster.Object uid: cluster-1 Having above entries in the config, requests to /register will be stripped to /, while requests to /register/public will be stripped to /public
+
+<a id="routes-route-destination-priority"></a>&#x2022; [`priority`](#routes-route-destination-priority) - Optional String  Defaults to `DEFAULT`<br>Possible values are `DEFAULT`, `HIGH`<br>[Enum: DEFAULT|HIGH] Routing Priority. Priority routing for each request. Different connection pools are used based on the priority selected for the request. Also, circuit-breaker configuration at destination cluster is chosen based on selected priority. Default routing mechanism High-Priority routing mechanism
+
+<a id="routes-route-destination-query-params"></a>&#x2022; [`query_params`](#routes-route-destination-query-params) - Optional Block<br>Query Parameters. Handling of incoming query parameters in simple route<br>See [Query Params](#routes-route-destination-query-params) below.
+
+<a id="routes-route-destination-regex-rewrite"></a>&#x2022; [`regex_rewrite`](#routes-route-destination-regex-rewrite) - Optional Block<br>Regex Match Rewrite. RegexMatchRewrite describes how to match a string and then produce a new string using a regular expression and a substitution string<br>See [Regex Rewrite](#routes-route-destination-regex-rewrite) below.
+
+<a id="routes-route-destination-retract-cluster"></a>&#x2022; [`retract_cluster`](#routes-route-destination-retract-cluster) - Optional Block<br>Enable this option
+
+<a id="routes-route-destination-retry-policy"></a>&#x2022; [`retry_policy`](#routes-route-destination-retry-policy) - Optional Block<br>Retry Policy. Retry policy configuration for route destination<br>See [Retry Policy](#routes-route-destination-retry-policy) below.
+
+<a id="routes-route-destination-spdy-config"></a>&#x2022; [`spdy_config`](#routes-route-destination-spdy-config) - Optional Block<br>SPDY Configuration. Request headers of such upgrade looks like below 'connection', 'Upgrade' 'upgrade', 'SPDY/3.1' Configuration to allow UPGRADE of connection to SPDY and any additional tuning With configuration to allow SPDY upgrade, ADC will produce following response 'HTTP/1.1 101 Switching Protocols 'Upgrade': 'SPDY/3.1' 'Connection': 'Upgrade'<br>See [Spdy Config](#routes-route-destination-spdy-config) below.
+
+<a id="routes-route-destination-timeout"></a>&#x2022; [`timeout`](#routes-route-destination-timeout) - Optional Number<br>Timeout. Specifies the timeout for the route in milliseconds. This timeout includes all retries. For server side streaming, configure this field with higher value or leave it un-configured for infinite timeout
+
+<a id="routes-route-destination-web-socket-config"></a>&#x2022; [`web_socket_config`](#routes-route-destination-web-socket-config) - Optional Block<br>WebSocket Configuration. Configuration to allow WebSocket Request headers of such upgrade looks like below 'connection', 'Upgrade' 'upgrade', 'WebSocket' With configuration to allow WebSocket upgrade, ADC will produce following response 'HTTP/1.1 101 Switching Protocols 'Upgrade': 'WebSocket' 'Connection': 'Upgrade'<br>See [Web Socket Config](#routes-route-destination-web-socket-config) below.
+
+#### Routes Route Destination Buffer Policy
+
+A [`buffer_policy`](#routes-route-destination-buffer-policy) block (within [`routes.route_destination`](#routes-route-destination)) supports the following:
+
+<a id="routes-route-destination-buffer-policy-disabled"></a>&#x2022; [`disabled`](#routes-route-destination-buffer-policy-disabled) - Optional Bool<br>Disable. Disable buffering for a particular route. This is useful when virtual-host has buffering, but we need to disable it on a specific route. The value of this field is ignored for virtual-host
+
+<a id="routes-route-destination-buffer-policy-max-request-bytes"></a>&#x2022; [`max_request_bytes`](#routes-route-destination-buffer-policy-max-request-bytes) - Optional Number<br>Max Request Bytes. The maximum request size that the filter will buffer before the connection manager will stop buffering and return a RequestEntityTooLarge (413) response
+
+#### Routes Route Destination CORS Policy
+
+A [`cors_policy`](#routes-route-destination-cors-policy) block (within [`routes.route_destination`](#routes-route-destination)) supports the following:
+
+<a id="routes-route-destination-cors-policy-allow-credentials"></a>&#x2022; [`allow_credentials`](#routes-route-destination-cors-policy-allow-credentials) - Optional Bool<br>Allow Credentials. Specifies whether the resource allows credentials
+
+<a id="routes-route-destination-cors-policy-allow-headers"></a>&#x2022; [`allow_headers`](#routes-route-destination-cors-policy-allow-headers) - Optional String<br>Allow Headers. Specifies the content for the access-control-allow-headers header
+
+<a id="routes-route-destination-cors-policy-allow-methods"></a>&#x2022; [`allow_methods`](#routes-route-destination-cors-policy-allow-methods) - Optional String<br>Allow Methods. Specifies the content for the access-control-allow-methods header
+
+<a id="routes-route-destination-cors-policy-allow-origin"></a>&#x2022; [`allow_origin`](#routes-route-destination-cors-policy-allow-origin) - Optional List<br>Allow Origin. Specifies the origins that will be allowed to do CORS requests. An origin is allowed if either allow_origin or allow_origin_regex match
+
+<a id="routes-route-destination-cors-policy-allow-origin-regex"></a>&#x2022; [`allow_origin_regex`](#routes-route-destination-cors-policy-allow-origin-regex) - Optional List<br>Allow Origin Regex. Specifies regex patterns that match allowed origins. An origin is allowed if either allow_origin or allow_origin_regex match
+
+<a id="routes-route-destination-cors-policy-disabled"></a>&#x2022; [`disabled`](#routes-route-destination-cors-policy-disabled) - Optional Bool<br>Disabled. Disable the CorsPolicy for a particular route. This is useful when virtual-host has CorsPolicy, but we need to disable it on a specific route. The value of this field is ignored for virtual-host
+
+<a id="routes-route-destination-cors-policy-expose-headers"></a>&#x2022; [`expose_headers`](#routes-route-destination-cors-policy-expose-headers) - Optional String<br>Expose Headers. Specifies the content for the access-control-expose-headers header
+
+<a id="routes-route-destination-cors-policy-maximum-age"></a>&#x2022; [`maximum_age`](#routes-route-destination-cors-policy-maximum-age) - Optional Number<br>Maximum Age. Specifies the content for the access-control-max-age header in seconds. This indicates the maximum number of seconds the results can be cached A value of -1 will disable caching. Maximum permitted value is 86400 seconds (24 hours)
+
+#### Routes Route Destination CSRF Policy
+
+A [`csrf_policy`](#routes-route-destination-csrf-policy) block (within [`routes.route_destination`](#routes-route-destination)) supports the following:
+
+<a id="routes-route-destination-csrf-policy-all-load-balancer-domains"></a>&#x2022; [`all_load_balancer_domains`](#routes-route-destination-csrf-policy-all-load-balancer-domains) - Optional Block<br>Enable this option
+
+<a id="routes-route-destination-csrf-policy-custom-domain-list"></a>&#x2022; [`custom_domain_list`](#routes-route-destination-csrf-policy-custom-domain-list) - Optional Block<br>Domain name list. List of domain names used for Host header matching<br>See [Custom Domain List](#routes-route-destination-csrf-policy-custom-domain-list) below.
+
+<a id="routes-route-destination-csrf-policy-disabled"></a>&#x2022; [`disabled`](#routes-route-destination-csrf-policy-disabled) - Optional Block<br>Enable this option
+
+#### Routes Route Destination CSRF Policy Custom Domain List
+
+A [`custom_domain_list`](#routes-route-destination-csrf-policy-custom-domain-list) block (within [`routes.route_destination.csrf_policy`](#routes-route-destination-csrf-policy)) supports the following:
+
+<a id="routes-route-destination-csrf-policy-custom-domain-list-domains"></a>&#x2022; [`domains`](#routes-route-destination-csrf-policy-custom-domain-list-domains) - Optional List<br>Domain names. A list of domain names that will be matched to loadbalancer. These domains are not used for SNI match. Wildcard names are supported in the suffix or prefix form
+
+#### Routes Route Destination Destinations
+
+A [`destinations`](#routes-route-destination-destinations) block (within [`routes.route_destination`](#routes-route-destination)) supports the following:
+
+<a id="routes-route-destination-destinations-cluster"></a>&#x2022; [`cluster`](#routes-route-destination-destinations-cluster) - Optional Block<br>Cluster. Indicates the upstream cluster to which the request should be sent. If the cluster does not exist ServiceUnavailable response will be sent<br>See [Cluster](#routes-route-destination-destinations-cluster) below.
+
+<a id="routes-route-destination-destinations-endpoint-subsets"></a>&#x2022; [`endpoint_subsets`](#routes-route-destination-destinations-endpoint-subsets) - Optional Block<br>Endpoint Subsets. Upstream cluster may be configured to divide its endpoints into subsets based on metadata attached to the endpoints. Routes may then specify the metadata that a endpoint must match in order to be selected by the load balancer Labels field of endpoint object's metadata is used for subset matching. For endpoints which are discovered in K8S or Consul cluster, the label of the service is merged with endpoint's labels. In case of Consul, the label is derived from the 'Tag' field. For labels that are common between configured endpoint and discovered service, labels from discovered service takes precedence. List of key-value pairs that will be used as matching metadata. Only those endpoints of upstream cluster which match this metadata will be selected for load balancing
+
+<a id="routes-route-destination-destinations-priority"></a>&#x2022; [`priority`](#routes-route-destination-destinations-priority) - Optional Number<br>Priority. Priority of this cluster, valid only with multiple destinations are configured. Value of 0 will make the cluster as lowest priority upstream cluster Priority of 1 means highest priority and is considered active. When active cluster is not available, lower priority clusters are made active as per the increasing priority
+
+<a id="routes-route-destination-destinations-weight"></a>&#x2022; [`weight`](#routes-route-destination-destinations-weight) - Optional Number<br>Weight. When requests have to distributed among multiple upstream clusters, multiple destinations are configured, each having its own cluster and weight. Traffic is distributed among clusters based on the weight configured. destinations: - cluster: - kind: ves.io.vega.cfg.adc.cluster.Object uid: cluster-1 weight: 20 - cluster: - kind: ves.io.vega.cfg.adc.cluster.Object uid: cluster-2 weight: 30 - cluster: - kind: ves.io.vega.cfg.adc.cluster.Object uid: cluster-3 weight: 10 This indicates that out of every 60 requests, 10 goes to cluster-3, 30 to cluster-2 and 20 to cluster-1 When single destination is configured, weight is ignored. All the requests are sent to the cluster specified in the destination
+
+#### Routes Route Destination Destinations Cluster
+
+A [`cluster`](#routes-route-destination-destinations-cluster) block (within [`routes.route_destination.destinations`](#routes-route-destination-destinations)) supports the following:
+
+<a id="routes-route-destination-destinations-cluster-kind"></a>&#x2022; [`kind`](#routes-route-destination-destinations-cluster-kind) - Optional String<br>Kind. When a configuration object(e.g. virtual_host) refers to another(e.g route) then kind will hold the referred object's kind (e.g. 'route')
+
+<a id="routes-route-destination-destinations-cluster-name"></a>&#x2022; [`name`](#routes-route-destination-destinations-cluster-name) - Optional String<br>Name. When a configuration object(e.g. virtual_host) refers to another(e.g route) then name will hold the referred object's(e.g. route's) name
+
+<a id="routes-route-destination-destinations-cluster-namespace"></a>&#x2022; [`namespace`](#routes-route-destination-destinations-cluster-namespace) - Optional String<br>Namespace. When a configuration object(e.g. virtual_host) refers to another(e.g route) then namespace will hold the referred object's(e.g. route's) namespace
+
+<a id="routes-route-destination-destinations-cluster-tenant"></a>&#x2022; [`tenant`](#routes-route-destination-destinations-cluster-tenant) - Optional String<br>Tenant. When a configuration object(e.g. virtual_host) refers to another(e.g route) then tenant will hold the referred object's(e.g. route's) tenant
+
+<a id="routes-route-destination-destinations-cluster-uid"></a>&#x2022; [`uid`](#routes-route-destination-destinations-cluster-uid) - Optional String<br>UID. When a configuration object(e.g. virtual_host) refers to another(e.g route) then uid will hold the referred object's(e.g. route's) uid
+
+#### Routes Route Destination Hash Policy
+
+A [`hash_policy`](#routes-route-destination-hash-policy) block (within [`routes.route_destination`](#routes-route-destination)) supports the following:
+
+<a id="routes-route-destination-hash-policy-cookie"></a>&#x2022; [`cookie`](#routes-route-destination-hash-policy-cookie) - Optional Block<br>Hashing using Cookie. Two types of cookie affinity: 1. Passive. Takes a cookie that's present in the cookies header and hashes on its value. 2. Generated. Generates and sets a cookie with an expiration (TTL) on the first request from the client in its response to the client, based on the endpoint the request gets sent to. The client then presents this on the next and all subsequent requests. The hash of this is sufficient to ensure these requests get sent to the same endpoint. The cookie is generated by hashing the source and destination ports and addresses so that multiple independent HTTP2 streams on the same connection will independently receive the same cookie, even if they arrive simultaneously<br>See [Cookie](#routes-route-destination-hash-policy-cookie) below.
+
+<a id="routes-route-destination-hash-policy-header-name"></a>&#x2022; [`header_name`](#routes-route-destination-hash-policy-header-name) - Optional String<br>Header Name. The name or key of the request header that will be used to obtain the hash key
+
+<a id="routes-route-destination-hash-policy-source-ip"></a>&#x2022; [`source_ip`](#routes-route-destination-hash-policy-source-ip) - Optional Bool<br>Source IP. Hash based on source IP address
+
+<a id="routes-route-destination-hash-policy-terminal"></a>&#x2022; [`terminal`](#routes-route-destination-hash-policy-terminal) - Optional Bool<br>Terminal. Specify if its a terminal policy
+
+#### Routes Route Destination Hash Policy Cookie
+
+A [`cookie`](#routes-route-destination-hash-policy-cookie) block (within [`routes.route_destination.hash_policy`](#routes-route-destination-hash-policy)) supports the following:
+
+<a id="routes-route-destination-hash-policy-cookie-add-httponly"></a>&#x2022; [`add_httponly`](#routes-route-destination-hash-policy-cookie-add-httponly) - Optional Block<br>Enable this option
+
+<a id="routes-route-destination-hash-policy-cookie-add-secure"></a>&#x2022; [`add_secure`](#routes-route-destination-hash-policy-cookie-add-secure) - Optional Block<br>Enable this option
+
+<a id="routes-route-destination-hash-policy-cookie-ignore-httponly"></a>&#x2022; [`ignore_httponly`](#routes-route-destination-hash-policy-cookie-ignore-httponly) - Optional Block<br>Enable this option
+
+<a id="routes-route-destination-hash-policy-cookie-ignore-samesite"></a>&#x2022; [`ignore_samesite`](#routes-route-destination-hash-policy-cookie-ignore-samesite) - Optional Block<br>Enable this option
+
+<a id="routes-route-destination-hash-policy-cookie-ignore-secure"></a>&#x2022; [`ignore_secure`](#routes-route-destination-hash-policy-cookie-ignore-secure) - Optional Block<br>Enable this option
+
+<a id="routes-route-destination-hash-policy-cookie-name"></a>&#x2022; [`name`](#routes-route-destination-hash-policy-cookie-name) - Optional String<br>Name. The name of the cookie that will be used to obtain the hash key. If the cookie is not present and TTL below is not set, no hash will be produced
+
+<a id="routes-route-destination-hash-policy-cookie-path"></a>&#x2022; [`path`](#routes-route-destination-hash-policy-cookie-path) - Optional String<br>Path. The name of the path for the cookie. If no path is specified here, no path will be set for the cookie
+
+<a id="routes-route-destination-hash-policy-cookie-samesite-lax"></a>&#x2022; [`samesite_lax`](#routes-route-destination-hash-policy-cookie-samesite-lax) - Optional Block<br>Enable this option
+
+<a id="routes-route-destination-hash-policy-cookie-samesite-none"></a>&#x2022; [`samesite_none`](#routes-route-destination-hash-policy-cookie-samesite-none) - Optional Block<br>Enable this option
+
+<a id="routes-route-destination-hash-policy-cookie-samesite-strict"></a>&#x2022; [`samesite_strict`](#routes-route-destination-hash-policy-cookie-samesite-strict) - Optional Block<br>Enable this option
+
+<a id="routes-route-destination-hash-policy-cookie-ttl"></a>&#x2022; [`ttl`](#routes-route-destination-hash-policy-cookie-ttl) - Optional Number<br>TTL. If specified, a cookie with the TTL will be generated if the cookie is not present. If the TTL is present and zero, the generated cookie will be a session cookie. TTL value is in milliseconds
+
+#### Routes Route Destination Mirror Policy
+
+A [`mirror_policy`](#routes-route-destination-mirror-policy) block (within [`routes.route_destination`](#routes-route-destination)) supports the following:
+
+<a id="routes-route-destination-mirror-policy-cluster"></a>&#x2022; [`cluster`](#routes-route-destination-mirror-policy-cluster) - Optional Block<br>Mirror Destination Cluster. Specifies the cluster to which the requests will be mirrored. The cluster object referred here must be present<br>See [Cluster](#routes-route-destination-mirror-policy-cluster) below.
+
+<a id="routes-route-destination-mirror-policy-percent"></a>&#x2022; [`percent`](#routes-route-destination-mirror-policy-percent) - Optional Block<br>Fractional Percent. Fraction used where sampling percentages are needed. example sampled requests<br>See [Percent](#routes-route-destination-mirror-policy-percent) below.
+
+#### Routes Route Destination Mirror Policy Cluster
+
+A [`cluster`](#routes-route-destination-mirror-policy-cluster) block (within [`routes.route_destination.mirror_policy`](#routes-route-destination-mirror-policy)) supports the following:
+
+<a id="routes-route-destination-mirror-policy-cluster-kind"></a>&#x2022; [`kind`](#routes-route-destination-mirror-policy-cluster-kind) - Optional String<br>Kind. When a configuration object(e.g. virtual_host) refers to another(e.g route) then kind will hold the referred object's kind (e.g. 'route')
+
+<a id="routes-route-destination-mirror-policy-cluster-name"></a>&#x2022; [`name`](#routes-route-destination-mirror-policy-cluster-name) - Optional String<br>Name. When a configuration object(e.g. virtual_host) refers to another(e.g route) then name will hold the referred object's(e.g. route's) name
+
+<a id="routes-route-destination-mirror-policy-cluster-namespace"></a>&#x2022; [`namespace`](#routes-route-destination-mirror-policy-cluster-namespace) - Optional String<br>Namespace. When a configuration object(e.g. virtual_host) refers to another(e.g route) then namespace will hold the referred object's(e.g. route's) namespace
+
+<a id="routes-route-destination-mirror-policy-cluster-tenant"></a>&#x2022; [`tenant`](#routes-route-destination-mirror-policy-cluster-tenant) - Optional String<br>Tenant. When a configuration object(e.g. virtual_host) refers to another(e.g route) then tenant will hold the referred object's(e.g. route's) tenant
+
+<a id="routes-route-destination-mirror-policy-cluster-uid"></a>&#x2022; [`uid`](#routes-route-destination-mirror-policy-cluster-uid) - Optional String<br>UID. When a configuration object(e.g. virtual_host) refers to another(e.g route) then uid will hold the referred object's(e.g. route's) uid
+
+#### Routes Route Destination Mirror Policy Percent
+
+A [`percent`](#routes-route-destination-mirror-policy-percent) block (within [`routes.route_destination.mirror_policy`](#routes-route-destination-mirror-policy)) supports the following:
+
+<a id="routes-route-destination-mirror-policy-percent-denominator"></a>&#x2022; [`denominator`](#routes-route-destination-mirror-policy-percent-denominator) - Optional String  Defaults to `HUNDRED`<br>Possible values are `HUNDRED`, `TEN_THOUSAND`, `MILLION`<br>[Enum: HUNDRED|TEN_THOUSAND|MILLION] Denominator. Denominator used in fraction where sampling percentages are needed. example sampled requests Use hundred as denominator Use ten thousand as denominator Use million as denominator
+
+<a id="routes-route-destination-mirror-policy-percent-numerator"></a>&#x2022; [`numerator`](#routes-route-destination-mirror-policy-percent-numerator) - Optional Number<br>Numerator. sampled parts per denominator. If denominator was 10000, then value of 5 will be 5 in 10000
+
+#### Routes Route Destination Query Params
+
+A [`query_params`](#routes-route-destination-query-params) block (within [`routes.route_destination`](#routes-route-destination)) supports the following:
+
+<a id="routes-route-destination-query-params-remove-all-params"></a>&#x2022; [`remove_all_params`](#routes-route-destination-query-params-remove-all-params) - Optional Block<br>Enable this option
+
+<a id="routes-route-destination-query-params-replace-params"></a>&#x2022; [`replace_params`](#routes-route-destination-query-params-replace-params) - Optional String<br>Replace All Parameters
+
+<a id="routes-route-destination-query-params-retain-all-params"></a>&#x2022; [`retain_all_params`](#routes-route-destination-query-params-retain-all-params) - Optional Block<br>Enable this option
+
+#### Routes Route Destination Regex Rewrite
+
+A [`regex_rewrite`](#routes-route-destination-regex-rewrite) block (within [`routes.route_destination`](#routes-route-destination)) supports the following:
+
+<a id="routes-route-destination-regex-rewrite-pattern"></a>&#x2022; [`pattern`](#routes-route-destination-regex-rewrite-pattern) - Optional String<br>Pattern. The regular expression used to find portions of a string that should be replaced
+
+<a id="routes-route-destination-regex-rewrite-substitution"></a>&#x2022; [`substitution`](#routes-route-destination-regex-rewrite-substitution) - Optional String<br>Substitution. The string that should be substituted into matching portions of the subject string during a substitution operation to produce a new string
+
+#### Routes Route Destination Retry Policy
+
+A [`retry_policy`](#routes-route-destination-retry-policy) block (within [`routes.route_destination`](#routes-route-destination)) supports the following:
+
+<a id="routes-route-destination-retry-policy-back-off"></a>&#x2022; [`back_off`](#routes-route-destination-retry-policy-back-off) - Optional Block<br>Retry BackOff Interval. Specifies parameters that control retry back off<br>See [Back Off](#routes-route-destination-retry-policy-back-off) below.
+
+<a id="routes-route-destination-retry-policy-num-retries"></a>&#x2022; [`num_retries`](#routes-route-destination-retry-policy-num-retries) - Optional Number  Defaults to `1`<br>Number of Retries. Specifies the allowed number of retries. Retries can be done any number of times. An exponential back-off algorithm is used between each retry
+
+<a id="routes-route-destination-retry-policy-per-try-timeout"></a>&#x2022; [`per_try_timeout`](#routes-route-destination-retry-policy-per-try-timeout) - Optional Number<br>Per Try Timeout. Specifies a non-zero timeout per retry attempt. In milliseconds
+
+<a id="routes-route-destination-retry-policy-retriable-status-codes"></a>&#x2022; [`retriable_status_codes`](#routes-route-destination-retry-policy-retriable-status-codes) - Optional List<br>Status Code to Retry. HTTP status codes that should trigger a retry in addition to those specified by retry_on
+
+<a id="routes-route-destination-retry-policy-retry-condition"></a>&#x2022; [`retry_condition`](#routes-route-destination-retry-policy-retry-condition) - Optional List<br>Retry Condition. Specifies the conditions under which retry takes place. Retries can be on different types of condition depending on application requirements. For example, network failure, all 5xx response codes, idempotent 4xx response codes, etc The possible values are '5xx' : Retry will be done if the upstream server responds with any 5xx response code, or does not respond at all (disconnect/reset/read timeout). 'gateway-error' : Retry will be done only if the upstream server responds with 502, 503 or 504 responses (Included in 5xx) 'connect-failure' : Retry will be done if the request fails because of a connection failure to the upstream server (connect timeout, etc.). (Included in 5xx) 'refused-stream' : Retry is done if the upstream server resets the stream with a REFUSED_STREAM error code (Included in 5xx) 'retriable-4xx' : Retry is done if the upstream server responds with a retriable 4xx response code. The only response code in this category is HTTP CONFLICT (409) 'retriable-status-codes' : Retry is done if the upstream server responds with any response code matching one defined in retriable_status_codes field 'reset' : Retry is done if the upstream server does not respond at all (disconnect/reset/read timeout.)
+
+#### Routes Route Destination Retry Policy Back Off
+
+A [`back_off`](#routes-route-destination-retry-policy-back-off) block (within [`routes.route_destination.retry_policy`](#routes-route-destination-retry-policy)) supports the following:
+
+<a id="routes-route-destination-retry-policy-back-off-base-interval"></a>&#x2022; [`base_interval`](#routes-route-destination-retry-policy-back-off-base-interval) - Optional Number<br>Base Retry Interval. Specifies the base interval between retries in milliseconds
+
+<a id="routes-route-destination-retry-policy-back-off-max-interval"></a>&#x2022; [`max_interval`](#routes-route-destination-retry-policy-back-off-max-interval) - Optional Number  Defaults to `10`<br>Maximum Retry Interval. Specifies the maximum interval between retries in milliseconds. This parameter is optional, but must be greater than or equal to the base_interval if set. The times the base_interval
+
+#### Routes Route Destination Spdy Config
+
+A [`spdy_config`](#routes-route-destination-spdy-config) block (within [`routes.route_destination`](#routes-route-destination)) supports the following:
+
+<a id="routes-route-destination-spdy-config-use-spdy"></a>&#x2022; [`use_spdy`](#routes-route-destination-spdy-config-use-spdy) - Optional Bool<br>Use SPDY. Specifies that the HTTP client connection to this route is allowed to upgrade to a SPDY connection
+
+#### Routes Route Destination Web Socket Config
+
+A [`web_socket_config`](#routes-route-destination-web-socket-config) block (within [`routes.route_destination`](#routes-route-destination)) supports the following:
+
+<a id="routes-route-destination-web-socket-config-use-websocket"></a>&#x2022; [`use_websocket`](#routes-route-destination-web-socket-config-use-websocket) - Optional Bool<br>Use WebSocket. Specifies that the HTTP client connection to this route is allowed to upgrade to a WebSocket connection
+
+#### Routes Route Direct Response
+
+A [`route_direct_response`](#routes-route-direct-response) block (within [`routes`](#routes)) supports the following:
+
+<a id="routes-route-direct-response-response-body-encoded"></a>&#x2022; [`response_body_encoded`](#routes-route-direct-response-response-body-encoded) - Optional String<br>Response Body. Response body to send. Currently supported URL schemes is string:/// for which message should be encoded in Base64 format. The message can be either plain text or HTML. E.g. '`<p>` Access Denied `</p>`'. Base64 encoded string URL for this is string:///PHA+IEFjY2VzcyBEZW5pZWQgPC9wPg==
+
+<a id="routes-route-direct-response-response-code"></a>&#x2022; [`response_code`](#routes-route-direct-response-response-code) - Optional Number<br>Response Code. response code to send
+
+#### Routes Route Redirect
+
+A [`route_redirect`](#routes-route-redirect) block (within [`routes`](#routes)) supports the following:
+
+<a id="routes-route-redirect-host-redirect"></a>&#x2022; [`host_redirect`](#routes-route-redirect-host-redirect) - Optional String<br>Host. swap host part of incoming URL in redirect URL
+
+<a id="routes-route-redirect-path-redirect"></a>&#x2022; [`path_redirect`](#routes-route-redirect-path-redirect) - Optional String<br>Path. swap path part of incoming URL in redirect URL
+
+<a id="routes-route-redirect-prefix-rewrite"></a>&#x2022; [`prefix_rewrite`](#routes-route-redirect-prefix-rewrite) - Optional String<br>Prefix Rewrite. In Redirect response, the matched prefix (or path) should be swapped with this value. This option allows redirect URLs be dynamically created based on the request
+
+<a id="routes-route-redirect-proto-redirect"></a>&#x2022; [`proto_redirect`](#routes-route-redirect-proto-redirect) - Optional String<br>Protocol. swap protocol part of incoming URL in redirect URL The protocol can be swapped with either HTTP or HTTPS When incoming-proto option is specified, swapping of protocol is not done
+
+<a id="routes-route-redirect-remove-all-params"></a>&#x2022; [`remove_all_params`](#routes-route-redirect-remove-all-params) - Optional Block<br>Enable this option
+
+<a id="routes-route-redirect-replace-params"></a>&#x2022; [`replace_params`](#routes-route-redirect-replace-params) - Optional String<br>Replace All Parameters
+
+<a id="routes-route-redirect-response-code"></a>&#x2022; [`response_code`](#routes-route-redirect-response-code) - Optional Number<br>Response Code. The HTTP status code to use in the redirect response
+
+<a id="routes-route-redirect-retain-all-params"></a>&#x2022; [`retain_all_params`](#routes-route-redirect-retain-all-params) - Optional Block<br>Enable this option
+
+#### Routes Service Policy
+
+A [`service_policy`](#routes-service-policy) block (within [`routes`](#routes)) supports the following:
+
+<a id="routes-service-policy-disable"></a>&#x2022; [`disable`](#routes-service-policy-disable) - Optional Bool<br>Disable. disable service policy at route level, if it is configured at virtual-host level
+
+#### Routes WAF Exclusion Policy
+
+A [`waf_exclusion_policy`](#routes-waf-exclusion-policy) block (within [`routes`](#routes)) supports the following:
+
+<a id="routes-waf-exclusion-policy-name"></a>&#x2022; [`name`](#routes-waf-exclusion-policy-name) - Optional String<br>Name. When a configuration object(e.g. virtual_host) refers to another(e.g route) then name will hold the referred object's(e.g. route's) name
+
+<a id="routes-waf-exclusion-policy-namespace"></a>&#x2022; [`namespace`](#routes-waf-exclusion-policy-namespace) - Optional String<br>Namespace. When a configuration object(e.g. virtual_host) refers to another(e.g route) then namespace will hold the referred object's(e.g. route's) namespace
+
+<a id="routes-waf-exclusion-policy-tenant"></a>&#x2022; [`tenant`](#routes-waf-exclusion-policy-tenant) - Optional String<br>Tenant. When a configuration object(e.g. virtual_host) refers to another(e.g route) then tenant will hold the referred object's(e.g. route's) tenant
+
+#### Routes WAF Type
+
+A [`waf_type`](#routes-waf-type) block (within [`routes`](#routes)) supports the following:
+
+<a id="routes-waf-type-app-firewall"></a>&#x2022; [`app_firewall`](#routes-waf-type-app-firewall) - Optional Block<br>App Firewall Reference. A list of references to the app_firewall configuration objects<br>See [App Firewall](#routes-waf-type-app-firewall) below.
+
+<a id="routes-waf-type-disable-waf"></a>&#x2022; [`disable_waf`](#routes-waf-type-disable-waf) - Optional Block<br>Enable this option
+
+<a id="routes-waf-type-inherit-waf"></a>&#x2022; [`inherit_waf`](#routes-waf-type-inherit-waf) - Optional Block<br>Enable this option
+
+#### Routes WAF Type App Firewall
+
+An [`app_firewall`](#routes-waf-type-app-firewall) block (within [`routes.waf_type`](#routes-waf-type)) supports the following:
+
+<a id="routes-waf-type-app-firewall-app-firewall"></a>&#x2022; [`app_firewall`](#routes-waf-type-app-firewall-app-firewall) - Optional Block<br>Application Firewall. References to an Application Firewall configuration object<br>See [App Firewall](#routes-waf-type-app-firewall-app-firewall) below.
+
+#### Routes WAF Type App Firewall App Firewall
+
+An [`app_firewall`](#routes-waf-type-app-firewall-app-firewall) block (within [`routes.waf_type.app_firewall`](#routes-waf-type-app-firewall)) supports the following:
+
+<a id="routes-waf-type-app-firewall-app-firewall-kind"></a>&#x2022; [`kind`](#routes-waf-type-app-firewall-app-firewall-kind) - Optional String<br>Kind. When a configuration object(e.g. virtual_host) refers to another(e.g route) then kind will hold the referred object's kind (e.g. 'route')
+
+<a id="routes-waf-type-app-firewall-app-firewall-name"></a>&#x2022; [`name`](#routes-waf-type-app-firewall-app-firewall-name) - Optional String<br>Name. When a configuration object(e.g. virtual_host) refers to another(e.g route) then name will hold the referred object's(e.g. route's) name
+
+<a id="routes-waf-type-app-firewall-app-firewall-namespace"></a>&#x2022; [`namespace`](#routes-waf-type-app-firewall-app-firewall-namespace) - Optional String<br>Namespace. When a configuration object(e.g. virtual_host) refers to another(e.g route) then namespace will hold the referred object's(e.g. route's) namespace
+
+<a id="routes-waf-type-app-firewall-app-firewall-tenant"></a>&#x2022; [`tenant`](#routes-waf-type-app-firewall-app-firewall-tenant) - Optional String<br>Tenant. When a configuration object(e.g. virtual_host) refers to another(e.g route) then tenant will hold the referred object's(e.g. route's) tenant
+
+<a id="routes-waf-type-app-firewall-app-firewall-uid"></a>&#x2022; [`uid`](#routes-waf-type-app-firewall-app-firewall-uid) - Optional String<br>UID. When a configuration object(e.g. virtual_host) refers to another(e.g route) then uid will hold the referred object's(e.g. route's) uid
+
+#### Timeouts
+
+A [`timeouts`](#timeouts) block supports the following:
+
+<a id="timeouts-create"></a>&#x2022; [`create`](#timeouts-create) - Optional String (Defaults to `10 minutes`)<br>Used when creating the resource
+
+<a id="timeouts-delete"></a>&#x2022; [`delete`](#timeouts-delete) - Optional String (Defaults to `10 minutes`)<br>Used when deleting the resource
+
+<a id="timeouts-read"></a>&#x2022; [`read`](#timeouts-read) - Optional String (Defaults to `5 minutes`)<br>Used when retrieving the resource
+
+<a id="timeouts-update"></a>&#x2022; [`update`](#timeouts-update) - Optional String (Defaults to `10 minutes`)<br>Used when updating the resource
+
+## Import
+
+Import is supported using the following syntax:
+
+```shell
+# Import using namespace/name format
+terraform import f5xc_route.example system/example
+```