@robinmordasiewicz/f5xc-terraform-mcp 2.3.0 → 2.4.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (572) hide show
  1. package/README.md +98 -15
  2. package/dist/docs/data-sources/addon_subscription.md +51 -0
  3. package/dist/docs/data-sources/address_allocator.md +51 -0
  4. package/dist/docs/data-sources/advertise_policy.md +51 -0
  5. package/dist/docs/data-sources/alert_policy.md +51 -0
  6. package/dist/docs/data-sources/alert_receiver.md +62 -0
  7. package/dist/docs/data-sources/allowed_tenant.md +51 -0
  8. package/dist/docs/data-sources/api_crawler.md +51 -0
  9. package/dist/docs/data-sources/api_credential.md +51 -0
  10. package/dist/docs/data-sources/api_definition.md +51 -0
  11. package/dist/docs/data-sources/api_discovery.md +51 -0
  12. package/dist/docs/data-sources/api_testing.md +51 -0
  13. package/dist/docs/data-sources/apm.md +51 -0
  14. package/dist/docs/data-sources/app_api_group.md +51 -0
  15. package/dist/docs/data-sources/app_firewall.md +62 -0
  16. package/dist/docs/data-sources/app_setting.md +51 -0
  17. package/dist/docs/data-sources/app_type.md +51 -0
  18. package/dist/docs/data-sources/authentication.md +51 -0
  19. package/dist/docs/data-sources/aws_tgw_site.md +51 -0
  20. package/dist/docs/data-sources/aws_vpc_site.md +68 -0
  21. package/dist/docs/data-sources/azure_vnet_site.md +68 -0
  22. package/dist/docs/data-sources/bgp.md +51 -0
  23. package/dist/docs/data-sources/bgp_asn_set.md +51 -0
  24. package/dist/docs/data-sources/bgp_routing_policy.md +51 -0
  25. package/dist/docs/data-sources/bigip_irule.md +51 -0
  26. package/dist/docs/data-sources/bot_defense_app_infrastructure.md +51 -0
  27. package/dist/docs/data-sources/cdn_cache_rule.md +51 -0
  28. package/dist/docs/data-sources/cdn_loadbalancer.md +51 -0
  29. package/dist/docs/data-sources/certificate.md +66 -0
  30. package/dist/docs/data-sources/certificate_chain.md +51 -0
  31. package/dist/docs/data-sources/child_tenant.md +51 -0
  32. package/dist/docs/data-sources/child_tenant_manager.md +51 -0
  33. package/dist/docs/data-sources/cloud_connect.md +51 -0
  34. package/dist/docs/data-sources/cloud_credentials.md +62 -0
  35. package/dist/docs/data-sources/cloud_elastic_ip.md +51 -0
  36. package/dist/docs/data-sources/cloud_link.md +51 -0
  37. package/dist/docs/data-sources/cluster.md +51 -0
  38. package/dist/docs/data-sources/cminstance.md +51 -0
  39. package/dist/docs/data-sources/code_base_integration.md +51 -0
  40. package/dist/docs/data-sources/contact.md +51 -0
  41. package/dist/docs/data-sources/container_registry.md +51 -0
  42. package/dist/docs/data-sources/crl.md +51 -0
  43. package/dist/docs/data-sources/customer_support.md +51 -0
  44. package/dist/docs/data-sources/data_group.md +51 -0
  45. package/dist/docs/data-sources/data_type.md +51 -0
  46. package/dist/docs/data-sources/dc_cluster_group.md +51 -0
  47. package/dist/docs/data-sources/discovery.md +51 -0
  48. package/dist/docs/data-sources/dns_compliance_checks.md +51 -0
  49. package/dist/docs/data-sources/dns_domain.md +51 -0
  50. package/dist/docs/data-sources/dns_lb_health_check.md +51 -0
  51. package/dist/docs/data-sources/dns_lb_pool.md +51 -0
  52. package/dist/docs/data-sources/dns_load_balancer.md +51 -0
  53. package/dist/docs/data-sources/dns_zone.md +62 -0
  54. package/dist/docs/data-sources/endpoint.md +51 -0
  55. package/dist/docs/data-sources/enhanced_firewall_policy.md +51 -0
  56. package/dist/docs/data-sources/external_connector.md +51 -0
  57. package/dist/docs/data-sources/fast_acl.md +51 -0
  58. package/dist/docs/data-sources/fast_acl_rule.md +51 -0
  59. package/dist/docs/data-sources/filter_set.md +51 -0
  60. package/dist/docs/data-sources/fleet.md +51 -0
  61. package/dist/docs/data-sources/forward_proxy_policy.md +51 -0
  62. package/dist/docs/data-sources/forwarding_class.md +51 -0
  63. package/dist/docs/data-sources/gcp_vpc_site.md +68 -0
  64. package/dist/docs/data-sources/geo_location_set.md +51 -0
  65. package/dist/docs/data-sources/global_log_receiver.md +51 -0
  66. package/dist/docs/data-sources/healthcheck.md +62 -0
  67. package/dist/docs/data-sources/http_loadbalancer.md +60 -0
  68. package/dist/docs/data-sources/ike1.md +51 -0
  69. package/dist/docs/data-sources/ike2.md +51 -0
  70. package/dist/docs/data-sources/ike_phase1_profile.md +51 -0
  71. package/dist/docs/data-sources/ike_phase2_profile.md +51 -0
  72. package/dist/docs/data-sources/infraprotect_asn.md +51 -0
  73. package/dist/docs/data-sources/infraprotect_asn_prefix.md +51 -0
  74. package/dist/docs/data-sources/infraprotect_deny_list_rule.md +51 -0
  75. package/dist/docs/data-sources/infraprotect_firewall_rule.md +51 -0
  76. package/dist/docs/data-sources/infraprotect_firewall_rule_group.md +51 -0
  77. package/dist/docs/data-sources/infraprotect_internet_prefix_advertisement.md +51 -0
  78. package/dist/docs/data-sources/infraprotect_tunnel.md +51 -0
  79. package/dist/docs/data-sources/ip_prefix_set.md +51 -0
  80. package/dist/docs/data-sources/irule.md +51 -0
  81. package/dist/docs/data-sources/k8s_cluster.md +51 -0
  82. package/dist/docs/data-sources/k8s_cluster_role.md +51 -0
  83. package/dist/docs/data-sources/k8s_cluster_role_binding.md +51 -0
  84. package/dist/docs/data-sources/k8s_pod_security_admission.md +51 -0
  85. package/dist/docs/data-sources/k8s_pod_security_policy.md +51 -0
  86. package/dist/docs/data-sources/log_receiver.md +62 -0
  87. package/dist/docs/data-sources/malicious_user_mitigation.md +51 -0
  88. package/dist/docs/data-sources/managed_tenant.md +51 -0
  89. package/dist/docs/data-sources/namespace.md +58 -0
  90. package/dist/docs/data-sources/nat_policy.md +51 -0
  91. package/dist/docs/data-sources/network_connector.md +51 -0
  92. package/dist/docs/data-sources/network_firewall.md +51 -0
  93. package/dist/docs/data-sources/network_interface.md +51 -0
  94. package/dist/docs/data-sources/network_policy.md +51 -0
  95. package/dist/docs/data-sources/network_policy_rule.md +51 -0
  96. package/dist/docs/data-sources/network_policy_view.md +51 -0
  97. package/dist/docs/data-sources/nfv_service.md +51 -0
  98. package/dist/docs/data-sources/oidc_provider.md +51 -0
  99. package/dist/docs/data-sources/origin_pool.md +65 -0
  100. package/dist/docs/data-sources/policer.md +51 -0
  101. package/dist/docs/data-sources/policy_based_routing.md +51 -0
  102. package/dist/docs/data-sources/protocol_inspection.md +51 -0
  103. package/dist/docs/data-sources/protocol_policer.md +51 -0
  104. package/dist/docs/data-sources/proxy.md +51 -0
  105. package/dist/docs/data-sources/quota.md +51 -0
  106. package/dist/docs/data-sources/rate_limiter.md +64 -0
  107. package/dist/docs/data-sources/rate_limiter_policy.md +51 -0
  108. package/dist/docs/data-sources/registration.md +51 -0
  109. package/dist/docs/data-sources/report_config.md +51 -0
  110. package/dist/docs/data-sources/role.md +51 -0
  111. package/dist/docs/data-sources/route.md +51 -0
  112. package/dist/docs/data-sources/secret_management_access.md +51 -0
  113. package/dist/docs/data-sources/secret_policy.md +51 -0
  114. package/dist/docs/data-sources/secret_policy_rule.md +51 -0
  115. package/dist/docs/data-sources/securemesh_site.md +51 -0
  116. package/dist/docs/data-sources/securemesh_site_v2.md +51 -0
  117. package/dist/docs/data-sources/segment.md +51 -0
  118. package/dist/docs/data-sources/sensitive_data_policy.md +51 -0
  119. package/dist/docs/data-sources/service_policy.md +64 -0
  120. package/dist/docs/data-sources/service_policy_rule.md +51 -0
  121. package/dist/docs/data-sources/site_mesh_group.md +51 -0
  122. package/dist/docs/data-sources/srv6_network_slice.md +51 -0
  123. package/dist/docs/data-sources/subnet.md +51 -0
  124. package/dist/docs/data-sources/tcp_loadbalancer.md +51 -0
  125. package/dist/docs/data-sources/tenant_configuration.md +51 -0
  126. package/dist/docs/data-sources/tenant_profile.md +51 -0
  127. package/dist/docs/data-sources/ticket_tracking_system.md +51 -0
  128. package/dist/docs/data-sources/token.md +51 -0
  129. package/dist/docs/data-sources/tpm_api_key.md +51 -0
  130. package/dist/docs/data-sources/tpm_category.md +51 -0
  131. package/dist/docs/data-sources/tpm_manager.md +51 -0
  132. package/dist/docs/data-sources/trusted_ca_list.md +51 -0
  133. package/dist/docs/data-sources/tunnel.md +51 -0
  134. package/dist/docs/data-sources/udp_loadbalancer.md +51 -0
  135. package/dist/docs/data-sources/usb_policy.md +51 -0
  136. package/dist/docs/data-sources/user_identification.md +51 -0
  137. package/dist/docs/data-sources/virtual_host.md +51 -0
  138. package/dist/docs/data-sources/virtual_k8s.md +51 -0
  139. package/dist/docs/data-sources/virtual_network.md +51 -0
  140. package/dist/docs/data-sources/virtual_site.md +68 -0
  141. package/dist/docs/data-sources/voltshare_admin_policy.md +51 -0
  142. package/dist/docs/data-sources/voltstack_site.md +51 -0
  143. package/dist/docs/data-sources/waf_exclusion_policy.md +51 -0
  144. package/dist/docs/data-sources/workload.md +51 -0
  145. package/dist/docs/data-sources/workload_flavor.md +51 -0
  146. package/dist/docs/functions/blindfold.md +133 -0
  147. package/dist/docs/functions/blindfold_file.md +154 -0
  148. package/dist/docs/guides/authentication.md +389 -0
  149. package/dist/docs/guides/blindfold.md +509 -0
  150. package/dist/docs/guides/http-loadbalancer.md +274 -0
  151. package/dist/docs/resources/addon_subscription.md +136 -0
  152. package/dist/docs/resources/address_allocator.md +106 -0
  153. package/dist/docs/resources/advertise_policy.md +318 -0
  154. package/dist/docs/resources/alert_policy.md +242 -0
  155. package/dist/docs/resources/alert_receiver.md +394 -0
  156. package/dist/docs/resources/allowed_tenant.md +104 -0
  157. package/dist/docs/resources/api_crawler.md +142 -0
  158. package/dist/docs/resources/api_credential.md +101 -0
  159. package/dist/docs/resources/api_definition.md +127 -0
  160. package/dist/docs/resources/api_discovery.md +100 -0
  161. package/dist/docs/resources/api_testing.md +273 -0
  162. package/dist/docs/resources/apm.md +946 -0
  163. package/dist/docs/resources/app_api_group.md +161 -0
  164. package/dist/docs/resources/app_firewall.md +282 -0
  165. package/dist/docs/resources/app_setting.md +228 -0
  166. package/dist/docs/resources/app_type.md +124 -0
  167. package/dist/docs/resources/authentication.md +228 -0
  168. package/dist/docs/resources/aws_tgw_site.md +948 -0
  169. package/dist/docs/resources/aws_vpc_site.md +1262 -0
  170. package/dist/docs/resources/azure_vnet_site.md +2316 -0
  171. package/dist/docs/resources/bgp.md +341 -0
  172. package/dist/docs/resources/bgp_asn_set.md +86 -0
  173. package/dist/docs/resources/bgp_routing_policy.md +166 -0
  174. package/dist/docs/resources/bigip_irule.md +90 -0
  175. package/dist/docs/resources/bot_defense_app_infrastructure.md +166 -0
  176. package/dist/docs/resources/cdn_cache_rule.md +278 -0
  177. package/dist/docs/resources/cdn_loadbalancer.md +3800 -0
  178. package/dist/docs/resources/certificate.md +146 -0
  179. package/dist/docs/resources/certificate_chain.md +86 -0
  180. package/dist/docs/resources/child_tenant.md +166 -0
  181. package/dist/docs/resources/child_tenant_manager.md +130 -0
  182. package/dist/docs/resources/cloud_connect.md +260 -0
  183. package/dist/docs/resources/cloud_credentials.md +264 -0
  184. package/dist/docs/resources/cloud_elastic_ip.md +108 -0
  185. package/dist/docs/resources/cloud_link.md +252 -0
  186. package/dist/docs/resources/cluster.md +408 -0
  187. package/dist/docs/resources/cminstance.md +166 -0
  188. package/dist/docs/resources/code_base_integration.md +360 -0
  189. package/dist/docs/resources/contact.md +104 -0
  190. package/dist/docs/resources/container_registry.md +132 -0
  191. package/dist/docs/resources/crl.md +106 -0
  192. package/dist/docs/resources/customer_support.md +170 -0
  193. package/dist/docs/resources/data_group.md +121 -0
  194. package/dist/docs/resources/data_type.md +188 -0
  195. package/dist/docs/resources/dc_cluster_group.md +108 -0
  196. package/dist/docs/resources/discovery.md +443 -0
  197. package/dist/docs/resources/dns_compliance_checks.md +90 -0
  198. package/dist/docs/resources/dns_domain.md +94 -0
  199. package/dist/docs/resources/dns_lb_health_check.md +166 -0
  200. package/dist/docs/resources/dns_lb_pool.md +233 -0
  201. package/dist/docs/resources/dns_load_balancer.md +254 -0
  202. package/dist/docs/resources/dns_zone.md +135 -0
  203. package/dist/docs/resources/endpoint.md +234 -0
  204. package/dist/docs/resources/enhanced_firewall_policy.md +327 -0
  205. package/dist/docs/resources/external_connector.md +246 -0
  206. package/dist/docs/resources/fast_acl.md +376 -0
  207. package/dist/docs/resources/fast_acl_rule.md +192 -0
  208. package/dist/docs/resources/filter_set.md +142 -0
  209. package/dist/docs/resources/fleet.md +1267 -0
  210. package/dist/docs/resources/forward_proxy_policy.md +408 -0
  211. package/dist/docs/resources/forwarding_class.md +133 -0
  212. package/dist/docs/resources/gcp_vpc_site.md +1170 -0
  213. package/dist/docs/resources/geo_location_set.md +97 -0
  214. package/dist/docs/resources/global_log_receiver.md +1085 -0
  215. package/dist/docs/resources/healthcheck.md +148 -0
  216. package/dist/docs/resources/http_loadbalancer.md +7118 -0
  217. package/dist/docs/resources/ike1.md +133 -0
  218. package/dist/docs/resources/ike2.md +127 -0
  219. package/dist/docs/resources/ike_phase1_profile.md +141 -0
  220. package/dist/docs/resources/ike_phase2_profile.md +131 -0
  221. package/dist/docs/resources/infraprotect_asn.md +100 -0
  222. package/dist/docs/resources/infraprotect_asn_prefix.md +104 -0
  223. package/dist/docs/resources/infraprotect_deny_list_rule.md +108 -0
  224. package/dist/docs/resources/infraprotect_firewall_rule.md +205 -0
  225. package/dist/docs/resources/infraprotect_firewall_rule_group.md +86 -0
  226. package/dist/docs/resources/infraprotect_internet_prefix_advertisement.md +108 -0
  227. package/dist/docs/resources/infraprotect_tunnel.md +228 -0
  228. package/dist/docs/resources/ip_prefix_set.md +97 -0
  229. package/dist/docs/resources/irule.md +88 -0
  230. package/dist/docs/resources/k8s_cluster.md +291 -0
  231. package/dist/docs/resources/k8s_cluster_role.md +143 -0
  232. package/dist/docs/resources/k8s_cluster_role_binding.md +130 -0
  233. package/dist/docs/resources/k8s_pod_security_admission.md +116 -0
  234. package/dist/docs/resources/k8s_pod_security_policy.md +258 -0
  235. package/dist/docs/resources/log_receiver.md +183 -0
  236. package/dist/docs/resources/malicious_user_mitigation.md +132 -0
  237. package/dist/docs/resources/managed_tenant.md +116 -0
  238. package/dist/docs/resources/namespace.md +87 -0
  239. package/dist/docs/resources/nat_policy.md +408 -0
  240. package/dist/docs/resources/network_connector.md +252 -0
  241. package/dist/docs/resources/network_firewall.md +178 -0
  242. package/dist/docs/resources/network_interface.md +439 -0
  243. package/dist/docs/resources/network_policy.md +347 -0
  244. package/dist/docs/resources/network_policy_rule.md +157 -0
  245. package/dist/docs/resources/network_policy_view.md +330 -0
  246. package/dist/docs/resources/nfv_service.md +992 -0
  247. package/dist/docs/resources/oidc_provider.md +208 -0
  248. package/dist/docs/resources/origin_pool.md +801 -0
  249. package/dist/docs/resources/policer.md +97 -0
  250. package/dist/docs/resources/policy_based_routing.md +330 -0
  251. package/dist/docs/resources/protocol_inspection.md +130 -0
  252. package/dist/docs/resources/protocol_policer.md +146 -0
  253. package/dist/docs/resources/proxy.md +1181 -0
  254. package/dist/docs/resources/quota.md +104 -0
  255. package/dist/docs/resources/rate_limiter.md +155 -0
  256. package/dist/docs/resources/rate_limiter_policy.md +296 -0
  257. package/dist/docs/resources/registration.md +406 -0
  258. package/dist/docs/resources/report_config.md +160 -0
  259. package/dist/docs/resources/role.md +100 -0
  260. package/dist/docs/resources/route.md +724 -0
  261. package/dist/docs/resources/secret_management_access.md +498 -0
  262. package/dist/docs/resources/secret_policy.md +157 -0
  263. package/dist/docs/resources/secret_policy_rule.md +115 -0
  264. package/dist/docs/resources/securemesh_site.md +940 -0
  265. package/dist/docs/resources/securemesh_site_v2.md +2942 -0
  266. package/dist/docs/resources/segment.md +97 -0
  267. package/dist/docs/resources/sensitive_data_policy.md +116 -0
  268. package/dist/docs/resources/service_policy.md +795 -0
  269. package/dist/docs/resources/service_policy_rule.md +609 -0
  270. package/dist/docs/resources/site_mesh_group.md +163 -0
  271. package/dist/docs/resources/srv6_network_slice.md +92 -0
  272. package/dist/docs/resources/subnet.md +155 -0
  273. package/dist/docs/resources/tcp_loadbalancer.md +671 -0
  274. package/dist/docs/resources/tenant_configuration.md +136 -0
  275. package/dist/docs/resources/tenant_profile.md +156 -0
  276. package/dist/docs/resources/ticket_tracking_system.md +112 -0
  277. package/dist/docs/resources/token.md +87 -0
  278. package/dist/docs/resources/tpm_api_key.md +108 -0
  279. package/dist/docs/resources/tpm_category.md +108 -0
  280. package/dist/docs/resources/tpm_manager.md +84 -0
  281. package/dist/docs/resources/trusted_ca_list.md +89 -0
  282. package/dist/docs/resources/tunnel.md +250 -0
  283. package/dist/docs/resources/udp_loadbalancer.md +336 -0
  284. package/dist/docs/resources/usb_policy.md +108 -0
  285. package/dist/docs/resources/user_identification.md +126 -0
  286. package/dist/docs/resources/virtual_host.md +934 -0
  287. package/dist/docs/resources/virtual_k8s.md +132 -0
  288. package/dist/docs/resources/virtual_network.md +149 -0
  289. package/dist/docs/resources/virtual_site.md +102 -0
  290. package/dist/docs/resources/voltshare_admin_policy.md +196 -0
  291. package/dist/docs/resources/voltstack_site.md +2259 -0
  292. package/dist/docs/resources/waf_exclusion_policy.md +182 -0
  293. package/dist/docs/resources/workload.md +6021 -0
  294. package/dist/docs/resources/workload_flavor.md +90 -0
  295. package/dist/docs/specifications/api/docs-cloud-f5-com.0000.public.ves.io.schema.ai_assistant.ves-swagger.json +1 -0
  296. package/dist/docs/specifications/api/docs-cloud-f5-com.0001.public.ves.io.schema.api_sec.api_crawler.ves-swagger.json +1 -0
  297. package/dist/docs/specifications/api/docs-cloud-f5-com.0002.public.ves.io.schema.views.api_definition.ves-swagger.json +1 -0
  298. package/dist/docs/specifications/api/docs-cloud-f5-com.0003.public.ves.io.schema.api_sec.api_discovery.ves-swagger.json +1 -0
  299. package/dist/docs/specifications/api/docs-cloud-f5-com.0004.public.ves.io.schema.api_group.ves-swagger.json +1 -0
  300. package/dist/docs/specifications/api/docs-cloud-f5-com.0005.public.ves.io.schema.api_group_element.ves-swagger.json +1 -0
  301. package/dist/docs/specifications/api/docs-cloud-f5-com.0006.public.ves.io.schema.api_sec.api_testing.ves-swagger.json +1 -0
  302. package/dist/docs/specifications/api/docs-cloud-f5-com.0007.public.ves.io.schema.api_credential.ves-swagger.json +1 -0
  303. package/dist/docs/specifications/api/docs-cloud-f5-com.0008.public.ves.io.schema.pbac.addon_service.ves-swagger.json +1 -0
  304. package/dist/docs/specifications/api/docs-cloud-f5-com.0009.public.ves.io.schema.pbac.addon_subscription.ves-swagger.json +1 -0
  305. package/dist/docs/specifications/api/docs-cloud-f5-com.0010.public.ves.io.schema.address_allocator.ves-swagger.json +1 -0
  306. package/dist/docs/specifications/api/docs-cloud-f5-com.0011.public.ves.io.schema.advertise_policy.ves-swagger.json +1 -0
  307. package/dist/docs/specifications/api/docs-cloud-f5-com.0012.public.ves.io.schema.alert_policy.ves-swagger.json +1 -0
  308. package/dist/docs/specifications/api/docs-cloud-f5-com.0013.public.ves.io.schema.alert_receiver.ves-swagger.json +1 -0
  309. package/dist/docs/specifications/api/docs-cloud-f5-com.0014.public.ves.io.schema.alert.ves-swagger.json +1 -0
  310. package/dist/docs/specifications/api/docs-cloud-f5-com.0015.public.ves.io.schema.tenant_management.allowed_tenant.ves-swagger.json +1 -0
  311. package/dist/docs/specifications/api/docs-cloud-f5-com.0016.public.ves.io.schema.views.app_api_group.ves-swagger.json +1 -0
  312. package/dist/docs/specifications/api/docs-cloud-f5-com.0017.public.ves.io.schema.app_setting.ves-swagger.json +1 -0
  313. package/dist/docs/specifications/api/docs-cloud-f5-com.0018.public.ves.io.schema.app_type.ves-swagger.json +1 -0
  314. package/dist/docs/specifications/api/docs-cloud-f5-com.0019.public.ves.io.schema.app_firewall.ves-swagger.json +1 -0
  315. package/dist/docs/specifications/api/docs-cloud-f5-com.0020.public.ves.io.schema.app_security.ves-swagger.json +1 -0
  316. package/dist/docs/specifications/api/docs-cloud-f5-com.0021.public.ves.io.schema.api_sec.rule_suggestion.ves-swagger.json +1 -0
  317. package/dist/docs/specifications/api/docs-cloud-f5-com.0022.public.ves.io.schema.shape.device_id.ves-swagger.json +1 -0
  318. package/dist/docs/specifications/api/docs-cloud-f5-com.0023.public.ves.io.schema.authentication.ves-swagger.json +1 -0
  319. package/dist/docs/specifications/api/docs-cloud-f5-com.0024.public.ves.io.schema.ai_data.bfdp.ves-swagger.json +1 -0
  320. package/dist/docs/specifications/api/docs-cloud-f5-com.0025.public.ves.io.schema.ai_data.bfdp.subscription.ves-swagger.json +1 -0
  321. package/dist/docs/specifications/api/docs-cloud-f5-com.0026.public.ves.io.schema.bgp.ves-swagger.json +1 -0
  322. package/dist/docs/specifications/api/docs-cloud-f5-com.0027.public.ves.io.schema.bgp_asn_set.ves-swagger.json +1 -0
  323. package/dist/docs/specifications/api/docs-cloud-f5-com.0028.public.ves.io.schema.operate.bgp.ves-swagger.json +1 -0
  324. package/dist/docs/specifications/api/docs-cloud-f5-com.0029.public.ves.io.schema.bgp_routing_policy.ves-swagger.json +1 -0
  325. package/dist/docs/specifications/api/docs-cloud-f5-com.0030.public.ves.io.schema.bigip.apm.ves-swagger.json +1 -0
  326. package/dist/docs/specifications/api/docs-cloud-f5-com.0031.public.ves.io.schema.bigip_irule.ves-swagger.json +1 -0
  327. package/dist/docs/specifications/api/docs-cloud-f5-com.0032.public.ves.io.schema.views.bigip_virtual_server.ves-swagger.json +1 -0
  328. package/dist/docs/specifications/api/docs-cloud-f5-com.0033.public.ves.io.schema.shape.brmalerts.alert_gen_policy.ves-swagger.json +1 -0
  329. package/dist/docs/specifications/api/docs-cloud-f5-com.0034.public.ves.io.schema.shape.brmalerts.alert_template.ves-swagger.json +1 -0
  330. package/dist/docs/specifications/api/docs-cloud-f5-com.0035.public.ves.io.schema.views.bot_defense_app_infrastructure.ves-swagger.json +1 -0
  331. package/dist/docs/specifications/api/docs-cloud-f5-com.0036.public.ves.io.schema.shape.bot_defense.threat_intelligence.bot_detection_rule.ves-swagger.json +1 -0
  332. package/dist/docs/specifications/api/docs-cloud-f5-com.0037.public.ves.io.schema.shape.bot_defense.threat_intelligence.bot_detection_update.ves-swagger.json +1 -0
  333. package/dist/docs/specifications/api/docs-cloud-f5-com.0038.public.ves.io.schema.shape.bot_defense.bot_endpoint_policy.ves-swagger.json +1 -0
  334. package/dist/docs/specifications/api/docs-cloud-f5-com.0039.public.ves.io.schema.shape.bot_defense.bot_infrastructure.ves-swagger.json +1 -0
  335. package/dist/docs/specifications/api/docs-cloud-f5-com.0040.public.ves.io.schema.shape.bot_defense.bot_allowlist_policy.ves-swagger.json +1 -0
  336. package/dist/docs/specifications/api/docs-cloud-f5-com.0041.public.ves.io.schema.shape.bot_defense.bot_network_policy.ves-swagger.json +1 -0
  337. package/dist/docs/specifications/api/docs-cloud-f5-com.0042.public.ves.io.schema.views.cdn_loadbalancer.ves-swagger.json +1 -0
  338. package/dist/docs/specifications/api/docs-cloud-f5-com.0043.public.ves.io.schema.cdn_cache_rule.ves-swagger.json +1 -0
  339. package/dist/docs/specifications/api/docs-cloud-f5-com.0044.public.ves.io.schema.crl.ves-swagger.json +1 -0
  340. package/dist/docs/specifications/api/docs-cloud-f5-com.0045.public.ves.io.schema.operate.crl.ves-swagger.json +1 -0
  341. package/dist/docs/specifications/api/docs-cloud-f5-com.0046.public.ves.io.schema.pbac.catalog.ves-swagger.json +1 -0
  342. package/dist/docs/specifications/api/docs-cloud-f5-com.0047.public.ves.io.schema.cminstance.ves-swagger.json +1 -0
  343. package/dist/docs/specifications/api/docs-cloud-f5-com.0048.public.ves.io.schema.certificate.ves-swagger.json +1 -0
  344. package/dist/docs/specifications/api/docs-cloud-f5-com.0049.public.ves.io.schema.certificate_chain.ves-swagger.json +1 -0
  345. package/dist/docs/specifications/api/docs-cloud-f5-com.0050.public.ves.io.schema.certified_hardware.ves-swagger.json +1 -0
  346. package/dist/docs/specifications/api/docs-cloud-f5-com.0051.public.ves.io.schema.tenant_management.child_tenant.ves-swagger.json +1 -0
  347. package/dist/docs/specifications/api/docs-cloud-f5-com.0052.public.ves.io.schema.tenant_management.child_tenant_manager.ves-swagger.json +1 -0
  348. package/dist/docs/specifications/api/docs-cloud-f5-com.0053.public.ves.io.schema.shape.client_side_defense.ves-swagger.json +1 -0
  349. package/dist/docs/specifications/api/docs-cloud-f5-com.0054.public.ves.io.schema.shape.client_side_defense.allowed_domain.ves-swagger.json +1 -0
  350. package/dist/docs/specifications/api/docs-cloud-f5-com.0055.public.ves.io.schema.shape.client_side_defense.protected_domain.ves-swagger.json +1 -0
  351. package/dist/docs/specifications/api/docs-cloud-f5-com.0056.public.ves.io.schema.shape.client_side_defense.mitigated_domain.ves-swagger.json +1 -0
  352. package/dist/docs/specifications/api/docs-cloud-f5-com.0057.public.ves.io.schema.shape.client_side_defense.subscription.ves-swagger.json +1 -0
  353. package/dist/docs/specifications/api/docs-cloud-f5-com.0058.public.ves.io.schema.cloud_connect.ves-swagger.json +1 -0
  354. package/dist/docs/specifications/api/docs-cloud-f5-com.0059.public.ves.io.schema.cloud_credentials.ves-swagger.json +1 -0
  355. package/dist/docs/specifications/api/docs-cloud-f5-com.0060.public.ves.io.schema.cloud_elastic_ip.ves-swagger.json +1 -0
  356. package/dist/docs/specifications/api/docs-cloud-f5-com.0061.public.ves.io.schema.cloud_region.ves-swagger.json +1 -0
  357. package/dist/docs/specifications/api/docs-cloud-f5-com.0062.public.ves.io.schema.cloud_link.ves-swagger.json +1 -0
  358. package/dist/docs/specifications/api/docs-cloud-f5-com.0063.public.ves.io.schema.cluster.ves-swagger.json +1 -0
  359. package/dist/docs/specifications/api/docs-cloud-f5-com.0064.public.ves.io.schema.api_sec.code_base_integration.ves-swagger.json +1 -0
  360. package/dist/docs/specifications/api/docs-cloud-f5-com.0065.public.ves.io.schema.views.aws_tgw_site.ves-swagger.json +1 -0
  361. package/dist/docs/specifications/api/docs-cloud-f5-com.0066.public.ves.io.schema.views.aws_vpc_site.ves-swagger.json +1 -0
  362. package/dist/docs/specifications/api/docs-cloud-f5-com.0067.public.ves.io.schema.views.voltstack_site.ves-swagger.json +1 -0
  363. package/dist/docs/specifications/api/docs-cloud-f5-com.0068.public.ves.io.schema.views.azure_vnet_site.ves-swagger.json +1 -0
  364. package/dist/docs/specifications/api/docs-cloud-f5-com.0069.public.ves.io.schema.dns_compliance_checks.ves-swagger.json +1 -0
  365. package/dist/docs/specifications/api/docs-cloud-f5-com.0071.public.ves.io.schema.views.forward_proxy_policy.ves-swagger.json +1 -0
  366. package/dist/docs/specifications/api/docs-cloud-f5-com.0072.public.ves.io.schema.views.gcp_vpc_site.ves-swagger.json +1 -0
  367. package/dist/docs/specifications/api/docs-cloud-f5-com.0073.public.ves.io.schema.views.http_loadbalancer.ves-swagger.json +1 -0
  368. package/dist/docs/specifications/api/docs-cloud-f5-com.0074.public.ves.io.schema.views.network_policy_view.ves-swagger.json +1 -0
  369. package/dist/docs/specifications/api/docs-cloud-f5-com.0075.public.ves.io.schema.protocol_inspection.ves-swagger.json +1 -0
  370. package/dist/docs/specifications/api/docs-cloud-f5-com.0076.public.ves.io.schema.views.securemesh_site.ves-swagger.json +1 -0
  371. package/dist/docs/specifications/api/docs-cloud-f5-com.0077.public.ves.io.schema.views.securemesh_site_v2.ves-swagger.json +1 -0
  372. package/dist/docs/specifications/api/docs-cloud-f5-com.0078.public.ves.io.schema.views.tcp_loadbalancer.ves-swagger.json +1 -0
  373. package/dist/docs/specifications/api/docs-cloud-f5-com.0079.public.ves.io.schema.views.udp_loadbalancer.ves-swagger.json +1 -0
  374. package/dist/docs/specifications/api/docs-cloud-f5-com.0080.public.ves.io.schema.bigcne.irule.ves-swagger.json +1 -0
  375. package/dist/docs/specifications/api/docs-cloud-f5-com.0081.public.ves.io.schema.graph.connectivity.ves-swagger.json +1 -0
  376. package/dist/docs/specifications/api/docs-cloud-f5-com.0082.public.ves.io.schema.contact.ves-swagger.json +1 -0
  377. package/dist/docs/specifications/api/docs-cloud-f5-com.0083.public.ves.io.schema.container_registry.ves-swagger.json +1 -0
  378. package/dist/docs/specifications/api/docs-cloud-f5-com.0084.public.ves.io.schema.customer_support.ves-swagger.json +1 -0
  379. package/dist/docs/specifications/api/docs-cloud-f5-com.0085.public.ves.io.schema.dc_cluster_group.ves-swagger.json +1 -0
  380. package/dist/docs/specifications/api/docs-cloud-f5-com.0086.public.ves.io.schema.dns_domain.ves-swagger.json +1 -0
  381. package/dist/docs/specifications/api/docs-cloud-f5-com.0087.public.ves.io.schema.dns_load_balancer.ves-swagger.json +1 -0
  382. package/dist/docs/specifications/api/docs-cloud-f5-com.0088.public.ves.io.schema.dns_lb_health_check.ves-swagger.json +1 -0
  383. package/dist/docs/specifications/api/docs-cloud-f5-com.0089.public.ves.io.schema.dns_lb_pool.ves-swagger.json +1 -0
  384. package/dist/docs/specifications/api/docs-cloud-f5-com.0090.public.ves.io.schema.observability.synthetic_monitor.v1_dns_monitor.ves-swagger.json +1 -0
  385. package/dist/docs/specifications/api/docs-cloud-f5-com.0091.public.ves.io.schema.dns_zone.ves-swagger.json +1 -0
  386. package/dist/docs/specifications/api/docs-cloud-f5-com.0092.public.ves.io.schema.shape.data_delivery.receiver.ves-swagger.json +1 -0
  387. package/dist/docs/specifications/api/docs-cloud-f5-com.0093.public.ves.io.schema.shape.data_delivery.ves-swagger.json +1 -0
  388. package/dist/docs/specifications/api/docs-cloud-f5-com.0094.public.ves.io.schema.bigcne.data_group.ves-swagger.json +1 -0
  389. package/dist/docs/specifications/api/docs-cloud-f5-com.0095.public.ves.io.schema.shape.data_delivery.subscription.ves-swagger.json +1 -0
  390. package/dist/docs/specifications/api/docs-cloud-f5-com.0096.public.ves.io.schema.data_type.ves-swagger.json +1 -0
  391. package/dist/docs/specifications/api/docs-cloud-f5-com.0097.public.ves.io.schema.operate.debug.ves-swagger.json +1 -0
  392. package/dist/docs/specifications/api/docs-cloud-f5-com.0098.public.ves.io.schema.operate.dhcp.ves-swagger.json +1 -0
  393. package/dist/docs/specifications/api/docs-cloud-f5-com.0100.public.ves.io.schema.discovered_service.ves-swagger.json +1 -0
  394. package/dist/docs/specifications/api/docs-cloud-f5-com.0101.public.ves.io.schema.discovery.ves-swagger.json +1 -0
  395. package/dist/docs/specifications/api/docs-cloud-f5-com.0102.public.ves.io.schema.endpoint.ves-swagger.json +1 -0
  396. package/dist/docs/specifications/api/docs-cloud-f5-com.0103.public.ves.io.schema.enhanced_firewall_policy.ves-swagger.json +1 -0
  397. package/dist/docs/specifications/api/docs-cloud-f5-com.0104.public.ves.io.schema.views.external_connector.ves-swagger.json +1 -0
  398. package/dist/docs/specifications/api/docs-cloud-f5-com.0105.public.ves.io.schema.dns_zone.rrset.ves-swagger.json +1 -0
  399. package/dist/docs/specifications/api/docs-cloud-f5-com.0106.public.ves.io.schema.dns_zone.subscription.ves-swagger.json +1 -0
  400. package/dist/docs/specifications/api/docs-cloud-f5-com.0107.public.ves.io.schema.malware_protection.subscription.ves-swagger.json +1 -0
  401. package/dist/docs/specifications/api/docs-cloud-f5-com.0108.public.ves.io.schema.secret_management.ves-swagger.json +1 -0
  402. package/dist/docs/specifications/api/docs-cloud-f5-com.0109.public.ves.io.schema.voltshare.ves-swagger.json +1 -0
  403. package/dist/docs/specifications/api/docs-cloud-f5-com.0110.public.ves.io.schema.maintenance_status.ves-swagger.json +1 -0
  404. package/dist/docs/specifications/api/docs-cloud-f5-com.0111.public.ves.io.schema.fast_acl.ves-swagger.json +1 -0
  405. package/dist/docs/specifications/api/docs-cloud-f5-com.0112.public.ves.io.schema.fast_acl_rule.ves-swagger.json +1 -0
  406. package/dist/docs/specifications/api/docs-cloud-f5-com.0113.public.ves.io.schema.filter_set.ves-swagger.json +1 -0
  407. package/dist/docs/specifications/api/docs-cloud-f5-com.0114.public.ves.io.schema.fleet.ves-swagger.json +1 -0
  408. package/dist/docs/specifications/api/docs-cloud-f5-com.0115.public.ves.io.schema.flow_anomaly.ves-swagger.json +1 -0
  409. package/dist/docs/specifications/api/docs-cloud-f5-com.0116.public.ves.io.schema.operate.flow.ves-swagger.json +1 -0
  410. package/dist/docs/specifications/api/docs-cloud-f5-com.0117.public.ves.io.schema.flow.ves-swagger.json +1 -0
  411. package/dist/docs/specifications/api/docs-cloud-f5-com.0118.public.ves.io.schema.forwarding_class.ves-swagger.json +1 -0
  412. package/dist/docs/specifications/api/docs-cloud-f5-com.0119.public.ves.io.schema.data_privacy.geo_config.ves-swagger.json +1 -0
  413. package/dist/docs/specifications/api/docs-cloud-f5-com.0120.public.ves.io.schema.geo_location_set.ves-swagger.json +1 -0
  414. package/dist/docs/specifications/api/docs-cloud-f5-com.0121.public.ves.io.schema.gia.ves-swagger.json +1 -0
  415. package/dist/docs/specifications/api/docs-cloud-f5-com.0122.public.ves.io.schema.global_log_receiver.ves-swagger.json +1 -0
  416. package/dist/docs/specifications/api/docs-cloud-f5-com.0123.public.ves.io.schema.observability.synthetic_monitor.v1_http_monitor.ves-swagger.json +1 -0
  417. package/dist/docs/specifications/api/docs-cloud-f5-com.0124.public.ves.io.schema.healthcheck.ves-swagger.json +1 -0
  418. package/dist/docs/specifications/api/docs-cloud-f5-com.0125.public.ves.io.schema.ike1.ves-swagger.json +1 -0
  419. package/dist/docs/specifications/api/docs-cloud-f5-com.0126.public.ves.io.schema.views.ike_phase1_profile.ves-swagger.json +1 -0
  420. package/dist/docs/specifications/api/docs-cloud-f5-com.0127.public.ves.io.schema.ike2.ves-swagger.json +1 -0
  421. package/dist/docs/specifications/api/docs-cloud-f5-com.0128.public.ves.io.schema.views.ike_phase2_profile.ves-swagger.json +1 -0
  422. package/dist/docs/specifications/api/docs-cloud-f5-com.0129.public.ves.io.schema.ip_prefix_set.ves-swagger.json +1 -0
  423. package/dist/docs/specifications/api/docs-cloud-f5-com.0130.public.ves.io.schema.implicit_label.ves-swagger.json +1 -0
  424. package/dist/docs/specifications/api/docs-cloud-f5-com.0131.public.ves.io.schema.infraprotect.ves-swagger.json +1 -0
  425. package/dist/docs/specifications/api/docs-cloud-f5-com.0132.public.ves.io.schema.infraprotect_asn.ves-swagger.json +1 -0
  426. package/dist/docs/specifications/api/docs-cloud-f5-com.0133.public.ves.io.schema.infraprotect_asn_prefix.ves-swagger.json +1 -0
  427. package/dist/docs/specifications/api/docs-cloud-f5-com.0134.public.ves.io.schema.infraprotect_deny_list_rule.ves-swagger.json +1 -0
  428. package/dist/docs/specifications/api/docs-cloud-f5-com.0135.public.ves.io.schema.infraprotect_firewall_rule.ves-swagger.json +1 -0
  429. package/dist/docs/specifications/api/docs-cloud-f5-com.0136.public.ves.io.schema.infraprotect_firewall_rule_group.ves-swagger.json +1 -0
  430. package/dist/docs/specifications/api/docs-cloud-f5-com.0137.public.ves.io.schema.infraprotect_firewall_ruleset.ves-swagger.json +1 -0
  431. package/dist/docs/specifications/api/docs-cloud-f5-com.0138.public.ves.io.schema.infraprotect_information.ves-swagger.json +1 -0
  432. package/dist/docs/specifications/api/docs-cloud-f5-com.0139.public.ves.io.schema.infraprotect_internet_prefix_advertisement.ves-swagger.json +1 -0
  433. package/dist/docs/specifications/api/docs-cloud-f5-com.0140.public.ves.io.schema.usage.invoice.ves-swagger.json +1 -0
  434. package/dist/docs/specifications/api/docs-cloud-f5-com.0141.public.ves.io.schema.k8s_cluster.ves-swagger.json +1 -0
  435. package/dist/docs/specifications/api/docs-cloud-f5-com.0142.public.ves.io.schema.k8s_cluster_role.ves-swagger.json +1 -0
  436. package/dist/docs/specifications/api/docs-cloud-f5-com.0143.public.ves.io.schema.k8s_cluster_role_binding.ves-swagger.json +1 -0
  437. package/dist/docs/specifications/api/docs-cloud-f5-com.0144.public.ves.io.schema.k8s_pod_security_admission.ves-swagger.json +1 -0
  438. package/dist/docs/specifications/api/docs-cloud-f5-com.0145.public.ves.io.schema.k8s_pod_security_policy.ves-swagger.json +1 -0
  439. package/dist/docs/specifications/api/docs-cloud-f5-com.0146.public.ves.io.schema.known_label.ves-swagger.json +1 -0
  440. package/dist/docs/specifications/api/docs-cloud-f5-com.0147.public.ves.io.schema.known_label_key.ves-swagger.json +1 -0
  441. package/dist/docs/specifications/api/docs-cloud-f5-com.0148.public.ves.io.schema.data_privacy.lma_region.ves-swagger.json +1 -0
  442. package/dist/docs/specifications/api/docs-cloud-f5-com.0149.public.ves.io.schema.operate.lte.ves-swagger.json +1 -0
  443. package/dist/docs/specifications/api/docs-cloud-f5-com.0150.public.ves.io.schema.log_receiver.ves-swagger.json +1 -0
  444. package/dist/docs/specifications/api/docs-cloud-f5-com.0151.public.ves.io.schema.log.ves-swagger.json +1 -0
  445. package/dist/docs/specifications/api/docs-cloud-f5-com.0152.public.ves.io.schema.malicious_user_mitigation.ves-swagger.json +1 -0
  446. package/dist/docs/specifications/api/docs-cloud-f5-com.0153.public.ves.io.schema.tenant_management.managed_tenant.ves-swagger.json +1 -0
  447. package/dist/docs/specifications/api/docs-cloud-f5-com.0154.public.ves.io.schema.shape.mobile_app_shield.subscription.ves-swagger.json +1 -0
  448. package/dist/docs/specifications/api/docs-cloud-f5-com.0155.public.ves.io.schema.shape.mobile_integrator.subscription.ves-swagger.json +1 -0
  449. package/dist/docs/specifications/api/docs-cloud-f5-com.0156.public.ves.io.schema.shape.bot_defense.mobile_sdk.ves-swagger.json +1 -0
  450. package/dist/docs/specifications/api/docs-cloud-f5-com.0157.public.ves.io.schema.shape.bot_defense.mobile_base_config.ves-swagger.json +1 -0
  451. package/dist/docs/specifications/api/docs-cloud-f5-com.0158.public.ves.io.schema.module_management.ves-swagger.json +1 -0
  452. package/dist/docs/specifications/api/docs-cloud-f5-com.0159.public.ves.io.schema.nat_policy.ves-swagger.json +1 -0
  453. package/dist/docs/specifications/api/docs-cloud-f5-com.0160.public.ves.io.schema.nfv_service.ves-swagger.json +1 -0
  454. package/dist/docs/specifications/api/docs-cloud-f5-com.0161.public.ves.io.schema.nginx.one.nginx_csg.ves-swagger.json +1 -0
  455. package/dist/docs/specifications/api/docs-cloud-f5-com.0162.public.ves.io.schema.nginx.one.nginx_instance.ves-swagger.json +1 -0
  456. package/dist/docs/specifications/api/docs-cloud-f5-com.0163.public.ves.io.schema.nginx.one.nginx_server.ves-swagger.json +1 -0
  457. package/dist/docs/specifications/api/docs-cloud-f5-com.0164.public.ves.io.schema.nginx.one.subscription.ves-swagger.json +1 -0
  458. package/dist/docs/specifications/api/docs-cloud-f5-com.0165.public.ves.io.schema.nginx.one.nginx_service_discovery.ves-swagger.json +1 -0
  459. package/dist/docs/specifications/api/docs-cloud-f5-com.0166.public.ves.io.schema.namespace.ves-swagger.json +1 -0
  460. package/dist/docs/specifications/api/docs-cloud-f5-com.0167.public.ves.io.schema.namespace_role.ves-swagger.json +1 -0
  461. package/dist/docs/specifications/api/docs-cloud-f5-com.0168.public.ves.io.schema.pbac.navigation_tile.ves-swagger.json +1 -0
  462. package/dist/docs/specifications/api/docs-cloud-f5-com.0169.public.ves.io.schema.network_connector.ves-swagger.json +1 -0
  463. package/dist/docs/specifications/api/docs-cloud-f5-com.0170.public.ves.io.schema.network_firewall.ves-swagger.json +1 -0
  464. package/dist/docs/specifications/api/docs-cloud-f5-com.0171.public.ves.io.schema.network_interface.ves-swagger.json +1 -0
  465. package/dist/docs/specifications/api/docs-cloud-f5-com.0172.public.ves.io.schema.network_policy.ves-swagger.json +1 -0
  466. package/dist/docs/specifications/api/docs-cloud-f5-com.0173.public.ves.io.schema.network_policy_rule.ves-swagger.json +1 -0
  467. package/dist/docs/specifications/api/docs-cloud-f5-com.0174.public.ves.io.schema.network_policy_set.ves-swagger.json +1 -0
  468. package/dist/docs/specifications/api/docs-cloud-f5-com.0175.public.ves.io.schema.observability.subscription.ves-swagger.json +1 -0
  469. package/dist/docs/specifications/api/docs-cloud-f5-com.0176.public.ves.io.schema.marketplace.aws_account.ves-swagger.json +1 -0
  470. package/dist/docs/specifications/api/docs-cloud-f5-com.0177.public.ves.io.schema.views.origin_pool.ves-swagger.json +1 -0
  471. package/dist/docs/specifications/api/docs-cloud-f5-com.0178.public.ves.io.schema.billing.payment_method.ves-swagger.json +1 -0
  472. package/dist/docs/specifications/api/docs-cloud-f5-com.0179.public.ves.io.schema.operate.ping.ves-swagger.json +1 -0
  473. package/dist/docs/specifications/api/docs-cloud-f5-com.0180.public.ves.io.schema.pbac.plan.ves-swagger.json +1 -0
  474. package/dist/docs/specifications/api/docs-cloud-f5-com.0181.public.ves.io.schema.billing.plan_transition.ves-swagger.json +1 -0
  475. package/dist/docs/specifications/api/docs-cloud-f5-com.0182.public.ves.io.schema.policer.ves-swagger.json +1 -0
  476. package/dist/docs/specifications/api/docs-cloud-f5-com.0183.public.ves.io.schema.views.policy_based_routing.ves-swagger.json +1 -0
  477. package/dist/docs/specifications/api/docs-cloud-f5-com.0184.public.ves.io.schema.shape.bot_defense.protected_application.ves-swagger.json +1 -0
  478. package/dist/docs/specifications/api/docs-cloud-f5-com.0185.public.ves.io.schema.protocol_policer.ves-swagger.json +1 -0
  479. package/dist/docs/specifications/api/docs-cloud-f5-com.0186.public.ves.io.schema.views.proxy.ves-swagger.json +1 -0
  480. package/dist/docs/specifications/api/docs-cloud-f5-com.0187.public.ves.io.schema.public_ip.ves-swagger.json +1 -0
  481. package/dist/docs/specifications/api/docs-cloud-f5-com.0188.public.ves.io.schema.quota.ves-swagger.json +1 -0
  482. package/dist/docs/specifications/api/docs-cloud-f5-com.0189.public.ves.io.schema.rbac_policy.ves-swagger.json +1 -0
  483. package/dist/docs/specifications/api/docs-cloud-f5-com.0190.public.ves.io.schema.rate_limiter.ves-swagger.json +1 -0
  484. package/dist/docs/specifications/api/docs-cloud-f5-com.0191.public.ves.io.schema.views.rate_limiter_policy.ves-swagger.json +1 -0
  485. package/dist/docs/specifications/api/docs-cloud-f5-com.0192.public.ves.io.schema.registration.ves-swagger.json +1 -0
  486. package/dist/docs/specifications/api/docs-cloud-f5-com.0193.public.ves.io.schema.report.ves-swagger.json +1 -0
  487. package/dist/docs/specifications/api/docs-cloud-f5-com.0194.public.ves.io.schema.report_config.ves-swagger.json +1 -0
  488. package/dist/docs/specifications/api/docs-cloud-f5-com.0195.public.ves.io.schema.role.ves-swagger.json +1 -0
  489. package/dist/docs/specifications/api/docs-cloud-f5-com.0196.public.ves.io.schema.trusted_ca_list.ves-swagger.json +1 -0
  490. package/dist/docs/specifications/api/docs-cloud-f5-com.0197.public.ves.io.schema.route.ves-swagger.json +1 -0
  491. package/dist/docs/specifications/api/docs-cloud-f5-com.0198.public.ves.io.schema.operate.route.ves-swagger.json +1 -0
  492. package/dist/docs/specifications/api/docs-cloud-f5-com.0199.public.ves.io.schema.srv6_network_slice.ves-swagger.json +1 -0
  493. package/dist/docs/specifications/api/docs-cloud-f5-com.0200.public.ves.io.schema.oidc_provider.ves-swagger.json +1 -0
  494. package/dist/docs/specifications/api/docs-cloud-f5-com.0201.public.ves.io.schema.secret_management_access.ves-swagger.json +1 -0
  495. package/dist/docs/specifications/api/docs-cloud-f5-com.0202.public.ves.io.schema.secret_policy.ves-swagger.json +1 -0
  496. package/dist/docs/specifications/api/docs-cloud-f5-com.0203.public.ves.io.schema.secret_policy_rule.ves-swagger.json +1 -0
  497. package/dist/docs/specifications/api/docs-cloud-f5-com.0204.public.ves.io.schema.segment.ves-swagger.json +1 -0
  498. package/dist/docs/specifications/api/docs-cloud-f5-com.0205.public.ves.io.schema.segment_connection.ves-swagger.json +1 -0
  499. package/dist/docs/specifications/api/docs-cloud-f5-com.0206.public.ves.io.schema.sensitive_data_policy.ves-swagger.json +1 -0
  500. package/dist/docs/specifications/api/docs-cloud-f5-com.0207.public.ves.io.schema.graph.service.ves-swagger.json +1 -0
  501. package/dist/docs/specifications/api/docs-cloud-f5-com.0208.public.ves.io.schema.service_policy.ves-swagger.json +1 -0
  502. package/dist/docs/specifications/api/docs-cloud-f5-com.0209.public.ves.io.schema.service_policy_rule.ves-swagger.json +1 -0
  503. package/dist/docs/specifications/api/docs-cloud-f5-com.0210.public.ves.io.schema.service_policy_set.ves-swagger.json +1 -0
  504. package/dist/docs/specifications/api/docs-cloud-f5-com.0211.public.ves.io.schema.shape_bot_defense_instance.ves-swagger.json +1 -0
  505. package/dist/docs/specifications/api/docs-cloud-f5-com.0212.public.ves.io.schema.shape.bot_defense.reporting.ves-swagger.json +1 -0
  506. package/dist/docs/specifications/api/docs-cloud-f5-com.0213.public.ves.io.schema.shape.bot_defense.subscription.ves-swagger.json +1 -0
  507. package/dist/docs/specifications/api/docs-cloud-f5-com.0214.public.ves.io.schema.shape.recognize.ves-swagger.json +1 -0
  508. package/dist/docs/specifications/api/docs-cloud-f5-com.0215.public.ves.io.schema.shape.safeap.ves-swagger.json +1 -0
  509. package/dist/docs/specifications/api/docs-cloud-f5-com.0216.public.ves.io.schema.shape.safe.ves-swagger.json +1 -0
  510. package/dist/docs/specifications/api/docs-cloud-f5-com.0217.public.ves.io.schema.signup.ves-swagger.json +1 -0
  511. package/dist/docs/specifications/api/docs-cloud-f5-com.0218.public.ves.io.schema.site.ves-swagger.json +1 -0
  512. package/dist/docs/specifications/api/docs-cloud-f5-com.0219.public.ves.io.schema.graph.site.ves-swagger.json +1 -0
  513. package/dist/docs/specifications/api/docs-cloud-f5-com.0220.public.ves.io.schema.site_mesh_group.ves-swagger.json +1 -0
  514. package/dist/docs/specifications/api/docs-cloud-f5-com.0221.public.ves.io.schema.status_at_site.ves-swagger.json +1 -0
  515. package/dist/docs/specifications/api/docs-cloud-f5-com.0222.public.ves.io.schema.stored_object.ves-swagger.json +1 -0
  516. package/dist/docs/specifications/api/docs-cloud-f5-com.0223.public.ves.io.schema.subnet.ves-swagger.json +1 -0
  517. package/dist/docs/specifications/api/docs-cloud-f5-com.0224.public.ves.io.schema.usage.subscription.ves-swagger.json +1 -0
  518. package/dist/docs/specifications/api/docs-cloud-f5-com.0225.public.ves.io.schema.subscription.ves-swagger.json +1 -0
  519. package/dist/docs/specifications/api/docs-cloud-f5-com.0226.public.ves.io.schema.observability.synthetic_monitor.ves-swagger.json +1 -0
  520. package/dist/docs/specifications/api/docs-cloud-f5-com.0227.public.ves.io.schema.scim.ves-swagger.json +1 -0
  521. package/dist/docs/specifications/api/docs-cloud-f5-com.0228.public.ves.io.schema.tpm_api_key.ves-swagger.json +1 -0
  522. package/dist/docs/specifications/api/docs-cloud-f5-com.0229.public.ves.io.schema.tpm_category.ves-swagger.json +1 -0
  523. package/dist/docs/specifications/api/docs-cloud-f5-com.0230.public.ves.io.schema.tpm_manager.ves-swagger.json +1 -0
  524. package/dist/docs/specifications/api/docs-cloud-f5-com.0231.public.ves.io.schema.tpm_provision.ves-swagger.json +1 -0
  525. package/dist/docs/specifications/api/docs-cloud-f5-com.0232.public.ves.io.schema.operate.tcpdump.ves-swagger.json +1 -0
  526. package/dist/docs/specifications/api/docs-cloud-f5-com.0233.public.ves.io.schema.tenant.ves-swagger.json +1 -0
  527. package/dist/docs/specifications/api/docs-cloud-f5-com.0234.public.ves.io.schema.views.tenant_configuration.ves-swagger.json +1 -0
  528. package/dist/docs/specifications/api/docs-cloud-f5-com.0235.public.ves.io.schema.tenant_management.ves-swagger.json +1 -0
  529. package/dist/docs/specifications/api/docs-cloud-f5-com.0236.public.ves.io.schema.tenant_management.tenant_profile.ves-swagger.json +1 -0
  530. package/dist/docs/specifications/api/docs-cloud-f5-com.0237.public.ves.io.schema.views.third_party_application.ves-swagger.json +1 -0
  531. package/dist/docs/specifications/api/docs-cloud-f5-com.0238.public.ves.io.schema.ticket_management.ticket_tracking_system.ves-swagger.json +1 -0
  532. package/dist/docs/specifications/api/docs-cloud-f5-com.0239.public.ves.io.schema.token.ves-swagger.json +1 -0
  533. package/dist/docs/specifications/api/docs-cloud-f5-com.0240.public.ves.io.schema.topology.ves-swagger.json +1 -0
  534. package/dist/docs/specifications/api/docs-cloud-f5-com.0241.public.ves.io.schema.operate.traceroute.ves-swagger.json +1 -0
  535. package/dist/docs/specifications/api/docs-cloud-f5-com.0242.public.ves.io.schema.tunnel.ves-swagger.json +1 -0
  536. package/dist/docs/specifications/api/docs-cloud-f5-com.0243.public.ves.io.schema.infraprotect_tunnel.ves-swagger.json +1 -0
  537. package/dist/docs/specifications/api/docs-cloud-f5-com.0244.public.ves.io.schema.operate.usb.ves-swagger.json +1 -0
  538. package/dist/docs/specifications/api/docs-cloud-f5-com.0245.public.ves.io.schema.usb_policy.ves-swagger.json +1 -0
  539. package/dist/docs/specifications/api/docs-cloud-f5-com.0246.public.ves.io.schema.ui.static_component.ves-swagger.json +1 -0
  540. package/dist/docs/specifications/api/docs-cloud-f5-com.0247.public.ves.io.schema.upgrade_status.ves-swagger.json +1 -0
  541. package/dist/docs/specifications/api/docs-cloud-f5-com.0248.public.ves.io.schema.virtual_appliance.ves-swagger.json +1 -0
  542. package/dist/docs/specifications/api/docs-cloud-f5-com.0249.public.ves.io.schema.usage.ves-swagger.json +1 -0
  543. package/dist/docs/specifications/api/docs-cloud-f5-com.0250.public.ves.io.schema.usage.plan.ves-swagger.json +1 -0
  544. package/dist/docs/specifications/api/docs-cloud-f5-com.0251.public.ves.io.schema.user.ves-swagger.json +1 -0
  545. package/dist/docs/specifications/api/docs-cloud-f5-com.0252.public.ves.io.schema.user_group.ves-swagger.json +1 -0
  546. package/dist/docs/specifications/api/docs-cloud-f5-com.0253.public.ves.io.schema.user_identification.ves-swagger.json +1 -0
  547. package/dist/docs/specifications/api/docs-cloud-f5-com.0254.public.ves.io.schema.user.setting.ves-swagger.json +1 -0
  548. package/dist/docs/specifications/api/docs-cloud-f5-com.0255.public.ves.io.schema.views.view_internal.ves-swagger.json +1 -0
  549. package/dist/docs/specifications/api/docs-cloud-f5-com.0256.public.ves.io.schema.views.terraform_parameters.ves-swagger.json +1 -0
  550. package/dist/docs/specifications/api/docs-cloud-f5-com.0257.public.ves.io.schema.virtual_host.ves-swagger.json +1 -0
  551. package/dist/docs/specifications/api/docs-cloud-f5-com.0258.public.ves.io.schema.virtual_k8s.ves-swagger.json +1 -0
  552. package/dist/docs/specifications/api/docs-cloud-f5-com.0259.public.ves.io.schema.virtual_network.ves-swagger.json +1 -0
  553. package/dist/docs/specifications/api/docs-cloud-f5-com.0260.public.ves.io.schema.virtual_site.ves-swagger.json +1 -0
  554. package/dist/docs/specifications/api/docs-cloud-f5-com.0261.public.ves.io.schema.voltshare_admin_policy.ves-swagger.json +1 -0
  555. package/dist/docs/specifications/api/docs-cloud-f5-com.0262.public.ves.io.schema.waf.ves-swagger.json +1 -0
  556. package/dist/docs/specifications/api/docs-cloud-f5-com.0263.public.ves.io.schema.waf_exclusion_policy.ves-swagger.json +1 -0
  557. package/dist/docs/specifications/api/docs-cloud-f5-com.0264.public.ves.io.schema.waf_signatures_changelog.ves-swagger.json +1 -0
  558. package/dist/docs/specifications/api/docs-cloud-f5-com.0265.public.ves.io.schema.operate.wifi.ves-swagger.json +1 -0
  559. package/dist/docs/specifications/api/docs-cloud-f5-com.0266.public.ves.io.schema.was.user_token.ves-swagger.json +1 -0
  560. package/dist/docs/specifications/api/docs-cloud-f5-com.0267.public.ves.io.schema.views.workload.ves-swagger.json +1 -0
  561. package/dist/docs/specifications/api/docs-cloud-f5-com.0268.public.ves.io.schema.workload_flavor.ves-swagger.json +1 -0
  562. package/dist/docs/specifications/api/docs-cloud-f5-com.0269.public.ves.io.schema.marketplace.xc_saas.ves-swagger.json +1 -0
  563. package/dist/docs/specifications/api/docs-cloud-f5-com.0270.public.ves.io.schema.graph.l3l4.ves-swagger.json +1 -0
  564. package/dist/index.js +21 -21
  565. package/dist/index.js.map +1 -1
  566. package/dist/services/api-specs.d.ts.map +1 -1
  567. package/dist/services/api-specs.js +15 -3
  568. package/dist/services/api-specs.js.map +1 -1
  569. package/dist/services/documentation.d.ts.map +1 -1
  570. package/dist/services/documentation.js +25 -9
  571. package/dist/services/documentation.js.map +1 -1
  572. package/package.json +6 -3
package/dist/docs/resources/service_policy.md ADDED
@@ -0,0 +1,795 @@
1
+ ---
2
+ page_title: "f5xc_service_policy Resource - terraform-provider-f5xc"
3
+ subcategory: "Security"
4
+ description: |-
5
+ [Category: Security] [Namespace: required] [DependsOn: namespace] Manages service_policy creates a new object in the storage backend for metadata.namespace. in F5 Distributed Cloud.
6
+ ---
7
+
8
+ # f5xc_service_policy (Resource)
9
+
10
+ [Category: Security] [Namespace: required] [DependsOn: namespace] Manages service_policy creates a new object in the storage backend for metadata.namespace. in F5 Distributed Cloud.
11
+
12
+ ~> **Note** Please refer to [Service Policy API docs](https://docs.cloud.f5.com/docs-v2/api/service-policy) to learn more.
13
+
14
+ ## Example Usage
15
+
16
+ ```terraform
17
+ # Service Policy Resource Example
18
+ # [Category: Security] [Namespace: required] [DependsOn: namespace] Manages service_policy creates a new object in the storage backend for metadata.namespace. in F5 Distributed Cloud.
19
+
20
+ # Basic Service Policy configuration
21
+ resource "f5xc_service_policy" "example" {
22
+ name = "example-service-policy"
23
+ namespace = "shared"
24
+
25
+ labels = {
26
+ environment = "production"
27
+ managed_by = "terraform"
28
+ }
29
+
30
+ annotations = {
31
+ "owner" = "platform-team"
32
+ }
33
+
34
+ # Service Policy configuration
35
+ algo = "FIRST_MATCH"
36
+
37
+ # Allow specific paths
38
+ rules {
39
+ metadata {
40
+ name = "allow-api"
41
+ }
42
+ spec {
43
+ action = "ALLOW"
44
+ path {
45
+ prefix = "/api/"
46
+ }
47
+ }
48
+ }
49
+ }
50
+ ```
51
+
52
+ <!-- schema generated by tfplugindocs -->
53
+ ## Argument Reference
54
+
55
+ ### Metadata Argument Reference
56
+
57
+ <a id="name"></a>&#x2022; [`name`](#name) - Required String<br>Name of the Service Policy. Must be unique within the namespace
58
+
59
+ <a id="namespace"></a>&#x2022; [`namespace`](#namespace) - Required String<br>Namespace where the Service Policy will be created
60
+
61
+ <a id="annotations"></a>&#x2022; [`annotations`](#annotations) - Optional Map<br>Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata
62
+
63
+ <a id="description"></a>&#x2022; [`description`](#description) - Optional String<br>Human readable description for the object
64
+
65
+ <a id="disable"></a>&#x2022; [`disable`](#disable) - Optional Bool<br>A value of true will administratively disable the object
66
+
67
+ <a id="labels"></a>&#x2022; [`labels`](#labels) - Optional Map<br>Labels is a user defined key value map that can be attached to resources for organization and filtering
68
+
69
+ ### Spec Argument Reference
70
+
71
+ -> **One of the following:**
72
+ &#x2022; <a id="allow-all-requests"></a>[`allow_all_requests`](#allow-all-requests) - Optional Block<br>Enable this option
73
+ <br><br>&#x2022; <a id="allow-list"></a>[`allow_list`](#allow-list) - Optional Block<br>Source List. List of sources. A request belongs to this list if it satisfies any of the match criteria<br>See [Allow List](#allow-list) below for details.
74
+ <br><br>&#x2022; <a id="deny-all-requests"></a>[`deny_all_requests`](#deny-all-requests) - Optional Block<br>Enable this option
75
+ <br><br>&#x2022; <a id="deny-list"></a>[`deny_list`](#deny-list) - Optional Block<br>Source List. List of sources. A request belongs to this list if it satisfies any of the match criteria<br>See [Deny List](#deny-list) below for details.
76
+ <br><br>&#x2022; <a id="rule-list"></a>[`rule_list`](#rule-list) - Optional Block<br>Rule List. A list of rules. The order of evaluation of the rules depends on the rule combining algorithm<br>See [Rule List](#rule-list) below for details.
77
+
78
+ -> **One of the following:**
79
+ &#x2022; <a id="any-server"></a>[`any_server`](#any-server) - Optional Block<br>Enable this option
80
+ <br><br>&#x2022; <a id="server-name"></a>[`server_name`](#server-name) - Optional String<br>Server Name. The expected name of the server to which the request API is directed. The actual names for the server are extracted from the HTTP Host header and the name of the virtual_host to which the request is directed. If the request is directed to a virtual K8S service, the actual names also contain the name of that service. The predicate evaluates to true if any of the actual names is the same as the expected server name
81
+ <br><br>&#x2022; <a id="server-name-matcher"></a>[`server_name_matcher`](#server-name-matcher) - Optional Block<br>Matcher. A matcher specifies multiple criteria for matching an input string. The match is considered successful if any of the criteria are satisfied. The set of supported match criteria includes a list of exact values and a list of regular expressions
82
+ <br><br>&#x2022; <a id="server-selector"></a>[`server_selector`](#server-selector) - Optional Block<br>Label Selector. This type can be used to establish a 'selector reference' from one object(called selector) to a set of other objects(called selectees) based on the value of expresssions. A label selector is a label query over a set of resources. An empty label selector matches all objects. A null label selector matches no objects. Label selector is immutable. expressions is a list of strings of label selection expression. Each string has ',' separated values which are 'AND' and all strings are logically 'OR'. BNF for expression string `<selector-syntax>` ::= `<requirement>` | `<requirement>` ',' `<selector-syntax>` `<requirement>` ::= [!] KEY [ `<set-based-restriction>` | `<exact-match-restriction>` ] `<set-based-restriction>` ::= '' | `<inclusion-exclusion>` `<value-set>` `<inclusion-exclusion>` ::= `<inclusion>` | `<exclusion>` `<exclusion>` ::= 'notin' `<inclusion>` ::= 'in' `<value-set>` ::= '(' `<values>` ')' `<values>` ::= VALUE | VALUE ',' `<values>` `<exact-match-restriction>` ::= ['='|'=='|'!='] VALUE
83
+
84
+ <a id="timeouts"></a>&#x2022; [`timeouts`](#timeouts) - Optional Block
85
+
86
+ ### Attributes Reference
87
+
88
+ In addition to all arguments above, the following attributes are exported:
89
+
90
+ <a id="id"></a>&#x2022; [`id`](#id) - Optional String<br>Unique identifier for the resource
91
+
92
+ ---
93
+
94
+ #### Allow List
95
+
96
+ An [`allow_list`](#allow-list) block supports the following:
97
+
98
+ <a id="allow-list-asn-list"></a>&#x2022; [`asn_list`](#allow-list-asn-list) - Optional Block<br>ASN Match List. An unordered set of RFC 6793 defined 4-byte AS numbers that can be used to create allow or deny lists for use in network policy or service policy. It can be used to create the allow list only for DNS Load Balancer<br>See [Asn List](#allow-list-asn-list) below.
99
+
100
+ <a id="allow-list-asn-set"></a>&#x2022; [`asn_set`](#allow-list-asn-set) - Optional Block<br>BGP ASN Set. Addresses that belong to the ASNs in the given bgp_asn_set The ASN is obtained by performing a lookup for the source IPv4 Address in a GeoIP DB<br>See [Asn Set](#allow-list-asn-set) below.
101
+
102
+ <a id="allow-list-country-list"></a>&#x2022; [`country_list`](#allow-list-country-list) - Optional List Defaults to `COUNTRY_NONE`<br>Possible values are `COUNTRY_NONE`, `COUNTRY_AD`, `COUNTRY_AE`, `COUNTRY_AF`, `COUNTRY_AG`, `COUNTRY_AI`, `COUNTRY_AL`, `COUNTRY_AM`, `COUNTRY_AN`, `COUNTRY_AO`, `COUNTRY_AQ`, `COUNTRY_AR`, `COUNTRY_AS`, `COUNTRY_AT`, `COUNTRY_AU`, `COUNTRY_AW`, `COUNTRY_AX`, `COUNTRY_AZ`, `COUNTRY_BA`, `COUNTRY_BB`, `COUNTRY_BD`, `COUNTRY_BE`, `COUNTRY_BF`, `COUNTRY_BG`, `COUNTRY_BH`, `COUNTRY_BI`, `COUNTRY_BJ`, `COUNTRY_BL`, `COUNTRY_BM`, `COUNTRY_BN`, `COUNTRY_BO`, `COUNTRY_BQ`, `COUNTRY_BR`, `COUNTRY_BS`, `COUNTRY_BT`, `COUNTRY_BV`, `COUNTRY_BW`, `COUNTRY_BY`, `COUNTRY_BZ`, `COUNTRY_CA`, `COUNTRY_CC`, `COUNTRY_CD`, `COUNTRY_CF`, `COUNTRY_CG`, `COUNTRY_CH`, `COUNTRY_CI`, `COUNTRY_CK`, `COUNTRY_CL`, `COUNTRY_CM`, `COUNTRY_CN`, `COUNTRY_CO`, `COUNTRY_CR`, `COUNTRY_CS`, `COUNTRY_CU`, `COUNTRY_CV`, `COUNTRY_CW`, `COUNTRY_CX`, `COUNTRY_CY`, `COUNTRY_CZ`, `COUNTRY_DE`, `COUNTRY_DJ`, `COUNTRY_DK`, `COUNTRY_DM`, `COUNTRY_DO`, `COUNTRY_DZ`, `COUNTRY_EC`, `COUNTRY_EE`, `COUNTRY_EG`, `COUNTRY_EH`, `COUNTRY_ER`, `COUNTRY_ES`, `COUNTRY_ET`, `COUNTRY_FI`, `COUNTRY_FJ`, `COUNTRY_FK`, `COUNTRY_FM`, `COUNTRY_FO`, `COUNTRY_FR`, `COUNTRY_GA`, `COUNTRY_GB`, `COUNTRY_GD`, `COUNTRY_GE`, `COUNTRY_GF`, `COUNTRY_GG`, `COUNTRY_GH`, `COUNTRY_GI`, `COUNTRY_GL`, `COUNTRY_GM`, `COUNTRY_GN`, `COUNTRY_GP`, `COUNTRY_GQ`, `COUNTRY_GR`, `COUNTRY_GS`, `COUNTRY_GT`, `COUNTRY_GU`, `COUNTRY_GW`, `COUNTRY_GY`, `COUNTRY_HK`, `COUNTRY_HM`, `COUNTRY_HN`, `COUNTRY_HR`, `COUNTRY_HT`, `COUNTRY_HU`, `COUNTRY_ID`, `COUNTRY_IE`, `COUNTRY_IL`, `COUNTRY_IM`, `COUNTRY_IN`, `COUNTRY_IO`, `COUNTRY_IQ`, `COUNTRY_IR`, `COUNTRY_IS`, `COUNTRY_IT`, `COUNTRY_JE`, `COUNTRY_JM`, `COUNTRY_JO`, `COUNTRY_JP`, `COUNTRY_KE`, `COUNTRY_KG`, `COUNTRY_KH`, `COUNTRY_KI`, `COUNTRY_KM`, `COUNTRY_KN`, `COUNTRY_KP`, `COUNTRY_KR`, `COUNTRY_KW`, `COUNTRY_KY`, `COUNTRY_KZ`, `COUNTRY_LA`, `COUNTRY_LB`, `COUNTRY_LC`, `COUNTRY_LI`, `COUNTRY_LK`, `COUNTRY_LR`, `COUNTRY_LS`, `COUNTRY_LT`, `COUNTRY_LU`, `COUNTRY_LV`, `COUNTRY_LY`, `COUNTRY_MA`, `COUNTRY_MC`, `COUNTRY_MD`, `COUNTRY_ME`, `COUNTRY_MF`, `COUNTRY_MG`, `COUNTRY_MH`, `COUNTRY_MK`, `COUNTRY_ML`, `COUNTRY_MM`, `COUNTRY_MN`, `COUNTRY_MO`, `COUNTRY_MP`, `COUNTRY_MQ`, `COUNTRY_MR`, `COUNTRY_MS`, `COUNTRY_MT`, `COUNTRY_MU`, `COUNTRY_MV`, `COUNTRY_MW`, `COUNTRY_MX`, `COUNTRY_MY`, `COUNTRY_MZ`, `COUNTRY_NA`, `COUNTRY_NC`, `COUNTRY_NE`, `COUNTRY_NF`, `COUNTRY_NG`, `COUNTRY_NI`, `COUNTRY_NL`, `COUNTRY_NO`, `COUNTRY_NP`, `COUNTRY_NR`, `COUNTRY_NU`, `COUNTRY_NZ`, `COUNTRY_OM`, `COUNTRY_PA`, `COUNTRY_PE`, `COUNTRY_PF`, `COUNTRY_PG`, `COUNTRY_PH`, `COUNTRY_PK`, `COUNTRY_PL`, `COUNTRY_PM`, `COUNTRY_PN`, `COUNTRY_PR`, `COUNTRY_PS`, `COUNTRY_PT`, `COUNTRY_PW`, `COUNTRY_PY`, `COUNTRY_QA`, `COUNTRY_RE`, `COUNTRY_RO`, `COUNTRY_RS`, `COUNTRY_RU`, `COUNTRY_RW`, `COUNTRY_SA`, `COUNTRY_SB`, `COUNTRY_SC`, `COUNTRY_SD`, `COUNTRY_SE`, `COUNTRY_SG`, `COUNTRY_SH`, `COUNTRY_SI`, `COUNTRY_SJ`, `COUNTRY_SK`, `COUNTRY_SL`, `COUNTRY_SM`, `COUNTRY_SN`, `COUNTRY_SO`, `COUNTRY_SR`, `COUNTRY_SS`, `COUNTRY_ST`, `COUNTRY_SV`, `COUNTRY_SX`, `COUNTRY_SY`, `COUNTRY_SZ`, `COUNTRY_TC`, `COUNTRY_TD`, `COUNTRY_TF`, `COUNTRY_TG`, `COUNTRY_TH`, `COUNTRY_TJ`, `COUNTRY_TK`, `COUNTRY_TL`, `COUNTRY_TM`, `COUNTRY_TN`, `COUNTRY_TO`, `COUNTRY_TR`, `COUNTRY_TT`, `COUNTRY_TV`, `COUNTRY_TW`, `COUNTRY_TZ`, `COUNTRY_UA`, `COUNTRY_UG`, `COUNTRY_UM`, `COUNTRY_US`, `COUNTRY_UY`, `COUNTRY_UZ`, `COUNTRY_VA`, `COUNTRY_VC`, `COUNTRY_VE`, `COUNTRY_VG`, `COUNTRY_VI`, `COUNTRY_VN`, `COUNTRY_VU`, `COUNTRY_WF`, `COUNTRY_WS`, `COUNTRY_XK`, `COUNTRY_XT`, `COUNTRY_YE`, `COUNTRY_YT`, `COUNTRY_ZA`, `COUNTRY_ZM`, `COUNTRY_ZW`<br>[Enum: COUNTRY_NONE|COUNTRY_AD|COUNTRY_AE|COUNTRY_AF|COUNTRY_AG|COUNTRY_AI|COUNTRY_AL|COUNTRY_AM|COUNTRY_AN|COUNTRY_AO|COUNTRY_AQ|COUNTRY_AR|COUNTRY_AS|COUNTRY_AT|COUNTRY_AU|COUNTRY_AW|COUNTRY_AX|COUNTRY_AZ|COUNTRY_BA|COUNTRY_BB|COUNTRY_BD|COUNTRY_BE|COUNTRY_BF|COUNTRY_BG|COUNTRY_BH|COUNTRY_BI|COUNTRY_BJ|COUNTRY_BL|COUNTRY_BM|COUNTRY_BN|COUNTRY_BO|COUNTRY_BQ|COUNTRY_BR|COUNTRY_BS|COUNTRY_BT|COUNTRY_BV|COUNTRY_BW|COUNTRY_BY|COUNTRY_BZ|COUNTRY_CA|COUNTRY_CC|COUNTRY_CD|COUNTRY_CF|COUNTRY_CG|COUNTRY_CH|COUNTRY_CI|COUNTRY_CK|COUNTRY_CL|COUNTRY_CM|COUNTRY_CN|COUNTRY_CO|COUNTRY_CR|COUNTRY_CS|COUNTRY_CU|COUNTRY_CV|COUNTRY_CW|COUNTRY_CX|COUNTRY_CY|COUNTRY_CZ|COUNTRY_DE|COUNTRY_DJ|COUNTRY_DK|COUNTRY_DM|COUNTRY_DO|COUNTRY_DZ|COUNTRY_EC|COUNTRY_EE|COUNTRY_EG|COUNTRY_EH|COUNTRY_ER|COUNTRY_ES|COUNTRY_ET|COUNTRY_FI|COUNTRY_FJ|COUNTRY_FK|COUNTRY_FM|COUNTRY_FO|COUNTRY_FR|COUNTRY_GA|COUNTRY_GB|COUNTRY_GD|COUNTRY_GE|COUNTRY_GF|COUNTRY_GG|COUNTRY_GH|COUNTRY_GI|COUNTRY_GL|COUNTRY_GM|COUNTRY_GN|COUNTRY_GP|COUNTRY_GQ|COUNTRY_GR|COUNTRY_GS|COUNTRY_GT|COUNTRY_GU|COUNTRY_GW|COUNTRY_GY|COUNTRY_HK|COUNTRY_HM|COUNTRY_HN|COUNTRY_HR|COUNTRY_HT|COUNTRY_HU|COUNTRY_ID|COUNTRY_IE|COUNTRY_IL|COUNTRY_IM|COUNTRY_IN|COUNTRY_IO|COUNTRY_IQ|COUNTRY_IR|COUNTRY_IS|COUNTRY_IT|COUNTRY_JE|COUNTRY_JM|COUNTRY_JO|COUNTRY_JP|COUNTRY_KE|COUNTRY_KG|COUNTRY_KH|COUNTRY_KI|COUNTRY_KM|COUNTRY_KN|COUNTRY_KP|COUNTRY_KR|COUNTRY_KW|COUNTRY_KY|COUNTRY_KZ|COUNTRY_LA|COUNTRY_LB|COUNTRY_LC|COUNTRY_LI|COUNTRY_LK|COUNTRY_LR|COUNTRY_LS|COUNTRY_LT|COUNTRY_LU|COUNTRY_LV|COUNTRY_LY|COUNTRY_MA|COUNTRY_MC|COUNTRY_MD|COUNTRY_ME|COUNTRY_MF|COUNTRY_MG|COUNTRY_MH|COUNTRY_MK|COUNTRY_ML|COUNTRY_MM|COUNTRY_MN|COUNTRY_MO|COUNTRY_MP|COUNTRY_MQ|COUNTRY_MR|COUNTRY_MS|COUNTRY_MT|COUNTRY_MU|COUNTRY_MV|COUNTRY_MW|COUNTRY_MX|COUNTRY_MY|COUNTRY_MZ|COUNTRY_NA|COUNTRY_NC|COUNTRY_NE|COUNTRY_NF|COUNTRY_NG|COUNTRY_NI|COUNTRY_NL|COUNTRY_NO|COUNTRY_NP|COUNTRY_NR|COUNTRY_NU|COUNTRY_NZ|COUNTRY_OM|COUNTRY_PA|COUNTRY_PE|COUNTRY_PF|COUNTRY_PG|COUNTRY_PH|COUNTRY_PK|COUNTRY_PL|COUNTRY_PM|COUNTRY_PN|COUNTRY_PR|COUNTRY_PS|COUNTRY_PT|COUNTRY_PW|COUNTRY_PY|COUNTRY_QA|COUNTRY_RE|COUNTRY_RO|COUNTRY_RS|COUNTRY_RU|COUNTRY_RW|COUNTRY_SA|COUNTRY_SB|COUNTRY_SC|COUNTRY_SD|COUNTRY_SE|COUNTRY_SG|COUNTRY_SH|COUNTRY_SI|COUNTRY_SJ|COUNTRY_SK|COUNTRY_SL|COUNTRY_SM|COUNTRY_SN|COUNTRY_SO|COUNTRY_SR|COUNTRY_SS|COUNTRY_ST|COUNTRY_SV|COUNTRY_SX|COUNTRY_SY|COUNTRY_SZ|COUNTRY_TC|COUNTRY_TD|COUNTRY_TF|COUNTRY_TG|COUNTRY_TH|COUNTRY_TJ|COUNTRY_TK|COUNTRY_TL|COUNTRY_TM|COUNTRY_TN|COUNTRY_TO|COUNTRY_TR|COUNTRY_TT|COUNTRY_TV|COUNTRY_TW|COUNTRY_TZ|COUNTRY_UA|COUNTRY_UG|COUNTRY_UM|COUNTRY_US|COUNTRY_UY|COUNTRY_UZ|COUNTRY_VA|COUNTRY_VC|COUNTRY_VE|COUNTRY_VG|COUNTRY_VI|COUNTRY_VN|COUNTRY_VU|COUNTRY_WF|COUNTRY_WS|COUNTRY_XK|COUNTRY_XT|COUNTRY_YE|COUNTRY_YT|COUNTRY_ZA|COUNTRY_ZM|COUNTRY_ZW] Country List. Addresses that belong to one of the countries in the given list The country is obtained by performing a lookup for the source IPv4 Address in a GeoIP DB
103
+
104
+ <a id="allow-list-default-action-allow"></a>&#x2022; [`default_action_allow`](#allow-list-default-action-allow) - Optional Block<br>Enable this option
105
+
106
+ <a id="allow-list-default-action-deny"></a>&#x2022; [`default_action_deny`](#allow-list-default-action-deny) - Optional Block<br>Enable this option
107
+
108
+ <a id="allow-list-default-action-next-policy"></a>&#x2022; [`default_action_next_policy`](#allow-list-default-action-next-policy) - Optional Block<br>Enable this option
109
+
110
+ <a id="allow-list-ip-prefix-set"></a>&#x2022; [`ip_prefix_set`](#allow-list-ip-prefix-set) - Optional Block<br>IP Prefix Set. Addresses that are covered by the prefixes in the given ip_prefix_set<br>See [IP Prefix Set](#allow-list-ip-prefix-set) below.
111
+
112
+ <a id="allow-list-prefix-list"></a>&#x2022; [`prefix_list`](#allow-list-prefix-list) - Optional Block<br>IPv4 Prefix List. List of IPv4 prefixes that represent an endpoint<br>See [Prefix List](#allow-list-prefix-list) below.
113
+
114
+ <a id="allow-list-tls-fingerprint-classes"></a>&#x2022; [`tls_fingerprint_classes`](#allow-list-tls-fingerprint-classes) - Optional List Defaults to `TLS_FINGERPRINT_NONE`<br>Possible values are `TLS_FINGERPRINT_NONE`, `ANY_MALICIOUS_FINGERPRINT`, `ADWARE`, `ADWIND`, `DRIDEX`, `GOOTKIT`, `GOZI`, `JBIFROST`, `QUAKBOT`, `RANSOMWARE`, `TROLDESH`, `TOFSEE`, `TORRENTLOCKER`, `TRICKBOT`<br>[Enum: TLS_FINGERPRINT_NONE|ANY_MALICIOUS_FINGERPRINT|ADWARE|ADWIND|DRIDEX|GOOTKIT|GOZI|JBIFROST|QUAKBOT|RANSOMWARE|TROLDESH|TOFSEE|TORRENTLOCKER|TRICKBOT] TLS Fingerprint Classes. A list of known classes of TLS fingerprints to match the input TLS JA3 fingerprint against
115
+
116
+ <a id="allow-list-tls-fingerprint-values"></a>&#x2022; [`tls_fingerprint_values`](#allow-list-tls-fingerprint-values) - Optional List<br>TLS Fingerprint Values. A list of exact TLS JA3 fingerprints to match the input TLS JA3 fingerprint against
117
+
118
+ #### Allow List Asn List
119
+
120
+ An [`asn_list`](#allow-list-asn-list) block (within [`allow_list`](#allow-list)) supports the following:
121
+
122
+ <a id="allow-list-asn-list-as-numbers"></a>&#x2022; [`as_numbers`](#allow-list-asn-list-as-numbers) - Optional List<br>AS Numbers. An unordered set of RFC 6793 defined 4-byte AS numbers that can be used to create allow or deny lists for use in network policy or service policy. It can be used to create the allow list only for DNS Load Balancer
123
+
124
+ #### Allow List Asn Set
125
+
126
+ An [`asn_set`](#allow-list-asn-set) block (within [`allow_list`](#allow-list)) supports the following:
127
+
128
+ <a id="allow-list-asn-set-name"></a>&#x2022; [`name`](#allow-list-asn-set-name) - Optional String<br>Name. When a configuration object(e.g. virtual_host) refers to another(e.g route) then name will hold the referred object's(e.g. route's) name
129
+
130
+ <a id="allow-list-asn-set-namespace"></a>&#x2022; [`namespace`](#allow-list-asn-set-namespace) - Optional String<br>Namespace. When a configuration object(e.g. virtual_host) refers to another(e.g route) then namespace will hold the referred object's(e.g. route's) namespace
131
+
132
+ <a id="allow-list-asn-set-tenant"></a>&#x2022; [`tenant`](#allow-list-asn-set-tenant) - Optional String<br>Tenant. When a configuration object(e.g. virtual_host) refers to another(e.g route) then tenant will hold the referred object's(e.g. route's) tenant
133
+
134
+ #### Allow List IP Prefix Set
135
+
136
+ An [`ip_prefix_set`](#allow-list-ip-prefix-set) block (within [`allow_list`](#allow-list)) supports the following:
137
+
138
+ <a id="allow-list-ip-prefix-set-name"></a>&#x2022; [`name`](#allow-list-ip-prefix-set-name) - Optional String<br>Name. When a configuration object(e.g. virtual_host) refers to another(e.g route) then name will hold the referred object's(e.g. route's) name
139
+
140
+ <a id="allow-list-ip-prefix-set-namespace"></a>&#x2022; [`namespace`](#allow-list-ip-prefix-set-namespace) - Optional String<br>Namespace. When a configuration object(e.g. virtual_host) refers to another(e.g route) then namespace will hold the referred object's(e.g. route's) namespace
141
+
142
+ <a id="allow-list-ip-prefix-set-tenant"></a>&#x2022; [`tenant`](#allow-list-ip-prefix-set-tenant) - Optional String<br>Tenant. When a configuration object(e.g. virtual_host) refers to another(e.g route) then tenant will hold the referred object's(e.g. route's) tenant
143
+
144
+ #### Allow List Prefix List
145
+
146
+ A [`prefix_list`](#allow-list-prefix-list) block (within [`allow_list`](#allow-list)) supports the following:
147
+
148
+ <a id="allow-list-prefix-list-prefixes"></a>&#x2022; [`prefixes`](#allow-list-prefix-list-prefixes) - Optional List<br>IPv4 Prefix List. List of IPv4 prefixes that represent an endpoint
149
+
150
+ #### Deny List
151
+
152
+ A [`deny_list`](#deny-list) block supports the following:
153
+
154
+ <a id="deny-list-asn-list"></a>&#x2022; [`asn_list`](#deny-list-asn-list) - Optional Block<br>ASN Match List. An unordered set of RFC 6793 defined 4-byte AS numbers that can be used to create allow or deny lists for use in network policy or service policy. It can be used to create the allow list only for DNS Load Balancer<br>See [Asn List](#deny-list-asn-list) below.
155
+
156
+ <a id="deny-list-asn-set"></a>&#x2022; [`asn_set`](#deny-list-asn-set) - Optional Block<br>BGP ASN Set. Addresses that belong to the ASNs in the given bgp_asn_set The ASN is obtained by performing a lookup for the source IPv4 Address in a GeoIP DB<br>See [Asn Set](#deny-list-asn-set) below.
157
+
158
+ <a id="deny-list-country-list"></a>&#x2022; [`country_list`](#deny-list-country-list) - Optional List Defaults to `COUNTRY_NONE`<br>Possible values are `COUNTRY_NONE`, `COUNTRY_AD`, `COUNTRY_AE`, `COUNTRY_AF`, `COUNTRY_AG`, `COUNTRY_AI`, `COUNTRY_AL`, `COUNTRY_AM`, `COUNTRY_AN`, `COUNTRY_AO`, `COUNTRY_AQ`, `COUNTRY_AR`, `COUNTRY_AS`, `COUNTRY_AT`, `COUNTRY_AU`, `COUNTRY_AW`, `COUNTRY_AX`, `COUNTRY_AZ`, `COUNTRY_BA`, `COUNTRY_BB`, `COUNTRY_BD`, `COUNTRY_BE`, `COUNTRY_BF`, `COUNTRY_BG`, `COUNTRY_BH`, `COUNTRY_BI`, `COUNTRY_BJ`, `COUNTRY_BL`, `COUNTRY_BM`, `COUNTRY_BN`, `COUNTRY_BO`, `COUNTRY_BQ`, `COUNTRY_BR`, `COUNTRY_BS`, `COUNTRY_BT`, `COUNTRY_BV`, `COUNTRY_BW`, `COUNTRY_BY`, `COUNTRY_BZ`, `COUNTRY_CA`, `COUNTRY_CC`, `COUNTRY_CD`, `COUNTRY_CF`, `COUNTRY_CG`, `COUNTRY_CH`, `COUNTRY_CI`, `COUNTRY_CK`, `COUNTRY_CL`, `COUNTRY_CM`, `COUNTRY_CN`, `COUNTRY_CO`, `COUNTRY_CR`, `COUNTRY_CS`, `COUNTRY_CU`, `COUNTRY_CV`, `COUNTRY_CW`, `COUNTRY_CX`, `COUNTRY_CY`, `COUNTRY_CZ`, `COUNTRY_DE`, `COUNTRY_DJ`, `COUNTRY_DK`, `COUNTRY_DM`, `COUNTRY_DO`, `COUNTRY_DZ`, `COUNTRY_EC`, `COUNTRY_EE`, `COUNTRY_EG`, `COUNTRY_EH`, `COUNTRY_ER`, `COUNTRY_ES`, `COUNTRY_ET`, `COUNTRY_FI`, `COUNTRY_FJ`, `COUNTRY_FK`, `COUNTRY_FM`, `COUNTRY_FO`, `COUNTRY_FR`, `COUNTRY_GA`, `COUNTRY_GB`, `COUNTRY_GD`, `COUNTRY_GE`, `COUNTRY_GF`, `COUNTRY_GG`, `COUNTRY_GH`, `COUNTRY_GI`, `COUNTRY_GL`, `COUNTRY_GM`, `COUNTRY_GN`, `COUNTRY_GP`, `COUNTRY_GQ`, `COUNTRY_GR`, `COUNTRY_GS`, `COUNTRY_GT`, `COUNTRY_GU`, `COUNTRY_GW`, `COUNTRY_GY`, `COUNTRY_HK`, `COUNTRY_HM`, `COUNTRY_HN`, `COUNTRY_HR`, `COUNTRY_HT`, `COUNTRY_HU`, `COUNTRY_ID`, `COUNTRY_IE`, `COUNTRY_IL`, `COUNTRY_IM`, `COUNTRY_IN`, `COUNTRY_IO`, `COUNTRY_IQ`, `COUNTRY_IR`, `COUNTRY_IS`, `COUNTRY_IT`, `COUNTRY_JE`, `COUNTRY_JM`, `COUNTRY_JO`, `COUNTRY_JP`, `COUNTRY_KE`, `COUNTRY_KG`, `COUNTRY_KH`, `COUNTRY_KI`, `COUNTRY_KM`, `COUNTRY_KN`, `COUNTRY_KP`, `COUNTRY_KR`, `COUNTRY_KW`, `COUNTRY_KY`, `COUNTRY_KZ`, `COUNTRY_LA`, `COUNTRY_LB`, `COUNTRY_LC`, `COUNTRY_LI`, `COUNTRY_LK`, `COUNTRY_LR`, `COUNTRY_LS`, `COUNTRY_LT`, `COUNTRY_LU`, `COUNTRY_LV`, `COUNTRY_LY`, `COUNTRY_MA`, `COUNTRY_MC`, `COUNTRY_MD`, `COUNTRY_ME`, `COUNTRY_MF`, `COUNTRY_MG`, `COUNTRY_MH`, `COUNTRY_MK`, `COUNTRY_ML`, `COUNTRY_MM`, `COUNTRY_MN`, `COUNTRY_MO`, `COUNTRY_MP`, `COUNTRY_MQ`, `COUNTRY_MR`, `COUNTRY_MS`, `COUNTRY_MT`, `COUNTRY_MU`, `COUNTRY_MV`, `COUNTRY_MW`, `COUNTRY_MX`, `COUNTRY_MY`, `COUNTRY_MZ`, `COUNTRY_NA`, `COUNTRY_NC`, `COUNTRY_NE`, `COUNTRY_NF`, `COUNTRY_NG`, `COUNTRY_NI`, `COUNTRY_NL`, `COUNTRY_NO`, `COUNTRY_NP`, `COUNTRY_NR`, `COUNTRY_NU`, `COUNTRY_NZ`, `COUNTRY_OM`, `COUNTRY_PA`, `COUNTRY_PE`, `COUNTRY_PF`, `COUNTRY_PG`, `COUNTRY_PH`, `COUNTRY_PK`, `COUNTRY_PL`, `COUNTRY_PM`, `COUNTRY_PN`, `COUNTRY_PR`, `COUNTRY_PS`, `COUNTRY_PT`, `COUNTRY_PW`, `COUNTRY_PY`, `COUNTRY_QA`, `COUNTRY_RE`, `COUNTRY_RO`, `COUNTRY_RS`, `COUNTRY_RU`, `COUNTRY_RW`, `COUNTRY_SA`, `COUNTRY_SB`, `COUNTRY_SC`, `COUNTRY_SD`, `COUNTRY_SE`, `COUNTRY_SG`, `COUNTRY_SH`, `COUNTRY_SI`, `COUNTRY_SJ`, `COUNTRY_SK`, `COUNTRY_SL`, `COUNTRY_SM`, `COUNTRY_SN`, `COUNTRY_SO`, `COUNTRY_SR`, `COUNTRY_SS`, `COUNTRY_ST`, `COUNTRY_SV`, `COUNTRY_SX`, `COUNTRY_SY`, `COUNTRY_SZ`, `COUNTRY_TC`, `COUNTRY_TD`, `COUNTRY_TF`, `COUNTRY_TG`, `COUNTRY_TH`, `COUNTRY_TJ`, `COUNTRY_TK`, `COUNTRY_TL`, `COUNTRY_TM`, `COUNTRY_TN`, `COUNTRY_TO`, `COUNTRY_TR`, `COUNTRY_TT`, `COUNTRY_TV`, `COUNTRY_TW`, `COUNTRY_TZ`, `COUNTRY_UA`, `COUNTRY_UG`, `COUNTRY_UM`, `COUNTRY_US`, `COUNTRY_UY`, `COUNTRY_UZ`, `COUNTRY_VA`, `COUNTRY_VC`, `COUNTRY_VE`, `COUNTRY_VG`, `COUNTRY_VI`, `COUNTRY_VN`, `COUNTRY_VU`, `COUNTRY_WF`, `COUNTRY_WS`, `COUNTRY_XK`, `COUNTRY_XT`, `COUNTRY_YE`, `COUNTRY_YT`, `COUNTRY_ZA`, `COUNTRY_ZM`, `COUNTRY_ZW`<br>[Enum: COUNTRY_NONE|COUNTRY_AD|COUNTRY_AE|COUNTRY_AF|COUNTRY_AG|COUNTRY_AI|COUNTRY_AL|COUNTRY_AM|COUNTRY_AN|COUNTRY_AO|COUNTRY_AQ|COUNTRY_AR|COUNTRY_AS|COUNTRY_AT|COUNTRY_AU|COUNTRY_AW|COUNTRY_AX|COUNTRY_AZ|COUNTRY_BA|COUNTRY_BB|COUNTRY_BD|COUNTRY_BE|COUNTRY_BF|COUNTRY_BG|COUNTRY_BH|COUNTRY_BI|COUNTRY_BJ|COUNTRY_BL|COUNTRY_BM|COUNTRY_BN|COUNTRY_BO|COUNTRY_BQ|COUNTRY_BR|COUNTRY_BS|COUNTRY_BT|COUNTRY_BV|COUNTRY_BW|COUNTRY_BY|COUNTRY_BZ|COUNTRY_CA|COUNTRY_CC|COUNTRY_CD|COUNTRY_CF|COUNTRY_CG|COUNTRY_CH|COUNTRY_CI|COUNTRY_CK|COUNTRY_CL|COUNTRY_CM|COUNTRY_CN|COUNTRY_CO|COUNTRY_CR|COUNTRY_CS|COUNTRY_CU|COUNTRY_CV|COUNTRY_CW|COUNTRY_CX|COUNTRY_CY|COUNTRY_CZ|COUNTRY_DE|COUNTRY_DJ|COUNTRY_DK|COUNTRY_DM|COUNTRY_DO|COUNTRY_DZ|COUNTRY_EC|COUNTRY_EE|COUNTRY_EG|COUNTRY_EH|COUNTRY_ER|COUNTRY_ES|COUNTRY_ET|COUNTRY_FI|COUNTRY_FJ|COUNTRY_FK|COUNTRY_FM|COUNTRY_FO|COUNTRY_FR|COUNTRY_GA|COUNTRY_GB|COUNTRY_GD|COUNTRY_GE|COUNTRY_GF|COUNTRY_GG|COUNTRY_GH|COUNTRY_GI|COUNTRY_GL|COUNTRY_GM|COUNTRY_GN|COUNTRY_GP|COUNTRY_GQ|COUNTRY_GR|COUNTRY_GS|COUNTRY_GT|COUNTRY_GU|COUNTRY_GW|COUNTRY_GY|COUNTRY_HK|COUNTRY_HM|COUNTRY_HN|COUNTRY_HR|COUNTRY_HT|COUNTRY_HU|COUNTRY_ID|COUNTRY_IE|COUNTRY_IL|COUNTRY_IM|COUNTRY_IN|COUNTRY_IO|COUNTRY_IQ|COUNTRY_IR|COUNTRY_IS|COUNTRY_IT|COUNTRY_JE|COUNTRY_JM|COUNTRY_JO|COUNTRY_JP|COUNTRY_KE|COUNTRY_KG|COUNTRY_KH|COUNTRY_KI|COUNTRY_KM|COUNTRY_KN|COUNTRY_KP|COUNTRY_KR|COUNTRY_KW|COUNTRY_KY|COUNTRY_KZ|COUNTRY_LA|COUNTRY_LB|COUNTRY_LC|COUNTRY_LI|COUNTRY_LK|COUNTRY_LR|COUNTRY_LS|COUNTRY_LT|COUNTRY_LU|COUNTRY_LV|COUNTRY_LY|COUNTRY_MA|COUNTRY_MC|COUNTRY_MD|COUNTRY_ME|COUNTRY_MF|COUNTRY_MG|COUNTRY_MH|COUNTRY_MK|COUNTRY_ML|COUNTRY_MM|COUNTRY_MN|COUNTRY_MO|COUNTRY_MP|COUNTRY_MQ|COUNTRY_MR|COUNTRY_MS|COUNTRY_MT|COUNTRY_MU|COUNTRY_MV|COUNTRY_MW|COUNTRY_MX|COUNTRY_MY|COUNTRY_MZ|COUNTRY_NA|COUNTRY_NC|COUNTRY_NE|COUNTRY_NF|COUNTRY_NG|COUNTRY_NI|COUNTRY_NL|COUNTRY_NO|COUNTRY_NP|COUNTRY_NR|COUNTRY_NU|COUNTRY_NZ|COUNTRY_OM|COUNTRY_PA|COUNTRY_PE|COUNTRY_PF|COUNTRY_PG|COUNTRY_PH|COUNTRY_PK|COUNTRY_PL|COUNTRY_PM|COUNTRY_PN|COUNTRY_PR|COUNTRY_PS|COUNTRY_PT|COUNTRY_PW|COUNTRY_PY|COUNTRY_QA|COUNTRY_RE|COUNTRY_RO|COUNTRY_RS|COUNTRY_RU|COUNTRY_RW|COUNTRY_SA|COUNTRY_SB|COUNTRY_SC|COUNTRY_SD|COUNTRY_SE|COUNTRY_SG|COUNTRY_SH|COUNTRY_SI|COUNTRY_SJ|COUNTRY_SK|COUNTRY_SL|COUNTRY_SM|COUNTRY_SN|COUNTRY_SO|COUNTRY_SR|COUNTRY_SS|COUNTRY_ST|COUNTRY_SV|COUNTRY_SX|COUNTRY_SY|COUNTRY_SZ|COUNTRY_TC|COUNTRY_TD|COUNTRY_TF|COUNTRY_TG|COUNTRY_TH|COUNTRY_TJ|COUNTRY_TK|COUNTRY_TL|COUNTRY_TM|COUNTRY_TN|COUNTRY_TO|COUNTRY_TR|COUNTRY_TT|COUNTRY_TV|COUNTRY_TW|COUNTRY_TZ|COUNTRY_UA|COUNTRY_UG|COUNTRY_UM|COUNTRY_US|COUNTRY_UY|COUNTRY_UZ|COUNTRY_VA|COUNTRY_VC|COUNTRY_VE|COUNTRY_VG|COUNTRY_VI|COUNTRY_VN|COUNTRY_VU|COUNTRY_WF|COUNTRY_WS|COUNTRY_XK|COUNTRY_XT|COUNTRY_YE|COUNTRY_YT|COUNTRY_ZA|COUNTRY_ZM|COUNTRY_ZW] Country List. Addresses that belong to one of the countries in the given list The country is obtained by performing a lookup for the source IPv4 Address in a GeoIP DB
159
+
160
+ <a id="deny-list-default-action-allow"></a>&#x2022; [`default_action_allow`](#deny-list-default-action-allow) - Optional Block<br>Enable this option
161
+
162
+ <a id="deny-list-default-action-deny"></a>&#x2022; [`default_action_deny`](#deny-list-default-action-deny) - Optional Block<br>Enable this option
163
+
164
+ <a id="deny-list-default-action-next-policy"></a>&#x2022; [`default_action_next_policy`](#deny-list-default-action-next-policy) - Optional Block<br>Enable this option
165
+
166
+ <a id="deny-list-ip-prefix-set"></a>&#x2022; [`ip_prefix_set`](#deny-list-ip-prefix-set) - Optional Block<br>IP Prefix Set. Addresses that are covered by the prefixes in the given ip_prefix_set<br>See [IP Prefix Set](#deny-list-ip-prefix-set) below.
167
+
168
+ <a id="deny-list-prefix-list"></a>&#x2022; [`prefix_list`](#deny-list-prefix-list) - Optional Block<br>IPv4 Prefix List. List of IPv4 prefixes that represent an endpoint<br>See [Prefix List](#deny-list-prefix-list) below.
169
+
170
+ <a id="deny-list-tls-fingerprint-classes"></a>&#x2022; [`tls_fingerprint_classes`](#deny-list-tls-fingerprint-classes) - Optional List Defaults to `TLS_FINGERPRINT_NONE`<br>Possible values are `TLS_FINGERPRINT_NONE`, `ANY_MALICIOUS_FINGERPRINT`, `ADWARE`, `ADWIND`, `DRIDEX`, `GOOTKIT`, `GOZI`, `JBIFROST`, `QUAKBOT`, `RANSOMWARE`, `TROLDESH`, `TOFSEE`, `TORRENTLOCKER`, `TRICKBOT`<br>[Enum: TLS_FINGERPRINT_NONE|ANY_MALICIOUS_FINGERPRINT|ADWARE|ADWIND|DRIDEX|GOOTKIT|GOZI|JBIFROST|QUAKBOT|RANSOMWARE|TROLDESH|TOFSEE|TORRENTLOCKER|TRICKBOT] TLS Fingerprint Classes. A list of known classes of TLS fingerprints to match the input TLS JA3 fingerprint against
171
+
172
+ <a id="deny-list-tls-fingerprint-values"></a>&#x2022; [`tls_fingerprint_values`](#deny-list-tls-fingerprint-values) - Optional List<br>TLS Fingerprint Values. A list of exact TLS JA3 fingerprints to match the input TLS JA3 fingerprint against
173
+
174
+ #### Deny List Asn List
175
+
176
+ An [`asn_list`](#deny-list-asn-list) block (within [`deny_list`](#deny-list)) supports the following:
177
+
178
+ <a id="deny-list-asn-list-as-numbers"></a>&#x2022; [`as_numbers`](#deny-list-asn-list-as-numbers) - Optional List<br>AS Numbers. An unordered set of RFC 6793 defined 4-byte AS numbers that can be used to create allow or deny lists for use in network policy or service policy. It can be used to create the allow list only for DNS Load Balancer
179
+
180
+ #### Deny List Asn Set
181
+
182
+ An [`asn_set`](#deny-list-asn-set) block (within [`deny_list`](#deny-list)) supports the following:
183
+
184
+ <a id="deny-list-asn-set-name"></a>&#x2022; [`name`](#deny-list-asn-set-name) - Optional String<br>Name. When a configuration object(e.g. virtual_host) refers to another(e.g route) then name will hold the referred object's(e.g. route's) name
185
+
186
+ <a id="deny-list-asn-set-namespace"></a>&#x2022; [`namespace`](#deny-list-asn-set-namespace) - Optional String<br>Namespace. When a configuration object(e.g. virtual_host) refers to another(e.g route) then namespace will hold the referred object's(e.g. route's) namespace
187
+
188
+ <a id="deny-list-asn-set-tenant"></a>&#x2022; [`tenant`](#deny-list-asn-set-tenant) - Optional String<br>Tenant. When a configuration object(e.g. virtual_host) refers to another(e.g route) then tenant will hold the referred object's(e.g. route's) tenant
189
+
190
+ #### Deny List IP Prefix Set
191
+
192
+ An [`ip_prefix_set`](#deny-list-ip-prefix-set) block (within [`deny_list`](#deny-list)) supports the following:
193
+
194
+ <a id="deny-list-ip-prefix-set-name"></a>&#x2022; [`name`](#deny-list-ip-prefix-set-name) - Optional String<br>Name. When a configuration object(e.g. virtual_host) refers to another(e.g route) then name will hold the referred object's(e.g. route's) name
195
+
196
+ <a id="deny-list-ip-prefix-set-namespace"></a>&#x2022; [`namespace`](#deny-list-ip-prefix-set-namespace) - Optional String<br>Namespace. When a configuration object(e.g. virtual_host) refers to another(e.g route) then namespace will hold the referred object's(e.g. route's) namespace
197
+
198
+ <a id="deny-list-ip-prefix-set-tenant"></a>&#x2022; [`tenant`](#deny-list-ip-prefix-set-tenant) - Optional String<br>Tenant. When a configuration object(e.g. virtual_host) refers to another(e.g route) then tenant will hold the referred object's(e.g. route's) tenant
199
+
200
+ #### Deny List Prefix List
201
+
202
+ A [`prefix_list`](#deny-list-prefix-list) block (within [`deny_list`](#deny-list)) supports the following:
203
+
204
+ <a id="deny-list-prefix-list-prefixes"></a>&#x2022; [`prefixes`](#deny-list-prefix-list-prefixes) - Optional List<br>IPv4 Prefix List. List of IPv4 prefixes that represent an endpoint
205
+
206
+ #### Rule List
207
+
208
+ A [`rule_list`](#rule-list) block supports the following:
209
+
210
+ <a id="rule-list-rules"></a>&#x2022; [`rules`](#rule-list-rules) - Optional Block<br>Rules. Define the list of rules (with an order) that should be evaluated by this service policy. Rules are evaluated from top to bottom in the list<br>See [Rules](#rule-list-rules) below.
211
+
212
+ #### Rule List Rules
213
+
214
+ A [`rules`](#rule-list-rules) block (within [`rule_list`](#rule-list)) supports the following:
215
+
216
+ <a id="rule-list-rules-metadata"></a>&#x2022; [`metadata`](#rule-list-rules-metadata) - Optional Block<br>Message Metadata. MessageMetaType is metadata (common attributes) of a message that only certain messages have. This information is propagated to the metadata of a child object that gets created from the containing message during view processing. The information in this type can be specified by user during create and replace APIs<br>See [Metadata](#rule-list-rules-metadata) below.
217
+
218
+ <a id="rule-list-rules-spec"></a>&#x2022; [`spec`](#rule-list-rules-spec) - Optional Block<br>Specification. Shape of service_policy_rule in the storage backend<br>See [Spec](#rule-list-rules-spec) below.
219
+
220
+ #### Rule List Rules Metadata
221
+
222
+ A [`metadata`](#rule-list-rules-metadata) block (within [`rule_list.rules`](#rule-list-rules)) supports the following:
223
+
224
+ <a id="rule-list-rules-metadata-description-spec"></a>&#x2022; [`description_spec`](#rule-list-rules-metadata-description-spec) - Optional String<br>Description. Human readable description
225
+
226
+ <a id="rule-list-rules-metadata-name"></a>&#x2022; [`name`](#rule-list-rules-metadata-name) - Optional String<br>Name. This is the name of the message. The value of name has to follow DNS-1035 format
227
+
228
+ #### Rule List Rules Spec
229
+
230
+ A [`spec`](#rule-list-rules-spec) block (within [`rule_list.rules`](#rule-list-rules)) supports the following:
231
+
232
+ <a id="rule-list-rules-spec-action"></a>&#x2022; [`action`](#rule-list-rules-spec-action) - Optional String Defaults to `DENY`<br>Possible values are `DENY`, `ALLOW`, `NEXT_POLICY`<br>[Enum: DENY|ALLOW|NEXT_POLICY] Rule Action. The rule action determines the disposition of the input request API. If a policy matches a rule with an ALLOW action, the processing of the request proceeds forward. If it matches a rule with a DENY action, the processing of the request is terminated and an appropriate message/code returned to the originator. If it matches a rule with a NEXT_POLICY_SET action, evaluation of the current policy set terminates and evaluation of the next policy set in the chain begins. - DENY: DENY Deny the request. - ALLOW: ALLOW Allow the request to proceed. - NEXT_POLICY_SET: NEXT_POLICY_SET Terminate evaluation of the current policy set and begin evaluating the next policy set in the chain. Note that the evaluation of any remaining policies in the current policy set is skipped. - NEXT_POLICY: NEXT_POLICY Terminate evaluation of the current policy and begin evaluating the next policy in the policy set. Note that the evaluation of any remaining rules in the current policy is skipped. - LAST_POLICY: LAST_POLICY Terminate evaluation of the current policy and begin evaluating the last policy in the policy set. Note that the evaluation of any remaining rules in the current policy is skipped. - GOTO_POLICY: GOTO_POLICY Terminate evaluation of the current policy and begin evaluating a specific policy in the policy set. The policy is specified using the goto_policy field in the rule and must be after the current policy in the policy set
233
+
234
+ <a id="rule-list-rules-spec-any-asn"></a>&#x2022; [`any_asn`](#rule-list-rules-spec-any-asn) - Optional Block<br>Enable this option
235
+
236
+ <a id="rule-list-rules-spec-any-client"></a>&#x2022; [`any_client`](#rule-list-rules-spec-any-client) - Optional Block<br>Enable this option
237
+
238
+ <a id="rule-list-rules-spec-any-ip"></a>&#x2022; [`any_ip`](#rule-list-rules-spec-any-ip) - Optional Block<br>Enable this option
239
+
240
+ <a id="rule-list-rules-spec-api-group-matcher"></a>&#x2022; [`api_group_matcher`](#rule-list-rules-spec-api-group-matcher) - Optional Block<br>String Matcher. A matcher specifies a list of values for matching an input string. The match is considered successful if the input value is present in the list. The result of the match is inverted if invert_matcher is true<br>See [API Group Matcher](#rule-list-rules-spec-api-group-matcher) below.
241
+
242
+ <a id="rule-list-rules-spec-arg-matchers"></a>&#x2022; [`arg_matchers`](#rule-list-rules-spec-arg-matchers) - Optional Block<br>Argument Matchers. A list of predicates for all POST args that need to be matched. The criteria for matching each arg are described in individual instances of ArgMatcherType. The actual arg values are extracted from the request API as a list of strings for each arg selector name. Note that all specified arg matcher predicates must evaluate to true<br>See [Arg Matchers](#rule-list-rules-spec-arg-matchers) below.
243
+
244
+ <a id="rule-list-rules-spec-asn-list"></a>&#x2022; [`asn_list`](#rule-list-rules-spec-asn-list) - Optional Block<br>ASN Match List. An unordered set of RFC 6793 defined 4-byte AS numbers that can be used to create allow or deny lists for use in network policy or service policy. It can be used to create the allow list only for DNS Load Balancer<br>See [Asn List](#rule-list-rules-spec-asn-list) below.
245
+
246
+ <a id="rule-list-rules-spec-asn-matcher"></a>&#x2022; [`asn_matcher`](#rule-list-rules-spec-asn-matcher) - Optional Block<br>ASN Matcher. Match any AS number contained in the list of bgp_asn_sets<br>See [Asn Matcher](#rule-list-rules-spec-asn-matcher) below.
247
+
248
+ <a id="rule-list-rules-spec-body-matcher"></a>&#x2022; [`body_matcher`](#rule-list-rules-spec-body-matcher) - Optional Block<br>Matcher. A matcher specifies multiple criteria for matching an input string. The match is considered successful if any of the criteria are satisfied. The set of supported match criteria includes a list of exact values and a list of regular expressions<br>See [Body Matcher](#rule-list-rules-spec-body-matcher) below.
249
+
250
+ <a id="rule-list-rules-spec-bot-action"></a>&#x2022; [`bot_action`](#rule-list-rules-spec-bot-action) - Optional Block<br>Bot Action. Modify Bot protection behavior for a matching request. The modification could be to entirely skip Bot processing<br>See [Bot Action](#rule-list-rules-spec-bot-action) below.
251
+
252
+ <a id="rule-list-rules-spec-client-name"></a>&#x2022; [`client_name`](#rule-list-rules-spec-client-name) - Optional String<br>Client Name. The expected name of the client invoking the request API. The predicate evaluates to true if any of the actual names is the same as the expected client name
253
+
254
+ <a id="rule-list-rules-spec-client-name-matcher"></a>&#x2022; [`client_name_matcher`](#rule-list-rules-spec-client-name-matcher) - Optional Block<br>Matcher. A matcher specifies multiple criteria for matching an input string. The match is considered successful if any of the criteria are satisfied. The set of supported match criteria includes a list of exact values and a list of regular expressions<br>See [Client Name Matcher](#rule-list-rules-spec-client-name-matcher) below.
255
+
256
+ <a id="rule-list-rules-spec-client-selector"></a>&#x2022; [`client_selector`](#rule-list-rules-spec-client-selector) - Optional Block<br>Label Selector. This type can be used to establish a 'selector reference' from one object(called selector) to a set of other objects(called selectees) based on the value of expresssions. A label selector is a label query over a set of resources. An empty label selector matches all objects. A null label selector matches no objects. Label selector is immutable. expressions is a list of strings of label selection expression. Each string has ',' separated values which are 'AND' and all strings are logically 'OR'. BNF for expression string `<selector-syntax>` ::= `<requirement>` | `<requirement>` ',' `<selector-syntax>` `<requirement>` ::= [!] KEY [ `<set-based-restriction>` | `<exact-match-restriction>` ] `<set-based-restriction>` ::= '' | `<inclusion-exclusion>` `<value-set>` `<inclusion-exclusion>` ::= `<inclusion>` | `<exclusion>` `<exclusion>` ::= 'notin' `<inclusion>` ::= 'in' `<value-set>` ::= '(' `<values>` ')' `<values>` ::= VALUE | VALUE ',' `<values>` `<exact-match-restriction>` ::= ['='|'=='|'!='] VALUE<br>See [Client Selector](#rule-list-rules-spec-client-selector) below.
257
+
258
+ <a id="rule-list-rules-spec-cookie-matchers"></a>&#x2022; [`cookie_matchers`](#rule-list-rules-spec-cookie-matchers) - Optional Block<br>Cookie Matchers. A list of predicates for all cookies that need to be matched. The criteria for matching each cookie is described in individual instances of CookieMatcherType. The actual cookie values are extracted from the request API as a list of strings for each cookie name. Note that all specified cookie matcher predicates must evaluate to true<br>See [Cookie Matchers](#rule-list-rules-spec-cookie-matchers) below.
259
+
260
+ <a id="rule-list-rules-spec-domain-matcher"></a>&#x2022; [`domain_matcher`](#rule-list-rules-spec-domain-matcher) - Optional Block<br>Matcher. A matcher specifies multiple criteria for matching an input string. The match is considered successful if any of the criteria are satisfied. The set of supported match criteria includes a list of exact values and a list of regular expressions<br>See [Domain Matcher](#rule-list-rules-spec-domain-matcher) below.
261
+
262
+ <a id="rule-list-rules-spec-expiration-timestamp"></a>&#x2022; [`expiration_timestamp`](#rule-list-rules-spec-expiration-timestamp) - Optional String<br>Expiration Timestamp. The expiration_timestamp is the RFC 3339 format timestamp at which the containing rule is considered to be logically expired. The rule continues to exist in the configuration but is not applied anymore
263
+
264
+ <a id="rule-list-rules-spec-headers"></a>&#x2022; [`headers`](#rule-list-rules-spec-headers) - Optional Block<br>HTTP Headers. A list of predicates for various HTTP headers that need to match. The criteria for matching each HTTP header are described in individual HeaderMatcherType instances. The actual HTTP header values are extracted from the request API as a list of strings for each HTTP header type. Note that all specified header predicates must evaluate to true<br>See [Headers](#rule-list-rules-spec-headers) below.
265
+
266
+ <a id="rule-list-rules-spec-http-method"></a>&#x2022; [`http_method`](#rule-list-rules-spec-http-method) - Optional Block<br>HTTP Method Matcher. A HTTP method matcher specifies a list of methods to match an input HTTP method. The match is considered successful if the input method is a member of the list. The result of the match based on the method list is inverted if invert_matcher is true<br>See [HTTP Method](#rule-list-rules-spec-http-method) below.
267
+
268
+ <a id="rule-list-rules-spec-ip-matcher"></a>&#x2022; [`ip_matcher`](#rule-list-rules-spec-ip-matcher) - Optional Block<br>IP Prefix Matcher. Match any IP prefix contained in the list of ip_prefix_sets. The result of the match is inverted if invert_matcher is true<br>See [IP Matcher](#rule-list-rules-spec-ip-matcher) below.
269
+
270
+ <a id="rule-list-rules-spec-ip-prefix-list"></a>&#x2022; [`ip_prefix_list`](#rule-list-rules-spec-ip-prefix-list) - Optional Block<br>IP Prefix Match List. List of IP Prefix strings to match against<br>See [IP Prefix List](#rule-list-rules-spec-ip-prefix-list) below.
271
+
272
+ <a id="rule-list-rules-spec-ip-threat-category-list"></a>&#x2022; [`ip_threat_category_list`](#rule-list-rules-spec-ip-threat-category-list) - Optional Block<br>IP Threat Category List Type. List of IP threat categories<br>See [IP Threat Category List](#rule-list-rules-spec-ip-threat-category-list) below.
273
+
274
+ <a id="rule-list-rules-spec-ja4-tls-fingerprint"></a>&#x2022; [`ja4_tls_fingerprint`](#rule-list-rules-spec-ja4-tls-fingerprint) - Optional Block<br>JA4 TLS Fingerprint Matcher. An extended version of JA3 that includes additional fields for more comprehensive fingerprinting of SSL/TLS clients and potentially has a different structure and length<br>See [Ja4 TLS Fingerprint](#rule-list-rules-spec-ja4-tls-fingerprint) below.
275
+
276
+ <a id="rule-list-rules-spec-jwt-claims"></a>&#x2022; [`jwt_claims`](#rule-list-rules-spec-jwt-claims) - Optional Block<br>JWT Claims. A list of predicates for various JWT claims that need to match. The criteria for matching each JWT claim are described in individual JWTClaimMatcherType instances. The actual JWT claims values are extracted from the JWT payload as a list of strings. Note that all specified JWT claim predicates must evaluate to true<br>See [JWT Claims](#rule-list-rules-spec-jwt-claims) below.
277
+
278
+ <a id="rule-list-rules-spec-label-matcher"></a>&#x2022; [`label_matcher`](#rule-list-rules-spec-label-matcher) - Optional Block<br>Label Matcher. A label matcher specifies a list of label keys whose values need to match for source/client and destination/server. Note that the actual label values are not specified and do not matter. This allows an ability to scope grouping by the label key name<br>See [Label Matcher](#rule-list-rules-spec-label-matcher) below.
279
+
280
+ <a id="rule-list-rules-spec-mum-action"></a>&#x2022; [`mum_action`](#rule-list-rules-spec-mum-action) - Optional Block<br>Select Modification Action. Modify behavior for a matching request. The modification could be to entirely skip processing<br>See [Mum Action](#rule-list-rules-spec-mum-action) below.
281
+
282
+ <a id="rule-list-rules-spec-path"></a>&#x2022; [`path`](#rule-list-rules-spec-path) - Optional Block<br>Path Matcher. A path matcher specifies multiple criteria for matching an HTTP path string. The match is considered successful if any of the criteria are satisfied. The set of supported match criteria includes a list of path prefixes, a list of exact path values and a list of regular expressions<br>See [Path](#rule-list-rules-spec-path) below.
283
+
284
+ <a id="rule-list-rules-spec-port-matcher"></a>&#x2022; [`port_matcher`](#rule-list-rules-spec-port-matcher) - Optional Block<br>Port Matcher. A port matcher specifies a list of port ranges as match criteria. The match is considered successful if the input port falls within any of the port ranges. The result of the match is inverted if invert_matcher is true<br>See [Port Matcher](#rule-list-rules-spec-port-matcher) below.
285
+
286
+ <a id="rule-list-rules-spec-query-params"></a>&#x2022; [`query_params`](#rule-list-rules-spec-query-params) - Optional Block<br>HTTP Query Parameters. A list of predicates for all query parameters that need to be matched. The criteria for matching each query parameter are described in individual instances of QueryParameterMatcherType. The actual query parameter values are extracted from the request API as a list of strings for each query parameter name. Note that all specified query parameter predicates must evaluate to true<br>See [Query Params](#rule-list-rules-spec-query-params) below.
287
+
288
+ <a id="rule-list-rules-spec-request-constraints"></a>&#x2022; [`request_constraints`](#rule-list-rules-spec-request-constraints) - Optional Block<br>Request Constraints<br>See [Request Constraints](#rule-list-rules-spec-request-constraints) below.
289
+
290
+ <a id="rule-list-rules-spec-segment-policy"></a>&#x2022; [`segment_policy`](#rule-list-rules-spec-segment-policy) - Optional Block<br>Configure Segments. Configure source and destination segment for policy<br>See [Segment Policy](#rule-list-rules-spec-segment-policy) below.
291
+
292
+ <a id="rule-list-rules-spec-tls-fingerprint-matcher"></a>&#x2022; [`tls_fingerprint_matcher`](#rule-list-rules-spec-tls-fingerprint-matcher) - Optional Block<br>TLS Fingerprint Matcher. A TLS fingerprint matcher specifies multiple criteria for matching a TLS fingerprint. The set of supported positve match criteria includes a list of known classes of TLS fingerprints and a list of exact values. The match is considered successful if either of these positive criteria are satisfied and the input fingerprint is not one of the excluded values<br>See [TLS Fingerprint Matcher](#rule-list-rules-spec-tls-fingerprint-matcher) below.
293
+
294
+ <a id="rule-list-rules-spec-user-identity-matcher"></a>&#x2022; [`user_identity_matcher`](#rule-list-rules-spec-user-identity-matcher) - Optional Block<br>Matcher. A matcher specifies multiple criteria for matching an input string. The match is considered successful if any of the criteria are satisfied. The set of supported match criteria includes a list of exact values and a list of regular expressions<br>See [User Identity Matcher](#rule-list-rules-spec-user-identity-matcher) below.
295
+
296
+ <a id="rule-list-rules-spec-waf-action"></a>&#x2022; [`waf_action`](#rule-list-rules-spec-waf-action) - Optional Block<br>App Firewall Action. Modify App Firewall behavior for a matching request. The modification could either be to entirely skip firewall processing or to customize the firewall rules to be applied as defined by App Firewall Rule Control settings<br>See [WAF Action](#rule-list-rules-spec-waf-action) below.
297
+
298
+ #### Rule List Rules Spec API Group Matcher
299
+
300
+ An [`api_group_matcher`](#rule-list-rules-spec-api-group-matcher) block (within [`rule_list.rules.spec`](#rule-list-rules-spec)) supports the following:
301
+
302
+ <a id="rule-list-rules-spec-api-group-matcher-invert-matcher"></a>&#x2022; [`invert_matcher`](#rule-list-rules-spec-api-group-matcher-invert-matcher) - Optional Bool<br>Invert String Matcher. Invert the match result
303
+
304
+ <a id="rule-list-rules-spec-api-group-matcher-match"></a>&#x2022; [`match`](#rule-list-rules-spec-api-group-matcher-match) - Optional List<br>Exact Values. A list of exact values to match the input against
305
+
306
+ #### Rule List Rules Spec Arg Matchers
307
+
308
+ An [`arg_matchers`](#rule-list-rules-spec-arg-matchers) block (within [`rule_list.rules.spec`](#rule-list-rules-spec)) supports the following:
309
+
310
+ <a id="rule-list-rules-spec-arg-matchers-check-not-present"></a>&#x2022; [`check_not_present`](#rule-list-rules-spec-arg-matchers-check-not-present) - Optional Block<br>Enable this option
311
+
312
+ <a id="rule-list-rules-spec-arg-matchers-check-present"></a>&#x2022; [`check_present`](#rule-list-rules-spec-arg-matchers-check-present) - Optional Block<br>Enable this option
313
+
314
+ <a id="rule-list-rules-spec-arg-matchers-invert-matcher"></a>&#x2022; [`invert_matcher`](#rule-list-rules-spec-arg-matchers-invert-matcher) - Optional Bool<br>Invert Matcher. Invert Match of the expression defined
315
+
316
+ <a id="rule-list-rules-spec-arg-matchers-item"></a>&#x2022; [`item`](#rule-list-rules-spec-arg-matchers-item) - Optional Block<br>Matcher. A matcher specifies multiple criteria for matching an input string. The match is considered successful if any of the criteria are satisfied. The set of supported match criteria includes a list of exact values and a list of regular expressions<br>See [Item](#rule-list-rules-spec-arg-matchers-item) below.
317
+
318
+ <a id="rule-list-rules-spec-arg-matchers-name"></a>&#x2022; [`name`](#rule-list-rules-spec-arg-matchers-name) - Optional String<br>Argument Name. A case-sensitive JSON path in the HTTP request body
319
+
320
+ #### Rule List Rules Spec Arg Matchers Item
321
+
322
+ An [`item`](#rule-list-rules-spec-arg-matchers-item) block (within [`rule_list.rules.spec.arg_matchers`](#rule-list-rules-spec-arg-matchers)) supports the following:
323
+
324
+ <a id="rule-list-rules-spec-arg-matchers-item-exact-values"></a>&#x2022; [`exact_values`](#rule-list-rules-spec-arg-matchers-item-exact-values) - Optional List<br>Exact Values. A list of exact values to match the input against
325
+
326
+ <a id="rule-list-rules-spec-arg-matchers-item-regex-values"></a>&#x2022; [`regex_values`](#rule-list-rules-spec-arg-matchers-item-regex-values) - Optional List<br>Regex Values. A list of regular expressions to match the input against
327
+
328
+ <a id="rule-list-rules-spec-arg-matchers-item-transformers"></a>&#x2022; [`transformers`](#rule-list-rules-spec-arg-matchers-item-transformers) - Optional List Defaults to `TRANSFORMER_NONE`<br>Possible values are `LOWER_CASE`, `UPPER_CASE`, `BASE64_DECODE`, `NORMALIZE_PATH`, `REMOVE_WHITESPACE`, `URL_DECODE`, `TRIM_LEFT`, `TRIM_RIGHT`, `TRIM`<br>[Enum: LOWER_CASE|UPPER_CASE|BASE64_DECODE|NORMALIZE_PATH|REMOVE_WHITESPACE|URL_DECODE|TRIM_LEFT|TRIM_RIGHT|TRIM] Transformers. An ordered list of transformers (starting from index 0) to be applied to the path before matching
329
+
330
+ #### Rule List Rules Spec Asn List
331
+
332
+ An [`asn_list`](#rule-list-rules-spec-asn-list) block (within [`rule_list.rules.spec`](#rule-list-rules-spec)) supports the following:
333
+
334
+ <a id="rule-list-rules-spec-asn-list-as-numbers"></a>&#x2022; [`as_numbers`](#rule-list-rules-spec-asn-list-as-numbers) - Optional List<br>AS Numbers. An unordered set of RFC 6793 defined 4-byte AS numbers that can be used to create allow or deny lists for use in network policy or service policy. It can be used to create the allow list only for DNS Load Balancer
335
+
336
+ #### Rule List Rules Spec Asn Matcher
337
+
338
+ An [`asn_matcher`](#rule-list-rules-spec-asn-matcher) block (within [`rule_list.rules.spec`](#rule-list-rules-spec)) supports the following:
339
+
340
+ <a id="rule-list-rules-spec-asn-matcher-asn-sets"></a>&#x2022; [`asn_sets`](#rule-list-rules-spec-asn-matcher-asn-sets) - Optional Block<br>BGP ASN Sets. A list of references to bgp_asn_set objects<br>See [Asn Sets](#rule-list-rules-spec-asn-matcher-asn-sets) below.
341
+
342
+ #### Rule List Rules Spec Asn Matcher Asn Sets
343
+
344
+ An [`asn_sets`](#rule-list-rules-spec-asn-matcher-asn-sets) block (within [`rule_list.rules.spec.asn_matcher`](#rule-list-rules-spec-asn-matcher)) supports the following:
345
+
346
+ <a id="rule-list-rules-spec-asn-matcher-asn-sets-kind"></a>&#x2022; [`kind`](#rule-list-rules-spec-asn-matcher-asn-sets-kind) - Optional String<br>Kind. When a configuration object(e.g. virtual_host) refers to another(e.g route) then kind will hold the referred object's kind (e.g. 'route')
347
+
348
+ <a id="rule-list-rules-spec-asn-matcher-asn-sets-name"></a>&#x2022; [`name`](#rule-list-rules-spec-asn-matcher-asn-sets-name) - Optional String<br>Name. When a configuration object(e.g. virtual_host) refers to another(e.g route) then name will hold the referred object's(e.g. route's) name
349
+
350
+ <a id="rule-list-rules-spec-asn-matcher-asn-sets-namespace"></a>&#x2022; [`namespace`](#rule-list-rules-spec-asn-matcher-asn-sets-namespace) - Optional String<br>Namespace. When a configuration object(e.g. virtual_host) refers to another(e.g route) then namespace will hold the referred object's(e.g. route's) namespace
351
+
352
+ <a id="rule-list-rules-spec-asn-matcher-asn-sets-tenant"></a>&#x2022; [`tenant`](#rule-list-rules-spec-asn-matcher-asn-sets-tenant) - Optional String<br>Tenant. When a configuration object(e.g. virtual_host) refers to another(e.g route) then tenant will hold the referred object's(e.g. route's) tenant
353
+
354
+ <a id="rule-list-rules-spec-asn-matcher-asn-sets-uid"></a>&#x2022; [`uid`](#rule-list-rules-spec-asn-matcher-asn-sets-uid) - Optional String<br>UID. When a configuration object(e.g. virtual_host) refers to another(e.g route) then uid will hold the referred object's(e.g. route's) uid
355
+
356
+ #### Rule List Rules Spec Body Matcher
357
+
358
+ A [`body_matcher`](#rule-list-rules-spec-body-matcher) block (within [`rule_list.rules.spec`](#rule-list-rules-spec)) supports the following:
359
+
360
+ <a id="rule-list-rules-spec-body-matcher-exact-values"></a>&#x2022; [`exact_values`](#rule-list-rules-spec-body-matcher-exact-values) - Optional List<br>Exact Values. A list of exact values to match the input against
361
+
362
+ <a id="rule-list-rules-spec-body-matcher-regex-values"></a>&#x2022; [`regex_values`](#rule-list-rules-spec-body-matcher-regex-values) - Optional List<br>Regex Values. A list of regular expressions to match the input against
363
+
364
+ <a id="rule-list-rules-spec-body-matcher-transformers"></a>&#x2022; [`transformers`](#rule-list-rules-spec-body-matcher-transformers) - Optional List Defaults to `TRANSFORMER_NONE`<br>Possible values are `LOWER_CASE`, `UPPER_CASE`, `BASE64_DECODE`, `NORMALIZE_PATH`, `REMOVE_WHITESPACE`, `URL_DECODE`, `TRIM_LEFT`, `TRIM_RIGHT`, `TRIM`<br>[Enum: LOWER_CASE|UPPER_CASE|BASE64_DECODE|NORMALIZE_PATH|REMOVE_WHITESPACE|URL_DECODE|TRIM_LEFT|TRIM_RIGHT|TRIM] Transformers. An ordered list of transformers (starting from index 0) to be applied to the path before matching
365
+
366
+ #### Rule List Rules Spec Bot Action
367
+
368
+ A [`bot_action`](#rule-list-rules-spec-bot-action) block (within [`rule_list.rules.spec`](#rule-list-rules-spec)) supports the following:
369
+
370
+ <a id="rule-list-rules-spec-bot-action-bot-skip-processing"></a>&#x2022; [`bot_skip_processing`](#rule-list-rules-spec-bot-action-bot-skip-processing) - Optional Block<br>Enable this option
371
+
372
+ <a id="rule-list-rules-spec-bot-action-none"></a>&#x2022; [`none`](#rule-list-rules-spec-bot-action-none) - Optional Block<br>Enable this option
373
+
374
+ #### Rule List Rules Spec Client Name Matcher
375
+
376
+ A [`client_name_matcher`](#rule-list-rules-spec-client-name-matcher) block (within [`rule_list.rules.spec`](#rule-list-rules-spec)) supports the following:
377
+
378
+ <a id="rule-list-rules-spec-client-name-matcher-exact-values"></a>&#x2022; [`exact_values`](#rule-list-rules-spec-client-name-matcher-exact-values) - Optional List<br>Exact Values. A list of exact values to match the input against
379
+
380
+ <a id="rule-list-rules-spec-client-name-matcher-regex-values"></a>&#x2022; [`regex_values`](#rule-list-rules-spec-client-name-matcher-regex-values) - Optional List<br>Regex Values. A list of regular expressions to match the input against
381
+
382
+ <a id="rule-list-rules-spec-client-name-matcher-transformers"></a>&#x2022; [`transformers`](#rule-list-rules-spec-client-name-matcher-transformers) - Optional List Defaults to `TRANSFORMER_NONE`<br>Possible values are `LOWER_CASE`, `UPPER_CASE`, `BASE64_DECODE`, `NORMALIZE_PATH`, `REMOVE_WHITESPACE`, `URL_DECODE`, `TRIM_LEFT`, `TRIM_RIGHT`, `TRIM`<br>[Enum: LOWER_CASE|UPPER_CASE|BASE64_DECODE|NORMALIZE_PATH|REMOVE_WHITESPACE|URL_DECODE|TRIM_LEFT|TRIM_RIGHT|TRIM] Transformers. An ordered list of transformers (starting from index 0) to be applied to the path before matching
383
+
384
+ #### Rule List Rules Spec Client Selector
385
+
386
+ A [`client_selector`](#rule-list-rules-spec-client-selector) block (within [`rule_list.rules.spec`](#rule-list-rules-spec)) supports the following:
387
+
388
+ <a id="rule-list-rules-spec-client-selector-expressions"></a>&#x2022; [`expressions`](#rule-list-rules-spec-client-selector-expressions) - Optional List<br>Selector Expression. expressions contains the kubernetes style label expression for selections
389
+
390
+ #### Rule List Rules Spec Cookie Matchers
391
+
392
+ A [`cookie_matchers`](#rule-list-rules-spec-cookie-matchers) block (within [`rule_list.rules.spec`](#rule-list-rules-spec)) supports the following:
393
+
394
+ <a id="rule-list-rules-spec-cookie-matchers-check-not-present"></a>&#x2022; [`check_not_present`](#rule-list-rules-spec-cookie-matchers-check-not-present) - Optional Block<br>Enable this option
395
+
396
+ <a id="rule-list-rules-spec-cookie-matchers-check-present"></a>&#x2022; [`check_present`](#rule-list-rules-spec-cookie-matchers-check-present) - Optional Block<br>Enable this option
397
+
398
+ <a id="rule-list-rules-spec-cookie-matchers-invert-matcher"></a>&#x2022; [`invert_matcher`](#rule-list-rules-spec-cookie-matchers-invert-matcher) - Optional Bool<br>Invert Matcher. Invert Match of the expression defined
399
+
400
+ <a id="rule-list-rules-spec-cookie-matchers-item"></a>&#x2022; [`item`](#rule-list-rules-spec-cookie-matchers-item) - Optional Block<br>Matcher. A matcher specifies multiple criteria for matching an input string. The match is considered successful if any of the criteria are satisfied. The set of supported match criteria includes a list of exact values and a list of regular expressions<br>See [Item](#rule-list-rules-spec-cookie-matchers-item) below.
401
+
402
+ <a id="rule-list-rules-spec-cookie-matchers-name"></a>&#x2022; [`name`](#rule-list-rules-spec-cookie-matchers-name) - Optional String<br>Cookie Name. A case-sensitive cookie name
403
+
404
+ #### Rule List Rules Spec Cookie Matchers Item
405
+
406
+ An [`item`](#rule-list-rules-spec-cookie-matchers-item) block (within [`rule_list.rules.spec.cookie_matchers`](#rule-list-rules-spec-cookie-matchers)) supports the following:
407
+
408
+ <a id="rule-list-rules-spec-cookie-matchers-item-exact-values"></a>&#x2022; [`exact_values`](#rule-list-rules-spec-cookie-matchers-item-exact-values) - Optional List<br>Exact Values. A list of exact values to match the input against
409
+
410
+ <a id="rule-list-rules-spec-cookie-matchers-item-regex-values"></a>&#x2022; [`regex_values`](#rule-list-rules-spec-cookie-matchers-item-regex-values) - Optional List<br>Regex Values. A list of regular expressions to match the input against
411
+
412
+ <a id="rule-list-rules-spec-cookie-matchers-item-transformers"></a>&#x2022; [`transformers`](#rule-list-rules-spec-cookie-matchers-item-transformers) - Optional List Defaults to `TRANSFORMER_NONE`<br>Possible values are `LOWER_CASE`, `UPPER_CASE`, `BASE64_DECODE`, `NORMALIZE_PATH`, `REMOVE_WHITESPACE`, `URL_DECODE`, `TRIM_LEFT`, `TRIM_RIGHT`, `TRIM`<br>[Enum: LOWER_CASE|UPPER_CASE|BASE64_DECODE|NORMALIZE_PATH|REMOVE_WHITESPACE|URL_DECODE|TRIM_LEFT|TRIM_RIGHT|TRIM] Transformers. An ordered list of transformers (starting from index 0) to be applied to the path before matching
413
+
414
+ #### Rule List Rules Spec Domain Matcher
415
+
416
+ A [`domain_matcher`](#rule-list-rules-spec-domain-matcher) block (within [`rule_list.rules.spec`](#rule-list-rules-spec)) supports the following:
417
+
418
+ <a id="rule-list-rules-spec-domain-matcher-exact-values"></a>&#x2022; [`exact_values`](#rule-list-rules-spec-domain-matcher-exact-values) - Optional List<br>Exact Values. A list of exact values to match the input against
419
+
420
+ <a id="rule-list-rules-spec-domain-matcher-regex-values"></a>&#x2022; [`regex_values`](#rule-list-rules-spec-domain-matcher-regex-values) - Optional List<br>Regex Values. A list of regular expressions to match the input against
421
+
422
+ <a id="rule-list-rules-spec-domain-matcher-transformers"></a>&#x2022; [`transformers`](#rule-list-rules-spec-domain-matcher-transformers) - Optional List Defaults to `TRANSFORMER_NONE`<br>Possible values are `LOWER_CASE`, `UPPER_CASE`, `BASE64_DECODE`, `NORMALIZE_PATH`, `REMOVE_WHITESPACE`, `URL_DECODE`, `TRIM_LEFT`, `TRIM_RIGHT`, `TRIM`<br>[Enum: LOWER_CASE|UPPER_CASE|BASE64_DECODE|NORMALIZE_PATH|REMOVE_WHITESPACE|URL_DECODE|TRIM_LEFT|TRIM_RIGHT|TRIM] Transformers. An ordered list of transformers (starting from index 0) to be applied to the path before matching
423
+
424
+ #### Rule List Rules Spec Headers
425
+
426
+ A [`headers`](#rule-list-rules-spec-headers) block (within [`rule_list.rules.spec`](#rule-list-rules-spec)) supports the following:
427
+
428
+ <a id="rule-list-rules-spec-headers-check-not-present"></a>&#x2022; [`check_not_present`](#rule-list-rules-spec-headers-check-not-present) - Optional Block<br>Enable this option
429
+
430
+ <a id="rule-list-rules-spec-headers-check-present"></a>&#x2022; [`check_present`](#rule-list-rules-spec-headers-check-present) - Optional Block<br>Enable this option
431
+
432
+ <a id="rule-list-rules-spec-headers-invert-matcher"></a>&#x2022; [`invert_matcher`](#rule-list-rules-spec-headers-invert-matcher) - Optional Bool<br>Invert Header Matcher. Invert the match result
433
+
434
+ <a id="rule-list-rules-spec-headers-item"></a>&#x2022; [`item`](#rule-list-rules-spec-headers-item) - Optional Block<br>Matcher. A matcher specifies multiple criteria for matching an input string. The match is considered successful if any of the criteria are satisfied. The set of supported match criteria includes a list of exact values and a list of regular expressions<br>See [Item](#rule-list-rules-spec-headers-item) below.
435
+
436
+ <a id="rule-list-rules-spec-headers-name"></a>&#x2022; [`name`](#rule-list-rules-spec-headers-name) - Optional String<br>Header Name. A case-insensitive HTTP header name
437
+
438
+ #### Rule List Rules Spec Headers Item
439
+
440
+ An [`item`](#rule-list-rules-spec-headers-item) block (within [`rule_list.rules.spec.headers`](#rule-list-rules-spec-headers)) supports the following:
441
+
442
+ <a id="rule-list-rules-spec-headers-item-exact-values"></a>&#x2022; [`exact_values`](#rule-list-rules-spec-headers-item-exact-values) - Optional List<br>Exact Values. A list of exact values to match the input against
443
+
444
+ <a id="rule-list-rules-spec-headers-item-regex-values"></a>&#x2022; [`regex_values`](#rule-list-rules-spec-headers-item-regex-values) - Optional List<br>Regex Values. A list of regular expressions to match the input against
445
+
446
+ <a id="rule-list-rules-spec-headers-item-transformers"></a>&#x2022; [`transformers`](#rule-list-rules-spec-headers-item-transformers) - Optional List Defaults to `TRANSFORMER_NONE`<br>Possible values are `LOWER_CASE`, `UPPER_CASE`, `BASE64_DECODE`, `NORMALIZE_PATH`, `REMOVE_WHITESPACE`, `URL_DECODE`, `TRIM_LEFT`, `TRIM_RIGHT`, `TRIM`<br>[Enum: LOWER_CASE|UPPER_CASE|BASE64_DECODE|NORMALIZE_PATH|REMOVE_WHITESPACE|URL_DECODE|TRIM_LEFT|TRIM_RIGHT|TRIM] Transformers. An ordered list of transformers (starting from index 0) to be applied to the path before matching
447
+
448
+ #### Rule List Rules Spec HTTP Method
449
+
450
+ A [`http_method`](#rule-list-rules-spec-http-method) block (within [`rule_list.rules.spec`](#rule-list-rules-spec)) supports the following:
451
+
452
+ <a id="rule-list-rules-spec-http-method-invert-matcher"></a>&#x2022; [`invert_matcher`](#rule-list-rules-spec-http-method-invert-matcher) - Optional Bool<br>Invert Method Matcher. Invert the match result
453
+
454
+ <a id="rule-list-rules-spec-http-method-methods"></a>&#x2022; [`methods`](#rule-list-rules-spec-http-method-methods) - Optional List Defaults to `ANY`<br>Possible values are `ANY`, `GET`, `HEAD`, `POST`, `PUT`, `DELETE`, `CONNECT`, `OPTIONS`, `TRACE`, `PATCH`, `COPY`<br>[Enum: ANY|GET|HEAD|POST|PUT|DELETE|CONNECT|OPTIONS|TRACE|PATCH|COPY] Method List. List of methods values to match against
455
+
456
+ #### Rule List Rules Spec IP Matcher
457
+
458
+ An [`ip_matcher`](#rule-list-rules-spec-ip-matcher) block (within [`rule_list.rules.spec`](#rule-list-rules-spec)) supports the following:
459
+
460
+ <a id="rule-list-rules-spec-ip-matcher-invert-matcher"></a>&#x2022; [`invert_matcher`](#rule-list-rules-spec-ip-matcher-invert-matcher) - Optional Bool<br>Invert IP Matcher. Invert the match result
461
+
462
+ <a id="rule-list-rules-spec-ip-matcher-prefix-sets"></a>&#x2022; [`prefix_sets`](#rule-list-rules-spec-ip-matcher-prefix-sets) - Optional Block<br>IP Prefix Sets. A list of references to ip_prefix_set objects<br>See [Prefix Sets](#rule-list-rules-spec-ip-matcher-prefix-sets) below.
463
+
464
+ #### Rule List Rules Spec IP Matcher Prefix Sets
465
+
466
+ A [`prefix_sets`](#rule-list-rules-spec-ip-matcher-prefix-sets) block (within [`rule_list.rules.spec.ip_matcher`](#rule-list-rules-spec-ip-matcher)) supports the following:
467
+
468
+ <a id="rule-list-rules-spec-ip-matcher-prefix-sets-kind"></a>&#x2022; [`kind`](#rule-list-rules-spec-ip-matcher-prefix-sets-kind) - Optional String<br>Kind. When a configuration object(e.g. virtual_host) refers to another(e.g route) then kind will hold the referred object's kind (e.g. 'route')
469
+
470
+ <a id="rule-list-rules-spec-ip-matcher-prefix-sets-name"></a>&#x2022; [`name`](#rule-list-rules-spec-ip-matcher-prefix-sets-name) - Optional String<br>Name. When a configuration object(e.g. virtual_host) refers to another(e.g route) then name will hold the referred object's(e.g. route's) name
471
+
472
+ <a id="rule-list-rules-spec-ip-matcher-prefix-sets-namespace"></a>&#x2022; [`namespace`](#rule-list-rules-spec-ip-matcher-prefix-sets-namespace) - Optional String<br>Namespace. When a configuration object(e.g. virtual_host) refers to another(e.g route) then namespace will hold the referred object's(e.g. route's) namespace
473
+
474
+ <a id="rule-list-rules-spec-ip-matcher-prefix-sets-tenant"></a>&#x2022; [`tenant`](#rule-list-rules-spec-ip-matcher-prefix-sets-tenant) - Optional String<br>Tenant. When a configuration object(e.g. virtual_host) refers to another(e.g route) then tenant will hold the referred object's(e.g. route's) tenant
475
+
476
+ <a id="rule-list-rules-spec-ip-matcher-prefix-sets-uid"></a>&#x2022; [`uid`](#rule-list-rules-spec-ip-matcher-prefix-sets-uid) - Optional String<br>UID. When a configuration object(e.g. virtual_host) refers to another(e.g route) then uid will hold the referred object's(e.g. route's) uid
477
+
478
+ #### Rule List Rules Spec IP Prefix List
479
+
480
+ An [`ip_prefix_list`](#rule-list-rules-spec-ip-prefix-list) block (within [`rule_list.rules.spec`](#rule-list-rules-spec)) supports the following:
481
+
482
+ <a id="rule-list-rules-spec-ip-prefix-list-invert-match"></a>&#x2022; [`invert_match`](#rule-list-rules-spec-ip-prefix-list-invert-match) - Optional Bool<br>Invert Match Result. Invert the match result
483
+
484
+ <a id="rule-list-rules-spec-ip-prefix-list-ip-prefixes"></a>&#x2022; [`ip_prefixes`](#rule-list-rules-spec-ip-prefix-list-ip-prefixes) - Optional List<br>IPv4 Prefix List. List of IPv4 prefix strings
485
+
486
+ #### Rule List Rules Spec IP Threat Category List
487
+
488
+ An [`ip_threat_category_list`](#rule-list-rules-spec-ip-threat-category-list) block (within [`rule_list.rules.spec`](#rule-list-rules-spec)) supports the following:
489
+
490
+ <a id="rule-list-rules-spec-ip-threat-category-list-ip-threat-categories"></a>&#x2022; [`ip_threat_categories`](#rule-list-rules-spec-ip-threat-category-list-ip-threat-categories) - Optional List Defaults to `SPAM_SOURCES`<br>Possible values are `SPAM_SOURCES`, `WINDOWS_EXPLOITS`, `WEB_ATTACKS`, `BOTNETS`, `SCANNERS`, `REPUTATION`, `PHISHING`, `PROXY`, `MOBILE_THREATS`, `TOR_PROXY`, `DENIAL_OF_SERVICE`, `NETWORK`<br>[Enum: SPAM_SOURCES|WINDOWS_EXPLOITS|WEB_ATTACKS|BOTNETS|SCANNERS|REPUTATION|PHISHING|PROXY|MOBILE_THREATS|TOR_PROXY|DENIAL_OF_SERVICE|NETWORK] List of IP Threat Categories to choose. The IP threat categories is obtained from the list and is used to auto-generate equivalent label selection expressions
491
+
492
+ #### Rule List Rules Spec Ja4 TLS Fingerprint
493
+
494
+ A [`ja4_tls_fingerprint`](#rule-list-rules-spec-ja4-tls-fingerprint) block (within [`rule_list.rules.spec`](#rule-list-rules-spec)) supports the following:
495
+
496
+ <a id="rule-list-rules-spec-ja4-tls-fingerprint-exact-values"></a>&#x2022; [`exact_values`](#rule-list-rules-spec-ja4-tls-fingerprint-exact-values) - Optional List<br>Exact Values. A list of exact JA4 TLS fingerprint to match the input JA4 TLS fingerprint against
497
+
498
+ #### Rule List Rules Spec JWT Claims
499
+
500
+ A [`jwt_claims`](#rule-list-rules-spec-jwt-claims) block (within [`rule_list.rules.spec`](#rule-list-rules-spec)) supports the following:
501
+
502
+ <a id="rule-list-rules-spec-jwt-claims-check-not-present"></a>&#x2022; [`check_not_present`](#rule-list-rules-spec-jwt-claims-check-not-present) - Optional Block<br>Enable this option
503
+
504
+ <a id="rule-list-rules-spec-jwt-claims-check-present"></a>&#x2022; [`check_present`](#rule-list-rules-spec-jwt-claims-check-present) - Optional Block<br>Enable this option
505
+
506
+ <a id="rule-list-rules-spec-jwt-claims-invert-matcher"></a>&#x2022; [`invert_matcher`](#rule-list-rules-spec-jwt-claims-invert-matcher) - Optional Bool<br>Invert Matcher. Invert the match result
507
+
508
+ <a id="rule-list-rules-spec-jwt-claims-item"></a>&#x2022; [`item`](#rule-list-rules-spec-jwt-claims-item) - Optional Block<br>Matcher. A matcher specifies multiple criteria for matching an input string. The match is considered successful if any of the criteria are satisfied. The set of supported match criteria includes a list of exact values and a list of regular expressions<br>See [Item](#rule-list-rules-spec-jwt-claims-item) below.
509
+
510
+ <a id="rule-list-rules-spec-jwt-claims-name"></a>&#x2022; [`name`](#rule-list-rules-spec-jwt-claims-name) - Optional String<br>JWT Claim Name. JWT claim name
511
+
512
+ #### Rule List Rules Spec JWT Claims Item
513
+
514
+ An [`item`](#rule-list-rules-spec-jwt-claims-item) block (within [`rule_list.rules.spec.jwt_claims`](#rule-list-rules-spec-jwt-claims)) supports the following:
515
+
516
+ <a id="rule-list-rules-spec-jwt-claims-item-exact-values"></a>&#x2022; [`exact_values`](#rule-list-rules-spec-jwt-claims-item-exact-values) - Optional List<br>Exact Values. A list of exact values to match the input against
517
+
518
+ <a id="rule-list-rules-spec-jwt-claims-item-regex-values"></a>&#x2022; [`regex_values`](#rule-list-rules-spec-jwt-claims-item-regex-values) - Optional List<br>Regex Values. A list of regular expressions to match the input against
519
+
520
+ <a id="rule-list-rules-spec-jwt-claims-item-transformers"></a>&#x2022; [`transformers`](#rule-list-rules-spec-jwt-claims-item-transformers) - Optional List Defaults to `TRANSFORMER_NONE`<br>Possible values are `LOWER_CASE`, `UPPER_CASE`, `BASE64_DECODE`, `NORMALIZE_PATH`, `REMOVE_WHITESPACE`, `URL_DECODE`, `TRIM_LEFT`, `TRIM_RIGHT`, `TRIM`<br>[Enum: LOWER_CASE|UPPER_CASE|BASE64_DECODE|NORMALIZE_PATH|REMOVE_WHITESPACE|URL_DECODE|TRIM_LEFT|TRIM_RIGHT|TRIM] Transformers. An ordered list of transformers (starting from index 0) to be applied to the path before matching
521
+
522
+ #### Rule List Rules Spec Label Matcher
523
+
524
+ A [`label_matcher`](#rule-list-rules-spec-label-matcher) block (within [`rule_list.rules.spec`](#rule-list-rules-spec)) supports the following:
525
+
526
+ <a id="rule-list-rules-spec-label-matcher-keys"></a>&#x2022; [`keys`](#rule-list-rules-spec-label-matcher-keys) - Optional List<br>Keys. The list of label key names that have to match
527
+
528
+ #### Rule List Rules Spec Mum Action
529
+
530
+ A [`mum_action`](#rule-list-rules-spec-mum-action) block (within [`rule_list.rules.spec`](#rule-list-rules-spec)) supports the following:
531
+
532
+ <a id="rule-list-rules-spec-mum-action-default"></a>&#x2022; [`default`](#rule-list-rules-spec-mum-action-default) - Optional Block<br>Enable this option
533
+
534
+ <a id="rule-list-rules-spec-mum-action-skip-processing"></a>&#x2022; [`skip_processing`](#rule-list-rules-spec-mum-action-skip-processing) - Optional Block<br>Enable this option
535
+
536
+ #### Rule List Rules Spec Path
537
+
538
+ A [`path`](#rule-list-rules-spec-path) block (within [`rule_list.rules.spec`](#rule-list-rules-spec)) supports the following:
539
+
540
+ <a id="rule-list-rules-spec-path-exact-values"></a>&#x2022; [`exact_values`](#rule-list-rules-spec-path-exact-values) - Optional List<br>Exact Values. A list of exact path values to match the input HTTP path against
541
+
542
+ <a id="rule-list-rules-spec-path-invert-matcher"></a>&#x2022; [`invert_matcher`](#rule-list-rules-spec-path-invert-matcher) - Optional Bool<br>Invert Path Matcher. Invert the match result
543
+
544
+ <a id="rule-list-rules-spec-path-prefix-values"></a>&#x2022; [`prefix_values`](#rule-list-rules-spec-path-prefix-values) - Optional List<br>Prefix Values. A list of path prefix values to match the input HTTP path against
545
+
546
+ <a id="rule-list-rules-spec-path-regex-values"></a>&#x2022; [`regex_values`](#rule-list-rules-spec-path-regex-values) - Optional List<br>Regex Values. A list of regular expressions to match the input HTTP path against
547
+
548
+ <a id="rule-list-rules-spec-path-suffix-values"></a>&#x2022; [`suffix_values`](#rule-list-rules-spec-path-suffix-values) - Optional List<br>Suffix Values. A list of path suffix values to match the input HTTP path against
549
+
550
+ <a id="rule-list-rules-spec-path-transformers"></a>&#x2022; [`transformers`](#rule-list-rules-spec-path-transformers) - Optional List Defaults to `TRANSFORMER_NONE`<br>Possible values are `LOWER_CASE`, `UPPER_CASE`, `BASE64_DECODE`, `NORMALIZE_PATH`, `REMOVE_WHITESPACE`, `URL_DECODE`, `TRIM_LEFT`, `TRIM_RIGHT`, `TRIM`<br>[Enum: LOWER_CASE|UPPER_CASE|BASE64_DECODE|NORMALIZE_PATH|REMOVE_WHITESPACE|URL_DECODE|TRIM_LEFT|TRIM_RIGHT|TRIM] Transformers. An ordered list of transformers (starting from index 0) to be applied to the path before matching
551
+
552
+ #### Rule List Rules Spec Port Matcher
553
+
554
+ A [`port_matcher`](#rule-list-rules-spec-port-matcher) block (within [`rule_list.rules.spec`](#rule-list-rules-spec)) supports the following:
555
+
556
+ <a id="rule-list-rules-spec-port-matcher-invert-matcher"></a>&#x2022; [`invert_matcher`](#rule-list-rules-spec-port-matcher-invert-matcher) - Optional Bool<br>Invert Port Matcher. Invert the match result
557
+
558
+ <a id="rule-list-rules-spec-port-matcher-ports"></a>&#x2022; [`ports`](#rule-list-rules-spec-port-matcher-ports) - Optional List<br>Port Ranges. A list of strings, each of which is a single port value or a tuple of start and end port values separated by '-'. The start and end values are considered to be part of the range
559
+
560
+ #### Rule List Rules Spec Query Params
561
+
562
+ A [`query_params`](#rule-list-rules-spec-query-params) block (within [`rule_list.rules.spec`](#rule-list-rules-spec)) supports the following:
563
+
564
+ <a id="rule-list-rules-spec-query-params-check-not-present"></a>&#x2022; [`check_not_present`](#rule-list-rules-spec-query-params-check-not-present) - Optional Block<br>Enable this option
565
+
566
+ <a id="rule-list-rules-spec-query-params-check-present"></a>&#x2022; [`check_present`](#rule-list-rules-spec-query-params-check-present) - Optional Block<br>Enable this option
567
+
568
+ <a id="rule-list-rules-spec-query-params-invert-matcher"></a>&#x2022; [`invert_matcher`](#rule-list-rules-spec-query-params-invert-matcher) - Optional Bool<br>Invert Query Parameter Matcher. Invert the match result
569
+
570
+ <a id="rule-list-rules-spec-query-params-item"></a>&#x2022; [`item`](#rule-list-rules-spec-query-params-item) - Optional Block<br>Matcher. A matcher specifies multiple criteria for matching an input string. The match is considered successful if any of the criteria are satisfied. The set of supported match criteria includes a list of exact values and a list of regular expressions<br>See [Item](#rule-list-rules-spec-query-params-item) below.
571
+
572
+ <a id="rule-list-rules-spec-query-params-key"></a>&#x2022; [`key`](#rule-list-rules-spec-query-params-key) - Optional String<br>Query Parameter Name. A case-sensitive HTTP query parameter name
573
+
574
+ #### Rule List Rules Spec Query Params Item
575
+
576
+ An [`item`](#rule-list-rules-spec-query-params-item) block (within [`rule_list.rules.spec.query_params`](#rule-list-rules-spec-query-params)) supports the following:
577
+
578
+ <a id="rule-list-rules-spec-query-params-item-exact-values"></a>&#x2022; [`exact_values`](#rule-list-rules-spec-query-params-item-exact-values) - Optional List<br>Exact Values. A list of exact values to match the input against
579
+
580
+ <a id="rule-list-rules-spec-query-params-item-regex-values"></a>&#x2022; [`regex_values`](#rule-list-rules-spec-query-params-item-regex-values) - Optional List<br>Regex Values. A list of regular expressions to match the input against
581
+
582
+ <a id="rule-list-rules-spec-query-params-item-transformers"></a>&#x2022; [`transformers`](#rule-list-rules-spec-query-params-item-transformers) - Optional List Defaults to `TRANSFORMER_NONE`<br>Possible values are `LOWER_CASE`, `UPPER_CASE`, `BASE64_DECODE`, `NORMALIZE_PATH`, `REMOVE_WHITESPACE`, `URL_DECODE`, `TRIM_LEFT`, `TRIM_RIGHT`, `TRIM`<br>[Enum: LOWER_CASE|UPPER_CASE|BASE64_DECODE|NORMALIZE_PATH|REMOVE_WHITESPACE|URL_DECODE|TRIM_LEFT|TRIM_RIGHT|TRIM] Transformers. An ordered list of transformers (starting from index 0) to be applied to the path before matching
583
+
584
+ #### Rule List Rules Spec Request Constraints
585
+
586
+ A [`request_constraints`](#rule-list-rules-spec-request-constraints) block (within [`rule_list.rules.spec`](#rule-list-rules-spec)) supports the following:
587
+
588
+ <a id="rule-list-rules-spec-request-constraints-max-cookie-count-exceeds"></a>&#x2022; [`max_cookie_count_exceeds`](#rule-list-rules-spec-request-constraints-max-cookie-count-exceeds) - Optional Number<br>Match on the Count for all Cookies that exceed this value
589
+
590
+ <a id="rule-list-rules-spec-request-constraints-max-cookie-count-none"></a>&#x2022; [`max_cookie_count_none`](#rule-list-rules-spec-request-constraints-max-cookie-count-none) - Optional Block<br>Enable this option
591
+
592
+ <a id="rule-list-rules-spec-request-constraints-max-cookie-key-size-exceeds"></a>&#x2022; [`max_cookie_key_size_exceeds`](#rule-list-rules-spec-request-constraints-max-cookie-key-size-exceeds) - Optional Number<br>Match on the Name Size per Cookie that exceed this value
593
+
594
+ <a id="rule-list-rules-spec-request-constraints-max-cookie-key-size-none"></a>&#x2022; [`max_cookie_key_size_none`](#rule-list-rules-spec-request-constraints-max-cookie-key-size-none) - Optional Block<br>Enable this option
595
+
596
+ <a id="rule-list-rules-spec-request-constraints-max-cookie-value-size-exceeds"></a>&#x2022; [`max_cookie_value_size_exceeds`](#rule-list-rules-spec-request-constraints-max-cookie-value-size-exceeds) - Optional Number<br>Match on the Value Size per Cookie that exceed this value
597
+
598
+ <a id="rule-list-rules-spec-request-constraints-max-cookie-value-size-none"></a>&#x2022; [`max_cookie_value_size_none`](#rule-list-rules-spec-request-constraints-max-cookie-value-size-none) - Optional Block<br>Enable this option
599
+
600
+ <a id="rule-list-rules-spec-request-constraints-max-header-count-exceeds"></a>&#x2022; [`max_header_count_exceeds`](#rule-list-rules-spec-request-constraints-max-header-count-exceeds) - Optional Number<br>Match on the Count for all Headers that exceed this value
601
+
602
+ <a id="rule-list-rules-spec-request-constraints-max-header-count-none"></a>&#x2022; [`max_header_count_none`](#rule-list-rules-spec-request-constraints-max-header-count-none) - Optional Block<br>Enable this option
603
+
604
+ <a id="rule-list-rules-spec-request-constraints-max-header-key-size-exceeds"></a>&#x2022; [`max_header_key_size_exceeds`](#rule-list-rules-spec-request-constraints-max-header-key-size-exceeds) - Optional Number<br>Match on the Name Size per Header that exceed this value
605
+
606
+ <a id="rule-list-rules-spec-request-constraints-max-header-key-size-none"></a>&#x2022; [`max_header_key_size_none`](#rule-list-rules-spec-request-constraints-max-header-key-size-none) - Optional Block<br>Enable this option
607
+
608
+ <a id="rule-list-rules-spec-request-constraints-max-header-value-size-exceeds"></a>&#x2022; [`max_header_value_size_exceeds`](#rule-list-rules-spec-request-constraints-max-header-value-size-exceeds) - Optional Number<br>Match on the Value Size per Header that exceed this value
609
+
610
+ <a id="rule-list-rules-spec-request-constraints-max-header-value-size-none"></a>&#x2022; [`max_header_value_size_none`](#rule-list-rules-spec-request-constraints-max-header-value-size-none) - Optional Block<br>Enable this option
611
+
612
+ <a id="rule-list-rules-spec-request-constraints-max-parameter-count-exceeds"></a>&#x2022; [`max_parameter_count_exceeds`](#rule-list-rules-spec-request-constraints-max-parameter-count-exceeds) - Optional Number<br>Match on the Parameter Count that exceed this value
613
+
614
+ <a id="rule-list-rules-spec-request-constraints-max-parameter-count-none"></a>&#x2022; [`max_parameter_count_none`](#rule-list-rules-spec-request-constraints-max-parameter-count-none) - Optional Block<br>Enable this option
615
+
616
+ <a id="rule-list-rules-spec-request-constraints-max-parameter-name-size-exceeds"></a>&#x2022; [`max_parameter_name_size_exceeds`](#rule-list-rules-spec-request-constraints-max-parameter-name-size-exceeds) - Optional Number<br>Match on the Parameter Name Size that exceed this value
617
+
618
+ <a id="rule-list-rules-spec-request-constraints-max-parameter-name-size-none"></a>&#x2022; [`max_parameter_name_size_none`](#rule-list-rules-spec-request-constraints-max-parameter-name-size-none) - Optional Block<br>Enable this option
619
+
620
+ <a id="rule-list-rules-spec-request-constraints-max-parameter-value-size-exceeds"></a>&#x2022; [`max_parameter_value_size_exceeds`](#rule-list-rules-spec-request-constraints-max-parameter-value-size-exceeds) - Optional Number<br>Match on the Parameter Value Size that exceed this value
621
+
622
+ <a id="rule-list-rules-spec-request-constraints-max-parameter-value-size-none"></a>&#x2022; [`max_parameter_value_size_none`](#rule-list-rules-spec-request-constraints-max-parameter-value-size-none) - Optional Block<br>Enable this option
623
+
624
+ <a id="rule-list-rules-spec-request-constraints-max-query-size-exceeds"></a>&#x2022; [`max_query_size_exceeds`](#rule-list-rules-spec-request-constraints-max-query-size-exceeds) - Optional Number<br>Match on the URL Query Size that exceed this value
625
+
626
+ <a id="rule-list-rules-spec-request-constraints-max-query-size-none"></a>&#x2022; [`max_query_size_none`](#rule-list-rules-spec-request-constraints-max-query-size-none) - Optional Block<br>Enable this option
627
+
628
+ <a id="rule-list-rules-spec-request-constraints-max-request-line-size-exceeds"></a>&#x2022; [`max_request_line_size_exceeds`](#rule-list-rules-spec-request-constraints-max-request-line-size-exceeds) - Optional Number<br>Match on the Request Line Size that exceed this value
629
+
630
+ <a id="rule-list-rules-spec-request-constraints-max-request-line-size-none"></a>&#x2022; [`max_request_line_size_none`](#rule-list-rules-spec-request-constraints-max-request-line-size-none) - Optional Block<br>Enable this option
631
+
632
+ <a id="rule-list-rules-spec-request-constraints-max-request-size-exceeds"></a>&#x2022; [`max_request_size_exceeds`](#rule-list-rules-spec-request-constraints-max-request-size-exceeds) - Optional Number<br>Match on the Request Size that exceed this value
633
+
634
+ <a id="rule-list-rules-spec-request-constraints-max-request-size-none"></a>&#x2022; [`max_request_size_none`](#rule-list-rules-spec-request-constraints-max-request-size-none) - Optional Block<br>Enable this option
635
+
636
+ <a id="rule-list-rules-spec-request-constraints-max-url-size-exceeds"></a>&#x2022; [`max_url_size_exceeds`](#rule-list-rules-spec-request-constraints-max-url-size-exceeds) - Optional Number<br>Match on the URL Size that exceed this value
637
+
638
+ <a id="rule-list-rules-spec-request-constraints-max-url-size-none"></a>&#x2022; [`max_url_size_none`](#rule-list-rules-spec-request-constraints-max-url-size-none) - Optional Block<br>Enable this option
639
+
640
+ #### Rule List Rules Spec Segment Policy
641
+
642
+ A [`segment_policy`](#rule-list-rules-spec-segment-policy) block (within [`rule_list.rules.spec`](#rule-list-rules-spec)) supports the following:
643
+
644
+ <a id="rule-list-rules-spec-segment-policy-dst-any"></a>&#x2022; [`dst_any`](#rule-list-rules-spec-segment-policy-dst-any) - Optional Block<br>Enable this option
645
+
646
+ <a id="rule-list-rules-spec-segment-policy-dst-segments"></a>&#x2022; [`dst_segments`](#rule-list-rules-spec-segment-policy-dst-segments) - Optional Block<br>Segment List. List of references to Segments<br>See [Dst Segments](#rule-list-rules-spec-segment-policy-dst-segments) below.
647
+
648
+ <a id="rule-list-rules-spec-segment-policy-intra-segment"></a>&#x2022; [`intra_segment`](#rule-list-rules-spec-segment-policy-intra-segment) - Optional Block<br>Enable this option
649
+
650
+ <a id="rule-list-rules-spec-segment-policy-src-any"></a>&#x2022; [`src_any`](#rule-list-rules-spec-segment-policy-src-any) - Optional Block<br>Enable this option
651
+
652
+ <a id="rule-list-rules-spec-segment-policy-src-segments"></a>&#x2022; [`src_segments`](#rule-list-rules-spec-segment-policy-src-segments) - Optional Block<br>Segment List. List of references to Segments<br>See [Src Segments](#rule-list-rules-spec-segment-policy-src-segments) below.
653
+
654
+ #### Rule List Rules Spec Segment Policy Dst Segments
655
+
656
+ A [`dst_segments`](#rule-list-rules-spec-segment-policy-dst-segments) block (within [`rule_list.rules.spec.segment_policy`](#rule-list-rules-spec-segment-policy)) supports the following:
657
+
658
+ <a id="rule-list-rules-spec-segment-policy-dst-segments-segments"></a>&#x2022; [`segments`](#rule-list-rules-spec-segment-policy-dst-segments-segments) - Optional Block<br>Segments. Select list of segments<br>See [Segments](#rule-list-rules-spec-segment-policy-dst-segments-segments) below.
659
+
660
+ #### Rule List Rules Spec Segment Policy Dst Segments Segments
661
+
662
+ A [`segments`](#rule-list-rules-spec-segment-policy-dst-segments-segments) block (within [`rule_list.rules.spec.segment_policy.dst_segments`](#rule-list-rules-spec-segment-policy-dst-segments)) supports the following:
663
+
664
+ <a id="rule-list-rules-spec-segment-policy-dst-segments-segments-name"></a>&#x2022; [`name`](#rule-list-rules-spec-segment-policy-dst-segments-segments-name) - Optional String<br>Name. When a configuration object(e.g. virtual_host) refers to another(e.g route) then name will hold the referred object's(e.g. route's) name
665
+
666
+ <a id="rule-list-rules-spec-segment-policy-dst-segments-segments-namespace"></a>&#x2022; [`namespace`](#rule-list-rules-spec-segment-policy-dst-segments-segments-namespace) - Optional String<br>Namespace. When a configuration object(e.g. virtual_host) refers to another(e.g route) then namespace will hold the referred object's(e.g. route's) namespace
667
+
668
+ <a id="rule-list-rules-spec-segment-policy-dst-segments-segments-tenant"></a>&#x2022; [`tenant`](#rule-list-rules-spec-segment-policy-dst-segments-segments-tenant) - Optional String<br>Tenant. When a configuration object(e.g. virtual_host) refers to another(e.g route) then tenant will hold the referred object's(e.g. route's) tenant
669
+
670
+ #### Rule List Rules Spec Segment Policy Src Segments
671
+
672
+ A [`src_segments`](#rule-list-rules-spec-segment-policy-src-segments) block (within [`rule_list.rules.spec.segment_policy`](#rule-list-rules-spec-segment-policy)) supports the following:
673
+
674
+ <a id="rule-list-rules-spec-segment-policy-src-segments-segments"></a>&#x2022; [`segments`](#rule-list-rules-spec-segment-policy-src-segments-segments) - Optional Block<br>Segments. Select list of segments<br>See [Segments](#rule-list-rules-spec-segment-policy-src-segments-segments) below.
675
+
676
+ #### Rule List Rules Spec Segment Policy Src Segments Segments
677
+
678
+ A [`segments`](#rule-list-rules-spec-segment-policy-src-segments-segments) block (within [`rule_list.rules.spec.segment_policy.src_segments`](#rule-list-rules-spec-segment-policy-src-segments)) supports the following:
679
+
680
+ <a id="rule-list-rules-spec-segment-policy-src-segments-segments-name"></a>&#x2022; [`name`](#rule-list-rules-spec-segment-policy-src-segments-segments-name) - Optional String<br>Name. When a configuration object(e.g. virtual_host) refers to another(e.g route) then name will hold the referred object's(e.g. route's) name
681
+
682
+ <a id="rule-list-rules-spec-segment-policy-src-segments-segments-namespace"></a>&#x2022; [`namespace`](#rule-list-rules-spec-segment-policy-src-segments-segments-namespace) - Optional String<br>Namespace. When a configuration object(e.g. virtual_host) refers to another(e.g route) then namespace will hold the referred object's(e.g. route's) namespace
683
+
684
+ <a id="rule-list-rules-spec-segment-policy-src-segments-segments-tenant"></a>&#x2022; [`tenant`](#rule-list-rules-spec-segment-policy-src-segments-segments-tenant) - Optional String<br>Tenant. When a configuration object(e.g. virtual_host) refers to another(e.g route) then tenant will hold the referred object's(e.g. route's) tenant
685
+
686
+ #### Rule List Rules Spec TLS Fingerprint Matcher
687
+
688
+ A [`tls_fingerprint_matcher`](#rule-list-rules-spec-tls-fingerprint-matcher) block (within [`rule_list.rules.spec`](#rule-list-rules-spec)) supports the following:
689
+
690
+ <a id="rule-list-rules-spec-tls-fingerprint-matcher-classes"></a>&#x2022; [`classes`](#rule-list-rules-spec-tls-fingerprint-matcher-classes) - Optional List Defaults to `TLS_FINGERPRINT_NONE`<br>Possible values are `TLS_FINGERPRINT_NONE`, `ANY_MALICIOUS_FINGERPRINT`, `ADWARE`, `ADWIND`, `DRIDEX`, `GOOTKIT`, `GOZI`, `JBIFROST`, `QUAKBOT`, `RANSOMWARE`, `TROLDESH`, `TOFSEE`, `TORRENTLOCKER`, `TRICKBOT`<br>[Enum: TLS_FINGERPRINT_NONE|ANY_MALICIOUS_FINGERPRINT|ADWARE|ADWIND|DRIDEX|GOOTKIT|GOZI|JBIFROST|QUAKBOT|RANSOMWARE|TROLDESH|TOFSEE|TORRENTLOCKER|TRICKBOT] TLS fingerprint classes. A list of known classes of TLS fingerprints to match the input TLS JA3 fingerprint against
691
+
692
+ <a id="rule-list-rules-spec-tls-fingerprint-matcher-exact-values"></a>&#x2022; [`exact_values`](#rule-list-rules-spec-tls-fingerprint-matcher-exact-values) - Optional List<br>Exact Values. A list of exact TLS JA3 fingerprints to match the input TLS JA3 fingerprint against
693
+
694
+ <a id="rule-list-rules-spec-tls-fingerprint-matcher-excluded-values"></a>&#x2022; [`excluded_values`](#rule-list-rules-spec-tls-fingerprint-matcher-excluded-values) - Optional List<br>Excluded Values. A list of TLS JA3 fingerprints to be excluded when matching the input TLS JA3 fingerprint. This can be used to skip known false positives when using one or more known TLS fingerprint classes in the enclosing matcher
695
+
696
+ #### Rule List Rules Spec User Identity Matcher
697
+
698
+ An [`user_identity_matcher`](#rule-list-rules-spec-user-identity-matcher) block (within [`rule_list.rules.spec`](#rule-list-rules-spec)) supports the following:
699
+
700
+ <a id="rule-list-rules-spec-user-identity-matcher-exact-values"></a>&#x2022; [`exact_values`](#rule-list-rules-spec-user-identity-matcher-exact-values) - Optional List<br>Exact Values. A list of exact values to match the input against
701
+
702
+ <a id="rule-list-rules-spec-user-identity-matcher-regex-values"></a>&#x2022; [`regex_values`](#rule-list-rules-spec-user-identity-matcher-regex-values) - Optional List<br>Regex Values. A list of regular expressions to match the input against
703
+
704
+ #### Rule List Rules Spec WAF Action
705
+
706
+ A [`waf_action`](#rule-list-rules-spec-waf-action) block (within [`rule_list.rules.spec`](#rule-list-rules-spec)) supports the following:
707
+
708
+ <a id="rule-list-rules-spec-waf-action-app-firewall-detection-control"></a>&#x2022; [`app_firewall_detection_control`](#rule-list-rules-spec-waf-action-app-firewall-detection-control) - Optional Block<br>App Firewall Detection Control. Define the list of Signature IDs, Violations, Attack Types and Bot Names that should be excluded from triggering on the defined match criteria<br>See [App Firewall Detection Control](#rule-list-rules-spec-waf-action-app-firewall-detection-control) below.
709
+
710
+ <a id="rule-list-rules-spec-waf-action-none"></a>&#x2022; [`none`](#rule-list-rules-spec-waf-action-none) - Optional Block<br>Enable this option
711
+
712
+ <a id="rule-list-rules-spec-waf-action-waf-skip-processing"></a>&#x2022; [`waf_skip_processing`](#rule-list-rules-spec-waf-action-waf-skip-processing) - Optional Block<br>Enable this option
713
+
714
+ #### Rule List Rules Spec WAF Action App Firewall Detection Control
715
+
716
+ An [`app_firewall_detection_control`](#rule-list-rules-spec-waf-action-app-firewall-detection-control) block (within [`rule_list.rules.spec.waf_action`](#rule-list-rules-spec-waf-action)) supports the following:
717
+
718
+ <a id="rule-list-rules-spec-waf-action-app-firewall-detection-control-exclude-attack-type-contexts"></a>&#x2022; [`exclude_attack_type_contexts`](#rule-list-rules-spec-waf-action-app-firewall-detection-control-exclude-attack-type-contexts) - Optional Block<br>Attack Types. Attack Types to be excluded for the defined match criteria<br>See [Exclude Attack Type Contexts](#rule-list-rules-spec-waf-action-app-firewall-detection-control-exclude-attack-type-contexts) below.
719
+
720
+ <a id="rule-list-rules-spec-waf-action-app-firewall-detection-control-exclude-bot-name-contexts"></a>&#x2022; [`exclude_bot_name_contexts`](#rule-list-rules-spec-waf-action-app-firewall-detection-control-exclude-bot-name-contexts) - Optional Block<br>Bot Names. Bot Names to be excluded for the defined match criteria<br>See [Exclude Bot Name Contexts](#rule-list-rules-spec-waf-action-app-firewall-detection-control-exclude-bot-name-contexts) below.
721
+
722
+ <a id="rule-list-rules-spec-waf-action-app-firewall-detection-control-exclude-signature-contexts"></a>&#x2022; [`exclude_signature_contexts`](#rule-list-rules-spec-waf-action-app-firewall-detection-control-exclude-signature-contexts) - Optional Block<br>Signature IDs. Signature IDs to be excluded for the defined match criteria<br>See [Exclude Signature Contexts](#rule-list-rules-spec-waf-action-app-firewall-detection-control-exclude-signature-contexts) below.
723
+
724
+ <a id="rule-list-rules-spec-waf-action-app-firewall-detection-control-exclude-violation-contexts"></a>&#x2022; [`exclude_violation_contexts`](#rule-list-rules-spec-waf-action-app-firewall-detection-control-exclude-violation-contexts) - Optional Block<br>Violations. Violations to be excluded for the defined match criteria<br>See [Exclude Violation Contexts](#rule-list-rules-spec-waf-action-app-firewall-detection-control-exclude-violation-contexts) below.
725
+
726
+ #### Rule List Rules Spec WAF Action App Firewall Detection Control Exclude Attack Type Contexts
727
+
728
+ An [`exclude_attack_type_contexts`](#rule-list-rules-spec-waf-action-app-firewall-detection-control-exclude-attack-type-contexts) block (within [`rule_list.rules.spec.waf_action.app_firewall_detection_control`](#rule-list-rules-spec-waf-action-app-firewall-detection-control)) supports the following:
729
+
730
+ <a id="rule-list-rules-spec-waf-action-app-firewall-detection-control-exclude-attack-type-contexts-context"></a>&#x2022; [`context`](#rule-list-rules-spec-waf-action-app-firewall-detection-control-exclude-attack-type-contexts-context) - Optional String Defaults to `CONTEXT_ANY`<br>Possible values are `CONTEXT_ANY`, `CONTEXT_BODY`, `CONTEXT_REQUEST`, `CONTEXT_RESPONSE`, `CONTEXT_PARAMETER`, `CONTEXT_HEADER`, `CONTEXT_COOKIE`, `CONTEXT_URL`, `CONTEXT_URI`<br>[Enum: CONTEXT_ANY|CONTEXT_BODY|CONTEXT_REQUEST|CONTEXT_RESPONSE|CONTEXT_PARAMETER|CONTEXT_HEADER|CONTEXT_COOKIE|CONTEXT_URL|CONTEXT_URI] WAF Exclusion Context Options. The available contexts for Exclusion rules. - CONTEXT_ANY: CONTEXT_ANY Detection will be excluded for all contexts. - CONTEXT_BODY: CONTEXT_BODY Detection will be excluded for the request body. - CONTEXT_REQUEST: CONTEXT_REQUEST Detection will be excluded for the request. - CONTEXT_RESPONSE: CONTEXT_RESPONSE - CONTEXT_PARAMETER: CONTEXT_PARAMETER Detection will be excluded for the parameters. The parameter name is required in the Context name field. If the field is left empty, the detection will be excluded for all parameters. - CONTEXT_HEADER: CONTEXT_HEADER Detection will be excluded for the headers. The header name is required in the Context name field. If the field is left empty, the detection will be excluded for all headers. - CONTEXT_COOKIE: CONTEXT_COOKIE Detection will be excluded for the cookies. The cookie name is required in the Context name field. If the field is left empty, the detection will be excluded for all cookies. - CONTEXT_URL: CONTEXT_URL Detection will be excluded for the request URL. - CONTEXT_URI: CONTEXT_URI
731
+
732
+ <a id="rule-list-rules-spec-waf-action-app-firewall-detection-control-exclude-attack-type-contexts-context-name"></a>&#x2022; [`context_name`](#rule-list-rules-spec-waf-action-app-firewall-detection-control-exclude-attack-type-contexts-context-name) - Optional String<br>Context Name. Relevant only for contexts: Header, Cookie and Parameter. Name of the Context that the WAF Exclusion Rules will check. Wildcard matching can be used by prefixing or suffixing the context name with an wildcard asterisk (*)
733
+
734
+ <a id="rule-list-rules-spec-waf-action-app-firewall-detection-control-exclude-attack-type-contexts-exclude-attack-type"></a>&#x2022; [`exclude_attack_type`](#rule-list-rules-spec-waf-action-app-firewall-detection-control-exclude-attack-type-contexts-exclude-attack-type) - Optional String Defaults to `ATTACK_TYPE_NONE`<br>Possible values are `ATTACK_TYPE_NONE`, `ATTACK_TYPE_NON_BROWSER_CLIENT`, `ATTACK_TYPE_OTHER_APPLICATION_ATTACKS`, `ATTACK_TYPE_TROJAN_BACKDOOR_SPYWARE`, `ATTACK_TYPE_DETECTION_EVASION`, `ATTACK_TYPE_VULNERABILITY_SCAN`, `ATTACK_TYPE_ABUSE_OF_FUNCTIONALITY`, `ATTACK_TYPE_AUTHENTICATION_AUTHORIZATION_ATTACKS`, `ATTACK_TYPE_BUFFER_OVERFLOW`, `ATTACK_TYPE_PREDICTABLE_RESOURCE_LOCATION`, `ATTACK_TYPE_INFORMATION_LEAKAGE`, `ATTACK_TYPE_DIRECTORY_INDEXING`, `ATTACK_TYPE_PATH_TRAVERSAL`, `ATTACK_TYPE_XPATH_INJECTION`, `ATTACK_TYPE_LDAP_INJECTION`, `ATTACK_TYPE_SERVER_SIDE_CODE_INJECTION`, `ATTACK_TYPE_COMMAND_EXECUTION`, `ATTACK_TYPE_SQL_INJECTION`, `ATTACK_TYPE_CROSS_SITE_SCRIPTING`, `ATTACK_TYPE_DENIAL_OF_SERVICE`, `ATTACK_TYPE_HTTP_PARSER_ATTACK`, `ATTACK_TYPE_SESSION_HIJACKING`, `ATTACK_TYPE_HTTP_RESPONSE_SPLITTING`, `ATTACK_TYPE_FORCEFUL_BROWSING`, `ATTACK_TYPE_REMOTE_FILE_INCLUDE`, `ATTACK_TYPE_MALICIOUS_FILE_UPLOAD`, `ATTACK_TYPE_GRAPHQL_PARSER_ATTACK`<br>[Enum: ATTACK_TYPE_NONE|ATTACK_TYPE_NON_BROWSER_CLIENT|ATTACK_TYPE_OTHER_APPLICATION_ATTACKS|ATTACK_TYPE_TROJAN_BACKDOOR_SPYWARE|ATTACK_TYPE_DETECTION_EVASION|ATTACK_TYPE_VULNERABILITY_SCAN|ATTACK_TYPE_ABUSE_OF_FUNCTIONALITY|ATTACK_TYPE_AUTHENTICATION_AUTHORIZATION_ATTACKS|ATTACK_TYPE_BUFFER_OVERFLOW|ATTACK_TYPE_PREDICTABLE_RESOURCE_LOCATION|ATTACK_TYPE_INFORMATION_LEAKAGE|ATTACK_TYPE_DIRECTORY_INDEXING|ATTACK_TYPE_PATH_TRAVERSAL|ATTACK_TYPE_XPATH_INJECTION|ATTACK_TYPE_LDAP_INJECTION|ATTACK_TYPE_SERVER_SIDE_CODE_INJECTION|ATTACK_TYPE_COMMAND_EXECUTION|ATTACK_TYPE_SQL_INJECTION|ATTACK_TYPE_CROSS_SITE_SCRIPTING|ATTACK_TYPE_DENIAL_OF_SERVICE|ATTACK_TYPE_HTTP_PARSER_ATTACK|ATTACK_TYPE_SESSION_HIJACKING|ATTACK_TYPE_HTTP_RESPONSE_SPLITTING|ATTACK_TYPE_FORCEFUL_BROWSING|ATTACK_TYPE_REMOTE_FILE_INCLUDE|ATTACK_TYPE_MALICIOUS_FILE_UPLOAD|ATTACK_TYPE_GRAPHQL_PARSER_ATTACK] Attack Types. List of all Attack Types ATTACK_TYPE_NONE ATTACK_TYPE_NON_BROWSER_CLIENT ATTACK_TYPE_OTHER_APPLICATION_ATTACKS ATTACK_TYPE_TROJAN_BACKDOOR_SPYWARE ATTACK_TYPE_DETECTION_EVASION ATTACK_TYPE_VULNERABILITY_SCAN ATTACK_TYPE_ABUSE_OF_FUNCTIONALITY ATTACK_TYPE_AUTHENTICATION_AUTHORIZATION_ATTACKS ATTACK_TYPE_BUFFER_OVERFLOW ATTACK_TYPE_PREDICTABLE_RESOURCE_LOCATION ATTACK_TYPE_INFORMATION_LEAKAGE ATTACK_TYPE_DIRECTORY_INDEXING ATTACK_TYPE_PATH_TRAVERSAL ATTACK_TYPE_XPATH_INJECTION ATTACK_TYPE_LDAP_INJECTION ATTACK_TYPE_SERVER_SIDE_CODE_INJECTION ATTACK_TYPE_COMMAND_EXECUTION ATTACK_TYPE_SQL_INJECTION ATTACK_TYPE_CROSS_SITE_SCRIPTING ATTACK_TYPE_DENIAL_OF_SERVICE ATTACK_TYPE_HTTP_PARSER_ATTACK ATTACK_TYPE_SESSION_HIJACKING ATTACK_TYPE_HTTP_RESPONSE_SPLITTING ATTACK_TYPE_FORCEFUL_BROWSING ATTACK_TYPE_REMOTE_FILE_INCLUDE ATTACK_TYPE_MALICIOUS_FILE_UPLOAD ATTACK_TYPE_GRAPHQL_PARSER_ATTACK
735
+
736
+ #### Rule List Rules Spec WAF Action App Firewall Detection Control Exclude Bot Name Contexts
737
+
738
+ An [`exclude_bot_name_contexts`](#rule-list-rules-spec-waf-action-app-firewall-detection-control-exclude-bot-name-contexts) block (within [`rule_list.rules.spec.waf_action.app_firewall_detection_control`](#rule-list-rules-spec-waf-action-app-firewall-detection-control)) supports the following:
739
+
740
+ <a id="rule-list-rules-spec-waf-action-app-firewall-detection-control-exclude-bot-name-contexts-bot-name"></a>&#x2022; [`bot_name`](#rule-list-rules-spec-waf-action-app-firewall-detection-control-exclude-bot-name-contexts-bot-name) - Optional String<br>Bot Name
741
+
742
+ #### Rule List Rules Spec WAF Action App Firewall Detection Control Exclude Signature Contexts
743
+
744
+ An [`exclude_signature_contexts`](#rule-list-rules-spec-waf-action-app-firewall-detection-control-exclude-signature-contexts) block (within [`rule_list.rules.spec.waf_action.app_firewall_detection_control`](#rule-list-rules-spec-waf-action-app-firewall-detection-control)) supports the following:
745
+
746
+ <a id="rule-list-rules-spec-waf-action-app-firewall-detection-control-exclude-signature-contexts-context"></a>&#x2022; [`context`](#rule-list-rules-spec-waf-action-app-firewall-detection-control-exclude-signature-contexts-context) - Optional String Defaults to `CONTEXT_ANY`<br>Possible values are `CONTEXT_ANY`, `CONTEXT_BODY`, `CONTEXT_REQUEST`, `CONTEXT_RESPONSE`, `CONTEXT_PARAMETER`, `CONTEXT_HEADER`, `CONTEXT_COOKIE`, `CONTEXT_URL`, `CONTEXT_URI`<br>[Enum: CONTEXT_ANY|CONTEXT_BODY|CONTEXT_REQUEST|CONTEXT_RESPONSE|CONTEXT_PARAMETER|CONTEXT_HEADER|CONTEXT_COOKIE|CONTEXT_URL|CONTEXT_URI] WAF Exclusion Context Options. The available contexts for Exclusion rules. - CONTEXT_ANY: CONTEXT_ANY Detection will be excluded for all contexts. - CONTEXT_BODY: CONTEXT_BODY Detection will be excluded for the request body. - CONTEXT_REQUEST: CONTEXT_REQUEST Detection will be excluded for the request. - CONTEXT_RESPONSE: CONTEXT_RESPONSE - CONTEXT_PARAMETER: CONTEXT_PARAMETER Detection will be excluded for the parameters. The parameter name is required in the Context name field. If the field is left empty, the detection will be excluded for all parameters. - CONTEXT_HEADER: CONTEXT_HEADER Detection will be excluded for the headers. The header name is required in the Context name field. If the field is left empty, the detection will be excluded for all headers. - CONTEXT_COOKIE: CONTEXT_COOKIE Detection will be excluded for the cookies. The cookie name is required in the Context name field. If the field is left empty, the detection will be excluded for all cookies. - CONTEXT_URL: CONTEXT_URL Detection will be excluded for the request URL. - CONTEXT_URI: CONTEXT_URI
747
+
748
+ <a id="rule-list-rules-spec-waf-action-app-firewall-detection-control-exclude-signature-contexts-context-name"></a>&#x2022; [`context_name`](#rule-list-rules-spec-waf-action-app-firewall-detection-control-exclude-signature-contexts-context-name) - Optional String<br>Context Name. Relevant only for contexts: Header, Cookie and Parameter. Name of the Context that the WAF Exclusion Rules will check. Wildcard matching can be used by prefixing or suffixing the context name with an wildcard asterisk (*)
749
+
750
+ <a id="rule-list-rules-spec-waf-action-app-firewall-detection-control-exclude-signature-contexts-signature-id"></a>&#x2022; [`signature_id`](#rule-list-rules-spec-waf-action-app-firewall-detection-control-exclude-signature-contexts-signature-id) - Optional Number<br>SignatureID. The allowed values for signature ID are 0 and in the range of 200000001-299999999. 0 implies that all signatures will be excluded for the specified context
751
+
752
+ #### Rule List Rules Spec WAF Action App Firewall Detection Control Exclude Violation Contexts
753
+
754
+ An [`exclude_violation_contexts`](#rule-list-rules-spec-waf-action-app-firewall-detection-control-exclude-violation-contexts) block (within [`rule_list.rules.spec.waf_action.app_firewall_detection_control`](#rule-list-rules-spec-waf-action-app-firewall-detection-control)) supports the following:
755
+
756
+ <a id="rule-list-rules-spec-waf-action-app-firewall-detection-control-exclude-violation-contexts-context"></a>&#x2022; [`context`](#rule-list-rules-spec-waf-action-app-firewall-detection-control-exclude-violation-contexts-context) - Optional String Defaults to `CONTEXT_ANY`<br>Possible values are `CONTEXT_ANY`, `CONTEXT_BODY`, `CONTEXT_REQUEST`, `CONTEXT_RESPONSE`, `CONTEXT_PARAMETER`, `CONTEXT_HEADER`, `CONTEXT_COOKIE`, `CONTEXT_URL`, `CONTEXT_URI`<br>[Enum: CONTEXT_ANY|CONTEXT_BODY|CONTEXT_REQUEST|CONTEXT_RESPONSE|CONTEXT_PARAMETER|CONTEXT_HEADER|CONTEXT_COOKIE|CONTEXT_URL|CONTEXT_URI] WAF Exclusion Context Options. The available contexts for Exclusion rules. - CONTEXT_ANY: CONTEXT_ANY Detection will be excluded for all contexts. - CONTEXT_BODY: CONTEXT_BODY Detection will be excluded for the request body. - CONTEXT_REQUEST: CONTEXT_REQUEST Detection will be excluded for the request. - CONTEXT_RESPONSE: CONTEXT_RESPONSE - CONTEXT_PARAMETER: CONTEXT_PARAMETER Detection will be excluded for the parameters. The parameter name is required in the Context name field. If the field is left empty, the detection will be excluded for all parameters. - CONTEXT_HEADER: CONTEXT_HEADER Detection will be excluded for the headers. The header name is required in the Context name field. If the field is left empty, the detection will be excluded for all headers. - CONTEXT_COOKIE: CONTEXT_COOKIE Detection will be excluded for the cookies. The cookie name is required in the Context name field. If the field is left empty, the detection will be excluded for all cookies. - CONTEXT_URL: CONTEXT_URL Detection will be excluded for the request URL. - CONTEXT_URI: CONTEXT_URI
757
+
758
+ <a id="rule-list-rules-spec-waf-action-app-firewall-detection-control-exclude-violation-contexts-context-name"></a>&#x2022; [`context_name`](#rule-list-rules-spec-waf-action-app-firewall-detection-control-exclude-violation-contexts-context-name) - Optional String<br>Context Name. Relevant only for contexts: Header, Cookie and Parameter. Name of the Context that the WAF Exclusion Rules will check. Wildcard matching can be used by prefixing or suffixing the context name with an wildcard asterisk (*)
759
+
760
+ <a id="rule-list-rules-spec-waf-action-app-firewall-detection-control-exclude-violation-contexts-exclude-violation"></a>&#x2022; [`exclude_violation`](#rule-list-rules-spec-waf-action-app-firewall-detection-control-exclude-violation-contexts-exclude-violation) - Optional String Defaults to `VIOL_NONE`<br>Possible values are `VIOL_NONE`, `VIOL_FILETYPE`, `VIOL_METHOD`, `VIOL_MANDATORY_HEADER`, `VIOL_HTTP_RESPONSE_STATUS`, `VIOL_REQUEST_MAX_LENGTH`, `VIOL_FILE_UPLOAD`, `VIOL_FILE_UPLOAD_IN_BODY`, `VIOL_XML_MALFORMED`, `VIOL_JSON_MALFORMED`, `VIOL_ASM_COOKIE_MODIFIED`, `VIOL_HTTP_PROTOCOL_MULTIPLE_HOST_HEADERS`, `VIOL_HTTP_PROTOCOL_BAD_HOST_HEADER_VALUE`, `VIOL_HTTP_PROTOCOL_UNPARSABLE_REQUEST_CONTENT`, `VIOL_HTTP_PROTOCOL_NULL_IN_REQUEST`, `VIOL_HTTP_PROTOCOL_BAD_HTTP_VERSION`, `VIOL_HTTP_PROTOCOL_SEVERAL_CONTENT_LENGTH_HEADERS`, `VIOL_EVASION_DIRECTORY_TRAVERSALS`, `VIOL_MALFORMED_REQUEST`, `VIOL_EVASION_MULTIPLE_DECODING`, `VIOL_DATA_GUARD`, `VIOL_EVASION_APACHE_WHITESPACE`, `VIOL_COOKIE_MODIFIED`, `VIOL_EVASION_IIS_UNICODE_CODEPOINTS`, `VIOL_EVASION_IIS_BACKSLASHES`, `VIOL_EVASION_PERCENT_U_DECODING`, `VIOL_EVASION_BARE_BYTE_DECODING`, `VIOL_EVASION_BAD_UNESCAPE`, `VIOL_HTTP_PROTOCOL_BODY_IN_GET_OR_HEAD_REQUEST`, `VIOL_ENCODING`, `VIOL_COOKIE_MALFORMED`, `VIOL_GRAPHQL_FORMAT`, `VIOL_GRAPHQL_MALFORMED`, `VIOL_GRAPHQL_INTROSPECTION_QUERY`<br>[Enum: VIOL_NONE|VIOL_FILETYPE|VIOL_METHOD|VIOL_MANDATORY_HEADER|VIOL_HTTP_RESPONSE_STATUS|VIOL_REQUEST_MAX_LENGTH|VIOL_FILE_UPLOAD|VIOL_FILE_UPLOAD_IN_BODY|VIOL_XML_MALFORMED|VIOL_JSON_MALFORMED|VIOL_ASM_COOKIE_MODIFIED|VIOL_HTTP_PROTOCOL_MULTIPLE_HOST_HEADERS|VIOL_HTTP_PROTOCOL_BAD_HOST_HEADER_VALUE|VIOL_HTTP_PROTOCOL_UNPARSABLE_REQUEST_CONTENT|VIOL_HTTP_PROTOCOL_NULL_IN_REQUEST|VIOL_HTTP_PROTOCOL_BAD_HTTP_VERSION|VIOL_HTTP_PROTOCOL_SEVERAL_CONTENT_LENGTH_HEADERS|VIOL_EVASION_DIRECTORY_TRAVERSALS|VIOL_MALFORMED_REQUEST|VIOL_EVASION_MULTIPLE_DECODING|VIOL_DATA_GUARD|VIOL_EVASION_APACHE_WHITESPACE|VIOL_COOKIE_MODIFIED|VIOL_EVASION_IIS_UNICODE_CODEPOINTS|VIOL_EVASION_IIS_BACKSLASHES|VIOL_EVASION_PERCENT_U_DECODING|VIOL_EVASION_BARE_BYTE_DECODING|VIOL_EVASION_BAD_UNESCAPE|VIOL_HTTP_PROTOCOL_BODY_IN_GET_OR_HEAD_REQUEST|VIOL_ENCODING|VIOL_COOKIE_MALFORMED|VIOL_GRAPHQL_FORMAT|VIOL_GRAPHQL_MALFORMED|VIOL_GRAPHQL_INTROSPECTION_QUERY] App Firewall Violation Type. List of all supported Violation Types VIOL_NONE VIOL_FILETYPE VIOL_METHOD VIOL_MANDATORY_HEADER VIOL_HTTP_RESPONSE_STATUS VIOL_REQUEST_MAX_LENGTH VIOL_FILE_UPLOAD VIOL_FILE_UPLOAD_IN_BODY VIOL_XML_MALFORMED VIOL_JSON_MALFORMED VIOL_ASM_COOKIE_MODIFIED VIOL_HTTP_PROTOCOL_MULTIPLE_HOST_HEADERS VIOL_HTTP_PROTOCOL_BAD_HOST_HEADER_VALUE VIOL_HTTP_PROTOCOL_UNPARSABLE_REQUEST_CONTENT VIOL_HTTP_PROTOCOL_NULL_IN_REQUEST VIOL_HTTP_PROTOCOL_BAD_HTTP_VERSION VIOL_HTTP_PROTOCOL_CRLF_CHARACTERS_BEFORE_REQUEST_START VIOL_HTTP_PROTOCOL_NO_HOST_HEADER_IN_HTTP_1_1_REQUEST VIOL_HTTP_PROTOCOL_BAD_MULTIPART_PARAMETERS_PARSING VIOL_HTTP_PROTOCOL_SEVERAL_CONTENT_LENGTH_HEADERS VIOL_HTTP_PROTOCOL_CONTENT_LENGTH_SHOULD_BE_A_POSITIVE_NUMBER VIOL_EVASION_DIRECTORY_TRAVERSALS VIOL_MALFORMED_REQUEST VIOL_EVASION_MULTIPLE_DECODING VIOL_DATA_GUARD VIOL_EVASION_APACHE_WHITESPACE VIOL_COOKIE_MODIFIED VIOL_EVASION_IIS_UNICODE_CODEPOINTS VIOL_EVASION_IIS_BACKSLASHES VIOL_EVASION_PERCENT_U_DECODING VIOL_EVASION_BARE_BYTE_DECODING VIOL_EVASION_BAD_UNESCAPE VIOL_HTTP_PROTOCOL_BAD_MULTIPART_FORMDATA_REQUEST_PARSING VIOL_HTTP_PROTOCOL_BODY_IN_GET_OR_HEAD_REQUEST VIOL_HTTP_PROTOCOL_HIGH_ASCII_CHARACTERS_IN_HEADERS VIOL_ENCODING VIOL_COOKIE_MALFORMED VIOL_GRAPHQL_FORMAT VIOL_GRAPHQL_MALFORMED VIOL_GRAPHQL_INTROSPECTION_QUERY
761
+
762
+ #### Server Name Matcher
763
+
764
+ A [`server_name_matcher`](#server-name-matcher) block supports the following:
765
+
766
+ <a id="server-name-matcher-exact-values"></a>&#x2022; [`exact_values`](#server-name-matcher-exact-values) - Optional List<br>Exact Values. A list of exact values to match the input against
767
+
768
+ <a id="server-name-matcher-regex-values"></a>&#x2022; [`regex_values`](#server-name-matcher-regex-values) - Optional List<br>Regex Values. A list of regular expressions to match the input against
769
+
770
+ #### Server Selector
771
+
772
+ A [`server_selector`](#server-selector) block supports the following:
773
+
774
+ <a id="server-selector-expressions"></a>&#x2022; [`expressions`](#server-selector-expressions) - Optional List<br>Selector Expression. expressions contains the kubernetes style label expression for selections
775
+
776
+ #### Timeouts
777
+
778
+ A [`timeouts`](#timeouts) block supports the following:
779
+
780
+ <a id="timeouts-create"></a>&#x2022; [`create`](#timeouts-create) - Optional String (Defaults to `10 minutes`)<br>Used when creating the resource
781
+
782
+ <a id="timeouts-delete"></a>&#x2022; [`delete`](#timeouts-delete) - Optional String (Defaults to `10 minutes`)<br>Used when deleting the resource
783
+
784
+ <a id="timeouts-read"></a>&#x2022; [`read`](#timeouts-read) - Optional String (Defaults to `5 minutes`)<br>Used when retrieving the resource
785
+
786
+ <a id="timeouts-update"></a>&#x2022; [`update`](#timeouts-update) - Optional String (Defaults to `10 minutes`)<br>Used when updating the resource
787
+
788
+ ## Import
789
+
790
+ Import is supported using the following syntax:
791
+
792
+ ```shell
793
+ # Import using namespace/name format
794
+ terraform import f5xc_service_policy.example system/example
795
+ ```