@robinmordasiewicz/f5xc-terraform-mcp 2.3.0 → 2.4.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +98 -15
- package/dist/docs/data-sources/addon_subscription.md +51 -0
- package/dist/docs/data-sources/address_allocator.md +51 -0
- package/dist/docs/data-sources/advertise_policy.md +51 -0
- package/dist/docs/data-sources/alert_policy.md +51 -0
- package/dist/docs/data-sources/alert_receiver.md +62 -0
- package/dist/docs/data-sources/allowed_tenant.md +51 -0
- package/dist/docs/data-sources/api_crawler.md +51 -0
- package/dist/docs/data-sources/api_credential.md +51 -0
- package/dist/docs/data-sources/api_definition.md +51 -0
- package/dist/docs/data-sources/api_discovery.md +51 -0
- package/dist/docs/data-sources/api_testing.md +51 -0
- package/dist/docs/data-sources/apm.md +51 -0
- package/dist/docs/data-sources/app_api_group.md +51 -0
- package/dist/docs/data-sources/app_firewall.md +62 -0
- package/dist/docs/data-sources/app_setting.md +51 -0
- package/dist/docs/data-sources/app_type.md +51 -0
- package/dist/docs/data-sources/authentication.md +51 -0
- package/dist/docs/data-sources/aws_tgw_site.md +51 -0
- package/dist/docs/data-sources/aws_vpc_site.md +68 -0
- package/dist/docs/data-sources/azure_vnet_site.md +68 -0
- package/dist/docs/data-sources/bgp.md +51 -0
- package/dist/docs/data-sources/bgp_asn_set.md +51 -0
- package/dist/docs/data-sources/bgp_routing_policy.md +51 -0
- package/dist/docs/data-sources/bigip_irule.md +51 -0
- package/dist/docs/data-sources/bot_defense_app_infrastructure.md +51 -0
- package/dist/docs/data-sources/cdn_cache_rule.md +51 -0
- package/dist/docs/data-sources/cdn_loadbalancer.md +51 -0
- package/dist/docs/data-sources/certificate.md +66 -0
- package/dist/docs/data-sources/certificate_chain.md +51 -0
- package/dist/docs/data-sources/child_tenant.md +51 -0
- package/dist/docs/data-sources/child_tenant_manager.md +51 -0
- package/dist/docs/data-sources/cloud_connect.md +51 -0
- package/dist/docs/data-sources/cloud_credentials.md +62 -0
- package/dist/docs/data-sources/cloud_elastic_ip.md +51 -0
- package/dist/docs/data-sources/cloud_link.md +51 -0
- package/dist/docs/data-sources/cluster.md +51 -0
- package/dist/docs/data-sources/cminstance.md +51 -0
- package/dist/docs/data-sources/code_base_integration.md +51 -0
- package/dist/docs/data-sources/contact.md +51 -0
- package/dist/docs/data-sources/container_registry.md +51 -0
- package/dist/docs/data-sources/crl.md +51 -0
- package/dist/docs/data-sources/customer_support.md +51 -0
- package/dist/docs/data-sources/data_group.md +51 -0
- package/dist/docs/data-sources/data_type.md +51 -0
- package/dist/docs/data-sources/dc_cluster_group.md +51 -0
- package/dist/docs/data-sources/discovery.md +51 -0
- package/dist/docs/data-sources/dns_compliance_checks.md +51 -0
- package/dist/docs/data-sources/dns_domain.md +51 -0
- package/dist/docs/data-sources/dns_lb_health_check.md +51 -0
- package/dist/docs/data-sources/dns_lb_pool.md +51 -0
- package/dist/docs/data-sources/dns_load_balancer.md +51 -0
- package/dist/docs/data-sources/dns_zone.md +62 -0
- package/dist/docs/data-sources/endpoint.md +51 -0
- package/dist/docs/data-sources/enhanced_firewall_policy.md +51 -0
- package/dist/docs/data-sources/external_connector.md +51 -0
- package/dist/docs/data-sources/fast_acl.md +51 -0
- package/dist/docs/data-sources/fast_acl_rule.md +51 -0
- package/dist/docs/data-sources/filter_set.md +51 -0
- package/dist/docs/data-sources/fleet.md +51 -0
- package/dist/docs/data-sources/forward_proxy_policy.md +51 -0
- package/dist/docs/data-sources/forwarding_class.md +51 -0
- package/dist/docs/data-sources/gcp_vpc_site.md +68 -0
- package/dist/docs/data-sources/geo_location_set.md +51 -0
- package/dist/docs/data-sources/global_log_receiver.md +51 -0
- package/dist/docs/data-sources/healthcheck.md +62 -0
- package/dist/docs/data-sources/http_loadbalancer.md +60 -0
- package/dist/docs/data-sources/ike1.md +51 -0
- package/dist/docs/data-sources/ike2.md +51 -0
- package/dist/docs/data-sources/ike_phase1_profile.md +51 -0
- package/dist/docs/data-sources/ike_phase2_profile.md +51 -0
- package/dist/docs/data-sources/infraprotect_asn.md +51 -0
- package/dist/docs/data-sources/infraprotect_asn_prefix.md +51 -0
- package/dist/docs/data-sources/infraprotect_deny_list_rule.md +51 -0
- package/dist/docs/data-sources/infraprotect_firewall_rule.md +51 -0
- package/dist/docs/data-sources/infraprotect_firewall_rule_group.md +51 -0
- package/dist/docs/data-sources/infraprotect_internet_prefix_advertisement.md +51 -0
- package/dist/docs/data-sources/infraprotect_tunnel.md +51 -0
- package/dist/docs/data-sources/ip_prefix_set.md +51 -0
- package/dist/docs/data-sources/irule.md +51 -0
- package/dist/docs/data-sources/k8s_cluster.md +51 -0
- package/dist/docs/data-sources/k8s_cluster_role.md +51 -0
- package/dist/docs/data-sources/k8s_cluster_role_binding.md +51 -0
- package/dist/docs/data-sources/k8s_pod_security_admission.md +51 -0
- package/dist/docs/data-sources/k8s_pod_security_policy.md +51 -0
- package/dist/docs/data-sources/log_receiver.md +62 -0
- package/dist/docs/data-sources/malicious_user_mitigation.md +51 -0
- package/dist/docs/data-sources/managed_tenant.md +51 -0
- package/dist/docs/data-sources/namespace.md +58 -0
- package/dist/docs/data-sources/nat_policy.md +51 -0
- package/dist/docs/data-sources/network_connector.md +51 -0
- package/dist/docs/data-sources/network_firewall.md +51 -0
- package/dist/docs/data-sources/network_interface.md +51 -0
- package/dist/docs/data-sources/network_policy.md +51 -0
- package/dist/docs/data-sources/network_policy_rule.md +51 -0
- package/dist/docs/data-sources/network_policy_view.md +51 -0
- package/dist/docs/data-sources/nfv_service.md +51 -0
- package/dist/docs/data-sources/oidc_provider.md +51 -0
- package/dist/docs/data-sources/origin_pool.md +65 -0
- package/dist/docs/data-sources/policer.md +51 -0
- package/dist/docs/data-sources/policy_based_routing.md +51 -0
- package/dist/docs/data-sources/protocol_inspection.md +51 -0
- package/dist/docs/data-sources/protocol_policer.md +51 -0
- package/dist/docs/data-sources/proxy.md +51 -0
- package/dist/docs/data-sources/quota.md +51 -0
- package/dist/docs/data-sources/rate_limiter.md +64 -0
- package/dist/docs/data-sources/rate_limiter_policy.md +51 -0
- package/dist/docs/data-sources/registration.md +51 -0
- package/dist/docs/data-sources/report_config.md +51 -0
- package/dist/docs/data-sources/role.md +51 -0
- package/dist/docs/data-sources/route.md +51 -0
- package/dist/docs/data-sources/secret_management_access.md +51 -0
- package/dist/docs/data-sources/secret_policy.md +51 -0
- package/dist/docs/data-sources/secret_policy_rule.md +51 -0
- package/dist/docs/data-sources/securemesh_site.md +51 -0
- package/dist/docs/data-sources/securemesh_site_v2.md +51 -0
- package/dist/docs/data-sources/segment.md +51 -0
- package/dist/docs/data-sources/sensitive_data_policy.md +51 -0
- package/dist/docs/data-sources/service_policy.md +64 -0
- package/dist/docs/data-sources/service_policy_rule.md +51 -0
- package/dist/docs/data-sources/site_mesh_group.md +51 -0
- package/dist/docs/data-sources/srv6_network_slice.md +51 -0
- package/dist/docs/data-sources/subnet.md +51 -0
- package/dist/docs/data-sources/tcp_loadbalancer.md +51 -0
- package/dist/docs/data-sources/tenant_configuration.md +51 -0
- package/dist/docs/data-sources/tenant_profile.md +51 -0
- package/dist/docs/data-sources/ticket_tracking_system.md +51 -0
- package/dist/docs/data-sources/token.md +51 -0
- package/dist/docs/data-sources/tpm_api_key.md +51 -0
- package/dist/docs/data-sources/tpm_category.md +51 -0
- package/dist/docs/data-sources/tpm_manager.md +51 -0
- package/dist/docs/data-sources/trusted_ca_list.md +51 -0
- package/dist/docs/data-sources/tunnel.md +51 -0
- package/dist/docs/data-sources/udp_loadbalancer.md +51 -0
- package/dist/docs/data-sources/usb_policy.md +51 -0
- package/dist/docs/data-sources/user_identification.md +51 -0
- package/dist/docs/data-sources/virtual_host.md +51 -0
- package/dist/docs/data-sources/virtual_k8s.md +51 -0
- package/dist/docs/data-sources/virtual_network.md +51 -0
- package/dist/docs/data-sources/virtual_site.md +68 -0
- package/dist/docs/data-sources/voltshare_admin_policy.md +51 -0
- package/dist/docs/data-sources/voltstack_site.md +51 -0
- package/dist/docs/data-sources/waf_exclusion_policy.md +51 -0
- package/dist/docs/data-sources/workload.md +51 -0
- package/dist/docs/data-sources/workload_flavor.md +51 -0
- package/dist/docs/functions/blindfold.md +133 -0
- package/dist/docs/functions/blindfold_file.md +154 -0
- package/dist/docs/guides/authentication.md +389 -0
- package/dist/docs/guides/blindfold.md +509 -0
- package/dist/docs/guides/http-loadbalancer.md +274 -0
- package/dist/docs/resources/addon_subscription.md +136 -0
- package/dist/docs/resources/address_allocator.md +106 -0
- package/dist/docs/resources/advertise_policy.md +318 -0
- package/dist/docs/resources/alert_policy.md +242 -0
- package/dist/docs/resources/alert_receiver.md +394 -0
- package/dist/docs/resources/allowed_tenant.md +104 -0
- package/dist/docs/resources/api_crawler.md +142 -0
- package/dist/docs/resources/api_credential.md +101 -0
- package/dist/docs/resources/api_definition.md +127 -0
- package/dist/docs/resources/api_discovery.md +100 -0
- package/dist/docs/resources/api_testing.md +273 -0
- package/dist/docs/resources/apm.md +946 -0
- package/dist/docs/resources/app_api_group.md +161 -0
- package/dist/docs/resources/app_firewall.md +282 -0
- package/dist/docs/resources/app_setting.md +228 -0
- package/dist/docs/resources/app_type.md +124 -0
- package/dist/docs/resources/authentication.md +228 -0
- package/dist/docs/resources/aws_tgw_site.md +948 -0
- package/dist/docs/resources/aws_vpc_site.md +1262 -0
- package/dist/docs/resources/azure_vnet_site.md +2316 -0
- package/dist/docs/resources/bgp.md +341 -0
- package/dist/docs/resources/bgp_asn_set.md +86 -0
- package/dist/docs/resources/bgp_routing_policy.md +166 -0
- package/dist/docs/resources/bigip_irule.md +90 -0
- package/dist/docs/resources/bot_defense_app_infrastructure.md +166 -0
- package/dist/docs/resources/cdn_cache_rule.md +278 -0
- package/dist/docs/resources/cdn_loadbalancer.md +3800 -0
- package/dist/docs/resources/certificate.md +146 -0
- package/dist/docs/resources/certificate_chain.md +86 -0
- package/dist/docs/resources/child_tenant.md +166 -0
- package/dist/docs/resources/child_tenant_manager.md +130 -0
- package/dist/docs/resources/cloud_connect.md +260 -0
- package/dist/docs/resources/cloud_credentials.md +264 -0
- package/dist/docs/resources/cloud_elastic_ip.md +108 -0
- package/dist/docs/resources/cloud_link.md +252 -0
- package/dist/docs/resources/cluster.md +408 -0
- package/dist/docs/resources/cminstance.md +166 -0
- package/dist/docs/resources/code_base_integration.md +360 -0
- package/dist/docs/resources/contact.md +104 -0
- package/dist/docs/resources/container_registry.md +132 -0
- package/dist/docs/resources/crl.md +106 -0
- package/dist/docs/resources/customer_support.md +170 -0
- package/dist/docs/resources/data_group.md +121 -0
- package/dist/docs/resources/data_type.md +188 -0
- package/dist/docs/resources/dc_cluster_group.md +108 -0
- package/dist/docs/resources/discovery.md +443 -0
- package/dist/docs/resources/dns_compliance_checks.md +90 -0
- package/dist/docs/resources/dns_domain.md +94 -0
- package/dist/docs/resources/dns_lb_health_check.md +166 -0
- package/dist/docs/resources/dns_lb_pool.md +233 -0
- package/dist/docs/resources/dns_load_balancer.md +254 -0
- package/dist/docs/resources/dns_zone.md +988 -0
- package/dist/docs/resources/endpoint.md +234 -0
- package/dist/docs/resources/enhanced_firewall_policy.md +327 -0
- package/dist/docs/resources/external_connector.md +246 -0
- package/dist/docs/resources/fast_acl.md +376 -0
- package/dist/docs/resources/fast_acl_rule.md +192 -0
- package/dist/docs/resources/filter_set.md +142 -0
- package/dist/docs/resources/fleet.md +1267 -0
- package/dist/docs/resources/forward_proxy_policy.md +408 -0
- package/dist/docs/resources/forwarding_class.md +133 -0
- package/dist/docs/resources/gcp_vpc_site.md +1170 -0
- package/dist/docs/resources/geo_location_set.md +97 -0
- package/dist/docs/resources/global_log_receiver.md +1085 -0
- package/dist/docs/resources/healthcheck.md +148 -0
- package/dist/docs/resources/http_loadbalancer.md +7118 -0
- package/dist/docs/resources/ike1.md +133 -0
- package/dist/docs/resources/ike2.md +127 -0
- package/dist/docs/resources/ike_phase1_profile.md +141 -0
- package/dist/docs/resources/ike_phase2_profile.md +131 -0
- package/dist/docs/resources/infraprotect_asn.md +100 -0
- package/dist/docs/resources/infraprotect_asn_prefix.md +104 -0
- package/dist/docs/resources/infraprotect_deny_list_rule.md +108 -0
- package/dist/docs/resources/infraprotect_firewall_rule.md +205 -0
- package/dist/docs/resources/infraprotect_firewall_rule_group.md +86 -0
- package/dist/docs/resources/infraprotect_internet_prefix_advertisement.md +108 -0
- package/dist/docs/resources/infraprotect_tunnel.md +228 -0
- package/dist/docs/resources/ip_prefix_set.md +97 -0
- package/dist/docs/resources/irule.md +88 -0
- package/dist/docs/resources/k8s_cluster.md +291 -0
- package/dist/docs/resources/k8s_cluster_role.md +143 -0
- package/dist/docs/resources/k8s_cluster_role_binding.md +130 -0
- package/dist/docs/resources/k8s_pod_security_admission.md +116 -0
- package/dist/docs/resources/k8s_pod_security_policy.md +258 -0
- package/dist/docs/resources/log_receiver.md +183 -0
- package/dist/docs/resources/malicious_user_mitigation.md +132 -0
- package/dist/docs/resources/managed_tenant.md +116 -0
- package/dist/docs/resources/namespace.md +87 -0
- package/dist/docs/resources/nat_policy.md +408 -0
- package/dist/docs/resources/network_connector.md +252 -0
- package/dist/docs/resources/network_firewall.md +178 -0
- package/dist/docs/resources/network_interface.md +439 -0
- package/dist/docs/resources/network_policy.md +347 -0
- package/dist/docs/resources/network_policy_rule.md +157 -0
- package/dist/docs/resources/network_policy_view.md +330 -0
- package/dist/docs/resources/nfv_service.md +992 -0
- package/dist/docs/resources/oidc_provider.md +208 -0
- package/dist/docs/resources/origin_pool.md +801 -0
- package/dist/docs/resources/policer.md +97 -0
- package/dist/docs/resources/policy_based_routing.md +330 -0
- package/dist/docs/resources/protocol_inspection.md +130 -0
- package/dist/docs/resources/protocol_policer.md +146 -0
- package/dist/docs/resources/proxy.md +1181 -0
- package/dist/docs/resources/quota.md +104 -0
- package/dist/docs/resources/rate_limiter.md +155 -0
- package/dist/docs/resources/rate_limiter_policy.md +296 -0
- package/dist/docs/resources/registration.md +406 -0
- package/dist/docs/resources/report_config.md +160 -0
- package/dist/docs/resources/role.md +100 -0
- package/dist/docs/resources/route.md +724 -0
- package/dist/docs/resources/secret_management_access.md +498 -0
- package/dist/docs/resources/secret_policy.md +157 -0
- package/dist/docs/resources/secret_policy_rule.md +115 -0
- package/dist/docs/resources/securemesh_site.md +940 -0
- package/dist/docs/resources/securemesh_site_v2.md +2942 -0
- package/dist/docs/resources/segment.md +97 -0
- package/dist/docs/resources/sensitive_data_policy.md +116 -0
- package/dist/docs/resources/service_policy.md +795 -0
- package/dist/docs/resources/service_policy_rule.md +609 -0
- package/dist/docs/resources/site_mesh_group.md +163 -0
- package/dist/docs/resources/srv6_network_slice.md +92 -0
- package/dist/docs/resources/subnet.md +155 -0
- package/dist/docs/resources/tcp_loadbalancer.md +671 -0
- package/dist/docs/resources/tenant_configuration.md +136 -0
- package/dist/docs/resources/tenant_profile.md +156 -0
- package/dist/docs/resources/ticket_tracking_system.md +112 -0
- package/dist/docs/resources/token.md +87 -0
- package/dist/docs/resources/tpm_api_key.md +108 -0
- package/dist/docs/resources/tpm_category.md +108 -0
- package/dist/docs/resources/tpm_manager.md +84 -0
- package/dist/docs/resources/trusted_ca_list.md +89 -0
- package/dist/docs/resources/tunnel.md +250 -0
- package/dist/docs/resources/udp_loadbalancer.md +336 -0
- package/dist/docs/resources/usb_policy.md +108 -0
- package/dist/docs/resources/user_identification.md +126 -0
- package/dist/docs/resources/virtual_host.md +934 -0
- package/dist/docs/resources/virtual_k8s.md +132 -0
- package/dist/docs/resources/virtual_network.md +149 -0
- package/dist/docs/resources/virtual_site.md +102 -0
- package/dist/docs/resources/voltshare_admin_policy.md +196 -0
- package/dist/docs/resources/voltstack_site.md +2259 -0
- package/dist/docs/resources/waf_exclusion_policy.md +182 -0
- package/dist/docs/resources/workload.md +6021 -0
- package/dist/docs/resources/workload_flavor.md +90 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0000.public.ves.io.schema.ai_assistant.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0001.public.ves.io.schema.api_sec.api_crawler.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0002.public.ves.io.schema.views.api_definition.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0003.public.ves.io.schema.api_sec.api_discovery.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0004.public.ves.io.schema.api_group.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0005.public.ves.io.schema.api_group_element.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0006.public.ves.io.schema.api_sec.api_testing.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0007.public.ves.io.schema.api_credential.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0008.public.ves.io.schema.pbac.addon_service.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0009.public.ves.io.schema.pbac.addon_subscription.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0010.public.ves.io.schema.address_allocator.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0011.public.ves.io.schema.advertise_policy.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0012.public.ves.io.schema.alert_policy.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0013.public.ves.io.schema.alert_receiver.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0014.public.ves.io.schema.alert.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0015.public.ves.io.schema.tenant_management.allowed_tenant.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0016.public.ves.io.schema.views.app_api_group.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0017.public.ves.io.schema.app_setting.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0018.public.ves.io.schema.app_type.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0019.public.ves.io.schema.app_firewall.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0020.public.ves.io.schema.app_security.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0021.public.ves.io.schema.api_sec.rule_suggestion.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0022.public.ves.io.schema.shape.device_id.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0023.public.ves.io.schema.authentication.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0024.public.ves.io.schema.ai_data.bfdp.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0025.public.ves.io.schema.ai_data.bfdp.subscription.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0026.public.ves.io.schema.bgp.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0027.public.ves.io.schema.bgp_asn_set.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0028.public.ves.io.schema.operate.bgp.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0029.public.ves.io.schema.bgp_routing_policy.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0030.public.ves.io.schema.bigip.apm.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0031.public.ves.io.schema.bigip_irule.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0032.public.ves.io.schema.views.bigip_virtual_server.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0033.public.ves.io.schema.shape.brmalerts.alert_gen_policy.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0034.public.ves.io.schema.shape.brmalerts.alert_template.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0035.public.ves.io.schema.views.bot_defense_app_infrastructure.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0036.public.ves.io.schema.shape.bot_defense.threat_intelligence.bot_detection_rule.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0037.public.ves.io.schema.shape.bot_defense.threat_intelligence.bot_detection_update.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0038.public.ves.io.schema.shape.bot_defense.bot_endpoint_policy.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0039.public.ves.io.schema.shape.bot_defense.bot_infrastructure.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0040.public.ves.io.schema.shape.bot_defense.bot_allowlist_policy.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0041.public.ves.io.schema.shape.bot_defense.bot_network_policy.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0042.public.ves.io.schema.views.cdn_loadbalancer.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0043.public.ves.io.schema.cdn_cache_rule.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0044.public.ves.io.schema.crl.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0045.public.ves.io.schema.operate.crl.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0046.public.ves.io.schema.pbac.catalog.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0047.public.ves.io.schema.cminstance.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0048.public.ves.io.schema.certificate.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0049.public.ves.io.schema.certificate_chain.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0050.public.ves.io.schema.certified_hardware.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0051.public.ves.io.schema.tenant_management.child_tenant.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0052.public.ves.io.schema.tenant_management.child_tenant_manager.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0053.public.ves.io.schema.shape.client_side_defense.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0054.public.ves.io.schema.shape.client_side_defense.allowed_domain.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0055.public.ves.io.schema.shape.client_side_defense.protected_domain.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0056.public.ves.io.schema.shape.client_side_defense.mitigated_domain.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0057.public.ves.io.schema.shape.client_side_defense.subscription.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0058.public.ves.io.schema.cloud_connect.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0059.public.ves.io.schema.cloud_credentials.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0060.public.ves.io.schema.cloud_elastic_ip.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0061.public.ves.io.schema.cloud_region.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0062.public.ves.io.schema.cloud_link.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0063.public.ves.io.schema.cluster.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0064.public.ves.io.schema.api_sec.code_base_integration.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0065.public.ves.io.schema.views.aws_tgw_site.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0066.public.ves.io.schema.views.aws_vpc_site.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0067.public.ves.io.schema.views.voltstack_site.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0068.public.ves.io.schema.views.azure_vnet_site.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0069.public.ves.io.schema.dns_compliance_checks.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0071.public.ves.io.schema.views.forward_proxy_policy.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0072.public.ves.io.schema.views.gcp_vpc_site.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0073.public.ves.io.schema.views.http_loadbalancer.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0074.public.ves.io.schema.views.network_policy_view.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0075.public.ves.io.schema.protocol_inspection.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0076.public.ves.io.schema.views.securemesh_site.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0077.public.ves.io.schema.views.securemesh_site_v2.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0078.public.ves.io.schema.views.tcp_loadbalancer.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0079.public.ves.io.schema.views.udp_loadbalancer.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0080.public.ves.io.schema.bigcne.irule.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0081.public.ves.io.schema.graph.connectivity.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0082.public.ves.io.schema.contact.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0083.public.ves.io.schema.container_registry.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0084.public.ves.io.schema.customer_support.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0085.public.ves.io.schema.dc_cluster_group.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0086.public.ves.io.schema.dns_domain.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0087.public.ves.io.schema.dns_load_balancer.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0088.public.ves.io.schema.dns_lb_health_check.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0089.public.ves.io.schema.dns_lb_pool.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0090.public.ves.io.schema.observability.synthetic_monitor.v1_dns_monitor.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0091.public.ves.io.schema.dns_zone.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0092.public.ves.io.schema.shape.data_delivery.receiver.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0093.public.ves.io.schema.shape.data_delivery.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0094.public.ves.io.schema.bigcne.data_group.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0095.public.ves.io.schema.shape.data_delivery.subscription.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0096.public.ves.io.schema.data_type.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0097.public.ves.io.schema.operate.debug.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0098.public.ves.io.schema.operate.dhcp.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0100.public.ves.io.schema.discovered_service.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0101.public.ves.io.schema.discovery.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0102.public.ves.io.schema.endpoint.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0103.public.ves.io.schema.enhanced_firewall_policy.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0104.public.ves.io.schema.views.external_connector.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0105.public.ves.io.schema.dns_zone.rrset.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0106.public.ves.io.schema.dns_zone.subscription.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0107.public.ves.io.schema.malware_protection.subscription.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0108.public.ves.io.schema.secret_management.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0109.public.ves.io.schema.voltshare.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0110.public.ves.io.schema.maintenance_status.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0111.public.ves.io.schema.fast_acl.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0112.public.ves.io.schema.fast_acl_rule.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0113.public.ves.io.schema.filter_set.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0114.public.ves.io.schema.fleet.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0115.public.ves.io.schema.flow_anomaly.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0116.public.ves.io.schema.operate.flow.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0117.public.ves.io.schema.flow.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0118.public.ves.io.schema.forwarding_class.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0119.public.ves.io.schema.data_privacy.geo_config.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0120.public.ves.io.schema.geo_location_set.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0121.public.ves.io.schema.gia.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0122.public.ves.io.schema.global_log_receiver.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0123.public.ves.io.schema.observability.synthetic_monitor.v1_http_monitor.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0124.public.ves.io.schema.healthcheck.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0125.public.ves.io.schema.ike1.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0126.public.ves.io.schema.views.ike_phase1_profile.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0127.public.ves.io.schema.ike2.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0128.public.ves.io.schema.views.ike_phase2_profile.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0129.public.ves.io.schema.ip_prefix_set.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0130.public.ves.io.schema.implicit_label.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0131.public.ves.io.schema.infraprotect.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0132.public.ves.io.schema.infraprotect_asn.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0133.public.ves.io.schema.infraprotect_asn_prefix.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0134.public.ves.io.schema.infraprotect_deny_list_rule.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0135.public.ves.io.schema.infraprotect_firewall_rule.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0136.public.ves.io.schema.infraprotect_firewall_rule_group.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0137.public.ves.io.schema.infraprotect_firewall_ruleset.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0138.public.ves.io.schema.infraprotect_information.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0139.public.ves.io.schema.infraprotect_internet_prefix_advertisement.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0140.public.ves.io.schema.usage.invoice.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0141.public.ves.io.schema.k8s_cluster.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0142.public.ves.io.schema.k8s_cluster_role.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0143.public.ves.io.schema.k8s_cluster_role_binding.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0144.public.ves.io.schema.k8s_pod_security_admission.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0145.public.ves.io.schema.k8s_pod_security_policy.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0146.public.ves.io.schema.known_label.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0147.public.ves.io.schema.known_label_key.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0148.public.ves.io.schema.data_privacy.lma_region.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0149.public.ves.io.schema.operate.lte.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0150.public.ves.io.schema.log_receiver.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0151.public.ves.io.schema.log.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0152.public.ves.io.schema.malicious_user_mitigation.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0153.public.ves.io.schema.tenant_management.managed_tenant.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0154.public.ves.io.schema.shape.mobile_app_shield.subscription.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0155.public.ves.io.schema.shape.mobile_integrator.subscription.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0156.public.ves.io.schema.shape.bot_defense.mobile_sdk.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0157.public.ves.io.schema.shape.bot_defense.mobile_base_config.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0158.public.ves.io.schema.module_management.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0159.public.ves.io.schema.nat_policy.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0160.public.ves.io.schema.nfv_service.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0161.public.ves.io.schema.nginx.one.nginx_csg.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0162.public.ves.io.schema.nginx.one.nginx_instance.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0163.public.ves.io.schema.nginx.one.nginx_server.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0164.public.ves.io.schema.nginx.one.subscription.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0165.public.ves.io.schema.nginx.one.nginx_service_discovery.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0166.public.ves.io.schema.namespace.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0167.public.ves.io.schema.namespace_role.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0168.public.ves.io.schema.pbac.navigation_tile.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0169.public.ves.io.schema.network_connector.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0170.public.ves.io.schema.network_firewall.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0171.public.ves.io.schema.network_interface.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0172.public.ves.io.schema.network_policy.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0173.public.ves.io.schema.network_policy_rule.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0174.public.ves.io.schema.network_policy_set.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0175.public.ves.io.schema.observability.subscription.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0176.public.ves.io.schema.marketplace.aws_account.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0177.public.ves.io.schema.views.origin_pool.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0178.public.ves.io.schema.billing.payment_method.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0179.public.ves.io.schema.operate.ping.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0180.public.ves.io.schema.pbac.plan.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0181.public.ves.io.schema.billing.plan_transition.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0182.public.ves.io.schema.policer.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0183.public.ves.io.schema.views.policy_based_routing.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0184.public.ves.io.schema.shape.bot_defense.protected_application.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0185.public.ves.io.schema.protocol_policer.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0186.public.ves.io.schema.views.proxy.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0187.public.ves.io.schema.public_ip.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0188.public.ves.io.schema.quota.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0189.public.ves.io.schema.rbac_policy.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0190.public.ves.io.schema.rate_limiter.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0191.public.ves.io.schema.views.rate_limiter_policy.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0192.public.ves.io.schema.registration.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0193.public.ves.io.schema.report.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0194.public.ves.io.schema.report_config.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0195.public.ves.io.schema.role.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0196.public.ves.io.schema.trusted_ca_list.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0197.public.ves.io.schema.route.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0198.public.ves.io.schema.operate.route.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0199.public.ves.io.schema.srv6_network_slice.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0200.public.ves.io.schema.oidc_provider.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0201.public.ves.io.schema.secret_management_access.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0202.public.ves.io.schema.secret_policy.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0203.public.ves.io.schema.secret_policy_rule.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0204.public.ves.io.schema.segment.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0205.public.ves.io.schema.segment_connection.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0206.public.ves.io.schema.sensitive_data_policy.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0207.public.ves.io.schema.graph.service.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0208.public.ves.io.schema.service_policy.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0209.public.ves.io.schema.service_policy_rule.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0210.public.ves.io.schema.service_policy_set.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0211.public.ves.io.schema.shape_bot_defense_instance.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0212.public.ves.io.schema.shape.bot_defense.reporting.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0213.public.ves.io.schema.shape.bot_defense.subscription.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0214.public.ves.io.schema.shape.recognize.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0215.public.ves.io.schema.shape.safeap.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0216.public.ves.io.schema.shape.safe.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0217.public.ves.io.schema.signup.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0218.public.ves.io.schema.site.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0219.public.ves.io.schema.graph.site.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0220.public.ves.io.schema.site_mesh_group.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0221.public.ves.io.schema.status_at_site.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0222.public.ves.io.schema.stored_object.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0223.public.ves.io.schema.subnet.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0224.public.ves.io.schema.usage.subscription.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0225.public.ves.io.schema.subscription.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0226.public.ves.io.schema.observability.synthetic_monitor.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0227.public.ves.io.schema.scim.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0228.public.ves.io.schema.tpm_api_key.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0229.public.ves.io.schema.tpm_category.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0230.public.ves.io.schema.tpm_manager.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0231.public.ves.io.schema.tpm_provision.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0232.public.ves.io.schema.operate.tcpdump.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0233.public.ves.io.schema.tenant.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0234.public.ves.io.schema.views.tenant_configuration.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0235.public.ves.io.schema.tenant_management.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0236.public.ves.io.schema.tenant_management.tenant_profile.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0237.public.ves.io.schema.views.third_party_application.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0238.public.ves.io.schema.ticket_management.ticket_tracking_system.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0239.public.ves.io.schema.token.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0240.public.ves.io.schema.topology.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0241.public.ves.io.schema.operate.traceroute.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0242.public.ves.io.schema.tunnel.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0243.public.ves.io.schema.infraprotect_tunnel.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0244.public.ves.io.schema.operate.usb.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0245.public.ves.io.schema.usb_policy.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0246.public.ves.io.schema.ui.static_component.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0247.public.ves.io.schema.upgrade_status.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0248.public.ves.io.schema.virtual_appliance.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0249.public.ves.io.schema.usage.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0250.public.ves.io.schema.usage.plan.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0251.public.ves.io.schema.user.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0252.public.ves.io.schema.user_group.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0253.public.ves.io.schema.user_identification.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0254.public.ves.io.schema.user.setting.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0255.public.ves.io.schema.views.view_internal.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0256.public.ves.io.schema.views.terraform_parameters.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0257.public.ves.io.schema.virtual_host.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0258.public.ves.io.schema.virtual_k8s.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0259.public.ves.io.schema.virtual_network.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0260.public.ves.io.schema.virtual_site.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0261.public.ves.io.schema.voltshare_admin_policy.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0262.public.ves.io.schema.waf.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0263.public.ves.io.schema.waf_exclusion_policy.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0264.public.ves.io.schema.waf_signatures_changelog.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0265.public.ves.io.schema.operate.wifi.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0266.public.ves.io.schema.was.user_token.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0267.public.ves.io.schema.views.workload.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0268.public.ves.io.schema.workload_flavor.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0269.public.ves.io.schema.marketplace.xc_saas.ves-swagger.json +1 -0
- package/dist/docs/specifications/api/docs-cloud-f5-com.0270.public.ves.io.schema.graph.l3l4.ves-swagger.json +1 -0
- package/dist/index.d.ts +5 -1
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +26 -22
- package/dist/index.js.map +1 -1
- package/dist/services/api-specs.d.ts.map +1 -1
- package/dist/services/api-specs.js +15 -3
- package/dist/services/api-specs.js.map +1 -1
- package/dist/services/documentation.d.ts.map +1 -1
- package/dist/services/documentation.js +25 -9
- package/dist/services/documentation.js.map +1 -1
- package/package.json +6 -3
|
@@ -0,0 +1,509 @@
|
|
|
1
|
+
---
|
|
2
|
+
page_title: "Guide: Blindfold Secret Management Functions"
|
|
3
|
+
subcategory: "Guides"
|
|
4
|
+
description: |-
|
|
5
|
+
Learn how to securely encrypt secrets using F5XC Blindfold functions.
|
|
6
|
+
Covers TLS certificates, cloud credentials, and container registry authentication.
|
|
7
|
+
---
|
|
8
|
+
|
|
9
|
+
# Blindfold Secret Management Functions
|
|
10
|
+
|
|
11
|
+
This guide walks you through using F5XC Blindfold functions to securely encrypt sensitive data. By the end, you'll understand how to:
|
|
12
|
+
|
|
13
|
+
- **Encrypt TLS private keys** - Secure certificate key storage
|
|
14
|
+
- **Protect cloud credentials** - AWS, Azure, and GCP secrets
|
|
15
|
+
- **Secure container registries** - Private image pull authentication
|
|
16
|
+
- **Understand the security model** - Local encryption, never transmitted unencrypted
|
|
17
|
+
|
|
18
|
+
## Overview
|
|
19
|
+
|
|
20
|
+
F5 Distributed Cloud Secret Management ("blindfold") provides client-side encryption for sensitive data. The blindfold functions encrypt your secrets locally using RSA-OAEP with SHA-256, meaning **your plaintext secrets never leave your machine unencrypted**.
|
|
21
|
+
|
|
22
|
+
### How It Works
|
|
23
|
+
|
|
24
|
+
```
|
|
25
|
+
┌─────────────────────────────────────────────────────────────────────┐
|
|
26
|
+
│ Your Local Machine │
|
|
27
|
+
│ │
|
|
28
|
+
│ ┌──────────────┐ ┌──────────────────┐ ┌─────────────────┐ │
|
|
29
|
+
│ │ Secret │───►│ Blindfold │───►│ Encrypted │ │
|
|
30
|
+
│ │ (plaintext) │ │ Function │ │ Ciphertext │ │
|
|
31
|
+
│ └──────────────┘ │ (RSA-OAEP) │ └────────┬────────┘ │
|
|
32
|
+
│ └────────┬─────────┘ │ │
|
|
33
|
+
│ │ │ │
|
|
34
|
+
│ ┌────────▼─────────┐ │ │
|
|
35
|
+
│ │ F5XC Public Key │ │ │
|
|
36
|
+
│ │ (fetched once) │ │ │
|
|
37
|
+
│ └──────────────────┘ │ │
|
|
38
|
+
└──────────────────────────────────────────────────────│────────────┘
|
|
39
|
+
│
|
|
40
|
+
▼
|
|
41
|
+
┌─────────────────────────┐
|
|
42
|
+
│ F5 Distributed Cloud │
|
|
43
|
+
│ (stores ciphertext │
|
|
44
|
+
│ only) │
|
|
45
|
+
└─────────────────────────┘
|
|
46
|
+
```
|
|
47
|
+
|
|
48
|
+
### Security Properties
|
|
49
|
+
|
|
50
|
+
- **Local encryption**: Secrets encrypted on your machine before transmission
|
|
51
|
+
- **RSA-OAEP with SHA-256**: Industry-standard encryption algorithm
|
|
52
|
+
- **Policy-controlled decryption**: Only authorized F5XC services can decrypt
|
|
53
|
+
- **No plaintext storage**: F5XC never receives or stores plaintext secrets
|
|
54
|
+
|
|
55
|
+
## Prerequisites
|
|
56
|
+
|
|
57
|
+
Before you begin, ensure you have:
|
|
58
|
+
|
|
59
|
+
- **Terraform >= 1.8** - Provider-defined functions require Terraform 1.8 or later
|
|
60
|
+
- **F5 Distributed Cloud Account** - Sign up at <https://www.f5.com/cloud/products/distributed-cloud-console>
|
|
61
|
+
- **API Credentials** - Token or P12 certificate authentication configured
|
|
62
|
+
|
|
63
|
+
### Authentication Setup
|
|
64
|
+
|
|
65
|
+
Configure one of these authentication methods via environment variables:
|
|
66
|
+
|
|
67
|
+
**Option 1: API Token (Recommended for development)**
|
|
68
|
+
```bash
|
|
69
|
+
export F5XC_API_URL="https://your-tenant.console.ves.volterra.io"
|
|
70
|
+
export F5XC_API_TOKEN="your-api-token"
|
|
71
|
+
```
|
|
72
|
+
|
|
73
|
+
**Option 2: P12 Certificate (Recommended for production)**
|
|
74
|
+
```bash
|
|
75
|
+
export F5XC_API_URL="https://your-tenant.console.ves.volterra.io"
|
|
76
|
+
export F5XC_P12_FILE="/path/to/your-credentials.p12"
|
|
77
|
+
export F5XC_P12_PASSWORD="your-p12-password" # pragma: allowlist secret
|
|
78
|
+
```
|
|
79
|
+
|
|
80
|
+
-> **Tip:** Add these to your shell profile (`~/.bashrc` or `~/.zshrc`) for persistence across terminal sessions.
|
|
81
|
+
|
|
82
|
+
## Quick Start
|
|
83
|
+
|
|
84
|
+
### Step 1: Clone the Repository
|
|
85
|
+
|
|
86
|
+
```bash
|
|
87
|
+
git clone https://github.com/robinmordasiewicz/terraform-provider-f5xc.git
|
|
88
|
+
cd terraform-provider-f5xc/examples/guides/blindfold
|
|
89
|
+
```
|
|
90
|
+
|
|
91
|
+
### Step 2: Configure Your Deployment
|
|
92
|
+
|
|
93
|
+
```bash
|
|
94
|
+
cp terraform.tfvars.example terraform.tfvars
|
|
95
|
+
```
|
|
96
|
+
|
|
97
|
+
Edit `terraform.tfvars` to enable the examples you want to test:
|
|
98
|
+
|
|
99
|
+
```hcl
|
|
100
|
+
# Enable the TLS certificate example
|
|
101
|
+
enable_certificate_example = true
|
|
102
|
+
|
|
103
|
+
# Namespace configuration
|
|
104
|
+
namespace_name = "example-blindfold-test"
|
|
105
|
+
create_namespace = true
|
|
106
|
+
```
|
|
107
|
+
|
|
108
|
+
### Step 3: Generate Test Certificates (for certificate example)
|
|
109
|
+
|
|
110
|
+
```bash
|
|
111
|
+
openssl req -x509 -newkey rsa:2048 \
|
|
112
|
+
-keyout certs/server.key \
|
|
113
|
+
-out certs/server.crt \
|
|
114
|
+
-days 365 -nodes \
|
|
115
|
+
-subj "/CN=example.com"
|
|
116
|
+
```
|
|
117
|
+
|
|
118
|
+
### Step 4: Deploy
|
|
119
|
+
|
|
120
|
+
```bash
|
|
121
|
+
terraform init
|
|
122
|
+
terraform plan
|
|
123
|
+
terraform apply
|
|
124
|
+
```
|
|
125
|
+
|
|
126
|
+
Review the plan output, then type `yes` to confirm deployment.
|
|
127
|
+
|
|
128
|
+
### Step 5: Verify
|
|
129
|
+
|
|
130
|
+
1. Check the Terraform outputs for created resource names
|
|
131
|
+
2. Navigate to the F5XC Console
|
|
132
|
+
3. Verify the certificate shows encrypted private key (not plaintext)
|
|
133
|
+
|
|
134
|
+
## Understanding Blindfold Functions
|
|
135
|
+
|
|
136
|
+
The provider includes two blindfold functions:
|
|
137
|
+
|
|
138
|
+
### blindfold()
|
|
139
|
+
|
|
140
|
+
Encrypts base64-encoded plaintext:
|
|
141
|
+
|
|
142
|
+
```hcl
|
|
143
|
+
provider::f5xc::blindfold(plaintext, policy_name, namespace)
|
|
144
|
+
```
|
|
145
|
+
|
|
146
|
+
| Parameter | Type | Description |
|
|
147
|
+
|-----------|------|-------------|
|
|
148
|
+
| `plaintext` | string | Base64-encoded secret to encrypt |
|
|
149
|
+
| `policy_name` | string | Name of the SecretPolicy |
|
|
150
|
+
| `namespace` | string | Namespace containing the policy |
|
|
151
|
+
|
|
152
|
+
**Example:**
|
|
153
|
+
```hcl
|
|
154
|
+
location = provider::f5xc::blindfold(
|
|
155
|
+
base64encode(var.my_secret),
|
|
156
|
+
"ves-io-allow-volterra",
|
|
157
|
+
"shared"
|
|
158
|
+
)
|
|
159
|
+
```
|
|
160
|
+
|
|
161
|
+
### blindfold_file()
|
|
162
|
+
|
|
163
|
+
Reads a file and encrypts its contents:
|
|
164
|
+
|
|
165
|
+
```hcl
|
|
166
|
+
provider::f5xc::blindfold_file(path, policy_name, namespace)
|
|
167
|
+
```
|
|
168
|
+
|
|
169
|
+
| Parameter | Type | Description |
|
|
170
|
+
|-----------|------|-------------|
|
|
171
|
+
| `path` | string | Path to the file to encrypt |
|
|
172
|
+
| `policy_name` | string | Name of the SecretPolicy |
|
|
173
|
+
| `namespace` | string | Namespace containing the policy |
|
|
174
|
+
|
|
175
|
+
**Example:**
|
|
176
|
+
```hcl
|
|
177
|
+
location = provider::f5xc::blindfold_file(
|
|
178
|
+
"${path.module}/certs/server.key",
|
|
179
|
+
"ves-io-allow-volterra",
|
|
180
|
+
"shared"
|
|
181
|
+
)
|
|
182
|
+
```
|
|
183
|
+
|
|
184
|
+
### Built-in SecretPolicy
|
|
185
|
+
|
|
186
|
+
Every F5XC tenant includes a default policy: `ves-io-allow-volterra` in the `shared` namespace. This policy allows Volterra (F5XC) services to decrypt secrets.
|
|
187
|
+
|
|
188
|
+
## Use Cases
|
|
189
|
+
|
|
190
|
+
### TLS Certificate Private Key
|
|
191
|
+
|
|
192
|
+
Store TLS certificates for load balancers. Note that TLS private keys are typically too large (>1000 bytes) for direct blindfold encryption (~190 byte limit). Use `clear_secret_info` for TLS keys:
|
|
193
|
+
|
|
194
|
+
```hcl
|
|
195
|
+
resource "f5xc_certificate" "example" {
|
|
196
|
+
name = "example-certificate"
|
|
197
|
+
namespace = "shared"
|
|
198
|
+
|
|
199
|
+
certificate_url = "string:///${base64encode(file("${path.module}/certs/server.crt"))}"
|
|
200
|
+
|
|
201
|
+
# TLS private keys are too large for blindfold encryption
|
|
202
|
+
# Use clear_secret_info - the key is transmitted securely over HTTPS
|
|
203
|
+
private_key {
|
|
204
|
+
clear_secret_info {
|
|
205
|
+
url = "string:///${base64encode(file("${path.module}/certs/server.key"))}"
|
|
206
|
+
}
|
|
207
|
+
}
|
|
208
|
+
|
|
209
|
+
use_system_defaults {}
|
|
210
|
+
}
|
|
211
|
+
```
|
|
212
|
+
|
|
213
|
+
~> **Size Limitation:** Blindfold encryption uses RSA-OAEP which limits plaintext to ~190 bytes. TLS private keys exceed this limit. Use `clear_secret_info` for certificates - the data is transmitted securely over HTTPS. For secrets under 190 bytes (API keys, passwords), use blindfold functions as shown below.
|
|
214
|
+
|
|
215
|
+
### AWS Cloud Credentials
|
|
216
|
+
|
|
217
|
+
Protect AWS secret access keys for VPC site deployments:
|
|
218
|
+
|
|
219
|
+
```hcl
|
|
220
|
+
resource "f5xc_cloud_credentials" "aws" {
|
|
221
|
+
name = "aws-credentials"
|
|
222
|
+
namespace = "system"
|
|
223
|
+
|
|
224
|
+
aws_secret_key {
|
|
225
|
+
access_key = var.aws_access_key_id
|
|
226
|
+
|
|
227
|
+
secret_key {
|
|
228
|
+
blindfold_secret_info {
|
|
229
|
+
location = provider::f5xc::blindfold(
|
|
230
|
+
base64encode(var.aws_secret_access_key),
|
|
231
|
+
"ves-io-allow-volterra",
|
|
232
|
+
"shared"
|
|
233
|
+
)
|
|
234
|
+
}
|
|
235
|
+
}
|
|
236
|
+
}
|
|
237
|
+
}
|
|
238
|
+
```
|
|
239
|
+
|
|
240
|
+
### Azure Cloud Credentials
|
|
241
|
+
|
|
242
|
+
Secure Azure service principal client secrets:
|
|
243
|
+
|
|
244
|
+
```hcl
|
|
245
|
+
resource "f5xc_cloud_credentials" "azure" {
|
|
246
|
+
name = "azure-credentials"
|
|
247
|
+
namespace = "system"
|
|
248
|
+
|
|
249
|
+
azure_client_secret {
|
|
250
|
+
subscription_id = var.azure_subscription_id
|
|
251
|
+
tenant_id = var.azure_tenant_id
|
|
252
|
+
client_id = var.azure_client_id
|
|
253
|
+
|
|
254
|
+
client_secret {
|
|
255
|
+
blindfold_secret_info {
|
|
256
|
+
location = provider::f5xc::blindfold(
|
|
257
|
+
base64encode(var.azure_client_secret),
|
|
258
|
+
"ves-io-allow-volterra",
|
|
259
|
+
"shared"
|
|
260
|
+
)
|
|
261
|
+
}
|
|
262
|
+
}
|
|
263
|
+
}
|
|
264
|
+
}
|
|
265
|
+
```
|
|
266
|
+
|
|
267
|
+
### GCP Cloud Credentials
|
|
268
|
+
|
|
269
|
+
Encrypt GCP service account JSON key files:
|
|
270
|
+
|
|
271
|
+
```hcl
|
|
272
|
+
resource "f5xc_cloud_credentials" "gcp" {
|
|
273
|
+
name = "gcp-credentials"
|
|
274
|
+
namespace = "system"
|
|
275
|
+
|
|
276
|
+
gcp_cred_file {
|
|
277
|
+
credential_file {
|
|
278
|
+
blindfold_secret_info {
|
|
279
|
+
location = provider::f5xc::blindfold_file(
|
|
280
|
+
var.gcp_credentials_file,
|
|
281
|
+
"ves-io-allow-volterra",
|
|
282
|
+
"shared"
|
|
283
|
+
)
|
|
284
|
+
}
|
|
285
|
+
}
|
|
286
|
+
}
|
|
287
|
+
}
|
|
288
|
+
```
|
|
289
|
+
|
|
290
|
+
### Container Registry Authentication
|
|
291
|
+
|
|
292
|
+
Protect container registry passwords for private image pulls:
|
|
293
|
+
|
|
294
|
+
```hcl
|
|
295
|
+
resource "f5xc_container_registry" "example" {
|
|
296
|
+
name = "docker-registry"
|
|
297
|
+
namespace = "shared"
|
|
298
|
+
|
|
299
|
+
registry = "docker.io"
|
|
300
|
+
user_name = var.registry_username
|
|
301
|
+
|
|
302
|
+
password {
|
|
303
|
+
blindfold_secret_info {
|
|
304
|
+
location = provider::f5xc::blindfold(
|
|
305
|
+
base64encode(var.registry_password),
|
|
306
|
+
"ves-io-allow-volterra",
|
|
307
|
+
"shared"
|
|
308
|
+
)
|
|
309
|
+
}
|
|
310
|
+
}
|
|
311
|
+
}
|
|
312
|
+
```
|
|
313
|
+
|
|
314
|
+
## Configuration Options
|
|
315
|
+
|
|
316
|
+
### Using Custom SecretPolicies
|
|
317
|
+
|
|
318
|
+
While the built-in `ves-io-allow-volterra` policy works for most cases, you can create custom policies for fine-grained access control:
|
|
319
|
+
|
|
320
|
+
```hcl
|
|
321
|
+
locals {
|
|
322
|
+
policy_name = "example-custom-policy"
|
|
323
|
+
policy_ns = "example-namespace"
|
|
324
|
+
}
|
|
325
|
+
|
|
326
|
+
# Reference your custom policy
|
|
327
|
+
location = provider::f5xc::blindfold(
|
|
328
|
+
base64encode(var.secret),
|
|
329
|
+
local.policy_name,
|
|
330
|
+
local.policy_ns
|
|
331
|
+
)
|
|
332
|
+
```
|
|
333
|
+
|
|
334
|
+
### Encrypting Multiple Secrets with for_each
|
|
335
|
+
|
|
336
|
+
```hcl
|
|
337
|
+
variable "secrets" {
|
|
338
|
+
type = map(string)
|
|
339
|
+
default = {
|
|
340
|
+
"api-key" = "secret1"
|
|
341
|
+
"auth-token" = "secret2"
|
|
342
|
+
}
|
|
343
|
+
}
|
|
344
|
+
|
|
345
|
+
locals {
|
|
346
|
+
encrypted_secrets = {
|
|
347
|
+
for name, value in var.secrets :
|
|
348
|
+
name => provider::f5xc::blindfold(
|
|
349
|
+
base64encode(value),
|
|
350
|
+
"ves-io-allow-volterra",
|
|
351
|
+
"shared"
|
|
352
|
+
)
|
|
353
|
+
}
|
|
354
|
+
}
|
|
355
|
+
```
|
|
356
|
+
|
|
357
|
+
## Technical Details
|
|
358
|
+
|
|
359
|
+
### Size Limitations
|
|
360
|
+
|
|
361
|
+
RSA-OAEP encryption has a maximum plaintext size based on the key size:
|
|
362
|
+
|
|
363
|
+
| Key Size | Maximum Plaintext |
|
|
364
|
+
|----------|-------------------|
|
|
365
|
+
| 2048-bit | ~190 bytes |
|
|
366
|
+
| 4096-bit | ~446 bytes |
|
|
367
|
+
|
|
368
|
+
~> **Note:** If your secret exceeds the size limit, consider splitting it or using a different approach. The function will return a clear error message if the plaintext is too large.
|
|
369
|
+
|
|
370
|
+
### Output Format
|
|
371
|
+
|
|
372
|
+
The blindfold functions return a sealed secret string with the `string:///` prefix followed by a base64-encoded JSON structure:
|
|
373
|
+
|
|
374
|
+
```
|
|
375
|
+
string:///eyJrZXlfdmVyc2lvbiI6InYxLjIuMyIsInBvbGljeV9pZCI6InNoYXJlZC92ZXMtaW8tYWxsb3ctdm9sdGVycmEiLCJ0ZW5hbnQiOiJ5b3VyLXRlbmFudCIsImRhdGEiOiJBQkNERUYxMjM0NTY3ODkwLi4uIn0=
|
|
376
|
+
```
|
|
377
|
+
|
|
378
|
+
When base64-decoded, the sealed JSON contains these fields:
|
|
379
|
+
|
|
380
|
+
```json
|
|
381
|
+
{
|
|
382
|
+
"key_version": "v1.2.3",
|
|
383
|
+
"policy_id": "shared/ves-io-allow-volterra",
|
|
384
|
+
"tenant": "your-tenant",
|
|
385
|
+
"data": "ABCDEF1234567890..."
|
|
386
|
+
}
|
|
387
|
+
```
|
|
388
|
+
|
|
389
|
+
Field descriptions:
|
|
390
|
+
- `key_version`: Public key version used for encryption
|
|
391
|
+
- `policy_id`: Reference to the SecretPolicy (namespace/name format)
|
|
392
|
+
- `tenant`: Your F5XC tenant identifier
|
|
393
|
+
- `data`: Base64-encoded RSA-OAEP ciphertext
|
|
394
|
+
|
|
395
|
+
### Function Behavior
|
|
396
|
+
|
|
397
|
+
- **Idempotent**: Same input produces different output (due to random padding)
|
|
398
|
+
- **Network required**: Functions fetch the public key from F5XC API
|
|
399
|
+
- **Caching**: Public keys are cached for the Terraform run
|
|
400
|
+
|
|
401
|
+
## Troubleshooting
|
|
402
|
+
|
|
403
|
+
### Authentication Configuration Error
|
|
404
|
+
|
|
405
|
+
**Symptom:** Error message about missing authentication configuration.
|
|
406
|
+
|
|
407
|
+
**Solution:**
|
|
408
|
+
```bash
|
|
409
|
+
# Verify environment variables are set
|
|
410
|
+
echo $F5XC_API_URL
|
|
411
|
+
echo $F5XC_API_TOKEN # or F5XC_P12_FILE
|
|
412
|
+
|
|
413
|
+
# Set them if missing
|
|
414
|
+
export F5XC_API_URL="https://your-tenant.console.ves.volterra.io"
|
|
415
|
+
export F5XC_API_TOKEN="your-api-token"
|
|
416
|
+
```
|
|
417
|
+
|
|
418
|
+
### Policy Not Found
|
|
419
|
+
|
|
420
|
+
**Symptom:** Error about secret policy not found.
|
|
421
|
+
|
|
422
|
+
**Solutions:**
|
|
423
|
+
|
|
424
|
+
1. Use the built-in policy:
|
|
425
|
+
```hcl
|
|
426
|
+
policy_name = "ves-io-allow-volterra"
|
|
427
|
+
namespace = "shared"
|
|
428
|
+
```
|
|
429
|
+
|
|
430
|
+
2. Verify your custom policy exists in F5XC Console
|
|
431
|
+
|
|
432
|
+
### Plaintext Too Large
|
|
433
|
+
|
|
434
|
+
**Symptom:** Error indicating plaintext exceeds maximum size.
|
|
435
|
+
|
|
436
|
+
**Solutions:**
|
|
437
|
+
|
|
438
|
+
1. Verify your secret size:
|
|
439
|
+
```bash
|
|
440
|
+
wc -c < your-secret-file
|
|
441
|
+
```
|
|
442
|
+
|
|
443
|
+
2. For large files (like some GCP credentials), consider:
|
|
444
|
+
- Extracting only the private key portion
|
|
445
|
+
- Using F5XC's external secret management integration
|
|
446
|
+
|
|
447
|
+
### File Not Found
|
|
448
|
+
|
|
449
|
+
**Symptom:** Error about file not found when using `blindfold_file()`.
|
|
450
|
+
|
|
451
|
+
**Solutions:**
|
|
452
|
+
|
|
453
|
+
1. Use `${path.module}` for relative paths:
|
|
454
|
+
```hcl
|
|
455
|
+
location = provider::f5xc::blindfold_file(
|
|
456
|
+
"${path.module}/certs/server.key", # Correct
|
|
457
|
+
...
|
|
458
|
+
)
|
|
459
|
+
```
|
|
460
|
+
|
|
461
|
+
2. Verify the file exists and is readable
|
|
462
|
+
|
|
463
|
+
### Invalid Base64
|
|
464
|
+
|
|
465
|
+
**Symptom:** Error about invalid base64 encoding.
|
|
466
|
+
|
|
467
|
+
**Solution:** Ensure you're base64-encoding your plaintext:
|
|
468
|
+
```hcl
|
|
469
|
+
# Correct
|
|
470
|
+
location = provider::f5xc::blindfold(
|
|
471
|
+
base64encode(var.secret), # base64encode() wraps the secret
|
|
472
|
+
...
|
|
473
|
+
)
|
|
474
|
+
|
|
475
|
+
# Incorrect
|
|
476
|
+
location = provider::f5xc::blindfold(
|
|
477
|
+
var.secret, # Raw secret will fail
|
|
478
|
+
...
|
|
479
|
+
)
|
|
480
|
+
```
|
|
481
|
+
|
|
482
|
+
## Clean Up
|
|
483
|
+
|
|
484
|
+
To remove all resources created by this guide:
|
|
485
|
+
|
|
486
|
+
```bash
|
|
487
|
+
terraform destroy
|
|
488
|
+
```
|
|
489
|
+
|
|
490
|
+
Type `yes` to confirm destruction.
|
|
491
|
+
|
|
492
|
+
!> **Warning:** This will immediately remove all created resources. Ensure you have backups of any certificates or credentials you need.
|
|
493
|
+
|
|
494
|
+
## Next Steps
|
|
495
|
+
|
|
496
|
+
Now that you understand blindfold encryption, explore related resources:
|
|
497
|
+
|
|
498
|
+
- [Certificate Resource](../resources/certificate) - Full certificate management
|
|
499
|
+
- [Cloud Credentials Resource](../resources/cloud_credentials) - Cloud provider authentication
|
|
500
|
+
- [HTTP Load Balancer Guide](./http-loadbalancer) - Use certificates in load balancers
|
|
501
|
+
- [blindfold Function Reference](../functions/blindfold) - Function API details
|
|
502
|
+
- [blindfold_file Function Reference](../functions/blindfold_file) - Function API details
|
|
503
|
+
|
|
504
|
+
## Support
|
|
505
|
+
|
|
506
|
+
- **Provider Documentation:** [F5XC Provider](../index)
|
|
507
|
+
- **F5 Documentation:** [F5 Distributed Cloud Docs](https://docs.cloud.f5.com/)
|
|
508
|
+
- **Secret Management:** [F5XC Secret Management](https://docs.cloud.f5.com/docs/how-to/secrets-management)
|
|
509
|
+
- **Issues:** [GitHub Issues](https://github.com/robinmordasiewicz/terraform-provider-f5xc/issues)
|