@robinmordasiewicz/f5xc-terraform-mcp 2.4.6 → 2.4.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/docs/resources/addon_subscription.md +5 -5
- package/dist/docs/resources/address_allocator.md +3 -3
- package/dist/docs/resources/advertise_policy.md +39 -39
- package/dist/docs/resources/alert_policy.md +6 -6
- package/dist/docs/resources/alert_receiver.md +57 -57
- package/dist/docs/resources/api_crawler.md +9 -9
- package/dist/docs/resources/api_testing.md +40 -40
- package/dist/docs/resources/apm.md +320 -320
- package/dist/docs/resources/app_api_group.md +10 -10
- package/dist/docs/resources/app_firewall.md +36 -36
- package/dist/docs/resources/app_setting.md +46 -46
- package/dist/docs/resources/app_type.md +3 -3
- package/dist/docs/resources/authentication.md +30 -30
- package/dist/docs/resources/aws_tgw_site.md +184 -184
- package/dist/docs/resources/aws_vpc_site.md +296 -296
- package/dist/docs/resources/azure_vnet_site.md +677 -677
- package/dist/docs/resources/bgp.md +20 -20
- package/dist/docs/resources/bgp_routing_policy.md +4 -4
- package/dist/docs/resources/cdn_cache_rule.md +68 -68
- package/dist/docs/resources/cdn_loadbalancer.md +1166 -1166
- package/dist/docs/resources/certificate.md +4 -4
- package/dist/docs/resources/child_tenant.md +2 -2
- package/dist/docs/resources/cloud_connect.md +33 -33
- package/dist/docs/resources/cloud_credentials.md +37 -37
- package/dist/docs/resources/cloud_link.md +16 -16
- package/dist/docs/resources/cluster.md +68 -68
- package/dist/docs/resources/cminstance.md +6 -6
- package/dist/docs/resources/code_base_integration.md +82 -82
- package/dist/docs/resources/container_registry.md +2 -2
- package/dist/docs/resources/data_type.md +12 -12
- package/dist/docs/resources/discovery.md +71 -71
- package/dist/docs/resources/dns_lb_health_check.md +5 -5
- package/dist/docs/resources/dns_load_balancer.md +25 -25
- package/dist/docs/resources/dns_zone.md +144 -144
- package/dist/docs/resources/endpoint.md +1 -1
- package/dist/docs/resources/enhanced_firewall_policy.md +33 -33
- package/dist/docs/resources/external_connector.md +32 -32
- package/dist/docs/resources/fast_acl.md +59 -59
- package/dist/docs/resources/fast_acl_rule.md +2 -2
- package/dist/docs/resources/filter_set.md +3 -3
- package/dist/docs/resources/fleet.md +359 -359
- package/dist/docs/resources/forward_proxy_policy.md +18 -18
- package/dist/docs/resources/gcp_vpc_site.md +280 -280
- package/dist/docs/resources/geo_location_set.md +1 -1
- package/dist/docs/resources/global_log_receiver.md +216 -216
- package/dist/docs/resources/healthcheck.md +2 -2
- package/dist/docs/resources/http_loadbalancer.md +2190 -2190
- package/dist/docs/resources/infraprotect_tunnel.md +9 -9
- package/dist/docs/resources/k8s_cluster.md +39 -39
- package/dist/docs/resources/k8s_cluster_role.md +10 -10
- package/dist/docs/resources/k8s_pod_security_policy.md +9 -9
- package/dist/docs/resources/log_receiver.md +11 -11
- package/dist/docs/resources/malicious_user_mitigation.md +4 -4
- package/dist/docs/resources/managed_tenant.md +2 -2
- package/dist/docs/resources/nat_policy.md +22 -22
- package/dist/docs/resources/network_connector.md +37 -37
- package/dist/docs/resources/network_firewall.md +15 -15
- package/dist/docs/resources/network_interface.md +78 -78
- package/dist/docs/resources/network_policy.md +21 -21
- package/dist/docs/resources/network_policy_view.md +7 -7
- package/dist/docs/resources/nfv_service.md +306 -306
- package/dist/docs/resources/oidc_provider.md +1 -1
- package/dist/docs/resources/origin_pool.md +151 -151
- package/dist/docs/resources/policy_based_routing.md +71 -71
- package/dist/docs/resources/protocol_inspection.md +8 -8
- package/dist/docs/resources/proxy.md +401 -401
- package/dist/docs/resources/rate_limiter_policy.md +4 -4
- package/dist/docs/resources/registration.md +1 -1
- package/dist/docs/resources/route.md +155 -155
- package/dist/docs/resources/secret_management_access.md +103 -103
- package/dist/docs/resources/secret_policy.md +7 -7
- package/dist/docs/resources/securemesh_site.md +274 -274
- package/dist/docs/resources/securemesh_site_v2.md +940 -940
- package/dist/docs/resources/sensitive_data_policy.md +3 -3
- package/dist/docs/resources/service_policy.md +154 -154
- package/dist/docs/resources/service_policy_rule.md +51 -51
- package/dist/docs/resources/subnet.md +7 -7
- package/dist/docs/resources/tcp_loadbalancer.md +138 -138
- package/dist/docs/resources/tenant_configuration.md +1 -1
- package/dist/docs/resources/ticket_tracking_system.md +2 -2
- package/dist/docs/resources/tunnel.md +16 -16
- package/dist/docs/resources/udp_loadbalancer.md +56 -56
- package/dist/docs/resources/virtual_host.md +146 -146
- package/dist/docs/resources/virtual_network.md +7 -7
- package/dist/docs/resources/voltshare_admin_policy.md +22 -22
- package/dist/docs/resources/voltstack_site.md +778 -778
- package/dist/docs/resources/waf_exclusion_policy.md +22 -22
- package/dist/docs/resources/workload.md +2226 -2226
- package/package.json +1 -1
|
@@ -90,7 +90,7 @@ A [`routes`](#routes) block supports the following:
|
|
|
90
90
|
|
|
91
91
|
<a id="routes-disable-location-add"></a>• [`disable_location_add`](#routes-disable-location-add) - Optional Bool<br>Disable Location Addition. disables append of x-volterra-location = `<RE-site-name>` at route level, if it is configured at virtual-host level. This configuration is ignored on CE sites
|
|
92
92
|
|
|
93
|
-
<a id="
|
|
93
|
+
<a id="injection-2c38a2"></a>• [`inherited_bot_defense_javascript_injection`](#injection-2c38a2) - Optional Block<br>Enable this option
|
|
94
94
|
|
|
95
95
|
<a id="routes-inherited-waf-exclusion"></a>• [`inherited_waf_exclusion`](#routes-inherited-waf-exclusion) - Optional Block<br>Enable this option
|
|
96
96
|
|
|
@@ -128,25 +128,25 @@ A [`routes`](#routes) block supports the following:
|
|
|
128
128
|
|
|
129
129
|
A [`bot_defense_javascript_injection`](#routes-bot-defense-javascript-injection) block (within [`routes`](#routes)) supports the following:
|
|
130
130
|
|
|
131
|
-
<a id="
|
|
131
|
+
<a id="location-95316f"></a>• [`javascript_location`](#location-95316f) - Optional String Defaults to `AFTER_HEAD`<br>Possible values are `AFTER_HEAD`, `AFTER_TITLE_END`, `BEFORE_SCRIPT`<br>[Enum: AFTER_HEAD|AFTER_TITLE_END|BEFORE_SCRIPT] JavaScript Location. All inside networks. Insert JavaScript after `<head>` tag Insert JavaScript after `</title>` tag. Insert JavaScript before first `<script>` tag
|
|
132
132
|
|
|
133
|
-
<a id="
|
|
133
|
+
<a id="tags-60ccf3"></a>• [`javascript_tags`](#tags-60ccf3) - Optional Block<br>JavaScript Tags. Select Add item to configure your javascript tag. If adding both Bot Adv and Fraud, the Bot Javascript should be added first<br>See [Javascript Tags](#tags-60ccf3) below.
|
|
134
134
|
|
|
135
135
|
#### Routes Bot Defense Javascript Injection Javascript Tags
|
|
136
136
|
|
|
137
|
-
A [`javascript_tags`](#
|
|
137
|
+
A [`javascript_tags`](#tags-60ccf3) block (within [`routes.bot_defense_javascript_injection`](#routes-bot-defense-javascript-injection)) supports the following:
|
|
138
138
|
|
|
139
|
-
<a id="
|
|
139
|
+
<a id="url-f5fba1"></a>• [`javascript_url`](#url-f5fba1) - Optional String<br>URL. Please enter the full URL (include domain and path), or relative path
|
|
140
140
|
|
|
141
|
-
<a id="
|
|
141
|
+
<a id="attributes-f612c4"></a>• [`tag_attributes`](#attributes-f612c4) - Optional Block<br>Tag Attributes. Add the tag attributes you want to include in your Javascript tag<br>See [Tag Attributes](#attributes-f612c4) below.
|
|
142
142
|
|
|
143
143
|
#### Routes Bot Defense Javascript Injection Javascript Tags Tag Attributes
|
|
144
144
|
|
|
145
|
-
A [`tag_attributes`](#
|
|
145
|
+
A [`tag_attributes`](#attributes-f612c4) block (within [`routes.bot_defense_javascript_injection.javascript_tags`](#tags-60ccf3)) supports the following:
|
|
146
146
|
|
|
147
|
-
<a id="
|
|
147
|
+
<a id="tag-31e7c0"></a>• [`javascript_tag`](#tag-31e7c0) - Optional String Defaults to `JS_ATTR_ID`<br>Possible values are `JS_ATTR_ID`, `JS_ATTR_CID`, `JS_ATTR_CN`, `JS_ATTR_API_DOMAIN`, `JS_ATTR_API_URL`, `JS_ATTR_API_PATH`, `JS_ATTR_ASYNC`, `JS_ATTR_DEFER`<br>[Enum: JS_ATTR_ID|JS_ATTR_CID|JS_ATTR_CN|JS_ATTR_API_DOMAIN|JS_ATTR_API_URL|JS_ATTR_API_PATH|JS_ATTR_ASYNC|JS_ATTR_DEFER] Tag Attribute Name. Select from one of the predefined tag attributes
|
|
148
148
|
|
|
149
|
-
<a id="
|
|
149
|
+
<a id="value-c4d05d"></a>• [`tag_value`](#value-c4d05d) - Optional String<br>Value. Add the tag attribute value
|
|
150
150
|
|
|
151
151
|
#### Routes Match
|
|
152
152
|
|
|
@@ -180,7 +180,7 @@ A [`headers`](#routes-match-headers) block (within [`routes.match`](#routes-matc
|
|
|
180
180
|
|
|
181
181
|
An [`incoming_port`](#routes-match-incoming-port) block (within [`routes.match`](#routes-match)) supports the following:
|
|
182
182
|
|
|
183
|
-
<a id="
|
|
183
|
+
<a id="match-1d4edd"></a>• [`no_port_match`](#match-1d4edd) - Optional Block<br>Enable this option
|
|
184
184
|
|
|
185
185
|
<a id="routes-match-incoming-port-port"></a>• [`port`](#routes-match-incoming-port-port) - Optional Number<br>Port. Exact Port to match
|
|
186
186
|
|
|
@@ -214,35 +214,35 @@ A [`request_cookies_to_add`](#routes-request-cookies-to-add) block (within [`rou
|
|
|
214
214
|
|
|
215
215
|
<a id="routes-request-cookies-to-add-overwrite"></a>• [`overwrite`](#routes-request-cookies-to-add-overwrite) - Optional Bool Defaults to `do`<br>Overwrite. Should the value be overwritten? If true, the value is overwritten to existing values. not overwrite
|
|
216
216
|
|
|
217
|
-
<a id="
|
|
217
|
+
<a id="value-4c340b"></a>• [`secret_value`](#value-4c340b) - Optional Block<br>Secret. SecretType is used in an object to indicate a sensitive/confidential field<br>See [Secret Value](#value-4c340b) below.
|
|
218
218
|
|
|
219
219
|
<a id="routes-request-cookies-to-add-value"></a>• [`value`](#routes-request-cookies-to-add-value) - Optional String<br>Value. Value of the Cookie header
|
|
220
220
|
|
|
221
221
|
#### Routes Request Cookies To Add Secret Value
|
|
222
222
|
|
|
223
|
-
A [`secret_value`](#
|
|
223
|
+
A [`secret_value`](#value-4c340b) block (within [`routes.request_cookies_to_add`](#routes-request-cookies-to-add)) supports the following:
|
|
224
224
|
|
|
225
|
-
<a id="
|
|
225
|
+
<a id="info-8a6590"></a>• [`blindfold_secret_info`](#info-8a6590) - Optional Block<br>Blindfold Secret. BlindfoldSecretInfoType specifies information about the Secret managed by F5XC Secret Management<br>See [Blindfold Secret Info](#info-8a6590) below.
|
|
226
226
|
|
|
227
|
-
<a id="
|
|
227
|
+
<a id="info-f8c679"></a>• [`clear_secret_info`](#info-f8c679) - Optional Block<br>In-Clear Secret. ClearSecretInfoType specifies information about the Secret that is not encrypted<br>See [Clear Secret Info](#info-f8c679) below.
|
|
228
228
|
|
|
229
229
|
#### Routes Request Cookies To Add Secret Value Blindfold Secret Info
|
|
230
230
|
|
|
231
|
-
A [`blindfold_secret_info`](#
|
|
231
|
+
A [`blindfold_secret_info`](#info-8a6590) block (within [`routes.request_cookies_to_add.secret_value`](#value-4c340b)) supports the following:
|
|
232
232
|
|
|
233
|
-
<a id="
|
|
233
|
+
<a id="provider-411d20"></a>• [`decryption_provider`](#provider-411d20) - Optional String<br>Decryption Provider. Name of the Secret Management Access object that contains information about the backend Secret Management service
|
|
234
234
|
|
|
235
|
-
<a id="
|
|
235
|
+
<a id="location-3723cf"></a>• [`location`](#location-3723cf) - Optional String<br>Location. Location is the uri_ref. It could be in URL format for string:/// Or it could be a path if the store provider is an HTTP/HTTPS location
|
|
236
236
|
|
|
237
|
-
<a id="
|
|
237
|
+
<a id="provider-3856df"></a>• [`store_provider`](#provider-3856df) - Optional String<br>Store Provider. Name of the Secret Management Access object that contains information about the store to get encrypted bytes This field needs to be provided only if the URL scheme is not string:///
|
|
238
238
|
|
|
239
239
|
#### Routes Request Cookies To Add Secret Value Clear Secret Info
|
|
240
240
|
|
|
241
|
-
A [`clear_secret_info`](#
|
|
241
|
+
A [`clear_secret_info`](#info-f8c679) block (within [`routes.request_cookies_to_add.secret_value`](#value-4c340b)) supports the following:
|
|
242
242
|
|
|
243
|
-
<a id="
|
|
243
|
+
<a id="ref-ad3535"></a>• [`provider_ref`](#ref-ad3535) - Optional String<br>Provider. Name of the Secret Management Access object that contains information about the store to get encrypted bytes This field needs to be provided only if the URL scheme is not string:///
|
|
244
244
|
|
|
245
|
-
<a id="
|
|
245
|
+
<a id="url-5a9db3"></a>• [`url`](#url-5a9db3) - Optional String<br>URL. URL of the secret. Currently supported URL schemes is string:///. For string:/// scheme, Secret needs to be encoded Base64 format. When asked for this secret, caller will get Secret bytes after Base64 decoding
|
|
246
246
|
|
|
247
247
|
#### Routes Request Headers To Add
|
|
248
248
|
|
|
@@ -252,111 +252,111 @@ A [`request_headers_to_add`](#routes-request-headers-to-add) block (within [`rou
|
|
|
252
252
|
|
|
253
253
|
<a id="routes-request-headers-to-add-name"></a>• [`name`](#routes-request-headers-to-add-name) - Optional String<br>Name. Name of the HTTP header
|
|
254
254
|
|
|
255
|
-
<a id="
|
|
255
|
+
<a id="value-ce9ebf"></a>• [`secret_value`](#value-ce9ebf) - Optional Block<br>Secret. SecretType is used in an object to indicate a sensitive/confidential field<br>See [Secret Value](#value-ce9ebf) below.
|
|
256
256
|
|
|
257
257
|
<a id="routes-request-headers-to-add-value"></a>• [`value`](#routes-request-headers-to-add-value) - Optional String<br>Value. Value of the HTTP header
|
|
258
258
|
|
|
259
259
|
#### Routes Request Headers To Add Secret Value
|
|
260
260
|
|
|
261
|
-
A [`secret_value`](#
|
|
261
|
+
A [`secret_value`](#value-ce9ebf) block (within [`routes.request_headers_to_add`](#routes-request-headers-to-add)) supports the following:
|
|
262
262
|
|
|
263
|
-
<a id="
|
|
263
|
+
<a id="info-452306"></a>• [`blindfold_secret_info`](#info-452306) - Optional Block<br>Blindfold Secret. BlindfoldSecretInfoType specifies information about the Secret managed by F5XC Secret Management<br>See [Blindfold Secret Info](#info-452306) below.
|
|
264
264
|
|
|
265
|
-
<a id="
|
|
265
|
+
<a id="info-eaa03d"></a>• [`clear_secret_info`](#info-eaa03d) - Optional Block<br>In-Clear Secret. ClearSecretInfoType specifies information about the Secret that is not encrypted<br>See [Clear Secret Info](#info-eaa03d) below.
|
|
266
266
|
|
|
267
267
|
#### Routes Request Headers To Add Secret Value Blindfold Secret Info
|
|
268
268
|
|
|
269
|
-
A [`blindfold_secret_info`](#
|
|
269
|
+
A [`blindfold_secret_info`](#info-452306) block (within [`routes.request_headers_to_add.secret_value`](#value-ce9ebf)) supports the following:
|
|
270
270
|
|
|
271
|
-
<a id="
|
|
271
|
+
<a id="provider-0eb208"></a>• [`decryption_provider`](#provider-0eb208) - Optional String<br>Decryption Provider. Name of the Secret Management Access object that contains information about the backend Secret Management service
|
|
272
272
|
|
|
273
|
-
<a id="
|
|
273
|
+
<a id="location-76ab23"></a>• [`location`](#location-76ab23) - Optional String<br>Location. Location is the uri_ref. It could be in URL format for string:/// Or it could be a path if the store provider is an HTTP/HTTPS location
|
|
274
274
|
|
|
275
|
-
<a id="
|
|
275
|
+
<a id="provider-33c22c"></a>• [`store_provider`](#provider-33c22c) - Optional String<br>Store Provider. Name of the Secret Management Access object that contains information about the store to get encrypted bytes This field needs to be provided only if the URL scheme is not string:///
|
|
276
276
|
|
|
277
277
|
#### Routes Request Headers To Add Secret Value Clear Secret Info
|
|
278
278
|
|
|
279
|
-
A [`clear_secret_info`](#
|
|
279
|
+
A [`clear_secret_info`](#info-eaa03d) block (within [`routes.request_headers_to_add.secret_value`](#value-ce9ebf)) supports the following:
|
|
280
280
|
|
|
281
|
-
<a id="
|
|
281
|
+
<a id="ref-25e125"></a>• [`provider_ref`](#ref-25e125) - Optional String<br>Provider. Name of the Secret Management Access object that contains information about the store to get encrypted bytes This field needs to be provided only if the URL scheme is not string:///
|
|
282
282
|
|
|
283
|
-
<a id="
|
|
283
|
+
<a id="url-e0dfac"></a>• [`url`](#url-e0dfac) - Optional String<br>URL. URL of the secret. Currently supported URL schemes is string:///. For string:/// scheme, Secret needs to be encoded Base64 format. When asked for this secret, caller will get Secret bytes after Base64 decoding
|
|
284
284
|
|
|
285
285
|
#### Routes Response Cookies To Add
|
|
286
286
|
|
|
287
287
|
A [`response_cookies_to_add`](#routes-response-cookies-to-add) block (within [`routes`](#routes)) supports the following:
|
|
288
288
|
|
|
289
|
-
<a id="
|
|
289
|
+
<a id="domain-245f48"></a>• [`add_domain`](#domain-245f48) - Optional String<br>Add Domain. Add domain attribute
|
|
290
290
|
|
|
291
|
-
<a id="
|
|
291
|
+
<a id="expiry-62b700"></a>• [`add_expiry`](#expiry-62b700) - Optional String<br>Add expiry. Add expiry attribute
|
|
292
292
|
|
|
293
|
-
<a id="
|
|
293
|
+
<a id="httponly-c2890d"></a>• [`add_httponly`](#httponly-c2890d) - Optional Block<br>Enable this option
|
|
294
294
|
|
|
295
|
-
<a id="
|
|
295
|
+
<a id="partitioned-aa1f08"></a>• [`add_partitioned`](#partitioned-aa1f08) - Optional Block<br>Enable this option
|
|
296
296
|
|
|
297
297
|
<a id="routes-response-cookies-to-add-add-path"></a>• [`add_path`](#routes-response-cookies-to-add-add-path) - Optional String<br>Add path. Add path attribute
|
|
298
298
|
|
|
299
|
-
<a id="
|
|
299
|
+
<a id="secure-9cd35a"></a>• [`add_secure`](#secure-9cd35a) - Optional Block<br>Enable this option
|
|
300
300
|
|
|
301
|
-
<a id="
|
|
301
|
+
<a id="domain-c754cb"></a>• [`ignore_domain`](#domain-c754cb) - Optional Block<br>Enable this option
|
|
302
302
|
|
|
303
|
-
<a id="
|
|
303
|
+
<a id="expiry-44cdc8"></a>• [`ignore_expiry`](#expiry-44cdc8) - Optional Block<br>Enable this option
|
|
304
304
|
|
|
305
|
-
<a id="
|
|
305
|
+
<a id="httponly-99def6"></a>• [`ignore_httponly`](#httponly-99def6) - Optional Block<br>Enable this option
|
|
306
306
|
|
|
307
|
-
<a id="
|
|
307
|
+
<a id="age-478fc0"></a>• [`ignore_max_age`](#age-478fc0) - Optional Block<br>Enable this option
|
|
308
308
|
|
|
309
|
-
<a id="
|
|
309
|
+
<a id="partitioned-7a224c"></a>• [`ignore_partitioned`](#partitioned-7a224c) - Optional Block<br>Enable this option
|
|
310
310
|
|
|
311
|
-
<a id="
|
|
311
|
+
<a id="path-3677c1"></a>• [`ignore_path`](#path-3677c1) - Optional Block<br>Enable this option
|
|
312
312
|
|
|
313
|
-
<a id="
|
|
313
|
+
<a id="samesite-0d04a2"></a>• [`ignore_samesite`](#samesite-0d04a2) - Optional Block<br>Enable this option
|
|
314
314
|
|
|
315
|
-
<a id="
|
|
315
|
+
<a id="secure-effaa1"></a>• [`ignore_secure`](#secure-effaa1) - Optional Block<br>Enable this option
|
|
316
316
|
|
|
317
|
-
<a id="
|
|
317
|
+
<a id="value-0e603e"></a>• [`ignore_value`](#value-0e603e) - Optional Block<br>Enable this option
|
|
318
318
|
|
|
319
|
-
<a id="
|
|
319
|
+
<a id="value-e8b96e"></a>• [`max_age_value`](#value-e8b96e) - Optional Number<br>Add Max Age. Add max age attribute
|
|
320
320
|
|
|
321
321
|
<a id="routes-response-cookies-to-add-name"></a>• [`name`](#routes-response-cookies-to-add-name) - Optional String<br>Name. Name of the cookie in Cookie header
|
|
322
322
|
|
|
323
|
-
<a id="
|
|
323
|
+
<a id="overwrite-25fb1c"></a>• [`overwrite`](#overwrite-25fb1c) - Optional Bool Defaults to `do`<br>Overwrite. Should the value be overwritten? If true, the value is overwritten to existing values. not overwrite
|
|
324
324
|
|
|
325
|
-
<a id="
|
|
325
|
+
<a id="lax-3799dd"></a>• [`samesite_lax`](#lax-3799dd) - Optional Block<br>Enable this option
|
|
326
326
|
|
|
327
|
-
<a id="
|
|
327
|
+
<a id="none-d063b8"></a>• [`samesite_none`](#none-d063b8) - Optional Block<br>Enable this option
|
|
328
328
|
|
|
329
|
-
<a id="
|
|
329
|
+
<a id="strict-b3db69"></a>• [`samesite_strict`](#strict-b3db69) - Optional Block<br>Enable this option
|
|
330
330
|
|
|
331
|
-
<a id="
|
|
331
|
+
<a id="value-172895"></a>• [`secret_value`](#value-172895) - Optional Block<br>Secret. SecretType is used in an object to indicate a sensitive/confidential field<br>See [Secret Value](#value-172895) below.
|
|
332
332
|
|
|
333
333
|
<a id="routes-response-cookies-to-add-value"></a>• [`value`](#routes-response-cookies-to-add-value) - Optional String<br>Value. Value of the Cookie header
|
|
334
334
|
|
|
335
335
|
#### Routes Response Cookies To Add Secret Value
|
|
336
336
|
|
|
337
|
-
A [`secret_value`](#
|
|
337
|
+
A [`secret_value`](#value-172895) block (within [`routes.response_cookies_to_add`](#routes-response-cookies-to-add)) supports the following:
|
|
338
338
|
|
|
339
|
-
<a id="
|
|
339
|
+
<a id="info-2f1e53"></a>• [`blindfold_secret_info`](#info-2f1e53) - Optional Block<br>Blindfold Secret. BlindfoldSecretInfoType specifies information about the Secret managed by F5XC Secret Management<br>See [Blindfold Secret Info](#info-2f1e53) below.
|
|
340
340
|
|
|
341
|
-
<a id="
|
|
341
|
+
<a id="info-a85975"></a>• [`clear_secret_info`](#info-a85975) - Optional Block<br>In-Clear Secret. ClearSecretInfoType specifies information about the Secret that is not encrypted<br>See [Clear Secret Info](#info-a85975) below.
|
|
342
342
|
|
|
343
343
|
#### Routes Response Cookies To Add Secret Value Blindfold Secret Info
|
|
344
344
|
|
|
345
|
-
A [`blindfold_secret_info`](#
|
|
345
|
+
A [`blindfold_secret_info`](#info-2f1e53) block (within [`routes.response_cookies_to_add.secret_value`](#value-172895)) supports the following:
|
|
346
346
|
|
|
347
|
-
<a id="
|
|
347
|
+
<a id="provider-c9e248"></a>• [`decryption_provider`](#provider-c9e248) - Optional String<br>Decryption Provider. Name of the Secret Management Access object that contains information about the backend Secret Management service
|
|
348
348
|
|
|
349
|
-
<a id="
|
|
349
|
+
<a id="location-935d3e"></a>• [`location`](#location-935d3e) - Optional String<br>Location. Location is the uri_ref. It could be in URL format for string:/// Or it could be a path if the store provider is an HTTP/HTTPS location
|
|
350
350
|
|
|
351
|
-
<a id="
|
|
351
|
+
<a id="provider-099462"></a>• [`store_provider`](#provider-099462) - Optional String<br>Store Provider. Name of the Secret Management Access object that contains information about the store to get encrypted bytes This field needs to be provided only if the URL scheme is not string:///
|
|
352
352
|
|
|
353
353
|
#### Routes Response Cookies To Add Secret Value Clear Secret Info
|
|
354
354
|
|
|
355
|
-
A [`clear_secret_info`](#
|
|
355
|
+
A [`clear_secret_info`](#info-a85975) block (within [`routes.response_cookies_to_add.secret_value`](#value-172895)) supports the following:
|
|
356
356
|
|
|
357
|
-
<a id="
|
|
357
|
+
<a id="ref-637c4d"></a>• [`provider_ref`](#ref-637c4d) - Optional String<br>Provider. Name of the Secret Management Access object that contains information about the store to get encrypted bytes This field needs to be provided only if the URL scheme is not string:///
|
|
358
358
|
|
|
359
|
-
<a id="
|
|
359
|
+
<a id="url-4cde31"></a>• [`url`](#url-4cde31) - Optional String<br>URL. URL of the secret. Currently supported URL schemes is string:///. For string:/// scheme, Secret needs to be encoded Base64 format. When asked for this secret, caller will get Secret bytes after Base64 decoding
|
|
360
360
|
|
|
361
361
|
#### Routes Response Headers To Add
|
|
362
362
|
|
|
@@ -366,41 +366,41 @@ A [`response_headers_to_add`](#routes-response-headers-to-add) block (within [`r
|
|
|
366
366
|
|
|
367
367
|
<a id="routes-response-headers-to-add-name"></a>• [`name`](#routes-response-headers-to-add-name) - Optional String<br>Name. Name of the HTTP header
|
|
368
368
|
|
|
369
|
-
<a id="
|
|
369
|
+
<a id="value-6b60b8"></a>• [`secret_value`](#value-6b60b8) - Optional Block<br>Secret. SecretType is used in an object to indicate a sensitive/confidential field<br>See [Secret Value](#value-6b60b8) below.
|
|
370
370
|
|
|
371
371
|
<a id="routes-response-headers-to-add-value"></a>• [`value`](#routes-response-headers-to-add-value) - Optional String<br>Value. Value of the HTTP header
|
|
372
372
|
|
|
373
373
|
#### Routes Response Headers To Add Secret Value
|
|
374
374
|
|
|
375
|
-
A [`secret_value`](#
|
|
375
|
+
A [`secret_value`](#value-6b60b8) block (within [`routes.response_headers_to_add`](#routes-response-headers-to-add)) supports the following:
|
|
376
376
|
|
|
377
|
-
<a id="
|
|
377
|
+
<a id="info-02903c"></a>• [`blindfold_secret_info`](#info-02903c) - Optional Block<br>Blindfold Secret. BlindfoldSecretInfoType specifies information about the Secret managed by F5XC Secret Management<br>See [Blindfold Secret Info](#info-02903c) below.
|
|
378
378
|
|
|
379
|
-
<a id="
|
|
379
|
+
<a id="info-4128a5"></a>• [`clear_secret_info`](#info-4128a5) - Optional Block<br>In-Clear Secret. ClearSecretInfoType specifies information about the Secret that is not encrypted<br>See [Clear Secret Info](#info-4128a5) below.
|
|
380
380
|
|
|
381
381
|
#### Routes Response Headers To Add Secret Value Blindfold Secret Info
|
|
382
382
|
|
|
383
|
-
A [`blindfold_secret_info`](#
|
|
383
|
+
A [`blindfold_secret_info`](#info-02903c) block (within [`routes.response_headers_to_add.secret_value`](#value-6b60b8)) supports the following:
|
|
384
384
|
|
|
385
|
-
<a id="
|
|
385
|
+
<a id="provider-9feee7"></a>• [`decryption_provider`](#provider-9feee7) - Optional String<br>Decryption Provider. Name of the Secret Management Access object that contains information about the backend Secret Management service
|
|
386
386
|
|
|
387
|
-
<a id="
|
|
387
|
+
<a id="location-537599"></a>• [`location`](#location-537599) - Optional String<br>Location. Location is the uri_ref. It could be in URL format for string:/// Or it could be a path if the store provider is an HTTP/HTTPS location
|
|
388
388
|
|
|
389
|
-
<a id="
|
|
389
|
+
<a id="provider-527ee9"></a>• [`store_provider`](#provider-527ee9) - Optional String<br>Store Provider. Name of the Secret Management Access object that contains information about the store to get encrypted bytes This field needs to be provided only if the URL scheme is not string:///
|
|
390
390
|
|
|
391
391
|
#### Routes Response Headers To Add Secret Value Clear Secret Info
|
|
392
392
|
|
|
393
|
-
A [`clear_secret_info`](#
|
|
393
|
+
A [`clear_secret_info`](#info-4128a5) block (within [`routes.response_headers_to_add.secret_value`](#value-6b60b8)) supports the following:
|
|
394
394
|
|
|
395
|
-
<a id="
|
|
395
|
+
<a id="ref-5938f3"></a>• [`provider_ref`](#ref-5938f3) - Optional String<br>Provider. Name of the Secret Management Access object that contains information about the store to get encrypted bytes This field needs to be provided only if the URL scheme is not string:///
|
|
396
396
|
|
|
397
|
-
<a id="
|
|
397
|
+
<a id="url-3d0668"></a>• [`url`](#url-3d0668) - Optional String<br>URL. URL of the secret. Currently supported URL schemes is string:///. For string:/// scheme, Secret needs to be encoded Base64 format. When asked for this secret, caller will get Secret bytes after Base64 decoding
|
|
398
398
|
|
|
399
399
|
#### Routes Route Destination
|
|
400
400
|
|
|
401
401
|
A [`route_destination`](#routes-route-destination) block (within [`routes`](#routes)) supports the following:
|
|
402
402
|
|
|
403
|
-
<a id="
|
|
403
|
+
<a id="rewrite-f07d9f"></a>• [`auto_host_rewrite`](#rewrite-f07d9f) - Optional Bool<br>Automatic Host Rewrite. Indicates that during forwarding, the host header will be swapped with the hostname of the upstream host chosen by the cluster
|
|
404
404
|
|
|
405
405
|
<a id="routes-route-destination-buffer-policy"></a>• [`buffer_policy`](#routes-route-destination-buffer-policy) - Optional Block<br>Buffer Configuration. Some upstream applications are not capable of handling streamed data. This config enables buffering the entire request before sending to upstream application. We can specify the maximum buffer size and buffer interval with this config. Buffering can be enabled and disabled at VirtualHost and Route levels Route level buffer configuration takes precedence<br>See [Buffer Policy](#routes-route-destination-buffer-policy) below.
|
|
406
406
|
|
|
@@ -410,9 +410,9 @@ A [`route_destination`](#routes-route-destination) block (within [`routes`](#rou
|
|
|
410
410
|
|
|
411
411
|
<a id="routes-route-destination-destinations"></a>• [`destinations`](#routes-route-destination-destinations) - Optional Block<br>Destination Origin pools (clusters). When requests have to distributed among multiple upstream clusters, multiple destinations are configured, each having its own cluster and weight. Traffic is distributed among clusters based on the weight configured. destinations: - cluster: - kind: ves.io.vega.cfg.adc.cluster.Object uid: cluster-1 weight: 20 - cluster: - kind: ves.io.vega.cfg.adc.cluster.Object uid: cluster-2 weight: 30 - cluster: - kind: ves.io.vega.cfg.adc.cluster.Object uid: cluster-3 weight: 50 This indicates that out of every 100 requests, 50 goes to cluster-3, 30 to cluster-2 and 20 to cluster-1 When single destination is configured, weight is ignored. All the requests are sent to the cluster specified in the destination<br>See [Destinations](#routes-route-destination-destinations) below.
|
|
412
412
|
|
|
413
|
-
<a id="
|
|
413
|
+
<a id="cluster-098c21"></a>• [`do_not_retract_cluster`](#cluster-098c21) - Optional Block<br>Enable this option
|
|
414
414
|
|
|
415
|
-
<a id="
|
|
415
|
+
<a id="subsets-17b178"></a>• [`endpoint_subsets`](#subsets-17b178) - Optional Block<br>Endpoint Subsets. Upstream cluster may be configured to divide its endpoints into subsets based on metadata attached to the endpoints. Routes may then specify the metadata that a endpoint must match in order to be selected by the load balancer Labels field of endpoint object's metadata is used for subset matching. For endpoint's which are discovered in K8S or Consul cluster, the label of the service is merged with endpoint's labels. In case of Consul, the label is derived from the 'Tag' field. For labels that are common between configured endpoint and discovered service, labels from discovered service takes precedence. List of key-value pairs that will be used as matching metadata. Only those endpoints of upstream cluster which match this metadata will be selected for load balancing
|
|
416
416
|
|
|
417
417
|
<a id="routes-route-destination-hash-policy"></a>• [`hash_policy`](#routes-route-destination-hash-policy) - Optional Block<br>Hash Policy. Specifies a list of hash policies to use for ring hash load balancing. Each hash policy is evaluated individually and the combined result is used to route the request<br>See [Hash Policy](#routes-route-destination-hash-policy) below.
|
|
418
418
|
|
|
@@ -428,7 +428,7 @@ A [`route_destination`](#routes-route-destination) block (within [`routes`](#rou
|
|
|
428
428
|
|
|
429
429
|
<a id="routes-route-destination-regex-rewrite"></a>• [`regex_rewrite`](#routes-route-destination-regex-rewrite) - Optional Block<br>Regex Match Rewrite. RegexMatchRewrite describes how to match a string and then produce a new string using a regular expression and a substitution string<br>See [Regex Rewrite](#routes-route-destination-regex-rewrite) below.
|
|
430
430
|
|
|
431
|
-
<a id="
|
|
431
|
+
<a id="cluster-96a194"></a>• [`retract_cluster`](#cluster-96a194) - Optional Block<br>Enable this option
|
|
432
432
|
|
|
433
433
|
<a id="routes-route-destination-retry-policy"></a>• [`retry_policy`](#routes-route-destination-retry-policy) - Optional Block<br>Retry Policy. Retry policy configuration for route destination<br>See [Retry Policy](#routes-route-destination-retry-policy) below.
|
|
434
434
|
|
|
@@ -436,205 +436,205 @@ A [`route_destination`](#routes-route-destination) block (within [`routes`](#rou
|
|
|
436
436
|
|
|
437
437
|
<a id="routes-route-destination-timeout"></a>• [`timeout`](#routes-route-destination-timeout) - Optional Number<br>Timeout. Specifies the timeout for the route in milliseconds. This timeout includes all retries. For server side streaming, configure this field with higher value or leave it un-configured for infinite timeout
|
|
438
438
|
|
|
439
|
-
<a id="
|
|
439
|
+
<a id="config-449c3d"></a>• [`web_socket_config`](#config-449c3d) - Optional Block<br>WebSocket Configuration. Configuration to allow WebSocket Request headers of such upgrade looks like below 'connection', 'Upgrade' 'upgrade', 'WebSocket' With configuration to allow WebSocket upgrade, ADC will produce following response 'HTTP/1.1 101 Switching Protocols 'Upgrade': 'WebSocket' 'Connection': 'Upgrade'<br>See [Web Socket Config](#config-449c3d) below.
|
|
440
440
|
|
|
441
441
|
#### Routes Route Destination Buffer Policy
|
|
442
442
|
|
|
443
443
|
A [`buffer_policy`](#routes-route-destination-buffer-policy) block (within [`routes.route_destination`](#routes-route-destination)) supports the following:
|
|
444
444
|
|
|
445
|
-
<a id="
|
|
445
|
+
<a id="disabled-2d309c"></a>• [`disabled`](#disabled-2d309c) - Optional Bool<br>Disable. Disable buffering for a particular route. This is useful when virtual-host has buffering, but we need to disable it on a specific route. The value of this field is ignored for virtual-host
|
|
446
446
|
|
|
447
|
-
<a id="
|
|
447
|
+
<a id="bytes-9a9963"></a>• [`max_request_bytes`](#bytes-9a9963) - Optional Number<br>Max Request Bytes. The maximum request size that the filter will buffer before the connection manager will stop buffering and return a RequestEntityTooLarge (413) response
|
|
448
448
|
|
|
449
449
|
#### Routes Route Destination CORS Policy
|
|
450
450
|
|
|
451
451
|
A [`cors_policy`](#routes-route-destination-cors-policy) block (within [`routes.route_destination`](#routes-route-destination)) supports the following:
|
|
452
452
|
|
|
453
|
-
<a id="
|
|
453
|
+
<a id="credentials-2b4ba7"></a>• [`allow_credentials`](#credentials-2b4ba7) - Optional Bool<br>Allow Credentials. Specifies whether the resource allows credentials
|
|
454
454
|
|
|
455
|
-
<a id="
|
|
455
|
+
<a id="headers-ce10f0"></a>• [`allow_headers`](#headers-ce10f0) - Optional String<br>Allow Headers. Specifies the content for the access-control-allow-headers header
|
|
456
456
|
|
|
457
|
-
<a id="
|
|
457
|
+
<a id="methods-2a71b7"></a>• [`allow_methods`](#methods-2a71b7) - Optional String<br>Allow Methods. Specifies the content for the access-control-allow-methods header
|
|
458
458
|
|
|
459
|
-
<a id="
|
|
459
|
+
<a id="origin-c066d0"></a>• [`allow_origin`](#origin-c066d0) - Optional List<br>Allow Origin. Specifies the origins that will be allowed to do CORS requests. An origin is allowed if either allow_origin or allow_origin_regex match
|
|
460
460
|
|
|
461
|
-
<a id="
|
|
461
|
+
<a id="regex-8cd4d2"></a>• [`allow_origin_regex`](#regex-8cd4d2) - Optional List<br>Allow Origin Regex. Specifies regex patterns that match allowed origins. An origin is allowed if either allow_origin or allow_origin_regex match
|
|
462
462
|
|
|
463
|
-
<a id="
|
|
463
|
+
<a id="disabled-373d60"></a>• [`disabled`](#disabled-373d60) - Optional Bool<br>Disabled. Disable the CorsPolicy for a particular route. This is useful when virtual-host has CorsPolicy, but we need to disable it on a specific route. The value of this field is ignored for virtual-host
|
|
464
464
|
|
|
465
|
-
<a id="
|
|
465
|
+
<a id="headers-ddfa2e"></a>• [`expose_headers`](#headers-ddfa2e) - Optional String<br>Expose Headers. Specifies the content for the access-control-expose-headers header
|
|
466
466
|
|
|
467
|
-
<a id="
|
|
467
|
+
<a id="age-1581b8"></a>• [`maximum_age`](#age-1581b8) - Optional Number<br>Maximum Age. Specifies the content for the access-control-max-age header in seconds. This indicates the maximum number of seconds the results can be cached A value of -1 will disable caching. Maximum permitted value is 86400 seconds (24 hours)
|
|
468
468
|
|
|
469
469
|
#### Routes Route Destination CSRF Policy
|
|
470
470
|
|
|
471
471
|
A [`csrf_policy`](#routes-route-destination-csrf-policy) block (within [`routes.route_destination`](#routes-route-destination)) supports the following:
|
|
472
472
|
|
|
473
|
-
<a id="
|
|
473
|
+
<a id="domains-a58e7f"></a>• [`all_load_balancer_domains`](#domains-a58e7f) - Optional Block<br>Enable this option
|
|
474
474
|
|
|
475
|
-
<a id="
|
|
475
|
+
<a id="list-904516"></a>• [`custom_domain_list`](#list-904516) - Optional Block<br>Domain name list. List of domain names used for Host header matching<br>See [Custom Domain List](#list-904516) below.
|
|
476
476
|
|
|
477
|
-
<a id="
|
|
477
|
+
<a id="disabled-8b18cb"></a>• [`disabled`](#disabled-8b18cb) - Optional Block<br>Enable this option
|
|
478
478
|
|
|
479
479
|
#### Routes Route Destination CSRF Policy Custom Domain List
|
|
480
480
|
|
|
481
|
-
A [`custom_domain_list`](#
|
|
481
|
+
A [`custom_domain_list`](#list-904516) block (within [`routes.route_destination.csrf_policy`](#routes-route-destination-csrf-policy)) supports the following:
|
|
482
482
|
|
|
483
|
-
<a id="
|
|
483
|
+
<a id="domains-8faab3"></a>• [`domains`](#domains-8faab3) - Optional List<br>Domain names. A list of domain names that will be matched to loadbalancer. These domains are not used for SNI match. Wildcard names are supported in the suffix or prefix form
|
|
484
484
|
|
|
485
485
|
#### Routes Route Destination Destinations
|
|
486
486
|
|
|
487
487
|
A [`destinations`](#routes-route-destination-destinations) block (within [`routes.route_destination`](#routes-route-destination)) supports the following:
|
|
488
488
|
|
|
489
|
-
<a id="
|
|
489
|
+
<a id="cluster-d8ac1b"></a>• [`cluster`](#cluster-d8ac1b) - Optional Block<br>Cluster. Indicates the upstream cluster to which the request should be sent. If the cluster does not exist ServiceUnavailable response will be sent<br>See [Cluster](#cluster-d8ac1b) below.
|
|
490
490
|
|
|
491
|
-
<a id="
|
|
491
|
+
<a id="subsets-23862f"></a>• [`endpoint_subsets`](#subsets-23862f) - Optional Block<br>Endpoint Subsets. Upstream cluster may be configured to divide its endpoints into subsets based on metadata attached to the endpoints. Routes may then specify the metadata that a endpoint must match in order to be selected by the load balancer Labels field of endpoint object's metadata is used for subset matching. For endpoints which are discovered in K8S or Consul cluster, the label of the service is merged with endpoint's labels. In case of Consul, the label is derived from the 'Tag' field. For labels that are common between configured endpoint and discovered service, labels from discovered service takes precedence. List of key-value pairs that will be used as matching metadata. Only those endpoints of upstream cluster which match this metadata will be selected for load balancing
|
|
492
492
|
|
|
493
|
-
<a id="
|
|
493
|
+
<a id="priority-830655"></a>• [`priority`](#priority-830655) - Optional Number<br>Priority. Priority of this cluster, valid only with multiple destinations are configured. Value of 0 will make the cluster as lowest priority upstream cluster Priority of 1 means highest priority and is considered active. When active cluster is not available, lower priority clusters are made active as per the increasing priority
|
|
494
494
|
|
|
495
|
-
<a id="
|
|
495
|
+
<a id="weight-2acc2c"></a>• [`weight`](#weight-2acc2c) - Optional Number<br>Weight. When requests have to distributed among multiple upstream clusters, multiple destinations are configured, each having its own cluster and weight. Traffic is distributed among clusters based on the weight configured. destinations: - cluster: - kind: ves.io.vega.cfg.adc.cluster.Object uid: cluster-1 weight: 20 - cluster: - kind: ves.io.vega.cfg.adc.cluster.Object uid: cluster-2 weight: 30 - cluster: - kind: ves.io.vega.cfg.adc.cluster.Object uid: cluster-3 weight: 10 This indicates that out of every 60 requests, 10 goes to cluster-3, 30 to cluster-2 and 20 to cluster-1 When single destination is configured, weight is ignored. All the requests are sent to the cluster specified in the destination
|
|
496
496
|
|
|
497
497
|
#### Routes Route Destination Destinations Cluster
|
|
498
498
|
|
|
499
|
-
A [`cluster`](#
|
|
499
|
+
A [`cluster`](#cluster-d8ac1b) block (within [`routes.route_destination.destinations`](#routes-route-destination-destinations)) supports the following:
|
|
500
500
|
|
|
501
|
-
<a id="
|
|
501
|
+
<a id="kind-24578a"></a>• [`kind`](#kind-24578a) - Optional String<br>Kind. When a configuration object(e.g. virtual_host) refers to another(e.g route) then kind will hold the referred object's kind (e.g. 'route')
|
|
502
502
|
|
|
503
|
-
<a id="
|
|
503
|
+
<a id="name-638083"></a>• [`name`](#name-638083) - Optional String<br>Name. When a configuration object(e.g. virtual_host) refers to another(e.g route) then name will hold the referred object's(e.g. route's) name
|
|
504
504
|
|
|
505
|
-
<a id="
|
|
505
|
+
<a id="namespace-effaa4"></a>• [`namespace`](#namespace-effaa4) - Optional String<br>Namespace. When a configuration object(e.g. virtual_host) refers to another(e.g route) then namespace will hold the referred object's(e.g. route's) namespace
|
|
506
506
|
|
|
507
|
-
<a id="
|
|
507
|
+
<a id="tenant-4f2bb0"></a>• [`tenant`](#tenant-4f2bb0) - Optional String<br>Tenant. When a configuration object(e.g. virtual_host) refers to another(e.g route) then tenant will hold the referred object's(e.g. route's) tenant
|
|
508
508
|
|
|
509
|
-
<a id="
|
|
509
|
+
<a id="uid-a2437e"></a>• [`uid`](#uid-a2437e) - Optional String<br>UID. When a configuration object(e.g. virtual_host) refers to another(e.g route) then uid will hold the referred object's(e.g. route's) uid
|
|
510
510
|
|
|
511
511
|
#### Routes Route Destination Hash Policy
|
|
512
512
|
|
|
513
513
|
A [`hash_policy`](#routes-route-destination-hash-policy) block (within [`routes.route_destination`](#routes-route-destination)) supports the following:
|
|
514
514
|
|
|
515
|
-
<a id="
|
|
515
|
+
<a id="cookie-fa8e38"></a>• [`cookie`](#cookie-fa8e38) - Optional Block<br>Hashing using Cookie. Two types of cookie affinity: 1. Passive. Takes a cookie that's present in the cookies header and hashes on its value. 2. Generated. Generates and sets a cookie with an expiration (TTL) on the first request from the client in its response to the client, based on the endpoint the request gets sent to. The client then presents this on the next and all subsequent requests. The hash of this is sufficient to ensure these requests get sent to the same endpoint. The cookie is generated by hashing the source and destination ports and addresses so that multiple independent HTTP2 streams on the same connection will independently receive the same cookie, even if they arrive simultaneously<br>See [Cookie](#cookie-fa8e38) below.
|
|
516
516
|
|
|
517
|
-
<a id="
|
|
517
|
+
<a id="name-5f3d35"></a>• [`header_name`](#name-5f3d35) - Optional String<br>Header Name. The name or key of the request header that will be used to obtain the hash key
|
|
518
518
|
|
|
519
|
-
<a id="
|
|
519
|
+
<a id="source-ip-279e98"></a>• [`source_ip`](#source-ip-279e98) - Optional Bool<br>Source IP. Hash based on source IP address
|
|
520
520
|
|
|
521
|
-
<a id="
|
|
521
|
+
<a id="terminal-2ae5fd"></a>• [`terminal`](#terminal-2ae5fd) - Optional Bool<br>Terminal. Specify if its a terminal policy
|
|
522
522
|
|
|
523
523
|
#### Routes Route Destination Hash Policy Cookie
|
|
524
524
|
|
|
525
|
-
A [`cookie`](#
|
|
525
|
+
A [`cookie`](#cookie-fa8e38) block (within [`routes.route_destination.hash_policy`](#routes-route-destination-hash-policy)) supports the following:
|
|
526
526
|
|
|
527
|
-
<a id="
|
|
527
|
+
<a id="httponly-c187b0"></a>• [`add_httponly`](#httponly-c187b0) - Optional Block<br>Enable this option
|
|
528
528
|
|
|
529
|
-
<a id="
|
|
529
|
+
<a id="secure-141faf"></a>• [`add_secure`](#secure-141faf) - Optional Block<br>Enable this option
|
|
530
530
|
|
|
531
|
-
<a id="
|
|
531
|
+
<a id="httponly-d1eb99"></a>• [`ignore_httponly`](#httponly-d1eb99) - Optional Block<br>Enable this option
|
|
532
532
|
|
|
533
|
-
<a id="
|
|
533
|
+
<a id="samesite-dc4309"></a>• [`ignore_samesite`](#samesite-dc4309) - Optional Block<br>Enable this option
|
|
534
534
|
|
|
535
|
-
<a id="
|
|
535
|
+
<a id="secure-9eb9ca"></a>• [`ignore_secure`](#secure-9eb9ca) - Optional Block<br>Enable this option
|
|
536
536
|
|
|
537
|
-
<a id="
|
|
537
|
+
<a id="name-a648a7"></a>• [`name`](#name-a648a7) - Optional String<br>Name. The name of the cookie that will be used to obtain the hash key. If the cookie is not present and TTL below is not set, no hash will be produced
|
|
538
538
|
|
|
539
|
-
<a id="
|
|
539
|
+
<a id="path-b96c24"></a>• [`path`](#path-b96c24) - Optional String<br>Path. The name of the path for the cookie. If no path is specified here, no path will be set for the cookie
|
|
540
540
|
|
|
541
|
-
<a id="
|
|
541
|
+
<a id="lax-fbe3d9"></a>• [`samesite_lax`](#lax-fbe3d9) - Optional Block<br>Enable this option
|
|
542
542
|
|
|
543
|
-
<a id="
|
|
543
|
+
<a id="none-087d30"></a>• [`samesite_none`](#none-087d30) - Optional Block<br>Enable this option
|
|
544
544
|
|
|
545
|
-
<a id="
|
|
545
|
+
<a id="strict-3e3555"></a>• [`samesite_strict`](#strict-3e3555) - Optional Block<br>Enable this option
|
|
546
546
|
|
|
547
|
-
<a id="
|
|
547
|
+
<a id="ttl-e740ae"></a>• [`ttl`](#ttl-e740ae) - Optional Number<br>TTL. If specified, a cookie with the TTL will be generated if the cookie is not present. If the TTL is present and zero, the generated cookie will be a session cookie. TTL value is in milliseconds
|
|
548
548
|
|
|
549
549
|
#### Routes Route Destination Mirror Policy
|
|
550
550
|
|
|
551
551
|
A [`mirror_policy`](#routes-route-destination-mirror-policy) block (within [`routes.route_destination`](#routes-route-destination)) supports the following:
|
|
552
552
|
|
|
553
|
-
<a id="
|
|
553
|
+
<a id="cluster-1c80ee"></a>• [`cluster`](#cluster-1c80ee) - Optional Block<br>Mirror Destination Cluster. Specifies the cluster to which the requests will be mirrored. The cluster object referred here must be present<br>See [Cluster](#cluster-1c80ee) below.
|
|
554
554
|
|
|
555
|
-
<a id="
|
|
555
|
+
<a id="percent-e76235"></a>• [`percent`](#percent-e76235) - Optional Block<br>Fractional Percent. Fraction used where sampling percentages are needed. example sampled requests<br>See [Percent](#percent-e76235) below.
|
|
556
556
|
|
|
557
557
|
#### Routes Route Destination Mirror Policy Cluster
|
|
558
558
|
|
|
559
|
-
A [`cluster`](#
|
|
559
|
+
A [`cluster`](#cluster-1c80ee) block (within [`routes.route_destination.mirror_policy`](#routes-route-destination-mirror-policy)) supports the following:
|
|
560
560
|
|
|
561
|
-
<a id="
|
|
561
|
+
<a id="kind-5f5f46"></a>• [`kind`](#kind-5f5f46) - Optional String<br>Kind. When a configuration object(e.g. virtual_host) refers to another(e.g route) then kind will hold the referred object's kind (e.g. 'route')
|
|
562
562
|
|
|
563
|
-
<a id="
|
|
563
|
+
<a id="name-99bc18"></a>• [`name`](#name-99bc18) - Optional String<br>Name. When a configuration object(e.g. virtual_host) refers to another(e.g route) then name will hold the referred object's(e.g. route's) name
|
|
564
564
|
|
|
565
|
-
<a id="
|
|
565
|
+
<a id="namespace-d5b69a"></a>• [`namespace`](#namespace-d5b69a) - Optional String<br>Namespace. When a configuration object(e.g. virtual_host) refers to another(e.g route) then namespace will hold the referred object's(e.g. route's) namespace
|
|
566
566
|
|
|
567
|
-
<a id="
|
|
567
|
+
<a id="tenant-5fcce8"></a>• [`tenant`](#tenant-5fcce8) - Optional String<br>Tenant. When a configuration object(e.g. virtual_host) refers to another(e.g route) then tenant will hold the referred object's(e.g. route's) tenant
|
|
568
568
|
|
|
569
|
-
<a id="
|
|
569
|
+
<a id="uid-417dc0"></a>• [`uid`](#uid-417dc0) - Optional String<br>UID. When a configuration object(e.g. virtual_host) refers to another(e.g route) then uid will hold the referred object's(e.g. route's) uid
|
|
570
570
|
|
|
571
571
|
#### Routes Route Destination Mirror Policy Percent
|
|
572
572
|
|
|
573
|
-
A [`percent`](#
|
|
573
|
+
A [`percent`](#percent-e76235) block (within [`routes.route_destination.mirror_policy`](#routes-route-destination-mirror-policy)) supports the following:
|
|
574
574
|
|
|
575
|
-
<a id="
|
|
575
|
+
<a id="denominator-94e819"></a>• [`denominator`](#denominator-94e819) - Optional String Defaults to `HUNDRED`<br>Possible values are `HUNDRED`, `TEN_THOUSAND`, `MILLION`<br>[Enum: HUNDRED|TEN_THOUSAND|MILLION] Denominator. Denominator used in fraction where sampling percentages are needed. example sampled requests Use hundred as denominator Use ten thousand as denominator Use million as denominator
|
|
576
576
|
|
|
577
|
-
<a id="
|
|
577
|
+
<a id="numerator-9f6259"></a>• [`numerator`](#numerator-9f6259) - Optional Number<br>Numerator. sampled parts per denominator. If denominator was 10000, then value of 5 will be 5 in 10000
|
|
578
578
|
|
|
579
579
|
#### Routes Route Destination Query Params
|
|
580
580
|
|
|
581
581
|
A [`query_params`](#routes-route-destination-query-params) block (within [`routes.route_destination`](#routes-route-destination)) supports the following:
|
|
582
582
|
|
|
583
|
-
<a id="
|
|
583
|
+
<a id="params-29da85"></a>• [`remove_all_params`](#params-29da85) - Optional Block<br>Enable this option
|
|
584
584
|
|
|
585
|
-
<a id="
|
|
585
|
+
<a id="params-cfccb5"></a>• [`replace_params`](#params-cfccb5) - Optional String<br>Replace All Parameters
|
|
586
586
|
|
|
587
|
-
<a id="
|
|
587
|
+
<a id="params-7e3845"></a>• [`retain_all_params`](#params-7e3845) - Optional Block<br>Enable this option
|
|
588
588
|
|
|
589
589
|
#### Routes Route Destination Regex Rewrite
|
|
590
590
|
|
|
591
591
|
A [`regex_rewrite`](#routes-route-destination-regex-rewrite) block (within [`routes.route_destination`](#routes-route-destination)) supports the following:
|
|
592
592
|
|
|
593
|
-
<a id="
|
|
593
|
+
<a id="pattern-a0e73b"></a>• [`pattern`](#pattern-a0e73b) - Optional String<br>Pattern. The regular expression used to find portions of a string that should be replaced
|
|
594
594
|
|
|
595
|
-
<a id="
|
|
595
|
+
<a id="substitution-90a61f"></a>• [`substitution`](#substitution-90a61f) - Optional String<br>Substitution. The string that should be substituted into matching portions of the subject string during a substitution operation to produce a new string
|
|
596
596
|
|
|
597
597
|
#### Routes Route Destination Retry Policy
|
|
598
598
|
|
|
599
599
|
A [`retry_policy`](#routes-route-destination-retry-policy) block (within [`routes.route_destination`](#routes-route-destination)) supports the following:
|
|
600
600
|
|
|
601
|
-
<a id="
|
|
601
|
+
<a id="off-5007a2"></a>• [`back_off`](#off-5007a2) - Optional Block<br>Retry BackOff Interval. Specifies parameters that control retry back off<br>See [Back Off](#off-5007a2) below.
|
|
602
602
|
|
|
603
|
-
<a id="
|
|
603
|
+
<a id="retries-cc8e48"></a>• [`num_retries`](#retries-cc8e48) - Optional Number Defaults to `1`<br>Number of Retries. Specifies the allowed number of retries. Retries can be done any number of times. An exponential back-off algorithm is used between each retry
|
|
604
604
|
|
|
605
|
-
<a id="
|
|
605
|
+
<a id="timeout-16fe27"></a>• [`per_try_timeout`](#timeout-16fe27) - Optional Number<br>Per Try Timeout. Specifies a non-zero timeout per retry attempt. In milliseconds
|
|
606
606
|
|
|
607
|
-
<a id="
|
|
607
|
+
<a id="codes-b9b5e6"></a>• [`retriable_status_codes`](#codes-b9b5e6) - Optional List<br>Status Code to Retry. HTTP status codes that should trigger a retry in addition to those specified by retry_on
|
|
608
608
|
|
|
609
|
-
<a id="
|
|
609
|
+
<a id="condition-4593ce"></a>• [`retry_condition`](#condition-4593ce) - Optional List<br>Retry Condition. Specifies the conditions under which retry takes place. Retries can be on different types of condition depending on application requirements. For example, network failure, all 5xx response codes, idempotent 4xx response codes, etc The possible values are '5xx' : Retry will be done if the upstream server responds with any 5xx response code, or does not respond at all (disconnect/reset/read timeout). 'gateway-error' : Retry will be done only if the upstream server responds with 502, 503 or 504 responses (Included in 5xx) 'connect-failure' : Retry will be done if the request fails because of a connection failure to the upstream server (connect timeout, etc.). (Included in 5xx) 'refused-stream' : Retry is done if the upstream server resets the stream with a REFUSED_STREAM error code (Included in 5xx) 'retriable-4xx' : Retry is done if the upstream server responds with a retriable 4xx response code. The only response code in this category is HTTP CONFLICT (409) 'retriable-status-codes' : Retry is done if the upstream server responds with any response code matching one defined in retriable_status_codes field 'reset' : Retry is done if the upstream server does not respond at all (disconnect/reset/read timeout.)
|
|
610
610
|
|
|
611
611
|
#### Routes Route Destination Retry Policy Back Off
|
|
612
612
|
|
|
613
|
-
A [`back_off`](#
|
|
613
|
+
A [`back_off`](#off-5007a2) block (within [`routes.route_destination.retry_policy`](#routes-route-destination-retry-policy)) supports the following:
|
|
614
614
|
|
|
615
|
-
<a id="
|
|
615
|
+
<a id="interval-8d7a2c"></a>• [`base_interval`](#interval-8d7a2c) - Optional Number<br>Base Retry Interval. Specifies the base interval between retries in milliseconds
|
|
616
616
|
|
|
617
|
-
<a id="
|
|
617
|
+
<a id="interval-311cb7"></a>• [`max_interval`](#interval-311cb7) - Optional Number Defaults to `10`<br>Maximum Retry Interval. Specifies the maximum interval between retries in milliseconds. This parameter is optional, but must be greater than or equal to the base_interval if set. The times the base_interval
|
|
618
618
|
|
|
619
619
|
#### Routes Route Destination Spdy Config
|
|
620
620
|
|
|
621
621
|
A [`spdy_config`](#routes-route-destination-spdy-config) block (within [`routes.route_destination`](#routes-route-destination)) supports the following:
|
|
622
622
|
|
|
623
|
-
<a id="
|
|
623
|
+
<a id="spdy-22a727"></a>• [`use_spdy`](#spdy-22a727) - Optional Bool<br>Use SPDY. Specifies that the HTTP client connection to this route is allowed to upgrade to a SPDY connection
|
|
624
624
|
|
|
625
625
|
#### Routes Route Destination Web Socket Config
|
|
626
626
|
|
|
627
|
-
A [`web_socket_config`](#
|
|
627
|
+
A [`web_socket_config`](#config-449c3d) block (within [`routes.route_destination`](#routes-route-destination)) supports the following:
|
|
628
628
|
|
|
629
|
-
<a id="
|
|
629
|
+
<a id="websocket-dbbf3e"></a>• [`use_websocket`](#websocket-dbbf3e) - Optional Bool<br>Use WebSocket. Specifies that the HTTP client connection to this route is allowed to upgrade to a WebSocket connection
|
|
630
630
|
|
|
631
631
|
#### Routes Route Direct Response
|
|
632
632
|
|
|
633
633
|
A [`route_direct_response`](#routes-route-direct-response) block (within [`routes`](#routes)) supports the following:
|
|
634
634
|
|
|
635
|
-
<a id="
|
|
635
|
+
<a id="encoded-023a3e"></a>• [`response_body_encoded`](#encoded-023a3e) - Optional String<br>Response Body. Response body to send. Currently supported URL schemes is string:/// for which message should be encoded in Base64 format. The message can be either plain text or HTML. E.g. '`<p>` Access Denied `</p>`'. Base64 encoded string URL for this is string:///PHA+IEFjY2VzcyBEZW5pZWQgPC9wPg==
|
|
636
636
|
|
|
637
|
-
<a id="
|
|
637
|
+
<a id="code-e27cc8"></a>• [`response_code`](#code-e27cc8) - Optional Number<br>Response Code. response code to send
|
|
638
638
|
|
|
639
639
|
#### Routes Route Redirect
|
|
640
640
|
|
|
@@ -686,21 +686,21 @@ A [`waf_type`](#routes-waf-type) block (within [`routes`](#routes)) supports the
|
|
|
686
686
|
|
|
687
687
|
An [`app_firewall`](#routes-waf-type-app-firewall) block (within [`routes.waf_type`](#routes-waf-type)) supports the following:
|
|
688
688
|
|
|
689
|
-
<a id="
|
|
689
|
+
<a id="firewall-9775b3"></a>• [`app_firewall`](#firewall-9775b3) - Optional Block<br>Application Firewall. References to an Application Firewall configuration object<br>See [App Firewall](#firewall-9775b3) below.
|
|
690
690
|
|
|
691
691
|
#### Routes WAF Type App Firewall App Firewall
|
|
692
692
|
|
|
693
|
-
An [`app_firewall`](#
|
|
693
|
+
An [`app_firewall`](#firewall-9775b3) block (within [`routes.waf_type.app_firewall`](#routes-waf-type-app-firewall)) supports the following:
|
|
694
694
|
|
|
695
|
-
<a id="
|
|
695
|
+
<a id="kind-13aebd"></a>• [`kind`](#kind-13aebd) - Optional String<br>Kind. When a configuration object(e.g. virtual_host) refers to another(e.g route) then kind will hold the referred object's kind (e.g. 'route')
|
|
696
696
|
|
|
697
|
-
<a id="
|
|
697
|
+
<a id="name-028577"></a>• [`name`](#name-028577) - Optional String<br>Name. When a configuration object(e.g. virtual_host) refers to another(e.g route) then name will hold the referred object's(e.g. route's) name
|
|
698
698
|
|
|
699
|
-
<a id="
|
|
699
|
+
<a id="namespace-38fd49"></a>• [`namespace`](#namespace-38fd49) - Optional String<br>Namespace. When a configuration object(e.g. virtual_host) refers to another(e.g route) then namespace will hold the referred object's(e.g. route's) namespace
|
|
700
700
|
|
|
701
|
-
<a id="
|
|
701
|
+
<a id="tenant-853650"></a>• [`tenant`](#tenant-853650) - Optional String<br>Tenant. When a configuration object(e.g. virtual_host) refers to another(e.g route) then tenant will hold the referred object's(e.g. route's) tenant
|
|
702
702
|
|
|
703
|
-
<a id="
|
|
703
|
+
<a id="uid-f378e6"></a>• [`uid`](#uid-f378e6) - Optional String<br>UID. When a configuration object(e.g. virtual_host) refers to another(e.g route) then uid will hold the referred object's(e.g. route's) uid
|
|
704
704
|
|
|
705
705
|
#### Timeouts
|
|
706
706
|
|