@robinmordasiewicz/f5xc-terraform-mcp 2.4.8 → 2.6.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/docs/data-sources/addon_subscription.md +85 -2
- package/dist/docs/data-sources/address_allocator.md +85 -2
- package/dist/docs/data-sources/advertise_policy.md +85 -2
- package/dist/docs/data-sources/alert_policy.md +85 -2
- package/dist/docs/data-sources/alert_receiver.md +85 -2
- package/dist/docs/data-sources/allowed_tenant.md +85 -2
- package/dist/docs/data-sources/api_crawler.md +85 -2
- package/dist/docs/data-sources/api_credential.md +85 -2
- package/dist/docs/data-sources/api_definition.md +85 -2
- package/dist/docs/data-sources/api_discovery.md +85 -2
- package/dist/docs/data-sources/api_testing.md +85 -2
- package/dist/docs/data-sources/apm.md +85 -2
- package/dist/docs/data-sources/app_api_group.md +85 -2
- package/dist/docs/data-sources/app_firewall.md +85 -2
- package/dist/docs/data-sources/app_setting.md +85 -2
- package/dist/docs/data-sources/app_type.md +85 -2
- package/dist/docs/data-sources/authentication.md +85 -2
- package/dist/docs/data-sources/aws_tgw_site.md +85 -2
- package/dist/docs/data-sources/aws_vpc_site.md +85 -2
- package/dist/docs/data-sources/azure_vnet_site.md +85 -2
- package/dist/docs/data-sources/bgp.md +85 -2
- package/dist/docs/data-sources/bgp_asn_set.md +85 -2
- package/dist/docs/data-sources/bgp_routing_policy.md +85 -2
- package/dist/docs/data-sources/bigip_irule.md +85 -2
- package/dist/docs/data-sources/bot_defense_app_infrastructure.md +85 -2
- package/dist/docs/data-sources/cdn_cache_rule.md +85 -2
- package/dist/docs/data-sources/cdn_loadbalancer.md +85 -2
- package/dist/docs/data-sources/certificate.md +85 -2
- package/dist/docs/data-sources/certificate_chain.md +85 -2
- package/dist/docs/data-sources/child_tenant.md +85 -2
- package/dist/docs/data-sources/child_tenant_manager.md +85 -2
- package/dist/docs/data-sources/cloud_connect.md +85 -2
- package/dist/docs/data-sources/cloud_credentials.md +85 -2
- package/dist/docs/data-sources/cloud_elastic_ip.md +85 -2
- package/dist/docs/data-sources/cloud_link.md +85 -2
- package/dist/docs/data-sources/cluster.md +85 -2
- package/dist/docs/data-sources/cminstance.md +85 -2
- package/dist/docs/data-sources/code_base_integration.md +85 -2
- package/dist/docs/data-sources/contact.md +85 -2
- package/dist/docs/data-sources/container_registry.md +85 -2
- package/dist/docs/data-sources/crl.md +85 -2
- package/dist/docs/data-sources/customer_support.md +85 -2
- package/dist/docs/data-sources/data_group.md +85 -2
- package/dist/docs/data-sources/data_type.md +85 -2
- package/dist/docs/data-sources/dc_cluster_group.md +85 -2
- package/dist/docs/data-sources/discovery.md +85 -2
- package/dist/docs/data-sources/dns_compliance_checks.md +85 -2
- package/dist/docs/data-sources/dns_domain.md +85 -2
- package/dist/docs/data-sources/dns_lb_health_check.md +85 -2
- package/dist/docs/data-sources/dns_lb_pool.md +85 -2
- package/dist/docs/data-sources/dns_load_balancer.md +85 -2
- package/dist/docs/data-sources/dns_zone.md +85 -2
- package/dist/docs/data-sources/endpoint.md +85 -2
- package/dist/docs/data-sources/enhanced_firewall_policy.md +85 -2
- package/dist/docs/data-sources/external_connector.md +85 -2
- package/dist/docs/data-sources/fast_acl.md +85 -2
- package/dist/docs/data-sources/fast_acl_rule.md +85 -2
- package/dist/docs/data-sources/filter_set.md +85 -2
- package/dist/docs/data-sources/fleet.md +85 -2
- package/dist/docs/data-sources/forward_proxy_policy.md +85 -2
- package/dist/docs/data-sources/forwarding_class.md +85 -2
- package/dist/docs/data-sources/gcp_vpc_site.md +85 -2
- package/dist/docs/data-sources/geo_location_set.md +85 -2
- package/dist/docs/data-sources/global_log_receiver.md +85 -2
- package/dist/docs/data-sources/healthcheck.md +85 -2
- package/dist/docs/data-sources/http_loadbalancer.md +85 -2
- package/dist/docs/data-sources/ike1.md +85 -2
- package/dist/docs/data-sources/ike2.md +85 -2
- package/dist/docs/data-sources/ike_phase1_profile.md +85 -2
- package/dist/docs/data-sources/ike_phase2_profile.md +85 -2
- package/dist/docs/data-sources/infraprotect_asn.md +85 -2
- package/dist/docs/data-sources/infraprotect_asn_prefix.md +85 -2
- package/dist/docs/data-sources/infraprotect_deny_list_rule.md +85 -2
- package/dist/docs/data-sources/infraprotect_firewall_rule.md +85 -2
- package/dist/docs/data-sources/infraprotect_firewall_rule_group.md +85 -2
- package/dist/docs/data-sources/infraprotect_internet_prefix_advertisement.md +85 -2
- package/dist/docs/data-sources/infraprotect_tunnel.md +85 -2
- package/dist/docs/data-sources/ip_prefix_set.md +85 -2
- package/dist/docs/data-sources/irule.md +85 -2
- package/dist/docs/data-sources/k8s_cluster.md +85 -2
- package/dist/docs/data-sources/k8s_cluster_role.md +85 -2
- package/dist/docs/data-sources/k8s_cluster_role_binding.md +85 -2
- package/dist/docs/data-sources/k8s_pod_security_admission.md +85 -2
- package/dist/docs/data-sources/k8s_pod_security_policy.md +85 -2
- package/dist/docs/data-sources/log_receiver.md +85 -2
- package/dist/docs/data-sources/malicious_user_mitigation.md +85 -2
- package/dist/docs/data-sources/managed_tenant.md +85 -2
- package/dist/docs/data-sources/namespace.md +85 -2
- package/dist/docs/data-sources/nat_policy.md +85 -2
- package/dist/docs/data-sources/network_connector.md +85 -2
- package/dist/docs/data-sources/network_firewall.md +85 -2
- package/dist/docs/data-sources/network_interface.md +85 -2
- package/dist/docs/data-sources/network_policy.md +85 -2
- package/dist/docs/data-sources/network_policy_rule.md +85 -2
- package/dist/docs/data-sources/network_policy_view.md +85 -2
- package/dist/docs/data-sources/nfv_service.md +85 -2
- package/dist/docs/data-sources/oidc_provider.md +85 -2
- package/dist/docs/data-sources/origin_pool.md +85 -2
- package/dist/docs/data-sources/policer.md +85 -2
- package/dist/docs/data-sources/policy_based_routing.md +85 -2
- package/dist/docs/data-sources/protocol_inspection.md +85 -2
- package/dist/docs/data-sources/protocol_policer.md +85 -2
- package/dist/docs/data-sources/proxy.md +85 -2
- package/dist/docs/data-sources/quota.md +85 -2
- package/dist/docs/data-sources/rate_limiter.md +85 -2
- package/dist/docs/data-sources/rate_limiter_policy.md +85 -2
- package/dist/docs/data-sources/registration.md +85 -2
- package/dist/docs/data-sources/report_config.md +85 -2
- package/dist/docs/data-sources/role.md +85 -2
- package/dist/docs/data-sources/route.md +85 -2
- package/dist/docs/data-sources/secret_management_access.md +85 -2
- package/dist/docs/data-sources/secret_policy.md +85 -2
- package/dist/docs/data-sources/secret_policy_rule.md +85 -2
- package/dist/docs/data-sources/securemesh_site.md +85 -2
- package/dist/docs/data-sources/securemesh_site_v2.md +85 -2
- package/dist/docs/data-sources/segment.md +85 -2
- package/dist/docs/data-sources/sensitive_data_policy.md +85 -2
- package/dist/docs/data-sources/service_policy.md +85 -2
- package/dist/docs/data-sources/service_policy_rule.md +85 -2
- package/dist/docs/data-sources/site_mesh_group.md +85 -2
- package/dist/docs/data-sources/srv6_network_slice.md +85 -2
- package/dist/docs/data-sources/subnet.md +85 -2
- package/dist/docs/data-sources/tcp_loadbalancer.md +85 -2
- package/dist/docs/data-sources/tenant_configuration.md +85 -2
- package/dist/docs/data-sources/tenant_profile.md +85 -2
- package/dist/docs/data-sources/ticket_tracking_system.md +85 -2
- package/dist/docs/data-sources/token.md +85 -2
- package/dist/docs/data-sources/tpm_api_key.md +85 -2
- package/dist/docs/data-sources/tpm_category.md +85 -2
- package/dist/docs/data-sources/tpm_manager.md +85 -2
- package/dist/docs/data-sources/trusted_ca_list.md +85 -2
- package/dist/docs/data-sources/tunnel.md +85 -2
- package/dist/docs/data-sources/udp_loadbalancer.md +85 -2
- package/dist/docs/data-sources/usb_policy.md +85 -2
- package/dist/docs/data-sources/user_identification.md +85 -2
- package/dist/docs/data-sources/virtual_host.md +85 -2
- package/dist/docs/data-sources/virtual_k8s.md +85 -2
- package/dist/docs/data-sources/virtual_network.md +85 -2
- package/dist/docs/data-sources/virtual_site.md +85 -2
- package/dist/docs/data-sources/voltshare_admin_policy.md +85 -2
- package/dist/docs/data-sources/voltstack_site.md +85 -2
- package/dist/docs/data-sources/waf_exclusion_policy.md +85 -2
- package/dist/docs/data-sources/workload.md +85 -2
- package/dist/docs/data-sources/workload_flavor.md +85 -2
- package/dist/docs/guides/advanced-http-loadbalancer.md +569 -0
- package/dist/docs/resources/addon_subscription.md +87 -10
- package/dist/docs/resources/address_allocator.md +86 -3
- package/dist/docs/resources/advertise_policy.md +112 -57
- package/dist/docs/resources/alert_policy.md +91 -8
- package/dist/docs/resources/alert_receiver.md +94 -55
- package/dist/docs/resources/allowed_tenant.md +87 -10
- package/dist/docs/resources/api_crawler.md +86 -3
- package/dist/docs/resources/api_credential.md +86 -3
- package/dist/docs/resources/api_definition.md +89 -6
- package/dist/docs/resources/api_discovery.md +86 -3
- package/dist/docs/resources/api_testing.md +95 -52
- package/dist/docs/resources/apm.md +156 -519
- package/dist/docs/resources/app_api_group.md +90 -25
- package/dist/docs/resources/app_firewall.md +87 -6
- package/dist/docs/resources/app_setting.md +97 -66
- package/dist/docs/resources/app_type.md +86 -3
- package/dist/docs/resources/authentication.md +90 -27
- package/dist/docs/resources/aws_tgw_site.md +125 -222
- package/dist/docs/resources/aws_vpc_site.md +149 -352
- package/dist/docs/resources/azure_vnet_site.md +233 -860
- package/dist/docs/resources/bgp.md +103 -32
- package/dist/docs/resources/bgp_asn_set.md +86 -3
- package/dist/docs/resources/bgp_routing_policy.md +86 -3
- package/dist/docs/resources/bigip_irule.md +86 -3
- package/dist/docs/resources/bot_defense_app_infrastructure.md +86 -3
- package/dist/docs/resources/cdn_cache_rule.md +97 -120
- package/dist/docs/resources/cdn_loadbalancer.md +325 -1620
- package/dist/docs/resources/certificate.md +87 -10
- package/dist/docs/resources/certificate_chain.md +86 -3
- package/dist/docs/resources/child_tenant.md +88 -17
- package/dist/docs/resources/child_tenant_manager.md +88 -17
- package/dist/docs/resources/cloud_connect.md +98 -63
- package/dist/docs/resources/cloud_credentials.md +92 -39
- package/dist/docs/resources/cloud_elastic_ip.md +91 -8
- package/dist/docs/resources/cloud_link.md +90 -29
- package/dist/docs/resources/cluster.md +109 -66
- package/dist/docs/resources/cminstance.md +86 -3
- package/dist/docs/resources/code_base_integration.md +100 -87
- package/dist/docs/resources/contact.md +86 -3
- package/dist/docs/resources/container_registry.md +86 -3
- package/dist/docs/resources/crl.md +86 -3
- package/dist/docs/resources/customer_support.md +91 -8
- package/dist/docs/resources/data_group.md +86 -3
- package/dist/docs/resources/data_type.md +88 -9
- package/dist/docs/resources/dc_cluster_group.md +86 -3
- package/dist/docs/resources/discovery.md +115 -104
- package/dist/docs/resources/dns_compliance_checks.md +86 -3
- package/dist/docs/resources/dns_domain.md +86 -3
- package/dist/docs/resources/dns_lb_health_check.md +86 -3
- package/dist/docs/resources/dns_lb_pool.md +87 -10
- package/dist/docs/resources/dns_load_balancer.md +95 -40
- package/dist/docs/resources/dns_zone.md +86 -3
- package/dist/docs/resources/endpoint.md +101 -18
- package/dist/docs/resources/enhanced_firewall_policy.md +89 -32
- package/dist/docs/resources/external_connector.md +94 -29
- package/dist/docs/resources/fast_acl.md +100 -101
- package/dist/docs/resources/fast_acl_rule.md +101 -18
- package/dist/docs/resources/filter_set.md +86 -3
- package/dist/docs/resources/fleet.md +170 -541
- package/dist/docs/resources/forward_proxy_policy.md +90 -31
- package/dist/docs/resources/forwarding_class.md +87 -10
- package/dist/docs/resources/gcp_vpc_site.md +141 -328
- package/dist/docs/resources/geo_location_set.md +86 -3
- package/dist/docs/resources/global_log_receiver.md +116 -181
- package/dist/docs/resources/healthcheck.md +86 -3
- package/dist/docs/resources/http_loadbalancer.md +523 -2778
- package/dist/docs/resources/ike1.md +86 -3
- package/dist/docs/resources/ike2.md +86 -3
- package/dist/docs/resources/ike_phase1_profile.md +86 -3
- package/dist/docs/resources/ike_phase2_profile.md +86 -3
- package/dist/docs/resources/infraprotect_asn.md +86 -3
- package/dist/docs/resources/infraprotect_asn_prefix.md +87 -10
- package/dist/docs/resources/infraprotect_deny_list_rule.md +86 -3
- package/dist/docs/resources/infraprotect_firewall_rule.md +86 -3
- package/dist/docs/resources/infraprotect_firewall_rule_group.md +86 -3
- package/dist/docs/resources/infraprotect_internet_prefix_advertisement.md +86 -3
- package/dist/docs/resources/infraprotect_tunnel.md +90 -29
- package/dist/docs/resources/ip_prefix_set.md +86 -3
- package/dist/docs/resources/irule.md +86 -3
- package/dist/docs/resources/k8s_cluster.md +93 -58
- package/dist/docs/resources/k8s_cluster_role.md +87 -8
- package/dist/docs/resources/k8s_cluster_role_binding.md +87 -10
- package/dist/docs/resources/k8s_pod_security_admission.md +86 -3
- package/dist/docs/resources/k8s_pod_security_policy.md +87 -8
- package/dist/docs/resources/log_receiver.md +88 -15
- package/dist/docs/resources/malicious_user_mitigation.md +86 -3
- package/dist/docs/resources/managed_tenant.md +89 -12
- package/dist/docs/resources/namespace.md +86 -3
- package/dist/docs/resources/nat_policy.md +126 -43
- package/dist/docs/resources/network_connector.md +94 -51
- package/dist/docs/resources/network_firewall.md +90 -31
- package/dist/docs/resources/network_interface.md +93 -46
- package/dist/docs/resources/network_policy.md +96 -13
- package/dist/docs/resources/network_policy_rule.md +91 -8
- package/dist/docs/resources/network_policy_view.md +96 -13
- package/dist/docs/resources/nfv_service.md +153 -446
- package/dist/docs/resources/oidc_provider.md +86 -3
- package/dist/docs/resources/origin_pool.md +108 -145
- package/dist/docs/resources/policer.md +86 -3
- package/dist/docs/resources/policy_based_routing.md +100 -89
- package/dist/docs/resources/protocol_inspection.md +87 -10
- package/dist/docs/resources/protocol_policer.md +91 -8
- package/dist/docs/resources/proxy.md +154 -571
- package/dist/docs/resources/quota.md +86 -3
- package/dist/docs/resources/rate_limiter.md +91 -8
- package/dist/docs/resources/rate_limiter_policy.md +100 -23
- package/dist/docs/resources/registration.md +86 -3
- package/dist/docs/resources/report_config.md +87 -10
- package/dist/docs/resources/role.md +86 -3
- package/dist/docs/resources/route.md +113 -82
- package/dist/docs/resources/secret_management_access.md +127 -156
- package/dist/docs/resources/secret_policy.md +87 -4
- package/dist/docs/resources/secret_policy_rule.md +86 -3
- package/dist/docs/resources/securemesh_site.md +137 -380
- package/dist/docs/resources/securemesh_site_v2.md +289 -1204
- package/dist/docs/resources/segment.md +86 -3
- package/dist/docs/resources/sensitive_data_policy.md +87 -10
- package/dist/docs/resources/service_policy.md +115 -122
- package/dist/docs/resources/service_policy_rule.md +110 -59
- package/dist/docs/resources/site_mesh_group.md +92 -15
- package/dist/docs/resources/srv6_network_slice.md +86 -3
- package/dist/docs/resources/subnet.md +89 -20
- package/dist/docs/resources/tcp_loadbalancer.md +114 -185
- package/dist/docs/resources/tenant_configuration.md +86 -3
- package/dist/docs/resources/tenant_profile.md +87 -10
- package/dist/docs/resources/ticket_tracking_system.md +86 -3
- package/dist/docs/resources/token.md +86 -3
- package/dist/docs/resources/tpm_api_key.md +91 -8
- package/dist/docs/resources/tpm_category.md +91 -8
- package/dist/docs/resources/tpm_manager.md +86 -3
- package/dist/docs/resources/trusted_ca_list.md +86 -3
- package/dist/docs/resources/tunnel.md +91 -8
- package/dist/docs/resources/udp_loadbalancer.md +97 -80
- package/dist/docs/resources/usb_policy.md +86 -3
- package/dist/docs/resources/user_identification.md +86 -3
- package/dist/docs/resources/virtual_host.md +152 -177
- package/dist/docs/resources/virtual_k8s.md +92 -15
- package/dist/docs/resources/virtual_network.md +91 -8
- package/dist/docs/resources/virtual_site.md +86 -3
- package/dist/docs/resources/voltshare_admin_policy.md +86 -11
- package/dist/docs/resources/voltstack_site.md +380 -1365
- package/dist/docs/resources/waf_exclusion_policy.md +91 -28
- package/dist/docs/resources/workload.md +1189 -4148
- package/dist/docs/resources/workload_flavor.md +86 -3
- package/package.json +1 -1
|
@@ -2,12 +2,12 @@
|
|
|
2
2
|
page_title: "f5xc_apm Resource - terraform-provider-f5xc"
|
|
3
3
|
subcategory: "Monitoring"
|
|
4
4
|
description: |-
|
|
5
|
-
|
|
5
|
+
Manages new APM as a service with configured parameters in F5 Distributed Cloud.
|
|
6
6
|
---
|
|
7
7
|
|
|
8
8
|
# f5xc_apm (Resource)
|
|
9
9
|
|
|
10
|
-
|
|
10
|
+
Manages new APM as a service with configured parameters in F5 Distributed Cloud.
|
|
11
11
|
|
|
12
12
|
~> **Note** Please refer to [APM API docs](https://docs.cloud.f5.com/docs-v2/api/bigip-apm) to learn more.
|
|
13
13
|
|
|
@@ -15,7 +15,7 @@ description: |-
|
|
|
15
15
|
|
|
16
16
|
```terraform
|
|
17
17
|
# APM Resource Example
|
|
18
|
-
#
|
|
18
|
+
# Manages new APM as a service with configured parameters in F5 Distributed Cloud.
|
|
19
19
|
|
|
20
20
|
# Basic APM configuration
|
|
21
21
|
resource "f5xc_apm" "example" {
|
|
@@ -110,115 +110,47 @@ An [`apm_aws_site`](#aws-site-type-choice-apm-aws-site) block (within [`aws_site
|
|
|
110
110
|
|
|
111
111
|
#### AWS Site Type Choice APM AWS Site Admin Password
|
|
112
112
|
|
|
113
|
-
|
|
114
|
-
|
|
115
|
-
<a id="info-60b371"></a>• [`blindfold_secret_info`](#info-60b371) - Optional Block<br>Blindfold Secret. BlindfoldSecretInfoType specifies information about the Secret managed by F5XC Secret Management<br>See [Blindfold Secret Info](#info-60b371) below.
|
|
116
|
-
|
|
117
|
-
<a id="info-a13599"></a>• [`clear_secret_info`](#info-a13599) - Optional Block<br>In-Clear Secret. ClearSecretInfoType specifies information about the Secret that is not encrypted<br>See [Clear Secret Info](#info-a13599) below.
|
|
113
|
+
<a id="deep-c67eee"></a>Deeply nested **Password** block collapsed for readability.
|
|
118
114
|
|
|
119
115
|
#### AWS Site Type Choice APM AWS Site Admin Password Blindfold Secret Info
|
|
120
116
|
|
|
121
|
-
|
|
122
|
-
|
|
123
|
-
<a id="provider-89288f"></a>• [`decryption_provider`](#provider-89288f) - Optional String<br>Decryption Provider. Name of the Secret Management Access object that contains information about the backend Secret Management service
|
|
124
|
-
|
|
125
|
-
<a id="location-06e5de"></a>• [`location`](#location-06e5de) - Optional String<br>Location. Location is the uri_ref. It could be in URL format for string:/// Or it could be a path if the store provider is an HTTP/HTTPS location
|
|
126
|
-
|
|
127
|
-
<a id="provider-e63bce"></a>• [`store_provider`](#provider-e63bce) - Optional String<br>Store Provider. Name of the Secret Management Access object that contains information about the store to get encrypted bytes This field needs to be provided only if the URL scheme is not string:///
|
|
117
|
+
<a id="deep-bdeb15"></a>Deeply nested **Info** block collapsed for readability.
|
|
128
118
|
|
|
129
119
|
#### AWS Site Type Choice APM AWS Site Admin Password Clear Secret Info
|
|
130
120
|
|
|
131
|
-
|
|
132
|
-
|
|
133
|
-
<a id="ref-b1dd81"></a>• [`provider_ref`](#ref-b1dd81) - Optional String<br>Provider. Name of the Secret Management Access object that contains information about the store to get encrypted bytes This field needs to be provided only if the URL scheme is not string:///
|
|
134
|
-
|
|
135
|
-
<a id="url-31b4e4"></a>• [`url`](#url-31b4e4) - Optional String<br>URL. URL of the secret. Currently supported URL schemes is string:///. For string:/// scheme, Secret needs to be encoded Base64 format. When asked for this secret, caller will get Secret bytes after Base64 decoding
|
|
121
|
+
<a id="deep-3cb858"></a>Deeply nested **Info** block collapsed for readability.
|
|
136
122
|
|
|
137
123
|
#### AWS Site Type Choice APM AWS Site AWS TGW Site
|
|
138
124
|
|
|
139
|
-
|
|
140
|
-
|
|
141
|
-
<a id="site-e5d82e"></a>• [`aws_tgw_site`](#site-e5d82e) - Optional Block<br>Object reference. This type establishes a direct reference from one object(the referrer) to another(the referred). Such a reference is in form of tenant/namespace/name<br>See [AWS TGW Site](#site-e5d82e) below.
|
|
125
|
+
<a id="deep-eb82aa"></a>Deeply nested **Site** block collapsed for readability.
|
|
142
126
|
|
|
143
127
|
#### AWS Site Type Choice APM AWS Site AWS TGW Site AWS TGW Site
|
|
144
128
|
|
|
145
|
-
|
|
146
|
-
|
|
147
|
-
<a id="name-ed2396"></a>• [`name`](#name-ed2396) - Optional String<br>Name. When a configuration object(e.g. virtual_host) refers to another(e.g route) then name will hold the referred object's(e.g. route's) name
|
|
148
|
-
|
|
149
|
-
<a id="namespace-20e2a1"></a>• [`namespace`](#namespace-20e2a1) - Optional String<br>Namespace. When a configuration object(e.g. virtual_host) refers to another(e.g route) then namespace will hold the referred object's(e.g. route's) namespace
|
|
150
|
-
|
|
151
|
-
<a id="tenant-f6912c"></a>• [`tenant`](#tenant-f6912c) - Optional String<br>Tenant. When a configuration object(e.g. virtual_host) refers to another(e.g route) then tenant will hold the referred object's(e.g. route's) tenant
|
|
129
|
+
<a id="deep-6dfabb"></a>Deeply nested **Site** block collapsed for readability.
|
|
152
130
|
|
|
153
131
|
#### AWS Site Type Choice APM AWS Site Endpoint Service
|
|
154
132
|
|
|
155
|
-
|
|
156
|
-
|
|
157
|
-
<a id="slo-ip-622624"></a>• [`advertise_on_slo_ip`](#slo-ip-622624) - Optional Block<br>Enable this option
|
|
158
|
-
|
|
159
|
-
<a id="external-61b9da"></a>• [`advertise_on_slo_ip_external`](#external-61b9da) - Optional Block<br>Enable this option
|
|
160
|
-
|
|
161
|
-
<a id="vip-4ea744"></a>• [`automatic_vip`](#vip-4ea744) - Optional Block<br>Enable this option
|
|
162
|
-
|
|
163
|
-
<a id="vip-4dcfed"></a>• [`configured_vip`](#vip-4dcfed) - Optional String<br>Configured VIP. Enter IP address for the default VIP
|
|
164
|
-
|
|
165
|
-
<a id="ports-79b68c"></a>• [`custom_tcp_ports`](#ports-79b68c) - Optional Block<br>Port Range List. List of port ranges<br>See [Custom TCP Ports](#ports-79b68c) below.
|
|
166
|
-
|
|
167
|
-
<a id="ports-1edf2b"></a>• [`custom_udp_ports`](#ports-1edf2b) - Optional Block<br>Port Range List. List of port ranges<br>See [Custom UDP Ports](#ports-1edf2b) below.
|
|
168
|
-
|
|
169
|
-
<a id="ports-2dd037"></a>• [`default_tcp_ports`](#ports-2dd037) - Optional Block<br>Enable this option
|
|
170
|
-
|
|
171
|
-
<a id="slo-ip-b205a0"></a>• [`disable_advertise_on_slo_ip`](#slo-ip-b205a0) - Optional Block<br>Enable this option
|
|
172
|
-
|
|
173
|
-
<a id="port-591bc4"></a>• [`http_port`](#port-591bc4) - Optional Block<br>Enable this option
|
|
174
|
-
|
|
175
|
-
<a id="port-517e0a"></a>• [`https_port`](#port-517e0a) - Optional Block<br>Enable this option
|
|
176
|
-
|
|
177
|
-
<a id="ports-fec4a7"></a>• [`no_tcp_ports`](#ports-fec4a7) - Optional Block<br>Enable this option
|
|
178
|
-
|
|
179
|
-
<a id="ports-9f3544"></a>• [`no_udp_ports`](#ports-9f3544) - Optional Block<br>Enable this option
|
|
133
|
+
<a id="deep-a858c1"></a>Deeply nested **Service** block collapsed for readability.
|
|
180
134
|
|
|
181
135
|
#### AWS Site Type Choice APM AWS Site Endpoint Service Custom TCP Ports
|
|
182
136
|
|
|
183
|
-
|
|
184
|
-
|
|
185
|
-
<a id="ports-f94962"></a>• [`ports`](#ports-f94962) - Optional List<br>Port Ranges. List of port ranges. Each range is a single port or a pair of start and end ports e.g. 8080-8192
|
|
137
|
+
<a id="deep-e532fe"></a>Deeply nested **Ports** block collapsed for readability.
|
|
186
138
|
|
|
187
139
|
#### AWS Site Type Choice APM AWS Site Endpoint Service Custom UDP Ports
|
|
188
140
|
|
|
189
|
-
|
|
190
|
-
|
|
191
|
-
<a id="ports-fe7f51"></a>• [`ports`](#ports-fe7f51) - Optional List<br>Port Ranges. List of port ranges. Each range is a single port or a pair of start and end ports e.g. 8080-8192
|
|
141
|
+
<a id="deep-1f0666"></a>Deeply nested **Ports** block collapsed for readability.
|
|
192
142
|
|
|
193
143
|
#### AWS Site Type Choice APM AWS Site Nodes
|
|
194
144
|
|
|
195
|
-
|
|
196
|
-
|
|
197
|
-
<a id="prefix-aacce8"></a>• [`automatic_prefix`](#prefix-aacce8) - Optional Block<br>Enable this option
|
|
198
|
-
|
|
199
|
-
<a id="name-2b7871"></a>• [`aws_az_name`](#name-2b7871) - Optional String<br>AWS AZ Name. The AWS Availability Zone must be consistent with the AWS Region chosen. Please select an AZ in the same Region as your TGW Site
|
|
200
|
-
|
|
201
|
-
<a id="subnet-7d1f57"></a>• [`mgmt_subnet`](#subnet-7d1f57) - Optional Block<br>AWS Subnet. Parameters for AWS subnet<br>See [Mgmt Subnet](#subnet-7d1f57) below.
|
|
202
|
-
|
|
203
|
-
<a id="name-d6e2fd"></a>• [`node_name`](#name-d6e2fd) - Optional String<br>Node Name. Node Name will be used to assign as hostname to the service
|
|
204
|
-
|
|
205
|
-
<a id="subnet-1ec977"></a>• [`reserved_mgmt_subnet`](#subnet-1ec977) - Optional Block<br>Enable this option
|
|
206
|
-
|
|
207
|
-
<a id="prefix-9f93cf"></a>• [`tunnel_prefix`](#prefix-9f93cf) - Optional String<br>Tunnel IP Prefix. Enter IP prefix for the tunnel, it has to be /30
|
|
145
|
+
<a id="deep-028565"></a>Deeply nested **Nodes** block collapsed for readability.
|
|
208
146
|
|
|
209
147
|
#### AWS Site Type Choice APM AWS Site Nodes Mgmt Subnet
|
|
210
148
|
|
|
211
|
-
|
|
212
|
-
|
|
213
|
-
<a id="subnet-id-163629"></a>• [`existing_subnet_id`](#subnet-id-163629) - Optional String<br>Existing Subnet ID. Information about existing subnet ID
|
|
214
|
-
|
|
215
|
-
<a id="param-2694e6"></a>• [`subnet_param`](#param-2694e6) - Optional Block<br>New Cloud Subnet Parameters. Parameters for creating a new cloud subnet<br>See [Subnet Param](#param-2694e6) below.
|
|
149
|
+
<a id="deep-d99c71"></a>Deeply nested **Subnet** block collapsed for readability.
|
|
216
150
|
|
|
217
151
|
#### AWS Site Type Choice APM AWS Site Nodes Mgmt Subnet Subnet Param
|
|
218
152
|
|
|
219
|
-
|
|
220
|
-
|
|
221
|
-
<a id="ipv4-a87d6e"></a>• [`ipv4`](#ipv4-a87d6e) - Optional String<br>IPv4 Subnet. IPv4 subnet prefix for this subnet
|
|
153
|
+
<a id="deep-4101d1"></a>Deeply nested **Param** block collapsed for readability.
|
|
222
154
|
|
|
223
155
|
#### AWS Site Type Choice Market Place Image
|
|
224
156
|
|
|
@@ -236,151 +168,59 @@ A [`baremetal_site_type_choice`](#baremetal-site-type-choice) block supports the
|
|
|
236
168
|
|
|
237
169
|
#### Baremetal Site Type Choice F5 Bare Metal Site
|
|
238
170
|
|
|
239
|
-
|
|
240
|
-
|
|
241
|
-
<a id="password-7a55a1"></a>• [`admin_password`](#password-7a55a1) - Optional Block<br>Secret. SecretType is used in an object to indicate a sensitive/confidential field<br>See [Admin Password](#password-7a55a1) below.
|
|
242
|
-
|
|
243
|
-
<a id="username-f77a06"></a>• [`admin_username`](#username-f77a06) - Optional String<br>Admin Username. Admin Username for BIG-IP
|
|
244
|
-
|
|
245
|
-
<a id="site-12d7d5"></a>• [`bare_metal_site`](#site-12d7d5) - Optional Block<br>Object reference. This type establishes a direct reference from one object(the referrer) to another(the referred). Such a reference is in form of tenant/namespace/name<br>See [Bare Metal Site](#site-12d7d5) below.
|
|
246
|
-
|
|
247
|
-
<a id="instance-036acc"></a>• [`bigiq_instance`](#instance-036acc) - Optional Block<br>License Server Details. Specification for BIG-IQ Instance, where and what<br>See [Bigiq Instance](#instance-036acc) below.
|
|
248
|
-
|
|
249
|
-
<a id="nodes-d13441"></a>• [`nodes`](#nodes-d13441) - Optional Block<br>Service Nodes. Specify how and where the service nodes are spawned<br>See [Nodes](#nodes-d13441) below.
|
|
250
|
-
|
|
251
|
-
<a id="url-df9cd5"></a>• [`public_download_url`](#url-df9cd5) - Optional String<br>Image URL. Public URL where BIG-IP VE image (qcow2) is hosted
|
|
252
|
-
|
|
253
|
-
<a id="key-e678b6"></a>• [`ssh_key`](#key-e678b6) - Optional String<br>Public SSH key. Public SSH key for accessing the BIG-IP nodes
|
|
171
|
+
<a id="deep-80287a"></a>Deeply nested **Site** block collapsed for readability.
|
|
254
172
|
|
|
255
173
|
#### Baremetal Site Type Choice F5 Bare Metal Site Admin Password
|
|
256
174
|
|
|
257
|
-
|
|
258
|
-
|
|
259
|
-
<a id="info-129af5"></a>• [`blindfold_secret_info`](#info-129af5) - Optional Block<br>Blindfold Secret. BlindfoldSecretInfoType specifies information about the Secret managed by F5XC Secret Management<br>See [Blindfold Secret Info](#info-129af5) below.
|
|
260
|
-
|
|
261
|
-
<a id="info-5d1498"></a>• [`clear_secret_info`](#info-5d1498) - Optional Block<br>In-Clear Secret. ClearSecretInfoType specifies information about the Secret that is not encrypted<br>See [Clear Secret Info](#info-5d1498) below.
|
|
175
|
+
<a id="deep-2786fe"></a>Deeply nested **Password** block collapsed for readability.
|
|
262
176
|
|
|
263
177
|
#### Baremetal Site Type Choice F5 Bare Metal Site Admin Password Blindfold Secret Info
|
|
264
178
|
|
|
265
|
-
|
|
266
|
-
|
|
267
|
-
<a id="provider-66dae4"></a>• [`decryption_provider`](#provider-66dae4) - Optional String<br>Decryption Provider. Name of the Secret Management Access object that contains information about the backend Secret Management service
|
|
268
|
-
|
|
269
|
-
<a id="location-671d98"></a>• [`location`](#location-671d98) - Optional String<br>Location. Location is the uri_ref. It could be in URL format for string:/// Or it could be a path if the store provider is an HTTP/HTTPS location
|
|
270
|
-
|
|
271
|
-
<a id="provider-4f48bf"></a>• [`store_provider`](#provider-4f48bf) - Optional String<br>Store Provider. Name of the Secret Management Access object that contains information about the store to get encrypted bytes This field needs to be provided only if the URL scheme is not string:///
|
|
179
|
+
<a id="deep-ca463c"></a>Deeply nested **Info** block collapsed for readability.
|
|
272
180
|
|
|
273
181
|
#### Baremetal Site Type Choice F5 Bare Metal Site Admin Password Clear Secret Info
|
|
274
182
|
|
|
275
|
-
|
|
276
|
-
|
|
277
|
-
<a id="ref-c9c5e0"></a>• [`provider_ref`](#ref-c9c5e0) - Optional String<br>Provider. Name of the Secret Management Access object that contains information about the store to get encrypted bytes This field needs to be provided only if the URL scheme is not string:///
|
|
278
|
-
|
|
279
|
-
<a id="url-3d433e"></a>• [`url`](#url-3d433e) - Optional String<br>URL. URL of the secret. Currently supported URL schemes is string:///. For string:/// scheme, Secret needs to be encoded Base64 format. When asked for this secret, caller will get Secret bytes after Base64 decoding
|
|
183
|
+
<a id="deep-56d037"></a>Deeply nested **Info** block collapsed for readability.
|
|
280
184
|
|
|
281
185
|
#### Baremetal Site Type Choice F5 Bare Metal Site Bare Metal Site
|
|
282
186
|
|
|
283
|
-
|
|
284
|
-
|
|
285
|
-
<a id="name-3aa0ef"></a>• [`name`](#name-3aa0ef) - Optional String<br>Name. When a configuration object(e.g. virtual_host) refers to another(e.g route) then name will hold the referred object's(e.g. route's) name
|
|
286
|
-
|
|
287
|
-
<a id="namespace-33bcd0"></a>• [`namespace`](#namespace-33bcd0) - Optional String<br>Namespace. When a configuration object(e.g. virtual_host) refers to another(e.g route) then namespace will hold the referred object's(e.g. route's) namespace
|
|
288
|
-
|
|
289
|
-
<a id="tenant-b4548c"></a>• [`tenant`](#tenant-b4548c) - Optional String<br>Tenant. When a configuration object(e.g. virtual_host) refers to another(e.g route) then tenant will hold the referred object's(e.g. route's) tenant
|
|
187
|
+
<a id="deep-7f0c8f"></a>Deeply nested **Site** block collapsed for readability.
|
|
290
188
|
|
|
291
189
|
#### Baremetal Site Type Choice F5 Bare Metal Site Bigiq Instance
|
|
292
190
|
|
|
293
|
-
|
|
294
|
-
|
|
295
|
-
<a id="name-4ad760"></a>• [`license_pool_name`](#name-4ad760) - Optional String<br>License Pool Name. Name of Utility Pool on BIG-IQ
|
|
296
|
-
|
|
297
|
-
<a id="server-ip-77923c"></a>• [`license_server_ip`](#server-ip-77923c) - Optional String<br>License Server IP. IP Address from the TCP Load Balancer which is configured to communicate with License Server
|
|
298
|
-
|
|
299
|
-
<a id="password-db7269"></a>• [`password`](#password-db7269) - Optional Block<br>Secret. SecretType is used in an object to indicate a sensitive/confidential field<br>See [Password](#password-db7269) below.
|
|
300
|
-
|
|
301
|
-
<a id="name-fe91d5"></a>• [`sku_name`](#name-fe91d5) - Optional String<br>Offering Name. License offering name aka SKU name
|
|
302
|
-
|
|
303
|
-
<a id="username-bf14d5"></a>• [`username`](#username-bf14d5) - Optional String<br>User Name. User Name used to access BIG-IQ to activate the license
|
|
191
|
+
<a id="deep-1a28e0"></a>Deeply nested **Instance** block collapsed for readability.
|
|
304
192
|
|
|
305
193
|
#### Baremetal Site Type Choice F5 Bare Metal Site Bigiq Instance Password
|
|
306
194
|
|
|
307
|
-
|
|
308
|
-
|
|
309
|
-
<a id="info-53f845"></a>• [`blindfold_secret_info`](#info-53f845) - Optional Block<br>Blindfold Secret. BlindfoldSecretInfoType specifies information about the Secret managed by F5XC Secret Management<br>See [Blindfold Secret Info](#info-53f845) below.
|
|
310
|
-
|
|
311
|
-
<a id="info-b6ef20"></a>• [`clear_secret_info`](#info-b6ef20) - Optional Block<br>In-Clear Secret. ClearSecretInfoType specifies information about the Secret that is not encrypted<br>See [Clear Secret Info](#info-b6ef20) below.
|
|
195
|
+
<a id="deep-3c7b40"></a>Deeply nested **Password** block collapsed for readability.
|
|
312
196
|
|
|
313
197
|
#### Baremetal Site Type Choice F5 Bare Metal Site Bigiq Instance Password Blindfold Secret Info
|
|
314
198
|
|
|
315
|
-
|
|
316
|
-
|
|
317
|
-
<a id="provider-8f2abd"></a>• [`decryption_provider`](#provider-8f2abd) - Optional String<br>Decryption Provider. Name of the Secret Management Access object that contains information about the backend Secret Management service
|
|
318
|
-
|
|
319
|
-
<a id="location-3c1ace"></a>• [`location`](#location-3c1ace) - Optional String<br>Location. Location is the uri_ref. It could be in URL format for string:/// Or it could be a path if the store provider is an HTTP/HTTPS location
|
|
320
|
-
|
|
321
|
-
<a id="provider-8b133e"></a>• [`store_provider`](#provider-8b133e) - Optional String<br>Store Provider. Name of the Secret Management Access object that contains information about the store to get encrypted bytes This field needs to be provided only if the URL scheme is not string:///
|
|
199
|
+
<a id="deep-bc326a"></a>Deeply nested **Info** block collapsed for readability.
|
|
322
200
|
|
|
323
201
|
#### Baremetal Site Type Choice F5 Bare Metal Site Bigiq Instance Password Clear Secret Info
|
|
324
202
|
|
|
325
|
-
|
|
326
|
-
|
|
327
|
-
<a id="ref-cd9714"></a>• [`provider_ref`](#ref-cd9714) - Optional String<br>Provider. Name of the Secret Management Access object that contains information about the store to get encrypted bytes This field needs to be provided only if the URL scheme is not string:///
|
|
328
|
-
|
|
329
|
-
<a id="url-df6aed"></a>• [`url`](#url-df6aed) - Optional String<br>URL. URL of the secret. Currently supported URL schemes is string:///. For string:/// scheme, Secret needs to be encoded Base64 format. When asked for this secret, caller will get Secret bytes after Base64 decoding
|
|
203
|
+
<a id="deep-05cf9d"></a>Deeply nested **Info** block collapsed for readability.
|
|
330
204
|
|
|
331
205
|
#### Baremetal Site Type Choice F5 Bare Metal Site Nodes
|
|
332
206
|
|
|
333
|
-
|
|
334
|
-
|
|
335
|
-
<a id="size-c2ec7b"></a>• [`bm_node_memory_size`](#size-c2ec7b) - Optional String Defaults to `BM_8_GB_MEMORY`<br>Possible values are `BM_8_GB_MEMORY`, `BM_16_GB_MEMORY`, `BM_32_GB_MEMORY`<br>[Enum: BM_8_GB_MEMORY|BM_16_GB_MEMORY|BM_32_GB_MEMORY] Bare Metal ServiceNode Memory Size. Enum to define amount of memory to be assigned to the node - BM_8_GB_MEMORY: 8 GB - BM_16_GB_MEMORY: 16 GB - BM_32_GB_MEMORY: 32 GB
|
|
336
|
-
|
|
337
|
-
<a id="count-3392e9"></a>• [`bm_virtual_cpu_count`](#count-3392e9) - Optional String Defaults to `BM_4_VCPU`<br>Possible values are `BM_4_VCPU`, `BM_8_VCPU`<br>[Enum: BM_4_VCPU|BM_8_VCPU] Bare Metal ServiceNode Virtual CPU Count. Enum to define number of virtual CPU's to be assigned to the node - BM_4_VCPU: 4 virtual CPUs - BM_8_VCPU: 8 virtual CPUs
|
|
338
|
-
|
|
339
|
-
<a id="interface-e258b4"></a>• [`external_interface`](#interface-e258b4) - Optional Block<br>Interface.BIG-IP interface details<br>See [External Interface](#interface-e258b4) below.
|
|
340
|
-
|
|
341
|
-
<a id="interface-eb05e4"></a>• [`internal_interface`](#interface-eb05e4) - Optional Block<br>Interface.BIG-IP interface details<br>See [Internal Interface](#interface-eb05e4) below.
|
|
342
|
-
|
|
343
|
-
<a id="name-a0502c"></a>• [`node_name`](#name-a0502c) - Optional String<br>Node Name. Node Name will be used to assign as hostname to the service
|
|
207
|
+
<a id="deep-1ffeb8"></a>Deeply nested **Nodes** block collapsed for readability.
|
|
344
208
|
|
|
345
209
|
#### Baremetal Site Type Choice F5 Bare Metal Site Nodes External Interface
|
|
346
210
|
|
|
347
|
-
|
|
348
|
-
|
|
349
|
-
<a id="interface-0c27be"></a>• [`interface`](#interface-0c27be) - Optional Block<br>Object reference. This type establishes a direct reference from one object(the referrer) to another(the referred). Such a reference is in form of tenant/namespace/name<br>See [Interface](#interface-0c27be) below.
|
|
350
|
-
|
|
351
|
-
<a id="gateway-d23a59"></a>• [`network_gateway`](#gateway-d23a59) - Optional String<br>Default Gateway
|
|
352
|
-
|
|
353
|
-
<a id="self-ip-54f877"></a>• [`network_self_ip`](#self-ip-54f877) - Optional String<br>Self IP. Self IP CIDR
|
|
211
|
+
<a id="deep-13f1c6"></a>Deeply nested **Interface** block collapsed for readability.
|
|
354
212
|
|
|
355
213
|
#### Baremetal Site Type Choice F5 Bare Metal Site Nodes External Interface Interface
|
|
356
214
|
|
|
357
|
-
|
|
358
|
-
|
|
359
|
-
<a id="name-e4872d"></a>• [`name`](#name-e4872d) - Optional String<br>Name. When a configuration object(e.g. virtual_host) refers to another(e.g route) then name will hold the referred object's(e.g. route's) name
|
|
360
|
-
|
|
361
|
-
<a id="namespace-7ef309"></a>• [`namespace`](#namespace-7ef309) - Optional String<br>Namespace. When a configuration object(e.g. virtual_host) refers to another(e.g route) then namespace will hold the referred object's(e.g. route's) namespace
|
|
362
|
-
|
|
363
|
-
<a id="tenant-c4b4ec"></a>• [`tenant`](#tenant-c4b4ec) - Optional String<br>Tenant. When a configuration object(e.g. virtual_host) refers to another(e.g route) then tenant will hold the referred object's(e.g. route's) tenant
|
|
215
|
+
<a id="deep-d9e8d1"></a>Deeply nested **Interface** block collapsed for readability.
|
|
364
216
|
|
|
365
217
|
#### Baremetal Site Type Choice F5 Bare Metal Site Nodes Internal Interface
|
|
366
218
|
|
|
367
|
-
|
|
368
|
-
|
|
369
|
-
<a id="interface-35aed8"></a>• [`interface`](#interface-35aed8) - Optional Block<br>Object reference. This type establishes a direct reference from one object(the referrer) to another(the referred). Such a reference is in form of tenant/namespace/name<br>See [Interface](#interface-35aed8) below.
|
|
370
|
-
|
|
371
|
-
<a id="gateway-0fd736"></a>• [`network_gateway`](#gateway-0fd736) - Optional String<br>Default Gateway
|
|
372
|
-
|
|
373
|
-
<a id="self-ip-a79065"></a>• [`network_self_ip`](#self-ip-a79065) - Optional String<br>Self IP. Self IP CIDR
|
|
219
|
+
<a id="deep-62a787"></a>Deeply nested **Interface** block collapsed for readability.
|
|
374
220
|
|
|
375
221
|
#### Baremetal Site Type Choice F5 Bare Metal Site Nodes Internal Interface Interface
|
|
376
222
|
|
|
377
|
-
|
|
378
|
-
|
|
379
|
-
<a id="name-376328"></a>• [`name`](#name-376328) - Optional String<br>Name. When a configuration object(e.g. virtual_host) refers to another(e.g route) then name will hold the referred object's(e.g. route's) name
|
|
380
|
-
|
|
381
|
-
<a id="namespace-b0dc9f"></a>• [`namespace`](#namespace-b0dc9f) - Optional String<br>Namespace. When a configuration object(e.g. virtual_host) refers to another(e.g route) then namespace will hold the referred object's(e.g. route's) namespace
|
|
382
|
-
|
|
383
|
-
<a id="tenant-6ad79b"></a>• [`tenant`](#tenant-6ad79b) - Optional String<br>Tenant. When a configuration object(e.g. virtual_host) refers to another(e.g route) then tenant will hold the referred object's(e.g. route's) tenant
|
|
223
|
+
<a id="deep-72b8f3"></a>Deeply nested **Interface** block collapsed for readability.
|
|
384
224
|
|
|
385
225
|
#### HTTPS Management
|
|
386
226
|
|
|
@@ -412,13 +252,7 @@ An [`advertise_on_internet`](#https-management-advertise-on-internet) block (wit
|
|
|
412
252
|
|
|
413
253
|
#### HTTPS Management Advertise On Internet Public IP
|
|
414
254
|
|
|
415
|
-
|
|
416
|
-
|
|
417
|
-
<a id="name-c549a1"></a>• [`name`](#name-c549a1) - Optional String<br>Name. When a configuration object(e.g. virtual_host) refers to another(e.g route) then name will hold the referred object's(e.g. route's) name
|
|
418
|
-
|
|
419
|
-
<a id="namespace-8fcb5e"></a>• [`namespace`](#namespace-8fcb5e) - Optional String<br>Namespace. When a configuration object(e.g. virtual_host) refers to another(e.g route) then namespace will hold the referred object's(e.g. route's) namespace
|
|
420
|
-
|
|
421
|
-
<a id="tenant-5cb820"></a>• [`tenant`](#tenant-5cb820) - Optional String<br>Tenant. When a configuration object(e.g. virtual_host) refers to another(e.g route) then tenant will hold the referred object's(e.g. route's) tenant
|
|
255
|
+
<a id="objref-e501cc"></a>Uses standard [Object Reference](#common-object-reference) fields (name, namespace, tenant).
|
|
422
256
|
|
|
423
257
|
#### HTTPS Management Advertise On SLI VIP
|
|
424
258
|
|
|
@@ -434,117 +268,47 @@ An [`advertise_on_sli_vip`](#https-management-advertise-on-sli-vip) block (withi
|
|
|
434
268
|
|
|
435
269
|
#### HTTPS Management Advertise On SLI VIP TLS Certificates
|
|
436
270
|
|
|
437
|
-
|
|
438
|
-
|
|
439
|
-
<a id="url-6da58e"></a>• [`certificate_url`](#url-6da58e) - Optional String<br>Certificate. TLS certificate. Certificate or certificate chain in PEM format including the PEM headers
|
|
440
|
-
|
|
441
|
-
<a id="algorithms-df25ed"></a>• [`custom_hash_algorithms`](#algorithms-df25ed) - Optional Block<br>Hash Algorithms. Specifies the hash algorithms to be used<br>See [Custom Hash Algorithms](#algorithms-df25ed) below.
|
|
442
|
-
|
|
443
|
-
<a id="spec-ca69ee"></a>• [`description_spec`](#spec-ca69ee) - Optional String<br>Description. Description for the certificate
|
|
444
|
-
|
|
445
|
-
<a id="stapling-2e3125"></a>• [`disable_ocsp_stapling`](#stapling-2e3125) - Optional Block<br>Enable this option
|
|
446
|
-
|
|
447
|
-
<a id="key-7c0097"></a>• [`private_key`](#key-7c0097) - Optional Block<br>Secret. SecretType is used in an object to indicate a sensitive/confidential field<br>See [Private Key](#key-7c0097) below.
|
|
448
|
-
|
|
449
|
-
<a id="defaults-18ac4e"></a>• [`use_system_defaults`](#defaults-18ac4e) - Optional Block<br>Enable this option
|
|
271
|
+
<a id="deep-f98383"></a>Deeply nested **Certificates** block collapsed for readability.
|
|
450
272
|
|
|
451
273
|
#### HTTPS Management Advertise On SLI VIP TLS Certificates Custom Hash Algorithms
|
|
452
274
|
|
|
453
|
-
|
|
454
|
-
|
|
455
|
-
<a id="algorithms-083c58"></a>• [`hash_algorithms`](#algorithms-083c58) - Optional List Defaults to `INVALID_HASH_ALGORITHM`<br>Possible values are `INVALID_HASH_ALGORITHM`, `SHA256`, `SHA1`<br>[Enum: INVALID_HASH_ALGORITHM|SHA256|SHA1] Hash Algorithms. Ordered list of hash algorithms to be used
|
|
275
|
+
<a id="deep-d5385c"></a>Deeply nested **Algorithms** block collapsed for readability.
|
|
456
276
|
|
|
457
277
|
#### HTTPS Management Advertise On SLI VIP TLS Certificates Private Key
|
|
458
278
|
|
|
459
|
-
|
|
460
|
-
|
|
461
|
-
<a id="info-d9df15"></a>• [`blindfold_secret_info`](#info-d9df15) - Optional Block<br>Blindfold Secret. BlindfoldSecretInfoType specifies information about the Secret managed by F5XC Secret Management<br>See [Blindfold Secret Info](#info-d9df15) below.
|
|
462
|
-
|
|
463
|
-
<a id="info-54e3b2"></a>• [`clear_secret_info`](#info-54e3b2) - Optional Block<br>In-Clear Secret. ClearSecretInfoType specifies information about the Secret that is not encrypted<br>See [Clear Secret Info](#info-54e3b2) below.
|
|
279
|
+
<a id="deep-d94d1f"></a>Deeply nested **Key** block collapsed for readability.
|
|
464
280
|
|
|
465
281
|
#### HTTPS Management Advertise On SLI VIP TLS Certificates Private Key Blindfold Secret Info
|
|
466
282
|
|
|
467
|
-
|
|
468
|
-
|
|
469
|
-
<a id="provider-5f1a70"></a>• [`decryption_provider`](#provider-5f1a70) - Optional String<br>Decryption Provider. Name of the Secret Management Access object that contains information about the backend Secret Management service
|
|
470
|
-
|
|
471
|
-
<a id="location-fa523c"></a>• [`location`](#location-fa523c) - Optional String<br>Location. Location is the uri_ref. It could be in URL format for string:/// Or it could be a path if the store provider is an HTTP/HTTPS location
|
|
472
|
-
|
|
473
|
-
<a id="provider-12c9c1"></a>• [`store_provider`](#provider-12c9c1) - Optional String<br>Store Provider. Name of the Secret Management Access object that contains information about the store to get encrypted bytes This field needs to be provided only if the URL scheme is not string:///
|
|
283
|
+
<a id="deep-991677"></a>Deeply nested **Info** block collapsed for readability.
|
|
474
284
|
|
|
475
285
|
#### HTTPS Management Advertise On SLI VIP TLS Certificates Private Key Clear Secret Info
|
|
476
286
|
|
|
477
|
-
|
|
478
|
-
|
|
479
|
-
<a id="ref-98dcbd"></a>• [`provider_ref`](#ref-98dcbd) - Optional String<br>Provider. Name of the Secret Management Access object that contains information about the store to get encrypted bytes This field needs to be provided only if the URL scheme is not string:///
|
|
480
|
-
|
|
481
|
-
<a id="url-ab8c1e"></a>• [`url`](#url-ab8c1e) - Optional String<br>URL. URL of the secret. Currently supported URL schemes is string:///. For string:/// scheme, Secret needs to be encoded Base64 format. When asked for this secret, caller will get Secret bytes after Base64 decoding
|
|
287
|
+
<a id="deep-688a17"></a>Deeply nested **Info** block collapsed for readability.
|
|
482
288
|
|
|
483
289
|
#### HTTPS Management Advertise On SLI VIP TLS Config
|
|
484
290
|
|
|
485
|
-
|
|
486
|
-
|
|
487
|
-
<a id="security-dfdc05"></a>• [`custom_security`](#security-dfdc05) - Optional Block<br>Custom Ciphers. This defines TLS protocol config including min/max versions and allowed ciphers<br>See [Custom Security](#security-dfdc05) below.
|
|
488
|
-
|
|
489
|
-
<a id="security-9de532"></a>• [`default_security`](#security-9de532) - Optional Block<br>Enable this option
|
|
490
|
-
|
|
491
|
-
<a id="security-69850d"></a>• [`low_security`](#security-69850d) - Optional Block<br>Enable this option
|
|
492
|
-
|
|
493
|
-
<a id="security-214afa"></a>• [`medium_security`](#security-214afa) - Optional Block<br>Enable this option
|
|
291
|
+
<a id="deep-e3f25e"></a>Deeply nested **Config** block collapsed for readability.
|
|
494
292
|
|
|
495
293
|
#### HTTPS Management Advertise On SLI VIP TLS Config Custom Security
|
|
496
294
|
|
|
497
|
-
|
|
498
|
-
|
|
499
|
-
<a id="suites-fb1fde"></a>• [`cipher_suites`](#suites-fb1fde) - Optional List<br>Cipher Suites. The TLS listener will only support the specified cipher list
|
|
500
|
-
|
|
501
|
-
<a id="version-b07adb"></a>• [`max_version`](#version-b07adb) - Optional String Defaults to `TLS_AUTO`<br>Possible values are `TLS_AUTO`, `TLSv1_0`, `TLSv1_1`, `TLSv1_2`, `TLSv1_3`<br>[Enum: TLS_AUTO|TLSv1_0|TLSv1_1|TLSv1_2|TLSv1_3] TLS Protocol. TlsProtocol is enumeration of supported TLS versions F5 Distributed Cloud will choose the optimal TLS version
|
|
502
|
-
|
|
503
|
-
<a id="version-2c0f87"></a>• [`min_version`](#version-2c0f87) - Optional String Defaults to `TLS_AUTO`<br>Possible values are `TLS_AUTO`, `TLSv1_0`, `TLSv1_1`, `TLSv1_2`, `TLSv1_3`<br>[Enum: TLS_AUTO|TLSv1_0|TLSv1_1|TLSv1_2|TLSv1_3] TLS Protocol. TlsProtocol is enumeration of supported TLS versions F5 Distributed Cloud will choose the optimal TLS version
|
|
295
|
+
<a id="deep-ff90f4"></a>Deeply nested **Security** block collapsed for readability.
|
|
504
296
|
|
|
505
297
|
#### HTTPS Management Advertise On SLI VIP Use mTLS
|
|
506
298
|
|
|
507
|
-
|
|
508
|
-
|
|
509
|
-
<a id="optional-68adb9"></a>• [`client_certificate_optional`](#optional-68adb9) - Optional Bool<br>Client Certificate Optional. Client certificate is optional. If the client has provided a certificate, the load balancer will verify it. If certification verification fails, the connection will be terminated. If the client does not provide a certificate, the connection will be accepted
|
|
510
|
-
|
|
511
|
-
<a id="crl-19936d"></a>• [`crl`](#crl-19936d) - Optional Block<br>Object reference. This type establishes a direct reference from one object(the referrer) to another(the referred). Such a reference is in form of tenant/namespace/name<br>See [CRL](#crl-19936d) below.
|
|
512
|
-
|
|
513
|
-
<a id="crl-fac420"></a>• [`no_crl`](#crl-fac420) - Optional Block<br>Enable this option
|
|
514
|
-
|
|
515
|
-
<a id="trusted-ca-b9e38a"></a>• [`trusted_ca`](#trusted-ca-b9e38a) - Optional Block<br>Object reference. This type establishes a direct reference from one object(the referrer) to another(the referred). Such a reference is in form of tenant/namespace/name<br>See [Trusted CA](#trusted-ca-b9e38a) below.
|
|
516
|
-
|
|
517
|
-
<a id="url-b6ba65"></a>• [`trusted_ca_url`](#url-b6ba65) - Optional String<br>Inline Root CA Certificate (legacy). Upload a Root CA Certificate specifically for this Load Balancer
|
|
518
|
-
|
|
519
|
-
<a id="disabled-e8c4ec"></a>• [`xfcc_disabled`](#disabled-e8c4ec) - Optional Block<br>Enable this option
|
|
520
|
-
|
|
521
|
-
<a id="options-ca97b0"></a>• [`xfcc_options`](#options-ca97b0) - Optional Block<br>XFCC Header Elements. X-Forwarded-Client-Cert header elements to be added to requests<br>See [Xfcc Options](#options-ca97b0) below.
|
|
299
|
+
<a id="deep-9bf922"></a>Deeply nested **mTLS** block collapsed for readability.
|
|
522
300
|
|
|
523
301
|
#### HTTPS Management Advertise On SLI VIP Use mTLS CRL
|
|
524
302
|
|
|
525
|
-
|
|
526
|
-
|
|
527
|
-
<a id="name-fed988"></a>• [`name`](#name-fed988) - Optional String<br>Name. When a configuration object(e.g. virtual_host) refers to another(e.g route) then name will hold the referred object's(e.g. route's) name
|
|
528
|
-
|
|
529
|
-
<a id="namespace-b0813f"></a>• [`namespace`](#namespace-b0813f) - Optional String<br>Namespace. When a configuration object(e.g. virtual_host) refers to another(e.g route) then namespace will hold the referred object's(e.g. route's) namespace
|
|
530
|
-
|
|
531
|
-
<a id="tenant-374a05"></a>• [`tenant`](#tenant-374a05) - Optional String<br>Tenant. When a configuration object(e.g. virtual_host) refers to another(e.g route) then tenant will hold the referred object's(e.g. route's) tenant
|
|
303
|
+
<a id="deep-22ca79"></a>Deeply nested **CRL** block collapsed for readability.
|
|
532
304
|
|
|
533
305
|
#### HTTPS Management Advertise On SLI VIP Use mTLS Trusted CA
|
|
534
306
|
|
|
535
|
-
|
|
536
|
-
|
|
537
|
-
<a id="name-1925aa"></a>• [`name`](#name-1925aa) - Optional String<br>Name. When a configuration object(e.g. virtual_host) refers to another(e.g route) then name will hold the referred object's(e.g. route's) name
|
|
538
|
-
|
|
539
|
-
<a id="namespace-65c37d"></a>• [`namespace`](#namespace-65c37d) - Optional String<br>Namespace. When a configuration object(e.g. virtual_host) refers to another(e.g route) then namespace will hold the referred object's(e.g. route's) namespace
|
|
540
|
-
|
|
541
|
-
<a id="tenant-2c045b"></a>• [`tenant`](#tenant-2c045b) - Optional String<br>Tenant. When a configuration object(e.g. virtual_host) refers to another(e.g route) then tenant will hold the referred object's(e.g. route's) tenant
|
|
307
|
+
<a id="deep-6b41d6"></a>Deeply nested **CA** block collapsed for readability.
|
|
542
308
|
|
|
543
309
|
#### HTTPS Management Advertise On SLI VIP Use mTLS Xfcc Options
|
|
544
310
|
|
|
545
|
-
|
|
546
|
-
|
|
547
|
-
<a id="elements-1f3d82"></a>• [`xfcc_header_elements`](#elements-1f3d82) - Optional List Defaults to `XFCC_NONE`<br>Possible values are `XFCC_NONE`, `XFCC_CERT`, `XFCC_CHAIN`, `XFCC_SUBJECT`, `XFCC_URI`, `XFCC_DNS`<br>[Enum: XFCC_NONE|XFCC_CERT|XFCC_CHAIN|XFCC_SUBJECT|XFCC_URI|XFCC_DNS] XFCC Header Elements. X-Forwarded-Client-Cert header elements to be added to requests
|
|
311
|
+
<a id="deep-660fe3"></a>Deeply nested **Options** block collapsed for readability.
|
|
548
312
|
|
|
549
313
|
#### HTTPS Management Advertise On Slo Internet VIP
|
|
550
314
|
|
|
@@ -560,117 +324,47 @@ An [`advertise_on_slo_internet_vip`](#vip-6dd6e5) block (within [`https_manageme
|
|
|
560
324
|
|
|
561
325
|
#### HTTPS Management Advertise On Slo Internet VIP TLS Certificates
|
|
562
326
|
|
|
563
|
-
|
|
564
|
-
|
|
565
|
-
<a id="url-538fd1"></a>• [`certificate_url`](#url-538fd1) - Optional String<br>Certificate. TLS certificate. Certificate or certificate chain in PEM format including the PEM headers
|
|
566
|
-
|
|
567
|
-
<a id="algorithms-396399"></a>• [`custom_hash_algorithms`](#algorithms-396399) - Optional Block<br>Hash Algorithms. Specifies the hash algorithms to be used<br>See [Custom Hash Algorithms](#algorithms-396399) below.
|
|
568
|
-
|
|
569
|
-
<a id="spec-319b4d"></a>• [`description_spec`](#spec-319b4d) - Optional String<br>Description. Description for the certificate
|
|
570
|
-
|
|
571
|
-
<a id="stapling-26e75e"></a>• [`disable_ocsp_stapling`](#stapling-26e75e) - Optional Block<br>Enable this option
|
|
572
|
-
|
|
573
|
-
<a id="key-d9eadd"></a>• [`private_key`](#key-d9eadd) - Optional Block<br>Secret. SecretType is used in an object to indicate a sensitive/confidential field<br>See [Private Key](#key-d9eadd) below.
|
|
574
|
-
|
|
575
|
-
<a id="defaults-eae44a"></a>• [`use_system_defaults`](#defaults-eae44a) - Optional Block<br>Enable this option
|
|
327
|
+
<a id="deep-997d27"></a>Deeply nested **Certificates** block collapsed for readability.
|
|
576
328
|
|
|
577
329
|
#### HTTPS Management Advertise On Slo Internet VIP TLS Certificates Custom Hash Algorithms
|
|
578
330
|
|
|
579
|
-
|
|
580
|
-
|
|
581
|
-
<a id="algorithms-0fe11a"></a>• [`hash_algorithms`](#algorithms-0fe11a) - Optional List Defaults to `INVALID_HASH_ALGORITHM`<br>Possible values are `INVALID_HASH_ALGORITHM`, `SHA256`, `SHA1`<br>[Enum: INVALID_HASH_ALGORITHM|SHA256|SHA1] Hash Algorithms. Ordered list of hash algorithms to be used
|
|
331
|
+
<a id="deep-c2426d"></a>Deeply nested **Algorithms** block collapsed for readability.
|
|
582
332
|
|
|
583
333
|
#### HTTPS Management Advertise On Slo Internet VIP TLS Certificates Private Key
|
|
584
334
|
|
|
585
|
-
|
|
586
|
-
|
|
587
|
-
<a id="info-fb4948"></a>• [`blindfold_secret_info`](#info-fb4948) - Optional Block<br>Blindfold Secret. BlindfoldSecretInfoType specifies information about the Secret managed by F5XC Secret Management<br>See [Blindfold Secret Info](#info-fb4948) below.
|
|
588
|
-
|
|
589
|
-
<a id="info-7e382d"></a>• [`clear_secret_info`](#info-7e382d) - Optional Block<br>In-Clear Secret. ClearSecretInfoType specifies information about the Secret that is not encrypted<br>See [Clear Secret Info](#info-7e382d) below.
|
|
335
|
+
<a id="deep-5ae0f7"></a>Deeply nested **Key** block collapsed for readability.
|
|
590
336
|
|
|
591
337
|
#### HTTPS Management Advertise On Slo Internet VIP TLS Certificates Private Key Blindfold Secret Info
|
|
592
338
|
|
|
593
|
-
|
|
594
|
-
|
|
595
|
-
<a id="provider-3f630f"></a>• [`decryption_provider`](#provider-3f630f) - Optional String<br>Decryption Provider. Name of the Secret Management Access object that contains information about the backend Secret Management service
|
|
596
|
-
|
|
597
|
-
<a id="location-da3b9c"></a>• [`location`](#location-da3b9c) - Optional String<br>Location. Location is the uri_ref. It could be in URL format for string:/// Or it could be a path if the store provider is an HTTP/HTTPS location
|
|
598
|
-
|
|
599
|
-
<a id="provider-84b5f6"></a>• [`store_provider`](#provider-84b5f6) - Optional String<br>Store Provider. Name of the Secret Management Access object that contains information about the store to get encrypted bytes This field needs to be provided only if the URL scheme is not string:///
|
|
339
|
+
<a id="deep-b65fa7"></a>Deeply nested **Info** block collapsed for readability.
|
|
600
340
|
|
|
601
341
|
#### HTTPS Management Advertise On Slo Internet VIP TLS Certificates Private Key Clear Secret Info
|
|
602
342
|
|
|
603
|
-
|
|
604
|
-
|
|
605
|
-
<a id="ref-218907"></a>• [`provider_ref`](#ref-218907) - Optional String<br>Provider. Name of the Secret Management Access object that contains information about the store to get encrypted bytes This field needs to be provided only if the URL scheme is not string:///
|
|
606
|
-
|
|
607
|
-
<a id="url-19877d"></a>• [`url`](#url-19877d) - Optional String<br>URL. URL of the secret. Currently supported URL schemes is string:///. For string:/// scheme, Secret needs to be encoded Base64 format. When asked for this secret, caller will get Secret bytes after Base64 decoding
|
|
343
|
+
<a id="deep-3f5ebc"></a>Deeply nested **Info** block collapsed for readability.
|
|
608
344
|
|
|
609
345
|
#### HTTPS Management Advertise On Slo Internet VIP TLS Config
|
|
610
346
|
|
|
611
|
-
|
|
612
|
-
|
|
613
|
-
<a id="security-b809cf"></a>• [`custom_security`](#security-b809cf) - Optional Block<br>Custom Ciphers. This defines TLS protocol config including min/max versions and allowed ciphers<br>See [Custom Security](#security-b809cf) below.
|
|
614
|
-
|
|
615
|
-
<a id="security-e059f2"></a>• [`default_security`](#security-e059f2) - Optional Block<br>Enable this option
|
|
616
|
-
|
|
617
|
-
<a id="security-9a6aa9"></a>• [`low_security`](#security-9a6aa9) - Optional Block<br>Enable this option
|
|
618
|
-
|
|
619
|
-
<a id="security-e4549d"></a>• [`medium_security`](#security-e4549d) - Optional Block<br>Enable this option
|
|
347
|
+
<a id="deep-c14ee2"></a>Deeply nested **Config** block collapsed for readability.
|
|
620
348
|
|
|
621
349
|
#### HTTPS Management Advertise On Slo Internet VIP TLS Config Custom Security
|
|
622
350
|
|
|
623
|
-
|
|
624
|
-
|
|
625
|
-
<a id="suites-8ab58a"></a>• [`cipher_suites`](#suites-8ab58a) - Optional List<br>Cipher Suites. The TLS listener will only support the specified cipher list
|
|
626
|
-
|
|
627
|
-
<a id="version-fe0ab6"></a>• [`max_version`](#version-fe0ab6) - Optional String Defaults to `TLS_AUTO`<br>Possible values are `TLS_AUTO`, `TLSv1_0`, `TLSv1_1`, `TLSv1_2`, `TLSv1_3`<br>[Enum: TLS_AUTO|TLSv1_0|TLSv1_1|TLSv1_2|TLSv1_3] TLS Protocol. TlsProtocol is enumeration of supported TLS versions F5 Distributed Cloud will choose the optimal TLS version
|
|
628
|
-
|
|
629
|
-
<a id="version-c193af"></a>• [`min_version`](#version-c193af) - Optional String Defaults to `TLS_AUTO`<br>Possible values are `TLS_AUTO`, `TLSv1_0`, `TLSv1_1`, `TLSv1_2`, `TLSv1_3`<br>[Enum: TLS_AUTO|TLSv1_0|TLSv1_1|TLSv1_2|TLSv1_3] TLS Protocol. TlsProtocol is enumeration of supported TLS versions F5 Distributed Cloud will choose the optimal TLS version
|
|
351
|
+
<a id="deep-659bc5"></a>Deeply nested **Security** block collapsed for readability.
|
|
630
352
|
|
|
631
353
|
#### HTTPS Management Advertise On Slo Internet VIP Use mTLS
|
|
632
354
|
|
|
633
|
-
|
|
634
|
-
|
|
635
|
-
<a id="optional-bb69f8"></a>• [`client_certificate_optional`](#optional-bb69f8) - Optional Bool<br>Client Certificate Optional. Client certificate is optional. If the client has provided a certificate, the load balancer will verify it. If certification verification fails, the connection will be terminated. If the client does not provide a certificate, the connection will be accepted
|
|
636
|
-
|
|
637
|
-
<a id="crl-d07bf8"></a>• [`crl`](#crl-d07bf8) - Optional Block<br>Object reference. This type establishes a direct reference from one object(the referrer) to another(the referred). Such a reference is in form of tenant/namespace/name<br>See [CRL](#crl-d07bf8) below.
|
|
638
|
-
|
|
639
|
-
<a id="crl-aeab3f"></a>• [`no_crl`](#crl-aeab3f) - Optional Block<br>Enable this option
|
|
640
|
-
|
|
641
|
-
<a id="trusted-ca-046a20"></a>• [`trusted_ca`](#trusted-ca-046a20) - Optional Block<br>Object reference. This type establishes a direct reference from one object(the referrer) to another(the referred). Such a reference is in form of tenant/namespace/name<br>See [Trusted CA](#trusted-ca-046a20) below.
|
|
642
|
-
|
|
643
|
-
<a id="url-248df7"></a>• [`trusted_ca_url`](#url-248df7) - Optional String<br>Inline Root CA Certificate (legacy). Upload a Root CA Certificate specifically for this Load Balancer
|
|
644
|
-
|
|
645
|
-
<a id="disabled-369402"></a>• [`xfcc_disabled`](#disabled-369402) - Optional Block<br>Enable this option
|
|
646
|
-
|
|
647
|
-
<a id="options-683773"></a>• [`xfcc_options`](#options-683773) - Optional Block<br>XFCC Header Elements. X-Forwarded-Client-Cert header elements to be added to requests<br>See [Xfcc Options](#options-683773) below.
|
|
355
|
+
<a id="deep-a13568"></a>Deeply nested **mTLS** block collapsed for readability.
|
|
648
356
|
|
|
649
357
|
#### HTTPS Management Advertise On Slo Internet VIP Use mTLS CRL
|
|
650
358
|
|
|
651
|
-
|
|
652
|
-
|
|
653
|
-
<a id="name-7fe25b"></a>• [`name`](#name-7fe25b) - Optional String<br>Name. When a configuration object(e.g. virtual_host) refers to another(e.g route) then name will hold the referred object's(e.g. route's) name
|
|
654
|
-
|
|
655
|
-
<a id="namespace-a1ad51"></a>• [`namespace`](#namespace-a1ad51) - Optional String<br>Namespace. When a configuration object(e.g. virtual_host) refers to another(e.g route) then namespace will hold the referred object's(e.g. route's) namespace
|
|
656
|
-
|
|
657
|
-
<a id="tenant-3af425"></a>• [`tenant`](#tenant-3af425) - Optional String<br>Tenant. When a configuration object(e.g. virtual_host) refers to another(e.g route) then tenant will hold the referred object's(e.g. route's) tenant
|
|
359
|
+
<a id="deep-8c2bfd"></a>Deeply nested **CRL** block collapsed for readability.
|
|
658
360
|
|
|
659
361
|
#### HTTPS Management Advertise On Slo Internet VIP Use mTLS Trusted CA
|
|
660
362
|
|
|
661
|
-
|
|
662
|
-
|
|
663
|
-
<a id="name-f0c02e"></a>• [`name`](#name-f0c02e) - Optional String<br>Name. When a configuration object(e.g. virtual_host) refers to another(e.g route) then name will hold the referred object's(e.g. route's) name
|
|
664
|
-
|
|
665
|
-
<a id="namespace-571413"></a>• [`namespace`](#namespace-571413) - Optional String<br>Namespace. When a configuration object(e.g. virtual_host) refers to another(e.g route) then namespace will hold the referred object's(e.g. route's) namespace
|
|
666
|
-
|
|
667
|
-
<a id="tenant-b6f682"></a>• [`tenant`](#tenant-b6f682) - Optional String<br>Tenant. When a configuration object(e.g. virtual_host) refers to another(e.g route) then tenant will hold the referred object's(e.g. route's) tenant
|
|
363
|
+
<a id="deep-c10aab"></a>Deeply nested **CA** block collapsed for readability.
|
|
668
364
|
|
|
669
365
|
#### HTTPS Management Advertise On Slo Internet VIP Use mTLS Xfcc Options
|
|
670
366
|
|
|
671
|
-
|
|
672
|
-
|
|
673
|
-
<a id="elements-37d5da"></a>• [`xfcc_header_elements`](#elements-37d5da) - Optional List Defaults to `XFCC_NONE`<br>Possible values are `XFCC_NONE`, `XFCC_CERT`, `XFCC_CHAIN`, `XFCC_SUBJECT`, `XFCC_URI`, `XFCC_DNS`<br>[Enum: XFCC_NONE|XFCC_CERT|XFCC_CHAIN|XFCC_SUBJECT|XFCC_URI|XFCC_DNS] XFCC Header Elements. X-Forwarded-Client-Cert header elements to be added to requests
|
|
367
|
+
<a id="deep-94a3cb"></a>Deeply nested **Options** block collapsed for readability.
|
|
674
368
|
|
|
675
369
|
#### HTTPS Management Advertise On Slo SLI
|
|
676
370
|
|
|
@@ -686,117 +380,47 @@ An [`advertise_on_slo_sli`](#https-management-advertise-on-slo-sli) block (withi
|
|
|
686
380
|
|
|
687
381
|
#### HTTPS Management Advertise On Slo SLI TLS Certificates
|
|
688
382
|
|
|
689
|
-
|
|
690
|
-
|
|
691
|
-
<a id="url-599a7a"></a>• [`certificate_url`](#url-599a7a) - Optional String<br>Certificate. TLS certificate. Certificate or certificate chain in PEM format including the PEM headers
|
|
692
|
-
|
|
693
|
-
<a id="algorithms-54e57d"></a>• [`custom_hash_algorithms`](#algorithms-54e57d) - Optional Block<br>Hash Algorithms. Specifies the hash algorithms to be used<br>See [Custom Hash Algorithms](#algorithms-54e57d) below.
|
|
694
|
-
|
|
695
|
-
<a id="spec-674aab"></a>• [`description_spec`](#spec-674aab) - Optional String<br>Description. Description for the certificate
|
|
696
|
-
|
|
697
|
-
<a id="stapling-2445e8"></a>• [`disable_ocsp_stapling`](#stapling-2445e8) - Optional Block<br>Enable this option
|
|
698
|
-
|
|
699
|
-
<a id="key-f51e15"></a>• [`private_key`](#key-f51e15) - Optional Block<br>Secret. SecretType is used in an object to indicate a sensitive/confidential field<br>See [Private Key](#key-f51e15) below.
|
|
700
|
-
|
|
701
|
-
<a id="defaults-bb55aa"></a>• [`use_system_defaults`](#defaults-bb55aa) - Optional Block<br>Enable this option
|
|
383
|
+
<a id="deep-0b2a49"></a>Deeply nested **Certificates** block collapsed for readability.
|
|
702
384
|
|
|
703
385
|
#### HTTPS Management Advertise On Slo SLI TLS Certificates Custom Hash Algorithms
|
|
704
386
|
|
|
705
|
-
|
|
706
|
-
|
|
707
|
-
<a id="algorithms-c29f03"></a>• [`hash_algorithms`](#algorithms-c29f03) - Optional List Defaults to `INVALID_HASH_ALGORITHM`<br>Possible values are `INVALID_HASH_ALGORITHM`, `SHA256`, `SHA1`<br>[Enum: INVALID_HASH_ALGORITHM|SHA256|SHA1] Hash Algorithms. Ordered list of hash algorithms to be used
|
|
387
|
+
<a id="deep-eef6f6"></a>Deeply nested **Algorithms** block collapsed for readability.
|
|
708
388
|
|
|
709
389
|
#### HTTPS Management Advertise On Slo SLI TLS Certificates Private Key
|
|
710
390
|
|
|
711
|
-
|
|
712
|
-
|
|
713
|
-
<a id="info-4c3e9e"></a>• [`blindfold_secret_info`](#info-4c3e9e) - Optional Block<br>Blindfold Secret. BlindfoldSecretInfoType specifies information about the Secret managed by F5XC Secret Management<br>See [Blindfold Secret Info](#info-4c3e9e) below.
|
|
714
|
-
|
|
715
|
-
<a id="info-0591f3"></a>• [`clear_secret_info`](#info-0591f3) - Optional Block<br>In-Clear Secret. ClearSecretInfoType specifies information about the Secret that is not encrypted<br>See [Clear Secret Info](#info-0591f3) below.
|
|
391
|
+
<a id="deep-40d26d"></a>Deeply nested **Key** block collapsed for readability.
|
|
716
392
|
|
|
717
393
|
#### HTTPS Management Advertise On Slo SLI TLS Certificates Private Key Blindfold Secret Info
|
|
718
394
|
|
|
719
|
-
|
|
720
|
-
|
|
721
|
-
<a id="provider-77378b"></a>• [`decryption_provider`](#provider-77378b) - Optional String<br>Decryption Provider. Name of the Secret Management Access object that contains information about the backend Secret Management service
|
|
722
|
-
|
|
723
|
-
<a id="location-6e8882"></a>• [`location`](#location-6e8882) - Optional String<br>Location. Location is the uri_ref. It could be in URL format for string:/// Or it could be a path if the store provider is an HTTP/HTTPS location
|
|
724
|
-
|
|
725
|
-
<a id="provider-23e4a9"></a>• [`store_provider`](#provider-23e4a9) - Optional String<br>Store Provider. Name of the Secret Management Access object that contains information about the store to get encrypted bytes This field needs to be provided only if the URL scheme is not string:///
|
|
395
|
+
<a id="deep-ea20d6"></a>Deeply nested **Info** block collapsed for readability.
|
|
726
396
|
|
|
727
397
|
#### HTTPS Management Advertise On Slo SLI TLS Certificates Private Key Clear Secret Info
|
|
728
398
|
|
|
729
|
-
|
|
730
|
-
|
|
731
|
-
<a id="ref-2692e5"></a>• [`provider_ref`](#ref-2692e5) - Optional String<br>Provider. Name of the Secret Management Access object that contains information about the store to get encrypted bytes This field needs to be provided only if the URL scheme is not string:///
|
|
732
|
-
|
|
733
|
-
<a id="url-9ede10"></a>• [`url`](#url-9ede10) - Optional String<br>URL. URL of the secret. Currently supported URL schemes is string:///. For string:/// scheme, Secret needs to be encoded Base64 format. When asked for this secret, caller will get Secret bytes after Base64 decoding
|
|
399
|
+
<a id="deep-19eb92"></a>Deeply nested **Info** block collapsed for readability.
|
|
734
400
|
|
|
735
401
|
#### HTTPS Management Advertise On Slo SLI TLS Config
|
|
736
402
|
|
|
737
|
-
|
|
738
|
-
|
|
739
|
-
<a id="security-57cb09"></a>• [`custom_security`](#security-57cb09) - Optional Block<br>Custom Ciphers. This defines TLS protocol config including min/max versions and allowed ciphers<br>See [Custom Security](#security-57cb09) below.
|
|
740
|
-
|
|
741
|
-
<a id="security-66b767"></a>• [`default_security`](#security-66b767) - Optional Block<br>Enable this option
|
|
742
|
-
|
|
743
|
-
<a id="security-bc0213"></a>• [`low_security`](#security-bc0213) - Optional Block<br>Enable this option
|
|
744
|
-
|
|
745
|
-
<a id="security-23b628"></a>• [`medium_security`](#security-23b628) - Optional Block<br>Enable this option
|
|
403
|
+
<a id="deep-422f0d"></a>Deeply nested **Config** block collapsed for readability.
|
|
746
404
|
|
|
747
405
|
#### HTTPS Management Advertise On Slo SLI TLS Config Custom Security
|
|
748
406
|
|
|
749
|
-
|
|
750
|
-
|
|
751
|
-
<a id="suites-17c459"></a>• [`cipher_suites`](#suites-17c459) - Optional List<br>Cipher Suites. The TLS listener will only support the specified cipher list
|
|
752
|
-
|
|
753
|
-
<a id="version-941401"></a>• [`max_version`](#version-941401) - Optional String Defaults to `TLS_AUTO`<br>Possible values are `TLS_AUTO`, `TLSv1_0`, `TLSv1_1`, `TLSv1_2`, `TLSv1_3`<br>[Enum: TLS_AUTO|TLSv1_0|TLSv1_1|TLSv1_2|TLSv1_3] TLS Protocol. TlsProtocol is enumeration of supported TLS versions F5 Distributed Cloud will choose the optimal TLS version
|
|
754
|
-
|
|
755
|
-
<a id="version-cc08f5"></a>• [`min_version`](#version-cc08f5) - Optional String Defaults to `TLS_AUTO`<br>Possible values are `TLS_AUTO`, `TLSv1_0`, `TLSv1_1`, `TLSv1_2`, `TLSv1_3`<br>[Enum: TLS_AUTO|TLSv1_0|TLSv1_1|TLSv1_2|TLSv1_3] TLS Protocol. TlsProtocol is enumeration of supported TLS versions F5 Distributed Cloud will choose the optimal TLS version
|
|
407
|
+
<a id="deep-b31050"></a>Deeply nested **Security** block collapsed for readability.
|
|
756
408
|
|
|
757
409
|
#### HTTPS Management Advertise On Slo SLI Use mTLS
|
|
758
410
|
|
|
759
|
-
|
|
760
|
-
|
|
761
|
-
<a id="optional-c1d942"></a>• [`client_certificate_optional`](#optional-c1d942) - Optional Bool<br>Client Certificate Optional. Client certificate is optional. If the client has provided a certificate, the load balancer will verify it. If certification verification fails, the connection will be terminated. If the client does not provide a certificate, the connection will be accepted
|
|
762
|
-
|
|
763
|
-
<a id="crl-341796"></a>• [`crl`](#crl-341796) - Optional Block<br>Object reference. This type establishes a direct reference from one object(the referrer) to another(the referred). Such a reference is in form of tenant/namespace/name<br>See [CRL](#crl-341796) below.
|
|
764
|
-
|
|
765
|
-
<a id="crl-438487"></a>• [`no_crl`](#crl-438487) - Optional Block<br>Enable this option
|
|
766
|
-
|
|
767
|
-
<a id="trusted-ca-baa118"></a>• [`trusted_ca`](#trusted-ca-baa118) - Optional Block<br>Object reference. This type establishes a direct reference from one object(the referrer) to another(the referred). Such a reference is in form of tenant/namespace/name<br>See [Trusted CA](#trusted-ca-baa118) below.
|
|
768
|
-
|
|
769
|
-
<a id="url-379c50"></a>• [`trusted_ca_url`](#url-379c50) - Optional String<br>Inline Root CA Certificate (legacy). Upload a Root CA Certificate specifically for this Load Balancer
|
|
770
|
-
|
|
771
|
-
<a id="disabled-d3e7d3"></a>• [`xfcc_disabled`](#disabled-d3e7d3) - Optional Block<br>Enable this option
|
|
772
|
-
|
|
773
|
-
<a id="options-375329"></a>• [`xfcc_options`](#options-375329) - Optional Block<br>XFCC Header Elements. X-Forwarded-Client-Cert header elements to be added to requests<br>See [Xfcc Options](#options-375329) below.
|
|
411
|
+
<a id="deep-f3602e"></a>Deeply nested **mTLS** block collapsed for readability.
|
|
774
412
|
|
|
775
413
|
#### HTTPS Management Advertise On Slo SLI Use mTLS CRL
|
|
776
414
|
|
|
777
|
-
|
|
778
|
-
|
|
779
|
-
<a id="name-58addb"></a>• [`name`](#name-58addb) - Optional String<br>Name. When a configuration object(e.g. virtual_host) refers to another(e.g route) then name will hold the referred object's(e.g. route's) name
|
|
780
|
-
|
|
781
|
-
<a id="namespace-cc6b41"></a>• [`namespace`](#namespace-cc6b41) - Optional String<br>Namespace. When a configuration object(e.g. virtual_host) refers to another(e.g route) then namespace will hold the referred object's(e.g. route's) namespace
|
|
782
|
-
|
|
783
|
-
<a id="tenant-9a7435"></a>• [`tenant`](#tenant-9a7435) - Optional String<br>Tenant. When a configuration object(e.g. virtual_host) refers to another(e.g route) then tenant will hold the referred object's(e.g. route's) tenant
|
|
415
|
+
<a id="deep-53cbcf"></a>Deeply nested **CRL** block collapsed for readability.
|
|
784
416
|
|
|
785
417
|
#### HTTPS Management Advertise On Slo SLI Use mTLS Trusted CA
|
|
786
418
|
|
|
787
|
-
|
|
788
|
-
|
|
789
|
-
<a id="name-db371b"></a>• [`name`](#name-db371b) - Optional String<br>Name. When a configuration object(e.g. virtual_host) refers to another(e.g route) then name will hold the referred object's(e.g. route's) name
|
|
790
|
-
|
|
791
|
-
<a id="namespace-57369f"></a>• [`namespace`](#namespace-57369f) - Optional String<br>Namespace. When a configuration object(e.g. virtual_host) refers to another(e.g route) then namespace will hold the referred object's(e.g. route's) namespace
|
|
792
|
-
|
|
793
|
-
<a id="tenant-e6475c"></a>• [`tenant`](#tenant-e6475c) - Optional String<br>Tenant. When a configuration object(e.g. virtual_host) refers to another(e.g route) then tenant will hold the referred object's(e.g. route's) tenant
|
|
419
|
+
<a id="deep-3ed4b6"></a>Deeply nested **CA** block collapsed for readability.
|
|
794
420
|
|
|
795
421
|
#### HTTPS Management Advertise On Slo SLI Use mTLS Xfcc Options
|
|
796
422
|
|
|
797
|
-
|
|
798
|
-
|
|
799
|
-
<a id="elements-c28be3"></a>• [`xfcc_header_elements`](#elements-c28be3) - Optional List Defaults to `XFCC_NONE`<br>Possible values are `XFCC_NONE`, `XFCC_CERT`, `XFCC_CHAIN`, `XFCC_SUBJECT`, `XFCC_URI`, `XFCC_DNS`<br>[Enum: XFCC_NONE|XFCC_CERT|XFCC_CHAIN|XFCC_SUBJECT|XFCC_URI|XFCC_DNS] XFCC Header Elements. X-Forwarded-Client-Cert header elements to be added to requests
|
|
423
|
+
<a id="deep-db5591"></a>Deeply nested **Options** block collapsed for readability.
|
|
800
424
|
|
|
801
425
|
#### HTTPS Management Advertise On Slo VIP
|
|
802
426
|
|
|
@@ -812,117 +436,47 @@ An [`advertise_on_slo_vip`](#https-management-advertise-on-slo-vip) block (withi
|
|
|
812
436
|
|
|
813
437
|
#### HTTPS Management Advertise On Slo VIP TLS Certificates
|
|
814
438
|
|
|
815
|
-
|
|
816
|
-
|
|
817
|
-
<a id="url-ba483c"></a>• [`certificate_url`](#url-ba483c) - Optional String<br>Certificate. TLS certificate. Certificate or certificate chain in PEM format including the PEM headers
|
|
818
|
-
|
|
819
|
-
<a id="algorithms-e4042d"></a>• [`custom_hash_algorithms`](#algorithms-e4042d) - Optional Block<br>Hash Algorithms. Specifies the hash algorithms to be used<br>See [Custom Hash Algorithms](#algorithms-e4042d) below.
|
|
820
|
-
|
|
821
|
-
<a id="spec-8a3b62"></a>• [`description_spec`](#spec-8a3b62) - Optional String<br>Description. Description for the certificate
|
|
822
|
-
|
|
823
|
-
<a id="stapling-ba3445"></a>• [`disable_ocsp_stapling`](#stapling-ba3445) - Optional Block<br>Enable this option
|
|
824
|
-
|
|
825
|
-
<a id="key-5c1b57"></a>• [`private_key`](#key-5c1b57) - Optional Block<br>Secret. SecretType is used in an object to indicate a sensitive/confidential field<br>See [Private Key](#key-5c1b57) below.
|
|
826
|
-
|
|
827
|
-
<a id="defaults-81b355"></a>• [`use_system_defaults`](#defaults-81b355) - Optional Block<br>Enable this option
|
|
439
|
+
<a id="deep-3e4d5c"></a>Deeply nested **Certificates** block collapsed for readability.
|
|
828
440
|
|
|
829
441
|
#### HTTPS Management Advertise On Slo VIP TLS Certificates Custom Hash Algorithms
|
|
830
442
|
|
|
831
|
-
|
|
832
|
-
|
|
833
|
-
<a id="algorithms-ba763b"></a>• [`hash_algorithms`](#algorithms-ba763b) - Optional List Defaults to `INVALID_HASH_ALGORITHM`<br>Possible values are `INVALID_HASH_ALGORITHM`, `SHA256`, `SHA1`<br>[Enum: INVALID_HASH_ALGORITHM|SHA256|SHA1] Hash Algorithms. Ordered list of hash algorithms to be used
|
|
443
|
+
<a id="deep-966ac1"></a>Deeply nested **Algorithms** block collapsed for readability.
|
|
834
444
|
|
|
835
445
|
#### HTTPS Management Advertise On Slo VIP TLS Certificates Private Key
|
|
836
446
|
|
|
837
|
-
|
|
838
|
-
|
|
839
|
-
<a id="info-2120cd"></a>• [`blindfold_secret_info`](#info-2120cd) - Optional Block<br>Blindfold Secret. BlindfoldSecretInfoType specifies information about the Secret managed by F5XC Secret Management<br>See [Blindfold Secret Info](#info-2120cd) below.
|
|
840
|
-
|
|
841
|
-
<a id="info-915c8d"></a>• [`clear_secret_info`](#info-915c8d) - Optional Block<br>In-Clear Secret. ClearSecretInfoType specifies information about the Secret that is not encrypted<br>See [Clear Secret Info](#info-915c8d) below.
|
|
447
|
+
<a id="deep-859627"></a>Deeply nested **Key** block collapsed for readability.
|
|
842
448
|
|
|
843
449
|
#### HTTPS Management Advertise On Slo VIP TLS Certificates Private Key Blindfold Secret Info
|
|
844
450
|
|
|
845
|
-
|
|
846
|
-
|
|
847
|
-
<a id="provider-51ffab"></a>• [`decryption_provider`](#provider-51ffab) - Optional String<br>Decryption Provider. Name of the Secret Management Access object that contains information about the backend Secret Management service
|
|
848
|
-
|
|
849
|
-
<a id="location-d426d5"></a>• [`location`](#location-d426d5) - Optional String<br>Location. Location is the uri_ref. It could be in URL format for string:/// Or it could be a path if the store provider is an HTTP/HTTPS location
|
|
850
|
-
|
|
851
|
-
<a id="provider-080ee2"></a>• [`store_provider`](#provider-080ee2) - Optional String<br>Store Provider. Name of the Secret Management Access object that contains information about the store to get encrypted bytes This field needs to be provided only if the URL scheme is not string:///
|
|
451
|
+
<a id="deep-16e9a3"></a>Deeply nested **Info** block collapsed for readability.
|
|
852
452
|
|
|
853
453
|
#### HTTPS Management Advertise On Slo VIP TLS Certificates Private Key Clear Secret Info
|
|
854
454
|
|
|
855
|
-
|
|
856
|
-
|
|
857
|
-
<a id="ref-e449ae"></a>• [`provider_ref`](#ref-e449ae) - Optional String<br>Provider. Name of the Secret Management Access object that contains information about the store to get encrypted bytes This field needs to be provided only if the URL scheme is not string:///
|
|
858
|
-
|
|
859
|
-
<a id="url-a017e0"></a>• [`url`](#url-a017e0) - Optional String<br>URL. URL of the secret. Currently supported URL schemes is string:///. For string:/// scheme, Secret needs to be encoded Base64 format. When asked for this secret, caller will get Secret bytes after Base64 decoding
|
|
455
|
+
<a id="deep-c37768"></a>Deeply nested **Info** block collapsed for readability.
|
|
860
456
|
|
|
861
457
|
#### HTTPS Management Advertise On Slo VIP TLS Config
|
|
862
458
|
|
|
863
|
-
|
|
864
|
-
|
|
865
|
-
<a id="security-0bffe9"></a>• [`custom_security`](#security-0bffe9) - Optional Block<br>Custom Ciphers. This defines TLS protocol config including min/max versions and allowed ciphers<br>See [Custom Security](#security-0bffe9) below.
|
|
866
|
-
|
|
867
|
-
<a id="security-37fb06"></a>• [`default_security`](#security-37fb06) - Optional Block<br>Enable this option
|
|
868
|
-
|
|
869
|
-
<a id="security-9296e2"></a>• [`low_security`](#security-9296e2) - Optional Block<br>Enable this option
|
|
870
|
-
|
|
871
|
-
<a id="security-cfb564"></a>• [`medium_security`](#security-cfb564) - Optional Block<br>Enable this option
|
|
459
|
+
<a id="deep-9abb3e"></a>Deeply nested **Config** block collapsed for readability.
|
|
872
460
|
|
|
873
461
|
#### HTTPS Management Advertise On Slo VIP TLS Config Custom Security
|
|
874
462
|
|
|
875
|
-
|
|
876
|
-
|
|
877
|
-
<a id="suites-f86936"></a>• [`cipher_suites`](#suites-f86936) - Optional List<br>Cipher Suites. The TLS listener will only support the specified cipher list
|
|
878
|
-
|
|
879
|
-
<a id="version-b8932f"></a>• [`max_version`](#version-b8932f) - Optional String Defaults to `TLS_AUTO`<br>Possible values are `TLS_AUTO`, `TLSv1_0`, `TLSv1_1`, `TLSv1_2`, `TLSv1_3`<br>[Enum: TLS_AUTO|TLSv1_0|TLSv1_1|TLSv1_2|TLSv1_3] TLS Protocol. TlsProtocol is enumeration of supported TLS versions F5 Distributed Cloud will choose the optimal TLS version
|
|
880
|
-
|
|
881
|
-
<a id="version-84a755"></a>• [`min_version`](#version-84a755) - Optional String Defaults to `TLS_AUTO`<br>Possible values are `TLS_AUTO`, `TLSv1_0`, `TLSv1_1`, `TLSv1_2`, `TLSv1_3`<br>[Enum: TLS_AUTO|TLSv1_0|TLSv1_1|TLSv1_2|TLSv1_3] TLS Protocol. TlsProtocol is enumeration of supported TLS versions F5 Distributed Cloud will choose the optimal TLS version
|
|
463
|
+
<a id="deep-fd9c84"></a>Deeply nested **Security** block collapsed for readability.
|
|
882
464
|
|
|
883
465
|
#### HTTPS Management Advertise On Slo VIP Use mTLS
|
|
884
466
|
|
|
885
|
-
|
|
886
|
-
|
|
887
|
-
<a id="optional-ceba52"></a>• [`client_certificate_optional`](#optional-ceba52) - Optional Bool<br>Client Certificate Optional. Client certificate is optional. If the client has provided a certificate, the load balancer will verify it. If certification verification fails, the connection will be terminated. If the client does not provide a certificate, the connection will be accepted
|
|
888
|
-
|
|
889
|
-
<a id="crl-35cfce"></a>• [`crl`](#crl-35cfce) - Optional Block<br>Object reference. This type establishes a direct reference from one object(the referrer) to another(the referred). Such a reference is in form of tenant/namespace/name<br>See [CRL](#crl-35cfce) below.
|
|
890
|
-
|
|
891
|
-
<a id="crl-80dcbd"></a>• [`no_crl`](#crl-80dcbd) - Optional Block<br>Enable this option
|
|
892
|
-
|
|
893
|
-
<a id="trusted-ca-eefedc"></a>• [`trusted_ca`](#trusted-ca-eefedc) - Optional Block<br>Object reference. This type establishes a direct reference from one object(the referrer) to another(the referred). Such a reference is in form of tenant/namespace/name<br>See [Trusted CA](#trusted-ca-eefedc) below.
|
|
894
|
-
|
|
895
|
-
<a id="url-478a70"></a>• [`trusted_ca_url`](#url-478a70) - Optional String<br>Inline Root CA Certificate (legacy). Upload a Root CA Certificate specifically for this Load Balancer
|
|
896
|
-
|
|
897
|
-
<a id="disabled-2827c4"></a>• [`xfcc_disabled`](#disabled-2827c4) - Optional Block<br>Enable this option
|
|
898
|
-
|
|
899
|
-
<a id="options-564de6"></a>• [`xfcc_options`](#options-564de6) - Optional Block<br>XFCC Header Elements. X-Forwarded-Client-Cert header elements to be added to requests<br>See [Xfcc Options](#options-564de6) below.
|
|
467
|
+
<a id="deep-583fba"></a>Deeply nested **mTLS** block collapsed for readability.
|
|
900
468
|
|
|
901
469
|
#### HTTPS Management Advertise On Slo VIP Use mTLS CRL
|
|
902
470
|
|
|
903
|
-
|
|
904
|
-
|
|
905
|
-
<a id="name-9593de"></a>• [`name`](#name-9593de) - Optional String<br>Name. When a configuration object(e.g. virtual_host) refers to another(e.g route) then name will hold the referred object's(e.g. route's) name
|
|
906
|
-
|
|
907
|
-
<a id="namespace-dd54d0"></a>• [`namespace`](#namespace-dd54d0) - Optional String<br>Namespace. When a configuration object(e.g. virtual_host) refers to another(e.g route) then namespace will hold the referred object's(e.g. route's) namespace
|
|
908
|
-
|
|
909
|
-
<a id="tenant-d019a6"></a>• [`tenant`](#tenant-d019a6) - Optional String<br>Tenant. When a configuration object(e.g. virtual_host) refers to another(e.g route) then tenant will hold the referred object's(e.g. route's) tenant
|
|
471
|
+
<a id="deep-16ae59"></a>Deeply nested **CRL** block collapsed for readability.
|
|
910
472
|
|
|
911
473
|
#### HTTPS Management Advertise On Slo VIP Use mTLS Trusted CA
|
|
912
474
|
|
|
913
|
-
|
|
914
|
-
|
|
915
|
-
<a id="name-eea57c"></a>• [`name`](#name-eea57c) - Optional String<br>Name. When a configuration object(e.g. virtual_host) refers to another(e.g route) then name will hold the referred object's(e.g. route's) name
|
|
916
|
-
|
|
917
|
-
<a id="namespace-121754"></a>• [`namespace`](#namespace-121754) - Optional String<br>Namespace. When a configuration object(e.g. virtual_host) refers to another(e.g route) then namespace will hold the referred object's(e.g. route's) namespace
|
|
918
|
-
|
|
919
|
-
<a id="tenant-7e45d7"></a>• [`tenant`](#tenant-7e45d7) - Optional String<br>Tenant. When a configuration object(e.g. virtual_host) refers to another(e.g route) then tenant will hold the referred object's(e.g. route's) tenant
|
|
475
|
+
<a id="deep-87bb14"></a>Deeply nested **CA** block collapsed for readability.
|
|
920
476
|
|
|
921
477
|
#### HTTPS Management Advertise On Slo VIP Use mTLS Xfcc Options
|
|
922
478
|
|
|
923
|
-
|
|
924
|
-
|
|
925
|
-
<a id="elements-b77b32"></a>• [`xfcc_header_elements`](#elements-b77b32) - Optional List Defaults to `XFCC_NONE`<br>Possible values are `XFCC_NONE`, `XFCC_CERT`, `XFCC_CHAIN`, `XFCC_SUBJECT`, `XFCC_URI`, `XFCC_DNS`<br>[Enum: XFCC_NONE|XFCC_CERT|XFCC_CHAIN|XFCC_SUBJECT|XFCC_URI|XFCC_DNS] XFCC Header Elements. X-Forwarded-Client-Cert header elements to be added to requests
|
|
479
|
+
<a id="deep-80967d"></a>Deeply nested **Options** block collapsed for readability.
|
|
926
480
|
|
|
927
481
|
#### Timeouts
|
|
928
482
|
|
|
@@ -936,6 +490,89 @@ A [`timeouts`](#timeouts) block supports the following:
|
|
|
936
490
|
|
|
937
491
|
<a id="timeouts-update"></a>• [`update`](#timeouts-update) - Optional String (Defaults to `10 minutes`)<br>Used when updating the resource
|
|
938
492
|
|
|
493
|
+
---
|
|
494
|
+
|
|
495
|
+
## Common Types
|
|
496
|
+
|
|
497
|
+
The following type definitions are used throughout this resource. See the full definition here rather than repeated inline.
|
|
498
|
+
|
|
499
|
+
### Object Reference {#common-object-reference}
|
|
500
|
+
|
|
501
|
+
Object references establish a direct reference from one configuration object to another in F5 Distributed Cloud. References use the format `tenant/namespace/name`.
|
|
502
|
+
|
|
503
|
+
| Field | Type | Description |
|
|
504
|
+
| ----- | ---- | ----------- |
|
|
505
|
+
| `name` | String | Name of the referenced object |
|
|
506
|
+
| `namespace` | String | Namespace containing the referenced object |
|
|
507
|
+
| `tenant` | String | Tenant of the referenced object (system-managed) |
|
|
508
|
+
|
|
509
|
+
### Transformers {#common-transformers}
|
|
510
|
+
|
|
511
|
+
Transformers apply transformations to input values before matching. Multiple transformers can be applied in order.
|
|
512
|
+
|
|
513
|
+
| Value | Description |
|
|
514
|
+
| ----- | ----------- |
|
|
515
|
+
| `LOWER_CASE` | Convert to lowercase |
|
|
516
|
+
| `UPPER_CASE` | Convert to uppercase |
|
|
517
|
+
| `BASE64_DECODE` | Decode base64 content |
|
|
518
|
+
| `NORMALIZE_PATH` | Normalize URL path |
|
|
519
|
+
| `REMOVE_WHITESPACE` | Remove whitespace characters |
|
|
520
|
+
| `URL_DECODE` | Decode URL-encoded characters |
|
|
521
|
+
| `TRIM_LEFT` | Trim leading whitespace |
|
|
522
|
+
| `TRIM_RIGHT` | Trim trailing whitespace |
|
|
523
|
+
| `TRIM` | Trim both leading and trailing whitespace |
|
|
524
|
+
|
|
525
|
+
### HTTP Methods {#common-http-methods}
|
|
526
|
+
|
|
527
|
+
HTTP methods used for request matching.
|
|
528
|
+
|
|
529
|
+
| Value | Description |
|
|
530
|
+
| ----- | ----------- |
|
|
531
|
+
| `ANY` | Match any HTTP method |
|
|
532
|
+
| `GET` | HTTP GET request |
|
|
533
|
+
| `HEAD` | HTTP HEAD request |
|
|
534
|
+
| `POST` | HTTP POST request |
|
|
535
|
+
| `PUT` | HTTP PUT request |
|
|
536
|
+
| `DELETE` | HTTP DELETE request |
|
|
537
|
+
| `CONNECT` | HTTP CONNECT request |
|
|
538
|
+
| `OPTIONS` | HTTP OPTIONS request |
|
|
539
|
+
| `TRACE` | HTTP TRACE request |
|
|
540
|
+
| `PATCH` | HTTP PATCH request |
|
|
541
|
+
| `COPY` | HTTP COPY request (WebDAV) |
|
|
542
|
+
|
|
543
|
+
### TLS Fingerprints {#common-tls-fingerprints}
|
|
544
|
+
|
|
545
|
+
TLS fingerprint categories for malicious client detection.
|
|
546
|
+
|
|
547
|
+
| Value | Description |
|
|
548
|
+
| ----- | ----------- |
|
|
549
|
+
| `TLS_FINGERPRINT_NONE` | No fingerprint matching |
|
|
550
|
+
| `ANY_MALICIOUS_FINGERPRINT` | Match any known malicious fingerprint |
|
|
551
|
+
| `ADWARE` | Adware-associated fingerprints |
|
|
552
|
+
| `DRIDEX` | Dridex malware fingerprints |
|
|
553
|
+
| `GOOTKIT` | Gootkit malware fingerprints |
|
|
554
|
+
| `RANSOMWARE` | Ransomware-associated fingerprints |
|
|
555
|
+
| `TRICKBOT` | Trickbot malware fingerprints |
|
|
556
|
+
|
|
557
|
+
### IP Threat Categories {#common-ip-threat-categories}
|
|
558
|
+
|
|
559
|
+
IP address threat categories for security filtering.
|
|
560
|
+
|
|
561
|
+
| Value | Description |
|
|
562
|
+
| ----- | ----------- |
|
|
563
|
+
| `SPAM_SOURCES` | Known spam sources |
|
|
564
|
+
| `WINDOWS_EXPLOITS` | Windows exploit sources |
|
|
565
|
+
| `WEB_ATTACKS` | Web attack sources |
|
|
566
|
+
| `BOTNETS` | Known botnet IPs |
|
|
567
|
+
| `SCANNERS` | Network scanner IPs |
|
|
568
|
+
| `REPUTATION` | Poor reputation IPs |
|
|
569
|
+
| `PHISHING` | Phishing-related IPs |
|
|
570
|
+
| `PROXY` | Anonymous proxy IPs |
|
|
571
|
+
| `MOBILE_THREATS` | Mobile threat sources |
|
|
572
|
+
| `TOR_PROXY` | Tor exit nodes |
|
|
573
|
+
| `DENIAL_OF_SERVICE` | DoS attack sources |
|
|
574
|
+
| `NETWORK` | Known bad network ranges |
|
|
575
|
+
|
|
939
576
|
## Import
|
|
940
577
|
|
|
941
578
|
Import is supported using the following syntax:
|