@robinmordasiewicz/f5xc-terraform-mcp 2.4.8 → 2.6.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/docs/data-sources/addon_subscription.md +85 -2
- package/dist/docs/data-sources/address_allocator.md +85 -2
- package/dist/docs/data-sources/advertise_policy.md +85 -2
- package/dist/docs/data-sources/alert_policy.md +85 -2
- package/dist/docs/data-sources/alert_receiver.md +85 -2
- package/dist/docs/data-sources/allowed_tenant.md +85 -2
- package/dist/docs/data-sources/api_crawler.md +85 -2
- package/dist/docs/data-sources/api_credential.md +85 -2
- package/dist/docs/data-sources/api_definition.md +85 -2
- package/dist/docs/data-sources/api_discovery.md +85 -2
- package/dist/docs/data-sources/api_testing.md +85 -2
- package/dist/docs/data-sources/apm.md +85 -2
- package/dist/docs/data-sources/app_api_group.md +85 -2
- package/dist/docs/data-sources/app_firewall.md +85 -2
- package/dist/docs/data-sources/app_setting.md +85 -2
- package/dist/docs/data-sources/app_type.md +85 -2
- package/dist/docs/data-sources/authentication.md +85 -2
- package/dist/docs/data-sources/aws_tgw_site.md +85 -2
- package/dist/docs/data-sources/aws_vpc_site.md +85 -2
- package/dist/docs/data-sources/azure_vnet_site.md +85 -2
- package/dist/docs/data-sources/bgp.md +85 -2
- package/dist/docs/data-sources/bgp_asn_set.md +85 -2
- package/dist/docs/data-sources/bgp_routing_policy.md +85 -2
- package/dist/docs/data-sources/bigip_irule.md +85 -2
- package/dist/docs/data-sources/bot_defense_app_infrastructure.md +85 -2
- package/dist/docs/data-sources/cdn_cache_rule.md +85 -2
- package/dist/docs/data-sources/cdn_loadbalancer.md +85 -2
- package/dist/docs/data-sources/certificate.md +85 -2
- package/dist/docs/data-sources/certificate_chain.md +85 -2
- package/dist/docs/data-sources/child_tenant.md +85 -2
- package/dist/docs/data-sources/child_tenant_manager.md +85 -2
- package/dist/docs/data-sources/cloud_connect.md +85 -2
- package/dist/docs/data-sources/cloud_credentials.md +85 -2
- package/dist/docs/data-sources/cloud_elastic_ip.md +85 -2
- package/dist/docs/data-sources/cloud_link.md +85 -2
- package/dist/docs/data-sources/cluster.md +85 -2
- package/dist/docs/data-sources/cminstance.md +85 -2
- package/dist/docs/data-sources/code_base_integration.md +85 -2
- package/dist/docs/data-sources/contact.md +85 -2
- package/dist/docs/data-sources/container_registry.md +85 -2
- package/dist/docs/data-sources/crl.md +85 -2
- package/dist/docs/data-sources/customer_support.md +85 -2
- package/dist/docs/data-sources/data_group.md +85 -2
- package/dist/docs/data-sources/data_type.md +85 -2
- package/dist/docs/data-sources/dc_cluster_group.md +85 -2
- package/dist/docs/data-sources/discovery.md +85 -2
- package/dist/docs/data-sources/dns_compliance_checks.md +85 -2
- package/dist/docs/data-sources/dns_domain.md +85 -2
- package/dist/docs/data-sources/dns_lb_health_check.md +85 -2
- package/dist/docs/data-sources/dns_lb_pool.md +85 -2
- package/dist/docs/data-sources/dns_load_balancer.md +85 -2
- package/dist/docs/data-sources/dns_zone.md +85 -2
- package/dist/docs/data-sources/endpoint.md +85 -2
- package/dist/docs/data-sources/enhanced_firewall_policy.md +85 -2
- package/dist/docs/data-sources/external_connector.md +85 -2
- package/dist/docs/data-sources/fast_acl.md +85 -2
- package/dist/docs/data-sources/fast_acl_rule.md +85 -2
- package/dist/docs/data-sources/filter_set.md +85 -2
- package/dist/docs/data-sources/fleet.md +85 -2
- package/dist/docs/data-sources/forward_proxy_policy.md +85 -2
- package/dist/docs/data-sources/forwarding_class.md +85 -2
- package/dist/docs/data-sources/gcp_vpc_site.md +85 -2
- package/dist/docs/data-sources/geo_location_set.md +85 -2
- package/dist/docs/data-sources/global_log_receiver.md +85 -2
- package/dist/docs/data-sources/healthcheck.md +85 -2
- package/dist/docs/data-sources/http_loadbalancer.md +85 -2
- package/dist/docs/data-sources/ike1.md +85 -2
- package/dist/docs/data-sources/ike2.md +85 -2
- package/dist/docs/data-sources/ike_phase1_profile.md +85 -2
- package/dist/docs/data-sources/ike_phase2_profile.md +85 -2
- package/dist/docs/data-sources/infraprotect_asn.md +85 -2
- package/dist/docs/data-sources/infraprotect_asn_prefix.md +85 -2
- package/dist/docs/data-sources/infraprotect_deny_list_rule.md +85 -2
- package/dist/docs/data-sources/infraprotect_firewall_rule.md +85 -2
- package/dist/docs/data-sources/infraprotect_firewall_rule_group.md +85 -2
- package/dist/docs/data-sources/infraprotect_internet_prefix_advertisement.md +85 -2
- package/dist/docs/data-sources/infraprotect_tunnel.md +85 -2
- package/dist/docs/data-sources/ip_prefix_set.md +85 -2
- package/dist/docs/data-sources/irule.md +85 -2
- package/dist/docs/data-sources/k8s_cluster.md +85 -2
- package/dist/docs/data-sources/k8s_cluster_role.md +85 -2
- package/dist/docs/data-sources/k8s_cluster_role_binding.md +85 -2
- package/dist/docs/data-sources/k8s_pod_security_admission.md +85 -2
- package/dist/docs/data-sources/k8s_pod_security_policy.md +85 -2
- package/dist/docs/data-sources/log_receiver.md +85 -2
- package/dist/docs/data-sources/malicious_user_mitigation.md +85 -2
- package/dist/docs/data-sources/managed_tenant.md +85 -2
- package/dist/docs/data-sources/namespace.md +85 -2
- package/dist/docs/data-sources/nat_policy.md +85 -2
- package/dist/docs/data-sources/network_connector.md +85 -2
- package/dist/docs/data-sources/network_firewall.md +85 -2
- package/dist/docs/data-sources/network_interface.md +85 -2
- package/dist/docs/data-sources/network_policy.md +85 -2
- package/dist/docs/data-sources/network_policy_rule.md +85 -2
- package/dist/docs/data-sources/network_policy_view.md +85 -2
- package/dist/docs/data-sources/nfv_service.md +85 -2
- package/dist/docs/data-sources/oidc_provider.md +85 -2
- package/dist/docs/data-sources/origin_pool.md +85 -2
- package/dist/docs/data-sources/policer.md +85 -2
- package/dist/docs/data-sources/policy_based_routing.md +85 -2
- package/dist/docs/data-sources/protocol_inspection.md +85 -2
- package/dist/docs/data-sources/protocol_policer.md +85 -2
- package/dist/docs/data-sources/proxy.md +85 -2
- package/dist/docs/data-sources/quota.md +85 -2
- package/dist/docs/data-sources/rate_limiter.md +85 -2
- package/dist/docs/data-sources/rate_limiter_policy.md +85 -2
- package/dist/docs/data-sources/registration.md +85 -2
- package/dist/docs/data-sources/report_config.md +85 -2
- package/dist/docs/data-sources/role.md +85 -2
- package/dist/docs/data-sources/route.md +85 -2
- package/dist/docs/data-sources/secret_management_access.md +85 -2
- package/dist/docs/data-sources/secret_policy.md +85 -2
- package/dist/docs/data-sources/secret_policy_rule.md +85 -2
- package/dist/docs/data-sources/securemesh_site.md +85 -2
- package/dist/docs/data-sources/securemesh_site_v2.md +85 -2
- package/dist/docs/data-sources/segment.md +85 -2
- package/dist/docs/data-sources/sensitive_data_policy.md +85 -2
- package/dist/docs/data-sources/service_policy.md +85 -2
- package/dist/docs/data-sources/service_policy_rule.md +85 -2
- package/dist/docs/data-sources/site_mesh_group.md +85 -2
- package/dist/docs/data-sources/srv6_network_slice.md +85 -2
- package/dist/docs/data-sources/subnet.md +85 -2
- package/dist/docs/data-sources/tcp_loadbalancer.md +85 -2
- package/dist/docs/data-sources/tenant_configuration.md +85 -2
- package/dist/docs/data-sources/tenant_profile.md +85 -2
- package/dist/docs/data-sources/ticket_tracking_system.md +85 -2
- package/dist/docs/data-sources/token.md +85 -2
- package/dist/docs/data-sources/tpm_api_key.md +85 -2
- package/dist/docs/data-sources/tpm_category.md +85 -2
- package/dist/docs/data-sources/tpm_manager.md +85 -2
- package/dist/docs/data-sources/trusted_ca_list.md +85 -2
- package/dist/docs/data-sources/tunnel.md +85 -2
- package/dist/docs/data-sources/udp_loadbalancer.md +85 -2
- package/dist/docs/data-sources/usb_policy.md +85 -2
- package/dist/docs/data-sources/user_identification.md +85 -2
- package/dist/docs/data-sources/virtual_host.md +85 -2
- package/dist/docs/data-sources/virtual_k8s.md +85 -2
- package/dist/docs/data-sources/virtual_network.md +85 -2
- package/dist/docs/data-sources/virtual_site.md +85 -2
- package/dist/docs/data-sources/voltshare_admin_policy.md +85 -2
- package/dist/docs/data-sources/voltstack_site.md +85 -2
- package/dist/docs/data-sources/waf_exclusion_policy.md +85 -2
- package/dist/docs/data-sources/workload.md +85 -2
- package/dist/docs/data-sources/workload_flavor.md +85 -2
- package/dist/docs/guides/advanced-http-loadbalancer.md +569 -0
- package/dist/docs/resources/addon_subscription.md +87 -10
- package/dist/docs/resources/address_allocator.md +86 -3
- package/dist/docs/resources/advertise_policy.md +112 -57
- package/dist/docs/resources/alert_policy.md +91 -8
- package/dist/docs/resources/alert_receiver.md +94 -55
- package/dist/docs/resources/allowed_tenant.md +87 -10
- package/dist/docs/resources/api_crawler.md +86 -3
- package/dist/docs/resources/api_credential.md +86 -3
- package/dist/docs/resources/api_definition.md +89 -6
- package/dist/docs/resources/api_discovery.md +86 -3
- package/dist/docs/resources/api_testing.md +95 -52
- package/dist/docs/resources/apm.md +156 -519
- package/dist/docs/resources/app_api_group.md +90 -25
- package/dist/docs/resources/app_firewall.md +87 -6
- package/dist/docs/resources/app_setting.md +97 -66
- package/dist/docs/resources/app_type.md +86 -3
- package/dist/docs/resources/authentication.md +90 -27
- package/dist/docs/resources/aws_tgw_site.md +125 -222
- package/dist/docs/resources/aws_vpc_site.md +149 -352
- package/dist/docs/resources/azure_vnet_site.md +233 -860
- package/dist/docs/resources/bgp.md +103 -32
- package/dist/docs/resources/bgp_asn_set.md +86 -3
- package/dist/docs/resources/bgp_routing_policy.md +86 -3
- package/dist/docs/resources/bigip_irule.md +86 -3
- package/dist/docs/resources/bot_defense_app_infrastructure.md +86 -3
- package/dist/docs/resources/cdn_cache_rule.md +97 -120
- package/dist/docs/resources/cdn_loadbalancer.md +325 -1620
- package/dist/docs/resources/certificate.md +87 -10
- package/dist/docs/resources/certificate_chain.md +86 -3
- package/dist/docs/resources/child_tenant.md +88 -17
- package/dist/docs/resources/child_tenant_manager.md +88 -17
- package/dist/docs/resources/cloud_connect.md +98 -63
- package/dist/docs/resources/cloud_credentials.md +92 -39
- package/dist/docs/resources/cloud_elastic_ip.md +91 -8
- package/dist/docs/resources/cloud_link.md +90 -29
- package/dist/docs/resources/cluster.md +109 -66
- package/dist/docs/resources/cminstance.md +86 -3
- package/dist/docs/resources/code_base_integration.md +100 -87
- package/dist/docs/resources/contact.md +86 -3
- package/dist/docs/resources/container_registry.md +86 -3
- package/dist/docs/resources/crl.md +86 -3
- package/dist/docs/resources/customer_support.md +91 -8
- package/dist/docs/resources/data_group.md +86 -3
- package/dist/docs/resources/data_type.md +88 -9
- package/dist/docs/resources/dc_cluster_group.md +86 -3
- package/dist/docs/resources/discovery.md +115 -104
- package/dist/docs/resources/dns_compliance_checks.md +86 -3
- package/dist/docs/resources/dns_domain.md +86 -3
- package/dist/docs/resources/dns_lb_health_check.md +86 -3
- package/dist/docs/resources/dns_lb_pool.md +87 -10
- package/dist/docs/resources/dns_load_balancer.md +95 -40
- package/dist/docs/resources/dns_zone.md +86 -3
- package/dist/docs/resources/endpoint.md +101 -18
- package/dist/docs/resources/enhanced_firewall_policy.md +89 -32
- package/dist/docs/resources/external_connector.md +94 -29
- package/dist/docs/resources/fast_acl.md +100 -101
- package/dist/docs/resources/fast_acl_rule.md +101 -18
- package/dist/docs/resources/filter_set.md +86 -3
- package/dist/docs/resources/fleet.md +170 -541
- package/dist/docs/resources/forward_proxy_policy.md +90 -31
- package/dist/docs/resources/forwarding_class.md +87 -10
- package/dist/docs/resources/gcp_vpc_site.md +141 -328
- package/dist/docs/resources/geo_location_set.md +86 -3
- package/dist/docs/resources/global_log_receiver.md +116 -181
- package/dist/docs/resources/healthcheck.md +86 -3
- package/dist/docs/resources/http_loadbalancer.md +523 -2778
- package/dist/docs/resources/ike1.md +86 -3
- package/dist/docs/resources/ike2.md +86 -3
- package/dist/docs/resources/ike_phase1_profile.md +86 -3
- package/dist/docs/resources/ike_phase2_profile.md +86 -3
- package/dist/docs/resources/infraprotect_asn.md +86 -3
- package/dist/docs/resources/infraprotect_asn_prefix.md +87 -10
- package/dist/docs/resources/infraprotect_deny_list_rule.md +86 -3
- package/dist/docs/resources/infraprotect_firewall_rule.md +86 -3
- package/dist/docs/resources/infraprotect_firewall_rule_group.md +86 -3
- package/dist/docs/resources/infraprotect_internet_prefix_advertisement.md +86 -3
- package/dist/docs/resources/infraprotect_tunnel.md +90 -29
- package/dist/docs/resources/ip_prefix_set.md +86 -3
- package/dist/docs/resources/irule.md +86 -3
- package/dist/docs/resources/k8s_cluster.md +93 -58
- package/dist/docs/resources/k8s_cluster_role.md +87 -8
- package/dist/docs/resources/k8s_cluster_role_binding.md +87 -10
- package/dist/docs/resources/k8s_pod_security_admission.md +86 -3
- package/dist/docs/resources/k8s_pod_security_policy.md +87 -8
- package/dist/docs/resources/log_receiver.md +88 -15
- package/dist/docs/resources/malicious_user_mitigation.md +86 -3
- package/dist/docs/resources/managed_tenant.md +89 -12
- package/dist/docs/resources/namespace.md +86 -3
- package/dist/docs/resources/nat_policy.md +126 -43
- package/dist/docs/resources/network_connector.md +94 -51
- package/dist/docs/resources/network_firewall.md +90 -31
- package/dist/docs/resources/network_interface.md +93 -46
- package/dist/docs/resources/network_policy.md +96 -13
- package/dist/docs/resources/network_policy_rule.md +91 -8
- package/dist/docs/resources/network_policy_view.md +96 -13
- package/dist/docs/resources/nfv_service.md +153 -446
- package/dist/docs/resources/oidc_provider.md +86 -3
- package/dist/docs/resources/origin_pool.md +108 -145
- package/dist/docs/resources/policer.md +86 -3
- package/dist/docs/resources/policy_based_routing.md +100 -89
- package/dist/docs/resources/protocol_inspection.md +87 -10
- package/dist/docs/resources/protocol_policer.md +91 -8
- package/dist/docs/resources/proxy.md +154 -571
- package/dist/docs/resources/quota.md +86 -3
- package/dist/docs/resources/rate_limiter.md +91 -8
- package/dist/docs/resources/rate_limiter_policy.md +100 -23
- package/dist/docs/resources/registration.md +86 -3
- package/dist/docs/resources/report_config.md +87 -10
- package/dist/docs/resources/role.md +86 -3
- package/dist/docs/resources/route.md +113 -82
- package/dist/docs/resources/secret_management_access.md +127 -156
- package/dist/docs/resources/secret_policy.md +87 -4
- package/dist/docs/resources/secret_policy_rule.md +86 -3
- package/dist/docs/resources/securemesh_site.md +137 -380
- package/dist/docs/resources/securemesh_site_v2.md +289 -1204
- package/dist/docs/resources/segment.md +86 -3
- package/dist/docs/resources/sensitive_data_policy.md +87 -10
- package/dist/docs/resources/service_policy.md +115 -122
- package/dist/docs/resources/service_policy_rule.md +110 -59
- package/dist/docs/resources/site_mesh_group.md +92 -15
- package/dist/docs/resources/srv6_network_slice.md +86 -3
- package/dist/docs/resources/subnet.md +89 -20
- package/dist/docs/resources/tcp_loadbalancer.md +114 -185
- package/dist/docs/resources/tenant_configuration.md +86 -3
- package/dist/docs/resources/tenant_profile.md +87 -10
- package/dist/docs/resources/ticket_tracking_system.md +86 -3
- package/dist/docs/resources/token.md +86 -3
- package/dist/docs/resources/tpm_api_key.md +91 -8
- package/dist/docs/resources/tpm_category.md +91 -8
- package/dist/docs/resources/tpm_manager.md +86 -3
- package/dist/docs/resources/trusted_ca_list.md +86 -3
- package/dist/docs/resources/tunnel.md +91 -8
- package/dist/docs/resources/udp_loadbalancer.md +97 -80
- package/dist/docs/resources/usb_policy.md +86 -3
- package/dist/docs/resources/user_identification.md +86 -3
- package/dist/docs/resources/virtual_host.md +152 -177
- package/dist/docs/resources/virtual_k8s.md +92 -15
- package/dist/docs/resources/virtual_network.md +91 -8
- package/dist/docs/resources/virtual_site.md +86 -3
- package/dist/docs/resources/voltshare_admin_policy.md +86 -11
- package/dist/docs/resources/voltstack_site.md +380 -1365
- package/dist/docs/resources/waf_exclusion_policy.md +91 -28
- package/dist/docs/resources/workload.md +1189 -4148
- package/dist/docs/resources/workload_flavor.md +86 -3
- package/package.json +1 -1
|
@@ -2,12 +2,12 @@
|
|
|
2
2
|
page_title: "f5xc_proxy Resource - terraform-provider-f5xc"
|
|
3
3
|
subcategory: "Networking"
|
|
4
4
|
description: |-
|
|
5
|
-
|
|
5
|
+
Manages a Proxy resource in F5 Distributed Cloud for tcp loadbalancer create configuration.
|
|
6
6
|
---
|
|
7
7
|
|
|
8
8
|
# f5xc_proxy (Resource)
|
|
9
9
|
|
|
10
|
-
|
|
10
|
+
Manages a Proxy resource in F5 Distributed Cloud for tcp loadbalancer create configuration.
|
|
11
11
|
|
|
12
12
|
~> **Note** Please refer to [Proxy API docs](https://docs.cloud.f5.com/docs-v2/api/views-proxy) to learn more.
|
|
13
13
|
|
|
@@ -15,7 +15,7 @@ description: |-
|
|
|
15
15
|
|
|
16
16
|
```terraform
|
|
17
17
|
# Proxy Resource Example
|
|
18
|
-
#
|
|
18
|
+
# Manages a Proxy resource in F5 Distributed Cloud for tcp loadbalancer create configuration.
|
|
19
19
|
|
|
20
20
|
# Basic Proxy configuration
|
|
21
21
|
resource "f5xc_proxy" "example" {
|
|
@@ -97,13 +97,7 @@ An [`active_forward_proxy_policies`](#active-forward-proxy-policies) block suppo
|
|
|
97
97
|
|
|
98
98
|
#### Active Forward Proxy Policies Forward Proxy Policies
|
|
99
99
|
|
|
100
|
-
|
|
101
|
-
|
|
102
|
-
<a id="name-c2d06e"></a>• [`name`](#name-c2d06e) - Optional String<br>Name. When a configuration object(e.g. virtual_host) refers to another(e.g route) then name will hold the referred object's(e.g. route's) name
|
|
103
|
-
|
|
104
|
-
<a id="namespace-63e125"></a>• [`namespace`](#namespace-63e125) - Optional String<br>Namespace. When a configuration object(e.g. virtual_host) refers to another(e.g route) then namespace will hold the referred object's(e.g. route's) namespace
|
|
105
|
-
|
|
106
|
-
<a id="tenant-e68ab4"></a>• [`tenant`](#tenant-e68ab4) - Optional String<br>Tenant. When a configuration object(e.g. virtual_host) refers to another(e.g route) then tenant will hold the referred object's(e.g. route's) tenant
|
|
100
|
+
<a id="objref-42e2f7"></a>Uses standard [Object Reference](#common-object-reference) fields (name, namespace, tenant).
|
|
107
101
|
|
|
108
102
|
#### Dynamic Proxy
|
|
109
103
|
|
|
@@ -165,213 +159,75 @@ A [`more_option`](#dynamic-proxy-http-proxy-more-option) block (within [`dynamic
|
|
|
165
159
|
|
|
166
160
|
#### Dynamic Proxy HTTP Proxy More Option Buffer Policy
|
|
167
161
|
|
|
168
|
-
|
|
169
|
-
|
|
170
|
-
<a id="disabled-58d7eb"></a>• [`disabled`](#disabled-58d7eb) - Optional Bool<br>Disable. Disable buffering for a particular route. This is useful when virtual-host has buffering, but we need to disable it on a specific route. The value of this field is ignored for virtual-host
|
|
171
|
-
|
|
172
|
-
<a id="bytes-a69ae9"></a>• [`max_request_bytes`](#bytes-a69ae9) - Optional Number<br>Max Request Bytes. The maximum request size that the filter will buffer before the connection manager will stop buffering and return a RequestEntityTooLarge (413) response
|
|
162
|
+
<a id="deep-a5f206"></a>Deeply nested **Policy** block collapsed for readability.
|
|
173
163
|
|
|
174
164
|
#### Dynamic Proxy HTTP Proxy More Option Compression Params
|
|
175
165
|
|
|
176
|
-
|
|
177
|
-
|
|
178
|
-
<a id="length-acd260"></a>• [`content_length`](#length-acd260) - Optional Number Defaults to `30`<br>Content Length. Minimum response length, in bytes, which will trigger compression. The
|
|
179
|
-
|
|
180
|
-
<a id="type-596051"></a>• [`content_type`](#type-596051) - Optional List<br>Content Type. Set of strings that allows specifying which mime-types yield compression When this field is not defined, compression will be applied to the following mime-types: 'application/javascript' 'application/JSON', 'application/xhtml+XML' 'image/svg+XML' 'text/CSS' 'text/HTML' 'text/plain' 'text/XML'
|
|
181
|
-
|
|
182
|
-
<a id="header-eba324"></a>• [`disable_on_etag_header`](#header-eba324) - Optional Bool<br>Disable On Etag Header. If true, disables compression when the response contains an etag header. When it is false, weak etags will be preserved and the ones that require strong validation will be removed
|
|
183
|
-
|
|
184
|
-
<a id="header-c1b850"></a>• [`remove_accept_encoding_header`](#header-c1b850) - Optional Bool<br>Remove Accept-Encoding Header. If true, removes accept-encoding from the request headers before dispatching it to the upstream so that responses do not get compressed before reaching the filter
|
|
166
|
+
<a id="deep-01a7f1"></a>Deeply nested **Params** block collapsed for readability.
|
|
185
167
|
|
|
186
168
|
#### Dynamic Proxy HTTP Proxy More Option Request Cookies To Add
|
|
187
169
|
|
|
188
|
-
|
|
189
|
-
|
|
190
|
-
<a id="name-9fa714"></a>• [`name`](#name-9fa714) - Optional String<br>Name. Name of the cookie in Cookie header
|
|
191
|
-
|
|
192
|
-
<a id="overwrite-4b4cf0"></a>• [`overwrite`](#overwrite-4b4cf0) - Optional Bool Defaults to `do`<br>Overwrite. Should the value be overwritten? If true, the value is overwritten to existing values. not overwrite
|
|
193
|
-
|
|
194
|
-
<a id="value-ce6641"></a>• [`secret_value`](#value-ce6641) - Optional Block<br>Secret. SecretType is used in an object to indicate a sensitive/confidential field<br>See [Secret Value](#value-ce6641) below.
|
|
195
|
-
|
|
196
|
-
<a id="value-cc351d"></a>• [`value`](#value-cc351d) - Optional String<br>Value. Value of the Cookie header
|
|
170
|
+
<a id="deep-23409b"></a>Deeply nested **Add** block collapsed for readability.
|
|
197
171
|
|
|
198
172
|
#### Dynamic Proxy HTTP Proxy More Option Request Cookies To Add Secret Value
|
|
199
173
|
|
|
200
|
-
|
|
201
|
-
|
|
202
|
-
<a id="info-c47605"></a>• [`blindfold_secret_info`](#info-c47605) - Optional Block<br>Blindfold Secret. BlindfoldSecretInfoType specifies information about the Secret managed by F5XC Secret Management<br>See [Blindfold Secret Info](#info-c47605) below.
|
|
203
|
-
|
|
204
|
-
<a id="info-aebb29"></a>• [`clear_secret_info`](#info-aebb29) - Optional Block<br>In-Clear Secret. ClearSecretInfoType specifies information about the Secret that is not encrypted<br>See [Clear Secret Info](#info-aebb29) below.
|
|
174
|
+
<a id="deep-5d14ea"></a>Deeply nested **Value** block collapsed for readability.
|
|
205
175
|
|
|
206
176
|
#### Dynamic Proxy HTTP Proxy More Option Request Cookies To Add Secret Value Blindfold Secret Info
|
|
207
177
|
|
|
208
|
-
|
|
209
|
-
|
|
210
|
-
<a id="provider-6e2fe4"></a>• [`decryption_provider`](#provider-6e2fe4) - Optional String<br>Decryption Provider. Name of the Secret Management Access object that contains information about the backend Secret Management service
|
|
211
|
-
|
|
212
|
-
<a id="location-5af68a"></a>• [`location`](#location-5af68a) - Optional String<br>Location. Location is the uri_ref. It could be in URL format for string:/// Or it could be a path if the store provider is an HTTP/HTTPS location
|
|
213
|
-
|
|
214
|
-
<a id="provider-94eb47"></a>• [`store_provider`](#provider-94eb47) - Optional String<br>Store Provider. Name of the Secret Management Access object that contains information about the store to get encrypted bytes This field needs to be provided only if the URL scheme is not string:///
|
|
178
|
+
<a id="deep-a31169"></a>Deeply nested **Info** block collapsed for readability.
|
|
215
179
|
|
|
216
180
|
#### Dynamic Proxy HTTP Proxy More Option Request Cookies To Add Secret Value Clear Secret Info
|
|
217
181
|
|
|
218
|
-
|
|
219
|
-
|
|
220
|
-
<a id="ref-166aeb"></a>• [`provider_ref`](#ref-166aeb) - Optional String<br>Provider. Name of the Secret Management Access object that contains information about the store to get encrypted bytes This field needs to be provided only if the URL scheme is not string:///
|
|
221
|
-
|
|
222
|
-
<a id="url-f57563"></a>• [`url`](#url-f57563) - Optional String<br>URL. URL of the secret. Currently supported URL schemes is string:///. For string:/// scheme, Secret needs to be encoded Base64 format. When asked for this secret, caller will get Secret bytes after Base64 decoding
|
|
182
|
+
<a id="deep-67dc1f"></a>Deeply nested **Info** block collapsed for readability.
|
|
223
183
|
|
|
224
184
|
#### Dynamic Proxy HTTP Proxy More Option Request Headers To Add
|
|
225
185
|
|
|
226
|
-
|
|
227
|
-
|
|
228
|
-
<a id="append-7cbdc2"></a>• [`append`](#append-7cbdc2) - Optional Bool Defaults to `do`<br>Append. Should the value be appended? If true, the value is appended to existing values. not append
|
|
229
|
-
|
|
230
|
-
<a id="name-f9c73b"></a>• [`name`](#name-f9c73b) - Optional String<br>Name. Name of the HTTP header
|
|
231
|
-
|
|
232
|
-
<a id="value-b59cb1"></a>• [`secret_value`](#value-b59cb1) - Optional Block<br>Secret. SecretType is used in an object to indicate a sensitive/confidential field<br>See [Secret Value](#value-b59cb1) below.
|
|
233
|
-
|
|
234
|
-
<a id="value-c61e93"></a>• [`value`](#value-c61e93) - Optional String<br>Value. Value of the HTTP header
|
|
186
|
+
<a id="deep-4e5871"></a>Deeply nested **Add** block collapsed for readability.
|
|
235
187
|
|
|
236
188
|
#### Dynamic Proxy HTTP Proxy More Option Request Headers To Add Secret Value
|
|
237
189
|
|
|
238
|
-
|
|
239
|
-
|
|
240
|
-
<a id="info-194179"></a>• [`blindfold_secret_info`](#info-194179) - Optional Block<br>Blindfold Secret. BlindfoldSecretInfoType specifies information about the Secret managed by F5XC Secret Management<br>See [Blindfold Secret Info](#info-194179) below.
|
|
241
|
-
|
|
242
|
-
<a id="info-119525"></a>• [`clear_secret_info`](#info-119525) - Optional Block<br>In-Clear Secret. ClearSecretInfoType specifies information about the Secret that is not encrypted<br>See [Clear Secret Info](#info-119525) below.
|
|
190
|
+
<a id="deep-519491"></a>Deeply nested **Value** block collapsed for readability.
|
|
243
191
|
|
|
244
192
|
#### Dynamic Proxy HTTP Proxy More Option Request Headers To Add Secret Value Blindfold Secret Info
|
|
245
193
|
|
|
246
|
-
|
|
247
|
-
|
|
248
|
-
<a id="provider-aff7d3"></a>• [`decryption_provider`](#provider-aff7d3) - Optional String<br>Decryption Provider. Name of the Secret Management Access object that contains information about the backend Secret Management service
|
|
249
|
-
|
|
250
|
-
<a id="location-9eaf7a"></a>• [`location`](#location-9eaf7a) - Optional String<br>Location. Location is the uri_ref. It could be in URL format for string:/// Or it could be a path if the store provider is an HTTP/HTTPS location
|
|
251
|
-
|
|
252
|
-
<a id="provider-af5cde"></a>• [`store_provider`](#provider-af5cde) - Optional String<br>Store Provider. Name of the Secret Management Access object that contains information about the store to get encrypted bytes This field needs to be provided only if the URL scheme is not string:///
|
|
194
|
+
<a id="deep-bd6322"></a>Deeply nested **Info** block collapsed for readability.
|
|
253
195
|
|
|
254
196
|
#### Dynamic Proxy HTTP Proxy More Option Request Headers To Add Secret Value Clear Secret Info
|
|
255
197
|
|
|
256
|
-
|
|
257
|
-
|
|
258
|
-
<a id="ref-d80107"></a>• [`provider_ref`](#ref-d80107) - Optional String<br>Provider. Name of the Secret Management Access object that contains information about the store to get encrypted bytes This field needs to be provided only if the URL scheme is not string:///
|
|
259
|
-
|
|
260
|
-
<a id="url-588206"></a>• [`url`](#url-588206) - Optional String<br>URL. URL of the secret. Currently supported URL schemes is string:///. For string:/// scheme, Secret needs to be encoded Base64 format. When asked for this secret, caller will get Secret bytes after Base64 decoding
|
|
198
|
+
<a id="deep-2c36ea"></a>Deeply nested **Info** block collapsed for readability.
|
|
261
199
|
|
|
262
200
|
#### Dynamic Proxy HTTP Proxy More Option Response Cookies To Add
|
|
263
201
|
|
|
264
|
-
|
|
265
|
-
|
|
266
|
-
<a id="domain-08783a"></a>• [`add_domain`](#domain-08783a) - Optional String<br>Add Domain. Add domain attribute
|
|
267
|
-
|
|
268
|
-
<a id="expiry-6a734b"></a>• [`add_expiry`](#expiry-6a734b) - Optional String<br>Add expiry. Add expiry attribute
|
|
269
|
-
|
|
270
|
-
<a id="httponly-dd776b"></a>• [`add_httponly`](#httponly-dd776b) - Optional Block<br>Enable this option
|
|
271
|
-
|
|
272
|
-
<a id="partitioned-ccfc66"></a>• [`add_partitioned`](#partitioned-ccfc66) - Optional Block<br>Enable this option
|
|
273
|
-
|
|
274
|
-
<a id="path-118771"></a>• [`add_path`](#path-118771) - Optional String<br>Add path. Add path attribute
|
|
275
|
-
|
|
276
|
-
<a id="secure-d40bba"></a>• [`add_secure`](#secure-d40bba) - Optional Block<br>Enable this option
|
|
277
|
-
|
|
278
|
-
<a id="domain-6cf3f1"></a>• [`ignore_domain`](#domain-6cf3f1) - Optional Block<br>Enable this option
|
|
279
|
-
|
|
280
|
-
<a id="expiry-c0b405"></a>• [`ignore_expiry`](#expiry-c0b405) - Optional Block<br>Enable this option
|
|
281
|
-
|
|
282
|
-
<a id="httponly-6e1f25"></a>• [`ignore_httponly`](#httponly-6e1f25) - Optional Block<br>Enable this option
|
|
283
|
-
|
|
284
|
-
<a id="age-ccc973"></a>• [`ignore_max_age`](#age-ccc973) - Optional Block<br>Enable this option
|
|
285
|
-
|
|
286
|
-
<a id="partitioned-d62000"></a>• [`ignore_partitioned`](#partitioned-d62000) - Optional Block<br>Enable this option
|
|
287
|
-
|
|
288
|
-
<a id="path-c41359"></a>• [`ignore_path`](#path-c41359) - Optional Block<br>Enable this option
|
|
289
|
-
|
|
290
|
-
<a id="samesite-ad6396"></a>• [`ignore_samesite`](#samesite-ad6396) - Optional Block<br>Enable this option
|
|
291
|
-
|
|
292
|
-
<a id="secure-6680d6"></a>• [`ignore_secure`](#secure-6680d6) - Optional Block<br>Enable this option
|
|
293
|
-
|
|
294
|
-
<a id="value-885f6c"></a>• [`ignore_value`](#value-885f6c) - Optional Block<br>Enable this option
|
|
295
|
-
|
|
296
|
-
<a id="value-6b6157"></a>• [`max_age_value`](#value-6b6157) - Optional Number<br>Add Max Age. Add max age attribute
|
|
297
|
-
|
|
298
|
-
<a id="name-26628a"></a>• [`name`](#name-26628a) - Optional String<br>Name. Name of the cookie in Cookie header
|
|
299
|
-
|
|
300
|
-
<a id="overwrite-813b7a"></a>• [`overwrite`](#overwrite-813b7a) - Optional Bool Defaults to `do`<br>Overwrite. Should the value be overwritten? If true, the value is overwritten to existing values. not overwrite
|
|
301
|
-
|
|
302
|
-
<a id="lax-c3cb8c"></a>• [`samesite_lax`](#lax-c3cb8c) - Optional Block<br>Enable this option
|
|
303
|
-
|
|
304
|
-
<a id="none-6eb774"></a>• [`samesite_none`](#none-6eb774) - Optional Block<br>Enable this option
|
|
305
|
-
|
|
306
|
-
<a id="strict-e2c697"></a>• [`samesite_strict`](#strict-e2c697) - Optional Block<br>Enable this option
|
|
307
|
-
|
|
308
|
-
<a id="value-f2f686"></a>• [`secret_value`](#value-f2f686) - Optional Block<br>Secret. SecretType is used in an object to indicate a sensitive/confidential field<br>See [Secret Value](#value-f2f686) below.
|
|
309
|
-
|
|
310
|
-
<a id="value-3542a3"></a>• [`value`](#value-3542a3) - Optional String<br>Value. Value of the Cookie header
|
|
202
|
+
<a id="deep-236633"></a>Deeply nested **Add** block collapsed for readability.
|
|
311
203
|
|
|
312
204
|
#### Dynamic Proxy HTTP Proxy More Option Response Cookies To Add Secret Value
|
|
313
205
|
|
|
314
|
-
|
|
315
|
-
|
|
316
|
-
<a id="info-1b6e67"></a>• [`blindfold_secret_info`](#info-1b6e67) - Optional Block<br>Blindfold Secret. BlindfoldSecretInfoType specifies information about the Secret managed by F5XC Secret Management<br>See [Blindfold Secret Info](#info-1b6e67) below.
|
|
317
|
-
|
|
318
|
-
<a id="info-bbd78a"></a>• [`clear_secret_info`](#info-bbd78a) - Optional Block<br>In-Clear Secret. ClearSecretInfoType specifies information about the Secret that is not encrypted<br>See [Clear Secret Info](#info-bbd78a) below.
|
|
206
|
+
<a id="deep-dadcde"></a>Deeply nested **Value** block collapsed for readability.
|
|
319
207
|
|
|
320
208
|
#### Dynamic Proxy HTTP Proxy More Option Response Cookies To Add Secret Value Blindfold Secret Info
|
|
321
209
|
|
|
322
|
-
|
|
323
|
-
|
|
324
|
-
<a id="provider-182990"></a>• [`decryption_provider`](#provider-182990) - Optional String<br>Decryption Provider. Name of the Secret Management Access object that contains information about the backend Secret Management service
|
|
325
|
-
|
|
326
|
-
<a id="location-10d8d6"></a>• [`location`](#location-10d8d6) - Optional String<br>Location. Location is the uri_ref. It could be in URL format for string:/// Or it could be a path if the store provider is an HTTP/HTTPS location
|
|
327
|
-
|
|
328
|
-
<a id="provider-78495f"></a>• [`store_provider`](#provider-78495f) - Optional String<br>Store Provider. Name of the Secret Management Access object that contains information about the store to get encrypted bytes This field needs to be provided only if the URL scheme is not string:///
|
|
210
|
+
<a id="deep-ae55bc"></a>Deeply nested **Info** block collapsed for readability.
|
|
329
211
|
|
|
330
212
|
#### Dynamic Proxy HTTP Proxy More Option Response Cookies To Add Secret Value Clear Secret Info
|
|
331
213
|
|
|
332
|
-
|
|
333
|
-
|
|
334
|
-
<a id="ref-1dfa6c"></a>• [`provider_ref`](#ref-1dfa6c) - Optional String<br>Provider. Name of the Secret Management Access object that contains information about the store to get encrypted bytes This field needs to be provided only if the URL scheme is not string:///
|
|
335
|
-
|
|
336
|
-
<a id="url-bc1d03"></a>• [`url`](#url-bc1d03) - Optional String<br>URL. URL of the secret. Currently supported URL schemes is string:///. For string:/// scheme, Secret needs to be encoded Base64 format. When asked for this secret, caller will get Secret bytes after Base64 decoding
|
|
214
|
+
<a id="deep-70e69a"></a>Deeply nested **Info** block collapsed for readability.
|
|
337
215
|
|
|
338
216
|
#### Dynamic Proxy HTTP Proxy More Option Response Headers To Add
|
|
339
217
|
|
|
340
|
-
|
|
341
|
-
|
|
342
|
-
<a id="append-a43849"></a>• [`append`](#append-a43849) - Optional Bool Defaults to `do`<br>Append. Should the value be appended? If true, the value is appended to existing values. not append
|
|
343
|
-
|
|
344
|
-
<a id="name-d9f09b"></a>• [`name`](#name-d9f09b) - Optional String<br>Name. Name of the HTTP header
|
|
345
|
-
|
|
346
|
-
<a id="value-daf041"></a>• [`secret_value`](#value-daf041) - Optional Block<br>Secret. SecretType is used in an object to indicate a sensitive/confidential field<br>See [Secret Value](#value-daf041) below.
|
|
347
|
-
|
|
348
|
-
<a id="value-428d7d"></a>• [`value`](#value-428d7d) - Optional String<br>Value. Value of the HTTP header
|
|
218
|
+
<a id="deep-c8d37d"></a>Deeply nested **Add** block collapsed for readability.
|
|
349
219
|
|
|
350
220
|
#### Dynamic Proxy HTTP Proxy More Option Response Headers To Add Secret Value
|
|
351
221
|
|
|
352
|
-
|
|
353
|
-
|
|
354
|
-
<a id="info-fc0cf5"></a>• [`blindfold_secret_info`](#info-fc0cf5) - Optional Block<br>Blindfold Secret. BlindfoldSecretInfoType specifies information about the Secret managed by F5XC Secret Management<br>See [Blindfold Secret Info](#info-fc0cf5) below.
|
|
355
|
-
|
|
356
|
-
<a id="info-8946b7"></a>• [`clear_secret_info`](#info-8946b7) - Optional Block<br>In-Clear Secret. ClearSecretInfoType specifies information about the Secret that is not encrypted<br>See [Clear Secret Info](#info-8946b7) below.
|
|
222
|
+
<a id="deep-c6cd69"></a>Deeply nested **Value** block collapsed for readability.
|
|
357
223
|
|
|
358
224
|
#### Dynamic Proxy HTTP Proxy More Option Response Headers To Add Secret Value Blindfold Secret Info
|
|
359
225
|
|
|
360
|
-
|
|
361
|
-
|
|
362
|
-
<a id="provider-cfd697"></a>• [`decryption_provider`](#provider-cfd697) - Optional String<br>Decryption Provider. Name of the Secret Management Access object that contains information about the backend Secret Management service
|
|
363
|
-
|
|
364
|
-
<a id="location-e68812"></a>• [`location`](#location-e68812) - Optional String<br>Location. Location is the uri_ref. It could be in URL format for string:/// Or it could be a path if the store provider is an HTTP/HTTPS location
|
|
365
|
-
|
|
366
|
-
<a id="provider-1c24b4"></a>• [`store_provider`](#provider-1c24b4) - Optional String<br>Store Provider. Name of the Secret Management Access object that contains information about the store to get encrypted bytes This field needs to be provided only if the URL scheme is not string:///
|
|
226
|
+
<a id="deep-5bb53d"></a>Deeply nested **Info** block collapsed for readability.
|
|
367
227
|
|
|
368
228
|
#### Dynamic Proxy HTTP Proxy More Option Response Headers To Add Secret Value Clear Secret Info
|
|
369
229
|
|
|
370
|
-
|
|
371
|
-
|
|
372
|
-
<a id="ref-7e7d99"></a>• [`provider_ref`](#ref-7e7d99) - Optional String<br>Provider. Name of the Secret Management Access object that contains information about the store to get encrypted bytes This field needs to be provided only if the URL scheme is not string:///
|
|
373
|
-
|
|
374
|
-
<a id="url-85d846"></a>• [`url`](#url-85d846) - Optional String<br>URL. URL of the secret. Currently supported URL schemes is string:///. For string:/// scheme, Secret needs to be encoded Base64 format. When asked for this secret, caller will get Secret bytes after Base64 decoding
|
|
230
|
+
<a id="deep-cc90ba"></a>Deeply nested **Info** block collapsed for readability.
|
|
375
231
|
|
|
376
232
|
#### Dynamic Proxy HTTPS Proxy
|
|
377
233
|
|
|
@@ -419,213 +275,75 @@ A [`more_option`](#dynamic-proxy-https-proxy-more-option) block (within [`dynami
|
|
|
419
275
|
|
|
420
276
|
#### Dynamic Proxy HTTPS Proxy More Option Buffer Policy
|
|
421
277
|
|
|
422
|
-
|
|
423
|
-
|
|
424
|
-
<a id="disabled-e7ba98"></a>• [`disabled`](#disabled-e7ba98) - Optional Bool<br>Disable. Disable buffering for a particular route. This is useful when virtual-host has buffering, but we need to disable it on a specific route. The value of this field is ignored for virtual-host
|
|
425
|
-
|
|
426
|
-
<a id="bytes-7ef8da"></a>• [`max_request_bytes`](#bytes-7ef8da) - Optional Number<br>Max Request Bytes. The maximum request size that the filter will buffer before the connection manager will stop buffering and return a RequestEntityTooLarge (413) response
|
|
278
|
+
<a id="deep-2d0cd8"></a>Deeply nested **Policy** block collapsed for readability.
|
|
427
279
|
|
|
428
280
|
#### Dynamic Proxy HTTPS Proxy More Option Compression Params
|
|
429
281
|
|
|
430
|
-
|
|
431
|
-
|
|
432
|
-
<a id="length-6f9398"></a>• [`content_length`](#length-6f9398) - Optional Number Defaults to `30`<br>Content Length. Minimum response length, in bytes, which will trigger compression. The
|
|
433
|
-
|
|
434
|
-
<a id="type-3ddae9"></a>• [`content_type`](#type-3ddae9) - Optional List<br>Content Type. Set of strings that allows specifying which mime-types yield compression When this field is not defined, compression will be applied to the following mime-types: 'application/javascript' 'application/JSON', 'application/xhtml+XML' 'image/svg+XML' 'text/CSS' 'text/HTML' 'text/plain' 'text/XML'
|
|
435
|
-
|
|
436
|
-
<a id="header-889176"></a>• [`disable_on_etag_header`](#header-889176) - Optional Bool<br>Disable On Etag Header. If true, disables compression when the response contains an etag header. When it is false, weak etags will be preserved and the ones that require strong validation will be removed
|
|
437
|
-
|
|
438
|
-
<a id="header-4466c4"></a>• [`remove_accept_encoding_header`](#header-4466c4) - Optional Bool<br>Remove Accept-Encoding Header. If true, removes accept-encoding from the request headers before dispatching it to the upstream so that responses do not get compressed before reaching the filter
|
|
282
|
+
<a id="deep-159dd4"></a>Deeply nested **Params** block collapsed for readability.
|
|
439
283
|
|
|
440
284
|
#### Dynamic Proxy HTTPS Proxy More Option Request Cookies To Add
|
|
441
285
|
|
|
442
|
-
|
|
443
|
-
|
|
444
|
-
<a id="name-72cbb0"></a>• [`name`](#name-72cbb0) - Optional String<br>Name. Name of the cookie in Cookie header
|
|
445
|
-
|
|
446
|
-
<a id="overwrite-06d573"></a>• [`overwrite`](#overwrite-06d573) - Optional Bool Defaults to `do`<br>Overwrite. Should the value be overwritten? If true, the value is overwritten to existing values. not overwrite
|
|
447
|
-
|
|
448
|
-
<a id="value-6045be"></a>• [`secret_value`](#value-6045be) - Optional Block<br>Secret. SecretType is used in an object to indicate a sensitive/confidential field<br>See [Secret Value](#value-6045be) below.
|
|
449
|
-
|
|
450
|
-
<a id="value-ad88ec"></a>• [`value`](#value-ad88ec) - Optional String<br>Value. Value of the Cookie header
|
|
286
|
+
<a id="deep-e766a8"></a>Deeply nested **Add** block collapsed for readability.
|
|
451
287
|
|
|
452
288
|
#### Dynamic Proxy HTTPS Proxy More Option Request Cookies To Add Secret Value
|
|
453
289
|
|
|
454
|
-
|
|
455
|
-
|
|
456
|
-
<a id="info-29fb7b"></a>• [`blindfold_secret_info`](#info-29fb7b) - Optional Block<br>Blindfold Secret. BlindfoldSecretInfoType specifies information about the Secret managed by F5XC Secret Management<br>See [Blindfold Secret Info](#info-29fb7b) below.
|
|
457
|
-
|
|
458
|
-
<a id="info-0bb306"></a>• [`clear_secret_info`](#info-0bb306) - Optional Block<br>In-Clear Secret. ClearSecretInfoType specifies information about the Secret that is not encrypted<br>See [Clear Secret Info](#info-0bb306) below.
|
|
290
|
+
<a id="deep-5208fc"></a>Deeply nested **Value** block collapsed for readability.
|
|
459
291
|
|
|
460
292
|
#### Dynamic Proxy HTTPS Proxy More Option Request Cookies To Add Secret Value Blindfold Secret Info
|
|
461
293
|
|
|
462
|
-
|
|
463
|
-
|
|
464
|
-
<a id="provider-068d69"></a>• [`decryption_provider`](#provider-068d69) - Optional String<br>Decryption Provider. Name of the Secret Management Access object that contains information about the backend Secret Management service
|
|
465
|
-
|
|
466
|
-
<a id="location-b1d6d8"></a>• [`location`](#location-b1d6d8) - Optional String<br>Location. Location is the uri_ref. It could be in URL format for string:/// Or it could be a path if the store provider is an HTTP/HTTPS location
|
|
467
|
-
|
|
468
|
-
<a id="provider-e1da40"></a>• [`store_provider`](#provider-e1da40) - Optional String<br>Store Provider. Name of the Secret Management Access object that contains information about the store to get encrypted bytes This field needs to be provided only if the URL scheme is not string:///
|
|
294
|
+
<a id="deep-116682"></a>Deeply nested **Info** block collapsed for readability.
|
|
469
295
|
|
|
470
296
|
#### Dynamic Proxy HTTPS Proxy More Option Request Cookies To Add Secret Value Clear Secret Info
|
|
471
297
|
|
|
472
|
-
|
|
473
|
-
|
|
474
|
-
<a id="ref-012399"></a>• [`provider_ref`](#ref-012399) - Optional String<br>Provider. Name of the Secret Management Access object that contains information about the store to get encrypted bytes This field needs to be provided only if the URL scheme is not string:///
|
|
475
|
-
|
|
476
|
-
<a id="url-9b0063"></a>• [`url`](#url-9b0063) - Optional String<br>URL. URL of the secret. Currently supported URL schemes is string:///. For string:/// scheme, Secret needs to be encoded Base64 format. When asked for this secret, caller will get Secret bytes after Base64 decoding
|
|
298
|
+
<a id="deep-080eee"></a>Deeply nested **Info** block collapsed for readability.
|
|
477
299
|
|
|
478
300
|
#### Dynamic Proxy HTTPS Proxy More Option Request Headers To Add
|
|
479
301
|
|
|
480
|
-
|
|
481
|
-
|
|
482
|
-
<a id="append-f1fa51"></a>• [`append`](#append-f1fa51) - Optional Bool Defaults to `do`<br>Append. Should the value be appended? If true, the value is appended to existing values. not append
|
|
483
|
-
|
|
484
|
-
<a id="name-866e07"></a>• [`name`](#name-866e07) - Optional String<br>Name. Name of the HTTP header
|
|
485
|
-
|
|
486
|
-
<a id="value-844a57"></a>• [`secret_value`](#value-844a57) - Optional Block<br>Secret. SecretType is used in an object to indicate a sensitive/confidential field<br>See [Secret Value](#value-844a57) below.
|
|
487
|
-
|
|
488
|
-
<a id="value-28cfab"></a>• [`value`](#value-28cfab) - Optional String<br>Value. Value of the HTTP header
|
|
302
|
+
<a id="deep-5c737b"></a>Deeply nested **Add** block collapsed for readability.
|
|
489
303
|
|
|
490
304
|
#### Dynamic Proxy HTTPS Proxy More Option Request Headers To Add Secret Value
|
|
491
305
|
|
|
492
|
-
|
|
493
|
-
|
|
494
|
-
<a id="info-235140"></a>• [`blindfold_secret_info`](#info-235140) - Optional Block<br>Blindfold Secret. BlindfoldSecretInfoType specifies information about the Secret managed by F5XC Secret Management<br>See [Blindfold Secret Info](#info-235140) below.
|
|
495
|
-
|
|
496
|
-
<a id="info-2c92f9"></a>• [`clear_secret_info`](#info-2c92f9) - Optional Block<br>In-Clear Secret. ClearSecretInfoType specifies information about the Secret that is not encrypted<br>See [Clear Secret Info](#info-2c92f9) below.
|
|
306
|
+
<a id="deep-b70ddf"></a>Deeply nested **Value** block collapsed for readability.
|
|
497
307
|
|
|
498
308
|
#### Dynamic Proxy HTTPS Proxy More Option Request Headers To Add Secret Value Blindfold Secret Info
|
|
499
309
|
|
|
500
|
-
|
|
501
|
-
|
|
502
|
-
<a id="provider-9a17a7"></a>• [`decryption_provider`](#provider-9a17a7) - Optional String<br>Decryption Provider. Name of the Secret Management Access object that contains information about the backend Secret Management service
|
|
503
|
-
|
|
504
|
-
<a id="location-ea5ee1"></a>• [`location`](#location-ea5ee1) - Optional String<br>Location. Location is the uri_ref. It could be in URL format for string:/// Or it could be a path if the store provider is an HTTP/HTTPS location
|
|
505
|
-
|
|
506
|
-
<a id="provider-ff3d40"></a>• [`store_provider`](#provider-ff3d40) - Optional String<br>Store Provider. Name of the Secret Management Access object that contains information about the store to get encrypted bytes This field needs to be provided only if the URL scheme is not string:///
|
|
310
|
+
<a id="deep-da9153"></a>Deeply nested **Info** block collapsed for readability.
|
|
507
311
|
|
|
508
312
|
#### Dynamic Proxy HTTPS Proxy More Option Request Headers To Add Secret Value Clear Secret Info
|
|
509
313
|
|
|
510
|
-
|
|
511
|
-
|
|
512
|
-
<a id="ref-88d66f"></a>• [`provider_ref`](#ref-88d66f) - Optional String<br>Provider. Name of the Secret Management Access object that contains information about the store to get encrypted bytes This field needs to be provided only if the URL scheme is not string:///
|
|
513
|
-
|
|
514
|
-
<a id="url-af773d"></a>• [`url`](#url-af773d) - Optional String<br>URL. URL of the secret. Currently supported URL schemes is string:///. For string:/// scheme, Secret needs to be encoded Base64 format. When asked for this secret, caller will get Secret bytes after Base64 decoding
|
|
314
|
+
<a id="deep-a8ba19"></a>Deeply nested **Info** block collapsed for readability.
|
|
515
315
|
|
|
516
316
|
#### Dynamic Proxy HTTPS Proxy More Option Response Cookies To Add
|
|
517
317
|
|
|
518
|
-
|
|
519
|
-
|
|
520
|
-
<a id="domain-bb40b7"></a>• [`add_domain`](#domain-bb40b7) - Optional String<br>Add Domain. Add domain attribute
|
|
521
|
-
|
|
522
|
-
<a id="expiry-3ac22c"></a>• [`add_expiry`](#expiry-3ac22c) - Optional String<br>Add expiry. Add expiry attribute
|
|
523
|
-
|
|
524
|
-
<a id="httponly-365800"></a>• [`add_httponly`](#httponly-365800) - Optional Block<br>Enable this option
|
|
525
|
-
|
|
526
|
-
<a id="partitioned-f58591"></a>• [`add_partitioned`](#partitioned-f58591) - Optional Block<br>Enable this option
|
|
527
|
-
|
|
528
|
-
<a id="path-d545b7"></a>• [`add_path`](#path-d545b7) - Optional String<br>Add path. Add path attribute
|
|
529
|
-
|
|
530
|
-
<a id="secure-c374f3"></a>• [`add_secure`](#secure-c374f3) - Optional Block<br>Enable this option
|
|
531
|
-
|
|
532
|
-
<a id="domain-67347f"></a>• [`ignore_domain`](#domain-67347f) - Optional Block<br>Enable this option
|
|
533
|
-
|
|
534
|
-
<a id="expiry-c76728"></a>• [`ignore_expiry`](#expiry-c76728) - Optional Block<br>Enable this option
|
|
535
|
-
|
|
536
|
-
<a id="httponly-32f941"></a>• [`ignore_httponly`](#httponly-32f941) - Optional Block<br>Enable this option
|
|
537
|
-
|
|
538
|
-
<a id="age-cb1a3b"></a>• [`ignore_max_age`](#age-cb1a3b) - Optional Block<br>Enable this option
|
|
539
|
-
|
|
540
|
-
<a id="partitioned-c83fca"></a>• [`ignore_partitioned`](#partitioned-c83fca) - Optional Block<br>Enable this option
|
|
541
|
-
|
|
542
|
-
<a id="path-12aff8"></a>• [`ignore_path`](#path-12aff8) - Optional Block<br>Enable this option
|
|
543
|
-
|
|
544
|
-
<a id="samesite-2e0036"></a>• [`ignore_samesite`](#samesite-2e0036) - Optional Block<br>Enable this option
|
|
545
|
-
|
|
546
|
-
<a id="secure-1c3d65"></a>• [`ignore_secure`](#secure-1c3d65) - Optional Block<br>Enable this option
|
|
547
|
-
|
|
548
|
-
<a id="value-076f8a"></a>• [`ignore_value`](#value-076f8a) - Optional Block<br>Enable this option
|
|
549
|
-
|
|
550
|
-
<a id="value-fb3fd6"></a>• [`max_age_value`](#value-fb3fd6) - Optional Number<br>Add Max Age. Add max age attribute
|
|
551
|
-
|
|
552
|
-
<a id="name-873a5a"></a>• [`name`](#name-873a5a) - Optional String<br>Name. Name of the cookie in Cookie header
|
|
553
|
-
|
|
554
|
-
<a id="overwrite-43e915"></a>• [`overwrite`](#overwrite-43e915) - Optional Bool Defaults to `do`<br>Overwrite. Should the value be overwritten? If true, the value is overwritten to existing values. not overwrite
|
|
555
|
-
|
|
556
|
-
<a id="lax-c6b5ca"></a>• [`samesite_lax`](#lax-c6b5ca) - Optional Block<br>Enable this option
|
|
557
|
-
|
|
558
|
-
<a id="none-b9d918"></a>• [`samesite_none`](#none-b9d918) - Optional Block<br>Enable this option
|
|
559
|
-
|
|
560
|
-
<a id="strict-612562"></a>• [`samesite_strict`](#strict-612562) - Optional Block<br>Enable this option
|
|
561
|
-
|
|
562
|
-
<a id="value-de62ba"></a>• [`secret_value`](#value-de62ba) - Optional Block<br>Secret. SecretType is used in an object to indicate a sensitive/confidential field<br>See [Secret Value](#value-de62ba) below.
|
|
563
|
-
|
|
564
|
-
<a id="value-8dc2bb"></a>• [`value`](#value-8dc2bb) - Optional String<br>Value. Value of the Cookie header
|
|
318
|
+
<a id="deep-dfa548"></a>Deeply nested **Add** block collapsed for readability.
|
|
565
319
|
|
|
566
320
|
#### Dynamic Proxy HTTPS Proxy More Option Response Cookies To Add Secret Value
|
|
567
321
|
|
|
568
|
-
|
|
569
|
-
|
|
570
|
-
<a id="info-514c21"></a>• [`blindfold_secret_info`](#info-514c21) - Optional Block<br>Blindfold Secret. BlindfoldSecretInfoType specifies information about the Secret managed by F5XC Secret Management<br>See [Blindfold Secret Info](#info-514c21) below.
|
|
571
|
-
|
|
572
|
-
<a id="info-7a2c83"></a>• [`clear_secret_info`](#info-7a2c83) - Optional Block<br>In-Clear Secret. ClearSecretInfoType specifies information about the Secret that is not encrypted<br>See [Clear Secret Info](#info-7a2c83) below.
|
|
322
|
+
<a id="deep-d3f531"></a>Deeply nested **Value** block collapsed for readability.
|
|
573
323
|
|
|
574
324
|
#### Dynamic Proxy HTTPS Proxy More Option Response Cookies To Add Secret Value Blindfold Secret Info
|
|
575
325
|
|
|
576
|
-
|
|
577
|
-
|
|
578
|
-
<a id="provider-db3cc8"></a>• [`decryption_provider`](#provider-db3cc8) - Optional String<br>Decryption Provider. Name of the Secret Management Access object that contains information about the backend Secret Management service
|
|
579
|
-
|
|
580
|
-
<a id="location-14eece"></a>• [`location`](#location-14eece) - Optional String<br>Location. Location is the uri_ref. It could be in URL format for string:/// Or it could be a path if the store provider is an HTTP/HTTPS location
|
|
581
|
-
|
|
582
|
-
<a id="provider-f0aa83"></a>• [`store_provider`](#provider-f0aa83) - Optional String<br>Store Provider. Name of the Secret Management Access object that contains information about the store to get encrypted bytes This field needs to be provided only if the URL scheme is not string:///
|
|
326
|
+
<a id="deep-b63067"></a>Deeply nested **Info** block collapsed for readability.
|
|
583
327
|
|
|
584
328
|
#### Dynamic Proxy HTTPS Proxy More Option Response Cookies To Add Secret Value Clear Secret Info
|
|
585
329
|
|
|
586
|
-
|
|
587
|
-
|
|
588
|
-
<a id="ref-db5db4"></a>• [`provider_ref`](#ref-db5db4) - Optional String<br>Provider. Name of the Secret Management Access object that contains information about the store to get encrypted bytes This field needs to be provided only if the URL scheme is not string:///
|
|
589
|
-
|
|
590
|
-
<a id="url-641eba"></a>• [`url`](#url-641eba) - Optional String<br>URL. URL of the secret. Currently supported URL schemes is string:///. For string:/// scheme, Secret needs to be encoded Base64 format. When asked for this secret, caller will get Secret bytes after Base64 decoding
|
|
330
|
+
<a id="deep-a7050a"></a>Deeply nested **Info** block collapsed for readability.
|
|
591
331
|
|
|
592
332
|
#### Dynamic Proxy HTTPS Proxy More Option Response Headers To Add
|
|
593
333
|
|
|
594
|
-
|
|
595
|
-
|
|
596
|
-
<a id="append-4a420f"></a>• [`append`](#append-4a420f) - Optional Bool Defaults to `do`<br>Append. Should the value be appended? If true, the value is appended to existing values. not append
|
|
597
|
-
|
|
598
|
-
<a id="name-8840ac"></a>• [`name`](#name-8840ac) - Optional String<br>Name. Name of the HTTP header
|
|
599
|
-
|
|
600
|
-
<a id="value-e3f492"></a>• [`secret_value`](#value-e3f492) - Optional Block<br>Secret. SecretType is used in an object to indicate a sensitive/confidential field<br>See [Secret Value](#value-e3f492) below.
|
|
601
|
-
|
|
602
|
-
<a id="value-012158"></a>• [`value`](#value-012158) - Optional String<br>Value. Value of the HTTP header
|
|
334
|
+
<a id="deep-1a85b4"></a>Deeply nested **Add** block collapsed for readability.
|
|
603
335
|
|
|
604
336
|
#### Dynamic Proxy HTTPS Proxy More Option Response Headers To Add Secret Value
|
|
605
337
|
|
|
606
|
-
|
|
607
|
-
|
|
608
|
-
<a id="info-e47c89"></a>• [`blindfold_secret_info`](#info-e47c89) - Optional Block<br>Blindfold Secret. BlindfoldSecretInfoType specifies information about the Secret managed by F5XC Secret Management<br>See [Blindfold Secret Info](#info-e47c89) below.
|
|
609
|
-
|
|
610
|
-
<a id="info-05b2fe"></a>• [`clear_secret_info`](#info-05b2fe) - Optional Block<br>In-Clear Secret. ClearSecretInfoType specifies information about the Secret that is not encrypted<br>See [Clear Secret Info](#info-05b2fe) below.
|
|
338
|
+
<a id="deep-8bea5d"></a>Deeply nested **Value** block collapsed for readability.
|
|
611
339
|
|
|
612
340
|
#### Dynamic Proxy HTTPS Proxy More Option Response Headers To Add Secret Value Blindfold Secret Info
|
|
613
341
|
|
|
614
|
-
|
|
615
|
-
|
|
616
|
-
<a id="provider-dc8eff"></a>• [`decryption_provider`](#provider-dc8eff) - Optional String<br>Decryption Provider. Name of the Secret Management Access object that contains information about the backend Secret Management service
|
|
617
|
-
|
|
618
|
-
<a id="location-b8c733"></a>• [`location`](#location-b8c733) - Optional String<br>Location. Location is the uri_ref. It could be in URL format for string:/// Or it could be a path if the store provider is an HTTP/HTTPS location
|
|
619
|
-
|
|
620
|
-
<a id="provider-8cc7c8"></a>• [`store_provider`](#provider-8cc7c8) - Optional String<br>Store Provider. Name of the Secret Management Access object that contains information about the store to get encrypted bytes This field needs to be provided only if the URL scheme is not string:///
|
|
342
|
+
<a id="deep-483163"></a>Deeply nested **Info** block collapsed for readability.
|
|
621
343
|
|
|
622
344
|
#### Dynamic Proxy HTTPS Proxy More Option Response Headers To Add Secret Value Clear Secret Info
|
|
623
345
|
|
|
624
|
-
|
|
625
|
-
|
|
626
|
-
<a id="ref-e9c302"></a>• [`provider_ref`](#ref-e9c302) - Optional String<br>Provider. Name of the Secret Management Access object that contains information about the store to get encrypted bytes This field needs to be provided only if the URL scheme is not string:///
|
|
627
|
-
|
|
628
|
-
<a id="url-f0ff56"></a>• [`url`](#url-f0ff56) - Optional String<br>URL. URL of the secret. Currently supported URL schemes is string:///. For string:/// scheme, Secret needs to be encoded Base64 format. When asked for this secret, caller will get Secret bytes after Base64 decoding
|
|
346
|
+
<a id="deep-b7350c"></a>Deeply nested **Info** block collapsed for readability.
|
|
629
347
|
|
|
630
348
|
#### Dynamic Proxy HTTPS Proxy TLS Params
|
|
631
349
|
|
|
@@ -641,117 +359,47 @@ A [`tls_params`](#dynamic-proxy-https-proxy-tls-params) block (within [`dynamic_
|
|
|
641
359
|
|
|
642
360
|
#### Dynamic Proxy HTTPS Proxy TLS Params TLS Certificates
|
|
643
361
|
|
|
644
|
-
|
|
645
|
-
|
|
646
|
-
<a id="url-6959f0"></a>• [`certificate_url`](#url-6959f0) - Optional String<br>Certificate. TLS certificate. Certificate or certificate chain in PEM format including the PEM headers
|
|
647
|
-
|
|
648
|
-
<a id="algorithms-66d0af"></a>• [`custom_hash_algorithms`](#algorithms-66d0af) - Optional Block<br>Hash Algorithms. Specifies the hash algorithms to be used<br>See [Custom Hash Algorithms](#algorithms-66d0af) below.
|
|
649
|
-
|
|
650
|
-
<a id="spec-2152cf"></a>• [`description_spec`](#spec-2152cf) - Optional String<br>Description. Description for the certificate
|
|
651
|
-
|
|
652
|
-
<a id="stapling-c1ba62"></a>• [`disable_ocsp_stapling`](#stapling-c1ba62) - Optional Block<br>Enable this option
|
|
653
|
-
|
|
654
|
-
<a id="key-f28f27"></a>• [`private_key`](#key-f28f27) - Optional Block<br>Secret. SecretType is used in an object to indicate a sensitive/confidential field<br>See [Private Key](#key-f28f27) below.
|
|
655
|
-
|
|
656
|
-
<a id="defaults-66958d"></a>• [`use_system_defaults`](#defaults-66958d) - Optional Block<br>Enable this option
|
|
362
|
+
<a id="deep-191b91"></a>Deeply nested **Certificates** block collapsed for readability.
|
|
657
363
|
|
|
658
364
|
#### Dynamic Proxy HTTPS Proxy TLS Params TLS Certificates Custom Hash Algorithms
|
|
659
365
|
|
|
660
|
-
|
|
661
|
-
|
|
662
|
-
<a id="algorithms-0c215f"></a>• [`hash_algorithms`](#algorithms-0c215f) - Optional List Defaults to `INVALID_HASH_ALGORITHM`<br>Possible values are `INVALID_HASH_ALGORITHM`, `SHA256`, `SHA1`<br>[Enum: INVALID_HASH_ALGORITHM|SHA256|SHA1] Hash Algorithms. Ordered list of hash algorithms to be used
|
|
366
|
+
<a id="deep-5b3bf1"></a>Deeply nested **Algorithms** block collapsed for readability.
|
|
663
367
|
|
|
664
368
|
#### Dynamic Proxy HTTPS Proxy TLS Params TLS Certificates Private Key
|
|
665
369
|
|
|
666
|
-
|
|
667
|
-
|
|
668
|
-
<a id="info-266b8f"></a>• [`blindfold_secret_info`](#info-266b8f) - Optional Block<br>Blindfold Secret. BlindfoldSecretInfoType specifies information about the Secret managed by F5XC Secret Management<br>See [Blindfold Secret Info](#info-266b8f) below.
|
|
669
|
-
|
|
670
|
-
<a id="info-802bf6"></a>• [`clear_secret_info`](#info-802bf6) - Optional Block<br>In-Clear Secret. ClearSecretInfoType specifies information about the Secret that is not encrypted<br>See [Clear Secret Info](#info-802bf6) below.
|
|
370
|
+
<a id="deep-f10431"></a>Deeply nested **Key** block collapsed for readability.
|
|
671
371
|
|
|
672
372
|
#### Dynamic Proxy HTTPS Proxy TLS Params TLS Certificates Private Key Blindfold Secret Info
|
|
673
373
|
|
|
674
|
-
|
|
675
|
-
|
|
676
|
-
<a id="provider-ce3adf"></a>• [`decryption_provider`](#provider-ce3adf) - Optional String<br>Decryption Provider. Name of the Secret Management Access object that contains information about the backend Secret Management service
|
|
677
|
-
|
|
678
|
-
<a id="location-8698a7"></a>• [`location`](#location-8698a7) - Optional String<br>Location. Location is the uri_ref. It could be in URL format for string:/// Or it could be a path if the store provider is an HTTP/HTTPS location
|
|
679
|
-
|
|
680
|
-
<a id="provider-0fdffe"></a>• [`store_provider`](#provider-0fdffe) - Optional String<br>Store Provider. Name of the Secret Management Access object that contains information about the store to get encrypted bytes This field needs to be provided only if the URL scheme is not string:///
|
|
374
|
+
<a id="deep-1db132"></a>Deeply nested **Info** block collapsed for readability.
|
|
681
375
|
|
|
682
376
|
#### Dynamic Proxy HTTPS Proxy TLS Params TLS Certificates Private Key Clear Secret Info
|
|
683
377
|
|
|
684
|
-
|
|
685
|
-
|
|
686
|
-
<a id="ref-68694d"></a>• [`provider_ref`](#ref-68694d) - Optional String<br>Provider. Name of the Secret Management Access object that contains information about the store to get encrypted bytes This field needs to be provided only if the URL scheme is not string:///
|
|
687
|
-
|
|
688
|
-
<a id="url-c20ef6"></a>• [`url`](#url-c20ef6) - Optional String<br>URL. URL of the secret. Currently supported URL schemes is string:///. For string:/// scheme, Secret needs to be encoded Base64 format. When asked for this secret, caller will get Secret bytes after Base64 decoding
|
|
378
|
+
<a id="deep-2b70cd"></a>Deeply nested **Info** block collapsed for readability.
|
|
689
379
|
|
|
690
380
|
#### Dynamic Proxy HTTPS Proxy TLS Params TLS Config
|
|
691
381
|
|
|
692
|
-
|
|
693
|
-
|
|
694
|
-
<a id="security-335dc3"></a>• [`custom_security`](#security-335dc3) - Optional Block<br>Custom Ciphers. This defines TLS protocol config including min/max versions and allowed ciphers<br>See [Custom Security](#security-335dc3) below.
|
|
695
|
-
|
|
696
|
-
<a id="security-248310"></a>• [`default_security`](#security-248310) - Optional Block<br>Enable this option
|
|
697
|
-
|
|
698
|
-
<a id="security-219dfe"></a>• [`low_security`](#security-219dfe) - Optional Block<br>Enable this option
|
|
699
|
-
|
|
700
|
-
<a id="security-b487a1"></a>• [`medium_security`](#security-b487a1) - Optional Block<br>Enable this option
|
|
382
|
+
<a id="deep-68f6bc"></a>Deeply nested **Config** block collapsed for readability.
|
|
701
383
|
|
|
702
384
|
#### Dynamic Proxy HTTPS Proxy TLS Params TLS Config Custom Security
|
|
703
385
|
|
|
704
|
-
|
|
705
|
-
|
|
706
|
-
<a id="suites-b04d48"></a>• [`cipher_suites`](#suites-b04d48) - Optional List<br>Cipher Suites. The TLS listener will only support the specified cipher list
|
|
707
|
-
|
|
708
|
-
<a id="version-de0254"></a>• [`max_version`](#version-de0254) - Optional String Defaults to `TLS_AUTO`<br>Possible values are `TLS_AUTO`, `TLSv1_0`, `TLSv1_1`, `TLSv1_2`, `TLSv1_3`<br>[Enum: TLS_AUTO|TLSv1_0|TLSv1_1|TLSv1_2|TLSv1_3] TLS Protocol. TlsProtocol is enumeration of supported TLS versions F5 Distributed Cloud will choose the optimal TLS version
|
|
709
|
-
|
|
710
|
-
<a id="version-bdda16"></a>• [`min_version`](#version-bdda16) - Optional String Defaults to `TLS_AUTO`<br>Possible values are `TLS_AUTO`, `TLSv1_0`, `TLSv1_1`, `TLSv1_2`, `TLSv1_3`<br>[Enum: TLS_AUTO|TLSv1_0|TLSv1_1|TLSv1_2|TLSv1_3] TLS Protocol. TlsProtocol is enumeration of supported TLS versions F5 Distributed Cloud will choose the optimal TLS version
|
|
386
|
+
<a id="deep-37426e"></a>Deeply nested **Security** block collapsed for readability.
|
|
711
387
|
|
|
712
388
|
#### Dynamic Proxy HTTPS Proxy TLS Params Use mTLS
|
|
713
389
|
|
|
714
|
-
|
|
715
|
-
|
|
716
|
-
<a id="optional-f7906c"></a>• [`client_certificate_optional`](#optional-f7906c) - Optional Bool<br>Client Certificate Optional. Client certificate is optional. If the client has provided a certificate, the load balancer will verify it. If certification verification fails, the connection will be terminated. If the client does not provide a certificate, the connection will be accepted
|
|
717
|
-
|
|
718
|
-
<a id="crl-ac3c64"></a>• [`crl`](#crl-ac3c64) - Optional Block<br>Object reference. This type establishes a direct reference from one object(the referrer) to another(the referred). Such a reference is in form of tenant/namespace/name<br>See [CRL](#crl-ac3c64) below.
|
|
719
|
-
|
|
720
|
-
<a id="crl-4b3c5f"></a>• [`no_crl`](#crl-4b3c5f) - Optional Block<br>Enable this option
|
|
721
|
-
|
|
722
|
-
<a id="trusted-ca-655e45"></a>• [`trusted_ca`](#trusted-ca-655e45) - Optional Block<br>Object reference. This type establishes a direct reference from one object(the referrer) to another(the referred). Such a reference is in form of tenant/namespace/name<br>See [Trusted CA](#trusted-ca-655e45) below.
|
|
723
|
-
|
|
724
|
-
<a id="url-6c6756"></a>• [`trusted_ca_url`](#url-6c6756) - Optional String<br>Inline Root CA Certificate (legacy). Upload a Root CA Certificate specifically for this Load Balancer
|
|
725
|
-
|
|
726
|
-
<a id="disabled-042596"></a>• [`xfcc_disabled`](#disabled-042596) - Optional Block<br>Enable this option
|
|
727
|
-
|
|
728
|
-
<a id="options-abc253"></a>• [`xfcc_options`](#options-abc253) - Optional Block<br>XFCC Header Elements. X-Forwarded-Client-Cert header elements to be added to requests<br>See [Xfcc Options](#options-abc253) below.
|
|
390
|
+
<a id="deep-cbb142"></a>Deeply nested **mTLS** block collapsed for readability.
|
|
729
391
|
|
|
730
392
|
#### Dynamic Proxy HTTPS Proxy TLS Params Use mTLS CRL
|
|
731
393
|
|
|
732
|
-
|
|
733
|
-
|
|
734
|
-
<a id="name-4e8edf"></a>• [`name`](#name-4e8edf) - Optional String<br>Name. When a configuration object(e.g. virtual_host) refers to another(e.g route) then name will hold the referred object's(e.g. route's) name
|
|
735
|
-
|
|
736
|
-
<a id="namespace-4cfc57"></a>• [`namespace`](#namespace-4cfc57) - Optional String<br>Namespace. When a configuration object(e.g. virtual_host) refers to another(e.g route) then namespace will hold the referred object's(e.g. route's) namespace
|
|
737
|
-
|
|
738
|
-
<a id="tenant-7f22c9"></a>• [`tenant`](#tenant-7f22c9) - Optional String<br>Tenant. When a configuration object(e.g. virtual_host) refers to another(e.g route) then tenant will hold the referred object's(e.g. route's) tenant
|
|
394
|
+
<a id="deep-4e5a20"></a>Deeply nested **CRL** block collapsed for readability.
|
|
739
395
|
|
|
740
396
|
#### Dynamic Proxy HTTPS Proxy TLS Params Use mTLS Trusted CA
|
|
741
397
|
|
|
742
|
-
|
|
743
|
-
|
|
744
|
-
<a id="name-3460e6"></a>• [`name`](#name-3460e6) - Optional String<br>Name. When a configuration object(e.g. virtual_host) refers to another(e.g route) then name will hold the referred object's(e.g. route's) name
|
|
745
|
-
|
|
746
|
-
<a id="namespace-388d7f"></a>• [`namespace`](#namespace-388d7f) - Optional String<br>Namespace. When a configuration object(e.g. virtual_host) refers to another(e.g route) then namespace will hold the referred object's(e.g. route's) namespace
|
|
747
|
-
|
|
748
|
-
<a id="tenant-7b3005"></a>• [`tenant`](#tenant-7b3005) - Optional String<br>Tenant. When a configuration object(e.g. virtual_host) refers to another(e.g route) then tenant will hold the referred object's(e.g. route's) tenant
|
|
398
|
+
<a id="deep-b473b7"></a>Deeply nested **CA** block collapsed for readability.
|
|
749
399
|
|
|
750
400
|
#### Dynamic Proxy HTTPS Proxy TLS Params Use mTLS Xfcc Options
|
|
751
401
|
|
|
752
|
-
|
|
753
|
-
|
|
754
|
-
<a id="elements-5e9ae7"></a>• [`xfcc_header_elements`](#elements-5e9ae7) - Optional List Defaults to `XFCC_NONE`<br>Possible values are `XFCC_NONE`, `XFCC_CERT`, `XFCC_CHAIN`, `XFCC_SUBJECT`, `XFCC_URI`, `XFCC_DNS`<br>[Enum: XFCC_NONE|XFCC_CERT|XFCC_CHAIN|XFCC_SUBJECT|XFCC_URI|XFCC_DNS] XFCC Header Elements. X-Forwarded-Client-Cert header elements to be added to requests
|
|
402
|
+
<a id="deep-23370a"></a>Deeply nested **Options** block collapsed for readability.
|
|
755
403
|
|
|
756
404
|
#### Dynamic Proxy Sni Proxy
|
|
757
405
|
|
|
@@ -825,193 +473,67 @@ A [`compression_params`](#params-c32856) block (within [`http_proxy.more_option`
|
|
|
825
473
|
|
|
826
474
|
#### HTTP Proxy More Option Request Cookies To Add
|
|
827
475
|
|
|
828
|
-
|
|
829
|
-
|
|
830
|
-
<a id="name-1e2d3b"></a>• [`name`](#name-1e2d3b) - Optional String<br>Name. Name of the cookie in Cookie header
|
|
831
|
-
|
|
832
|
-
<a id="overwrite-962b6c"></a>• [`overwrite`](#overwrite-962b6c) - Optional Bool Defaults to `do`<br>Overwrite. Should the value be overwritten? If true, the value is overwritten to existing values. not overwrite
|
|
833
|
-
|
|
834
|
-
<a id="value-a4c9dc"></a>• [`secret_value`](#value-a4c9dc) - Optional Block<br>Secret. SecretType is used in an object to indicate a sensitive/confidential field<br>See [Secret Value](#value-a4c9dc) below.
|
|
835
|
-
|
|
836
|
-
<a id="value-89c552"></a>• [`value`](#value-89c552) - Optional String<br>Value. Value of the Cookie header
|
|
476
|
+
<a id="deep-807053"></a>Deeply nested **Add** block collapsed for readability.
|
|
837
477
|
|
|
838
478
|
#### HTTP Proxy More Option Request Cookies To Add Secret Value
|
|
839
479
|
|
|
840
|
-
|
|
841
|
-
|
|
842
|
-
<a id="info-7deac1"></a>• [`blindfold_secret_info`](#info-7deac1) - Optional Block<br>Blindfold Secret. BlindfoldSecretInfoType specifies information about the Secret managed by F5XC Secret Management<br>See [Blindfold Secret Info](#info-7deac1) below.
|
|
843
|
-
|
|
844
|
-
<a id="info-1a6b08"></a>• [`clear_secret_info`](#info-1a6b08) - Optional Block<br>In-Clear Secret. ClearSecretInfoType specifies information about the Secret that is not encrypted<br>See [Clear Secret Info](#info-1a6b08) below.
|
|
480
|
+
<a id="deep-b501bd"></a>Deeply nested **Value** block collapsed for readability.
|
|
845
481
|
|
|
846
482
|
#### HTTP Proxy More Option Request Cookies To Add Secret Value Blindfold Secret Info
|
|
847
483
|
|
|
848
|
-
|
|
849
|
-
|
|
850
|
-
<a id="provider-ea830a"></a>• [`decryption_provider`](#provider-ea830a) - Optional String<br>Decryption Provider. Name of the Secret Management Access object that contains information about the backend Secret Management service
|
|
851
|
-
|
|
852
|
-
<a id="location-f9a713"></a>• [`location`](#location-f9a713) - Optional String<br>Location. Location is the uri_ref. It could be in URL format for string:/// Or it could be a path if the store provider is an HTTP/HTTPS location
|
|
853
|
-
|
|
854
|
-
<a id="provider-9de5e7"></a>• [`store_provider`](#provider-9de5e7) - Optional String<br>Store Provider. Name of the Secret Management Access object that contains information about the store to get encrypted bytes This field needs to be provided only if the URL scheme is not string:///
|
|
484
|
+
<a id="deep-4d9c42"></a>Deeply nested **Info** block collapsed for readability.
|
|
855
485
|
|
|
856
486
|
#### HTTP Proxy More Option Request Cookies To Add Secret Value Clear Secret Info
|
|
857
487
|
|
|
858
|
-
|
|
859
|
-
|
|
860
|
-
<a id="ref-fdc0c3"></a>• [`provider_ref`](#ref-fdc0c3) - Optional String<br>Provider. Name of the Secret Management Access object that contains information about the store to get encrypted bytes This field needs to be provided only if the URL scheme is not string:///
|
|
861
|
-
|
|
862
|
-
<a id="url-e1a1a1"></a>• [`url`](#url-e1a1a1) - Optional String<br>URL. URL of the secret. Currently supported URL schemes is string:///. For string:/// scheme, Secret needs to be encoded Base64 format. When asked for this secret, caller will get Secret bytes after Base64 decoding
|
|
488
|
+
<a id="deep-9d45bb"></a>Deeply nested **Info** block collapsed for readability.
|
|
863
489
|
|
|
864
490
|
#### HTTP Proxy More Option Request Headers To Add
|
|
865
491
|
|
|
866
|
-
|
|
867
|
-
|
|
868
|
-
<a id="append-f431a4"></a>• [`append`](#append-f431a4) - Optional Bool Defaults to `do`<br>Append. Should the value be appended? If true, the value is appended to existing values. not append
|
|
869
|
-
|
|
870
|
-
<a id="name-015632"></a>• [`name`](#name-015632) - Optional String<br>Name. Name of the HTTP header
|
|
871
|
-
|
|
872
|
-
<a id="value-9a1eaa"></a>• [`secret_value`](#value-9a1eaa) - Optional Block<br>Secret. SecretType is used in an object to indicate a sensitive/confidential field<br>See [Secret Value](#value-9a1eaa) below.
|
|
873
|
-
|
|
874
|
-
<a id="value-5c9796"></a>• [`value`](#value-5c9796) - Optional String<br>Value. Value of the HTTP header
|
|
492
|
+
<a id="deep-3c896c"></a>Deeply nested **Add** block collapsed for readability.
|
|
875
493
|
|
|
876
494
|
#### HTTP Proxy More Option Request Headers To Add Secret Value
|
|
877
495
|
|
|
878
|
-
|
|
879
|
-
|
|
880
|
-
<a id="info-7ea53d"></a>• [`blindfold_secret_info`](#info-7ea53d) - Optional Block<br>Blindfold Secret. BlindfoldSecretInfoType specifies information about the Secret managed by F5XC Secret Management<br>See [Blindfold Secret Info](#info-7ea53d) below.
|
|
881
|
-
|
|
882
|
-
<a id="info-c88c74"></a>• [`clear_secret_info`](#info-c88c74) - Optional Block<br>In-Clear Secret. ClearSecretInfoType specifies information about the Secret that is not encrypted<br>See [Clear Secret Info](#info-c88c74) below.
|
|
496
|
+
<a id="deep-19fb1a"></a>Deeply nested **Value** block collapsed for readability.
|
|
883
497
|
|
|
884
498
|
#### HTTP Proxy More Option Request Headers To Add Secret Value Blindfold Secret Info
|
|
885
499
|
|
|
886
|
-
|
|
887
|
-
|
|
888
|
-
<a id="provider-fad46f"></a>• [`decryption_provider`](#provider-fad46f) - Optional String<br>Decryption Provider. Name of the Secret Management Access object that contains information about the backend Secret Management service
|
|
889
|
-
|
|
890
|
-
<a id="location-7c8a75"></a>• [`location`](#location-7c8a75) - Optional String<br>Location. Location is the uri_ref. It could be in URL format for string:/// Or it could be a path if the store provider is an HTTP/HTTPS location
|
|
891
|
-
|
|
892
|
-
<a id="provider-a6071e"></a>• [`store_provider`](#provider-a6071e) - Optional String<br>Store Provider. Name of the Secret Management Access object that contains information about the store to get encrypted bytes This field needs to be provided only if the URL scheme is not string:///
|
|
500
|
+
<a id="deep-f433c8"></a>Deeply nested **Info** block collapsed for readability.
|
|
893
501
|
|
|
894
502
|
#### HTTP Proxy More Option Request Headers To Add Secret Value Clear Secret Info
|
|
895
503
|
|
|
896
|
-
|
|
897
|
-
|
|
898
|
-
<a id="ref-d915f3"></a>• [`provider_ref`](#ref-d915f3) - Optional String<br>Provider. Name of the Secret Management Access object that contains information about the store to get encrypted bytes This field needs to be provided only if the URL scheme is not string:///
|
|
899
|
-
|
|
900
|
-
<a id="url-a57542"></a>• [`url`](#url-a57542) - Optional String<br>URL. URL of the secret. Currently supported URL schemes is string:///. For string:/// scheme, Secret needs to be encoded Base64 format. When asked for this secret, caller will get Secret bytes after Base64 decoding
|
|
504
|
+
<a id="deep-f2497c"></a>Deeply nested **Info** block collapsed for readability.
|
|
901
505
|
|
|
902
506
|
#### HTTP Proxy More Option Response Cookies To Add
|
|
903
507
|
|
|
904
|
-
|
|
905
|
-
|
|
906
|
-
<a id="domain-4afb2c"></a>• [`add_domain`](#domain-4afb2c) - Optional String<br>Add Domain. Add domain attribute
|
|
907
|
-
|
|
908
|
-
<a id="expiry-a39393"></a>• [`add_expiry`](#expiry-a39393) - Optional String<br>Add expiry. Add expiry attribute
|
|
909
|
-
|
|
910
|
-
<a id="httponly-49f4f1"></a>• [`add_httponly`](#httponly-49f4f1) - Optional Block<br>Enable this option
|
|
911
|
-
|
|
912
|
-
<a id="partitioned-227c4d"></a>• [`add_partitioned`](#partitioned-227c4d) - Optional Block<br>Enable this option
|
|
913
|
-
|
|
914
|
-
<a id="path-e663f0"></a>• [`add_path`](#path-e663f0) - Optional String<br>Add path. Add path attribute
|
|
915
|
-
|
|
916
|
-
<a id="secure-f1da73"></a>• [`add_secure`](#secure-f1da73) - Optional Block<br>Enable this option
|
|
917
|
-
|
|
918
|
-
<a id="domain-ae69ee"></a>• [`ignore_domain`](#domain-ae69ee) - Optional Block<br>Enable this option
|
|
919
|
-
|
|
920
|
-
<a id="expiry-173d3a"></a>• [`ignore_expiry`](#expiry-173d3a) - Optional Block<br>Enable this option
|
|
921
|
-
|
|
922
|
-
<a id="httponly-246148"></a>• [`ignore_httponly`](#httponly-246148) - Optional Block<br>Enable this option
|
|
923
|
-
|
|
924
|
-
<a id="age-7f22f4"></a>• [`ignore_max_age`](#age-7f22f4) - Optional Block<br>Enable this option
|
|
925
|
-
|
|
926
|
-
<a id="partitioned-c9151d"></a>• [`ignore_partitioned`](#partitioned-c9151d) - Optional Block<br>Enable this option
|
|
927
|
-
|
|
928
|
-
<a id="path-eafca4"></a>• [`ignore_path`](#path-eafca4) - Optional Block<br>Enable this option
|
|
929
|
-
|
|
930
|
-
<a id="samesite-648cd1"></a>• [`ignore_samesite`](#samesite-648cd1) - Optional Block<br>Enable this option
|
|
931
|
-
|
|
932
|
-
<a id="secure-4a37ad"></a>• [`ignore_secure`](#secure-4a37ad) - Optional Block<br>Enable this option
|
|
933
|
-
|
|
934
|
-
<a id="value-0c9d49"></a>• [`ignore_value`](#value-0c9d49) - Optional Block<br>Enable this option
|
|
935
|
-
|
|
936
|
-
<a id="value-a7c923"></a>• [`max_age_value`](#value-a7c923) - Optional Number<br>Add Max Age. Add max age attribute
|
|
937
|
-
|
|
938
|
-
<a id="name-6a8889"></a>• [`name`](#name-6a8889) - Optional String<br>Name. Name of the cookie in Cookie header
|
|
939
|
-
|
|
940
|
-
<a id="overwrite-b71a9b"></a>• [`overwrite`](#overwrite-b71a9b) - Optional Bool Defaults to `do`<br>Overwrite. Should the value be overwritten? If true, the value is overwritten to existing values. not overwrite
|
|
941
|
-
|
|
942
|
-
<a id="lax-a82ffa"></a>• [`samesite_lax`](#lax-a82ffa) - Optional Block<br>Enable this option
|
|
943
|
-
|
|
944
|
-
<a id="none-b1c4de"></a>• [`samesite_none`](#none-b1c4de) - Optional Block<br>Enable this option
|
|
945
|
-
|
|
946
|
-
<a id="strict-af8892"></a>• [`samesite_strict`](#strict-af8892) - Optional Block<br>Enable this option
|
|
947
|
-
|
|
948
|
-
<a id="value-4c5b93"></a>• [`secret_value`](#value-4c5b93) - Optional Block<br>Secret. SecretType is used in an object to indicate a sensitive/confidential field<br>See [Secret Value](#value-4c5b93) below.
|
|
949
|
-
|
|
950
|
-
<a id="value-e5d31b"></a>• [`value`](#value-e5d31b) - Optional String<br>Value. Value of the Cookie header
|
|
508
|
+
<a id="deep-ecab43"></a>Deeply nested **Add** block collapsed for readability.
|
|
951
509
|
|
|
952
510
|
#### HTTP Proxy More Option Response Cookies To Add Secret Value
|
|
953
511
|
|
|
954
|
-
|
|
955
|
-
|
|
956
|
-
<a id="info-88f657"></a>• [`blindfold_secret_info`](#info-88f657) - Optional Block<br>Blindfold Secret. BlindfoldSecretInfoType specifies information about the Secret managed by F5XC Secret Management<br>See [Blindfold Secret Info](#info-88f657) below.
|
|
957
|
-
|
|
958
|
-
<a id="info-866bf6"></a>• [`clear_secret_info`](#info-866bf6) - Optional Block<br>In-Clear Secret. ClearSecretInfoType specifies information about the Secret that is not encrypted<br>See [Clear Secret Info](#info-866bf6) below.
|
|
512
|
+
<a id="deep-362886"></a>Deeply nested **Value** block collapsed for readability.
|
|
959
513
|
|
|
960
514
|
#### HTTP Proxy More Option Response Cookies To Add Secret Value Blindfold Secret Info
|
|
961
515
|
|
|
962
|
-
|
|
963
|
-
|
|
964
|
-
<a id="provider-3e6f08"></a>• [`decryption_provider`](#provider-3e6f08) - Optional String<br>Decryption Provider. Name of the Secret Management Access object that contains information about the backend Secret Management service
|
|
965
|
-
|
|
966
|
-
<a id="location-b0b077"></a>• [`location`](#location-b0b077) - Optional String<br>Location. Location is the uri_ref. It could be in URL format for string:/// Or it could be a path if the store provider is an HTTP/HTTPS location
|
|
967
|
-
|
|
968
|
-
<a id="provider-448df7"></a>• [`store_provider`](#provider-448df7) - Optional String<br>Store Provider. Name of the Secret Management Access object that contains information about the store to get encrypted bytes This field needs to be provided only if the URL scheme is not string:///
|
|
516
|
+
<a id="deep-46fca8"></a>Deeply nested **Info** block collapsed for readability.
|
|
969
517
|
|
|
970
518
|
#### HTTP Proxy More Option Response Cookies To Add Secret Value Clear Secret Info
|
|
971
519
|
|
|
972
|
-
|
|
973
|
-
|
|
974
|
-
<a id="ref-d2be56"></a>• [`provider_ref`](#ref-d2be56) - Optional String<br>Provider. Name of the Secret Management Access object that contains information about the store to get encrypted bytes This field needs to be provided only if the URL scheme is not string:///
|
|
975
|
-
|
|
976
|
-
<a id="url-38d095"></a>• [`url`](#url-38d095) - Optional String<br>URL. URL of the secret. Currently supported URL schemes is string:///. For string:/// scheme, Secret needs to be encoded Base64 format. When asked for this secret, caller will get Secret bytes after Base64 decoding
|
|
520
|
+
<a id="deep-5bbf2a"></a>Deeply nested **Info** block collapsed for readability.
|
|
977
521
|
|
|
978
522
|
#### HTTP Proxy More Option Response Headers To Add
|
|
979
523
|
|
|
980
|
-
|
|
981
|
-
|
|
982
|
-
<a id="append-50d79c"></a>• [`append`](#append-50d79c) - Optional Bool Defaults to `do`<br>Append. Should the value be appended? If true, the value is appended to existing values. not append
|
|
983
|
-
|
|
984
|
-
<a id="name-ffa93f"></a>• [`name`](#name-ffa93f) - Optional String<br>Name. Name of the HTTP header
|
|
985
|
-
|
|
986
|
-
<a id="value-097035"></a>• [`secret_value`](#value-097035) - Optional Block<br>Secret. SecretType is used in an object to indicate a sensitive/confidential field<br>See [Secret Value](#value-097035) below.
|
|
987
|
-
|
|
988
|
-
<a id="value-a694e5"></a>• [`value`](#value-a694e5) - Optional String<br>Value. Value of the HTTP header
|
|
524
|
+
<a id="deep-265006"></a>Deeply nested **Add** block collapsed for readability.
|
|
989
525
|
|
|
990
526
|
#### HTTP Proxy More Option Response Headers To Add Secret Value
|
|
991
527
|
|
|
992
|
-
|
|
993
|
-
|
|
994
|
-
<a id="info-9529ae"></a>• [`blindfold_secret_info`](#info-9529ae) - Optional Block<br>Blindfold Secret. BlindfoldSecretInfoType specifies information about the Secret managed by F5XC Secret Management<br>See [Blindfold Secret Info](#info-9529ae) below.
|
|
995
|
-
|
|
996
|
-
<a id="info-4480b0"></a>• [`clear_secret_info`](#info-4480b0) - Optional Block<br>In-Clear Secret. ClearSecretInfoType specifies information about the Secret that is not encrypted<br>See [Clear Secret Info](#info-4480b0) below.
|
|
528
|
+
<a id="deep-576775"></a>Deeply nested **Value** block collapsed for readability.
|
|
997
529
|
|
|
998
530
|
#### HTTP Proxy More Option Response Headers To Add Secret Value Blindfold Secret Info
|
|
999
531
|
|
|
1000
|
-
|
|
1001
|
-
|
|
1002
|
-
<a id="provider-029b0e"></a>• [`decryption_provider`](#provider-029b0e) - Optional String<br>Decryption Provider. Name of the Secret Management Access object that contains information about the backend Secret Management service
|
|
1003
|
-
|
|
1004
|
-
<a id="location-dde4ed"></a>• [`location`](#location-dde4ed) - Optional String<br>Location. Location is the uri_ref. It could be in URL format for string:/// Or it could be a path if the store provider is an HTTP/HTTPS location
|
|
1005
|
-
|
|
1006
|
-
<a id="provider-53041d"></a>• [`store_provider`](#provider-53041d) - Optional String<br>Store Provider. Name of the Secret Management Access object that contains information about the store to get encrypted bytes This field needs to be provided only if the URL scheme is not string:///
|
|
532
|
+
<a id="deep-3ab8e3"></a>Deeply nested **Info** block collapsed for readability.
|
|
1007
533
|
|
|
1008
534
|
#### HTTP Proxy More Option Response Headers To Add Secret Value Clear Secret Info
|
|
1009
535
|
|
|
1010
|
-
|
|
1011
|
-
|
|
1012
|
-
<a id="ref-755a3e"></a>• [`provider_ref`](#ref-755a3e) - Optional String<br>Provider. Name of the Secret Management Access object that contains information about the store to get encrypted bytes This field needs to be provided only if the URL scheme is not string:///
|
|
1013
|
-
|
|
1014
|
-
<a id="url-5a6d87"></a>• [`url`](#url-5a6d87) - Optional String<br>URL. URL of the secret. Currently supported URL schemes is string:///. For string:/// scheme, Secret needs to be encoded Base64 format. When asked for this secret, caller will get Secret bytes after Base64 decoding
|
|
536
|
+
<a id="deep-5256f6"></a>Deeply nested **Info** block collapsed for readability.
|
|
1015
537
|
|
|
1016
538
|
#### Site Virtual Sites
|
|
1017
539
|
|
|
@@ -1043,13 +565,7 @@ A [`site`](#site-virtual-sites-advertise-where-site) block (within [`site_virtua
|
|
|
1043
565
|
|
|
1044
566
|
#### Site Virtual Sites Advertise Where Site Site
|
|
1045
567
|
|
|
1046
|
-
|
|
1047
|
-
|
|
1048
|
-
<a id="name-e8af64"></a>• [`name`](#name-e8af64) - Optional String<br>Name. When a configuration object(e.g. virtual_host) refers to another(e.g route) then name will hold the referred object's(e.g. route's) name
|
|
1049
|
-
|
|
1050
|
-
<a id="namespace-81a6ad"></a>• [`namespace`](#namespace-81a6ad) - Optional String<br>Namespace. When a configuration object(e.g. virtual_host) refers to another(e.g route) then namespace will hold the referred object's(e.g. route's) namespace
|
|
1051
|
-
|
|
1052
|
-
<a id="tenant-d56172"></a>• [`tenant`](#tenant-d56172) - Optional String<br>Tenant. When a configuration object(e.g. virtual_host) refers to another(e.g route) then tenant will hold the referred object's(e.g. route's) tenant
|
|
568
|
+
<a id="objref-91e167"></a>Uses standard [Object Reference](#common-object-reference) fields (name, namespace, tenant).
|
|
1053
569
|
|
|
1054
570
|
#### Site Virtual Sites Advertise Where Virtual Site
|
|
1055
571
|
|
|
@@ -1061,13 +577,7 @@ A [`virtual_site`](#site-7107b1) block (within [`site_virtual_sites.advertise_wh
|
|
|
1061
577
|
|
|
1062
578
|
#### Site Virtual Sites Advertise Where Virtual Site Virtual Site
|
|
1063
579
|
|
|
1064
|
-
|
|
1065
|
-
|
|
1066
|
-
<a id="name-5ca0eb"></a>• [`name`](#name-5ca0eb) - Optional String<br>Name. When a configuration object(e.g. virtual_host) refers to another(e.g route) then name will hold the referred object's(e.g. route's) name
|
|
1067
|
-
|
|
1068
|
-
<a id="namespace-b5e1da"></a>• [`namespace`](#namespace-b5e1da) - Optional String<br>Namespace. When a configuration object(e.g. virtual_host) refers to another(e.g route) then namespace will hold the referred object's(e.g. route's) namespace
|
|
1069
|
-
|
|
1070
|
-
<a id="tenant-0a6cf8"></a>• [`tenant`](#tenant-0a6cf8) - Optional String<br>Tenant. When a configuration object(e.g. virtual_host) refers to another(e.g route) then tenant will hold the referred object's(e.g. route's) tenant
|
|
580
|
+
<a id="deep-2b5ce3"></a>Deeply nested **Site** block collapsed for readability.
|
|
1071
581
|
|
|
1072
582
|
#### Timeouts
|
|
1073
583
|
|
|
@@ -1129,21 +639,11 @@ A [`private_key`](#key-64ce0d) block (within [`tls_intercept.custom_certificate`
|
|
|
1129
639
|
|
|
1130
640
|
#### TLS Intercept Custom Certificate Private Key Blindfold Secret Info
|
|
1131
641
|
|
|
1132
|
-
|
|
1133
|
-
|
|
1134
|
-
<a id="provider-e5c325"></a>• [`decryption_provider`](#provider-e5c325) - Optional String<br>Decryption Provider. Name of the Secret Management Access object that contains information about the backend Secret Management service
|
|
1135
|
-
|
|
1136
|
-
<a id="location-1fa93a"></a>• [`location`](#location-1fa93a) - Optional String<br>Location. Location is the uri_ref. It could be in URL format for string:/// Or it could be a path if the store provider is an HTTP/HTTPS location
|
|
1137
|
-
|
|
1138
|
-
<a id="provider-205f6b"></a>• [`store_provider`](#provider-205f6b) - Optional String<br>Store Provider. Name of the Secret Management Access object that contains information about the store to get encrypted bytes This field needs to be provided only if the URL scheme is not string:///
|
|
642
|
+
<a id="deep-76805f"></a>Deeply nested **Info** block collapsed for readability.
|
|
1139
643
|
|
|
1140
644
|
#### TLS Intercept Custom Certificate Private Key Clear Secret Info
|
|
1141
645
|
|
|
1142
|
-
|
|
1143
|
-
|
|
1144
|
-
<a id="ref-3ab118"></a>• [`provider_ref`](#ref-3ab118) - Optional String<br>Provider. Name of the Secret Management Access object that contains information about the store to get encrypted bytes This field needs to be provided only if the URL scheme is not string:///
|
|
1145
|
-
|
|
1146
|
-
<a id="url-78646a"></a>• [`url`](#url-78646a) - Optional String<br>URL. URL of the secret. Currently supported URL schemes is string:///. For string:/// scheme, Secret needs to be encoded Base64 format. When asked for this secret, caller will get Secret bytes after Base64 decoding
|
|
646
|
+
<a id="deep-e6b706"></a>Deeply nested **Info** block collapsed for readability.
|
|
1147
647
|
|
|
1148
648
|
#### TLS Intercept Policy
|
|
1149
649
|
|
|
@@ -1171,6 +671,89 @@ A [`domain_match`](#match-42a3da) block (within [`tls_intercept.policy.intercept
|
|
|
1171
671
|
|
|
1172
672
|
<a id="value-5d0d1d"></a>• [`suffix_value`](#value-5d0d1d) - Optional String<br>Suffix Value. Suffix of domain name e.g 'xyz.com' will match '*.xyz.com' and 'xyz.com'
|
|
1173
673
|
|
|
674
|
+
---
|
|
675
|
+
|
|
676
|
+
## Common Types
|
|
677
|
+
|
|
678
|
+
The following type definitions are used throughout this resource. See the full definition here rather than repeated inline.
|
|
679
|
+
|
|
680
|
+
### Object Reference {#common-object-reference}
|
|
681
|
+
|
|
682
|
+
Object references establish a direct reference from one configuration object to another in F5 Distributed Cloud. References use the format `tenant/namespace/name`.
|
|
683
|
+
|
|
684
|
+
| Field | Type | Description |
|
|
685
|
+
| ----- | ---- | ----------- |
|
|
686
|
+
| `name` | String | Name of the referenced object |
|
|
687
|
+
| `namespace` | String | Namespace containing the referenced object |
|
|
688
|
+
| `tenant` | String | Tenant of the referenced object (system-managed) |
|
|
689
|
+
|
|
690
|
+
### Transformers {#common-transformers}
|
|
691
|
+
|
|
692
|
+
Transformers apply transformations to input values before matching. Multiple transformers can be applied in order.
|
|
693
|
+
|
|
694
|
+
| Value | Description |
|
|
695
|
+
| ----- | ----------- |
|
|
696
|
+
| `LOWER_CASE` | Convert to lowercase |
|
|
697
|
+
| `UPPER_CASE` | Convert to uppercase |
|
|
698
|
+
| `BASE64_DECODE` | Decode base64 content |
|
|
699
|
+
| `NORMALIZE_PATH` | Normalize URL path |
|
|
700
|
+
| `REMOVE_WHITESPACE` | Remove whitespace characters |
|
|
701
|
+
| `URL_DECODE` | Decode URL-encoded characters |
|
|
702
|
+
| `TRIM_LEFT` | Trim leading whitespace |
|
|
703
|
+
| `TRIM_RIGHT` | Trim trailing whitespace |
|
|
704
|
+
| `TRIM` | Trim both leading and trailing whitespace |
|
|
705
|
+
|
|
706
|
+
### HTTP Methods {#common-http-methods}
|
|
707
|
+
|
|
708
|
+
HTTP methods used for request matching.
|
|
709
|
+
|
|
710
|
+
| Value | Description |
|
|
711
|
+
| ----- | ----------- |
|
|
712
|
+
| `ANY` | Match any HTTP method |
|
|
713
|
+
| `GET` | HTTP GET request |
|
|
714
|
+
| `HEAD` | HTTP HEAD request |
|
|
715
|
+
| `POST` | HTTP POST request |
|
|
716
|
+
| `PUT` | HTTP PUT request |
|
|
717
|
+
| `DELETE` | HTTP DELETE request |
|
|
718
|
+
| `CONNECT` | HTTP CONNECT request |
|
|
719
|
+
| `OPTIONS` | HTTP OPTIONS request |
|
|
720
|
+
| `TRACE` | HTTP TRACE request |
|
|
721
|
+
| `PATCH` | HTTP PATCH request |
|
|
722
|
+
| `COPY` | HTTP COPY request (WebDAV) |
|
|
723
|
+
|
|
724
|
+
### TLS Fingerprints {#common-tls-fingerprints}
|
|
725
|
+
|
|
726
|
+
TLS fingerprint categories for malicious client detection.
|
|
727
|
+
|
|
728
|
+
| Value | Description |
|
|
729
|
+
| ----- | ----------- |
|
|
730
|
+
| `TLS_FINGERPRINT_NONE` | No fingerprint matching |
|
|
731
|
+
| `ANY_MALICIOUS_FINGERPRINT` | Match any known malicious fingerprint |
|
|
732
|
+
| `ADWARE` | Adware-associated fingerprints |
|
|
733
|
+
| `DRIDEX` | Dridex malware fingerprints |
|
|
734
|
+
| `GOOTKIT` | Gootkit malware fingerprints |
|
|
735
|
+
| `RANSOMWARE` | Ransomware-associated fingerprints |
|
|
736
|
+
| `TRICKBOT` | Trickbot malware fingerprints |
|
|
737
|
+
|
|
738
|
+
### IP Threat Categories {#common-ip-threat-categories}
|
|
739
|
+
|
|
740
|
+
IP address threat categories for security filtering.
|
|
741
|
+
|
|
742
|
+
| Value | Description |
|
|
743
|
+
| ----- | ----------- |
|
|
744
|
+
| `SPAM_SOURCES` | Known spam sources |
|
|
745
|
+
| `WINDOWS_EXPLOITS` | Windows exploit sources |
|
|
746
|
+
| `WEB_ATTACKS` | Web attack sources |
|
|
747
|
+
| `BOTNETS` | Known botnet IPs |
|
|
748
|
+
| `SCANNERS` | Network scanner IPs |
|
|
749
|
+
| `REPUTATION` | Poor reputation IPs |
|
|
750
|
+
| `PHISHING` | Phishing-related IPs |
|
|
751
|
+
| `PROXY` | Anonymous proxy IPs |
|
|
752
|
+
| `MOBILE_THREATS` | Mobile threat sources |
|
|
753
|
+
| `TOR_PROXY` | Tor exit nodes |
|
|
754
|
+
| `DENIAL_OF_SERVICE` | DoS attack sources |
|
|
755
|
+
| `NETWORK` | Known bad network ranges |
|
|
756
|
+
|
|
1174
757
|
## Import
|
|
1175
758
|
|
|
1176
759
|
Import is supported using the following syntax:
|