@robinmordasiewicz/f5xc-terraform-mcp 3.0.0 → 3.0.2

package/dist/docs/resources/k8s_cluster.md

@@ -0,0 +1,326 @@
+---
+page_title: "f5xc_k8s_cluster Resource - terraform-provider-f5xc"
+subcategory: "Kubernetes"
+description: |-
+  Manages k8s_cluster will create the object in the storage backend for namespace metadata.namespace in F5 Distributed Cloud.
+---
+
+# f5xc_k8s_cluster (Resource)
+
+Manages k8s_cluster will create the object in the storage backend for namespace metadata.namespace in F5 Distributed Cloud.
+
+~> **Note** For more information about this resource, please refer to the [F5 XC API Documentation](https://docs.cloud.f5.com/docs/api/).
+
+## Example Usage
+
+```terraform
+# K8S Cluster Resource Example
+# Manages k8s_cluster will create the object in the storage backend for namespace metadata.namespace in F5 Distributed Cloud.
+
+# Basic K8S Cluster configuration
+resource "f5xc_k8s_cluster" "example" {
+  name      = "example-k8s-cluster"
+  namespace = "system"
+
+  labels = {
+    environment = "production"
+    managed_by  = "terraform"
+  }
+
+  annotations = {
+    "owner" = "platform-team"
+  }
+
+  # Kubernetes Cluster configuration
+  # Use custom local domain
+  use_custom_cluster_role_bindings {
+    cluster_role_bindings {
+      name      = "admin-binding"
+      namespace = "system"
+    }
+  }
+
+  cluster_wide_app_list {
+    cluster_wide_apps {
+      name      = "nginx-ingress"
+      namespace = "system"
+    }
+  }
+
+  local_access_config {
+    local_domain = "cluster.local"
+    default_port {}
+  }
+
+  global_access_enable {}
+}
+```
+
+<!-- schema generated by tfplugindocs -->
+## Argument Reference
+
+### Metadata Argument Reference
+
+<a id="name"></a>&#x2022; [`name`](#name) - Required String<br>Name of the K8S Cluster. Must be unique within the namespace
+
+<a id="namespace"></a>&#x2022; [`namespace`](#namespace) - Required String<br>Namespace where the K8S Cluster will be created
+
+<a id="annotations"></a>&#x2022; [`annotations`](#annotations) - Optional Map<br>Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata
+
+<a id="description"></a>&#x2022; [`description`](#description) - Optional String<br>Human readable description for the object
+
+<a id="disable"></a>&#x2022; [`disable`](#disable) - Optional Bool<br>A value of true will administratively disable the object
+
+<a id="labels"></a>&#x2022; [`labels`](#labels) - Optional Map<br>Labels is a user defined key value map that can be attached to resources for organization and filtering
+
+### Spec Argument Reference
+
+-> **One of the following:**
+&#x2022; <a id="cluster-scoped-access-deny"></a>[`cluster_scoped_access_deny`](#cluster-scoped-access-deny) - Optional Block<br>Enable this option
+<br><br>&#x2022; <a id="cluster-scoped-access-permit"></a>[`cluster_scoped_access_permit`](#cluster-scoped-access-permit) - Optional Block<br>Enable this option
+
+-> **One of the following:**
+&#x2022; <a id="cluster-wide-app-list"></a>[`cluster_wide_app_list`](#cluster-wide-app-list) - Optional Block<br>Cluster Wide Application List. List of cluster wide applications<br>See [Cluster Wide App List](#cluster-wide-app-list) below for details.
+
+-> **One of the following:**
+&#x2022; <a id="global-access-enable"></a>[`global_access_enable`](#global-access-enable) - Optional Block<br>Enable this option
+
+-> **One of the following:**
+&#x2022; <a id="insecure-registry-list"></a>[`insecure_registry_list`](#insecure-registry-list) - Optional Block<br>Docker Insecure Registry List. List of docker insecure registries<br>See [Insecure Registry List](#insecure-registry-list) below for details.
+
+-> **One of the following:**
+&#x2022; <a id="local-access-config"></a>[`local_access_config`](#local-access-config) - Optional Block<br>Local Access Configuration. Parameters required to enable local access<br>See [Local Access Config](#local-access-config) below for details.
+
+<a id="no-cluster-wide-apps"></a>&#x2022; [`no_cluster_wide_apps`](#no-cluster-wide-apps) - Optional Block<br>Enable this option
+
+<a id="no-global-access"></a>&#x2022; [`no_global_access`](#no-global-access) - Optional Block<br>Enable this option
+
+<a id="no-insecure-registries"></a>&#x2022; [`no_insecure_registries`](#no-insecure-registries) - Optional Block<br>Enable this option
+
+<a id="no-local-access"></a>&#x2022; [`no_local_access`](#no-local-access) - Optional Block<br>Enable this option
+
+<a id="timeouts"></a>&#x2022; [`timeouts`](#timeouts) - Optional Block<br>See [Timeouts](#timeouts) below for details.
+
+-> **One of the following:**
+&#x2022; <a id="use-custom-cluster-role-bindings"></a>[`use_custom_cluster_role_bindings`](#use-custom-cluster-role-bindings) - Optional Block<br>Cluster Role Binding List. List of active cluster role binding list for a K8S cluster<br>See [Use Custom Cluster Role Bindings](#use-custom-cluster-role-bindings) below for details.
+
+-> **One of the following:**
+&#x2022; <a id="use-custom-cluster-role-list"></a>[`use_custom_cluster_role_list`](#use-custom-cluster-role-list) - Optional Block<br>Cluster Role List. List of active cluster role list for a K8S cluster<br>See [Use Custom Cluster Role List](#use-custom-cluster-role-list) below for details.
+
+-> **One of the following:**
+&#x2022; <a id="use-custom-pod-security-admission"></a>[`use_custom_pod_security_admission`](#use-custom-pod-security-admission) - Optional Block<br>Object reference. This type establishes a direct reference from one object(the referrer) to another(the referred). Such a reference is in form of tenant/namespace/name<br>See [Use Custom Pod Security Admission](#use-custom-pod-security-admission) below for details.
+
+-> **One of the following:**
+&#x2022; <a id="use-custom-psp-list"></a>[`use_custom_psp_list`](#use-custom-psp-list) - Optional Block<br>Pod Security Policy List. List of active Pod security policies for a K8S cluster<br>See [Use Custom Psp List](#use-custom-psp-list) below for details.
+
+<a id="use-default-cluster-role-bindings"></a>&#x2022; [`use_default_cluster_role_bindings`](#use-default-cluster-role-bindings) - Optional Block<br>Enable this option
+
+<a id="use-default-cluster-roles"></a>&#x2022; [`use_default_cluster_roles`](#use-default-cluster-roles) - Optional Block<br>Enable this option
+
+<a id="use-default-pod-security-admission"></a>&#x2022; [`use_default_pod_security_admission`](#use-default-pod-security-admission) - Optional Block<br>Enable this option
+
+<a id="use-default-psp"></a>&#x2022; [`use_default_psp`](#use-default-psp) - Optional Block<br>Enable this option
+
+-> **One of the following:**
+&#x2022; <a id="vk8s-namespace-access-deny"></a>[`vk8s_namespace_access_deny`](#vk8s-namespace-access-deny) - Optional Block<br>Enable this option
+<br><br>&#x2022; <a id="vk8s-namespace-access-permit"></a>[`vk8s_namespace_access_permit`](#vk8s-namespace-access-permit) - Optional Block<br>Enable this option
+
+### Attributes Reference
+
+In addition to all arguments above, the following attributes are exported:
+
+<a id="id"></a>&#x2022; [`id`](#id) - Optional String<br>Unique identifier for the resource
+
+---
+
+#### Cluster Wide App List
+
+A [`cluster_wide_app_list`](#cluster-wide-app-list) block supports the following:
+
+<a id="cluster-wide-app-list-cluster-wide-apps"></a>&#x2022; [`cluster_wide_apps`](#cluster-wide-app-list-cluster-wide-apps) - Optional Block<br>Cluster Wide Application List. List of cluster wide applications<br>See [Cluster Wide Apps](#cluster-wide-app-list-cluster-wide-apps) below.
+
+#### Cluster Wide App List Cluster Wide Apps
+
+A [`cluster_wide_apps`](#cluster-wide-app-list-cluster-wide-apps) block (within [`cluster_wide_app_list`](#cluster-wide-app-list)) supports the following:
+
+<a id="argo-cd-64d0ab"></a>&#x2022; [`argo_cd`](#argo-cd-64d0ab) - Optional Block<br>Argo CD configuration. description Parameters for Argo Continuous Deployment(CD) application<br>See [Argo Cd](#argo-cd-64d0ab) below.
+
+<a id="dashboard-0fee36"></a>&#x2022; [`dashboard`](#dashboard-0fee36) - Optional Block<br>K8S Dashboard configuration. description Parameters for K8S dashboard
+
+<a id="server-f57512"></a>&#x2022; [`metrics_server`](#server-f57512) - Optional Block<br>K8S Metrics Server configuration. description Parameters for Kubernetes Metrics Server application
+
+<a id="prometheus-0ee820"></a>&#x2022; [`prometheus`](#prometheus-0ee820) - Optional Block<br>Prometheus access configuration. description Parameters for Prometheus server access
+
+#### Cluster Wide App List Cluster Wide Apps Argo Cd
+
+<a id="deep-22132e"></a>Deeply nested **Cd** block collapsed for readability.
+
+#### Cluster Wide App List Cluster Wide Apps Argo Cd Local Domain
+
+<a id="deep-6f320e"></a>Deeply nested **Domain** block collapsed for readability.
+
+#### Cluster Wide App List Cluster Wide Apps Argo Cd Local Domain Password
+
+<a id="deep-94b623"></a>Deeply nested **Password** block collapsed for readability.
+
+#### Cluster Wide App List Cluster Wide Apps Argo Cd Local Domain Password Blindfold Secret Info
+
+<a id="deep-1b02f5"></a>Deeply nested **Info** block collapsed for readability.
+
+#### Cluster Wide App List Cluster Wide Apps Argo Cd Local Domain Password Clear Secret Info
+
+<a id="deep-5d2d98"></a>Deeply nested **Info** block collapsed for readability.
+
+#### Insecure Registry List
+
+An [`insecure_registry_list`](#insecure-registry-list) block supports the following:
+
+<a id="registries-b1bc10"></a>&#x2022; [`insecure_registries`](#registries-b1bc10) - Optional List<br>Docker Insecure Registry List. List of docker insecure registries in format 'example.com:5000'
+
+#### Local Access Config
+
+A [`local_access_config`](#local-access-config) block supports the following:
+
+<a id="local-access-config-default-port"></a>&#x2022; [`default_port`](#local-access-config-default-port) - Optional Block<br>Enable this option
+
+<a id="local-access-config-local-domain"></a>&#x2022; [`local_domain`](#local-access-config-local-domain) - Optional String<br>Local Domain. Local K8S API server will be accessible at `<site name>`.`<local domain>`
+
+<a id="local-access-config-port"></a>&#x2022; [`port`](#local-access-config-port) - Optional Number<br>Custom K8S Port. Use custom K8S port for API server. Available port range is less than 65000 except reserved ports
+
+#### Timeouts
+
+A [`timeouts`](#timeouts) block supports the following:
+
+<a id="timeouts-create"></a>&#x2022; [`create`](#timeouts-create) - Optional String (Defaults to `30 minutes`)<br>Used when creating the resource
+
+<a id="timeouts-delete"></a>&#x2022; [`delete`](#timeouts-delete) - Optional String (Defaults to `30 minutes`)<br>Used when deleting the resource
+
+<a id="timeouts-read"></a>&#x2022; [`read`](#timeouts-read) - Optional String (Defaults to `5 minutes`)<br>Used when retrieving the resource
+
+<a id="timeouts-update"></a>&#x2022; [`update`](#timeouts-update) - Optional String (Defaults to `30 minutes`)<br>Used when updating the resource
+
+#### Use Custom Cluster Role Bindings
+
+An [`use_custom_cluster_role_bindings`](#use-custom-cluster-role-bindings) block supports the following:
+
+<a id="bindings-6adfa9"></a>&#x2022; [`cluster_role_bindings`](#bindings-6adfa9) - Optional Block<br>Cluster Role Binding List. List of active cluster role binding list for a K8S cluster<br>See [Cluster Role Bindings](#bindings-6adfa9) below.
+
+#### Use Custom Cluster Role Bindings Cluster Role Bindings
+
+<a id="deep-ed02bf"></a>Deeply nested **Bindings** block collapsed for readability.
+
+#### Use Custom Cluster Role List
+
+An [`use_custom_cluster_role_list`](#use-custom-cluster-role-list) block supports the following:
+
+<a id="roles-cf2cf4"></a>&#x2022; [`cluster_roles`](#roles-cf2cf4) - Optional Block<br>Cluster Role List. List of active cluster role list for a K8S cluster<br>See [Cluster Roles](#roles-cf2cf4) below.
+
+#### Use Custom Cluster Role List Cluster Roles
+
+<a id="objref-cf2cf4"></a>Uses standard [Object Reference](#common-object-reference) fields (name, namespace, tenant).
+
+#### Use Custom Pod Security Admission
+
+<a id="objref-946f92"></a>Uses standard [Object Reference](#common-object-reference) fields (name, namespace, tenant).
+
+#### Use Custom Psp List
+
+An [`use_custom_psp_list`](#use-custom-psp-list) block supports the following:
+
+<a id="policies-4f6709"></a>&#x2022; [`pod_security_policies`](#policies-4f6709) - Optional Block<br>Pod Security Policy List. List of active Pod security policies for a K8S cluster<br>See [Pod Security Policies](#policies-4f6709) below.
+
+#### Use Custom Psp List Pod Security Policies
+
+<a id="objref-4f6709"></a>Uses standard [Object Reference](#common-object-reference) fields (name, namespace, tenant).
+
+---
+
+## Common Types
+
+The following type definitions are used throughout this resource. See the full definition here rather than repeated inline.
+
+### Object Reference {#common-object-reference}
+
+Object references establish a direct reference from one configuration object to another in F5 Distributed Cloud. References use the format `tenant/namespace/name`.
+
+| Field | Type | Description |
+| ----- | ---- | ----------- |
+| `name` | String | Name of the referenced object |
+| `namespace` | String | Namespace containing the referenced object |
+| `tenant` | String | Tenant of the referenced object (system-managed) |
+
+### Transformers {#common-transformers}
+
+Transformers apply transformations to input values before matching. Multiple transformers can be applied in order.
+
+| Value | Description |
+| ----- | ----------- |
+| `LOWER_CASE` | Convert to lowercase |
+| `UPPER_CASE` | Convert to uppercase |
+| `BASE64_DECODE` | Decode base64 content |
+| `NORMALIZE_PATH` | Normalize URL path |
+| `REMOVE_WHITESPACE` | Remove whitespace characters |
+| `URL_DECODE` | Decode URL-encoded characters |
+| `TRIM_LEFT` | Trim leading whitespace |
+| `TRIM_RIGHT` | Trim trailing whitespace |
+| `TRIM` | Trim both leading and trailing whitespace |
+
+### HTTP Methods {#common-http-methods}
+
+HTTP methods used for request matching.
+
+| Value | Description |
+| ----- | ----------- |
+| `ANY` | Match any HTTP method |
+| `GET` | HTTP GET request |
+| `HEAD` | HTTP HEAD request |
+| `POST` | HTTP POST request |
+| `PUT` | HTTP PUT request |
+| `DELETE` | HTTP DELETE request |
+| `CONNECT` | HTTP CONNECT request |
+| `OPTIONS` | HTTP OPTIONS request |
+| `TRACE` | HTTP TRACE request |
+| `PATCH` | HTTP PATCH request |
+| `COPY` | HTTP COPY request (WebDAV) |
+
+### TLS Fingerprints {#common-tls-fingerprints}
+
+TLS fingerprint categories for malicious client detection.
+
+| Value | Description |
+| ----- | ----------- |
+| `TLS_FINGERPRINT_NONE` | No fingerprint matching |
+| `ANY_MALICIOUS_FINGERPRINT` | Match any known malicious fingerprint |
+| `ADWARE` | Adware-associated fingerprints |
+| `DRIDEX` | Dridex malware fingerprints |
+| `GOOTKIT` | Gootkit malware fingerprints |
+| `RANSOMWARE` | Ransomware-associated fingerprints |
+| `TRICKBOT` | Trickbot malware fingerprints |
+
+### IP Threat Categories {#common-ip-threat-categories}
+
+IP address threat categories for security filtering.
+
+| Value | Description |
+| ----- | ----------- |
+| `SPAM_SOURCES` | Known spam sources |
+| `WINDOWS_EXPLOITS` | Windows exploit sources |
+| `WEB_ATTACKS` | Web attack sources |
+| `BOTNETS` | Known botnet IPs |
+| `SCANNERS` | Network scanner IPs |
+| `REPUTATION` | Poor reputation IPs |
+| `PHISHING` | Phishing-related IPs |
+| `PROXY` | Anonymous proxy IPs |
+| `MOBILE_THREATS` | Mobile threat sources |
+| `TOR_PROXY` | Tor exit nodes |
+| `DENIAL_OF_SERVICE` | DoS attack sources |
+| `NETWORK` | Known bad network ranges |
+
+## Import
+
+Import is supported using the following syntax:
+
+```shell
+# Import using namespace/name format
+terraform import f5xc_k8s_cluster.example system/example
+```

package/dist/docs/resources/k8s_cluster_role.md

@@ -0,0 +1,222 @@
+---
+page_title: "f5xc_k8s_cluster_role Resource - terraform-provider-f5xc"
+subcategory: "Kubernetes"
+description: |-
+  Manages k8s_cluster_role will create the object in the storage backend for namespace metadata.namespace in F5 Distributed Cloud.
+---
+
+# f5xc_k8s_cluster_role (Resource)
+
+Manages k8s_cluster_role will create the object in the storage backend for namespace metadata.namespace in F5 Distributed Cloud.
+
+~> **Note** For more information about this resource, please refer to the [F5 XC API Documentation](https://docs.cloud.f5.com/docs/api/).
+
+## Example Usage
+
+```terraform
+# K8S Cluster Role Resource Example
+# Manages k8s_cluster_role will create the object in the storage backend for namespace metadata.namespace in F5 Distributed Cloud.
+
+# Basic K8S Cluster Role configuration
+resource "f5xc_k8s_cluster_role" "example" {
+  name      = "example-k8s-cluster-role"
+  namespace = "system"
+
+  labels = {
+    environment = "production"
+    managed_by  = "terraform"
+  }
+
+  annotations = {
+    "owner" = "platform-team"
+  }
+
+  # Resource-specific configuration
+  # [OneOf: k8s_cluster_role_selector, policy_rule_list, yaml...
+  k8s_cluster_role_selector {
+    # Configure k8s_cluster_role_selector settings
+  }
+  # Policy Rule List. List of rules for role permissions
+  policy_rule_list {
+    # Configure policy_rule_list settings
+  }
+  # Policy Rules. List of rules for role permissions
+  policy_rule {
+    # Configure policy_rule settings
+  }
+}
+```
+
+<!-- schema generated by tfplugindocs -->
+## Argument Reference
+
+### Metadata Argument Reference
+
+<a id="name"></a>&#x2022; [`name`](#name) - Required String<br>Name of the K8S Cluster Role. Must be unique within the namespace
+
+<a id="namespace"></a>&#x2022; [`namespace`](#namespace) - Required String<br>Namespace where the K8S Cluster Role will be created
+
+<a id="annotations"></a>&#x2022; [`annotations`](#annotations) - Optional Map<br>Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata
+
+<a id="description"></a>&#x2022; [`description`](#description) - Optional String<br>Human readable description for the object
+
+<a id="disable"></a>&#x2022; [`disable`](#disable) - Optional Bool<br>A value of true will administratively disable the object
+
+<a id="labels"></a>&#x2022; [`labels`](#labels) - Optional Map<br>Labels is a user defined key value map that can be attached to resources for organization and filtering
+
+### Spec Argument Reference
+
+-> **One of the following:**
+&#x2022; <a id="k8s-cluster-role-selector"></a>[`k8s_cluster_role_selector`](#k8s-cluster-role-selector) - Optional Block<br>Label Selector. This type can be used to establish a 'selector reference' from one object(called selector) to a set of other objects(called selectees) based on the value of expresssions. A label selector is a label query over a set of resources. An empty label selector matches all objects. A null label selector matches no objects. Label selector is immutable. expressions is a list of strings of label selection expression. Each string has ',' separated values which are 'AND' and all strings are logically 'OR'. BNF for expression string `<selector-syntax>` ::= `<requirement>` | `<requirement>` ',' `<selector-syntax>` `<requirement>` ::= [!] KEY [ `<set-based-restriction>` | `<exact-match-restriction>` ] `<set-based-restriction>` ::= '' | `<inclusion-exclusion>` `<value-set>` `<inclusion-exclusion>` ::= `<inclusion>` | `<exclusion>` `<exclusion>` ::= 'notin' `<inclusion>` ::= 'in' `<value-set>` ::= '(' `<values>` ')' `<values>` ::= VALUE | VALUE ',' `<values>` `<exact-match-restriction>` ::= ['='|'=='|'!='] VALUE<br>See [K8S Cluster Role Selector](#k8s-cluster-role-selector) below for details.
+<br><br>&#x2022; <a id="policy-rule-list"></a>[`policy_rule_list`](#policy-rule-list) - Optional Block<br>Policy Rule List. List of rules for role permissions<br>See [Policy Rule List](#policy-rule-list) below for details.
+<br><br>&#x2022; <a id="yaml"></a>[`yaml`](#yaml) - Optional String<br>K8S YAML. K8S YAML for ClusterRole
+
+<a id="timeouts"></a>&#x2022; [`timeouts`](#timeouts) - Optional Block<br>See [Timeouts](#timeouts) below for details.
+
+### Attributes Reference
+
+In addition to all arguments above, the following attributes are exported:
+
+<a id="id"></a>&#x2022; [`id`](#id) - Optional String<br>Unique identifier for the resource
+
+---
+
+#### K8S Cluster Role Selector
+
+A [`k8s_cluster_role_selector`](#k8s-cluster-role-selector) block supports the following:
+
+<a id="k8s-cluster-role-selector-expressions"></a>&#x2022; [`expressions`](#k8s-cluster-role-selector-expressions) - Optional List<br>Selector Expression. expressions contains the kubernetes style label expression for selections
+
+#### Policy Rule List
+
+A [`policy_rule_list`](#policy-rule-list) block supports the following:
+
+<a id="policy-rule-list-policy-rule"></a>&#x2022; [`policy_rule`](#policy-rule-list-policy-rule) - Optional Block<br>Policy Rules. List of rules for role permissions<br>See [Policy Rule](#policy-rule-list-policy-rule) below.
+
+#### Policy Rule List Policy Rule
+
+A [`policy_rule`](#policy-rule-list-policy-rule) block (within [`policy_rule_list`](#policy-rule-list)) supports the following:
+
+<a id="list-d430d1"></a>&#x2022; [`non_resource_url_list`](#list-d430d1) - Optional Block<br>List of Non Resource URL(s). permissions for URL(s) that do not represent K8S resource<br>See [Non Resource URL List](#list-d430d1) below.
+
+<a id="list-0add02"></a>&#x2022; [`resource_list`](#list-0add02) - Optional Block<br>Resource List. List of resources in terms of API groups/resource types/resource instances and verbs allowed<br>See [Resource List](#list-0add02) below.
+
+#### Policy Rule List Policy Rule Non Resource URL List
+
+<a id="deep-7657a2"></a>Deeply nested **List** block collapsed for readability.
+
+#### Policy Rule List Policy Rule Resource List
+
+A [`resource_list`](#list-0add02) block (within [`policy_rule_list.policy_rule`](#policy-rule-list-policy-rule)) supports the following:
+
+<a id="groups-8a629b"></a>&#x2022; [`api_groups`](#groups-8a629b) - Optional List<br>API Groups. Allowed list of API group that contains resources, all resources of a given API group
+
+<a id="instances-311644"></a>&#x2022; [`resource_instances`](#instances-311644) - Optional List<br>Resource Instances. Allowed list of resource instances within the resource types
+
+<a id="types-062a5a"></a>&#x2022; [`resource_types`](#types-062a5a) - Optional List<br>Resource Types. Allowed list of resource types within the API groups
+
+<a id="verbs-d805f1"></a>&#x2022; [`verbs`](#verbs-d805f1) - Optional List<br>Allowed Verbs. Allowed list of verbs(operations) on resources. Use \* for all operations
+
+#### Timeouts
+
+A [`timeouts`](#timeouts) block supports the following:
+
+<a id="timeouts-create"></a>&#x2022; [`create`](#timeouts-create) - Optional String (Defaults to `10 minutes`)<br>Used when creating the resource
+
+<a id="timeouts-delete"></a>&#x2022; [`delete`](#timeouts-delete) - Optional String (Defaults to `10 minutes`)<br>Used when deleting the resource
+
+<a id="timeouts-read"></a>&#x2022; [`read`](#timeouts-read) - Optional String (Defaults to `5 minutes`)<br>Used when retrieving the resource
+
+<a id="timeouts-update"></a>&#x2022; [`update`](#timeouts-update) - Optional String (Defaults to `10 minutes`)<br>Used when updating the resource
+
+---
+
+## Common Types
+
+The following type definitions are used throughout this resource. See the full definition here rather than repeated inline.
+
+### Object Reference {#common-object-reference}
+
+Object references establish a direct reference from one configuration object to another in F5 Distributed Cloud. References use the format `tenant/namespace/name`.
+
+| Field | Type | Description |
+| ----- | ---- | ----------- |
+| `name` | String | Name of the referenced object |
+| `namespace` | String | Namespace containing the referenced object |
+| `tenant` | String | Tenant of the referenced object (system-managed) |
+
+### Transformers {#common-transformers}
+
+Transformers apply transformations to input values before matching. Multiple transformers can be applied in order.
+
+| Value | Description |
+| ----- | ----------- |
+| `LOWER_CASE` | Convert to lowercase |
+| `UPPER_CASE` | Convert to uppercase |
+| `BASE64_DECODE` | Decode base64 content |
+| `NORMALIZE_PATH` | Normalize URL path |
+| `REMOVE_WHITESPACE` | Remove whitespace characters |
+| `URL_DECODE` | Decode URL-encoded characters |
+| `TRIM_LEFT` | Trim leading whitespace |
+| `TRIM_RIGHT` | Trim trailing whitespace |
+| `TRIM` | Trim both leading and trailing whitespace |
+
+### HTTP Methods {#common-http-methods}
+
+HTTP methods used for request matching.
+
+| Value | Description |
+| ----- | ----------- |
+| `ANY` | Match any HTTP method |
+| `GET` | HTTP GET request |
+| `HEAD` | HTTP HEAD request |
+| `POST` | HTTP POST request |
+| `PUT` | HTTP PUT request |
+| `DELETE` | HTTP DELETE request |
+| `CONNECT` | HTTP CONNECT request |
+| `OPTIONS` | HTTP OPTIONS request |
+| `TRACE` | HTTP TRACE request |
+| `PATCH` | HTTP PATCH request |
+| `COPY` | HTTP COPY request (WebDAV) |
+
+### TLS Fingerprints {#common-tls-fingerprints}
+
+TLS fingerprint categories for malicious client detection.
+
+| Value | Description |
+| ----- | ----------- |
+| `TLS_FINGERPRINT_NONE` | No fingerprint matching |
+| `ANY_MALICIOUS_FINGERPRINT` | Match any known malicious fingerprint |
+| `ADWARE` | Adware-associated fingerprints |
+| `DRIDEX` | Dridex malware fingerprints |
+| `GOOTKIT` | Gootkit malware fingerprints |
+| `RANSOMWARE` | Ransomware-associated fingerprints |
+| `TRICKBOT` | Trickbot malware fingerprints |
+
+### IP Threat Categories {#common-ip-threat-categories}
+
+IP address threat categories for security filtering.
+
+| Value | Description |
+| ----- | ----------- |
+| `SPAM_SOURCES` | Known spam sources |
+| `WINDOWS_EXPLOITS` | Windows exploit sources |
+| `WEB_ATTACKS` | Web attack sources |
+| `BOTNETS` | Known botnet IPs |
+| `SCANNERS` | Network scanner IPs |
+| `REPUTATION` | Poor reputation IPs |
+| `PHISHING` | Phishing-related IPs |
+| `PROXY` | Anonymous proxy IPs |
+| `MOBILE_THREATS` | Mobile threat sources |
+| `TOR_PROXY` | Tor exit nodes |
+| `DENIAL_OF_SERVICE` | DoS attack sources |
+| `NETWORK` | Known bad network ranges |
+
+## Import
+
+Import is supported using the following syntax:
+
+```shell
+# Import using namespace/name format
+terraform import f5xc_k8s_cluster_role.example system/example
+```