@robinmordasiewicz/f5xc-terraform-mcp 3.1.0 → 3.2.0

package/dist/docs/resources/site.md

@@ -2,12 +2,12 @@
 page_title: "f5xc_site Resource - terraform-provider-f5xc"
 subcategory: "Uncategorized"
 description: |-
-  Manages a Site resource in F5 Distributed Cloud for gcp vpc site specification. configuration.
+  Manages virtual site object in given namespace. in F5 Distributed Cloud.
 ---
 
 # f5xc_site (Resource)
 
-Manages a Site resource in F5 Distributed Cloud for gcp vpc site specification. configuration.
+Manages virtual site object in given namespace. in F5 Distributed Cloud.
 
 ~> **Note** For more information about this resource, please refer to the [F5 XC API Documentation](https://docs.cloud.f5.com/docs/api/).
 
@@ -15,7 +15,7 @@ Manages a Site resource in F5 Distributed Cloud for gcp vpc site specification.
 
 ```terraform
 # Site Resource Example
-# Manages a Site resource in F5 Distributed Cloud for gcp vpc site specification. configuration.
+# Manages virtual site object in given namespace. in F5 Distributed Cloud.
 
 # Basic Site configuration
 resource "f5xc_site" "example" {
@@ -32,17 +32,9 @@ resource "f5xc_site" "example" {
   }
 
   # Resource-specific configuration
-  # Secret. SecretType is used in an object to indicate a sen...
-  admin_password {
-    # Configure admin_password settings
-  }
-  # Blindfold Secret. BlindfoldSecretInfoType specifies infor...
-  blindfold_secret_info {
-    # Configure blindfold_secret_info settings
-  }
-  # In-Clear Secret. ClearSecretInfoType specifies informatio...
-  clear_secret_info {
-    # Configure clear_secret_info settings
+  # Label Selector. This type can be used to establish a 'sel...
+  site_selector {
+    # Configure site_selector settings
   }
 }
 ```
@@ -66,54 +58,11 @@ resource "f5xc_site" "example" {
 
 ### Spec Argument Reference
 
-<a id="address"></a>&#x2022; [`address`](#address) - Optional String<br>Geographical Address. Site's geographical address that can be used to determine its latitude and longitude
-
-<a id="admin-password"></a>&#x2022; [`admin_password`](#admin-password) - Optional Block<br>Secret. SecretType is used in an object to indicate a sensitive/confidential field<br>See [Admin Password](#admin-password) below for details.
-
--> **One of the following:**
-&#x2022; <a id="block-all-services"></a>[`block_all_services`](#block-all-services) - Optional Block<br>Enable this option
-<br><br>&#x2022; <a id="blocked-services"></a>[`blocked_services`](#blocked-services) - Optional Block<br>Disable Node Local Services. Disable node local services on this site. Note: The chosen services will GET disabled on all nodes in the site<br>See [Blocked Services](#blocked-services) below for details.
-
-<a id="cloud-credentials"></a>&#x2022; [`cloud_credentials`](#cloud-credentials) - Optional Block<br>Object reference. This type establishes a direct reference from one object(the referrer) to another(the referred). Such a reference is in form of tenant/namespace/name<br>See [Cloud Credentials](#cloud-credentials) below for details.
-
-<a id="coordinates"></a>&#x2022; [`coordinates`](#coordinates) - Optional Block<br>Site Coordinates. Coordinates of the site which provides the site physical location<br>See [Coordinates](#coordinates) below for details.
-
-<a id="custom-dns"></a>&#x2022; [`custom_dns`](#custom-dns) - Optional Block<br>Custom DNS. Custom DNS is the configured for specify CE site<br>See [Custom DNS](#custom-dns) below for details.
-
-<a id="default-blocked-services"></a>&#x2022; [`default_blocked_services`](#default-blocked-services) - Optional Block<br>Enable this option
-
-<a id="disk-size"></a>&#x2022; [`disk_size`](#disk-size) - Optional Number<br>Cloud Disk Size. Disk size to be used for this instance in GiB. 80 is 80 GiB
-
-<a id="gcp-labels"></a>&#x2022; [`gcp_labels`](#gcp-labels) - Optional Block<br>GCP Labels. GCP Label is a label consisting of a user-defined key and value. It helps to manage, identify, organize, search for, and filter resources in GCP console
-
-<a id="gcp-region"></a>&#x2022; [`gcp_region`](#gcp-region) - Optional String<br>GCP Region. Name for GCP Region
-
--> **One of the following:**
-&#x2022; <a id="ingress-egress-gw"></a>[`ingress_egress_gw`](#ingress-egress-gw) - Optional Block<br>GCP Ingress/Egress Gateway. Two interface GCP ingress/egress site<br>See [Ingress Egress Gw](#ingress-egress-gw) below for details.
-<br><br>&#x2022; <a id="ingress-gw"></a>[`ingress_gw`](#ingress-gw) - Optional Block<br>GCP Ingress Gateway. Single interface GCP ingress site
-<br><br>&#x2022; <a id="voltstack-cluster"></a>[`voltstack_cluster`](#voltstack-cluster) - Optional Block<br>GCP App Stack Cluster. App Stack cluster of single interface GCP site
-
-<a id="instance-type"></a>&#x2022; [`instance_type`](#instance-type) - Optional String<br>GCP Instance Type for Node. Select Instance size based on performance needed
+<a id="site-selector"></a>&#x2022; [`site_selector`](#site-selector) - Optional Block<br>Label Selector. This type can be used to establish a 'selector reference' from one object(called selector) to a set of other objects(called selectees) based on the value of expresssions. A label selector is a label query over a set of resources. An empty label selector matches all objects. A null label selector matches no objects. Label selector is immutable. Expressions is a list of strings of label selection expression. Each string has ',' separated values which are 'AND' and all strings are logically 'OR'. BNF for expression string `<selector-syntax>` ::= `<requirement>` | `<requirement>` ',' `<selector-syntax>` `<requirement>` ::= [!] KEY [ `<set-based-restriction>` | `<exact-match-restriction>` ] `<set-based-restriction>` ::= '' | `<inclusion-exclusion>` `<value-set>` `<inclusion-exclusion>` ::= `<inclusion>` | `<exclusion>` `<exclusion>` ::= 'notin' `<inclusion>` ::= 'in' `<value-set>` ::= '(' `<values>` ')' `<values>` ::= VALUE | VALUE ',' `<values>` `<exact-match-restriction>` ::= ['='|'=='|'!='] VALUE<br>See [Site Selector](#site-selector) below for details.
 
-<a id="kubernetes-upgrade-drain"></a>&#x2022; [`kubernetes_upgrade_drain`](#kubernetes-upgrade-drain) - Optional Block<br>Node by Node Upgrade. Specify how worker nodes within a site will be upgraded
+<a id="site-type"></a>&#x2022; [`site_type`](#site-type) - Optional String<br>Possible values are `INVALID`, `REGIONAL_EDGE`, `CUSTOMER_EDGE`, `NGINX_ONE`<br>[Enum: INVALID|REGIONAL_EDGE|CUSTOMER_EDGE|NGINX_ONE] Site Type. Site Type which can either RE or CE Invalid type of site Regional Edge site Customer Edge site
 
--> **One of the following:**
-&#x2022; <a id="log-receiver"></a>[`log_receiver`](#log-receiver) - Optional Block<br>Object reference. This type establishes a direct reference from one object(the referrer) to another(the referred). Such a reference is in form of tenant/namespace/name
-<br><br>&#x2022; <a id="logs-streaming-disabled"></a>[`logs_streaming_disabled`](#logs-streaming-disabled) - Optional Block<br>Enable this option
-
-<a id="offline-survivability-mode"></a>&#x2022; [`offline_survivability_mode`](#offline-survivability-mode) - Optional Block<br>Offline Survivability Mode. Offline Survivability allows the Site to continue functioning normally without traffic loss during periods of connectivity loss to the Regional Edge (RE) or the Global Controller (GC). When this feature is enabled, a site can continue to function as is with existing configuration for upto 7 days, even when the site is offline. The certificates needed to keep the services running on this site are signed using a local CA. Secrets would also be cached locally to handle the connectivity loss. When the mode is toggled, services will restart and traffic disruption will be seen
-
-<a id="os"></a>&#x2022; [`os`](#os) - Optional Block<br>Operating System Version. Select the F5XC Operating System Version for the site. By default, latest available OS Version will be used. Refer to release notes to find required released OS versions
-
--> **One of the following:**
-&#x2022; <a id="private-connect-disabled"></a>[`private_connect_disabled`](#private-connect-disabled) - Optional Block<br>Enable this option
-<br><br>&#x2022; <a id="private-connectivity"></a>[`private_connectivity`](#private-connectivity) - Optional Block<br>Private Connect Configuration. Private Connect Configuration
-
-<a id="ssh-key"></a>&#x2022; [`ssh_key`](#ssh-key) - Optional String<br>Public SSH key. Public SSH key for accessing the site
-
-<a id="sw"></a>&#x2022; [`sw`](#sw) - Optional Block<br>F5XC Software Version. Select the F5XC Software Version for the site. By default, latest available F5XC Software Version will be used. Refer to release notes to find required released SW versions
-
-<a id="timeouts"></a>&#x2022; [`timeouts`](#timeouts) - Optional Block
+<a id="timeouts"></a>&#x2022; [`timeouts`](#timeouts) - Optional Block<br>See [Timeouts](#timeouts) below for details.
 
 ### Attributes Reference
 
@@ -123,531 +72,11 @@ In addition to all arguments above, the following attributes are exported:
 
 ---
 
-#### Admin Password
-
-An [`admin_password`](#admin-password) block supports the following:
-
-<a id="admin-password-blindfold-secret-info"></a>&#x2022; [`blindfold_secret_info`](#admin-password-blindfold-secret-info) - Optional Block<br>Blindfold Secret. BlindfoldSecretInfoType specifies information about the Secret managed by F5XC Secret Management<br>See [Blindfold Secret Info](#admin-password-blindfold-secret-info) below.
-
-<a id="admin-password-clear-secret-info"></a>&#x2022; [`clear_secret_info`](#admin-password-clear-secret-info) - Optional Block<br>In-Clear Secret. ClearSecretInfoType specifies information about the Secret that is not encrypted<br>See [Clear Secret Info](#admin-password-clear-secret-info) below.
-
-#### Admin Password Blindfold Secret Info
-
-A [`blindfold_secret_info`](#admin-password-blindfold-secret-info) block (within [`admin_password`](#admin-password)) supports the following:
-
-<a id="provider-e88368"></a>&#x2022; [`decryption_provider`](#provider-e88368) - Optional String<br>Decryption Provider. Name of the Secret Management Access object that contains information about the backend Secret Management service
-
-<a id="location-60af3e"></a>&#x2022; [`location`](#location-60af3e) - Optional String<br>Location. Location is the uri_ref. It could be in URL format for string:/// Or it could be a path if the store provider is an HTTP/HTTPS location
-
-<a id="provider-5c48c5"></a>&#x2022; [`store_provider`](#provider-5c48c5) - Optional String<br>Store Provider. Name of the Secret Management Access object that contains information about the store to GET encrypted bytes This field needs to be provided only if the URL scheme is not string:///
-
-#### Admin Password Clear Secret Info
-
-A [`clear_secret_info`](#admin-password-clear-secret-info) block (within [`admin_password`](#admin-password)) supports the following:
-
-<a id="ref-e52931"></a>&#x2022; [`provider_ref`](#ref-e52931) - Optional String<br>Provider. Name of the Secret Management Access object that contains information about the store to GET encrypted bytes This field needs to be provided only if the URL scheme is not string:///
-
-<a id="admin-password-clear-secret-info-url"></a>&#x2022; [`url`](#admin-password-clear-secret-info-url) - Optional String<br>URL. URL of the secret. Currently supported URL schemes is string:///. For string:/// scheme, Secret needs to be encoded Base64 format. When asked for this secret, caller will GET Secret bytes after Base64 decoding
-
-#### Blocked Services
-
-A [`blocked_services`](#blocked-services) block supports the following:
-
-<a id="blocked-services-blocked-sevice"></a>&#x2022; [`blocked_sevice`](#blocked-services-blocked-sevice) - Optional Block<br>Disable Node Local Services<br>See [Blocked Sevice](#blocked-services-blocked-sevice) below.
-
-#### Blocked Services Blocked Sevice
-
-A [`blocked_sevice`](#blocked-services-blocked-sevice) block (within [`blocked_services`](#blocked-services)) supports the following:
-
-<a id="blocked-services-blocked-sevice-dns"></a>&#x2022; [`dns`](#blocked-services-blocked-sevice-dns) - Optional Block<br>Enable this option
-
-<a id="type-808ec9"></a>&#x2022; [`network_type`](#type-808ec9) - Optional String  Defaults to `VIRTUAL_NETWORK_SITE_LOCAL`<br>Possible values are `VIRTUAL_NETWORK_SITE_LOCAL`, `VIRTUAL_NETWORK_SITE_LOCAL_INSIDE`, `VIRTUAL_NETWORK_PER_SITE`, `VIRTUAL_NETWORK_PUBLIC`, `VIRTUAL_NETWORK_GLOBAL`, `VIRTUAL_NETWORK_SITE_SERVICE`, `VIRTUAL_NETWORK_VER_INTERNAL`, `VIRTUAL_NETWORK_SITE_LOCAL_INSIDE_OUTSIDE`, `VIRTUAL_NETWORK_IP_AUTO`, `VIRTUAL_NETWORK_VOLTADN_PRIVATE_NETWORK`, `VIRTUAL_NETWORK_SRV6_NETWORK`, `VIRTUAL_NETWORK_IP_FABRIC`, `VIRTUAL_NETWORK_SEGMENT`<br>[Enum: VIRTUAL_NETWORK_SITE_LOCAL|VIRTUAL_NETWORK_SITE_LOCAL_INSIDE|VIRTUAL_NETWORK_PER_SITE|VIRTUAL_NETWORK_PUBLIC|VIRTUAL_NETWORK_GLOBAL|VIRTUAL_NETWORK_SITE_SERVICE|VIRTUAL_NETWORK_VER_INTERNAL|VIRTUAL_NETWORK_SITE_LOCAL_INSIDE_OUTSIDE|VIRTUAL_NETWORK_IP_AUTO|VIRTUAL_NETWORK_VOLTADN_PRIVATE_NETWORK|VIRTUAL_NETWORK_SRV6_NETWORK|VIRTUAL_NETWORK_IP_FABRIC|VIRTUAL_NETWORK_SEGMENT] Virtual Network Type. Different types of virtual networks understood by the system Virtual-network of type VIRTUAL_NETWORK_SITE_LOCAL provides connectivity to public (outside) network. This is an insecure network and is connected to public internet via NAT Gateways/firwalls Virtual-network of this type is local to every site. Two virtual networks of this type on different sites are neither related nor connected. Constraints: There can be atmost one virtual network of this type in a given site. This network type is supported on CE sites. This network is created automatically and present on all sites Virtual-network of type VIRTUAL_NETWORK_SITE_LOCAL_INSIDE is a private network inside site. It is a secure network and is not connected to public network. Virtual-network of this type is local to every site. Two virtual networks of this type on different sites are neither related nor connected. Constraints: There can be atmost one virtual network of this type in a given site. This network type is supported on CE sites. This network is created during provisioning of site User defined per-site virtual network. Scope of this virtual network is limited to the site. This is not yet supported Virtual-network of type VIRTUAL_NETWORK_PUBLIC directly conects to the public internet. Virtual-network of this type is local to every site. Two virtual networks of this type on different sites are neither related nor connected. Constraints: There can be atmost one virtual network of this type in a given site. This network type is supported on RE sites only It is an internally created by the system. They must not be created by user Virtual Neworks with global scope across different sites in F5XC domain. An example global virtual-network called 'AIN Network' is created for every tenant. For F5 Distributed Cloud fabric Constraints: It is currently only supported as internally created by the system. VK8s service network for a given tenant. Used to advertise a virtual host only to vk8s pods for that tenant Constraints: It is an internally created by the system. Must not be created by user VER internal network for the site. It can only be used for virtual hosts with SMA_PROXY type proxy Constraints: It is an internally created by the system. Must not be created by user Virtual-network of type VIRTUAL_NETWORK_SITE_LOCAL_INSIDE_OUTSIDE represents both VIRTUAL_NETWORK_SITE_LOCAL and VIRTUAL_NETWORK_SITE_LOCAL_INSIDE Constraints: This network type is only meaningful in an advertise policy When virtual-network of type VIRTUAL_NETWORK_IP_AUTO is selected for an endpoint, VER will try to determine the network based on the provided IP address Constraints: This network type is only meaningful in an endpoint VoltADN Private Network is used on F5 Distributed Cloud RE(s) to connect to customer private networks This network is created by opening a support ticket This network is per site srv6 network VER IP Fabric network for the site. This Virtual network type is used for exposing virtual host on IP Fabric network on the VER site or for endpoint in IP Fabric network Constraints: It is an internally created by the system. Must not be created by user Network internally created for a segment Constraints: It is an internally created by the system. Must not be created by user
-
-<a id="blocked-services-blocked-sevice-ssh"></a>&#x2022; [`ssh`](#blocked-services-blocked-sevice-ssh) - Optional Block<br>Enable this option
-
-<a id="interface-e57e21"></a>&#x2022; [`web_user_interface`](#interface-e57e21) - Optional Block<br>Enable this option
-
-#### Cloud Credentials
-
-A [`cloud_credentials`](#cloud-credentials) block supports the following:
-
-<a id="cloud-credentials-name"></a>&#x2022; [`name`](#cloud-credentials-name) - Optional String<br>Name. When a configuration object(e.g. Virtual_host) refers to another(e.g route) then name will hold the referred object's(e.g. Route's) name
-
-<a id="cloud-credentials-namespace"></a>&#x2022; [`namespace`](#cloud-credentials-namespace) - Optional String<br>Namespace. When a configuration object(e.g. Virtual_host) refers to another(e.g route) then namespace will hold the referred object's(e.g. Route's) namespace
-
-<a id="cloud-credentials-tenant"></a>&#x2022; [`tenant`](#cloud-credentials-tenant) - Optional String<br>Tenant. When a configuration object(e.g. Virtual_host) refers to another(e.g route) then tenant will hold the referred object's(e.g. Route's) tenant
-
-#### Coordinates
-
-A [`coordinates`](#coordinates) block supports the following:
-
-<a id="coordinates-latitude"></a>&#x2022; [`latitude`](#coordinates-latitude) - Optional Number<br>Latitude. Latitude of the site location
-
-<a id="coordinates-longitude"></a>&#x2022; [`longitude`](#coordinates-longitude) - Optional Number<br>Longitude. Longitude of site location
-
-#### Custom DNS
-
-A [`custom_dns`](#custom-dns) block supports the following:
-
-<a id="custom-dns-inside-nameserver"></a>&#x2022; [`inside_nameserver`](#custom-dns-inside-nameserver) - Optional String<br>DNS Server for Inside Network. Optional DNS server IP to be used for name resolution in inside network
-
-<a id="custom-dns-outside-nameserver"></a>&#x2022; [`outside_nameserver`](#custom-dns-outside-nameserver) - Optional String<br>DNS Server for Outside Network. Optional DNS server IP to be used for name resolution in outside network
-
-#### Ingress Egress Gw
-
-An [`ingress_egress_gw`](#ingress-egress-gw) block supports the following:
-
-<a id="policies-4e1d03"></a>&#x2022; [`active_enhanced_firewall_policies`](#policies-4e1d03) - Optional Block<br>Active Enhanced Network Policies Type. List of Enhanced Firewall Policies These policies use session-based rules and provide all OPTIONS available under firewall policies with an additional option for service insertion<br>See [Active Enhanced Firewall Policies](#policies-4e1d03) below.
-
-<a id="policies-265acf"></a>&#x2022; [`active_forward_proxy_policies`](#policies-265acf) - Optional Block<br>Active Forward Proxy Policies Type. Ordered List of Forward Proxy Policies active<br>See [Active Forward Proxy Policies](#policies-265acf) below.
-
-<a id="policies-a2ee20"></a>&#x2022; [`active_network_policies`](#policies-a2ee20) - Optional Block<br>Active Firewall Policies Type. List of firewall policy views<br>See [Active Network Policies](#policies-a2ee20) below.
-
-<a id="inside-vn-3ce96a"></a>&#x2022; [`dc_cluster_group_inside_vn`](#inside-vn-3ce96a) - Optional Block<br>Object reference. This type establishes a direct reference from one object(the referrer) to another(the referred). Such a reference is in form of tenant/namespace/name<br>See [Dc Cluster Group Inside Vn](#inside-vn-3ce96a) below.
-
-<a id="outside-vn-3594d6"></a>&#x2022; [`dc_cluster_group_outside_vn`](#outside-vn-3594d6) - Optional Block<br>Object reference. This type establishes a direct reference from one object(the referrer) to another(the referred). Such a reference is in form of tenant/namespace/name<br>See [Dc Cluster Group Outside Vn](#outside-vn-3594d6) below.
-
-<a id="all-8889af"></a>&#x2022; [`forward_proxy_allow_all`](#all-8889af) - Optional Block<br>Enable this option
-
-<a id="ingress-egress-gw-gcp-certified-hw"></a>&#x2022; [`gcp_certified_hw`](#ingress-egress-gw-gcp-certified-hw) - Optional String<br>GCP Certified Hardware. Name for GCP certified hardware
-
-<a id="ingress-egress-gw-gcp-zone-names"></a>&#x2022; [`gcp_zone_names`](#ingress-egress-gw-gcp-zone-names) - Optional List<br>GCP zone names. X-required List of zones when instances will be created, needs to match with region selected
-
-<a id="ingress-egress-gw-global-network-list"></a>&#x2022; [`global_network_list`](#ingress-egress-gw-global-network-list) - Optional Block<br>Global Network Connection List. List of global network connections<br>See [Global Network List](#ingress-egress-gw-global-network-list) below.
-
-<a id="ingress-egress-gw-inside-network"></a>&#x2022; [`inside_network`](#ingress-egress-gw-inside-network) - Optional Block<br>GCP VPC network choice. This defines choice about GCP VPC network for a view<br>See [Inside Network](#ingress-egress-gw-inside-network) below.
-
-<a id="ingress-egress-gw-inside-static-routes"></a>&#x2022; [`inside_static_routes`](#ingress-egress-gw-inside-static-routes) - Optional Block<br>Static Route List Type. List of static routes<br>See [Inside Static Routes](#ingress-egress-gw-inside-static-routes) below.
-
-<a id="ingress-egress-gw-inside-subnet"></a>&#x2022; [`inside_subnet`](#ingress-egress-gw-inside-subnet) - Optional Block<br>GCP VPC network choice. This defines choice about GCP VPC network for a view<br>See [Inside Subnet](#ingress-egress-gw-inside-subnet) below.
-
-<a id="ingress-egress-gw-no-dc-cluster-group"></a>&#x2022; [`no_dc_cluster_group`](#ingress-egress-gw-no-dc-cluster-group) - Optional Block<br>Enable this option
-
-<a id="ingress-egress-gw-no-forward-proxy"></a>&#x2022; [`no_forward_proxy`](#ingress-egress-gw-no-forward-proxy) - Optional Block<br>Enable this option
-
-<a id="ingress-egress-gw-no-global-network"></a>&#x2022; [`no_global_network`](#ingress-egress-gw-no-global-network) - Optional Block<br>Enable this option
-
-<a id="routes-b69a18"></a>&#x2022; [`no_inside_static_routes`](#routes-b69a18) - Optional Block<br>Enable this option
-
-<a id="ingress-egress-gw-no-network-policy"></a>&#x2022; [`no_network_policy`](#ingress-egress-gw-no-network-policy) - Optional Block<br>Enable this option
-
-<a id="routes-630976"></a>&#x2022; [`no_outside_static_routes`](#routes-630976) - Optional Block<br>Enable this option
-
-<a id="ingress-egress-gw-node-number"></a>&#x2022; [`node_number`](#ingress-egress-gw-node-number) - Optional Number<br>Number of main nodes. Number of main nodes to create, either 1 or 3
-
-<a id="ingress-egress-gw-outside-network"></a>&#x2022; [`outside_network`](#ingress-egress-gw-outside-network) - Optional Block<br>GCP VPC network choice. This defines choice about GCP VPC network for a view<br>See [Outside Network](#ingress-egress-gw-outside-network) below.
-
-<a id="ingress-egress-gw-outside-static-routes"></a>&#x2022; [`outside_static_routes`](#ingress-egress-gw-outside-static-routes) - Optional Block<br>Static Route List Type. List of static routes<br>See [Outside Static Routes](#ingress-egress-gw-outside-static-routes) below.
-
-<a id="ingress-egress-gw-outside-subnet"></a>&#x2022; [`outside_subnet`](#ingress-egress-gw-outside-subnet) - Optional Block<br>GCP VPC network choice. This defines choice about GCP VPC network for a view<br>See [Outside Subnet](#ingress-egress-gw-outside-subnet) below.
-
-<a id="mode-4d23c2"></a>&#x2022; [`performance_enhancement_mode`](#mode-4d23c2) - Optional Block<br>Performance Enhancement Mode. Optimize the site for L3 or L7 traffic processing. L7 optimized is the default<br>See [Performance Enhancement Mode](#mode-4d23c2) below.
-
-<a id="public-ip-5f6604"></a>&#x2022; [`sm_connection_public_ip`](#public-ip-5f6604) - Optional Block<br>Enable this option
-
-<a id="ingress-egress-gw-sm-connection-pvt-ip"></a>&#x2022; [`sm_connection_pvt_ip`](#ingress-egress-gw-sm-connection-pvt-ip) - Optional Block<br>Enable this option
-
-#### Ingress Egress Gw Active Enhanced Firewall Policies
-
-An [`active_enhanced_firewall_policies`](#policies-4e1d03) block (within [`ingress_egress_gw`](#ingress-egress-gw)) supports the following:
-
-<a id="policies-b74f29"></a>&#x2022; [`enhanced_firewall_policies`](#policies-b74f29) - Optional Block<br>Enhanced Firewall Policy. Ordered List of Enhanced Firewall Policies active<br>See [Enhanced Firewall Policies](#policies-b74f29) below.
-
-#### Ingress Egress Gw Active Enhanced Firewall Policies Enhanced Firewall Policies
-
-<a id="deep-3cb2d1"></a>Deeply nested **Policies** block collapsed for readability.
-
-#### Ingress Egress Gw Active Forward Proxy Policies
-
-An [`active_forward_proxy_policies`](#policies-265acf) block (within [`ingress_egress_gw`](#ingress-egress-gw)) supports the following:
-
-<a id="policies-ae49bd"></a>&#x2022; [`forward_proxy_policies`](#policies-ae49bd) - Optional Block<br>Forward Proxy Policies. Ordered List of Forward Proxy Policies active<br>See [Forward Proxy Policies](#policies-ae49bd) below.
-
-#### Ingress Egress Gw Active Forward Proxy Policies Forward Proxy Policies
-
-<a id="deep-54c023"></a>Deeply nested **Policies** block collapsed for readability.
-
-#### Ingress Egress Gw Active Network Policies
-
-An [`active_network_policies`](#policies-a2ee20) block (within [`ingress_egress_gw`](#ingress-egress-gw)) supports the following:
-
-<a id="policies-e07db8"></a>&#x2022; [`network_policies`](#policies-e07db8) - Optional Block<br>Firewall Policy. Ordered List of Firewall Policies active for this network firewall<br>See [Network Policies](#policies-e07db8) below.
-
-#### Ingress Egress Gw Active Network Policies Network Policies
-
-<a id="deep-18bd39"></a>Deeply nested **Policies** block collapsed for readability.
-
-#### Ingress Egress Gw Dc Cluster Group Inside Vn
-
-<a id="deep-23860c"></a>Deeply nested **Vn** block collapsed for readability.
-
-#### Ingress Egress Gw Dc Cluster Group Outside Vn
-
-<a id="deep-53ac3b"></a>Deeply nested **Vn** block collapsed for readability.
-
-#### Ingress Egress Gw Global Network List
-
-A [`global_network_list`](#ingress-egress-gw-global-network-list) block (within [`ingress_egress_gw`](#ingress-egress-gw)) supports the following:
-
-<a id="connections-bde45c"></a>&#x2022; [`global_network_connections`](#connections-bde45c) - Optional Block<br>Global Network Connections. Global network connections<br>See [Global Network Connections](#connections-bde45c) below.
-
-#### Ingress Egress Gw Global Network List Global Network Connections
-
-<a id="deep-88f40a"></a>Deeply nested **Connections** block collapsed for readability.
-
-#### Ingress Egress Gw Global Network List Global Network Connections SLI To Global DR
-
-<a id="deep-c2be4c"></a>Deeply nested **DR** block collapsed for readability.
-
-#### Ingress Egress Gw Global Network List Global Network Connections SLI To Global DR Global Vn
-
-<a id="deep-60d106"></a>Deeply nested **Vn** block collapsed for readability.
-
-#### Ingress Egress Gw Global Network List Global Network Connections Slo To Global DR
-
-<a id="deep-c00d54"></a>Deeply nested **DR** block collapsed for readability.
-
-#### Ingress Egress Gw Global Network List Global Network Connections Slo To Global DR Global Vn
-
-<a id="deep-184e24"></a>Deeply nested **Vn** block collapsed for readability.
-
-#### Ingress Egress Gw Inside Network
-
-An [`inside_network`](#ingress-egress-gw-inside-network) block (within [`ingress_egress_gw`](#ingress-egress-gw)) supports the following:
-
-<a id="network-9ee4a6"></a>&#x2022; [`existing_network`](#network-9ee4a6) - Optional Block<br>GCP existing VPC network Type. Name of existing VPC network<br>See [Existing Network](#network-9ee4a6) below.
-
-<a id="network-6793f9"></a>&#x2022; [`new_network`](#network-6793f9) - Optional Block<br>GCP VPC Network Manual Parameters. Parameters to create a new GCP VPC Network<br>See [New Network](#network-6793f9) below.
-
-<a id="autogenerate-1169b7"></a>&#x2022; [`new_network_autogenerate`](#autogenerate-1169b7) - Optional Block<br>GCP VPC Network Autogenerated Parameters. Create a new GCP VPC Network with autogenerated name
-
-#### Ingress Egress Gw Inside Network Existing Network
-
-An [`existing_network`](#network-9ee4a6) block (within [`ingress_egress_gw.inside_network`](#ingress-egress-gw-inside-network)) supports the following:
-
-<a id="name-27b371"></a>&#x2022; [`name`](#name-27b371) - Optional String<br>GCP VPC Network Name. Name for your GCP VPC Network
-
-#### Ingress Egress Gw Inside Network New Network
-
-A [`new_network`](#network-6793f9) block (within [`ingress_egress_gw.inside_network`](#ingress-egress-gw-inside-network)) supports the following:
-
-<a id="name-10e7e2"></a>&#x2022; [`name`](#name-10e7e2) - Optional String<br>GCP VPC Network Name. Name for your GCP VPC Network
-
-#### Ingress Egress Gw Inside Static Routes
-
-An [`inside_static_routes`](#ingress-egress-gw-inside-static-routes) block (within [`ingress_egress_gw`](#ingress-egress-gw)) supports the following:
-
-<a id="list-ed095e"></a>&#x2022; [`static_route_list`](#list-ed095e) - Optional Block<br>List of Static Routes. List of Static routes<br>See [Static Route List](#list-ed095e) below.
-
-#### Ingress Egress Gw Inside Static Routes Static Route List
-
-<a id="deep-922a6f"></a>Deeply nested **List** block collapsed for readability.
-
-#### Ingress Egress Gw Inside Static Routes Static Route List Custom Static Route
-
-<a id="deep-3b67c8"></a>Deeply nested **Route** block collapsed for readability.
-
-#### Ingress Egress Gw Inside Static Routes Static Route List Custom Static Route Nexthop
-
-<a id="deep-373011"></a>Deeply nested **Nexthop** block collapsed for readability.
-
-#### Ingress Egress Gw Inside Static Routes Static Route List Custom Static Route Nexthop Interface
-
-<a id="deep-a58927"></a>Deeply nested **Interface** block collapsed for readability.
-
-#### Ingress Egress Gw Inside Static Routes Static Route List Custom Static Route Nexthop Nexthop Address
-
-<a id="deep-6b64ce"></a>Deeply nested **Address** block collapsed for readability.
-
-#### Ingress Egress Gw Inside Static Routes Static Route List Custom Static Route Nexthop Nexthop Address IPv4
-
-<a id="deep-3b45f1"></a>Deeply nested **IPv4** block collapsed for readability.
-
-#### Ingress Egress Gw Inside Static Routes Static Route List Custom Static Route Nexthop Nexthop Address IPv6
-
-<a id="deep-976e31"></a>Deeply nested **IPv6** block collapsed for readability.
-
-#### Ingress Egress Gw Inside Static Routes Static Route List Custom Static Route Subnets
-
-<a id="deep-7e5beb"></a>Deeply nested **Subnets** block collapsed for readability.
-
-#### Ingress Egress Gw Inside Static Routes Static Route List Custom Static Route Subnets IPv4
-
-<a id="deep-4bd73c"></a>Deeply nested **IPv4** block collapsed for readability.
-
-#### Ingress Egress Gw Inside Static Routes Static Route List Custom Static Route Subnets IPv6
-
-<a id="deep-5dec85"></a>Deeply nested **IPv6** block collapsed for readability.
-
-#### Ingress Egress Gw Inside Subnet
-
-An [`inside_subnet`](#ingress-egress-gw-inside-subnet) block (within [`ingress_egress_gw`](#ingress-egress-gw)) supports the following:
-
-<a id="subnet-d874b8"></a>&#x2022; [`existing_subnet`](#subnet-d874b8) - Optional Block<br>GCP existing subnet Type. Name of existing GCP subnet<br>See [Existing Subnet](#subnet-d874b8) below.
-
-<a id="subnet-b1adf6"></a>&#x2022; [`new_subnet`](#subnet-b1adf6) - Optional Block<br>GCP subnet parameters Type. Parameters for GCP subnet<br>See [New Subnet](#subnet-b1adf6) below.
-
-#### Ingress Egress Gw Inside Subnet Existing Subnet
-
-An [`existing_subnet`](#subnet-d874b8) block (within [`ingress_egress_gw.inside_subnet`](#ingress-egress-gw-inside-subnet)) supports the following:
-
-<a id="name-2f0d2c"></a>&#x2022; [`subnet_name`](#name-2f0d2c) - Optional String<br>VPC Subnet Name. Name of your subnet in VPC network
-
-#### Ingress Egress Gw Inside Subnet New Subnet
-
-A [`new_subnet`](#subnet-b1adf6) block (within [`ingress_egress_gw.inside_subnet`](#ingress-egress-gw-inside-subnet)) supports the following:
-
-<a id="ipv4-135b73"></a>&#x2022; [`primary_ipv4`](#ipv4-135b73) - Optional String<br>IPv4 Subnet Prefix. IPv4 prefix for this Subnet. It has to be private address space
-
-<a id="name-7a1f7c"></a>&#x2022; [`subnet_name`](#name-7a1f7c) - Optional String<br>VPC Subnet Name. Name of new VPC Subnet, will be autogenerated if empty
-
-#### Ingress Egress Gw Outside Network
-
-An [`outside_network`](#ingress-egress-gw-outside-network) block (within [`ingress_egress_gw`](#ingress-egress-gw)) supports the following:
-
-<a id="network-7bcebe"></a>&#x2022; [`existing_network`](#network-7bcebe) - Optional Block<br>GCP existing VPC network Type. Name of existing VPC network<br>See [Existing Network](#network-7bcebe) below.
-
-<a id="network-958024"></a>&#x2022; [`new_network`](#network-958024) - Optional Block<br>GCP VPC Network Manual Parameters. Parameters to create a new GCP VPC Network<br>See [New Network](#network-958024) below.
-
-<a id="autogenerate-74de44"></a>&#x2022; [`new_network_autogenerate`](#autogenerate-74de44) - Optional Block<br>GCP VPC Network Autogenerated Parameters. Create a new GCP VPC Network with autogenerated name
-
-#### Ingress Egress Gw Outside Network Existing Network
-
-An [`existing_network`](#network-7bcebe) block (within [`ingress_egress_gw.outside_network`](#ingress-egress-gw-outside-network)) supports the following:
-
-<a id="name-b3e497"></a>&#x2022; [`name`](#name-b3e497) - Optional String<br>GCP VPC Network Name. Name for your GCP VPC Network
-
-#### Ingress Egress Gw Outside Network New Network
-
-A [`new_network`](#network-958024) block (within [`ingress_egress_gw.outside_network`](#ingress-egress-gw-outside-network)) supports the following:
-
-<a id="name-732274"></a>&#x2022; [`name`](#name-732274) - Optional String<br>GCP VPC Network Name. Name for your GCP VPC Network
-
-#### Ingress Egress Gw Outside Static Routes
-
-An [`outside_static_routes`](#ingress-egress-gw-outside-static-routes) block (within [`ingress_egress_gw`](#ingress-egress-gw)) supports the following:
-
-<a id="list-445efb"></a>&#x2022; [`static_route_list`](#list-445efb) - Optional Block<br>List of Static Routes. List of Static routes<br>See [Static Route List](#list-445efb) below.
-
-#### Ingress Egress Gw Outside Static Routes Static Route List
-
-<a id="deep-fdf27e"></a>Deeply nested **List** block collapsed for readability.
-
-#### Ingress Egress Gw Outside Static Routes Static Route List Custom Static Route
-
-<a id="deep-025383"></a>Deeply nested **Route** block collapsed for readability.
-
-#### Ingress Egress Gw Outside Static Routes Static Route List Custom Static Route Nexthop
-
-<a id="deep-390b03"></a>Deeply nested **Nexthop** block collapsed for readability.
-
-#### Ingress Egress Gw Outside Static Routes Static Route List Custom Static Route Nexthop Interface
-
-<a id="deep-214d2f"></a>Deeply nested **Interface** block collapsed for readability.
-
-#### Ingress Egress Gw Outside Static Routes Static Route List Custom Static Route Nexthop Nexthop Address
-
-<a id="deep-f33e18"></a>Deeply nested **Address** block collapsed for readability.
-
-#### Ingress Egress Gw Outside Static Routes Static Route List Custom Static Route Nexthop Nexthop Address IPv4
-
-<a id="deep-f90bc5"></a>Deeply nested **IPv4** block collapsed for readability.
-
-#### Ingress Egress Gw Outside Static Routes Static Route List Custom Static Route Nexthop Nexthop Address IPv6
-
-<a id="deep-23b94d"></a>Deeply nested **IPv6** block collapsed for readability.
-
-#### Ingress Egress Gw Outside Static Routes Static Route List Custom Static Route Subnets
-
-<a id="deep-5d8217"></a>Deeply nested **Subnets** block collapsed for readability.
-
-#### Ingress Egress Gw Outside Static Routes Static Route List Custom Static Route Subnets IPv4
-
-<a id="deep-f9fb39"></a>Deeply nested **IPv4** block collapsed for readability.
-
-#### Ingress Egress Gw Outside Static Routes Static Route List Custom Static Route Subnets IPv6
-
-<a id="deep-21fa47"></a>Deeply nested **IPv6** block collapsed for readability.
-
-#### Ingress Egress Gw Outside Subnet
-
-An [`outside_subnet`](#ingress-egress-gw-outside-subnet) block (within [`ingress_egress_gw`](#ingress-egress-gw)) supports the following:
-
-<a id="subnet-34a158"></a>&#x2022; [`existing_subnet`](#subnet-34a158) - Optional Block<br>GCP existing subnet Type. Name of existing GCP subnet<br>See [Existing Subnet](#subnet-34a158) below.
-
-<a id="subnet-8ff867"></a>&#x2022; [`new_subnet`](#subnet-8ff867) - Optional Block<br>GCP subnet parameters Type. Parameters for GCP subnet<br>See [New Subnet](#subnet-8ff867) below.
-
-#### Ingress Egress Gw Outside Subnet Existing Subnet
-
-An [`existing_subnet`](#subnet-34a158) block (within [`ingress_egress_gw.outside_subnet`](#ingress-egress-gw-outside-subnet)) supports the following:
-
-<a id="name-091b0d"></a>&#x2022; [`subnet_name`](#name-091b0d) - Optional String<br>VPC Subnet Name. Name of your subnet in VPC network
-
-#### Ingress Egress Gw Outside Subnet New Subnet
+#### Site Selector
 
-A [`new_subnet`](#subnet-8ff867) block (within [`ingress_egress_gw.outside_subnet`](#ingress-egress-gw-outside-subnet)) supports the following:
+A [`site_selector`](#site-selector) block supports the following:
 
-<a id="ipv4-91f9e5"></a>&#x2022; [`primary_ipv4`](#ipv4-91f9e5) - Optional String<br>IPv4 Subnet Prefix. IPv4 prefix for this Subnet. It has to be private address space
-
-<a id="name-aba138"></a>&#x2022; [`subnet_name`](#name-aba138) - Optional String<br>VPC Subnet Name. Name of new VPC Subnet, will be autogenerated if empty
-
-#### Ingress Egress Gw Performance Enhancement Mode
-
-A [`performance_enhancement_mode`](#mode-4d23c2) block (within [`ingress_egress_gw`](#ingress-egress-gw)) supports the following:
-
-<a id="enhanced-410f18"></a>&#x2022; [`perf_mode_l3_enhanced`](#enhanced-410f18) - Optional Block<br>L3 Mode Enhanced Performance. L3 enhanced performance mode OPTIONS<br>See [Perf Mode L3 Enhanced](#enhanced-410f18) below.
-
-<a id="enhanced-90e2b5"></a>&#x2022; [`perf_mode_l7_enhanced`](#enhanced-90e2b5) - Optional Block<br>Enable this option
-
-#### Ingress Egress Gw Performance Enhancement Mode Perf Mode L3 Enhanced
-
-<a id="deep-4a39a0"></a>Deeply nested **Enhanced** block collapsed for readability.
-
-#### Ingress Gw
-
-An [`ingress_gw`](#ingress-gw) block supports the following:
-
-<a id="ingress-gw-gcp-certified-hw"></a>&#x2022; [`gcp_certified_hw`](#ingress-gw-gcp-certified-hw) - Optional String<br>GCP Certified Hardware. Name for GCP certified hardware
-
-<a id="ingress-gw-gcp-zone-names"></a>&#x2022; [`gcp_zone_names`](#ingress-gw-gcp-zone-names) - Optional List<br>GCP zone names. X-required List of zones when instances will be created, needs to match with region selected
-
-<a id="ingress-gw-local-network"></a>&#x2022; [`local_network`](#ingress-gw-local-network) - Optional Block<br>GCP VPC network choice. This defines choice about GCP VPC network for a view<br>See [Local Network](#ingress-gw-local-network) below.
-
-<a id="ingress-gw-local-subnet"></a>&#x2022; [`local_subnet`](#ingress-gw-local-subnet) - Optional Block<br>GCP VPC network choice. This defines choice about GCP VPC network for a view<br>See [Local Subnet](#ingress-gw-local-subnet) below.
-
-<a id="ingress-gw-node-number"></a>&#x2022; [`node_number`](#ingress-gw-node-number) - Optional Number<br>Number of main nodes. Number of main nodes to create, either 1 or 3
-
-<a id="ingress-gw-performance-enhancement-mode"></a>&#x2022; [`performance_enhancement_mode`](#ingress-gw-performance-enhancement-mode) - Optional Block<br>Performance Enhancement Mode. Optimize the site for L3 or L7 traffic processing. L7 optimized is the default<br>See [Performance Enhancement Mode](#ingress-gw-performance-enhancement-mode) below.
-
-#### Ingress Gw Local Network
-
-A [`local_network`](#ingress-gw-local-network) block (within [`ingress_gw`](#ingress-gw)) supports the following:
-
-<a id="network-16c1d3"></a>&#x2022; [`existing_network`](#network-16c1d3) - Optional Block<br>GCP existing VPC network Type. Name of existing VPC network<br>See [Existing Network](#network-16c1d3) below.
-
-<a id="ingress-gw-local-network-new-network"></a>&#x2022; [`new_network`](#ingress-gw-local-network-new-network) - Optional Block<br>GCP VPC Network Manual Parameters. Parameters to create a new GCP VPC Network<br>See [New Network](#ingress-gw-local-network-new-network) below.
-
-<a id="autogenerate-3c23a7"></a>&#x2022; [`new_network_autogenerate`](#autogenerate-3c23a7) - Optional Block<br>GCP VPC Network Autogenerated Parameters. Create a new GCP VPC Network with autogenerated name
-
-#### Ingress Gw Local Network Existing Network
-
-An [`existing_network`](#network-16c1d3) block (within [`ingress_gw.local_network`](#ingress-gw-local-network)) supports the following:
-
-<a id="name-03ee92"></a>&#x2022; [`name`](#name-03ee92) - Optional String<br>GCP VPC Network Name. Name for your GCP VPC Network
-
-#### Ingress Gw Local Network New Network
-
-A [`new_network`](#ingress-gw-local-network-new-network) block (within [`ingress_gw.local_network`](#ingress-gw-local-network)) supports the following:
-
-<a id="name-a157ec"></a>&#x2022; [`name`](#name-a157ec) - Optional String<br>GCP VPC Network Name. Name for your GCP VPC Network
-
-#### Ingress Gw Local Subnet
-
-A [`local_subnet`](#ingress-gw-local-subnet) block (within [`ingress_gw`](#ingress-gw)) supports the following:
-
-<a id="ingress-gw-local-subnet-existing-subnet"></a>&#x2022; [`existing_subnet`](#ingress-gw-local-subnet-existing-subnet) - Optional Block<br>GCP existing subnet Type. Name of existing GCP subnet<br>See [Existing Subnet](#ingress-gw-local-subnet-existing-subnet) below.
-
-<a id="ingress-gw-local-subnet-new-subnet"></a>&#x2022; [`new_subnet`](#ingress-gw-local-subnet-new-subnet) - Optional Block<br>GCP subnet parameters Type. Parameters for GCP subnet<br>See [New Subnet](#ingress-gw-local-subnet-new-subnet) below.
-
-#### Ingress Gw Local Subnet Existing Subnet
-
-An [`existing_subnet`](#ingress-gw-local-subnet-existing-subnet) block (within [`ingress_gw.local_subnet`](#ingress-gw-local-subnet)) supports the following:
-
-<a id="name-a79c96"></a>&#x2022; [`subnet_name`](#name-a79c96) - Optional String<br>VPC Subnet Name. Name of your subnet in VPC network
-
-#### Ingress Gw Local Subnet New Subnet
-
-A [`new_subnet`](#ingress-gw-local-subnet-new-subnet) block (within [`ingress_gw.local_subnet`](#ingress-gw-local-subnet)) supports the following:
-
-<a id="ipv4-a6bd10"></a>&#x2022; [`primary_ipv4`](#ipv4-a6bd10) - Optional String<br>IPv4 Subnet Prefix. IPv4 prefix for this Subnet. It has to be private address space
-
-<a id="name-e9b491"></a>&#x2022; [`subnet_name`](#name-e9b491) - Optional String<br>VPC Subnet Name. Name of new VPC Subnet, will be autogenerated if empty
-
-#### Ingress Gw Performance Enhancement Mode
-
-A [`performance_enhancement_mode`](#ingress-gw-performance-enhancement-mode) block (within [`ingress_gw`](#ingress-gw)) supports the following:
-
-<a id="enhanced-5a06c8"></a>&#x2022; [`perf_mode_l3_enhanced`](#enhanced-5a06c8) - Optional Block<br>L3 Mode Enhanced Performance. L3 enhanced performance mode OPTIONS<br>See [Perf Mode L3 Enhanced](#enhanced-5a06c8) below.
-
-<a id="enhanced-6fdd43"></a>&#x2022; [`perf_mode_l7_enhanced`](#enhanced-6fdd43) - Optional Block<br>Enable this option
-
-#### Ingress Gw Performance Enhancement Mode Perf Mode L3 Enhanced
-
-<a id="deep-690f7e"></a>Deeply nested **Enhanced** block collapsed for readability.
-
-#### Kubernetes Upgrade Drain
-
-A [`kubernetes_upgrade_drain`](#kubernetes-upgrade-drain) block supports the following:
-
-<a id="drain-0d0936"></a>&#x2022; [`disable_upgrade_drain`](#drain-0d0936) - Optional Block<br>Enable this option
-
-<a id="drain-7e30d4"></a>&#x2022; [`enable_upgrade_drain`](#drain-7e30d4) - Optional Block<br>Enable Node by Node Upgrade. Specify batch upgrade settings for worker nodes within a site<br>See [Enable Upgrade Drain](#drain-7e30d4) below.
-
-#### Kubernetes Upgrade Drain Enable Upgrade Drain
-
-An [`enable_upgrade_drain`](#drain-7e30d4) block (within [`kubernetes_upgrade_drain`](#kubernetes-upgrade-drain)) supports the following:
-
-<a id="mode-668699"></a>&#x2022; [`disable_vega_upgrade_mode`](#mode-668699) - Optional Block<br>Enable this option
-
-<a id="count-3aa796"></a>&#x2022; [`drain_max_unavailable_node_count`](#count-3aa796) - Optional Number<br>Node Batch Size Count
-
-<a id="timeout-ac4ee9"></a>&#x2022; [`drain_node_timeout`](#timeout-ac4ee9) - Optional Number<br>Upgrade Wait Time. Seconds to wait before initiating upgrade on the next set of nodes. Setting it to 0 will wait indefinitely for all services on nodes to be upgraded gracefully before proceeding to the next set of nodes. (Warning: It may block upgrade if services on a node cannot be gracefully upgraded. It is recommended to use the default value)
-
-<a id="mode-9c557b"></a>&#x2022; [`enable_vega_upgrade_mode`](#mode-9c557b) - Optional Block<br>Enable this option
-
-#### Log Receiver
-
-A [`log_receiver`](#log-receiver) block supports the following:
-
-<a id="log-receiver-name"></a>&#x2022; [`name`](#log-receiver-name) - Optional String<br>Name. When a configuration object(e.g. Virtual_host) refers to another(e.g route) then name will hold the referred object's(e.g. Route's) name
-
-<a id="log-receiver-namespace"></a>&#x2022; [`namespace`](#log-receiver-namespace) - Optional String<br>Namespace. When a configuration object(e.g. Virtual_host) refers to another(e.g route) then namespace will hold the referred object's(e.g. Route's) namespace
-
-<a id="log-receiver-tenant"></a>&#x2022; [`tenant`](#log-receiver-tenant) - Optional String<br>Tenant. When a configuration object(e.g. Virtual_host) refers to another(e.g route) then tenant will hold the referred object's(e.g. Route's) tenant
-
-#### Offline Survivability Mode
-
-An [`offline_survivability_mode`](#offline-survivability-mode) block supports the following:
-
-<a id="mode-565021"></a>&#x2022; [`enable_offline_survivability_mode`](#mode-565021) - Optional Block<br>Enable this option
-
-<a id="mode-02f0c8"></a>&#x2022; [`no_offline_survivability_mode`](#mode-02f0c8) - Optional Block<br>Enable this option
-
-#### OS
-
-An [`os`](#os) block supports the following:
-
-<a id="os-default-os-version"></a>&#x2022; [`default_os_version`](#os-default-os-version) - Optional Block<br>Enable this option
-
-<a id="os-operating-system-version"></a>&#x2022; [`operating_system_version`](#os-operating-system-version) - Optional String<br>Operating System Version. Specify a OS version to be used e.g. 9.2024.6
-
-#### Private Connectivity
-
-A [`private_connectivity`](#private-connectivity) block supports the following:
-
-<a id="private-connectivity-cloud-link"></a>&#x2022; [`cloud_link`](#private-connectivity-cloud-link) - Optional Block<br>Object reference. This type establishes a direct reference from one object(the referrer) to another(the referred). Such a reference is in form of tenant/namespace/name<br>See [Cloud Link](#private-connectivity-cloud-link) below.
-
-<a id="private-connectivity-inside"></a>&#x2022; [`inside`](#private-connectivity-inside) - Optional Block<br>Enable this option
-
-<a id="private-connectivity-outside"></a>&#x2022; [`outside`](#private-connectivity-outside) - Optional Block<br>Enable this option
-
-#### Private Connectivity Cloud Link
-
-A [`cloud_link`](#private-connectivity-cloud-link) block (within [`private_connectivity`](#private-connectivity)) supports the following:
-
-<a id="private-connectivity-cloud-link-name"></a>&#x2022; [`name`](#private-connectivity-cloud-link-name) - Optional String<br>Name. When a configuration object(e.g. Virtual_host) refers to another(e.g route) then name will hold the referred object's(e.g. Route's) name
-
-<a id="namespace-73cbe6"></a>&#x2022; [`namespace`](#namespace-73cbe6) - Optional String<br>Namespace. When a configuration object(e.g. Virtual_host) refers to another(e.g route) then namespace will hold the referred object's(e.g. Route's) namespace
-
-<a id="private-connectivity-cloud-link-tenant"></a>&#x2022; [`tenant`](#private-connectivity-cloud-link-tenant) - Optional String<br>Tenant. When a configuration object(e.g. Virtual_host) refers to another(e.g route) then tenant will hold the referred object's(e.g. Route's) tenant
-
-#### Sw
-
-A [`sw`](#sw) block supports the following:
-
-<a id="sw-default-sw-version"></a>&#x2022; [`default_sw_version`](#sw-default-sw-version) - Optional Block<br>Enable this option
-
-<a id="sw-volterra-software-version"></a>&#x2022; [`volterra_software_version`](#sw-volterra-software-version) - Optional String<br>F5XC Software Version. Specify a F5XC Software Version to be used e.g. Crt-20210329-1002
+<a id="site-selector-expressions"></a>&#x2022; [`expressions`](#site-selector-expressions) - Optional List<br>Selector Expression. Expressions contains the Kubernetes style label expression for selections
 
 #### Timeouts
 
@@ -661,242 +90,6 @@ A [`timeouts`](#timeouts) block supports the following:
 
 <a id="timeouts-update"></a>&#x2022; [`update`](#timeouts-update) - Optional String (Defaults to `10 minutes`)<br>Used when updating the resource
 
-#### Voltstack Cluster
-
-A [`voltstack_cluster`](#voltstack-cluster) block supports the following:
-
-<a id="policies-a80edf"></a>&#x2022; [`active_enhanced_firewall_policies`](#policies-a80edf) - Optional Block<br>Active Enhanced Network Policies Type. List of Enhanced Firewall Policies These policies use session-based rules and provide all OPTIONS available under firewall policies with an additional option for service insertion<br>See [Active Enhanced Firewall Policies](#policies-a80edf) below.
-
-<a id="policies-91541d"></a>&#x2022; [`active_forward_proxy_policies`](#policies-91541d) - Optional Block<br>Active Forward Proxy Policies Type. Ordered List of Forward Proxy Policies active<br>See [Active Forward Proxy Policies](#policies-91541d) below.
-
-<a id="policies-704e06"></a>&#x2022; [`active_network_policies`](#policies-704e06) - Optional Block<br>Active Firewall Policies Type. List of firewall policy views<br>See [Active Network Policies](#policies-704e06) below.
-
-<a id="voltstack-cluster-dc-cluster-group"></a>&#x2022; [`dc_cluster_group`](#voltstack-cluster-dc-cluster-group) - Optional Block<br>Object reference. This type establishes a direct reference from one object(the referrer) to another(the referred). Such a reference is in form of tenant/namespace/name<br>See [Dc Cluster Group](#voltstack-cluster-dc-cluster-group) below.
-
-<a id="voltstack-cluster-default-storage"></a>&#x2022; [`default_storage`](#voltstack-cluster-default-storage) - Optional Block<br>Enable this option
-
-<a id="all-48d905"></a>&#x2022; [`forward_proxy_allow_all`](#all-48d905) - Optional Block<br>Enable this option
-
-<a id="voltstack-cluster-gcp-certified-hw"></a>&#x2022; [`gcp_certified_hw`](#voltstack-cluster-gcp-certified-hw) - Optional String<br>GCP Certified Hardware. Name for GCP certified hardware
-
-<a id="voltstack-cluster-gcp-zone-names"></a>&#x2022; [`gcp_zone_names`](#voltstack-cluster-gcp-zone-names) - Optional List<br>GCP zone names. X-required List of zones when instances will be created, needs to match with region selected
-
-<a id="voltstack-cluster-global-network-list"></a>&#x2022; [`global_network_list`](#voltstack-cluster-global-network-list) - Optional Block<br>Global Network Connection List. List of global network connections<br>See [Global Network List](#voltstack-cluster-global-network-list) below.
-
-<a id="voltstack-cluster-k8s-cluster"></a>&#x2022; [`k8s_cluster`](#voltstack-cluster-k8s-cluster) - Optional Block<br>Object reference. This type establishes a direct reference from one object(the referrer) to another(the referred). Such a reference is in form of tenant/namespace/name<br>See [K8S Cluster](#voltstack-cluster-k8s-cluster) below.
-
-<a id="voltstack-cluster-no-dc-cluster-group"></a>&#x2022; [`no_dc_cluster_group`](#voltstack-cluster-no-dc-cluster-group) - Optional Block<br>Enable this option
-
-<a id="voltstack-cluster-no-forward-proxy"></a>&#x2022; [`no_forward_proxy`](#voltstack-cluster-no-forward-proxy) - Optional Block<br>Enable this option
-
-<a id="voltstack-cluster-no-global-network"></a>&#x2022; [`no_global_network`](#voltstack-cluster-no-global-network) - Optional Block<br>Enable this option
-
-<a id="voltstack-cluster-no-k8s-cluster"></a>&#x2022; [`no_k8s_cluster`](#voltstack-cluster-no-k8s-cluster) - Optional Block<br>Enable this option
-
-<a id="voltstack-cluster-no-network-policy"></a>&#x2022; [`no_network_policy`](#voltstack-cluster-no-network-policy) - Optional Block<br>Enable this option
-
-<a id="routes-3cc7bc"></a>&#x2022; [`no_outside_static_routes`](#routes-3cc7bc) - Optional Block<br>Enable this option
-
-<a id="voltstack-cluster-node-number"></a>&#x2022; [`node_number`](#voltstack-cluster-node-number) - Optional Number<br>Number of main Nodes. Number of main nodes to create, either 1 or 3
-
-<a id="voltstack-cluster-outside-static-routes"></a>&#x2022; [`outside_static_routes`](#voltstack-cluster-outside-static-routes) - Optional Block<br>Static Route List Type. List of static routes<br>See [Outside Static Routes](#voltstack-cluster-outside-static-routes) below.
-
-<a id="voltstack-cluster-site-local-network"></a>&#x2022; [`site_local_network`](#voltstack-cluster-site-local-network) - Optional Block<br>GCP VPC network choice. This defines choice about GCP VPC network for a view<br>See [Site Local Network](#voltstack-cluster-site-local-network) below.
-
-<a id="voltstack-cluster-site-local-subnet"></a>&#x2022; [`site_local_subnet`](#voltstack-cluster-site-local-subnet) - Optional Block<br>GCP VPC network choice. This defines choice about GCP VPC network for a view<br>See [Site Local Subnet](#voltstack-cluster-site-local-subnet) below.
-
-<a id="public-ip-8ed01a"></a>&#x2022; [`sm_connection_public_ip`](#public-ip-8ed01a) - Optional Block<br>Enable this option
-
-<a id="voltstack-cluster-sm-connection-pvt-ip"></a>&#x2022; [`sm_connection_pvt_ip`](#voltstack-cluster-sm-connection-pvt-ip) - Optional Block<br>Enable this option
-
-<a id="voltstack-cluster-storage-class-list"></a>&#x2022; [`storage_class_list`](#voltstack-cluster-storage-class-list) - Optional Block<br>Custom Storage Class List. Add additional custom storage classes in Kubernetes for this site<br>See [Storage Class List](#voltstack-cluster-storage-class-list) below.
-
-#### Voltstack Cluster Active Enhanced Firewall Policies
-
-An [`active_enhanced_firewall_policies`](#policies-a80edf) block (within [`voltstack_cluster`](#voltstack-cluster)) supports the following:
-
-<a id="policies-49239d"></a>&#x2022; [`enhanced_firewall_policies`](#policies-49239d) - Optional Block<br>Enhanced Firewall Policy. Ordered List of Enhanced Firewall Policies active<br>See [Enhanced Firewall Policies](#policies-49239d) below.
-
-#### Voltstack Cluster Active Enhanced Firewall Policies Enhanced Firewall Policies
-
-<a id="deep-bf6f5b"></a>Deeply nested **Policies** block collapsed for readability.
-
-#### Voltstack Cluster Active Forward Proxy Policies
-
-An [`active_forward_proxy_policies`](#policies-91541d) block (within [`voltstack_cluster`](#voltstack-cluster)) supports the following:
-
-<a id="policies-e4aa24"></a>&#x2022; [`forward_proxy_policies`](#policies-e4aa24) - Optional Block<br>Forward Proxy Policies. Ordered List of Forward Proxy Policies active<br>See [Forward Proxy Policies](#policies-e4aa24) below.
-
-#### Voltstack Cluster Active Forward Proxy Policies Forward Proxy Policies
-
-<a id="deep-73e925"></a>Deeply nested **Policies** block collapsed for readability.
-
-#### Voltstack Cluster Active Network Policies
-
-An [`active_network_policies`](#policies-704e06) block (within [`voltstack_cluster`](#voltstack-cluster)) supports the following:
-
-<a id="policies-0d13f8"></a>&#x2022; [`network_policies`](#policies-0d13f8) - Optional Block<br>Firewall Policy. Ordered List of Firewall Policies active for this network firewall<br>See [Network Policies](#policies-0d13f8) below.
-
-#### Voltstack Cluster Active Network Policies Network Policies
-
-A [`network_policies`](#policies-0d13f8) block (within [`voltstack_cluster.active_network_policies`](#policies-704e06)) supports the following:
-
-<a id="name-77e23a"></a>&#x2022; [`name`](#name-77e23a) - Optional String<br>Name. When a configuration object(e.g. Virtual_host) refers to another(e.g route) then name will hold the referred object's(e.g. Route's) name
-
-<a id="namespace-a545c4"></a>&#x2022; [`namespace`](#namespace-a545c4) - Optional String<br>Namespace. When a configuration object(e.g. Virtual_host) refers to another(e.g route) then namespace will hold the referred object's(e.g. Route's) namespace
-
-<a id="tenant-fa44e1"></a>&#x2022; [`tenant`](#tenant-fa44e1) - Optional String<br>Tenant. When a configuration object(e.g. Virtual_host) refers to another(e.g route) then tenant will hold the referred object's(e.g. Route's) tenant
-
-#### Voltstack Cluster Dc Cluster Group
-
-A [`dc_cluster_group`](#voltstack-cluster-dc-cluster-group) block (within [`voltstack_cluster`](#voltstack-cluster)) supports the following:
-
-<a id="voltstack-cluster-dc-cluster-group-name"></a>&#x2022; [`name`](#voltstack-cluster-dc-cluster-group-name) - Optional String<br>Name. When a configuration object(e.g. Virtual_host) refers to another(e.g route) then name will hold the referred object's(e.g. Route's) name
-
-<a id="namespace-e43a60"></a>&#x2022; [`namespace`](#namespace-e43a60) - Optional String<br>Namespace. When a configuration object(e.g. Virtual_host) refers to another(e.g route) then namespace will hold the referred object's(e.g. Route's) namespace
-
-<a id="tenant-597aab"></a>&#x2022; [`tenant`](#tenant-597aab) - Optional String<br>Tenant. When a configuration object(e.g. Virtual_host) refers to another(e.g route) then tenant will hold the referred object's(e.g. Route's) tenant
-
-#### Voltstack Cluster Global Network List
-
-A [`global_network_list`](#voltstack-cluster-global-network-list) block (within [`voltstack_cluster`](#voltstack-cluster)) supports the following:
-
-<a id="connections-8e8842"></a>&#x2022; [`global_network_connections`](#connections-8e8842) - Optional Block<br>Global Network Connections. Global network connections<br>See [Global Network Connections](#connections-8e8842) below.
-
-#### Voltstack Cluster Global Network List Global Network Connections
-
-<a id="deep-974094"></a>Deeply nested **Connections** block collapsed for readability.
-
-#### Voltstack Cluster Global Network List Global Network Connections SLI To Global DR
-
-<a id="deep-8abeaa"></a>Deeply nested **DR** block collapsed for readability.
-
-#### Voltstack Cluster Global Network List Global Network Connections SLI To Global DR Global Vn
-
-<a id="deep-44dfa7"></a>Deeply nested **Vn** block collapsed for readability.
-
-#### Voltstack Cluster Global Network List Global Network Connections Slo To Global DR
-
-<a id="deep-a8283c"></a>Deeply nested **DR** block collapsed for readability.
-
-#### Voltstack Cluster Global Network List Global Network Connections Slo To Global DR Global Vn
-
-<a id="deep-3168f1"></a>Deeply nested **Vn** block collapsed for readability.
-
-#### Voltstack Cluster K8S Cluster
-
-A [`k8s_cluster`](#voltstack-cluster-k8s-cluster) block (within [`voltstack_cluster`](#voltstack-cluster)) supports the following:
-
-<a id="voltstack-cluster-k8s-cluster-name"></a>&#x2022; [`name`](#voltstack-cluster-k8s-cluster-name) - Optional String<br>Name. When a configuration object(e.g. Virtual_host) refers to another(e.g route) then name will hold the referred object's(e.g. Route's) name
-
-<a id="voltstack-cluster-k8s-cluster-namespace"></a>&#x2022; [`namespace`](#voltstack-cluster-k8s-cluster-namespace) - Optional String<br>Namespace. When a configuration object(e.g. Virtual_host) refers to another(e.g route) then namespace will hold the referred object's(e.g. Route's) namespace
-
-<a id="voltstack-cluster-k8s-cluster-tenant"></a>&#x2022; [`tenant`](#voltstack-cluster-k8s-cluster-tenant) - Optional String<br>Tenant. When a configuration object(e.g. Virtual_host) refers to another(e.g route) then tenant will hold the referred object's(e.g. Route's) tenant
-
-#### Voltstack Cluster Outside Static Routes
-
-An [`outside_static_routes`](#voltstack-cluster-outside-static-routes) block (within [`voltstack_cluster`](#voltstack-cluster)) supports the following:
-
-<a id="list-72d88b"></a>&#x2022; [`static_route_list`](#list-72d88b) - Optional Block<br>List of Static Routes. List of Static routes<br>See [Static Route List](#list-72d88b) below.
-
-#### Voltstack Cluster Outside Static Routes Static Route List
-
-<a id="deep-8327ca"></a>Deeply nested **List** block collapsed for readability.
-
-#### Voltstack Cluster Outside Static Routes Static Route List Custom Static Route
-
-<a id="deep-a60273"></a>Deeply nested **Route** block collapsed for readability.
-
-#### Voltstack Cluster Outside Static Routes Static Route List Custom Static Route Nexthop
-
-<a id="deep-9cbea6"></a>Deeply nested **Nexthop** block collapsed for readability.
-
-#### Voltstack Cluster Outside Static Routes Static Route List Custom Static Route Nexthop Interface
-
-<a id="deep-81201b"></a>Deeply nested **Interface** block collapsed for readability.
-
-#### Voltstack Cluster Outside Static Routes Static Route List Custom Static Route Nexthop Nexthop Address
-
-<a id="deep-fe330c"></a>Deeply nested **Address** block collapsed for readability.
-
-#### Voltstack Cluster Outside Static Routes Static Route List Custom Static Route Nexthop Nexthop Address IPv4
-
-<a id="deep-f7834a"></a>Deeply nested **IPv4** block collapsed for readability.
-
-#### Voltstack Cluster Outside Static Routes Static Route List Custom Static Route Nexthop Nexthop Address IPv6
-
-<a id="deep-0d1284"></a>Deeply nested **IPv6** block collapsed for readability.
-
-#### Voltstack Cluster Outside Static Routes Static Route List Custom Static Route Subnets
-
-<a id="deep-626be0"></a>Deeply nested **Subnets** block collapsed for readability.
-
-#### Voltstack Cluster Outside Static Routes Static Route List Custom Static Route Subnets IPv4
-
-<a id="deep-a073ef"></a>Deeply nested **IPv4** block collapsed for readability.
-
-#### Voltstack Cluster Outside Static Routes Static Route List Custom Static Route Subnets IPv6
-
-<a id="deep-85f420"></a>Deeply nested **IPv6** block collapsed for readability.
-
-#### Voltstack Cluster Site Local Network
-
-A [`site_local_network`](#voltstack-cluster-site-local-network) block (within [`voltstack_cluster`](#voltstack-cluster)) supports the following:
-
-<a id="network-231a12"></a>&#x2022; [`existing_network`](#network-231a12) - Optional Block<br>GCP existing VPC network Type. Name of existing VPC network<br>See [Existing Network](#network-231a12) below.
-
-<a id="network-c03c21"></a>&#x2022; [`new_network`](#network-c03c21) - Optional Block<br>GCP VPC Network Manual Parameters. Parameters to create a new GCP VPC Network<br>See [New Network](#network-c03c21) below.
-
-<a id="autogenerate-cd8fd8"></a>&#x2022; [`new_network_autogenerate`](#autogenerate-cd8fd8) - Optional Block<br>GCP VPC Network Autogenerated Parameters. Create a new GCP VPC Network with autogenerated name
-
-#### Voltstack Cluster Site Local Network Existing Network
-
-An [`existing_network`](#network-231a12) block (within [`voltstack_cluster.site_local_network`](#voltstack-cluster-site-local-network)) supports the following:
-
-<a id="name-27b5d6"></a>&#x2022; [`name`](#name-27b5d6) - Optional String<br>GCP VPC Network Name. Name for your GCP VPC Network
-
-#### Voltstack Cluster Site Local Network New Network
-
-A [`new_network`](#network-c03c21) block (within [`voltstack_cluster.site_local_network`](#voltstack-cluster-site-local-network)) supports the following:
-
-<a id="name-52047a"></a>&#x2022; [`name`](#name-52047a) - Optional String<br>GCP VPC Network Name. Name for your GCP VPC Network
-
-#### Voltstack Cluster Site Local Subnet
-
-A [`site_local_subnet`](#voltstack-cluster-site-local-subnet) block (within [`voltstack_cluster`](#voltstack-cluster)) supports the following:
-
-<a id="subnet-73ee4c"></a>&#x2022; [`existing_subnet`](#subnet-73ee4c) - Optional Block<br>GCP existing subnet Type. Name of existing GCP subnet<br>See [Existing Subnet](#subnet-73ee4c) below.
-
-<a id="subnet-52ff72"></a>&#x2022; [`new_subnet`](#subnet-52ff72) - Optional Block<br>GCP subnet parameters Type. Parameters for GCP subnet<br>See [New Subnet](#subnet-52ff72) below.
-
-#### Voltstack Cluster Site Local Subnet Existing Subnet
-
-An [`existing_subnet`](#subnet-73ee4c) block (within [`voltstack_cluster.site_local_subnet`](#voltstack-cluster-site-local-subnet)) supports the following:
-
-<a id="name-c7b494"></a>&#x2022; [`subnet_name`](#name-c7b494) - Optional String<br>VPC Subnet Name. Name of your subnet in VPC network
-
-#### Voltstack Cluster Site Local Subnet New Subnet
-
-A [`new_subnet`](#subnet-52ff72) block (within [`voltstack_cluster.site_local_subnet`](#voltstack-cluster-site-local-subnet)) supports the following:
-
-<a id="ipv4-ac69f3"></a>&#x2022; [`primary_ipv4`](#ipv4-ac69f3) - Optional String<br>IPv4 Subnet Prefix. IPv4 prefix for this Subnet. It has to be private address space
-
-<a id="name-8b6d0c"></a>&#x2022; [`subnet_name`](#name-8b6d0c) - Optional String<br>VPC Subnet Name. Name of new VPC Subnet, will be autogenerated if empty
-
-#### Voltstack Cluster Storage Class List
-
-A [`storage_class_list`](#voltstack-cluster-storage-class-list) block (within [`voltstack_cluster`](#voltstack-cluster)) supports the following:
-
-<a id="classes-3dd6e4"></a>&#x2022; [`storage_classes`](#classes-3dd6e4) - Optional Block<br>List of Storage Classes. List of custom storage classes<br>See [Storage Classes](#classes-3dd6e4) below.
-
-#### Voltstack Cluster Storage Class List Storage Classes
-
-A [`storage_classes`](#classes-3dd6e4) block (within [`voltstack_cluster.storage_class_list`](#voltstack-cluster-storage-class-list)) supports the following:
-
-<a id="class-f2125d"></a>&#x2022; [`default_storage_class`](#class-f2125d) - Optional Bool<br>Default Storage Class. Make this storage class default storage class for the K8S cluster
-
-<a id="name-ca3ca7"></a>&#x2022; [`storage_class_name`](#name-ca3ca7) - Optional String<br>Storage Class Name. Name of the storage class as it will appear in K8S
-
 ---
 
 ## Common Types