@robinmordasiewicz/f5xc-terraform-mcp 3.10.2 → 3.10.4

package/dist/docs/resources/network_policy.md

@@ -2,12 +2,12 @@
 page_title: "f5xc_network_policy Resource - terraform-provider-f5xc"
 subcategory: "Security"
 description: |-
-  Manages network policy rule with configured parameters in specified namespace. in F5 Distributed Cloud.
+  Manages new network policy with configured parameters in specified namespace. in F5 Distributed Cloud.
 ---
 
 # f5xc_network_policy (Resource)
 
-Manages network policy rule with configured parameters in specified namespace. in F5 Distributed Cloud.
+Manages new network policy with configured parameters in specified namespace. in F5 Distributed Cloud.
 
 ~> **Note** For more information about this resource, please refer to the [F5 XC API Documentation](https://docs.cloud.f5.com/docs/api/).
 
@@ -15,7 +15,7 @@ Manages network policy rule with configured parameters in specified namespace. i
 
 ```terraform
 # Network Policy Resource Example
-# Manages network policy rule with configured parameters in specified namespace. in F5 Distributed Cloud.
+# Manages new network policy with configured parameters in specified namespace. in F5 Distributed Cloud.
 
 # Basic Network Policy configuration
 resource "f5xc_network_policy" "example" {
@@ -77,20 +77,9 @@ resource "f5xc_network_policy" "example" {
 
 ### Spec Argument Reference
 
-<a id="action"></a>&#x2022; [`action`](#action) - Optional String  Defaults to `DENY`<br>Possible values are `DENY`, `ALLOW`<br>[Enum: DENY|ALLOW] Network policy rule action configures the action to be taken on rule match Apply deny action on rule match Apply allow action on rule match
+<a id="endpoint"></a>&#x2022; [`endpoint`](#endpoint) - Optional Block<br>Shape of the endpoint choices for a view<br>See [Endpoint](#endpoint) below for details.
 
-<a id="advanced-action"></a>&#x2022; [`advanced_action`](#advanced-action) - Optional Block<br>Network Policy Rule Advanced Action provides additional OPTIONS along with RuleAction and PBRRuleAction<br>See [Advanced Action](#advanced-action) below for details.
-
--> **One of the following:**
-&#x2022; <a id="ip-prefix-set"></a>[`ip_prefix_set`](#ip-prefix-set) - Optional Block<br>List of references to ip_prefix_set objects<br>See [IP Prefix Set](#ip-prefix-set) below for details.
-<br><br>&#x2022; <a id="prefix"></a>[`prefix`](#prefix) - Optional Block<br>List of IP Address prefixes. Prefix must contain both prefix and prefix-length The list can contain mix of both IPv4 and IPv6 prefixes<br>See [Prefix](#prefix) below for details.
-<br><br>&#x2022; <a id="prefix-selector"></a>[`prefix_selector`](#prefix-selector) - Optional Block<br>Type can be used to establish a 'selector reference' from one object(called selector) to a set of other objects(called selectees) based on the value of expresssions. A label selector is a label query over a set of resources. An empty label selector matches all objects<br>See [Prefix Selector](#prefix-selector) below for details.
-
-<a id="label-matcher"></a>&#x2022; [`label_matcher`](#label-matcher) - Optional Block<br>Label matcher specifies a list of label keys whose values need to match for source/client and destination/server. Note that the actual label values are not specified and do not matter. This allows an ability to scope grouping by the label key name<br>See [Label Matcher](#label-matcher) below for details.
-
-<a id="ports"></a>&#x2022; [`ports`](#ports) - Optional List<br>List of port ranges. Each range is a single port or a pair of start and end ports e.g. 8080-8192
-
-<a id="protocol"></a>&#x2022; [`protocol`](#protocol) - Optional String<br>Protocol in IP packet to be used as match criteria Values are TCP, UDP, and ICMP
+<a id="rules"></a>&#x2022; [`rules`](#rules) - Optional Block<br>Rule Choice. Shape of Rule Choice<br>See [Rules](#rules) below for details.
 
 <a id="timeouts"></a>&#x2022; [`timeouts`](#timeouts) - Optional Block<br>See [Timeouts](#timeouts) below for details.
 
@@ -102,49 +91,239 @@ In addition to all arguments above, the following attributes are exported:
 
 ---
 
-#### Advanced Action
+#### Endpoint
+
+An [`endpoint`](#endpoint) block supports the following:
+
+<a id="endpoint-any"></a>&#x2022; [`any`](#endpoint-any) - Optional Block<br>Enable this option
+
+<a id="endpoint-inside-endpoints"></a>&#x2022; [`inside_endpoints`](#endpoint-inside-endpoints) - Optional Block<br>Enable this option
+
+<a id="endpoint-label-selector"></a>&#x2022; [`label_selector`](#endpoint-label-selector) - Optional Block<br>Type can be used to establish a 'selector reference' from one object(called selector) to a set of other objects(called selectees) based on the value of expresssions. A label selector is a label query over a set of resources. An empty label selector matches all objects<br>See [Label Selector](#endpoint-label-selector) below.
+
+<a id="endpoint-outside-endpoints"></a>&#x2022; [`outside_endpoints`](#endpoint-outside-endpoints) - Optional Block<br>Enable this option
+
+<a id="endpoint-prefix-list"></a>&#x2022; [`prefix_list`](#endpoint-prefix-list) - Optional Block<br>List of IPv4 prefixes that represent an endpoint<br>See [Prefix List](#endpoint-prefix-list) below.
+
+#### Endpoint Label Selector
+
+A [`label_selector`](#endpoint-label-selector) block (within [`endpoint`](#endpoint)) supports the following:
+
+<a id="endpoint-label-selector-expressions"></a>&#x2022; [`expressions`](#endpoint-label-selector-expressions) - Optional List<br>Expressions contains the Kubernetes style label expression for selections
+
+#### Endpoint Prefix List
+
+A [`prefix_list`](#endpoint-prefix-list) block (within [`endpoint`](#endpoint)) supports the following:
+
+<a id="endpoint-prefix-list-prefixes"></a>&#x2022; [`prefixes`](#endpoint-prefix-list-prefixes) - Optional List<br>List of IPv4 prefixes that represent an endpoint
+
+#### Rules
+
+A [`rules`](#rules) block supports the following:
+
+<a id="rules-egress-rules"></a>&#x2022; [`egress_rules`](#rules-egress-rules) - Optional Block<br>Ordered list of rules applied to connections from policy endpoints<br>See [Egress Rules](#rules-egress-rules) below.
+
+<a id="rules-ingress-rules"></a>&#x2022; [`ingress_rules`](#rules-ingress-rules) - Optional Block<br>Ordered list of rules applied to connections to policy endpoints<br>See [Ingress Rules](#rules-ingress-rules) below.
+
+#### Rules Egress Rules
+
+An [`egress_rules`](#rules-egress-rules) block (within [`rules`](#rules)) supports the following:
+
+<a id="rules-egress-rules-action"></a>&#x2022; [`action`](#rules-egress-rules-action) - Optional String  Defaults to `DENY`<br>Possible values are `DENY`, `ALLOW`<br>[Enum: DENY|ALLOW] Network policy rule action configures the action to be taken on rule match Apply deny action on rule match Apply allow action on rule match
+
+<a id="rules-egress-rules-adv-action"></a>&#x2022; [`adv_action`](#rules-egress-rules-adv-action) - Optional Block<br>Network Policy Rule Advanced Action provides additional OPTIONS along with RuleAction and PBRRuleAction<br>See [Adv Action](#rules-egress-rules-adv-action) below.
+
+<a id="rules-egress-rules-all-tcp-traffic"></a>&#x2022; [`all_tcp_traffic`](#rules-egress-rules-all-tcp-traffic) - Optional Block<br>Enable this option
+
+<a id="rules-egress-rules-all-traffic"></a>&#x2022; [`all_traffic`](#rules-egress-rules-all-traffic) - Optional Block<br>Enable this option
+
+<a id="rules-egress-rules-all-udp-traffic"></a>&#x2022; [`all_udp_traffic`](#rules-egress-rules-all-udp-traffic) - Optional Block<br>Enable this option
+
+<a id="rules-egress-rules-any"></a>&#x2022; [`any`](#rules-egress-rules-any) - Optional Block<br>Enable this option
+
+<a id="rules-egress-rules-applications"></a>&#x2022; [`applications`](#rules-egress-rules-applications) - Optional Block<br>Applications. Application protocols like HTTP, SNMP<br>See [Applications](#rules-egress-rules-applications) below.
+
+<a id="rules-egress-rules-inside-endpoints"></a>&#x2022; [`inside_endpoints`](#rules-egress-rules-inside-endpoints) - Optional Block<br>Enable this option
+
+<a id="rules-egress-rules-ip-prefix-set"></a>&#x2022; [`ip_prefix_set`](#rules-egress-rules-ip-prefix-set) - Optional Block<br>List of references to ip_prefix_set objects<br>See [IP Prefix Set](#rules-egress-rules-ip-prefix-set) below.
+
+<a id="rules-egress-rules-label-matcher"></a>&#x2022; [`label_matcher`](#rules-egress-rules-label-matcher) - Optional Block<br>Label matcher specifies a list of label keys whose values need to match for source/client and destination/server. Note that the actual label values are not specified and do not matter. This allows an ability to scope grouping by the label key name<br>See [Label Matcher](#rules-egress-rules-label-matcher) below.
+
+<a id="rules-egress-rules-label-selector"></a>&#x2022; [`label_selector`](#rules-egress-rules-label-selector) - Optional Block<br>Type can be used to establish a 'selector reference' from one object(called selector) to a set of other objects(called selectees) based on the value of expresssions. A label selector is a label query over a set of resources. An empty label selector matches all objects<br>See [Label Selector](#rules-egress-rules-label-selector) below.
+
+<a id="rules-egress-rules-metadata"></a>&#x2022; [`metadata`](#rules-egress-rules-metadata) - Optional Block<br>MessageMetaType is metadata (common attributes) of a message that only certain messages have. This information is propagated to the metadata of a child object that gets created from the containing message during view processing. The information in this type can be specified by user during create<br>See [Metadata](#rules-egress-rules-metadata) below.
+
+<a id="rules-egress-rules-outside-endpoints"></a>&#x2022; [`outside_endpoints`](#rules-egress-rules-outside-endpoints) - Optional Block<br>Enable this option
+
+<a id="rules-egress-rules-prefix-list"></a>&#x2022; [`prefix_list`](#rules-egress-rules-prefix-list) - Optional Block<br>List of IPv4 prefixes that represent an endpoint<br>See [Prefix List](#rules-egress-rules-prefix-list) below.
+
+<a id="rules-egress-rules-protocol-port-range"></a>&#x2022; [`protocol_port_range`](#rules-egress-rules-protocol-port-range) - Optional Block<br>Protocol and Port. Protocol and Port ranges<br>See [Protocol Port Range](#rules-egress-rules-protocol-port-range) below.
+
+#### Rules Egress Rules Adv Action
+
+An [`adv_action`](#rules-egress-rules-adv-action) block (within [`rules.egress_rules`](#rules-egress-rules)) supports the following:
+
+<a id="rules-egress-rules-adv-action-action"></a>&#x2022; [`action`](#rules-egress-rules-adv-action-action) - Optional String  Defaults to `NOLOG`<br>Possible values are `NOLOG`, `LOG`<br>[Enum: NOLOG|LOG] Choice to choose logging or no logging This works together with option selected via NetworkPolicyRuleAction or any other action specified x-
+
+#### Rules Egress Rules Applications
+
+An [`applications`](#rules-egress-rules-applications) block (within [`rules.egress_rules`](#rules-egress-rules)) supports the following:
+
+<a id="applications-f7c65d"></a>&#x2022; [`applications`](#applications-f7c65d) - Optional List  Defaults to `APPLICATION_HTTP`<br>Possible values are `APPLICATION_HTTP`, `APPLICATION_HTTPS`, `APPLICATION_SNMP`, `APPLICATION_DNS`<br>[Enum: APPLICATION_HTTP|APPLICATION_HTTPS|APPLICATION_SNMP|APPLICATION_DNS] Application Protocols. Application protocols like HTTP, SNMP
+
+#### Rules Egress Rules IP Prefix Set
+
+An [`ip_prefix_set`](#rules-egress-rules-ip-prefix-set) block (within [`rules.egress_rules`](#rules-egress-rules)) supports the following:
+
+<a id="rules-egress-rules-ip-prefix-set-ref"></a>&#x2022; [`ref`](#rules-egress-rules-ip-prefix-set-ref) - Optional Block<br>List of references to ip_prefix_set objects<br>See [Ref](#rules-egress-rules-ip-prefix-set-ref) below.
+
+#### Rules Egress Rules IP Prefix Set Ref
+
+A [`ref`](#rules-egress-rules-ip-prefix-set-ref) block (within [`rules.egress_rules.ip_prefix_set`](#rules-egress-rules-ip-prefix-set)) supports the following:
+
+<a id="kind-6153e0"></a>&#x2022; [`kind`](#kind-6153e0) - Optional String<br>When a configuration object(e.g. Virtual_host) refers to another(e.g route) then kind will hold the referred object's kind (e.g. 'route')
+
+<a id="name-3c4742"></a>&#x2022; [`name`](#name-3c4742) - Optional String<br>When a configuration object(e.g. Virtual_host) refers to another(e.g route) then name will hold the referred object's(e.g. Route's) name
+
+<a id="namespace-f39f97"></a>&#x2022; [`namespace`](#namespace-f39f97) - Optional String<br>When a configuration object(e.g. Virtual_host) refers to another(e.g route) then namespace will hold the referred object's(e.g. Route's) namespace
+
+<a id="tenant-5557c0"></a>&#x2022; [`tenant`](#tenant-5557c0) - Optional String<br>When a configuration object(e.g. Virtual_host) refers to another(e.g route) then tenant will hold the referred object's(e.g. Route's) tenant
+
+<a id="uid-b4cc26"></a>&#x2022; [`uid`](#uid-b4cc26) - Optional String<br>When a configuration object(e.g. Virtual_host) refers to another(e.g route) then uid will hold the referred object's(e.g. Route's) uid
+
+#### Rules Egress Rules Label Matcher
+
+A [`label_matcher`](#rules-egress-rules-label-matcher) block (within [`rules.egress_rules`](#rules-egress-rules)) supports the following:
+
+<a id="rules-egress-rules-label-matcher-keys"></a>&#x2022; [`keys`](#rules-egress-rules-label-matcher-keys) - Optional List<br>The list of label key names that have to match
+
+#### Rules Egress Rules Label Selector
+
+A [`label_selector`](#rules-egress-rules-label-selector) block (within [`rules.egress_rules`](#rules-egress-rules)) supports the following:
+
+<a id="expressions-d57cba"></a>&#x2022; [`expressions`](#expressions-d57cba) - Optional List<br>Expressions contains the Kubernetes style label expression for selections
+
+#### Rules Egress Rules Metadata
+
+A [`metadata`](#rules-egress-rules-metadata) block (within [`rules.egress_rules`](#rules-egress-rules)) supports the following:
+
+<a id="spec-6fe394"></a>&#x2022; [`description_spec`](#spec-6fe394) - Optional String<br>Description. Human readable description
+
+<a id="rules-egress-rules-metadata-name"></a>&#x2022; [`name`](#rules-egress-rules-metadata-name) - Optional String<br>Name of the message. The value of name has to follow DNS-1035 format
+
+#### Rules Egress Rules Prefix List
+
+A [`prefix_list`](#rules-egress-rules-prefix-list) block (within [`rules.egress_rules`](#rules-egress-rules)) supports the following:
+
+<a id="rules-egress-rules-prefix-list-prefixes"></a>&#x2022; [`prefixes`](#rules-egress-rules-prefix-list-prefixes) - Optional List<br>List of IPv4 prefixes that represent an endpoint
+
+#### Rules Egress Rules Protocol Port Range
+
+A [`protocol_port_range`](#rules-egress-rules-protocol-port-range) block (within [`rules.egress_rules`](#rules-egress-rules)) supports the following:
+
+<a id="ranges-ffb05a"></a>&#x2022; [`port_ranges`](#ranges-ffb05a) - Optional List<br>List of port ranges. Each range is a single port or a pair of start and end ports e.g. 8080-8192
+
+<a id="protocol-77c4d7"></a>&#x2022; [`protocol`](#protocol-77c4d7) - Optional String<br>Protocol in IP packet to be used as match criteria Values are TCP, UDP, and ICMP
+
+#### Rules Ingress Rules
+
+An [`ingress_rules`](#rules-ingress-rules) block (within [`rules`](#rules)) supports the following:
+
+<a id="rules-ingress-rules-action"></a>&#x2022; [`action`](#rules-ingress-rules-action) - Optional String  Defaults to `DENY`<br>Possible values are `DENY`, `ALLOW`<br>[Enum: DENY|ALLOW] Network policy rule action configures the action to be taken on rule match Apply deny action on rule match Apply allow action on rule match
+
+<a id="rules-ingress-rules-adv-action"></a>&#x2022; [`adv_action`](#rules-ingress-rules-adv-action) - Optional Block<br>Network Policy Rule Advanced Action provides additional OPTIONS along with RuleAction and PBRRuleAction<br>See [Adv Action](#rules-ingress-rules-adv-action) below.
+
+<a id="rules-ingress-rules-all-tcp-traffic"></a>&#x2022; [`all_tcp_traffic`](#rules-ingress-rules-all-tcp-traffic) - Optional Block<br>Enable this option
+
+<a id="rules-ingress-rules-all-traffic"></a>&#x2022; [`all_traffic`](#rules-ingress-rules-all-traffic) - Optional Block<br>Enable this option
+
+<a id="rules-ingress-rules-all-udp-traffic"></a>&#x2022; [`all_udp_traffic`](#rules-ingress-rules-all-udp-traffic) - Optional Block<br>Enable this option
+
+<a id="rules-ingress-rules-any"></a>&#x2022; [`any`](#rules-ingress-rules-any) - Optional Block<br>Enable this option
+
+<a id="rules-ingress-rules-applications"></a>&#x2022; [`applications`](#rules-ingress-rules-applications) - Optional Block<br>Applications. Application protocols like HTTP, SNMP<br>See [Applications](#rules-ingress-rules-applications) below.
+
+<a id="rules-ingress-rules-inside-endpoints"></a>&#x2022; [`inside_endpoints`](#rules-ingress-rules-inside-endpoints) - Optional Block<br>Enable this option
+
+<a id="rules-ingress-rules-ip-prefix-set"></a>&#x2022; [`ip_prefix_set`](#rules-ingress-rules-ip-prefix-set) - Optional Block<br>List of references to ip_prefix_set objects<br>See [IP Prefix Set](#rules-ingress-rules-ip-prefix-set) below.
+
+<a id="rules-ingress-rules-label-matcher"></a>&#x2022; [`label_matcher`](#rules-ingress-rules-label-matcher) - Optional Block<br>Label matcher specifies a list of label keys whose values need to match for source/client and destination/server. Note that the actual label values are not specified and do not matter. This allows an ability to scope grouping by the label key name<br>See [Label Matcher](#rules-ingress-rules-label-matcher) below.
+
+<a id="rules-ingress-rules-label-selector"></a>&#x2022; [`label_selector`](#rules-ingress-rules-label-selector) - Optional Block<br>Type can be used to establish a 'selector reference' from one object(called selector) to a set of other objects(called selectees) based on the value of expresssions. A label selector is a label query over a set of resources. An empty label selector matches all objects<br>See [Label Selector](#rules-ingress-rules-label-selector) below.
+
+<a id="rules-ingress-rules-metadata"></a>&#x2022; [`metadata`](#rules-ingress-rules-metadata) - Optional Block<br>MessageMetaType is metadata (common attributes) of a message that only certain messages have. This information is propagated to the metadata of a child object that gets created from the containing message during view processing. The information in this type can be specified by user during create<br>See [Metadata](#rules-ingress-rules-metadata) below.
+
+<a id="rules-ingress-rules-outside-endpoints"></a>&#x2022; [`outside_endpoints`](#rules-ingress-rules-outside-endpoints) - Optional Block<br>Enable this option
+
+<a id="rules-ingress-rules-prefix-list"></a>&#x2022; [`prefix_list`](#rules-ingress-rules-prefix-list) - Optional Block<br>List of IPv4 prefixes that represent an endpoint<br>See [Prefix List](#rules-ingress-rules-prefix-list) below.
+
+<a id="rules-ingress-rules-protocol-port-range"></a>&#x2022; [`protocol_port_range`](#rules-ingress-rules-protocol-port-range) - Optional Block<br>Protocol and Port. Protocol and Port ranges<br>See [Protocol Port Range](#rules-ingress-rules-protocol-port-range) below.
+
+#### Rules Ingress Rules Adv Action
+
+An [`adv_action`](#rules-ingress-rules-adv-action) block (within [`rules.ingress_rules`](#rules-ingress-rules)) supports the following:
+
+<a id="rules-ingress-rules-adv-action-action"></a>&#x2022; [`action`](#rules-ingress-rules-adv-action-action) - Optional String  Defaults to `NOLOG`<br>Possible values are `NOLOG`, `LOG`<br>[Enum: NOLOG|LOG] Choice to choose logging or no logging This works together with option selected via NetworkPolicyRuleAction or any other action specified x-
+
+#### Rules Ingress Rules Applications
+
+An [`applications`](#rules-ingress-rules-applications) block (within [`rules.ingress_rules`](#rules-ingress-rules)) supports the following:
+
+<a id="applications-ada048"></a>&#x2022; [`applications`](#applications-ada048) - Optional List  Defaults to `APPLICATION_HTTP`<br>Possible values are `APPLICATION_HTTP`, `APPLICATION_HTTPS`, `APPLICATION_SNMP`, `APPLICATION_DNS`<br>[Enum: APPLICATION_HTTP|APPLICATION_HTTPS|APPLICATION_SNMP|APPLICATION_DNS] Application Protocols. Application protocols like HTTP, SNMP
+
+#### Rules Ingress Rules IP Prefix Set
+
+An [`ip_prefix_set`](#rules-ingress-rules-ip-prefix-set) block (within [`rules.ingress_rules`](#rules-ingress-rules)) supports the following:
+
+<a id="rules-ingress-rules-ip-prefix-set-ref"></a>&#x2022; [`ref`](#rules-ingress-rules-ip-prefix-set-ref) - Optional Block<br>List of references to ip_prefix_set objects<br>See [Ref](#rules-ingress-rules-ip-prefix-set-ref) below.
+
+#### Rules Ingress Rules IP Prefix Set Ref
+
+A [`ref`](#rules-ingress-rules-ip-prefix-set-ref) block (within [`rules.ingress_rules.ip_prefix_set`](#rules-ingress-rules-ip-prefix-set)) supports the following:
+
+<a id="kind-3a83c1"></a>&#x2022; [`kind`](#kind-3a83c1) - Optional String<br>When a configuration object(e.g. Virtual_host) refers to another(e.g route) then kind will hold the referred object's kind (e.g. 'route')
 
-An [`advanced_action`](#advanced-action) block supports the following:
+<a id="name-c9035f"></a>&#x2022; [`name`](#name-c9035f) - Optional String<br>When a configuration object(e.g. Virtual_host) refers to another(e.g route) then name will hold the referred object's(e.g. Route's) name
 
-<a id="advanced-action-action"></a>&#x2022; [`action`](#advanced-action-action) - Optional String  Defaults to `NOLOG`<br>Possible values are `NOLOG`, `LOG`<br>[Enum: NOLOG|LOG] Choice to choose logging or no logging This works together with option selected via NetworkPolicyRuleAction or any other action specified x-
+<a id="namespace-0b6e5e"></a>&#x2022; [`namespace`](#namespace-0b6e5e) - Optional String<br>When a configuration object(e.g. Virtual_host) refers to another(e.g route) then namespace will hold the referred object's(e.g. Route's) namespace
 
-#### IP Prefix Set
+<a id="tenant-b81c73"></a>&#x2022; [`tenant`](#tenant-b81c73) - Optional String<br>When a configuration object(e.g. Virtual_host) refers to another(e.g route) then tenant will hold the referred object's(e.g. Route's) tenant
 
-An [`ip_prefix_set`](#ip-prefix-set) block supports the following:
+<a id="uid-0be2c4"></a>&#x2022; [`uid`](#uid-0be2c4) - Optional String<br>When a configuration object(e.g. Virtual_host) refers to another(e.g route) then uid will hold the referred object's(e.g. Route's) uid
 
-<a id="ip-prefix-set-ref"></a>&#x2022; [`ref`](#ip-prefix-set-ref) - Optional Block<br>List of references to ip_prefix_set objects<br>See [Ref](#ip-prefix-set-ref) below.
+#### Rules Ingress Rules Label Matcher
 
-#### IP Prefix Set Ref
+A [`label_matcher`](#rules-ingress-rules-label-matcher) block (within [`rules.ingress_rules`](#rules-ingress-rules)) supports the following:
 
-A [`ref`](#ip-prefix-set-ref) block (within [`ip_prefix_set`](#ip-prefix-set)) supports the following:
+<a id="rules-ingress-rules-label-matcher-keys"></a>&#x2022; [`keys`](#rules-ingress-rules-label-matcher-keys) - Optional List<br>The list of label key names that have to match
 
-<a id="ip-prefix-set-ref-kind"></a>&#x2022; [`kind`](#ip-prefix-set-ref-kind) - Optional String<br>When a configuration object(e.g. Virtual_host) refers to another(e.g route) then kind will hold the referred object's kind (e.g. 'route')
+#### Rules Ingress Rules Label Selector
 
-<a id="ip-prefix-set-ref-name"></a>&#x2022; [`name`](#ip-prefix-set-ref-name) - Optional String<br>When a configuration object(e.g. Virtual_host) refers to another(e.g route) then name will hold the referred object's(e.g. Route's) name
+A [`label_selector`](#rules-ingress-rules-label-selector) block (within [`rules.ingress_rules`](#rules-ingress-rules)) supports the following:
 
-<a id="ip-prefix-set-ref-namespace"></a>&#x2022; [`namespace`](#ip-prefix-set-ref-namespace) - Optional String<br>When a configuration object(e.g. Virtual_host) refers to another(e.g route) then namespace will hold the referred object's(e.g. Route's) namespace
+<a id="expressions-151d69"></a>&#x2022; [`expressions`](#expressions-151d69) - Optional List<br>Expressions contains the Kubernetes style label expression for selections
 
-<a id="ip-prefix-set-ref-tenant"></a>&#x2022; [`tenant`](#ip-prefix-set-ref-tenant) - Optional String<br>When a configuration object(e.g. Virtual_host) refers to another(e.g route) then tenant will hold the referred object's(e.g. Route's) tenant
+#### Rules Ingress Rules Metadata
 
-<a id="ip-prefix-set-ref-uid"></a>&#x2022; [`uid`](#ip-prefix-set-ref-uid) - Optional String<br>When a configuration object(e.g. Virtual_host) refers to another(e.g route) then uid will hold the referred object's(e.g. Route's) uid
+A [`metadata`](#rules-ingress-rules-metadata) block (within [`rules.ingress_rules`](#rules-ingress-rules)) supports the following:
 
-#### Label Matcher
+<a id="spec-3d4978"></a>&#x2022; [`description_spec`](#spec-3d4978) - Optional String<br>Description. Human readable description
 
-A [`label_matcher`](#label-matcher) block supports the following:
+<a id="rules-ingress-rules-metadata-name"></a>&#x2022; [`name`](#rules-ingress-rules-metadata-name) - Optional String<br>Name of the message. The value of name has to follow DNS-1035 format
 
-<a id="label-matcher-keys"></a>&#x2022; [`keys`](#label-matcher-keys) - Optional List<br>The list of label key names that have to match
+#### Rules Ingress Rules Prefix List
 
-#### Prefix
+A [`prefix_list`](#rules-ingress-rules-prefix-list) block (within [`rules.ingress_rules`](#rules-ingress-rules)) supports the following:
 
-A [`prefix`](#prefix) block supports the following:
+<a id="prefixes-89e9a7"></a>&#x2022; [`prefixes`](#prefixes-89e9a7) - Optional List<br>List of IPv4 prefixes that represent an endpoint
 
-<a id="prefix-prefix"></a>&#x2022; [`prefix`](#prefix-prefix) - Optional List<br>IP Address prefix in string format. String must contain both prefix and prefix-length
+#### Rules Ingress Rules Protocol Port Range
 
-#### Prefix Selector
+A [`protocol_port_range`](#rules-ingress-rules-protocol-port-range) block (within [`rules.ingress_rules`](#rules-ingress-rules)) supports the following:
 
-A [`prefix_selector`](#prefix-selector) block supports the following:
+<a id="ranges-86d162"></a>&#x2022; [`port_ranges`](#ranges-86d162) - Optional List<br>List of port ranges. Each range is a single port or a pair of start and end ports e.g. 8080-8192
 
-<a id="prefix-selector-expressions"></a>&#x2022; [`expressions`](#prefix-selector-expressions) - Optional List<br>Expressions contains the Kubernetes style label expression for selections
+<a id="protocol-a45394"></a>&#x2022; [`protocol`](#protocol-a45394) - Optional String<br>Protocol in IP packet to be used as match criteria Values are TCP, UDP, and ICMP
 
 #### Timeouts
 

package/dist/docs/resources/network_policy_view.md

@@ -40,7 +40,7 @@ resource "f5xc_network_policy_view" "example" {
   adv_action {
     # Configure adv_action settings
   }
-  # Can be used for messages where no values are needed.
+  # Enable this option
   all_tcp_traffic {
     # Configure all_tcp_traffic settings
   }
@@ -90,17 +90,17 @@ An [`egress_rules`](#egress-rules) block supports the following:
 
 <a id="egress-rules-adv-action"></a>&#x2022; [`adv_action`](#egress-rules-adv-action) - Optional Block<br>Network Policy Rule Advanced Action provides additional OPTIONS along with RuleAction and PBRRuleAction<br>See [Adv Action](#egress-rules-adv-action) below.
 
-<a id="egress-rules-all-tcp-traffic"></a>&#x2022; [`all_tcp_traffic`](#egress-rules-all-tcp-traffic) - Optional Block<br>Can be used for messages where no values are needed
+<a id="egress-rules-all-tcp-traffic"></a>&#x2022; [`all_tcp_traffic`](#egress-rules-all-tcp-traffic) - Optional Block<br>Enable this option
 
-<a id="egress-rules-all-traffic"></a>&#x2022; [`all_traffic`](#egress-rules-all-traffic) - Optional Block<br>Can be used for messages where no values are needed
+<a id="egress-rules-all-traffic"></a>&#x2022; [`all_traffic`](#egress-rules-all-traffic) - Optional Block<br>Enable this option
 
-<a id="egress-rules-all-udp-traffic"></a>&#x2022; [`all_udp_traffic`](#egress-rules-all-udp-traffic) - Optional Block<br>Can be used for messages where no values are needed
+<a id="egress-rules-all-udp-traffic"></a>&#x2022; [`all_udp_traffic`](#egress-rules-all-udp-traffic) - Optional Block<br>Enable this option
 
-<a id="egress-rules-any"></a>&#x2022; [`any`](#egress-rules-any) - Optional Block<br>Can be used for messages where no values are needed
+<a id="egress-rules-any"></a>&#x2022; [`any`](#egress-rules-any) - Optional Block<br>Enable this option
 
 <a id="egress-rules-applications"></a>&#x2022; [`applications`](#egress-rules-applications) - Optional Block<br>Applications. Application protocols like HTTP, SNMP<br>See [Applications](#egress-rules-applications) below.
 
-<a id="egress-rules-inside-endpoints"></a>&#x2022; [`inside_endpoints`](#egress-rules-inside-endpoints) - Optional Block<br>Can be used for messages where no values are needed
+<a id="egress-rules-inside-endpoints"></a>&#x2022; [`inside_endpoints`](#egress-rules-inside-endpoints) - Optional Block<br>Enable this option
 
 <a id="egress-rules-ip-prefix-set"></a>&#x2022; [`ip_prefix_set`](#egress-rules-ip-prefix-set) - Optional Block<br>List of references to ip_prefix_set objects<br>See [IP Prefix Set](#egress-rules-ip-prefix-set) below.
 
@@ -110,7 +110,7 @@ An [`egress_rules`](#egress-rules) block supports the following:
 
 <a id="egress-rules-metadata"></a>&#x2022; [`metadata`](#egress-rules-metadata) - Optional Block<br>MessageMetaType is metadata (common attributes) of a message that only certain messages have. This information is propagated to the metadata of a child object that gets created from the containing message during view processing. The information in this type can be specified by user during create<br>See [Metadata](#egress-rules-metadata) below.
 
-<a id="egress-rules-outside-endpoints"></a>&#x2022; [`outside_endpoints`](#egress-rules-outside-endpoints) - Optional Block<br>Can be used for messages where no values are needed
+<a id="egress-rules-outside-endpoints"></a>&#x2022; [`outside_endpoints`](#egress-rules-outside-endpoints) - Optional Block<br>Enable this option
 
 <a id="egress-rules-prefix-list"></a>&#x2022; [`prefix_list`](#egress-rules-prefix-list) - Optional Block<br>List of IPv4 prefixes that represent an endpoint<br>See [Prefix List](#egress-rules-prefix-list) below.
 
@@ -186,13 +186,13 @@ A [`protocol_port_range`](#egress-rules-protocol-port-range) block (within [`egr
 
 An [`endpoint`](#endpoint) block supports the following:
 
-<a id="endpoint-any"></a>&#x2022; [`any`](#endpoint-any) - Optional Block<br>Can be used for messages where no values are needed
+<a id="endpoint-any"></a>&#x2022; [`any`](#endpoint-any) - Optional Block<br>Enable this option
 
-<a id="endpoint-inside-endpoints"></a>&#x2022; [`inside_endpoints`](#endpoint-inside-endpoints) - Optional Block<br>Can be used for messages where no values are needed
+<a id="endpoint-inside-endpoints"></a>&#x2022; [`inside_endpoints`](#endpoint-inside-endpoints) - Optional Block<br>Enable this option
 
 <a id="endpoint-label-selector"></a>&#x2022; [`label_selector`](#endpoint-label-selector) - Optional Block<br>Type can be used to establish a 'selector reference' from one object(called selector) to a set of other objects(called selectees) based on the value of expresssions. A label selector is a label query over a set of resources. An empty label selector matches all objects<br>See [Label Selector](#endpoint-label-selector) below.
 
-<a id="endpoint-outside-endpoints"></a>&#x2022; [`outside_endpoints`](#endpoint-outside-endpoints) - Optional Block<br>Can be used for messages where no values are needed
+<a id="endpoint-outside-endpoints"></a>&#x2022; [`outside_endpoints`](#endpoint-outside-endpoints) - Optional Block<br>Enable this option
 
 <a id="endpoint-prefix-list"></a>&#x2022; [`prefix_list`](#endpoint-prefix-list) - Optional Block<br>List of IPv4 prefixes that represent an endpoint<br>See [Prefix List](#endpoint-prefix-list) below.
 
@@ -216,17 +216,17 @@ An [`ingress_rules`](#ingress-rules) block supports the following:
 
 <a id="ingress-rules-adv-action"></a>&#x2022; [`adv_action`](#ingress-rules-adv-action) - Optional Block<br>Network Policy Rule Advanced Action provides additional OPTIONS along with RuleAction and PBRRuleAction<br>See [Adv Action](#ingress-rules-adv-action) below.
 
-<a id="ingress-rules-all-tcp-traffic"></a>&#x2022; [`all_tcp_traffic`](#ingress-rules-all-tcp-traffic) - Optional Block<br>Can be used for messages where no values are needed
+<a id="ingress-rules-all-tcp-traffic"></a>&#x2022; [`all_tcp_traffic`](#ingress-rules-all-tcp-traffic) - Optional Block<br>Enable this option
 
-<a id="ingress-rules-all-traffic"></a>&#x2022; [`all_traffic`](#ingress-rules-all-traffic) - Optional Block<br>Can be used for messages where no values are needed
+<a id="ingress-rules-all-traffic"></a>&#x2022; [`all_traffic`](#ingress-rules-all-traffic) - Optional Block<br>Enable this option
 
-<a id="ingress-rules-all-udp-traffic"></a>&#x2022; [`all_udp_traffic`](#ingress-rules-all-udp-traffic) - Optional Block<br>Can be used for messages where no values are needed
+<a id="ingress-rules-all-udp-traffic"></a>&#x2022; [`all_udp_traffic`](#ingress-rules-all-udp-traffic) - Optional Block<br>Enable this option
 
-<a id="ingress-rules-any"></a>&#x2022; [`any`](#ingress-rules-any) - Optional Block<br>Can be used for messages where no values are needed
+<a id="ingress-rules-any"></a>&#x2022; [`any`](#ingress-rules-any) - Optional Block<br>Enable this option
 
 <a id="ingress-rules-applications"></a>&#x2022; [`applications`](#ingress-rules-applications) - Optional Block<br>Applications. Application protocols like HTTP, SNMP<br>See [Applications](#ingress-rules-applications) below.
 
-<a id="ingress-rules-inside-endpoints"></a>&#x2022; [`inside_endpoints`](#ingress-rules-inside-endpoints) - Optional Block<br>Can be used for messages where no values are needed
+<a id="ingress-rules-inside-endpoints"></a>&#x2022; [`inside_endpoints`](#ingress-rules-inside-endpoints) - Optional Block<br>Enable this option
 
 <a id="ingress-rules-ip-prefix-set"></a>&#x2022; [`ip_prefix_set`](#ingress-rules-ip-prefix-set) - Optional Block<br>List of references to ip_prefix_set objects<br>See [IP Prefix Set](#ingress-rules-ip-prefix-set) below.
 
@@ -236,7 +236,7 @@ An [`ingress_rules`](#ingress-rules) block supports the following:
 
 <a id="ingress-rules-metadata"></a>&#x2022; [`metadata`](#ingress-rules-metadata) - Optional Block<br>MessageMetaType is metadata (common attributes) of a message that only certain messages have. This information is propagated to the metadata of a child object that gets created from the containing message during view processing. The information in this type can be specified by user during create<br>See [Metadata](#ingress-rules-metadata) below.
 
-<a id="ingress-rules-outside-endpoints"></a>&#x2022; [`outside_endpoints`](#ingress-rules-outside-endpoints) - Optional Block<br>Can be used for messages where no values are needed
+<a id="ingress-rules-outside-endpoints"></a>&#x2022; [`outside_endpoints`](#ingress-rules-outside-endpoints) - Optional Block<br>Enable this option
 
 <a id="ingress-rules-prefix-list"></a>&#x2022; [`prefix_list`](#ingress-rules-prefix-list) - Optional Block<br>List of IPv4 prefixes that represent an endpoint<br>See [Prefix List](#ingress-rules-prefix-list) below.
 

package/dist/docs/resources/nfv_service.md

@@ -67,10 +67,10 @@ resource "f5xc_nfv_service" "example" {
 ### Spec Argument Reference
 
 -> **One of the following:**
-&#x2022; <a id="disable-https-management"></a>[`disable_https_management`](#disable-https-management) - Optional Block<br>Can be used for messages where no values are needed
+&#x2022; <a id="disable-https-management"></a>[`disable_https_management`](#disable-https-management) - Optional Block<br>Enable this option
 
 -> **One of the following:**
-&#x2022; <a id="disable-ssh-access"></a>[`disable_ssh_access`](#disable-ssh-access) - Optional Block<br>Can be used for messages where no values are needed
+&#x2022; <a id="disable-ssh-access"></a>[`disable_ssh_access`](#disable-ssh-access) - Optional Block<br>Enable this option
 
 <a id="enabled-ssh-access"></a>&#x2022; [`enabled_ssh_access`](#enabled-ssh-access) - Optional Block<br>SSH based management. SSH based configuration<br>See [Enabled SSH Access](#enabled-ssh-access) below for details.
 
@@ -94,11 +94,11 @@ In addition to all arguments above, the following attributes are exported:
 
 An [`enabled_ssh_access`](#enabled-ssh-access) block supports the following:
 
-<a id="enabled-ssh-access-advertise-on-sli"></a>&#x2022; [`advertise_on_sli`](#enabled-ssh-access-advertise-on-sli) - Optional Block<br>Can be used for messages where no values are needed
+<a id="enabled-ssh-access-advertise-on-sli"></a>&#x2022; [`advertise_on_sli`](#enabled-ssh-access-advertise-on-sli) - Optional Block<br>Enable this option
 
-<a id="enabled-ssh-access-advertise-on-slo"></a>&#x2022; [`advertise_on_slo`](#enabled-ssh-access-advertise-on-slo) - Optional Block<br>Can be used for messages where no values are needed
+<a id="enabled-ssh-access-advertise-on-slo"></a>&#x2022; [`advertise_on_slo`](#enabled-ssh-access-advertise-on-slo) - Optional Block<br>Enable this option
 
-<a id="enabled-ssh-access-advertise-on-slo-sli"></a>&#x2022; [`advertise_on_slo_sli`](#enabled-ssh-access-advertise-on-slo-sli) - Optional Block<br>Can be used for messages where no values are needed
+<a id="enabled-ssh-access-advertise-on-slo-sli"></a>&#x2022; [`advertise_on_slo_sli`](#enabled-ssh-access-advertise-on-slo-sli) - Optional Block<br>Enable this option
 
 <a id="enabled-ssh-access-domain-suffix"></a>&#x2022; [`domain_suffix`](#enabled-ssh-access-domain-suffix) - Optional String<br>Domain suffix will be used along with node name to form the hostname for SSH node management
 
@@ -160,11 +160,11 @@ An [`admin_password`](#f5-big-ip-aws-service-admin-password) block (within [`f5_
 
 An [`endpoint_service`](#f5-big-ip-aws-service-endpoint-service) block (within [`f5_big_ip_aws_service`](#f5-big-ip-aws-service)) supports the following:
 
-<a id="slo-ip-6fccc9"></a>&#x2022; [`advertise_on_slo_ip`](#slo-ip-6fccc9) - Optional Block<br>Can be used for messages where no values are needed
+<a id="slo-ip-6fccc9"></a>&#x2022; [`advertise_on_slo_ip`](#slo-ip-6fccc9) - Optional Block<br>Enable this option
 
-<a id="external-c6878c"></a>&#x2022; [`advertise_on_slo_ip_external`](#external-c6878c) - Optional Block<br>Can be used for messages where no values are needed
+<a id="external-c6878c"></a>&#x2022; [`advertise_on_slo_ip_external`](#external-c6878c) - Optional Block<br>Enable this option
 
-<a id="vip-bf0a34"></a>&#x2022; [`automatic_vip`](#vip-bf0a34) - Optional Block<br>Can be used for messages where no values are needed
+<a id="vip-bf0a34"></a>&#x2022; [`automatic_vip`](#vip-bf0a34) - Optional Block<br>Enable this option
 
 <a id="vip-39201b"></a>&#x2022; [`configured_vip`](#vip-39201b) - Optional String<br>Enter IP address for the default VIP
 
@@ -172,17 +172,17 @@ An [`endpoint_service`](#f5-big-ip-aws-service-endpoint-service) block (within [
 
 <a id="ports-775f61"></a>&#x2022; [`custom_udp_ports`](#ports-775f61) - Optional Block<br>Port Range List. List of port ranges<br>See [Custom UDP Ports](#ports-775f61) below.
 
-<a id="ports-4442b0"></a>&#x2022; [`default_tcp_ports`](#ports-4442b0) - Optional Block<br>Can be used for messages where no values are needed
+<a id="ports-4442b0"></a>&#x2022; [`default_tcp_ports`](#ports-4442b0) - Optional Block<br>Enable this option
 
-<a id="slo-ip-47bf10"></a>&#x2022; [`disable_advertise_on_slo_ip`](#slo-ip-47bf10) - Optional Block<br>Can be used for messages where no values are needed
+<a id="slo-ip-47bf10"></a>&#x2022; [`disable_advertise_on_slo_ip`](#slo-ip-47bf10) - Optional Block<br>Enable this option
 
-<a id="port-926fe7"></a>&#x2022; [`http_port`](#port-926fe7) - Optional Block<br>Can be used for messages where no values are needed
+<a id="port-926fe7"></a>&#x2022; [`http_port`](#port-926fe7) - Optional Block<br>Enable this option
 
-<a id="port-440dce"></a>&#x2022; [`https_port`](#port-440dce) - Optional Block<br>Can be used for messages where no values are needed
+<a id="port-440dce"></a>&#x2022; [`https_port`](#port-440dce) - Optional Block<br>Enable this option
 
-<a id="ports-4d510f"></a>&#x2022; [`no_tcp_ports`](#ports-4d510f) - Optional Block<br>Can be used for messages where no values are needed
+<a id="ports-4d510f"></a>&#x2022; [`no_tcp_ports`](#ports-4d510f) - Optional Block<br>Enable this option
 
-<a id="ports-abc1e4"></a>&#x2022; [`no_udp_ports`](#ports-abc1e4) - Optional Block<br>Can be used for messages where no values are needed
+<a id="ports-abc1e4"></a>&#x2022; [`no_udp_ports`](#ports-abc1e4) - Optional Block<br>Enable this option
 
 #### F5 Big IP AWS Service Endpoint Service Custom TCP Ports
 
@@ -200,7 +200,7 @@ An [`endpoint_service`](#f5-big-ip-aws-service-endpoint-service) block (within [
 
 A [`nodes`](#f5-big-ip-aws-service-nodes) block (within [`f5_big_ip_aws_service`](#f5-big-ip-aws-service)) supports the following:
 
-<a id="prefix-e8faa8"></a>&#x2022; [`automatic_prefix`](#prefix-e8faa8) - Optional Block<br>Can be used for messages where no values are needed
+<a id="prefix-e8faa8"></a>&#x2022; [`automatic_prefix`](#prefix-e8faa8) - Optional Block<br>Enable this option
 
 <a id="f5-big-ip-aws-service-nodes-aws-az-name"></a>&#x2022; [`aws_az_name`](#f5-big-ip-aws-service-nodes-aws-az-name) - Optional String<br>The AWS Availability Zone must be consistent with the AWS Region chosen. Please select an AZ in the same Region as your TGW Site
 
@@ -208,7 +208,7 @@ A [`nodes`](#f5-big-ip-aws-service-nodes) block (within [`f5_big_ip_aws_service`
 
 <a id="f5-big-ip-aws-service-nodes-node-name"></a>&#x2022; [`node_name`](#f5-big-ip-aws-service-nodes-node-name) - Optional String<br>Node Name will be used to assign as hostname to the service
 
-<a id="subnet-2782dc"></a>&#x2022; [`reserved_mgmt_subnet`](#subnet-2782dc) - Optional Block<br>Can be used for messages where no values are needed
+<a id="subnet-2782dc"></a>&#x2022; [`reserved_mgmt_subnet`](#subnet-2782dc) - Optional Block<br>Enable this option
 
 <a id="prefix-53b238"></a>&#x2022; [`tunnel_prefix`](#prefix-53b238) - Optional String<br>Enter IP prefix for the tunnel, it has to be /30
 
@@ -226,7 +226,7 @@ A [`https_management`](#https-management) block supports the following:
 
 <a id="https-management-advertise-on-internet"></a>&#x2022; [`advertise_on_internet`](#https-management-advertise-on-internet) - Optional Block<br>Defines a way to advertise a load balancer on public. If optional public_ip is provided, it will only be advertised on RE sites where that public_ip is available<br>See [Advertise On Internet](#https-management-advertise-on-internet) below.
 
-<a id="vip-00de2c"></a>&#x2022; [`advertise_on_internet_default_vip`](#vip-00de2c) - Optional Block<br>Can be used for messages where no values are needed
+<a id="vip-00de2c"></a>&#x2022; [`advertise_on_internet_default_vip`](#vip-00de2c) - Optional Block<br>Enable this option
 
 <a id="https-management-advertise-on-sli-vip"></a>&#x2022; [`advertise_on_sli_vip`](#https-management-advertise-on-sli-vip) - Optional Block<br>Inline TLS Parameters. Inline TLS parameters<br>See [Advertise On SLI VIP](#https-management-advertise-on-sli-vip) below.
 
@@ -236,7 +236,7 @@ A [`https_management`](#https-management) block supports the following:
 
 <a id="https-management-advertise-on-slo-vip"></a>&#x2022; [`advertise_on_slo_vip`](#https-management-advertise-on-slo-vip) - Optional Block<br>Inline TLS Parameters. Inline TLS parameters<br>See [Advertise On Slo VIP](#https-management-advertise-on-slo-vip) below.
 
-<a id="https-management-default-https-port"></a>&#x2022; [`default_https_port`](#https-management-default-https-port) - Optional Block<br>Can be used for messages where no values are needed
+<a id="https-management-default-https-port"></a>&#x2022; [`default_https_port`](#https-management-default-https-port) - Optional Block<br>Enable this option
 
 <a id="https-management-domain-suffix"></a>&#x2022; [`domain_suffix`](#https-management-domain-suffix) - Optional String<br>Domain suffix will be used along with node name to form URL to access node management
 
@@ -262,7 +262,7 @@ A [`public_ip`](#public-ip-e501cc) block (within [`https_management.advertise_on
 
 An [`advertise_on_sli_vip`](#https-management-advertise-on-sli-vip) block (within [`https_management`](#https-management)) supports the following:
 
-<a id="mtls-1bd8e3"></a>&#x2022; [`no_mtls`](#mtls-1bd8e3) - Optional Block<br>Can be used for messages where no values are needed
+<a id="mtls-1bd8e3"></a>&#x2022; [`no_mtls`](#mtls-1bd8e3) - Optional Block<br>Enable this option
 
 <a id="certificates-5355d7"></a>&#x2022; [`tls_certificates`](#certificates-5355d7) - Optional Block<br>Users can add one or more certificates that share the same set of domains. For example, domain.com and \*.domain.com - but use different signature algorithms<br>See [TLS Certificates](#certificates-5355d7) below.
 
@@ -318,7 +318,7 @@ An [`advertise_on_sli_vip`](#https-management-advertise-on-sli-vip) block (withi
 
 An [`advertise_on_slo_internet_vip`](#vip-6dd6e5) block (within [`https_management`](#https-management)) supports the following:
 
-<a id="mtls-65c4ed"></a>&#x2022; [`no_mtls`](#mtls-65c4ed) - Optional Block<br>Can be used for messages where no values are needed
+<a id="mtls-65c4ed"></a>&#x2022; [`no_mtls`](#mtls-65c4ed) - Optional Block<br>Enable this option
 
 <a id="certificates-748bff"></a>&#x2022; [`tls_certificates`](#certificates-748bff) - Optional Block<br>Users can add one or more certificates that share the same set of domains. For example, domain.com and \*.domain.com - but use different signature algorithms<br>See [TLS Certificates](#certificates-748bff) below.
 
@@ -374,7 +374,7 @@ An [`advertise_on_slo_internet_vip`](#vip-6dd6e5) block (within [`https_manageme
 
 An [`advertise_on_slo_sli`](#https-management-advertise-on-slo-sli) block (within [`https_management`](#https-management)) supports the following:
 
-<a id="mtls-e2f684"></a>&#x2022; [`no_mtls`](#mtls-e2f684) - Optional Block<br>Can be used for messages where no values are needed
+<a id="mtls-e2f684"></a>&#x2022; [`no_mtls`](#mtls-e2f684) - Optional Block<br>Enable this option
 
 <a id="certificates-b923c1"></a>&#x2022; [`tls_certificates`](#certificates-b923c1) - Optional Block<br>Users can add one or more certificates that share the same set of domains. For example, domain.com and \*.domain.com - but use different signature algorithms<br>See [TLS Certificates](#certificates-b923c1) below.
 
@@ -430,7 +430,7 @@ An [`advertise_on_slo_sli`](#https-management-advertise-on-slo-sli) block (withi
 
 An [`advertise_on_slo_vip`](#https-management-advertise-on-slo-vip) block (within [`https_management`](#https-management)) supports the following:
 
-<a id="mtls-476751"></a>&#x2022; [`no_mtls`](#mtls-476751) - Optional Block<br>Can be used for messages where no values are needed
+<a id="mtls-476751"></a>&#x2022; [`no_mtls`](#mtls-476751) - Optional Block<br>Enable this option
 
 <a id="certificates-49cf23"></a>&#x2022; [`tls_certificates`](#certificates-49cf23) - Optional Block<br>Users can add one or more certificates that share the same set of domains. For example, domain.com and \*.domain.com - but use different signature algorithms<br>See [TLS Certificates](#certificates-49cf23) below.
 
@@ -490,13 +490,13 @@ A [`palo_alto_fw_service`](#palo-alto-fw-service) block supports the following:
 
 <a id="palo-alto-fw-service-aws-tgw-site"></a>&#x2022; [`aws_tgw_site`](#palo-alto-fw-service-aws-tgw-site) - Optional Block<br>Type establishes a direct reference from one object(the referrer) to another(the referred). Such a reference is in form of tenant/namespace/name<br>See [AWS TGW Site](#palo-alto-fw-service-aws-tgw-site) below.
 
-<a id="palo-alto-fw-service-disable-panaroma"></a>&#x2022; [`disable_panaroma`](#palo-alto-fw-service-disable-panaroma) - Optional Block<br>Can be used for messages where no values are needed
+<a id="palo-alto-fw-service-disable-panaroma"></a>&#x2022; [`disable_panaroma`](#palo-alto-fw-service-disable-panaroma) - Optional Block<br>Enable this option
 
 <a id="palo-alto-fw-service-instance-type"></a>&#x2022; [`instance_type`](#palo-alto-fw-service-instance-type) - Optional String  Defaults to `PALO_ALTO_FW_AWS_INSTANCE_TYPE_M4_XLARGE`<br>Possible values are `PALO_ALTO_FW_AWS_INSTANCE_TYPE_M4_XLARGE`, `PALO_ALTO_FW_AWS_INSTANCE_TYPE_M4_2XLARGE`, `PALO_ALTO_FW_AWS_INSTANCE_TYPE_M4_4XLARGE`, `PALO_ALTO_FW_AWS_INSTANCE_TYPE_M5_LARGE`, `PALO_ALTO_FW_AWS_INSTANCE_TYPE_M5_XLARGE`, `PALO_ALTO_FW_AWS_INSTANCE_TYPE_M5_2XLARGE`, `PALO_ALTO_FW_AWS_INSTANCE_TYPE_M5_4XLARGE`, `PALO_ALTO_FW_AWS_INSTANCE_TYPE_M5_12XLARGE`, `PALO_ALTO_FW_AWS_INSTANCE_TYPE_M5N_LARGE`, `PALO_ALTO_FW_AWS_INSTANCE_TYPE_M5N_XLARGE`, `PALO_ALTO_FW_AWS_INSTANCE_TYPE_M5N_2XLARGE`, `PALO_ALTO_FW_AWS_INSTANCE_TYPE_M5N_4XLARGE`, `PALO_ALTO_FW_AWS_INSTANCE_TYPE_C4_LARGE`, `PALO_ALTO_FW_AWS_INSTANCE_TYPE_C4_XLARGE`, `PALO_ALTO_FW_AWS_INSTANCE_TYPE_C4_2XLARGE`, `PALO_ALTO_FW_AWS_INSTANCE_TYPE_C4_4XLARGE`, `PALO_ALTO_FW_AWS_INSTANCE_TYPE_C4_8XLARGE`, `PALO_ALTO_FW_AWS_INSTANCE_TYPE_C5_LARGE`, `PALO_ALTO_FW_AWS_INSTANCE_TYPE_C5_XLARGE`, `PALO_ALTO_FW_AWS_INSTANCE_TYPE_C5_2XLARGE`, `PALO_ALTO_FW_AWS_INSTANCE_TYPE_C5_4XLARGE`, `PALO_ALTO_FW_AWS_INSTANCE_TYPE_C5_9XLARGE`, `PALO_ALTO_FW_AWS_INSTANCE_TYPE_C5_18XLARGE`, `PALO_ALTO_FW_AWS_INSTANCE_TYPE_C5N_LARGE`, `PALO_ALTO_FW_AWS_INSTANCE_TYPE_C5N_XLARGE`, `PALO_ALTO_FW_AWS_INSTANCE_TYPE_C5N_2XLARGE`, `PALO_ALTO_FW_AWS_INSTANCE_TYPE_C5N_4XLARGE`, `PALO_ALTO_FW_AWS_INSTANCE_TYPE_C5N_9XLARGE`, `PALO_ALTO_FW_AWS_INSTANCE_TYPE_C5N_18XLARGE`, `PALO_ALTO_FW_AWS_INSTANCE_TYPE_R5_2XLARGE`<br>[Enum: PALO_ALTO_FW_AWS_INSTANCE_TYPE_M4_XLARGE|PALO_ALTO_FW_AWS_INSTANCE_TYPE_M4_2XLARGE|PALO_ALTO_FW_AWS_INSTANCE_TYPE_M4_4XLARGE|PALO_ALTO_FW_AWS_INSTANCE_TYPE_M5_LARGE|PALO_ALTO_FW_AWS_INSTANCE_TYPE_M5_XLARGE|PALO_ALTO_FW_AWS_INSTANCE_TYPE_M5_2XLARGE|PALO_ALTO_FW_AWS_INSTANCE_TYPE_M5_4XLARGE|PALO_ALTO_FW_AWS_INSTANCE_TYPE_M5_12XLARGE|PALO_ALTO_FW_AWS_INSTANCE_TYPE_M5N_LARGE|PALO_ALTO_FW_AWS_INSTANCE_TYPE_M5N_XLARGE|PALO_ALTO_FW_AWS_INSTANCE_TYPE_M5N_2XLARGE|PALO_ALTO_FW_AWS_INSTANCE_TYPE_M5N_4XLARGE|PALO_ALTO_FW_AWS_INSTANCE_TYPE_C4_LARGE|PALO_ALTO_FW_AWS_INSTANCE_TYPE_C4_XLARGE|PALO_ALTO_FW_AWS_INSTANCE_TYPE_C4_2XLARGE|PALO_ALTO_FW_AWS_INSTANCE_TYPE_C4_4XLARGE|PALO_ALTO_FW_AWS_INSTANCE_TYPE_C4_8XLARGE|PALO_ALTO_FW_AWS_INSTANCE_TYPE_C5_LARGE|PALO_ALTO_FW_AWS_INSTANCE_TYPE_C5_XLARGE|PALO_ALTO_FW_AWS_INSTANCE_TYPE_C5_2XLARGE|PALO_ALTO_FW_AWS_INSTANCE_TYPE_C5_4XLARGE|PALO_ALTO_FW_AWS_INSTANCE_TYPE_C5_9XLARGE|PALO_ALTO_FW_AWS_INSTANCE_TYPE_C5_18XLARGE|PALO_ALTO_FW_AWS_INSTANCE_TYPE_C5N_LARGE|PALO_ALTO_FW_AWS_INSTANCE_TYPE_C5N_XLARGE|PALO_ALTO_FW_AWS_INSTANCE_TYPE_C5N_2XLARGE|PALO_ALTO_FW_AWS_INSTANCE_TYPE_C5N_4XLARGE|PALO_ALTO_FW_AWS_INSTANCE_TYPE_C5N_9XLARGE|PALO_ALTO_FW_AWS_INSTANCE_TYPE_C5N_18XLARGE|PALO_ALTO_FW_AWS_INSTANCE_TYPE_R5_2XLARGE] - PALO_ALTO_FW_AWS_INSTANCE_TYPE_M4_XLARGE: m4.xlarge - PALO_ALTO_FW_AWS_INSTANCE_TYPE_M4_2XLARGE: m4.2xlarge - PALO_ALTO_FW_AWS_INSTANCE_TYPE_M4_4XLARGE: m4.4xlarge - PALO_ALTO_FW_AWS_INSTANCE_TYPE_M5_LARGE: m5.large - PALO_ALTO_FW_AWS_INSTANCE_TYPE_M5_XLARGE: m5.xlarge 
 
-<a id="palo-alto-fw-service-pan-ami-bundle1"></a>&#x2022; [`pan_ami_bundle1`](#palo-alto-fw-service-pan-ami-bundle1) - Optional Block<br>Can be used for messages where no values are needed
+<a id="palo-alto-fw-service-pan-ami-bundle1"></a>&#x2022; [`pan_ami_bundle1`](#palo-alto-fw-service-pan-ami-bundle1) - Optional Block<br>Enable this option
 
-<a id="palo-alto-fw-service-pan-ami-bundle2"></a>&#x2022; [`pan_ami_bundle2`](#palo-alto-fw-service-pan-ami-bundle2) - Optional Block<br>Can be used for messages where no values are needed
+<a id="palo-alto-fw-service-pan-ami-bundle2"></a>&#x2022; [`pan_ami_bundle2`](#palo-alto-fw-service-pan-ami-bundle2) - Optional Block<br>Enable this option
 
 <a id="palo-alto-fw-service-panorama-server"></a>&#x2022; [`panorama_server`](#palo-alto-fw-service-panorama-server) - Optional Block<br>Panorama Server Type. Panorama Server Type<br>See [Panorama Server](#palo-alto-fw-service-panorama-server) below.
 
@@ -596,7 +596,7 @@ A [`nodes`](#nodes-b8137e) block (within [`palo_alto_fw_service.service_nodes`](
 
 <a id="name-6e2eb6"></a>&#x2022; [`node_name`](#name-6e2eb6) - Optional String<br>Node Name will be used to assign as hostname to the service
 
-<a id="subnet-52b5ce"></a>&#x2022; [`reserved_mgmt_subnet`](#subnet-52b5ce) - Optional Block<br>Can be used for messages where no values are needed
+<a id="subnet-52b5ce"></a>&#x2022; [`reserved_mgmt_subnet`](#subnet-52b5ce) - Optional Block<br>Enable this option
 
 #### Palo Alto Fw Service Service Nodes Nodes Mgmt Subnet