f5xc_fleet Resource - terraform-provider-f5xc

f5xc_fleet (Resource)

Manages fleet will create a fleet object in ‘system’ namespace of the user. in F5 Distributed Cloud.

~> Note For more information about this resource, please refer to the F5 XC API Documentation.

Example Usage

# Fleet Resource Example
# Manages fleet will create a fleet object in 'system' namespace of the user. in F5 Distributed Cloud.

terraform {
  required_version = ">= 1.0"

  required_providers {
    f5xc = {
      source  = "f5xc-salesdemos/f5xc"
      version = ">= 0.1.0"
    }
  }
}

# Basic Fleet configuration
resource "f5xc_fleet" "example" {
  name      = "example-fleet"
  namespace = "staging"

  labels = {
    environment = "production"
    managed_by  = "terraform"
  }

  annotations = {
    "owner" = "platform-team"
  }

  # Fleet configuration
  fleet_label = "env=production"

  # Network connectors
  inside_virtual_network {
    name      = "inside-network"
    namespace = "staging"
  }

  outside_virtual_network {
    name      = "outside-network"
    namespace = "staging"
  }

  # Default config
  default_config {}
}

Argument Reference

🔶 High Risk Operations — Some operations on this resource have high danger level. Destructive operations may require confirmation.

Metadata Argument Reference

• name - Required String
Name of the Fleet. Must be unique within the namespace

• namespace - Required String
Namespace where the Fleet will be created

• annotations - Optional Map
Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata

• description - Optional String
Human readable description for the object

• disable - Optional Bool
A value of true will administratively disable the object

• labels - Optional Map
Labels is a user defined key value map that can be attached to resources for organization and filtering

Spec Argument Reference

-> One of the following: • allow_all_usb - Optional Block
Configuration parameter for allow all usb

• deny_all_usb - Optional Block
Configuration parameter for deny all usb

• usb_policy - Optional Block
Type establishes a direct reference from one object(the referrer) to another(the referred). Such a reference is in form of tenant/namespace/name

• blocked_services - Optional Block
Disable node local services on this site
See Blocked Services below for details.

-> One of the following: • bond_device_list - Optional Block
Bond Devices List. List of bond devices for this fleet
See Bond Device List below for details.

-> One of the following: • dc_cluster_group - Optional Block
Type establishes a direct reference from one object(the referrer) to another(the referred). Such a reference is in form of tenant/namespace/name
See Dc Cluster Group below for details.

• dc_cluster_group_inside - Optional Block
Type establishes a direct reference from one object(the referrer) to another(the referred). Such a reference is in form of tenant/namespace/name
See Dc Cluster Group Inside below for details.

-> One of the following: • default_config - Optional Block
Enable this option

• device_list - Optional Block
Add device for all interfaces belonging to this fleet
See Device List below for details.

-> One of the following: • default_sriov_interface - Optional Block
Configuration parameter for default sriov interface

-> One of the following: • default_storage_class - Optional Block
Configuration parameter for default storage class

-> One of the following: • disable_gpu - Optional Block
Configuration parameter for disable GPU

• enable_gpu - Optional Block
Enable this option

-> One of the following: • disable_vm - Optional Block
Enable this option

• enable_default_fleet_config_download - Required Bool
Enable default fleet config, It must be set for storage config and GPU config

• enable_vgpu - Optional Block
Licensing configuration for NVIDIA vGPU
See Enable Vgpu below for details.

• enable_vm - Optional Block
VM Configuration. VMs support configuration

• fleet_label - Required String
Fleet_label value is used to create known_label ‘F5 XC/fleet=<fleet_label>’ The known_label is created in the ‘shared’ namespace for the tenant. A virtual_site object with name <fleet_label> is also created in ‘shared’ namespace for tenant. The virtual_site object will select all sites

• inside_virtual_network - Optional Block
Default inside (site local) virtual network for the fleet
See Inside Virtual Network below for details.

• interface_list - Optional Block
Add all interfaces belonging to this fleet
See Interface List below for details.

• kubernetes_upgrade_drain - Optional Block
Specify how worker nodes within a site will be upgraded
See Kubernetes Upgrade Drain below for details.

-> One of the following: • log_receiver - Optional Block
Type establishes a direct reference from one object(the referrer) to another(the referred). Such a reference is in form of tenant/namespace/name
See Log Receiver below for details.

• logs_streaming_disabled - Optional Block
Enable this option

• network_connectors - Optional Block
Network Connector defines connection between two virtual networks in a given site. Fleet defines one or more such network connectors. The network connectors configuration is applied on all sites that are member of the fleet
See Network Connectors below for details.

• network_firewall - Optional Block
Network Firewall defines firewall to be applied for the virtual networks in the fleet. The network firewall configuration is applied on all sites that are member of the fleet. Constraints The Network Firewall is applied on Virtual Networks of type site local network and site local inside network
See Network Firewall below for details.

• no_bond_devices - Optional Block
Configuration parameter for no bond devices

• no_dc_cluster_group - Optional Block
Enable this option

-> One of the following: • no_storage_device - Optional Block
Configuration parameter for no storage device

-> One of the following: • no_storage_interfaces - Optional Block
Configuration parameter for no storage interfaces

-> One of the following: • no_storage_static_routes - Optional Block
Configuration parameter for no storage static routes

• operating_system_version - Required String
Desired Operating System version that is applied to all sites that are member of the fleet. Current Operating System version can be overridden via site config

• outside_virtual_network - Optional Block
Default outside (site local) virtual network for the fleet
See Outside Virtual Network below for details.

• performance_enhancement_mode - Optional Block
Optimize the site for L3 or L7 traffic processing. L7 optimized is the default
See Performance Enhancement Mode below for details.

• sriov_interfaces - Optional Block
List of all custom SR-IOV interfaces configuration
See Sriov Interfaces below for details.

• storage_class_list - Optional Block
Add additional custom storage classes in Kubernetes for this fleet
See Storage Class List below for details.

• storage_device_list - Optional Block
Add additional custom storage classes in Kubernetes for this fleet

• storage_interface_list - Optional Block
Add all interfaces belonging to this fleet

• storage_static_routes - Optional Block
Configuration parameter for storage static routes

• timeouts - Optional Block

• volterra_software_version - Required String
F5XC software version is human readable string matching released set of version components. The given software version is applied to all sites that are member of the fleet. Current software installed can be overridden via site config

Attributes Reference

In addition to all arguments above, the following attributes are exported:

• id - Optional String
Unique identifier for the resource

Blocked Services

A blocked_services block supports the following:

• dns - Optional Block
Enable this option

• network_type - Optional String Defaults to VIRTUAL_NETWORK_SITE_LOCAL
Possible values are VIRTUAL_NETWORK_SITE_LOCAL, VIRTUAL_NETWORK_SITE_LOCAL_INSIDE, VIRTUAL_NETWORK_PER_SITE, VIRTUAL_NETWORK_PUBLIC, VIRTUAL_NETWORK_GLOBAL, VIRTUAL_NETWORK_SITE_SERVICE, VIRTUAL_NETWORK_VER_INTERNAL, VIRTUAL_NETWORK_SITE_LOCAL_INSIDE_OUTSIDE, VIRTUAL_NETWORK_IP_AUTO, VIRTUAL_NETWORK_VOLTADN_PRIVATE_NETWORK, VIRTUAL_NETWORK_SRV6_NETWORK, VIRTUAL_NETWORK_IP_FABRIC, VIRTUAL_NETWORK_SEGMENT, VIRTUAL_NETWORK_MANAGEMENT
[Enum: VIRTUAL_NETWORK_SITE_LOCAL|VIRTUAL_NETWORK_SITE_LOCAL_INSIDE|VIRTUAL_NETWORK_PER_SITE|VIRTUAL_NETWORK_PUBLIC|VIRTUAL_NETWORK_GLOBAL|VIRTUAL_NETWORK_SITE_SERVICE|VIRTUAL_NETWORK_VER_INTERNAL|VIRTUAL_NETWORK_SITE_LOCAL_INSIDE_OUTSIDE|VIRTUAL_NETWORK_IP_AUTO|VIRTUAL_NETWORK_VOLTADN_PRIVATE_NETWORK|VIRTUAL_NETWORK_SRV6_NETWORK|VIRTUAL_NETWORK_IP_FABRIC|VIRTUAL_NETWORK_SEGMENT|VIRTUAL_NETWORK_MANAGEMENT] Different types of virtual networks understood by the system Virtual-network of type VIRTUAL_NETWORK_SITE_LOCAL provides connectivity to public (outside) network. This is an insecure network and is connected to public internet via NAT Gateways/firwalls Virtual-network of this type is local to

• ssh - Optional Block
Enable this option

• web_user_interface - Optional Block
Enable this option

Bond Device List

A bond_device_list block supports the following:

• bond_devices - Optional Block
Bond Devices. List of bond devices
See Bond Devices below.

Bond Device List Bond Devices

A bond_devices block (within bond_device_list) supports the following:

• active_backup - Optional Block
Configuration parameter for active backup

• devices - Optional List
Ethernet devices that will make up this bond

• lacp - Optional Block
LACP parameters. LACP parameters for the bond device
See Lacp below.

• link_polling_interval - Optional Number
Link polling interval in milliseconds

• link_up_delay - Optional Number
Milliseconds wait before link is declared up

• name - Optional String
Name for the Bond. Ex ‘bond0’

Bond Device List Bond Devices Lacp

A lacp block (within bond_device_list.bond_devices) supports the following:

• rate - Optional Number
Interval in seconds to transmit LACP packets

Dc Cluster Group

A dc_cluster_group block supports the following:

• name - Optional String
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then name will hold the referred object’s(e.g. Route’s) name

• namespace - Optional String
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then namespace will hold the referred object’s(e.g. Route’s) namespace

• tenant - Optional String
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then tenant will hold the referred object’s(e.g. Route’s) tenant

Dc Cluster Group Inside

A dc_cluster_group_inside block supports the following:

• name - Optional String
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then name will hold the referred object’s(e.g. Route’s) name

• namespace - Optional String
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then namespace will hold the referred object’s(e.g. Route’s) namespace

• tenant - Optional String
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then tenant will hold the referred object’s(e.g. Route’s) tenant

Device List

A device_list block supports the following:

• devices - Optional Block
Configuration for all devices in the fleet. Examples of devices are - network interfaces, cameras, scanners etc. Configuration a device is applied on VER node if the VER node is member of this fleet and has an corresponding interface/device
See Devices below.

Device List Devices

A devices block (within device_list) supports the following:

• name - Optional String
Name of the device including the unit number (e.g. Eth0 or disk1). The name must match name of device in host-OS of node

• network_device - Optional Block
Represents physical network interface. The ‘interface’ reference points to a Network Interface object. Attributes such as Labels, MTU from Network Interface must be applied to the device
See Network Device below.

• owner - Optional String Defaults to DEVICE_OWNER_INVALID
Possible values are DEVICE_OWNER_INVALID, DEVICE_OWNER_VER, DEVICE_OWNER_VK8S_WORK_LOAD, DEVICE_OWNER_HOST
[Enum: DEVICE_OWNER_INVALID|DEVICE_OWNER_VER|DEVICE_OWNER_VK8S_WORK_LOAD|DEVICE_OWNER_HOST] Defines ownership for a device. Device owner is invalid Device is owned by VER pod. Usually it will be network interface device or accelerator like crypto engine

Device List Devices Network Device

A network_device block (within device_list.devices) supports the following:

• interface - Optional Block
Network Interface attributes for the device. User network interface configuration for this network device. Attributes like labels, MTU from the ‘interface’ are applied to corresponding interface in VER node If network interface refers to a virtual-network, the virtual-netowrk type must be
See Interface below.

• use - Optional String Defaults to NETWORK_INTERFACE_USE_REGULAR
Possible values are NETWORK_INTERFACE_USE_REGULAR, NETWORK_INTERFACE_USE_OUTSIDE, NETWORK_INTERFACE_USE_INSIDE
[Enum: NETWORK_INTERFACE_USE_REGULAR|NETWORK_INTERFACE_USE_OUTSIDE|NETWORK_INTERFACE_USE_INSIDE] Defines how the device is used If networking device is owned by VER, it is available for users to configure as required If networking device is owned by VER, it is included in bootstrap config and member of outside network. If networking device is owned by VER, it is included in bootstrap config

Device List Devices Network Device Interface

An interface block (within device_list.devices.network_device) supports the following:

• kind - Optional String
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then kind will hold the referred object’s kind (e.g. ‘route’)

• name - Optional String
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then name will hold the referred object’s(e.g. Route’s) name

• namespace - Optional String
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then namespace will hold the referred object’s(e.g. Route’s) namespace

• tenant - Optional String
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then tenant will hold the referred object’s(e.g. Route’s) tenant

• uid - Optional String
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then uid will hold the referred object’s(e.g. Route’s) uid

Enable Vgpu

An enable_vgpu block supports the following:

• feature_type - Optional String Defaults to UNLICENSED
Possible values are UNLICENSED, VGPU, VWS, VCS
[Enum: UNLICENSED|VGPU|VWS|VCS] Set feature to be enabled Operate with a degraded vGPU performance Enable NVIDIA vGPU Enable NVIDIA RTX Virtual Workstation Enable NVIDIA Virtual Compute Server

• server_address - Optional String
License Server Address. Set License Server Address

• server_port - Optional Number
License Server Port Number. Set License Server port number

Inside Virtual Network

An inside_virtual_network block supports the following:

• kind - Optional String
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then kind will hold the referred object’s kind (e.g. ‘route’)

• name - Optional String
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then name will hold the referred object’s(e.g. Route’s) name

• namespace - Optional String
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then namespace will hold the referred object’s(e.g. Route’s) namespace

• tenant - Optional String
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then tenant will hold the referred object’s(e.g. Route’s) tenant

• uid - Optional String
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then uid will hold the referred object’s(e.g. Route’s) uid

Interface List

An interface_list block supports the following:

• interfaces - Optional Block
Add all interfaces belonging to this fleet
See Interfaces below.

Interface List Interfaces

An interfaces block (within interface_list) supports the following:

• name - Optional String
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then name will hold the referred object’s(e.g. Route’s) name

• namespace - Optional String
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then namespace will hold the referred object’s(e.g. Route’s) namespace

• tenant - Optional String
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then tenant will hold the referred object’s(e.g. Route’s) tenant

Kubernetes Upgrade Drain

A kubernetes_upgrade_drain block supports the following:

• disable_upgrade_drain - Optional Block
Configuration parameter for disable upgrade drain

• enable_upgrade_drain - Optional Block
Specify batch upgrade settings for worker nodes within a site
See Enable Upgrade Drain below.

Kubernetes Upgrade Drain Enable Upgrade Drain

An enable_upgrade_drain block (within kubernetes_upgrade_drain) supports the following:

• disable_vega_upgrade_mode - Optional Block
Configuration parameter for disable vega upgrade mode

• drain_max_unavailable_node_count - Optional Number
Node Batch Size Count

• drain_node_timeout - Optional Number
Seconds to wait before initiating upgrade on the next set of nodes. Setting it to 0 will wait indefinitely for all services on nodes to be upgraded gracefully before proceeding to the next set of nodes. (Warning: It may block upgrade if services on a node cannot be gracefully upgraded. It is

• enable_vega_upgrade_mode - Optional Block
Configuration parameter for enable vega upgrade mode

Log Receiver

A log_receiver block supports the following:

• name - Optional String
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then name will hold the referred object’s(e.g. Route’s) name

• namespace - Optional String
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then namespace will hold the referred object’s(e.g. Route’s) namespace

• tenant - Optional String
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then tenant will hold the referred object’s(e.g. Route’s) tenant

Network Connectors

A network_connectors block supports the following:

• kind - Optional String
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then kind will hold the referred object’s kind (e.g. ‘route’)

• name - Optional String
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then name will hold the referred object’s(e.g. Route’s) name

• namespace - Optional String
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then namespace will hold the referred object’s(e.g. Route’s) namespace

• tenant - Optional String
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then tenant will hold the referred object’s(e.g. Route’s) tenant

• uid - Optional String
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then uid will hold the referred object’s(e.g. Route’s) uid

Network Firewall

A network_firewall block supports the following:

• kind - Optional String
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then kind will hold the referred object’s kind (e.g. ‘route’)

• name - Optional String
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then name will hold the referred object’s(e.g. Route’s) name

• namespace - Optional String
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then namespace will hold the referred object’s(e.g. Route’s) namespace

• tenant - Optional String
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then tenant will hold the referred object’s(e.g. Route’s) tenant

• uid - Optional String
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then uid will hold the referred object’s(e.g. Route’s) uid

Outside Virtual Network

An outside_virtual_network block supports the following:

• kind - Optional String
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then kind will hold the referred object’s kind (e.g. ‘route’)

• name - Optional String
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then name will hold the referred object’s(e.g. Route’s) name

• namespace - Optional String
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then namespace will hold the referred object’s(e.g. Route’s) namespace

• tenant - Optional String
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then tenant will hold the referred object’s(e.g. Route’s) tenant

• uid - Optional String
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then uid will hold the referred object’s(e.g. Route’s) uid

Performance Enhancement Mode

A performance_enhancement_mode block supports the following:

• perf_mode_l3_enhanced - Optional Block
Configuration parameter for perf mode l3 enhanced
See Perf Mode L3 Enhanced below.

• perf_mode_l7_enhanced - Optional Block
Configuration parameter for perf mode l7 enhanced

Performance Enhancement Mode Perf Mode L3 Enhanced

A perf_mode_l3_enhanced block (within performance_enhancement_mode) supports the following:

• jumbo - Optional Block
Enable this option

• no_jumbo - Optional Block
Enable this option

Sriov Interfaces

A sriov_interfaces block supports the following:

• sriov_interface - Optional Block
Use custom SR-IOV interfaces Configuration
See Sriov Interface below.

Sriov Interfaces Sriov Interface

A sriov_interface block (within sriov_interfaces) supports the following:

• interface_name - Optional String
Name of SR-IOV physical interface

• number_of_vfio_vfs - Optional Number
Number of virtual functions reserved for VNFs and DPDK-based CNFs

• number_of_vfs - Optional Number
Total number of virtual functions

Storage Class List

A storage_class_list block supports the following:

• storage_classes - Optional Block
List of Storage Classes. List of custom storage classes
See Storage Classes below.

Storage Class List Storage Classes

A storage_classes block (within storage_class_list) supports the following:

• advanced_storage_parameters - Optional Block
Advanced Parameters. Map of parameter name and string value

• allow_volume_expansion - Optional Bool
Allow Volume Expansion. Allow volume expansion

• custom_storage - Optional Block
Custom Storage Class allows to insert Kubernetes storageclass definition which will be applied into given site
See Custom Storage below.

• default_storage_class - Optional Bool
Make this storage class default storage class for the K8S cluster

• description_spec - Optional String
Storage Class Description. Description for this storage class

• hpe_storage - Optional Block
Storage class Device configuration for HPE Storage
See Hpe Storage below.

• netapp_trident - Optional Block
Storage class Device configuration for NetApp Trident
See Netapp Trident below.

• pure_service_orchestrator - Optional Block
Storage class Device configuration for Pure Service Orchestrator
See Pure Service Orchestrator below.

• reclaim_policy - Optional String
Policy configuration for this feature

• storage_class_name - Optional String
Name of the storage class as it will appear in K8S

• storage_device - Optional String
Storage device that this class will use. The Device name defined at previous step

Storage Class List Storage Classes Custom Storage

A custom_storage block (within storage_class_list.storage_classes) supports the following:

• yaml - Optional String
Storage Class YAML. K8S YAML for StorageClass

Storage Class List Storage Classes Hpe Storage

A hpe_storage block (within storage_class_list.storage_classes) supports the following:

• allow_mutations - Optional String
Mutation can override specified parameters

• allow_overrides - Optional String
AllowOverrides. PVC can override specified parameters

• dedupe_enabled - Optional Bool
Indicates that the volume should enable deduplication

• description_spec - Optional String
The SecretName parameter is used to identify name of secret to identify backend storage’s auth information

• destroy_on_delete - Optional Bool
Indicates the backing Nimble volume (including snapshots) should be destroyed when the PVC is deleted

• encrypted - Optional Bool
Indicates that the volume should be encrypted

• folder - Optional String
The name of the folder in which to place the volume

• limit_iops - Optional String
LimitIops. The IOPS limit of the volume

• limit_mbps - Optional String
LimitMbps. The IOPS limit of the volume

• performance_policy - Optional String
Policy configuration for this feature

• pool - Optional String
The name of the pool in which to place the volume

• protection_template - Optional String
The name of the performance policy to assign to the volume

• secret_name - Optional String
The SecretName parameter is used to identify name of secret to identify backend storage’s auth information

• secret_namespace - Optional String
The SecretNamespace parameter is used to identify name of namespace where secret resides

• sync_on_detach - Optional Bool
Indicates that a snapshot of the volume should be synced to the replication partner each time it is detached from a node

• thick - Optional Bool
Indicates that the volume should be thick provisioned

Storage Class List Storage Classes Netapp Trident

A netapp_trident block (within storage_class_list.storage_classes) supports the following:

• selector - Optional Block
Using the Selector field, each StorageClass calls out which virtual pool(s) may be used to host a volume. The volume will have the aspects defined in the chosen virtual pool

• storage_pools - Optional String
The storagePools parameter is used to further restrict the set of pools that match any specified attributes

Storage Class List Storage Classes Pure Service Orchestrator

Deeply nested Orchestrator block collapsed for readability.

Storage Device List

A storage_device_list block supports the following:

• storage_devices - Optional Block
List of Storage Devices. List of custom storage devices
See Storage Devices below.

Storage Device List Storage Devices

A storage_devices block (within storage_device_list) supports the following:

• advanced_advanced_parameters - Optional Block
Advanced Parameters. Map of parameter name and string value

• custom_storage - Optional Block
Configuration parameter for custom storage

• hpe_storage - Optional Block
Configuration parameter for hpe storage
See Hpe Storage below.

• netapp_trident - Optional Block
Device configuration for NetApp Trident Storage
See Netapp Trident below.

• pure_service_orchestrator - Optional Block
Device configuration for Pure Storage Service Orchestrator
See Pure Service Orchestrator below.

• storage_device - Optional String
Storage device and device unit

Storage Device List Storage Devices Hpe Storage

A hpe_storage block (within storage_device_list.storage_devices) supports the following:

• api_server_port - Optional Number
Storage server Port. Enter Storage Server Port

• iscsi_chap_password - Optional Block
SecretType is used in an object to indicate a sensitive/confidential field
See iSCSI Chap Password below.

• iscsi_chap_user - Optional String
Chap Username to connect to the HPE storage

• password - Optional Block
SecretType is used in an object to indicate a sensitive/confidential field
See Password below.

• storage_server_ip_address - Optional String
Storage Server IP address. Enter storage server IP address

• storage_server_name - Optional String
Storage Server Name. Enter storage server Name

• username - Optional String
Username to connect to the HPE storage management IP

Storage Device List Storage Devices Hpe Storage iSCSI Chap Password

Deeply nested Password block collapsed for readability.

Storage Device List Storage Devices Hpe Storage iSCSI Chap Password Blindfold Secret Info

Deeply nested Info block collapsed for readability.

Storage Device List Storage Devices Hpe Storage iSCSI Chap Password Clear Secret Info

Deeply nested Info block collapsed for readability.

Storage Device List Storage Devices Hpe Storage Password

Deeply nested Password block collapsed for readability.

Storage Device List Storage Devices Hpe Storage Password Blindfold Secret Info

Deeply nested Info block collapsed for readability.

Storage Device List Storage Devices Hpe Storage Password Clear Secret Info

Deeply nested Info block collapsed for readability.

Storage Device List Storage Devices Netapp Trident

A netapp_trident block (within storage_device_list.storage_devices) supports the following:

• netapp_backend_ontap_nas - Optional Block
Configuration of storage backend for NetApp ONTAP NAS
See Netapp Backend Ontap Nas below.

• netapp_backend_ontap_san - Optional Block
Configuration of storage backend for NetApp ONTAP SAN
See Netapp Backend Ontap San below.

Storage Device List Storage Devices Netapp Trident Netapp Backend Ontap Nas

Deeply nested Nas block collapsed for readability.

Storage Device List Storage Devices Netapp Trident Netapp Backend Ontap Nas Auto Export Cidrs

Deeply nested Cidrs block collapsed for readability.

Storage Device List Storage Devices Netapp Trident Netapp Backend Ontap Nas Client Private Key

Deeply nested Key block collapsed for readability.

Storage Device List Storage Devices Netapp Trident Netapp Backend Ontap Nas Client Private Key Blindfold Secret Info

Deeply nested Info block collapsed for readability.

Storage Device List Storage Devices Netapp Trident Netapp Backend Ontap Nas Client Private Key Clear Secret Info

Deeply nested Info block collapsed for readability.

Storage Device List Storage Devices Netapp Trident Netapp Backend Ontap Nas Password

Deeply nested Password block collapsed for readability.

Storage Device List Storage Devices Netapp Trident Netapp Backend Ontap Nas Password Blindfold Secret Info

Deeply nested Info block collapsed for readability.

Storage Device List Storage Devices Netapp Trident Netapp Backend Ontap Nas Password Clear Secret Info

Deeply nested Info block collapsed for readability.

Storage Device List Storage Devices Netapp Trident Netapp Backend Ontap Nas Storage

Deeply nested Storage block collapsed for readability.

Storage Device List Storage Devices Netapp Trident Netapp Backend Ontap Nas Storage Volume Defaults

Deeply nested Defaults block collapsed for readability.

Storage Device List Storage Devices Netapp Trident Netapp Backend Ontap Nas Volume Defaults

Deeply nested Defaults block collapsed for readability.

Storage Device List Storage Devices Netapp Trident Netapp Backend Ontap San

Deeply nested San block collapsed for readability.

Storage Device List Storage Devices Netapp Trident Netapp Backend Ontap San Client Private Key

Deeply nested Key block collapsed for readability.

Storage Device List Storage Devices Netapp Trident Netapp Backend Ontap San Client Private Key Blindfold Secret Info

Deeply nested Info block collapsed for readability.

Storage Device List Storage Devices Netapp Trident Netapp Backend Ontap San Client Private Key Clear Secret Info

Deeply nested Info block collapsed for readability.

Storage Device List Storage Devices Netapp Trident Netapp Backend Ontap San Password

Deeply nested Password block collapsed for readability.

Storage Device List Storage Devices Netapp Trident Netapp Backend Ontap San Password Blindfold Secret Info

Deeply nested Info block collapsed for readability.

Storage Device List Storage Devices Netapp Trident Netapp Backend Ontap San Password Clear Secret Info

Deeply nested Info block collapsed for readability.

Storage Device List Storage Devices Netapp Trident Netapp Backend Ontap San Storage

Deeply nested Storage block collapsed for readability.

Storage Device List Storage Devices Netapp Trident Netapp Backend Ontap San Storage Volume Defaults

Deeply nested Defaults block collapsed for readability.

Storage Device List Storage Devices Netapp Trident Netapp Backend Ontap San Use Chap

Deeply nested Chap block collapsed for readability.

Storage Device List Storage Devices Netapp Trident Netapp Backend Ontap San Use Chap Chap Initiator Secret

Deeply nested Secret block collapsed for readability.

Storage Device List Storage Devices Netapp Trident Netapp Backend Ontap San Use Chap Chap Initiator Secret Blindfold Secret Info

Deeply nested Info block collapsed for readability.

Storage Device List Storage Devices Netapp Trident Netapp Backend Ontap San Use Chap Chap Initiator Secret Clear Secret Info

Deeply nested Info block collapsed for readability.

Storage Device List Storage Devices Netapp Trident Netapp Backend Ontap San Use Chap Chap Target Initiator Secret

Deeply nested Secret block collapsed for readability.

Storage Device List Storage Devices Netapp Trident Netapp Backend Ontap San Use Chap Chap Target Initiator Secret Blindfold Secret Info

Deeply nested Info block collapsed for readability.

Storage Device List Storage Devices Netapp Trident Netapp Backend Ontap San Use Chap Chap Target Initiator Secret Clear Secret Info

Deeply nested Info block collapsed for readability.

Storage Device List Storage Devices Netapp Trident Netapp Backend Ontap San Volume Defaults

Deeply nested Defaults block collapsed for readability.

Storage Device List Storage Devices Pure Service Orchestrator

Deeply nested Orchestrator block collapsed for readability.

Storage Device List Storage Devices Pure Service Orchestrator Arrays

Deeply nested Arrays block collapsed for readability.

Storage Device List Storage Devices Pure Service Orchestrator Arrays Flash Array

Deeply nested Array block collapsed for readability.

Storage Device List Storage Devices Pure Service Orchestrator Arrays Flash Array Flash Arrays

Deeply nested Arrays block collapsed for readability.

Storage Device List Storage Devices Pure Service Orchestrator Arrays Flash Array Flash Arrays API Token

Deeply nested Token block collapsed for readability.

Storage Device List Storage Devices Pure Service Orchestrator Arrays Flash Array Flash Arrays API Token Blindfold Secret Info

Deeply nested Info block collapsed for readability.

Storage Device List Storage Devices Pure Service Orchestrator Arrays Flash Array Flash Arrays API Token Clear Secret Info

Deeply nested Info block collapsed for readability.

Storage Device List Storage Devices Pure Service Orchestrator Arrays Flash Blade

Deeply nested Blade block collapsed for readability.

Storage Device List Storage Devices Pure Service Orchestrator Arrays Flash Blade Flash Blades

Deeply nested Blades block collapsed for readability.

Storage Device List Storage Devices Pure Service Orchestrator Arrays Flash Blade Flash Blades API Token

Deeply nested Token block collapsed for readability.

Storage Device List Storage Devices Pure Service Orchestrator Arrays Flash Blade Flash Blades API Token Blindfold Secret Info

Deeply nested Info block collapsed for readability.

Storage Device List Storage Devices Pure Service Orchestrator Arrays Flash Blade Flash Blades API Token Clear Secret Info

Deeply nested Info block collapsed for readability.

Storage Interface List

A storage_interface_list block supports the following:

• interfaces - Optional Block
Add all interfaces belonging to this fleet
See Interfaces below.

Storage Interface List Interfaces

An interfaces block (within storage_interface_list) supports the following:

• name - Optional String
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then name will hold the referred object’s(e.g. Route’s) name

• namespace - Optional String
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then namespace will hold the referred object’s(e.g. Route’s) namespace

• tenant - Optional String
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then tenant will hold the referred object’s(e.g. Route’s) tenant

Storage Static Routes

A storage_static_routes block supports the following:

• storage_routes - Optional Block
List of storage static routes
See Storage Routes below.

Storage Static Routes Storage Routes

A storage_routes block (within storage_static_routes) supports the following:

• attrs - Optional List Defaults to ROUTE_ATTR_NO_OP
Possible values are ROUTE_ATTR_NO_OP, ROUTE_ATTR_ADVERTISE, ROUTE_ATTR_INSTALL_HOST, ROUTE_ATTR_INSTALL_FORWARDING, ROUTE_ATTR_MERGE_ONLY
[Enum: ROUTE_ATTR_NO_OP|ROUTE_ATTR_ADVERTISE|ROUTE_ATTR_INSTALL_HOST|ROUTE_ATTR_INSTALL_FORWARDING|ROUTE_ATTR_MERGE_ONLY] List of route attributes associated with the static route

• labels - Optional Block
Add Labels for this Static Route, these labels can be used in network policy

• nexthop - Optional Block
Nexthop. Identifies the next-hop for a route
See Nexthop below.

• subnets - Optional Block
Subnets. List of route prefixes
See Subnets below.

Storage Static Routes Storage Routes Nexthop

A nexthop block (within storage_static_routes.storage_routes) supports the following:

• interface - Optional Block
Nexthop is network interface when type is ‘Network-Interface’
See Interface below.

• nexthop_address - Optional Block
IP Address used to specify an IPv4 or IPv6 address
See Nexthop Address below.

• type - Optional String Defaults to NEXT_HOP_DEFAULT_GATEWAY
Possible values are NEXT_HOP_DEFAULT_GATEWAY, NEXT_HOP_USE_CONFIGURED, NEXT_HOP_NETWORK_INTERFACE
[Enum: NEXT_HOP_DEFAULT_GATEWAY|NEXT_HOP_USE_CONFIGURED|NEXT_HOP_NETWORK_INTERFACE] Defines types of next-hop Use default gateway on the local interface as gateway for route. Assumes there is only one local interface on the virtual network. Use the specified address as nexthop Use the network interface as nexthop Discard nexthop, used when attr type is Advertise Used in VoltADN

Storage Static Routes Storage Routes Nexthop Interface

An interface block (within storage_static_routes.storage_routes.nexthop) supports the following:

• kind - Optional String
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then kind will hold the referred object’s kind (e.g. ‘route’)

• name - Optional String
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then name will hold the referred object’s(e.g. Route’s) name

• namespace - Optional String
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then namespace will hold the referred object’s(e.g. Route’s) namespace

• tenant - Optional String
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then tenant will hold the referred object’s(e.g. Route’s) tenant

• uid - Optional String
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then uid will hold the referred object’s(e.g. Route’s) uid

Storage Static Routes Storage Routes Nexthop Nexthop Address

Deeply nested Address block collapsed for readability.

Storage Static Routes Storage Routes Nexthop Nexthop Address IPv4

Deeply nested IPv4 block collapsed for readability.

Storage Static Routes Storage Routes Nexthop Nexthop Address IPv6

Deeply nested IPv6 block collapsed for readability.

Storage Static Routes Storage Routes Subnets

A subnets block (within storage_static_routes.storage_routes) supports the following:

• ipv4 - Optional Block
IPv4 subnets specified as prefix and prefix-length. Prefix length must be <= 32
See IPv4 below.

• ipv6 - Optional Block
IPv6 subnets specified as prefix and prefix-length. Prefix-legnth must be <= 128
See IPv6 below.

Storage Static Routes Storage Routes Subnets IPv4

An ipv4 block (within storage_static_routes.storage_routes.subnets) supports the following:

• plen - Optional Number
Prefix-length of the IPv4 subnet. Must be <= 32

• prefix - Optional String
Prefix part of the IPv4 subnet in string form with dot-decimal notation

Storage Static Routes Storage Routes Subnets IPv6

An ipv6 block (within storage_static_routes.storage_routes.subnets) supports the following:

• plen - Optional Number
Prefix length of the IPv6 subnet. Must be <= 128

• prefix - Optional String
Prefix part of the IPv6 subnet given in form of string. IPv6 address must be specified as hexadecimal numbers separated by ’:’ e.g. ‘2001:db8:0:0:0:2:0:0’ The address can be compacted by suppressing zeros e.g. ‘2001:db8::2::‘

Timeouts

A timeouts block supports the following:

• create - Optional String (Defaults to 10 minutes)
Used when creating the resource

• delete - Optional String (Defaults to 10 minutes)
Used when deleting the resource

• read - Optional String (Defaults to 5 minutes)
Used when retrieving the resource

• update - Optional String (Defaults to 10 minutes)
Used when updating the resource

Usb Policy

An usb_policy block supports the following:

• name - Optional String
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then name will hold the referred object’s(e.g. Route’s) name

• namespace - Optional String
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then namespace will hold the referred object’s(e.g. Route’s) namespace

• tenant - Optional String
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then tenant will hold the referred object’s(e.g. Route’s) tenant

Common Types

The following type definitions are used throughout this resource. See the full definition here rather than repeated inline.

Object Reference {#common-object-reference}

Object references establish a direct reference from one configuration object to another in F5 Distributed Cloud. References use the format tenant/namespace/name.

Field	Type	Description
`name`	String	Name of the referenced object
`namespace`	String	Namespace containing the referenced object
`tenant`	String	Tenant of the referenced object (system-managed)

Transformers {#common-transformers}

Transformers apply transformations to input values before matching. Multiple transformers can be applied in order.

Value	Description
`LOWER_CASE`	Convert to lowercase
`UPPER_CASE`	Convert to uppercase
`BASE64_DECODE`	Decodebase64 content
`NORMALIZE_PATH`	Normalize URL path
`REMOVE_WHITESPACE`	Remove whitespace characters
`URL_DECODE`	Decode URL-encoded characters
`TRIM_LEFT`	Trim leading whitespace
`TRIM_RIGHT`	Trim trailing whitespace
`TRIM`	Trim both leading and trailing whitespace

HTTP Methods {#common-http-methods}

HTTP methods used for request matching.

Value	Description
`ANY`	Match any HTTP method
`GET`	HTTP GET request
`HEAD`	HTTP HEAD request
`POST`	HTTP POST request
`PUT`	HTTP PUT request
`DELETE`	HTTP DELETE request
`CONNECT`	HTTP CONNECT request
`OPTIONS`	HTTP OPTIONS request
`TRACE`	HTTP TRACE request
`PATCH`	HTTP PATCH request
`COPY`	HTTP COPY request (WebDAV)

TLS Fingerprints {#common-tls-fingerprints}

TLS fingerprint categories for malicious client detection.

Value	Description
`TLS_FINGERPRINT_NONE`	No fingerprint matching
`ANY_MALICIOUS_FINGERPRINT`	Match any known malicious fingerprint
`ADWARE`	Adware-associated fingerprints
`DRIDEX`	Dridex malware fingerprints
`GOOTKIT`	Gootkit malware fingerprints
`RANSOMWARE`	Ransomware-associated fingerprints
`TRICKBOT`	Trickbot malware fingerprints

IP Threat Categories {#common-ip-threat-categories}

IP address threat categories for security filtering.

Value	Description
`SPAM_SOURCES`	Known spam sources
`WINDOWS_EXPLOITS`	Windows exploit sources
`WEB_ATTACKS`	Web attack sources
`BOTNETS`	Known botnet IPs
`SCANNERS`	Network scanner IPs
`REPUTATION`	Poor reputation IPs
`PHISHING`	Phishing-related IPs
`PROXY`	Anonymous proxy IPs
`MOBILE_THREATS`	Mobile threat sources
`TOR_PROXY`	Tor exit nodes
`DENIAL_OF_SERVICE`	DoS attack sources
`NETWORK`	Known bad network ranges

Import

Import is supported using the following syntax:

# Import using namespace/name format
terraform import f5xc_fleet.example system/example