f5xc_network_interface Resource - terraform-provider-f5xc

f5xc_network_interface (Resource)

Manages a Network Interface resource in F5 Distributed Cloud for network interface represents configuration of a network device. it is created by users in system namespace. configuration.

~> Note For more information about this resource, please refer to the F5 XC API Documentation.

Example Usage

# Network Interface Resource Example
# Manages a Network Interface resource in F5 Distributed Cloud for network interface represents configuration of a network device. it is created by users in system namespace. configuration.

terraform {
  required_version = ">= 1.0"

  required_providers {
    f5xc = {
      source  = "f5xc-salesdemos/f5xc"
      version = ">= 0.1.0"
    }
  }
}

# Basic Network Interface configuration
resource "f5xc_network_interface" "example" {
  name      = "example-network-interface"
  namespace = "staging"

  labels = {
    environment = "production"
    managed_by  = "terraform"
  }

  annotations = {
    "owner" = "platform-team"
  }

  # Resource-specific configuration
  # [OneOf: dedicated_interface, dedicated_management_interfa...
  dedicated_interface {
    # Configure dedicated_interface settings
  }
  # Enable this option
  cluster {
    # Configure cluster settings
  }
  # Enable this option
  is_primary {
    # Configure is_primary settings
  }
}

Argument Reference

🔶 High Risk Operations — Some operations on this resource have high danger level. Destructive operations may require confirmation.

Metadata Argument Reference

• name - Required String
Name of the Network Interface. Must be unique within the namespace

• namespace - Required String
Namespace where the Network Interface will be created

• annotations - Optional Map
Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata

• description - Optional String
Human readable description for the object

• disable - Optional Bool
A value of true will administratively disable the object

• labels - Optional Map
Labels is a user defined key value map that can be attached to resources for organization and filtering

Spec Argument Reference

-> One of the following: • dedicated_interface - Optional Block
Configuration parameter for dedicated interface
See Dedicated Interface below for details.

• dedicated_management_interface - Optional Block
Configuration parameter for dedicated management interface
See Dedicated Management Interface below for details.

• ethernet_interface - Optional Block
Configuration parameter for ethernet interface
See Ethernet Interface below for details.

• layer2_interface - Optional Block
Configuration parameter for layer2 interface
See Layer2 Interface below for details.

• tunnel_interface - Optional Block
Configuration parameter for tunnel interface

• timeouts - Optional Block

Attributes Reference

In addition to all arguments above, the following attributes are exported:

• id - Optional String
Unique identifier for the resource

---

Dedicated Interface

A dedicated_interface block supports the following:

• cluster - Optional Block
Enable this option

• device - Optional String
Name of the device for which interface is configured. Use wwan0 for 4G/LTE

• is_primary - Optional Block
Enable this option

• monitor - Optional Block
Link Quality Monitoring configuration for a network interface

• monitor_disabled - Optional Block
Enable this option

• mtu - Optional Number
Maximum packet size (Maximum Transfer Unit) of the interface When configured, MTU must be between 512 and 16384

• node - Optional String
Configuration will apply to a device on the given node of the site

• not_primary - Optional Block
Configuration parameter for not primary

• priority - Optional Number
Priority of the network interface when multiple network interfaces are present in outside network Greater the value, higher the priority

Dedicated Management Interface

A dedicated_management_interface block supports the following:

• cluster - Optional Block
Enable this option

• device - Optional String
Name of the device for which interface is configured

• mtu - Optional Number
Maximum packet size (Maximum Transfer Unit) of the interface When configured, MTU must be between 512 and 16384

• node - Optional String
Configuration will apply to a device on the given node of the site

Ethernet Interface

An ethernet_interface block supports the following:

• cluster - Optional Block
Enable this option

• device - Optional String
Interface configuration for the ethernet device

• dhcp_client - Optional Block
Enable this option

• dhcp_server - Optional Block
Configuration parameter for DHCP server
See DHCP Server below.

• ipv6_auto_config - Optional Block
IPV6AutoConfigType
See IPv6 Auto Config below.

• is_primary - Optional Block
Enable this option

• monitor - Optional Block
Link Quality Monitoring configuration for a network interface

• monitor_disabled - Optional Block
Enable this option

• mtu - Optional Number
Maximum packet size (Maximum Transfer Unit) of the interface When configured, MTU must be between 512 and 16384

• no_ipv6_address - Optional Block
Enable this option

• node - Optional String
Configuration will apply to a device on the given node

• not_primary - Optional Block
Configuration parameter for not primary

• priority - Optional Number
Priority of the network interface when multiple network interfaces are present in outside network Greater the value, higher the priority

• site_local_inside_network - Optional Block
Enable this option

• site_local_network - Optional Block
Enable this option

• static_ip - Optional Block
Static IP Parameters. Configure Static IP parameters
See Static IP below.

• static_ipv6_address - Optional Block
Static IP Parameters. Configure Static IP parameters
See Static IPv6 Address below.

• storage_network - Optional Block
Configuration parameter for storage network

• untagged - Optional Block
Enable this option

• vlan_id - Optional Number
Configure a VLAN tagged ethernet interface

Ethernet Interface DHCP Server

A dhcp_server block (within ethernet_interface) supports the following:

• automatic_from_end - Optional Block
Configuration parameter for automatic from end

• automatic_from_start - Optional Block
Configuration parameter for automatic from start

• dhcp_networks - Optional Block
List of networks from which DHCP Server can allocate IPv4 Addresses
See DHCP Networks below.

• fixed_ip_map - Optional Block
Assign fixed IPv4 addresses based on the MAC Address of the DHCP Client

• interface_ip_map - Optional Block
Interface IPv4 Assignments. Specify static IPv4 addresses per node
See Interface IP Map below.

Ethernet Interface DHCP Server DHCP Networks

A dhcp_networks block (within ethernet_interface.dhcp_server) supports the following:

• dgw_address - Optional String
Enter a IPv4 address from the network prefix to be used as the default gateway

• dns_address - Optional String
Enter a IPv4 address from the network prefix to be used as the DNS server

• first_address - Optional Block
Enable this option

• last_address - Optional Block
Enable this option

• network_prefix - Optional String
Set the network prefix for the site. Ex: 10.1.1.0/24

• pool_settings - Optional String Defaults to INCLUDE_IP_ADDRESSES_FROM_DHCP_POOLS
Possible values are INCLUDE_IP_ADDRESSES_FROM_DHCP_POOLS, EXCLUDE_IP_ADDRESSES_FROM_DHCP_POOLS
[Enum: INCLUDE_IP_ADDRESSES_FROM_DHCP_POOLS|EXCLUDE_IP_ADDRESSES_FROM_DHCP_POOLS] Identifies the how to pick the network for Interface. Address ranges in DHCP pool list are used for IP Address allocation Address ranges in DHCP pool list are excluded from IP Address allocation

• pools - Optional Block
List of non overlapping IP address ranges
See Pools below.

• same_as_dgw - Optional Block
Configuration parameter for same as dgw

Ethernet Interface DHCP Server DHCP Networks Pools

A pools block (within ethernet_interface.dhcp_server.dhcp_networks) supports the following:

• end_ip - Optional String
Ending IP of the pool range. In case of address allocator, offset is derived based on network prefix. 10.1.1.200 with prefix length of 24, end offset is 0.0.0.200

• start_ip - Optional String
Starting IP of the pool range. In case of address allocator, offset is derived based on network prefix. 10.1.1.5 with prefix length of 24, start offset is 0.0.0.5

Ethernet Interface DHCP Server Interface IP Map

An interface_ip_map block (within ethernet_interface.dhcp_server) supports the following:

• interface_ip_map - Optional Block
Specify static IPv4 addresses per site:node

Ethernet Interface IPv6 Auto Config

An ipv6_auto_config block (within ethernet_interface) supports the following:

• host - Optional Block
Hostname or IP address of the target server

• router - Optional Block
IPV6AutoConfigRouterType
See Router below.

Ethernet Interface IPv6 Auto Config Router

A router block (within ethernet_interface.ipv6_auto_config) supports the following:

• dns_config - Optional Block
IPV6DnsConfig
See DNS Config below.

• network_prefix - Optional String
Network prefix that is used as Prefix information Allowed only /64 prefix length as per RFC 4862

• stateful - Optional Block
DHCPIPV6 Stateful Server
See Stateful below.

Ethernet Interface IPv6 Auto Config Router DNS Config

Deeply nested Config block collapsed for readability.

Ethernet Interface IPv6 Auto Config Router DNS Config Configured List

Deeply nested List block collapsed for readability.

Ethernet Interface IPv6 Auto Config Router DNS Config Local DNS

Deeply nested DNS block collapsed for readability.

Ethernet Interface IPv6 Auto Config Router Stateful

A stateful block (within ethernet_interface.ipv6_auto_config.router) supports the following:

• automatic_from_end - Optional Block
Configuration parameter for automatic from end

• automatic_from_start - Optional Block
Configuration parameter for automatic from start

• dhcp_networks - Optional Block
List of networks from which DHCP server can allocate IP addresses
See DHCP Networks below.

• fixed_ip_map - Optional Block
Fixed MAC address to IPv6 assignments, Key: MAC address, Value: IPv6 Address Assign fixed IPv6 addresses based on the MAC Address of the DHCP Client

• interface_ip_map - Optional Block
Map of Interface IPv6 assignments per node
See Interface IP Map below.

Ethernet Interface IPv6 Auto Config Router Stateful DHCP Networks

Deeply nested Networks block collapsed for readability.

Ethernet Interface IPv6 Auto Config Router Stateful DHCP Networks Pools

Deeply nested Pools block collapsed for readability.

Ethernet Interface IPv6 Auto Config Router Stateful Interface IP Map

Deeply nested Map block collapsed for readability.

Ethernet Interface Static IP

A static_ip block (within ethernet_interface) supports the following:

• cluster_static_ip - Optional Block
Configure Static IP parameters for cluster
See Cluster Static IP below.

• node_static_ip - Optional Block
Configure Static IP parameters for a node
See Node Static IP below.

Ethernet Interface Static IP Cluster Static IP

A cluster_static_ip block (within ethernet_interface.static_ip) supports the following:

• interface_ip_map - Optional Block
Map of Node to Static IP configuration value, Key:Node, Value:IP Address

Ethernet Interface Static IP Node Static IP

A node_static_ip block (within ethernet_interface.static_ip) supports the following:

• default_gw - Optional String
Default Gateway. IP address of the default gateway

• ip_address - Optional String
IP address of the interface and prefix length

Ethernet Interface Static IPv6 Address

A static_ipv6_address block (within ethernet_interface) supports the following:

• cluster_static_ip - Optional Block
Configure Static IP parameters for cluster
See Cluster Static IP below.

• node_static_ip - Optional Block
Configure Static IP parameters for a node
See Node Static IP below.

Ethernet Interface Static IPv6 Address Cluster Static IP

Deeply nested IP block collapsed for readability.

Ethernet Interface Static IPv6 Address Node Static IP

Deeply nested IP block collapsed for readability.

Layer2 Interface

A layer2_interface block supports the following:

• l2sriov_interface - Optional Block
Configuration parameter for l2sriov interface
See L2sriov Interface below.

• l2vlan_interface - Optional Block
Configuration parameter for l2vlan interface
See L2vlan Interface below.

• l2vlan_slo_interface - Optional Block
Layer2 Site Local Outside VLAN Interface Configuration
See L2vlan Slo Interface below.

Layer2 Interface L2sriov Interface

A l2sriov_interface block (within layer2_interface) supports the following:

• device - Optional String
Physical ethernet interface

• untagged - Optional Block
Enable this option

• vlan_id - Optional Number
Configure a VLAN tagged interface

Layer2 Interface L2vlan Interface

A l2vlan_interface block (within layer2_interface) supports the following:

• device - Optional String
Physical ethernet interface

• vlan_id - Optional Number
VLAN ID. VLAN ID

Layer2 Interface L2vlan Slo Interface

A l2vlan_slo_interface block (within layer2_interface) supports the following:

• vlan_id - Optional Number
VLAN ID. VLAN ID

Timeouts

A timeouts block supports the following:

• create - Optional String (Defaults to 10 minutes)
Used when creating the resource

• delete - Optional String (Defaults to 10 minutes)
Used when deleting the resource

• read - Optional String (Defaults to 5 minutes)
Used when retrieving the resource

• update - Optional String (Defaults to 10 minutes)
Used when updating the resource

Tunnel Interface

A tunnel_interface block supports the following:

• mtu - Optional Number
Maximum packet size (Maximum Transfer Unit) of the interface When configured, MTU must be between 512 and 16384

• node - Optional String
Configuration will apply to a given device on the given node

• priority - Optional Number
Priority of the network interface when multiple network interfaces are present in outside network Greater the value, higher the priority

• site_local_inside_network - Optional Block
Enable this option

• site_local_network - Optional Block
Enable this option

• static_ip - Optional Block
Static IP Parameters. Configure Static IP parameters
See Static IP below.

• tunnel - Optional Block
Type establishes a direct reference from one object(the referrer) to another(the referred). Such a reference is in form of tenant/namespace/name
See Tunnel below.

Tunnel Interface Static IP

A static_ip block (within tunnel_interface) supports the following:

• cluster_static_ip - Optional Block
Configure Static IP parameters for cluster
See Cluster Static IP below.

• node_static_ip - Optional Block
Configure Static IP parameters for a node
See Node Static IP below.

Tunnel Interface Static IP Cluster Static IP

A cluster_static_ip block (within tunnel_interface.static_ip) supports the following:

• interface_ip_map - Optional Block
Map of Node to Static IP configuration value, Key:Node, Value:IP Address

Tunnel Interface Static IP Node Static IP

A node_static_ip block (within tunnel_interface.static_ip) supports the following:

• default_gw - Optional String
Default Gateway. IP address of the default gateway

• ip_address - Optional String
IP address of the interface and prefix length

Tunnel Interface Tunnel

A tunnel block (within tunnel_interface) supports the following:

• name - Optional String
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then name will hold the referred object’s(e.g. Route’s) name

• namespace - Optional String
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then namespace will hold the referred object’s(e.g. Route’s) namespace

• tenant - Optional String
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then tenant will hold the referred object’s(e.g. Route’s) tenant

---

Common Types

The following type definitions are used throughout this resource. See the full definition here rather than repeated inline.

Object Reference {#common-object-reference}

Object references establish a direct reference from one configuration object to another in F5 Distributed Cloud. References use the format tenant/namespace/name.

Field	Type	Description
name	String	Name of the referenced object
namespace	String	Namespace containing the referenced object
tenant	String	Tenant of the referenced object (system-managed)

Transformers {#common-transformers}

Transformers apply transformations to input values before matching. Multiple transformers can be applied in order.

Value	Description
LOWER_CASE	Convert to lowercase
UPPER_CASE	Convert to uppercase
BASE64_DECODE	Decodebase64 content
NORMALIZE_PATH	Normalize URL path
REMOVE_WHITESPACE	Remove whitespace characters
URL_DECODE	Decode URL-encoded characters
TRIM_LEFT	Trim leading whitespace
TRIM_RIGHT	Trim trailing whitespace
TRIM	Trim both leading and trailing whitespace

HTTP Methods {#common-http-methods}

HTTP methods used for request matching.

Value	Description
ANY	Match any HTTP method
GET	HTTP GET request
HEAD	HTTP HEAD request
POST	HTTP POST request
PUT	HTTP PUT request
DELETE	HTTP DELETE request
CONNECT	HTTP CONNECT request
OPTIONS	HTTP OPTIONS request
TRACE	HTTP TRACE request
PATCH	HTTP PATCH request
COPY	HTTP COPY request (WebDAV)

TLS Fingerprints {#common-tls-fingerprints}

TLS fingerprint categories for malicious client detection.

Value	Description
TLS_FINGERPRINT_NONE	No fingerprint matching
ANY_MALICIOUS_FINGERPRINT	Match any known malicious fingerprint
ADWARE	Adware-associated fingerprints
DRIDEX	Dridex malware fingerprints
GOOTKIT	Gootkit malware fingerprints
RANSOMWARE	Ransomware-associated fingerprints
TRICKBOT	Trickbot malware fingerprints

IP Threat Categories {#common-ip-threat-categories}

IP address threat categories for security filtering.

Value	Description
SPAM_SOURCES	Known spam sources
WINDOWS_EXPLOITS	Windows exploit sources
WEB_ATTACKS	Web attack sources
BOTNETS	Known botnet IPs
SCANNERS	Network scanner IPs
REPUTATION	Poor reputation IPs
PHISHING	Phishing-related IPs
PROXY	Anonymous proxy IPs
MOBILE_THREATS	Mobile threat sources
TOR_PROXY	Tor exit nodes
DENIAL_OF_SERVICE	DoS attack sources
NETWORK	Known bad network ranges

Import

Import is supported using the following syntax:

# Import using namespace/name format
terraform import f5xc_network_interface.example system/example