f5xc_securemesh_site Resource - terraform-provider-f5xc

f5xc_securemesh_site (Resource)

Manages a Securemesh Site resource in F5 Distributed Cloud for deploying secure mesh edge sites with distributed security capabilities.

~> Note For more information about this resource, please refer to the F5 XC API Documentation.

Example Usage

# Securemesh Site Resource Example
# Manages a Securemesh Site resource in F5 Distributed Cloud for deploying secure mesh edge sites with distributed security capabilities.

terraform {
  required_version = ">= 1.0"

  required_providers {
    f5xc = {
      source  = "f5xc-salesdemos/f5xc"
      version = ">= 0.1.0"
    }
  }
}

# Basic Securemesh Site configuration
resource "f5xc_securemesh_site" "example" {
  name      = "example-securemesh-site"
  namespace = "staging"

  labels = {
    environment = "production"
    managed_by  = "terraform"
  }

  annotations = {
    "owner" = "platform-team"
  }

  # Secure Mesh Site configuration
  # Generic provider
  generic {
    not_managed {
      node_list {
        hostname  = "node1.example.com"
        public_ip = "203.0.113.10"
        type      = "Control"
      }
    }
  }

  # Master nodes
  master_nodes_count = 1

  # Default fleet config
  default_fleet_config {}

  # Disable HA
  disable_ha {}
}

Argument Reference

🔶 High Risk Operations — Some operations on this resource have high danger level. Destructive operations may require confirmation.

Metadata Argument Reference

• name - Required String
Name of the Securemesh Site. Must be unique within the namespace

• namespace - Required String
Namespace where the Securemesh Site will be created

• annotations - Optional Map
Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata

• description - Optional String
Human readable description for the object

• disable - Optional Bool
A value of true will administratively disable the object

• labels - Optional Map
Labels is a user defined key value map that can be attached to resources for organization and filtering

Spec Argument Reference

• address - Required String
Site’s geographical address that can be used to determine its latitude and longitude

-> One of the following: • blocked_services - Optional Block
Disable node local services on this site
See Blocked Services below for details.

-> One of the following: • bond_device_list - Optional Block
Bond Devices List. List of bond devices for this fleet
See Bond Device List below for details.

• coordinates - Optional Block
Coordinates of the site which provides the site physical location
See Coordinates below for details.

-> One of the following: • custom_network_config - Optional Block
SmsNetworkConfiguration
See Custom Network Config below for details.

• default_blocked_services - Optional Block
Enable this option

• default_network_config - Optional Block
Enable this option

• kubernetes_upgrade_drain - Optional Block
Specify how worker nodes within a site will be upgraded

-> One of the following: • log_receiver - Optional Block
Type establishes a direct reference from one object(the referrer) to another(the referred). Such a reference is in form of tenant/namespace/name

• logs_streaming_disabled - Optional Block
Enable this option

• master_node_configuration - Optional Block
Configuration of master nodes

• no_bond_devices - Optional Block
Configuration parameter for no bond devices

• offline_survivability_mode - Optional Block
Offline Survivability allows the Site to continue functioning normally without traffic loss during periods of connectivity loss to the Regional Edge (RE) or the Global Controller (GC). When this feature is enabled, a site can continue to function as is with existing configuration for upto 7

• os - Optional Block
Select the F5XC Operating System Version for the site. By default, latest available OS Version will be used. Refer to release notes to find required released OS versions

• performance_enhancement_mode - Optional Block
Optimize the site for L3 or L7 traffic processing. L7 optimized is the default

• sw - Optional Block
Select the F5XC Software Version for the site. By default, latest available F5XC Software Version will be used. Refer to release notes to find required released SW versions

• timeouts - Optional Block

• volterra_certified_hw - Required String
Name for generic server certified hardware to form this Secure Mesh site

• worker_nodes - Required List
Worker Nodes. Names of worker nodes

Attributes Reference

In addition to all arguments above, the following attributes are exported:

• id - Optional String
Unique identifier for the resource

Blocked Services

A blocked_services block supports the following:

• blocked_service - Optional Block
Disable Node Local Services. Blocking or denial configuration
See Blocked Service below.

Blocked Services Blocked Service

A blocked_service block (within blocked_services) supports the following:

• dns - Optional Block
Enable this option

• network_type - Optional String Defaults to VIRTUAL_NETWORK_SITE_LOCAL
Possible values are VIRTUAL_NETWORK_SITE_LOCAL, VIRTUAL_NETWORK_SITE_LOCAL_INSIDE, VIRTUAL_NETWORK_PER_SITE, VIRTUAL_NETWORK_PUBLIC, VIRTUAL_NETWORK_GLOBAL, VIRTUAL_NETWORK_SITE_SERVICE, VIRTUAL_NETWORK_VER_INTERNAL, VIRTUAL_NETWORK_SITE_LOCAL_INSIDE_OUTSIDE, VIRTUAL_NETWORK_IP_AUTO, VIRTUAL_NETWORK_VOLTADN_PRIVATE_NETWORK, VIRTUAL_NETWORK_SRV6_NETWORK, VIRTUAL_NETWORK_IP_FABRIC, VIRTUAL_NETWORK_SEGMENT, VIRTUAL_NETWORK_MANAGEMENT
[Enum: VIRTUAL_NETWORK_SITE_LOCAL|VIRTUAL_NETWORK_SITE_LOCAL_INSIDE|VIRTUAL_NETWORK_PER_SITE|VIRTUAL_NETWORK_PUBLIC|VIRTUAL_NETWORK_GLOBAL|VIRTUAL_NETWORK_SITE_SERVICE|VIRTUAL_NETWORK_VER_INTERNAL|VIRTUAL_NETWORK_SITE_LOCAL_INSIDE_OUTSIDE|VIRTUAL_NETWORK_IP_AUTO|VIRTUAL_NETWORK_VOLTADN_PRIVATE_NETWORK|VIRTUAL_NETWORK_SRV6_NETWORK|VIRTUAL_NETWORK_IP_FABRIC|VIRTUAL_NETWORK_SEGMENT|VIRTUAL_NETWORK_MANAGEMENT] Different types of virtual networks understood by the system Virtual-network of type VIRTUAL_NETWORK_SITE_LOCAL provides connectivity to public (outside) network. This is an insecure network and is connected to public internet via NAT Gateways/firwalls Virtual-network of this type is local to

• ssh - Optional Block
Enable this option

• web_user_interface - Optional Block
Enable this option

Bond Device List

A bond_device_list block supports the following:

• bond_devices - Optional Block
Bond Devices. List of bond devices
See Bond Devices below.

Bond Device List Bond Devices

A bond_devices block (within bond_device_list) supports the following:

• active_backup - Optional Block
Configuration parameter for active backup

• devices - Optional List
Ethernet devices that will make up this bond

• lacp - Optional Block
LACP parameters. LACP parameters for the bond device
See Lacp below.

• link_polling_interval - Optional Number
Link polling interval in milliseconds

• link_up_delay - Optional Number
Milliseconds wait before link is declared up

• name - Optional String
Name for the Bond. Ex ‘bond0’

Bond Device List Bond Devices Lacp

A lacp block (within bond_device_list.bond_devices) supports the following:

• rate - Optional Number
Interval in seconds to transmit LACP packets

Coordinates

A coordinates block supports the following:

• latitude - Optional Number
Latitude. Latitude of the site location

• longitude - Optional Number
Longitude. Longitude of site location

Custom Network Config

A custom_network_config block supports the following:

• active_enhanced_firewall_policies - Optional Block
List of Enhanced Firewall Policies These policies use session-based rules and provide all OPTIONS available under firewall policies with an additional option for service insertion
See Active Enhanced Firewall Policies below.

• active_forward_proxy_policies - Optional Block
Ordered List of Forward Proxy Policies active
See Active Forward Proxy Policies below.

• active_network_policies - Optional Block
Configuration parameter for active network policies
See Active Network Policies below.

• default_config - Optional Block
Enable this option

• default_interface_config - Optional Block
Enable this option

• default_sli_config - Optional Block
Enable this option

• forward_proxy_allow_all - Optional Block
Configuration parameter for forward proxy allow all

• global_network_list - Optional Block
Global Network Connection List. List of global network connections
See Global Network List below.

• interface_list - Optional Block
Configure network interfaces for this Secure Mesh site
See Interface List below.

• no_forward_proxy - Optional Block
Configuration parameter for no forward proxy

• no_global_network - Optional Block
Configuration parameter for no global network

• no_network_policy - Optional Block
Policy configuration for this feature

• sli_config - Optional Block
Site Local Network Configuration. Site local network configuration
See SLI Config below.

• slo_config - Optional Block
Site Local Network Configuration. Site local network configuration
See Slo Config below.

• sm_connection_public_ip - Optional Block
Enable this option

• sm_connection_pvt_ip - Optional Block
Enable this option

• tunnel_dead_timeout - Optional Number
Time interval, in millisec, within which any IPsec / SSL connection from the site going down is detected. When not set (== 0), a default value of 10000 msec will be used

• vip_vrrp_mode - Optional String Defaults to VIP_VRRP_INVALID
Possible values are VIP_VRRP_INVALID, VIP_VRRP_ENABLE, VIP_VRRP_DISABLE
[Enum: VIP_VRRP_INVALID|VIP_VRRP_ENABLE|VIP_VRRP_DISABLE] VRRP advertisement mode for VIP Invalid VRRP mode

Custom Network Config Active Enhanced Firewall Policies

An active_enhanced_firewall_policies block (within custom_network_config) supports the following:

• enhanced_firewall_policies - Optional Block
Ordered List of Enhanced Firewall Policies active
See Enhanced Firewall Policies below.

Custom Network Config Active Enhanced Firewall Policies Enhanced Firewall Policies

Deeply nested Policies block collapsed for readability.

Custom Network Config Active Forward Proxy Policies

An active_forward_proxy_policies block (within custom_network_config) supports the following:

• forward_proxy_policies - Optional Block
Ordered List of Forward Proxy Policies active
See Forward Proxy Policies below.

Custom Network Config Active Forward Proxy Policies Forward Proxy Policies

Deeply nested Policies block collapsed for readability.

Custom Network Config Active Network Policies

An active_network_policies block (within custom_network_config) supports the following:

• network_policies - Optional Block
Ordered List of Firewall Policies active for this network firewall
See Network Policies below.

Custom Network Config Active Network Policies Network Policies

Deeply nested Policies block collapsed for readability.

Custom Network Config Global Network List

A global_network_list block (within custom_network_config) supports the following:

• global_network_connections - Optional Block
Global network connections
See Global Network Connections below.

Custom Network Config Global Network List Global Network Connections

Deeply nested Connections block collapsed for readability.

Custom Network Config Global Network List Global Network Connections SLI To Global DR

Deeply nested DR block collapsed for readability.

Custom Network Config Global Network List Global Network Connections SLI To Global DR Global Vn

Deeply nested Vn block collapsed for readability.

Custom Network Config Global Network List Global Network Connections Slo To Global DR

Deeply nested DR block collapsed for readability.

Custom Network Config Global Network List Global Network Connections Slo To Global DR Global Vn

Deeply nested Vn block collapsed for readability.

Custom Network Config Interface List

An interface_list block (within custom_network_config) supports the following:

• interfaces - Optional Block
Configure network interfaces for this Secure Mesh site
See Interfaces below.

Custom Network Config Interface List Interfaces

An interfaces block (within custom_network_config.interface_list) supports the following:

• dc_cluster_group_connectivity_interface_disabled - Optional Block
Enable this option

• dc_cluster_group_connectivity_interface_enabled - Optional Block
Enable this option

• dedicated_interface - Optional Block
Configuration parameter for dedicated interface
See Dedicated Interface below.

• dedicated_management_interface - Optional Block
Configuration parameter for dedicated management interface
See Dedicated Management Interface below.

• description_spec - Optional String
Interface Description. Description for this Interface

• ethernet_interface - Optional Block
Configuration parameter for ethernet interface
See Ethernet Interface below.

• labels - Optional Block
Add Labels for this Interface, these labels can be used in firewall policy

Custom Network Config Interface List Interfaces Dedicated Interface

Deeply nested Interface block collapsed for readability.

Custom Network Config Interface List Interfaces Dedicated Management Interface

Deeply nested Interface block collapsed for readability.

Custom Network Config Interface List Interfaces Ethernet Interface

Deeply nested Interface block collapsed for readability.

Custom Network Config Interface List Interfaces Ethernet Interface DHCP Server

Deeply nested Server block collapsed for readability.

Custom Network Config Interface List Interfaces Ethernet Interface DHCP Server DHCP Networks

Deeply nested Networks block collapsed for readability.

Custom Network Config Interface List Interfaces Ethernet Interface DHCP Server DHCP Networks Network Prefix Allocator

Deeply nested Allocator block collapsed for readability.

Custom Network Config Interface List Interfaces Ethernet Interface DHCP Server DHCP Networks Pools

Deeply nested Pools block collapsed for readability.

Custom Network Config Interface List Interfaces Ethernet Interface DHCP Server Interface IP Map

Deeply nested Map block collapsed for readability.

Custom Network Config Interface List Interfaces Ethernet Interface IPv6 Auto Config

Deeply nested Config block collapsed for readability.

Custom Network Config Interface List Interfaces Ethernet Interface IPv6 Auto Config Router

Deeply nested Router block collapsed for readability.

Custom Network Config Interface List Interfaces Ethernet Interface IPv6 Auto Config Router DNS Config

Deeply nested Config block collapsed for readability.

Custom Network Config Interface List Interfaces Ethernet Interface IPv6 Auto Config Router DNS Config Configured List

Deeply nested List block collapsed for readability.

Custom Network Config Interface List Interfaces Ethernet Interface IPv6 Auto Config Router DNS Config Local DNS

Deeply nested DNS block collapsed for readability.

Custom Network Config Interface List Interfaces Ethernet Interface IPv6 Auto Config Router Stateful

Deeply nested Stateful block collapsed for readability.

Custom Network Config Interface List Interfaces Ethernet Interface IPv6 Auto Config Router Stateful DHCP Networks

Deeply nested Networks block collapsed for readability.

Custom Network Config Interface List Interfaces Ethernet Interface IPv6 Auto Config Router Stateful DHCP Networks Pools

Deeply nested Pools block collapsed for readability.

Custom Network Config Interface List Interfaces Ethernet Interface IPv6 Auto Config Router Stateful Interface IP Map

Deeply nested Map block collapsed for readability.

Custom Network Config Interface List Interfaces Ethernet Interface Static IP

Deeply nested IP block collapsed for readability.

Custom Network Config Interface List Interfaces Ethernet Interface Static IP Cluster Static IP

Deeply nested IP block collapsed for readability.

Custom Network Config Interface List Interfaces Ethernet Interface Static IP Node Static IP

Deeply nested IP block collapsed for readability.

Custom Network Config Interface List Interfaces Ethernet Interface Static IPv6 Address

Deeply nested Address block collapsed for readability.

Custom Network Config Interface List Interfaces Ethernet Interface Static IPv6 Address Cluster Static IP

Deeply nested IP block collapsed for readability.

Custom Network Config Interface List Interfaces Ethernet Interface Static IPv6 Address Node Static IP

Deeply nested IP block collapsed for readability.

Custom Network Config SLI Config

A sli_config block (within custom_network_config) supports the following:

• dc_cluster_group - Optional Block
Type establishes a direct reference from one object(the referrer) to another(the referred). Such a reference is in form of tenant/namespace/name
See Dc Cluster Group below.

• labels - Optional Block
Add Labels for this network, these labels can be used in firewall policy

• nameserver - Optional String
Optional DNS V4 server IP to be used for name resolution

• no_dc_cluster_group - Optional Block
Enable this option

• no_static_routes - Optional Block
Configuration parameter for no static routes

• no_v6_static_routes - Optional Block
Configuration parameter for no v6 static routes

• static_routes - Optional Block
Configuration parameter for static routes
See Static Routes below.

• static_v6_routes - Optional Block
Configuration parameter for static v6 routes
See Static V6 Routes below.

• vip - Optional String
Optional common virtual V4 IP across all nodes to be used as automatic VIP

Custom Network Config SLI Config Dc Cluster Group

Deeply nested Group block collapsed for readability.

Custom Network Config SLI Config Static Routes

A static_routes block (within custom_network_config.sli_config) supports the following:

• static_routes - Optional Block
Static Routes. List of static routes
See Static Routes below.

Custom Network Config SLI Config Static Routes Static Routes

Deeply nested Routes block collapsed for readability.

Custom Network Config SLI Config Static Routes Static Routes Node Interface

Deeply nested Interface block collapsed for readability.

Custom Network Config SLI Config Static Routes Static Routes Node Interface List

Deeply nested List block collapsed for readability.

Custom Network Config SLI Config Static Routes Static Routes Node Interface List Interface

Deeply nested Interface block collapsed for readability.

Custom Network Config SLI Config Static V6 Routes

Deeply nested Routes block collapsed for readability.

Custom Network Config SLI Config Static V6 Routes Static Routes

Deeply nested Routes block collapsed for readability.

Custom Network Config SLI Config Static V6 Routes Static Routes Node Interface

Deeply nested Interface block collapsed for readability.

Custom Network Config SLI Config Static V6 Routes Static Routes Node Interface List

Deeply nested List block collapsed for readability.

Custom Network Config SLI Config Static V6 Routes Static Routes Node Interface List Interface

Deeply nested Interface block collapsed for readability.

Custom Network Config Slo Config

A slo_config block (within custom_network_config) supports the following:

• labels - Optional Block
Add Labels for this network, these labels can be used in firewall policy

• nameserver - Optional String
Optional DNS V4 server IP to be used for name resolution

• no_dc_cluster_group - Optional Block
Enable this option

• no_static_routes - Optional Block
Configuration parameter for no static routes

• no_v6_static_routes - Optional Block
Configuration parameter for no v6 static routes

• static_routes - Optional Block
Configuration parameter for static routes
See Static Routes below.

• static_v6_routes - Optional Block
Configuration parameter for static v6 routes
See Static V6 Routes below.

• vip - Optional String
Optional common virtual V4 IP across all nodes to be used as automatic VIP

Custom Network Config Slo Config Dc Cluster Group

Deeply nested Group block collapsed for readability.

Custom Network Config Slo Config Static Routes

A static_routes block (within custom_network_config.slo_config) supports the following:

• static_routes - Optional Block
Static Routes. List of static routes
See Static Routes below.

Custom Network Config Slo Config Static Routes Static Routes

Deeply nested Routes block collapsed for readability.

Custom Network Config Slo Config Static Routes Static Routes Node Interface

Deeply nested Interface block collapsed for readability.

Custom Network Config Slo Config Static Routes Static Routes Node Interface List

Deeply nested List block collapsed for readability.

Custom Network Config Slo Config Static Routes Static Routes Node Interface List Interface

Deeply nested Interface block collapsed for readability.

Custom Network Config Slo Config Static V6 Routes

Deeply nested Routes block collapsed for readability.

Custom Network Config Slo Config Static V6 Routes Static Routes

Deeply nested Routes block collapsed for readability.

Custom Network Config Slo Config Static V6 Routes Static Routes Node Interface

Deeply nested Interface block collapsed for readability.

Custom Network Config Slo Config Static V6 Routes Static Routes Node Interface List

Deeply nested List block collapsed for readability.

Custom Network Config Slo Config Static V6 Routes Static Routes Node Interface List Interface

Deeply nested Interface block collapsed for readability.

Kubernetes Upgrade Drain

A kubernetes_upgrade_drain block supports the following:

• disable_upgrade_drain - Optional Block
Configuration parameter for disable upgrade drain

• enable_upgrade_drain - Optional Block
Specify batch upgrade settings for worker nodes within a site
See Enable Upgrade Drain below.

Kubernetes Upgrade Drain Enable Upgrade Drain

An enable_upgrade_drain block (within kubernetes_upgrade_drain) supports the following:

• disable_vega_upgrade_mode - Optional Block
Configuration parameter for disable vega upgrade mode

• drain_max_unavailable_node_count - Optional Number
Node Batch Size Count

• drain_node_timeout - Optional Number
Seconds to wait before initiating upgrade on the next set of nodes. Setting it to 0 will wait indefinitely for all services on nodes to be upgraded gracefully before proceeding to the next set of nodes. (Warning: It may block upgrade if services on a node cannot be gracefully upgraded. It is

• enable_vega_upgrade_mode - Optional Block
Configuration parameter for enable vega upgrade mode

Log Receiver

A log_receiver block supports the following:

• name - Optional String
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then name will hold the referred object’s(e.g. Route’s) name

• namespace - Optional String
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then namespace will hold the referred object’s(e.g. Route’s) namespace

• tenant - Optional String
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then tenant will hold the referred object’s(e.g. Route’s) tenant

Master Node Configuration

A master_node_configuration block supports the following:

• name - Optional String
Name. Names of master node

• public_ip - Optional String
IP Address of the master node. This IP will be used when other sites connect via Site Mesh Group

Offline Survivability Mode

An offline_survivability_mode block supports the following:

• enable_offline_survivability_mode - Optional Block
Configuration parameter for enable offline survivability mode

• no_offline_survivability_mode - Optional Block
Configuration parameter for no offline survivability mode

OS

An os block supports the following:

• default_os_version - Optional Block
Enable this option

• operating_system_version - Optional String
Specify a OS version to be used e.g. 9.2024.6

Performance Enhancement Mode

A performance_enhancement_mode block supports the following:

• perf_mode_l3_enhanced - Optional Block
Configuration parameter for perf mode l3 enhanced
See Perf Mode L3 Enhanced below.

• perf_mode_l7_enhanced - Optional Block
Configuration parameter for perf mode l7 enhanced

Performance Enhancement Mode Perf Mode L3 Enhanced

A perf_mode_l3_enhanced block (within performance_enhancement_mode) supports the following:

• jumbo - Optional Block
Enable this option

• no_jumbo - Optional Block
Enable this option

Sw

A sw block supports the following:

• default_sw_version - Optional Block
Enable this option

• volterra_software_version - Optional String
Specify a F5XC Software Version to be used e.g. Crt-20210329-1002

Timeouts

A timeouts block supports the following:

• create - Optional String (Defaults to 30 minutes)
Used when creating the resource

• delete - Optional String (Defaults to 30 minutes)
Used when deleting the resource

• read - Optional String (Defaults to 5 minutes)
Used when retrieving the resource

• update - Optional String (Defaults to 30 minutes)
Used when updating the resource

Common Types

The following type definitions are used throughout this resource. See the full definition here rather than repeated inline.

Object Reference {#common-object-reference}

Object references establish a direct reference from one configuration object to another in F5 Distributed Cloud. References use the format tenant/namespace/name.

Field	Type	Description
`name`	String	Name of the referenced object
`namespace`	String	Namespace containing the referenced object
`tenant`	String	Tenant of the referenced object (system-managed)

Transformers {#common-transformers}

Transformers apply transformations to input values before matching. Multiple transformers can be applied in order.

Value	Description
`LOWER_CASE`	Convert to lowercase
`UPPER_CASE`	Convert to uppercase
`BASE64_DECODE`	Decodebase64 content
`NORMALIZE_PATH`	Normalize URL path
`REMOVE_WHITESPACE`	Remove whitespace characters
`URL_DECODE`	Decode URL-encoded characters
`TRIM_LEFT`	Trim leading whitespace
`TRIM_RIGHT`	Trim trailing whitespace
`TRIM`	Trim both leading and trailing whitespace

HTTP Methods {#common-http-methods}

HTTP methods used for request matching.

Value	Description
`ANY`	Match any HTTP method
`GET`	HTTP GET request
`HEAD`	HTTP HEAD request
`POST`	HTTP POST request
`PUT`	HTTP PUT request
`DELETE`	HTTP DELETE request
`CONNECT`	HTTP CONNECT request
`OPTIONS`	HTTP OPTIONS request
`TRACE`	HTTP TRACE request
`PATCH`	HTTP PATCH request
`COPY`	HTTP COPY request (WebDAV)

TLS Fingerprints {#common-tls-fingerprints}

TLS fingerprint categories for malicious client detection.

Value	Description
`TLS_FINGERPRINT_NONE`	No fingerprint matching
`ANY_MALICIOUS_FINGERPRINT`	Match any known malicious fingerprint
`ADWARE`	Adware-associated fingerprints
`DRIDEX`	Dridex malware fingerprints
`GOOTKIT`	Gootkit malware fingerprints
`RANSOMWARE`	Ransomware-associated fingerprints
`TRICKBOT`	Trickbot malware fingerprints

IP Threat Categories {#common-ip-threat-categories}

IP address threat categories for security filtering.

Value	Description
`SPAM_SOURCES`	Known spam sources
`WINDOWS_EXPLOITS`	Windows exploit sources
`WEB_ATTACKS`	Web attack sources
`BOTNETS`	Known botnet IPs
`SCANNERS`	Network scanner IPs
`REPUTATION`	Poor reputation IPs
`PHISHING`	Phishing-related IPs
`PROXY`	Anonymous proxy IPs
`MOBILE_THREATS`	Mobile threat sources
`TOR_PROXY`	Tor exit nodes
`DENIAL_OF_SERVICE`	DoS attack sources
`NETWORK`	Known bad network ranges

Import

Import is supported using the following syntax:

# Import using namespace/name format
terraform import f5xc_securemesh_site.example system/example