import * as pulumi from "@pulumi/pulumi"; import * as inputs from "../types/input"; export interface EventServiceDiscoveryNode { /** * name of node */ id?: pulumi.Input; /** * ip of nonde */ ip?: pulumi.Input; /** * port */ port?: pulumi.Input; } export interface FastHttpAppMonitor { /** * Set the time between health checks,in seconds for FAST-Generated Pool Monitor. */ interval?: pulumi.Input; /** * set `true` if the servers require login credentials for web access on FAST-Generated Pool Monitor. default is `false`. */ monitorAuth?: pulumi.Input; /** * password for web access on FAST-Generated Pool Monitor. */ password?: pulumi.Input; /** * The presence of this string anywhere in the HTTP response implies availability. */ response?: pulumi.Input; /** * Specify data to be sent during each health check for FAST-Generated Pool Monitor. */ sendString?: pulumi.Input; /** * username for web access on FAST-Generated Pool Monitor. */ username?: pulumi.Input; } export interface FastHttpAppPoolMember { /** * List of server address to be used for FAST-Generated Pool. */ addresses: pulumi.Input[]>; /** * connectionLimit value to be used for FAST-Generated Pool. */ connectionLimit?: pulumi.Input; /** * port number of serviceport to be used for FAST-Generated Pool. */ port?: pulumi.Input; /** * priorityGroup value to be used for FAST-Generated Pool. */ priorityGroup?: pulumi.Input; /** * shareNodes value to be used for FAST-Generated Pool. */ shareNodes?: pulumi.Input; } export interface FastHttpAppVirtualServer { /** * IP4/IPv6 address to be used for virtual server ex: `10.1.1.1` */ ip: pulumi.Input; /** * Port number to used for accessing virtual server/application */ port: pulumi.Input; } export interface FastHttpAppWafSecurityPolicy { /** * Setting `true` will enable FAST to create WAF Security Policy. */ enable: pulumi.Input; } export interface FastHttpsAppMonitor { /** * Set the time between health checks,in seconds for FAST-Generated Pool Monitor. */ interval?: pulumi.Input; /** * set `true` if the servers require login credentials for web access on FAST-Generated Pool Monitor. default is `false`. */ monitorAuth?: pulumi.Input; /** * password for web access on FAST-Generated Pool Monitor. */ password?: pulumi.Input; /** * The presence of this string anywhere in the HTTP response implies availability. */ response?: pulumi.Input; /** * Specify data to be sent during each health check for FAST-Generated Pool Monitor. */ sendString?: pulumi.Input; /** * username for web access on FAST-Generated Pool Monitor. */ username?: pulumi.Input; } export interface FastHttpsAppPoolMember { /** * List of server address to be used for FAST-Generated Pool. */ addresses: pulumi.Input[]>; /** * connectionLimit value to be used for FAST-Generated Pool. */ connectionLimit?: pulumi.Input; /** * port number of serviceport to be used for FAST-Generated Pool. */ port?: pulumi.Input; /** * priorityGroup value to be used for FAST-Generated Pool. */ priorityGroup?: pulumi.Input; /** * shareNodes value to be used for FAST-Generated Pool. */ shareNodes?: pulumi.Input; } export interface FastHttpsAppTlsClientProfile { /** * Name of existing BIG-IP SSL certificate to be used for FAST-Generated TLS Server Profile. */ tlsCertName: pulumi.Input; /** * Name of existing BIG-IP SSL Key to be used for FAST-Generated TLS Server Profile. */ tlsKeyName: pulumi.Input; } export interface FastHttpsAppTlsServerProfile { /** * Name of existing BIG-IP SSL certificate to be used for FAST-Generated TLS Server Profile. */ tlsCertName: pulumi.Input; /** * Name of existing BIG-IP SSL Key to be used for FAST-Generated TLS Server Profile. */ tlsKeyName: pulumi.Input; } export interface FastHttpsAppVirtualServer { /** * IP4/IPv6 address to be used for virtual server ex: `10.1.1.1` */ ip: pulumi.Input; /** * Port number to used for accessing virtual server/application */ port: pulumi.Input; } export interface FastHttpsAppWafSecurityPolicy { /** * Setting `true` will enable FAST to create WAF Security Policy. */ enable: pulumi.Input; } export interface FastTcpAppMonitor { /** * Set the time between health checks,in seconds for FAST-Generated Pool Monitor. */ interval?: pulumi.Input; } export interface FastTcpAppPoolMember { /** * List of server address to be used for FAST-Generated Pool. */ addresses: pulumi.Input[]>; /** * connectionLimit value to be used for FAST-Generated Pool. */ connectionLimit?: pulumi.Input; /** * port number of serviceport to be used for FAST-Generated Pool. */ port?: pulumi.Input; /** * priorityGroup value to be used for FAST-Generated Pool. */ priorityGroup?: pulumi.Input; /** * shareNodes value to be used for FAST-Generated Pool. */ shareNodes?: pulumi.Input; } export interface FastTcpAppVirtualServer { /** * IP4/IPv6 address to be used for virtual server ex: `10.1.1.1` */ ip: pulumi.Input; /** * Port number to used for accessing virtual server/application */ port: pulumi.Input; } export interface FastUdpAppMonitor { /** * The presence of this optional string is required in the response, if specified it confirms availability. */ expectedResponse?: pulumi.Input; /** * Set the time between health checks,in seconds for FAST-Generated Pool Monitor. */ interval?: pulumi.Input; /** * Optional data to be sent during each health check. */ sendString?: pulumi.Input; } export interface FastUdpAppPoolMember { /** * List of server address to be used for FAST-Generated Pool. */ addresses: pulumi.Input[]>; /** * connectionLimit value to be used for FAST-Generated Pool. */ connectionLimit?: pulumi.Input; /** * port number of serviceport to be used for FAST-Generated Pool. */ port?: pulumi.Input; /** * priorityGroup value to be used for FAST-Generated Pool. */ priorityGroup?: pulumi.Input; /** * shareNodes value to be used for FAST-Generated Pool. */ shareNodes?: pulumi.Input; } export interface FastUdpAppVirtualServer { /** * IP4/IPv6 address to be used for virtual server ex: `10.1.1.1` */ ip: pulumi.Input; /** * Port number to used for accessing virtual server/application */ port: pulumi.Input; } export interface SaasBotDefenseProfileProtectedEndpoint { /** * Specifies the path to the web page to be protected by BD. For example, `/login`. */ endpoint?: pulumi.Input; /** * hostname or IP address of the web page to be protected by the Bot Defense */ host?: pulumi.Input; /** * Specifies whether the BIG-IP or F5 XC Bot Defense handles mitigation of malicious HTTP requests. This field is enabled only if the Service Level field is set to Advanced/Premium */ mitigationAction?: pulumi.Input; /** * Unique name for the protected endpoint */ name: pulumi.Input; /** * POST field to protect the path when it has a POST method, `enabled` or `disabled` */ post?: pulumi.Input; /** * PUT field to protect the path when it has a PUT method,`enabled` or `disabled` */ put?: pulumi.Input; } export interface WafPolicyFileType { /** * Determines whether the file type is allowed or disallowed. In either of these cases the VIOL_FILETYPE violation is issued (if enabled) for an incoming request- * * No allowed file type matched the file type of the request. * * The file type of the request matched a disallowed file type. */ allowed?: pulumi.Input; /** * Specifies the file type name as appearing in the URL extension. */ name?: pulumi.Input; /** * Determines the type of the name attribute. Only when setting the type to `wildcard` will the special wildcard characters in the name be interpreted as such */ type?: pulumi.Input; } export interface WafPolicyGraphqlProfile { /** * Specifies when checked (enabled) that you want attack signatures and threat campaigns to be detected on this GraphQL profile and possibly override the security policy settings of an attack signature or threat campaign specifically for this GraphQL profile. After you enable this setting, the system displays a list of attack signatures and and threat campaigns. The default is enabled */ attackSignaturesCheck?: pulumi.Input; /** * defense_attributes settings for policy */ defenseAttributes?: pulumi.Input[]>; /** * Specifies when checked (enabled) that the system enforces the security policy settings of a meta character for the GraphQL profile. After you enable this setting, the system displays a list of meta characters. The default is enabled */ metacharElementcheck?: pulumi.Input; /** * The unique user-given name of the policy. Policy names cannot contain spaces or special characters. Allowed characters are a-z, A-Z, 0-9, dot, dash (-), colon (:) and underscore (_). */ name: pulumi.Input; } export interface WafPolicyGraphqlProfileDefenseAttribute { /** * Introspection queries can also be enforced to prevent attackers from using them to * understand the API structure and potentially breach an application. */ allowIntrospectionQueries?: pulumi.Input; /** * Specifies the highest number of batched queries allowed by the security policy. */ maximumBatchedQueries?: pulumi.Input; /** * Specifies the greatest nesting depth found in the GraphQL structure allowed by the security policy. */ maximumStructureDepth?: pulumi.Input; /** * Specifies the longest length, in bytes, allowed by the security policy of the request payload, or parameter value, where the GraphQL data was found. */ maximumTotalLength?: pulumi.Input; /** * Specifies the longest length (in bytes) of the longest GraphQL element value in the document allowed by the security policy. */ maximumValueLength?: pulumi.Input; /** * Specifies, when checked (enabled), that the system does not report when the security enforcer encounters warnings while parsing GraphQL content. Specifies when cleared (disabled), that the security policy reports when the security enforcer encounters warnings while parsing GraphQL content. The default setting is disabled. */ tolerateParsingWarnings?: pulumi.Input; } export interface WafPolicyHostName { /** * The unique user-given name of the policy. Policy names cannot contain spaces or special characters. Allowed characters are a-z, A-Z, 0-9, dot, dash (-), colon (:) and underscore (_). */ name?: pulumi.Input; } export interface WafPolicyIpException { /** * Specifies how the system responds to blocking requests sent from this IP address. Possible options [`always`, `never`, `policy-default`]. */ blockRequests?: pulumi.Input; /** * Specifies the description of the policy. */ description?: pulumi.Input; /** * Specifies when enabled that the system considers this IP address legitimate and does not take it into account when performing brute force prevention. */ ignoreAnomalies?: pulumi.Input; /** * Specifies when enabled that the system considers this IP address legitimate even if it is found in the IP Intelligence database (a database of questionable IP addresses). */ ignoreIpreputation?: pulumi.Input; /** * Specifies the IP address that you want the system to trust. */ ipAddress: pulumi.Input; /** * Specifies the netmask of the exceptional IP address. This is an optional field. */ ipMask: pulumi.Input; /** * Specifies when enabled the Policy Builder considers traffic from this IP address as being safe. */ trustedbyPolicybuilder?: pulumi.Input; } export interface WafPolicyPolicyBuilder { /** * learning mode setting for policy-builder, possible options: [`automatic`,`disabled`, `manual`] */ learningMode?: pulumi.Input; } export interface WafPolicySignaturesSetting { placesignaturesInStaging?: pulumi.Input; /** * setting true will enforce all signature from staging */ signatureStaging?: pulumi.Input; } export declare namespace cm { interface DeviceGroupDevice { /** * Is the name of the device Group */ name?: pulumi.Input; /** * Name of origin */ setSyncLeader?: pulumi.Input; } } export declare namespace ltm { interface DataGroupRecord { /** * , sets the value of the record's `data` attribute, specifying a value here will create a record in the form of `name := data` */ data?: pulumi.Input; /** * , sets the value of the record's `name` attribute, must be of type defined in `type` attribute */ name: pulumi.Input; } interface GetDataGroupRecord { data?: string; /** * Name of the datagroup */ name: string; } interface GetDataGroupRecordArgs { data?: pulumi.Input; /** * Name of the datagroup */ name: pulumi.Input; } interface GetNodeFqdn { /** * The FQDN node's address family. */ addressFamily?: string; /** * Specifies if the node should scale to the IP address set returned by DNS. */ autopopulate?: string; /** * The number of attempts to resolve a domain name. */ downinterval?: number; /** * The amount of time before sending the next DNS query. */ interval?: string; /** * Name of the node. */ name?: string; } interface GetNodeFqdnArgs { /** * The FQDN node's address family. */ addressFamily?: pulumi.Input; /** * Specifies if the node should scale to the IP address set returned by DNS. */ autopopulate?: pulumi.Input; /** * The number of attempts to resolve a domain name. */ downinterval?: pulumi.Input; /** * The amount of time before sending the next DNS query. */ interval?: pulumi.Input; /** * Name of the node. */ name?: pulumi.Input; } interface GetPolicyRule { actions?: inputs.ltm.GetPolicyRuleAction[]; conditions?: inputs.ltm.GetPolicyRuleCondition[]; /** * Name of the policy which includes partion ( /partition/policy-name ) */ name: string; } interface GetPolicyRuleArgs { actions?: pulumi.Input[]>; conditions?: pulumi.Input[]>; /** * Name of the policy which includes partion ( /partition/policy-name ) */ name: pulumi.Input; } interface GetPolicyRuleAction { appService?: string; application?: string; asm?: boolean; avr?: boolean; cache?: boolean; carp?: boolean; category?: string; classify?: boolean; clonePool?: string; code?: number; compress?: boolean; connection?: boolean; content?: string; cookieHash?: boolean; cookieInsert?: boolean; cookiePassive?: boolean; cookieRewrite?: boolean; decompress?: boolean; defer?: boolean; destinationAddress?: boolean; disable?: boolean; domain?: string; enable?: boolean; expiry?: string; expirySecs?: number; expression?: string; extension?: string; facility?: string; forward?: boolean; fromProfile?: string; hash?: boolean; host?: string; http?: boolean; httpBasicAuth?: boolean; httpCookie?: boolean; httpHeader?: boolean; httpHost?: boolean; httpReferer?: boolean; httpReply?: boolean; httpSetCookie?: boolean; httpUri?: boolean; ifile?: string; insert?: boolean; internalVirtual?: string; ipAddress?: string; key?: string; l7dos?: boolean; length?: number; location?: string; log?: boolean; ltmPolicy?: boolean; member?: string; message?: string; netmask?: string; nexthop?: string; node?: string; offset?: number; path?: string; pem?: boolean; persist?: boolean; pin?: boolean; policy?: string; pool?: string; port?: number; priority?: string; profile?: string; protocol?: string; queryString?: string; rateclass?: string; redirect?: boolean; remove?: boolean; replace?: boolean; request?: boolean; requestAdapt?: boolean; reset?: boolean; response?: boolean; responseAdapt?: boolean; scheme?: string; script?: string; select?: boolean; serverSsl?: boolean; setVariable?: boolean; shutdown?: boolean; snat?: string; snatpool?: string; sourceAddress?: boolean; sslClientHello?: boolean; sslServerHandshake?: boolean; sslServerHello?: boolean; sslSessionId?: boolean; status?: number; tcl?: boolean; tcpNagle?: boolean; text?: string; timeout?: number; tmName?: string; uie?: boolean; universal?: boolean; value?: string; virtual?: string; vlan?: string; vlanId?: number; wam?: boolean; write?: boolean; } interface GetPolicyRuleActionArgs { appService?: pulumi.Input; application?: pulumi.Input; asm?: pulumi.Input; avr?: pulumi.Input; cache?: pulumi.Input; carp?: pulumi.Input; category?: pulumi.Input; classify?: pulumi.Input; clonePool?: pulumi.Input; code?: pulumi.Input; compress?: pulumi.Input; connection?: pulumi.Input; content?: pulumi.Input; cookieHash?: pulumi.Input; cookieInsert?: pulumi.Input; cookiePassive?: pulumi.Input; cookieRewrite?: pulumi.Input; decompress?: pulumi.Input; defer?: pulumi.Input; destinationAddress?: pulumi.Input; disable?: pulumi.Input; domain?: pulumi.Input; enable?: pulumi.Input; expiry?: pulumi.Input; expirySecs?: pulumi.Input; expression?: pulumi.Input; extension?: pulumi.Input; facility?: pulumi.Input; forward?: pulumi.Input; fromProfile?: pulumi.Input; hash?: pulumi.Input; host?: pulumi.Input; http?: pulumi.Input; httpBasicAuth?: pulumi.Input; httpCookie?: pulumi.Input; httpHeader?: pulumi.Input; httpHost?: pulumi.Input; httpReferer?: pulumi.Input; httpReply?: pulumi.Input; httpSetCookie?: pulumi.Input; httpUri?: pulumi.Input; ifile?: pulumi.Input; insert?: pulumi.Input; internalVirtual?: pulumi.Input; ipAddress?: pulumi.Input; key?: pulumi.Input; l7dos?: pulumi.Input; length?: pulumi.Input; location?: pulumi.Input; log?: pulumi.Input; ltmPolicy?: pulumi.Input; member?: pulumi.Input; message?: pulumi.Input; netmask?: pulumi.Input; nexthop?: pulumi.Input; node?: pulumi.Input; offset?: pulumi.Input; path?: pulumi.Input; pem?: pulumi.Input; persist?: pulumi.Input; pin?: pulumi.Input; policy?: pulumi.Input; pool?: pulumi.Input; port?: pulumi.Input; priority?: pulumi.Input; profile?: pulumi.Input; protocol?: pulumi.Input; queryString?: pulumi.Input; rateclass?: pulumi.Input; redirect?: pulumi.Input; remove?: pulumi.Input; replace?: pulumi.Input; request?: pulumi.Input; requestAdapt?: pulumi.Input; reset?: pulumi.Input; response?: pulumi.Input; responseAdapt?: pulumi.Input; scheme?: pulumi.Input; script?: pulumi.Input; select?: pulumi.Input; serverSsl?: pulumi.Input; setVariable?: pulumi.Input; shutdown?: pulumi.Input; snat?: pulumi.Input; snatpool?: pulumi.Input; sourceAddress?: pulumi.Input; sslClientHello?: pulumi.Input; sslServerHandshake?: pulumi.Input; sslServerHello?: pulumi.Input; sslSessionId?: pulumi.Input; status?: pulumi.Input; tcl?: pulumi.Input; tcpNagle?: pulumi.Input; text?: pulumi.Input; timeout?: pulumi.Input; tmName?: pulumi.Input; uie?: pulumi.Input; universal?: pulumi.Input; value?: pulumi.Input; virtual?: pulumi.Input; vlan?: pulumi.Input; vlanId?: pulumi.Input; wam?: pulumi.Input; write?: pulumi.Input; } interface GetPolicyRuleCondition { address?: boolean; all?: boolean; appService?: string; browserType?: boolean; browserVersion?: boolean; caseInsensitive?: boolean; caseSensitive?: boolean; cipher?: boolean; cipherBits?: boolean; clientSsl?: boolean; code?: boolean; commonName?: boolean; contains?: boolean; continent?: boolean; countryCode?: boolean; countryName?: boolean; cpuUsage?: boolean; datagroup?: string; deviceMake?: boolean; deviceModel?: boolean; domain?: boolean; endsWith?: boolean; equals?: boolean; expiry?: boolean; extension?: boolean; external?: boolean; geoip?: boolean; greater?: boolean; greaterOrEqual?: boolean; host?: boolean; httpBasicAuth?: boolean; httpCookie?: boolean; httpHeader?: boolean; httpHost?: boolean; httpMethod?: boolean; httpReferer?: boolean; httpSetCookie?: boolean; httpStatus?: boolean; httpUri?: boolean; httpUserAgent?: boolean; httpVersion?: boolean; index?: number; internal?: boolean; isp?: boolean; last15secs?: boolean; last1min?: boolean; last5mins?: boolean; less?: boolean; lessOrEqual?: boolean; local?: boolean; major?: boolean; matches?: boolean; minor?: boolean; missing?: boolean; mss?: boolean; not?: boolean; org?: boolean; password?: boolean; path?: boolean; pathSegment?: boolean; port?: boolean; present?: boolean; protocol?: boolean; queryParameter?: boolean; queryString?: boolean; regionCode?: boolean; regionName?: boolean; remote?: boolean; request?: boolean; response?: boolean; routeDomain?: boolean; rtt?: boolean; scheme?: boolean; serverName?: boolean; sslCert?: boolean; sslClientHello?: boolean; sslExtension?: boolean; sslServerHandshake?: boolean; sslServerHello?: boolean; startsWith?: boolean; tcp?: boolean; text?: boolean; tmName?: string; unnamedQueryParameter?: boolean; userAgentToken?: boolean; username?: boolean; value?: boolean; values?: string[]; version?: boolean; vlan?: boolean; vlanId?: boolean; } interface GetPolicyRuleConditionArgs { address?: pulumi.Input; all?: pulumi.Input; appService?: pulumi.Input; browserType?: pulumi.Input; browserVersion?: pulumi.Input; caseInsensitive?: pulumi.Input; caseSensitive?: pulumi.Input; cipher?: pulumi.Input; cipherBits?: pulumi.Input; clientSsl?: pulumi.Input; code?: pulumi.Input; commonName?: pulumi.Input; contains?: pulumi.Input; continent?: pulumi.Input; countryCode?: pulumi.Input; countryName?: pulumi.Input; cpuUsage?: pulumi.Input; datagroup?: pulumi.Input; deviceMake?: pulumi.Input; deviceModel?: pulumi.Input; domain?: pulumi.Input; endsWith?: pulumi.Input; equals?: pulumi.Input; expiry?: pulumi.Input; extension?: pulumi.Input; external?: pulumi.Input; geoip?: pulumi.Input; greater?: pulumi.Input; greaterOrEqual?: pulumi.Input; host?: pulumi.Input; httpBasicAuth?: pulumi.Input; httpCookie?: pulumi.Input; httpHeader?: pulumi.Input; httpHost?: pulumi.Input; httpMethod?: pulumi.Input; httpReferer?: pulumi.Input; httpSetCookie?: pulumi.Input; httpStatus?: pulumi.Input; httpUri?: pulumi.Input; httpUserAgent?: pulumi.Input; httpVersion?: pulumi.Input; index?: pulumi.Input; internal?: pulumi.Input; isp?: pulumi.Input; last15secs?: pulumi.Input; last1min?: pulumi.Input; last5mins?: pulumi.Input; less?: pulumi.Input; lessOrEqual?: pulumi.Input; local?: pulumi.Input; major?: pulumi.Input; matches?: pulumi.Input; minor?: pulumi.Input; missing?: pulumi.Input; mss?: pulumi.Input; not?: pulumi.Input; org?: pulumi.Input; password?: pulumi.Input; path?: pulumi.Input; pathSegment?: pulumi.Input; port?: pulumi.Input; present?: pulumi.Input; protocol?: pulumi.Input; queryParameter?: pulumi.Input; queryString?: pulumi.Input; regionCode?: pulumi.Input; regionName?: pulumi.Input; remote?: pulumi.Input; request?: pulumi.Input; response?: pulumi.Input; routeDomain?: pulumi.Input; rtt?: pulumi.Input; scheme?: pulumi.Input; serverName?: pulumi.Input; sslCert?: pulumi.Input; sslClientHello?: pulumi.Input; sslExtension?: pulumi.Input; sslServerHandshake?: pulumi.Input; sslServerHello?: pulumi.Input; startsWith?: pulumi.Input; tcp?: pulumi.Input; text?: pulumi.Input; tmName?: pulumi.Input; unnamedQueryParameter?: pulumi.Input; userAgentToken?: pulumi.Input; username?: pulumi.Input; value?: pulumi.Input; values?: pulumi.Input[]>; version?: pulumi.Input; vlan?: pulumi.Input; vlanId?: pulumi.Input; } interface NodeFqdn { /** * Specifies the node's address family. The default is 'unspecified', or IP-agnostic. This needs to be specified inside the fqdn (fully qualified domain name). */ addressFamily?: pulumi.Input; /** * Specifies whether the node should scale to the IP address set returned by DNS. */ autopopulate?: pulumi.Input; /** * Specifies the number of attempts to resolve a domain name. The default is 5. */ downinterval?: pulumi.Input; /** * Specifies the amount of time before sending the next DNS query. Default is 3600. This needs to be specified inside the fqdn (fully qualified domain name). */ interval?: pulumi.Input; /** * Name of the node */ name?: pulumi.Input; } interface PolicyRule { /** * Block type. See action block for more details. */ actions?: pulumi.Input[]>; /** * Block type. See condition block for more details. */ conditions?: pulumi.Input[]>; /** * Specifies descriptive text that identifies the irule attached to policy. */ description?: pulumi.Input; /** * Name of Rule to be applied in policy. */ name: pulumi.Input; } interface PolicyRuleAction { appService?: pulumi.Input; application?: pulumi.Input; asm?: pulumi.Input; avr?: pulumi.Input; cache?: pulumi.Input; carp?: pulumi.Input; category?: pulumi.Input; classify?: pulumi.Input; clonePool?: pulumi.Input; code?: pulumi.Input; compress?: pulumi.Input; /** * This action is set to `true` by default, it needs to be explicitly set to `false` for actions it conflicts with. */ connection?: pulumi.Input; content?: pulumi.Input; cookieHash?: pulumi.Input; cookieInsert?: pulumi.Input; cookiePassive?: pulumi.Input; cookieRewrite?: pulumi.Input; decompress?: pulumi.Input; defer?: pulumi.Input; destinationAddress?: pulumi.Input; disable?: pulumi.Input; domain?: pulumi.Input; enable?: pulumi.Input; expiry?: pulumi.Input; expirySecs?: pulumi.Input; expression?: pulumi.Input; extension?: pulumi.Input; facility?: pulumi.Input; /** * This action will affect forwarding. */ forward?: pulumi.Input; fromProfile?: pulumi.Input; hash?: pulumi.Input; host?: pulumi.Input; http?: pulumi.Input; httpBasicAuth?: pulumi.Input; httpCookie?: pulumi.Input; httpHeader?: pulumi.Input; httpHost?: pulumi.Input; httpReferer?: pulumi.Input; httpReply?: pulumi.Input; httpSetCookie?: pulumi.Input; httpUri?: pulumi.Input; ifile?: pulumi.Input; insert?: pulumi.Input; internalVirtual?: pulumi.Input; ipAddress?: pulumi.Input; key?: pulumi.Input; l7dos?: pulumi.Input; length?: pulumi.Input; location?: pulumi.Input; log?: pulumi.Input; ltmPolicy?: pulumi.Input; member?: pulumi.Input; message?: pulumi.Input; netmask?: pulumi.Input; nexthop?: pulumi.Input; node?: pulumi.Input; offset?: pulumi.Input; path?: pulumi.Input; pem?: pulumi.Input; persist?: pulumi.Input; pin?: pulumi.Input; policy?: pulumi.Input; /** * This action will direct the stream to this pool. */ pool?: pulumi.Input; port?: pulumi.Input; priority?: pulumi.Input; profile?: pulumi.Input; protocol?: pulumi.Input; queryString?: pulumi.Input; rateclass?: pulumi.Input; redirect?: pulumi.Input; remove?: pulumi.Input; replace?: pulumi.Input; request?: pulumi.Input; requestAdapt?: pulumi.Input; reset?: pulumi.Input; response?: pulumi.Input; responseAdapt?: pulumi.Input; scheme?: pulumi.Input; script?: pulumi.Input; select?: pulumi.Input; serverSsl?: pulumi.Input; setVariable?: pulumi.Input; shutdown?: pulumi.Input; snat?: pulumi.Input; snatpool?: pulumi.Input; sourceAddress?: pulumi.Input; sslClientHello?: pulumi.Input; sslServerHandshake?: pulumi.Input; sslServerHello?: pulumi.Input; sslSessionId?: pulumi.Input; status?: pulumi.Input; tcl?: pulumi.Input; tcpNagle?: pulumi.Input; text?: pulumi.Input; timeout?: pulumi.Input; tmName?: pulumi.Input; uie?: pulumi.Input; universal?: pulumi.Input; value?: pulumi.Input; virtual?: pulumi.Input; vlan?: pulumi.Input; vlanId?: pulumi.Input; wam?: pulumi.Input; write?: pulumi.Input; } interface PolicyRuleCondition { address?: pulumi.Input; all?: pulumi.Input; appService?: pulumi.Input; browserType?: pulumi.Input; browserVersion?: pulumi.Input; caseInsensitive?: pulumi.Input; caseSensitive?: pulumi.Input; cipher?: pulumi.Input; cipherBits?: pulumi.Input; clientAccepted?: pulumi.Input; clientSsl?: pulumi.Input; code?: pulumi.Input; commonName?: pulumi.Input; contains?: pulumi.Input; continent?: pulumi.Input; countryCode?: pulumi.Input; countryName?: pulumi.Input; cpuUsage?: pulumi.Input; datagroup?: pulumi.Input; deviceMake?: pulumi.Input; deviceModel?: pulumi.Input; domain?: pulumi.Input; endsWith?: pulumi.Input; equals?: pulumi.Input; exists?: pulumi.Input; expiry?: pulumi.Input; extension?: pulumi.Input; external?: pulumi.Input; geoip?: pulumi.Input; greater?: pulumi.Input; greaterOrEqual?: pulumi.Input; host?: pulumi.Input; httpBasicAuth?: pulumi.Input; httpCookie?: pulumi.Input; httpHeader?: pulumi.Input; httpHost?: pulumi.Input; httpMethod?: pulumi.Input; httpReferer?: pulumi.Input; httpSetCookie?: pulumi.Input; httpStatus?: pulumi.Input; httpUri?: pulumi.Input; httpUserAgent?: pulumi.Input; httpVersion?: pulumi.Input; index?: pulumi.Input; internal?: pulumi.Input; isp?: pulumi.Input; last15secs?: pulumi.Input; last1min?: pulumi.Input; last5mins?: pulumi.Input; less?: pulumi.Input; lessOrEqual?: pulumi.Input; local?: pulumi.Input; major?: pulumi.Input; matches?: pulumi.Input; minor?: pulumi.Input; missing?: pulumi.Input; mss?: pulumi.Input; not?: pulumi.Input; org?: pulumi.Input; password?: pulumi.Input; path?: pulumi.Input; pathSegment?: pulumi.Input; port?: pulumi.Input; present?: pulumi.Input; protocol?: pulumi.Input; queryParameter?: pulumi.Input; queryString?: pulumi.Input; regionCode?: pulumi.Input; regionName?: pulumi.Input; remote?: pulumi.Input; request?: pulumi.Input; response?: pulumi.Input; routeDomain?: pulumi.Input; rtt?: pulumi.Input; scheme?: pulumi.Input; serverName?: pulumi.Input; sslCert?: pulumi.Input; sslClientHello?: pulumi.Input; sslExtension?: pulumi.Input; sslServerHandshake?: pulumi.Input; sslServerHello?: pulumi.Input; startsWith?: pulumi.Input; tcp?: pulumi.Input; text?: pulumi.Input; tmName?: pulumi.Input; unnamedQueryParameter?: pulumi.Input; userAgentToken?: pulumi.Input; username?: pulumi.Input; value?: pulumi.Input; values?: pulumi.Input[]>; version?: pulumi.Input; vlan?: pulumi.Input; vlanId?: pulumi.Input; } interface ProfileClientSslCertKeyChain { /** * Specifies the name of the certificate that the system uses for client-side SSL processing. The default is `default` */ cert?: pulumi.Input; /** * Specifies a certificate chain file that a server can use for authentication. The default is `None`. */ chain?: pulumi.Input; /** * Specifies the file name of the SSL key. The default is `default` */ key?: pulumi.Input; /** * Name of Cert-key-chain */ name?: pulumi.Input; /** * Type the name of the pass phrase used to encrypt the key. */ passphrase?: pulumi.Input; } interface ProfileHttpEnforcement { /** * Specifies which HTTP methods count as being known. Removing RFC-defined methods from this list will cause the HTTP filter to not recognize them. Default value is [CONNECT DELETE GET HEAD LOCK OPTIONS POST PROPFIND PUT TRACE UNLOCK].If no value is specified while creating, then default value will be assigned by BigIP. In order to remove it, [""] list is to be passed. If knownMethods is commented (or not passed) during the update call, then no changes would be applied and previous value will persist. In order to put default value , we need to pass [CONNECT DELETE GET HEAD LOCK OPTIONS POST PROPFIND PUT TRACE UNLOCK] explicitly. */ knownMethods?: pulumi.Input[]>; /** * Specifies the maximum number of headers allowed in HTTP request/response. The default is 64 headers.If no value is specified while creating, then default value will be assigned by BigIP. If maxHeaderCount is commented (or not passed) during the update call, then no changes would be applied and previous value will persist. In order to put default value, we need to pass "64" explicitly. */ maxHeaderCount?: pulumi.Input; /** * Specifies the maximum header size. The default value is 32768. If no string is specified while creating, then default value will be assigned by BigIP. If maxHeaderSize is commented (or not passed) during the update call, then no changes would be applied and previous value will persist. In order to put default value, we need to pass "32768" explicitly. */ maxHeaderSize?: pulumi.Input; /** * Specifies whether to allow, reject or switch to pass-through mode when an unknown HTTP method is parsed. Default value is "allow". If no string is specified while creating, then default value will be assigned by BigIP. If unknownMethod is commented (or not passed) during the update call, then no changes would be applied and previous value will persist. In order to put default value, we need to pass "allow" explicitly. */ unknownMethod?: pulumi.Input; } interface ProfileHttpHttpStrictTransportSecurity { /** * The Include Subdomains setting applies the HSTS policy to the HSTS host and its subdomains. The default is "enabled". If no string is specified during Create, then default value will be assigned by BigIp. If includeSubdomains is commented (or not passed) during the update call, then no changes would be applied and previous value will persist. In order to put default value, we need to pass "enabled" explicitly. */ includeSubdomains?: pulumi.Input; /** * The Maximum Age value specifies the length of time, in seconds, that HSTS functionality requests that clients only use HTTPS to connect to the current host and any subdomains of the current host's domain name. The default is 16070400 seconds. If no value is specified during Create, then default value will be assigned by BigIp. If maximumAge is commented (or not passed) during the update call, then no changes would be applied and previous value will persist. In order to put default value , we need to pass 16070400 explicitly. */ maximumAge?: pulumi.Input; /** * The Mode setting enables and disables HSTS functionality within the HTTP profile. The default is "disabled". If no string is specified during Create, then default value will be assigned by BigIp. If mode is commented (or not passed) during the update call, then no changes would be applied and previous value will persist. In order to put default value, we need to pass "disabled" explicitly. */ mode?: pulumi.Input; /** * An HSTS preload list is a list of domains built into a web browser. When you enable the Preload setting, the domain for the web site that this HTTP profile is associated with is submitted for inclusion in the browser's preload list. The default is "disabled". If no string is specified during Create, then default value will be assigned by BigIp. If preload is commented (or not passed) during the update call, then no changes would be applied and previous value will persist. In order to put default value, we need to pass "disabled" explicitly. */ preload?: pulumi.Input; } interface ProfileRewriteCookieRule { clientDomain: pulumi.Input; clientPath: pulumi.Input; /** * Name of the cookie rewrite rule. */ ruleName: pulumi.Input; serverDomain: pulumi.Input; serverPath: pulumi.Input; } interface ProfileRewriteRequest { /** * Enable to add the X-Forwarded For (XFF) header, to specify the originating IP address of the client. Valid choices are: `enabled, disabled` */ insertXfwdFor?: pulumi.Input; /** * Enable to add the X-Forwarded Host header, to specify the originating host of the client. Valid choices are: `enabled, disabled` */ insertXfwdHost?: pulumi.Input; /** * Enable to add the X-Forwarded Proto header, to specify the originating protocol of the client. Valid choices are: `enabled, disabled` */ insertXfwdProtocol?: pulumi.Input; /** * Enable to rewrite headers in Request settings. Valid choices are: `enabled, disabled` */ rewriteHeaders?: pulumi.Input; } interface ProfileRewriteResponse { /** * Enable to rewrite links in content in the response. Valid choices are: `enabled, disabled` */ rewriteContent?: pulumi.Input; /** * Enable to rewrite headers in the response. Valid choices are: `enabled, disabled` */ rewriteHeaders?: pulumi.Input; } interface ProfileRewriteUriRulesClient { /** * Host part of the uri, e.g. `www.foo.com`. */ host: pulumi.Input; /** * Path part of the uri, must always end with `/`. Default value is: `/` */ path?: pulumi.Input; /** * Port part of the uri. Default value is: `none` */ port?: pulumi.Input; /** * Scheme part of the uri, e.g. `https`, `ftp`. */ scheme: pulumi.Input; } interface ProfileRewriteUriRulesServer { /** * Host part of the uri, e.g. `www.foo.com`. */ host: pulumi.Input; /** * Path part of the uri, must always end with `/`. Default value is: `/` */ path?: pulumi.Input; /** * Port part of the uri. Default value is: `none` */ port?: pulumi.Input; /** * Scheme part of the uri, e.g. `https`, `ftp`. */ scheme: pulumi.Input; } interface SnatOrigin { /** * app service */ appService?: pulumi.Input; /** * Name of the SNAT, name of SNAT should be full path. Full path is the combination of the `partition + SNAT name`,For example `/Common/test-snat`. */ name?: pulumi.Input; } } export declare namespace net { interface VlanInterface { /** * Specifies a list of tagged interfaces or trunks associated with this VLAN. Note that you can associate tagged interfaces or trunks with any number of VLANs. */ tagged?: pulumi.Input; /** * Physical or virtual port used for traffic */ vlanport?: pulumi.Input; } } export declare namespace ssl { interface GetWafEntityParameterUrl { method: string; name: string; protocol: string; type: string; } interface GetWafEntityParameterUrlArgs { method: pulumi.Input; name: pulumi.Input; protocol: pulumi.Input; type: pulumi.Input; } interface GetWafEntityUrlCrossOriginRequestsEnforcement { /** * Determines whether the subdomains are allowed to receive data from the web application. */ includeSubdomains?: boolean; /** * Specifies the name of the origin with which you want to share your data. */ originName: string; /** * Specifies the port that other web applications are allowed to use to request data from your web application. */ originPort: string; /** * Specifies the protocol that other web applications are allowed to use to request data from your web application. */ originProtocol: string; } interface GetWafEntityUrlCrossOriginRequestsEnforcementArgs { /** * Determines whether the subdomains are allowed to receive data from the web application. */ includeSubdomains?: pulumi.Input; /** * Specifies the name of the origin with which you want to share your data. */ originName: pulumi.Input; /** * Specifies the port that other web applications are allowed to use to request data from your web application. */ originPort: pulumi.Input; /** * Specifies the protocol that other web applications are allowed to use to request data from your web application. */ originProtocol: pulumi.Input; } interface GetWafEntityUrlMethodOverride { /** * Specifies that the system allows or disallows a method for this URL */ allow: boolean; /** * Specifies an HTTP method. */ method: string; } interface GetWafEntityUrlMethodOverrideArgs { /** * Specifies that the system allows or disallows a method for this URL */ allow: pulumi.Input; /** * Specifies an HTTP method. */ method: pulumi.Input; } } export declare namespace sys { interface IAppList { /** * Name of origin */ encrypted?: pulumi.Input; /** * Name of origin */ value?: pulumi.Input; } interface IAppMetadata { /** * Name of origin */ persists?: pulumi.Input; /** * Name of origin */ value?: pulumi.Input; } interface IAppTable { columnNames?: pulumi.Input[]>; /** * Name of origin */ encryptedColumns?: pulumi.Input; /** * Name of the iApp. */ name?: pulumi.Input; rows?: pulumi.Input[]>; } interface IAppTableRow { rows?: pulumi.Input[]>; } interface IAppVariable { /** * Name of origin */ encrypted?: pulumi.Input; /** * Name of the iApp. */ name?: pulumi.Input; /** * Name of origin */ value?: pulumi.Input; } }