| Parameter | Choices/Defaults | Comments | 
                
                                                            | accept_xff 
                    boolean
                                                                 added in 2.9 |  | Enables or disables trusting the client IP address, and statistics from the client IP address, based on the request's XFF (X-forwarded-for) headers, if they exist. When creating a new profile, if this parameter is not specified, the default is provided by the parent profile. | 
                            
                                                            | description 
                    string
                                                                 |  | Description of the profile. | 
                            
                                                            | dns_resolver 
                    string
                                                                 |  | Specifies the name of a configured DNS resolver, this option is mandatory when proxy_typeis set toexplicit. Format of the name can be either be prepended by partition (/Common/foo), or specified just as an object name (foo). To remove the entry a value of noneor''can be set, however the profileproxy_typemust not be set asexplicit. | 
                            
                                                            | encrypt_cookie_secret 
                    string
                                                                 |  | Passphrase for cookie encryption. When creating a new profile, if this parameter is not specified, the default is provided by the parent profile. | 
                            
                                                            | encrypt_cookies 
                    list
                                                                 |  | Cookie names for the system to encrypt. To remove the entry completely a value of noneor''should be set. When creating a new profile, if this parameter is not specified, the default is provided by the parent profile. | 
                            
                                                            | enforcement 
                    dictionary
                                                                 added in 2.9 |  | Specifies protocol enforcement settings for the HTTP profile. When creating a new profile, if this parameter is not specified, the default is provided by the parent profile. | 
                                                        
                                                |  | excess_client_headers 
                    string
                                                                 | Choices:
                                                                                                                                                            rejectpass-through | Specifies the behavior when too many client headers are received. If set to pass-through, will switch to pass through mode, whenrejectthe connection will be rejected. When creating a new profile, if this parameter is not specified, the default is provided by the parent profile. | 
                            
                                                |  | excess_server_headers 
                    string
                                                                 | Choices:
                                                                                                                                                            rejectpass-through | Specifies the behavior when too many server headers are received. If set to pass-through, will switch to pass through mode, whenrejectthe connection will be rejected. When creating a new profile, if this parameter is not specified, the default is provided by the parent profile. | 
                            
                                                |  | known_methods 
                    list
                                                                 |  | Specifies which HTTP methods count as being known, removing RFC-defined methods from this list will cause the HTTP filter to not recognize them. The default list provided with the system include: CONNECT,DELETE,GET,HEAD,LOCK,OPTIONS,POST,PROPFIND,PUT,TRACE,UNLOCK. The list can be appended by by specifyingdefaultkeyword as one of the list elements. The defaultkeyword can also be used to restore the defaultknown_methodson the system. When creating a new profile, if this parameter is not specified, the default is provided by the parent profile. | 
                            
                                                |  | max_header_count 
                    string
                                                                 |  | Specifies the maximum number of headers allowed in HTTP request/response. The valid value range is between 16 and 4096 inclusive. When set to defaultthe value of this parameter will be64 When creating a new profile, if this parameter is not specified, the default is provided by the parent profile. | 
                            
                                                |  | max_header_size 
                    string
                                                                 |  | Specifies the maximum header size specified in bytes. The valid value range is between 0 and 4294967295 inclusive. When set to defaultthe value of this parameter will be32768bytes When creating a new profile, if this parameter is not specified, the default is provided by the parent profile. | 
                            
                                                |  | max_requests 
                    string
                                                                 |  | Specifies the number of requests that the system accepts on a per-connection basis. The valid value range is between 0 and 4294967295 inclusive. When set to defaultthe value of this parameter will be0, which means the system will not limit the number of requests per connection. When creating a new profile, if this parameter is not specified, the default is provided by the parent profile. | 
                            
                                                |  | oversize_client_headers 
                    string
                                                                 | Choices:
                                                                                                                                                            rejectpass-through | Specifies the behavior when too-large client headers are received. If set to pass-through, will switch to pass through mode, whenrejectthe connection will be rejected. When creating a new profile, if this parameter is not specified, the default is provided by the parent profile. | 
                            
                                                |  | oversize_server_headers 
                    string
                                                                 | Choices:
                                                                                                                                                            rejectpass-through | Specifies the behavior when too-large server headers are received. If set to pass-through, will switch to pass through mode, whenrejectthe connection will be rejected. When creating a new profile, if this parameter is not specified, the default is provided by the parent profile. | 
                            
                                                |  | pipeline 
                    string
                                                                 | Choices:
                                                                                                                                                            allowrejectpass-through | Enables HTTP/1.1 pipelining, allowing clients to make requests even when prior requests have not received a response. In order for this to succeed, however, destination servers must include support for pipelining. If set to pass-through, pipelined data will cause the BIG-IP to immediately switch to pass-through mode and disable the HTTP filter. When creating a new profile, if this parameter is not specified, the default is provided by the parent profile. | 
                            
                                                |  | truncated_redirects 
                    boolean
                                                                 |  | Specifies what happens if a truncated redirect is seen from a server. If yes, the redirect will be forwarded to the client, otherwise the malformed HTTP will be silently ignored. When creating a new profile, if this parameter is not specified, the default is provided by the parent profile. | 
                            
                                                |  | unknown_method 
                    string
                                                                 | Choices:
                                                                                                                                                            allowrejectpass-through | Specifies whether to allow, reject or switch to pass-through mode when an unknown HTTP method is parsed. When creating a new profile, if this parameter is not specified, the default is provided by the parent profile. | 
                                            
                                                            | fallback_host 
                    string
                                                                 added in 2.9 |  | Specifies an HTTP fallback host. When creating a new profile, if this parameter is not specified, the default is provided by the parent profile. | 
                            
                                                            | fallback_status_codes 
                    list
                                                                 added in 2.9 |  | Specifies one or more HTTP error codes from server responses that should trigger a redirection to the fallback host. The accepted valid error codes are as defined by rfc2616. The codes can be specified as individual items or as valid ranges e.g. 400-417or500-505. Mixing response code range across error types is invalid e.g. defining 400-505will raise an error. When creating a new profile, if this parameter is not specified, the default is provided by the parent profile. | 
                            
                                                            | header_erase 
                    string
                                                                 added in 2.8 |  | The name of a header, in an HTTP request, which the system removes from request. To remove the entry completely a value of noneor''should be set. The format of the header must be in KEY:VALUEformat, otherwise error is raised. When creating a new profile, if this parameter is not specified, the default is provided by the parent profile. | 
                            
                                                            | header_insert 
                    string
                                                                 added in 2.8 |  | A string that the system inserts as a header in an HTTP request. To remove the entry completely a value of noneor''should be set. The format of the header must be in KEY:VALUEformat, otherwise error is raised. When creating a new profile, if this parameter is not specified, the default is provided by the parent profile. | 
                            
                                                            | hsts_mode 
                    boolean
                                                                 added in 2.8 |  | When set to yes, enables the HSTS settings. When creating a new profile, if this parameter is not specified, the default is provided by the parent profile. | 
                            
                                                            | include_subdomains 
                    boolean
                                                                 added in 2.8 |  | When set to yes, applies the HSTS policy to the HSTS host and its sub-domains. When creating a new profile, if this parameter is not specified, the default is provided by the parent profile. | 
                            
                                                            | insert_xforwarded_for 
                    boolean
                                                                 |  | When specified system inserts an X-Forwarded-For header in an HTTP request with the client IP address, to use with connection pooling. When creating a new profile, if this parameter is not specified, the default is provided by the parent profile. | 
                            
                                                            | maximum_age 
                    string
                                                                 added in 2.8 |  | Specifies the maximum length of time, in seconds, that HSTS functionality requests that clients only use HTTPS to connect to the current host and any sub-domains of the current host's domain name. The accepted value range is 0 - 4294967295seconds, a value of0seconds re-enables plaintext HTTP access, while specifyingindefinitewill set it to the maximum value. When creating a new profile, if this parameter is not specified, the default is provided by the parent profile. | 
                            
                                                            | name 
                    string
                                             / required                     |  | Specifies the name of the profile. | 
                            
                                                            | oneconnect_transformations 
                    boolean
                                                                 added in 2.9 |  | Enables the system to perform HTTP header transformations for the purpose of keeping server-side connections open. This feature requires configuration of a OneConnect profile. When creating a new profile, if this parameter is not specified, the default is provided by the parent profile. | 
                            
                                                            | parent 
                    string
                                                                 | Default: 
 "/Common/http" | Specifies the profile from which this profile inherits settings. When creating a new profile, if this parameter is not specified, the default is the system-supplied httpprofile. | 
                            
                                                            | partition 
                    string
                                                                 | Default: 
 "Common" | Device partition to manage resources on. | 
                            
                                                            | provider 
                    dictionary
                                                                 added in 2.5 |  | A dict object containing connection details. | 
                                                        
                                                |  | auth_provider 
                    string
                                                                 |  | Configures the auth provider for to obtain authentication tokens from the remote device. This option is really used when working with BIG-IQ devices. | 
                            
                                                |  | password 
                    string
                                             / required                     |  | The password for the user account used to connect to the BIG-IP. You may omit this option by setting the environment variable F5_PASSWORD. aliases: pass, pwd
 | 
                            
                                                |  | server 
                    string
                                             / required                     |  | The BIG-IP host. You may omit this option by setting the environment variable F5_SERVER. | 
                            
                                                |  | server_port 
                    integer
                                                                 | Default: 
 443 | The BIG-IP server port. You may omit this option by setting the environment variable F5_SERVER_PORT. | 
                            
                                                |  | ssh_keyfile 
                    path
                                                                 |  | Specifies the SSH keyfile to use to authenticate the connection to the remote device.  This argument is only used for cli transports. You may omit this option by setting the environment variable ANSIBLE_NET_SSH_KEYFILE. | 
                            
                                                |  | timeout 
                    integer
                                                                 |  | Specifies the timeout in seconds for communicating with the network device for either connecting or sending commands.  If the timeout is exceeded before the operation is completed, the module will error. | 
                            
                                                |  | transport 
                    string
                                                                 |  | Configures the transport connection to use when connecting to the remote device. | 
                            
                                                |  | user 
                    string
                                             / required                     |  | The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You may omit this option by setting the environment variable F5_USER. | 
                            
                                                |  | validate_certs 
                    boolean
                                                                 |  | If no, SSL certificates are not validated. Use this only on personally controlled sites using self-signed certificates. You may omit this option by setting the environment variable F5_VALIDATE_CERTS. | 
                                            
                                                            | proxy_type 
                    string
                                                                 | Choices:
                                                                                                                                                            reversetransparentexplicit | Specifies the proxy mode for the profile. When creating a new profile, if this parameter is not specified, the default is provided by the parent profile. | 
                            
                                                            | redirect_rewrite 
                    string
                                                                 | Choices:
                                                                                                                                                            noneallmatchingnodes | Specifies whether the system rewrites the URIs that are part of HTTP redirect (3XX) responses. When set to nonethe system will not rewrite the URI in any HTTP redirect responses. When set to allthe system rewrites the URI in all HTTP redirect responses. When set to matchingthe system rewrites the URI in any HTTP redirect responses that match the request URI. When set to nodesif the URI contains a node IP address instead of a host name, the system changes it to the virtual server address. When creating a new profile, if this parameter is not specified, the default is provided by the parent profile. | 
                            
                                                            | request_chunking 
                    string
                                                                 added in 2.9 | Choices:
                                                                                                                                                            rechunkselectivepreserve | Specifies how to handle chunked and unchunked requests. When creating a new profile, if this parameter is not specified, the default is provided by the parent profile. | 
                            
                                                            | response_chunking 
                    string
                                                                 added in 2.9 | Choices:
                                                                                                                                                            rechunkselectivepreserve | Specifies how to handle chunked and unchunked responses. When creating a new profile, if this parameter is not specified, the default is provided by the parent profile. | 
                            
                                                            | server_agent_name 
                    string
                                                                 added in 2.8 |  | Specifies the string used as the server name in traffic generated by BIG-IP. To remove the entry completely a value of noneor''should be set. When creating a new profile, if this parameter is not specified, the default is provided by the parent profile. | 
                            
                                                            | sflow 
                    dictionary
                                                                 added in 2.9 |  | Specifies sFlow settings for the HTTP profile. When creating a new profile, if this parameter is not specified, the default is provided by the parent profile. | 
                                                        
                                                |  | poll_interval 
                    integer
                                                                 |  | Specifies the maximum interval in seconds between two pollings. The valid value range is between 0 and 4294967295 seconds inclusive. For this setting to take effect the poll_interval_globalparameter must be set tono. When creating a new profile, if this parameter is not specified, the default is provided by the parent profile. | 
                            
                                                |  | poll_interval_global 
                    boolean
                                                                 |  | Specifies whether the global HTTP poll-interval setting overrides the object-level Cpoll-interval setting. When creating a new profile, if this parameter is not specified, the default is provided by the parent profile. | 
                            
                                                |  | sampling_rate 
                    integer
                                                                 |  | Specifies the ratio of packets observed to the samples generated. For example, a sampling rate of 2000specifies that 1 sample will be randomly generated for every 2000 packets observed. The valid value range is between 0 and 4294967295 packets inclusive. For this setting to take effect the sampling_rate_globalparameter must be set tono. When creating a new profile, if this parameter is not specified, the default is provided by the parent profile. | 
                            
                                                |  | sampling_rate_global 
                    boolean
                                                                 |  | Specifies whether the global HTTP sampling-rate setting overrides the object-level sampling-rate setting. When creating a new profile, if this parameter is not specified, the default is provided by the parent profile. | 
                                            
                                                            | state 
                    string
                                                                 | Choices:
                                                                                                                                                            present ←absent | When present, ensures that the profile exists. When absent, ensures the profile is removed. | 
                            
                                                            | update_password 
                    string
                                                                 | Choices:
                                                                                                                                                            always ←on_create | alwayswill update passwords if theencrypt_cookie_secretis specified.
 on_createwill only set the password for newly created profiles.
 | 
                            
                                                            | xff_alternative_names 
                    list
                                                                 added in 2.9 |  | Specifies alternative XFF headers instead of the default X-forwarded-for header. When creating a new profile, if this parameter is not specified, the default is provided by the parent profile. |