| Parameter | Choices/Defaults | Comments | 
                
                                                            | cache_name 
                    string
                                                                 added in 2.7 |  | Specifies the user-created cache that the system uses to cache DNS responses. When you select a cache for the system to use, you must also set enable_dns_cachetoyes | 
                            
                                                            | enable_cache 
                    boolean
                                                                 added in 2.7 |  | Specifies whether the system caches DNS responses. When creating a new profile, if this parameter is not specified, the default is provided by the parent profile. When yes, the BIG-IP system caches DNS responses handled by the virtual servers associated with this profile. When you enable this setting, you must also specify a value forcache_name. When no, the BIG-IP system does not cache DNS responses handled by the virtual servers associated with this profile. However, the profile retains the association with the DNS cache in thecache_nameparameter. Disable this setting when you want to debug the system. | 
                            
                                                            | enable_dns_express 
                    boolean
                                                                 |  | Specifies whether the DNS Express engine is enabled. When creating a new profile, if this parameter is not specified, the default is provided by the parent profile. The DNS Express engine receives zone transfers from the authoritative DNS server for the zone. If the enable_zone_transfersetting is alsoyeson this profile, the DNS Express engine also responds to zone transfer requests made by the nameservers configured as zone transfer clients for the DNS Express zone. | 
                            
                                                            | enable_dns_firewall 
                    boolean
                                                                 |  | Specifies whether DNS firewall capability is enabled. When creating a new profile, if this parameter is not specified, the default is provided by the parent profile. | 
                            
                                                            | enable_dnssec 
                    boolean
                                                                 |  | Specifies whether the system signs responses with DNSSEC keys and replies to DNSSEC specific queries (e.g., DNSKEY query type). When creating a new profile, if this parameter is not specified, the default is provided by the parent profile. | 
                            
                                                            | enable_gtm 
                    boolean
                                                                 |  | Specifies whether the system uses Global Traffic Manager to manage the response. When creating a new profile, if this parameter is not specified, the default is provided by the parent profile. | 
                            
                                                            | enable_zone_transfer 
                    boolean
                                                                 |  | Specifies whether the system answers zone transfer requests for a DNS zone created on the system. When creating a new profile, if this parameter is not specified, the default is provided by the parent profile. The enable_dns_expressandenable_zone_transfersettings on a DNS profile affect how the system responds to zone transfer requests. When the enable_dns_expressandenable_zone_transfersettings are bothyes, if a zone transfer request matches a DNS Express zone, then DNS Express answers the request. When the enable_dns_expresssetting isnoand theenable_zone_transfersetting isyes, the BIG-IP system processes zone transfer requests based on the last action and answers the request from local BIND or a pool member. | 
                            
                                                            | name 
                    string
                                             / required                     |  | Specifies the name of the DNS profile. | 
                            
                                                            | parent 
                    string
                                                                 |  | Specifies the profile from which this profile inherits settings. When creating a new profile, if this parameter is not specified, the default is the system-supplied dnsprofile. | 
                            
                                                            | partition 
                    string
                                                                 | Default: 
 "Common" | Device partition to manage resources on. | 
                            
                                                            | process_recursion_desired 
                    boolean
                                                                 |  | Specifies whether to process client-side DNS packets with Recursion Desired set in the header. When creating a new profile, if this parameter is not specified, the default is provided by the parent profile. If set to no, processing of the packet is subject to the unhandled-query-action option. | 
                            
                                                            | provider 
                    dictionary
                                                                 added in 2.5 |  | A dict object containing connection details. | 
                                                        
                                                |  | auth_provider 
                    string
                                                                 |  | Configures the auth provider for to obtain authentication tokens from the remote device. This option is really used when working with BIG-IQ devices. | 
                            
                                                |  | password 
                    string
                                             / required                     |  | The password for the user account used to connect to the BIG-IP. You may omit this option by setting the environment variable F5_PASSWORD. aliases: pass, pwd
 | 
                            
                                                |  | server 
                    string
                                             / required                     |  | The BIG-IP host. You may omit this option by setting the environment variable F5_SERVER. | 
                            
                                                |  | server_port 
                    integer
                                                                 | Default: 
 443 | The BIG-IP server port. You may omit this option by setting the environment variable F5_SERVER_PORT. | 
                            
                                                |  | ssh_keyfile 
                    path
                                                                 |  | Specifies the SSH keyfile to use to authenticate the connection to the remote device.  This argument is only used for cli transports. You may omit this option by setting the environment variable ANSIBLE_NET_SSH_KEYFILE. | 
                            
                                                |  | timeout 
                    integer
                                                                 |  | Specifies the timeout in seconds for communicating with the network device for either connecting or sending commands.  If the timeout is exceeded before the operation is completed, the module will error. | 
                            
                                                |  | transport 
                    string
                                                                 |  | Configures the transport connection to use when connecting to the remote device. | 
                            
                                                |  | user 
                    string
                                             / required                     |  | The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You may omit this option by setting the environment variable F5_USER. | 
                            
                                                |  | validate_certs 
                    boolean
                                                                 |  | If no, SSL certificates are not validated. Use this only on personally controlled sites using self-signed certificates. You may omit this option by setting the environment variable F5_VALIDATE_CERTS. | 
                                            
                                                            | state 
                    string
                                                                 | Choices:
                                                                                                                                                            present ←absent | When present, ensures that the profile exists. When absent, ensures the profile is removed. | 
                            
                                                            | unhandled_query_action 
                    string
                                                                 added in 2.7 | Choices:
                                                                                                                                                            allowdroprejecthintno-error | Specifies the action to take when a query does not match a Wide IP or a DNS Express Zone. When allow, the BIG-IP system forwards queries to a DNS server or pool member. If a pool is not associated with a listener and the Use BIND Server on BIG-IP setting is set to Enabled, requests are forwarded to the local BIND server. When drop, the BIG-IP system does not respond to the query. When reject, the BIG-IP system returns the query with the REFUSED return code. When hint, the BIG-IP system returns the query with a list of root name servers. When no-error, the BIG-IP system returns the query with the NOERROR return code. When creating a new profile, if this parameter is not specified, the default is provided by the parent profile. | 
                            
                                                            | use_local_bind 
                    boolean
                                                                 |  | Specifies whether the system forwards non-wide IP queries to the local BIND server on the BIG-IP system. For best performance, disable this setting when using a DNS cache. When creating a new profile, if this parameter is not specified, the default is provided by the parent profile. |