aam aaa-policy aaa-rule¶
Rules of AAA policy
aaa-rule Specification¶
Type Collection Object Key(s) index Collection Name aaa-rule-list Collection URI /axapi/v3/aam/aaa-policy/{name}/aaa-rule Element Name aaa-rule Element URI /axapi/v3/aam/aaa-policy/{name}/aaa-rule/{index} Element Attributes aaa-rule_attributes Statistics Data URI /axapi/v3/aam/aaa-policy/{name}/aaa-rule/{index}/stats Schema aaa-rule schemaOperations Allowed:
| Operation | Method | URI | Payload | |
|---|---|---|---|---|
Create Object | POST | /axapi/v3/aam/aaa-policy/{name}/aaa-rule | ||
Create List | POST | /axapi/v3/aam/aaa-policy/{name}/aaa-rule | ||
Get Object | GET | /axapi/v3/aam/aaa-policy/{name}/aaa-rule/{index} | ||
Get List | GET | /axapi/v3/aam/aaa-policy/{name}/aaa-rule | ||
Modify Object | POST | /axapi/v3/aam/aaa-policy/{name}/aaa-rule/{index} | ||
Replace Object | PUT | /axapi/v3/aam/aaa-policy/{name}/aaa-rule/{index} | ||
Replace List | PUT | /axapi/v3/aam/aaa-policy/{name}/aaa-rule | ||
Delete Object | DELETE | /axapi/v3/aam/aaa-policy/{name}/aaa-rule/{index} |
aaa-rule-list¶
aaa-rule-list is JSON List of aaa-rule attributes
aaa-rule-list : [
]
aaa-rule attributes¶
access-list
Description: access-list is a JSON Block. Please see below for access-list
Type: Object
action
Description ‘allow’: Allow traffic that matches this rule; ‘deny’: Deny traffic that matches this rule;
Type: string
Supported Values: allow, deny
auth-failure-bypass
Description Forward client request even though authentication has failed
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
authentication-template
Description Specify authentication template name to bind to the AAA rule
Type: string
Maximum Length: 127 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/aam/authentication/template
authorize-policy
Description Specify authorization policy to bind to the AAA rule
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/aam/authorization/policy
captcha-authz-policy
Description Specify authorization policy for CAPTCHA (Authorization policy name)
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/aam/authorization/policy
domain-name
Description Specify domain name to bind to the AAA rule (ex: a10networks.com, www.a10networks.com)
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
host
Type: Listindex
Description Specify AAA rule index
Type: number
Range: 1-256
match-encoded-uri
Description Enable URL decoding for URI matching
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
port
Description Specify port number for aaa-rule, default is 0 for all port numbers
Type: number
Range: 1-65535
sampling-enable
Type: Listuri
Type: Listuser-agent
Type: Listuser-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
sampling-enable¶
Specification Type list Block object keys counters1
Description ‘all’: all; ‘total_count’: some help string; ‘hit_deny’: some help string; ‘hit_auth’: some help string; ‘hit_bypass’: some help string; ‘failure_bypass’: some help string;
Type: string
Supported Values: all, total_count, hit_deny, hit_auth, hit_bypass, failure_bypass
uri¶
Specification Type list Block object keys match-type
Description ‘contains’: Match URI if request URI contains specified URI; ‘ends-with’: Match URI if request URI ends with specified URI; ‘equals’: Match URI if request URI equals specified URI; ‘starts-with’: Match URI if request URI starts with specified URI;
Type: string
Supported Values: contains, ends-with, equals, starts-with
uri-str
Description Specify URI string
Type: string
Format: string-rlx
Maximum Length: 128 characters
Maximum Length: 1 characters
user-agent¶
Specification Type list Block object keys user-agent-match-type
Description ‘contains’: Match request User-Agent header if it contains specified string; ‘ends-with’: Match request User-Agent header if it ends with specified string; ‘equals’: Match request User-Agent header if it equals specified string; ‘starts-with’: Match request User-Agent header if it starts with specified string;
Type: string
Supported Values: contains, ends-with, equals, starts-with
user-agent-str
Description Specify request User-Agent string
Type: string
Format: string-rlx
Maximum Length: 511 characters
Maximum Length: 1 characters
host¶
Specification Type list Block object keys host-match-type
Description ‘contains’: Match HOST if request HTTP HOST header contains specified hostname; ‘ends-with’: Match HOST if request HTTP HOST header ends with specified hostname; ‘equals’: Match HOST if request HTTP HOST header equals specified hostname; ‘starts-with’: Match HOST if request HTTP HOST header starts with specified hostname;
Type: string
Supported Values: contains, ends-with, equals, starts-with
host-str
Description Specify URI string
Type: string
Format: string-rlx
Maximum Length: 128 characters
Maximum Length: 1 characters
access-list¶
Specification Type object acl-id
Description ACL id
Type: number
Range: 1-199
Mutual Exclusion: acl-id and acl-name are mutually exclusive
Reference Object: /axapi/v3/access-list/standard
acl-name
Description ‘ip-name’: Apply an IP named access list; ‘ipv6-name’: Apply an IPv6 named access list;
Type: string
Supported Values: ip-name, ipv6-name
Mutual Exclusion: acl-name and acl-id are mutually exclusive
name
Description Specify Named Access List
Type: string
Maximum Length: 16 characters
Maximum Length: 1 characters
stats data¶
| Counter | Size | Description | |
|---|---|---|---|
| total_count | 8 | some help string | |
| hit_auth | 8 | some help string | |
| hit_deny | 8 | some help string | |
| hit_bypass | 8 | some help string | |
| failure_bypass | 8 | some help string |