{ "id":"/axapi/v3/aam/aaa-policy/{name}/aaa-rule/{index}", "type":"object", "node-type":"list", "title":"aaa-rule", "partition-visibility":"shared", "description":"Rules of AAA policy", "properties":{ "index":{ "type":"number", "format":"number", "minimum":1, "maximum":256, "partition-visibility":"shared", "description":"Specify AAA rule index", "optional":false }, "uri":{ "type":"array", "minItems":1, "items":{ "type":"object" }, "uniqueItems":true, "array":[ { "properties":{ "match-type":{ "type":"string", "format":"enum", "partition-visibility":"shared", "description":"'contains': Match URI if request URI contains specified URI; 'ends-with': Match URI if request URI ends with specified URI; 'equals': Match URI if request URI equals specified URI; 'starts-with': Match URI if request URI starts with specified URI; ", "enum":[ "contains", "ends-with", "equals", "starts-with" ] }, "uri-str":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":128, "partition-visibility":"shared", "description":"Specify URI string" } } } ] }, "host":{ "type":"array", "minItems":1, "items":{ "type":"object" }, "uniqueItems":true, "array":[ { "properties":{ "host-match-type":{ "type":"string", "format":"enum", "partition-visibility":"shared", "description":"'contains': Match HOST if request HTTP HOST header contains specified hostname; 'ends-with': Match HOST if request HTTP HOST header ends with specified hostname; 'equals': Match HOST if request HTTP HOST header equals specified hostname; 'starts-with': Match HOST if request HTTP HOST header starts with specified hostname; ", "enum":[ "contains", "ends-with", "equals", "starts-with" ] }, "host-str":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":128, "partition-visibility":"shared", "description":"Specify URI string" } } } ] }, "domain-whitelist":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "$ref":"/axapi/v3/class-list", "description":"Specify the AC type class-list for the domain-whitelist", "optional":true }, "port":{ "type":"number", "format":"number", "minimum":1, "maximum":65535, "partition-visibility":"shared", "description":"Specify port number for aaa-rule, default is 0 for all port numbers", "optional":true }, "match-encoded-uri":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Enable URL decoding for URI matching", "optional":true }, "access-list":{ "type":"object", "properties":{ "acl-id":{ "type":"number", "format":"number", "minimum":1, "maximum":199, "partition-visibility":"shared", "$ref":"/axapi/v3/access-list/standard", "not":"acl-name", "description":"ACL id" }, "acl-name":{ "type":"string", "format":"enum", "partition-visibility":"shared", "not":"acl-id", "description":"'ip-name': Apply an IP named access list; 'ipv6-name': Apply an IPv6 named access list; ", "enum":[ "ip-name", "ipv6-name" ] }, "name":{ "type":"string", "format":"string", "minLength":1, "maxLength":16, "partition-visibility":"shared", "description":"Specify Named Access List" } } }, "domain-name":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":127, "partition-visibility":"shared", "description":"Specify domain name to bind to the AAA rule (ex: a10networks.com, www.a10networks.com)", "optional":true }, "user-agent":{ "type":"array", "minItems":1, "items":{ "type":"object" }, "uniqueItems":true, "array":[ { "properties":{ "user-agent-match-type":{ "type":"string", "format":"enum", "partition-visibility":"shared", "description":"'contains': Match request User-Agent header if it contains specified string; 'ends-with': Match request User-Agent header if it ends with specified string; 'equals': Match request User-Agent header if it equals specified string; 'starts-with': Match request User-Agent header if it starts with specified string; ", "enum":[ "contains", "ends-with", "equals", "starts-with" ] }, "user-agent-str":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":511, "partition-visibility":"shared", "description":"Specify request User-Agent string" } } } ] }, "action":{ "type":"string", "format":"enum", "partition-visibility":"shared", "description":"'allow': Allow traffic that matches this rule; 'deny': Deny traffic that matches this rule; ", "enum":[ "allow", "deny" ], "optional":true }, "authentication-template":{ "type":"string", "format":"string", "minLength":1, "maxLength":127, "partition-visibility":"shared", "$ref":"/axapi/v3/aam/authentication/template", "description":"Specify authentication template name to bind to the AAA rule", "optional":true }, "authorize-policy":{ "type":"string", "format":"string", "minLength":1, "maxLength":63, "partition-visibility":"shared", "$ref":"/axapi/v3/aam/authorization/policy", "description":"Specify authorization policy to bind to the AAA rule", "optional":true }, "captcha-authz-policy":{ "type":"string", "format":"string", "minLength":1, "maxLength":63, "partition-visibility":"shared", "$ref":"/axapi/v3/aam/authorization/policy", "description":"Specify authorization policy for CAPTCHA (Authorization policy name)", "optional":true }, "auth-failure-bypass":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Forward client request even though authentication has failed", "optional":true }, "uuid":{ "type":"string", "format":"string", "minLength":1, "maxLength":64, "partition-visibility":"shared", "modify-not-allowed":1, "description":"uuid of the object", "optional":true }, "user-tag":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":127, "partition-visibility":"shared", "description":"Customized tag", "optional":true }, "sampling-enable":{ "type":"array", "minItems":1, "items":{ "type":"object" }, "uniqueItems":true, "array":[ { "properties":{ "counters1":{ "type":"string", "format":"enum", "partition-visibility":"shared", "description":"'all': all; 'total_count': total_count; 'hit_deny': hit_deny; 'hit_auth': hit_auth; 'hit_bypass': hit_bypass; 'failure_bypass': failure_bypass; ", "enum":[ "all", "total_count", "hit_deny", "hit_auth", "hit_bypass", "failure_bypass" ] } } } ] } }, "object-keys":[ "index" ], "required":[ "index" ] }