.. _aam_aaa_policy_aaa_rule: aam aaa-policy aaa-rule ======================= Rules of AAA policy aaa-rule Specification ---------------------- ===================================== =============================================================================== **Parameter** **Value** ===================================== =============================================================================== **Type** *Collection* **Object Key(s)** *index* **Collection Name** :ref:`2_aaa-rule_list` **Collection URI** /axapi/v3/aam/aaa-policy/{name}/aaa-rule **Element Name** aaa-rule **Element URI** /axapi/v3/aam/aaa-policy/{name}/aaa-rule/{index} **Element Attributes** aaa-rule_attributes **Partition Visibility** shared **Statistics Data URI** /axapi/v3/aam/aaa-policy/{name}/aaa-rule/{index}/stats **Schema** :download:`aaa-rule schema ` ===================================== =============================================================================== **Operations Allowed:** .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html

Operation	Method	URI	Payload
Create Object .. raw:: html	POST .. raw:: html	/axapi/v3/aam/aaa-policy/{name}/aaa-rule .. raw:: html	:ref:`2_aaa-rule_attributes` .. raw:: html
Create List .. raw:: html	POST .. raw:: html	/axapi/v3/aam/aaa-policy/{name}/aaa-rule .. raw:: html	:ref:`2_aaa-rule_attributes` .. raw:: html
Get Object .. raw:: html	GET .. raw:: html	/axapi/v3/aam/aaa-policy/{name}/aaa-rule/{index} .. raw:: html	:ref:`2_aaa-rule_attributes` .. raw:: html
Get List .. raw:: html	GET .. raw:: html	/axapi/v3/aam/aaa-policy/{name}/aaa-rule .. raw:: html	:ref:`2_aaa-rule_list` .. raw:: html
Modify Object .. raw:: html	POST .. raw:: html	/axapi/v3/aam/aaa-policy/{name}/aaa-rule/{index} .. raw:: html	:ref:`2_aaa-rule_attributes` .. raw:: html
Replace Object .. raw:: html	PUT .. raw:: html	/axapi/v3/aam/aaa-policy/{name}/aaa-rule/{index} .. raw:: html	:ref:`2_aaa-rule_attributes` .. raw:: html
Replace List .. raw:: html	PUT .. raw:: html	/axapi/v3/aam/aaa-policy/{name}/aaa-rule .. raw:: html	:ref:`2_aaa-rule_list` .. raw:: html
Delete Object .. raw:: html	DELETE .. raw:: html	/axapi/v3/aam/aaa-policy/{name}/aaa-rule/{index} .. raw:: html	:ref:`2_aaa-rule_attributes` .. raw:: html

.. _2_aaa-rule_list: aaa-rule-list ------------- aaa-rule-list is **JSON List** of :ref:`2_aaa-rule_attributes` aaa-rule-list : [ { :ref:`2_aaa-rule_attributes` }, { :ref:`2_aaa-rule_attributes` }, ... ] .. _2_aaa-rule_attributes: aaa-rule attributes ------------------- **access-list** **Description:** access-list is a **JSON Block**. Please see below for :ref:`2_access-list` **Type:** Object **action** **Description** 'allow': Allow traffic that matches this rule; 'deny': Deny traffic that matches this rule; **Type:** string **Supported Values:** allow, deny **auth-failure-bypass** **Description** Forward client request even though authentication has failed **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **authentication-template** **Description** Specify authentication template name to bind to the AAA rule **Type:** string **Maximum Length:** 127 characters **Maximum Length:** 1 characters **Reference Object:** :doc:`/axapi/v3/aam/authentication/template ` **authorize-policy** **Description** Specify authorization policy to bind to the AAA rule **Type:** string **Maximum Length:** 63 characters **Maximum Length:** 1 characters **Reference Object:** :doc:`/axapi/v3/aam/authorization/policy ` **captcha-authz-policy** **Description** Specify authorization policy for CAPTCHA (Authorization policy name) **Type:** string **Maximum Length:** 63 characters **Maximum Length:** 1 characters **Reference Object:** :doc:`/axapi/v3/aam/authorization/policy ` **domain-name** **Description** Specify domain name to bind to the AAA rule (ex: a10networks.com, www.a10networks.com) **Type:** string **Format:** string-rlx **Maximum Length:** 127 characters **Maximum Length:** 1 characters **domain-whitelist** **Description** Specify the AC type class-list for the domain-whitelist **Type:** string **Format:** string-rlx **Maximum Length:** 63 characters **Maximum Length:** 1 characters **Reference Object:** :doc:`/axapi/v3/class-list ` **host** **Type:** List **index** **Description** Specify AAA rule index **Type:** number **Range:** 1-256 **match-encoded-uri** **Description** Enable URL decoding for URI matching **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **port** **Description** Specify port number for aaa-rule, default is 0 for all port numbers **Type:** number **Range:** 1-65535 **sampling-enable** **Type:** List **uri** **Type:** List **user-agent** **Type:** List **user-tag** **Description** Customized tag **Type:** string **Format:** string-rlx **Maximum Length:** 127 characters **Maximum Length:** 1 characters **uuid** **Description** uuid of the object **Type:** string **Maximum Length:** 64 characters **Maximum Length:** 1 characters .. _2_sampling-enable: sampling-enable ^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *list* **Block object keys** =============================== =================================================== **counters1** **Description** 'all': all; 'total_count': some help string; 'hit_deny': some help string; 'hit_auth': some help string; 'hit_bypass': some help string; 'failure_bypass': some help string; **Type:** string **Supported Values:** all, total_count, hit_deny, hit_auth, hit_bypass, failure_bypass .. _2_uri: uri ^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *list* **Block object keys** =============================== =================================================== **match-type** **Description** 'contains': Match URI if request URI contains specified URI; 'ends-with': Match URI if request URI ends with specified URI; 'equals': Match URI if request URI equals specified URI; 'starts-with': Match URI if request URI starts with specified URI; **Type:** string **Supported Values:** contains, ends-with, equals, starts-with **uri-str** **Description** Specify URI string **Type:** string **Format:** string-rlx **Maximum Length:** 128 characters **Maximum Length:** 1 characters .. _2_user-agent: user-agent ^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *list* **Block object keys** =============================== =================================================== **user-agent-match-type** **Description** 'contains': Match request User-Agent header if it contains specified string; 'ends-with': Match request User-Agent header if it ends with specified string; 'equals': Match request User-Agent header if it equals specified string; 'starts-with': Match request User-Agent header if it starts with specified string; **Type:** string **Supported Values:** contains, ends-with, equals, starts-with **user-agent-str** **Description** Specify request User-Agent string **Type:** string **Format:** string-rlx **Maximum Length:** 511 characters **Maximum Length:** 1 characters .. _2_host: host ^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *list* **Block object keys** =============================== =================================================== **host-match-type** **Description** 'contains': Match HOST if request HTTP HOST header contains specified hostname; 'ends-with': Match HOST if request HTTP HOST header ends with specified hostname; 'equals': Match HOST if request HTTP HOST header equals specified hostname; 'starts-with': Match HOST if request HTTP HOST header starts with specified hostname; **Type:** string **Supported Values:** contains, ends-with, equals, starts-with **host-str** **Description** Specify URI string **Type:** string **Format:** string-rlx **Maximum Length:** 128 characters **Maximum Length:** 1 characters .. _2_access-list: access-list ^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *object* =============================== =================================================== **acl-id** **Description** ACL id **Type:** number **Range:** 1-199 **Mutual Exclusion:** acl-id and acl-name are mutually exclusive **Reference Object:** :doc:`/axapi/v3/access-list/standard ` **acl-name** **Description** 'ip-name': Apply an IP named access list; 'ipv6-name': Apply an IPv6 named access list; **Type:** string **Supported Values:** ip-name, ipv6-name **Mutual Exclusion:** acl-name and acl-id are mutually exclusive **name** **Description** Specify Named Access List **Type:** string **Maximum Length:** 16 characters **Maximum Length:** 1 characters