openapi: 3.1.0 info: title: A10 Networks ACOS aXAPI v3 description: > The ACOS aXAPI is a RESTful HTTPS interface for configuring and operating A10 Networks Thunder Application Delivery Controllers and DDoS protection devices running ACOS (Application Centric Operating System). The aXAPI v3 surface is exhaustive (the Terraform provider exposes 3,627 resources): this profile captures the authentication flow and the core Server Load Balancing (SLB) configuration surface — virtual servers, real servers, service groups, and health monitors — which are the most commonly automated objects across ACOS deployments. ACOS 4.0.0 through ACOS 7.0.2 are supported. version: '3.0' contact: name: A10 Networks Support url: https://www.a10networks.com/support license: name: A10 Networks End User License Agreement url: https://www.a10networks.com/company/legal/end-user-license-agreement/ servers: - url: https://{thunder-host} description: ACOS Thunder Appliance, vThunder VM, or vThunder Container (customer-hosted) variables: thunder-host: default: thunder.example.com description: Hostname or IP address of the ACOS device or vThunder instance. security: - A10Signature: [] tags: - name: Authentication description: Session sign-on and sign-off - name: SLB Virtual Server description: Virtual servers (VIPs) that front pools of real servers - name: SLB Server description: Real backend servers - name: SLB Service Group description: Service groups (pools) that bind real servers to a load-balancing method - name: SLB Health Monitor description: Active health probes attached to servers and service groups paths: /axapi/v3/auth: post: summary: Sign On To ACOS description: > Authenticate with the ACOS device and receive a signature token. The returned signature must be sent in the `Authorization: A10 ` header for every subsequent aXAPI request. Sessions expire after the device-configured idle timeout. operationId: signOnToAcos tags: - Authentication security: [] requestBody: required: true content: application/json: schema: $ref: '#/components/schemas/AuthRequest' responses: '200': description: Authenticated; returned signature must be reused in the Authorization header. content: application/json: schema: $ref: '#/components/schemas/AuthResponse' '401': description: Invalid credentials. /axapi/v3/logoff: post: summary: Sign Off From ACOS description: Terminate the authenticated session and invalidate the signature. operationId: signOffFromAcos tags: - Authentication responses: '200': description: Session terminated. /axapi/v3/slb/virtual-server: get: summary: List Virtual Servers description: List all configured SLB virtual servers (VIPs) on the device. operationId: listVirtualServers tags: - SLB Virtual Server responses: '200': description: A list of virtual servers. content: application/json: schema: type: object properties: virtual-server-list: type: array items: $ref: '#/components/schemas/VirtualServer' post: summary: Create A Virtual Server description: Create a new SLB virtual server (VIP). The virtual server binds an IP address to one or more virtual ports backed by service groups. operationId: createVirtualServer tags: - SLB Virtual Server requestBody: required: true content: application/json: schema: type: object properties: virtual-server: $ref: '#/components/schemas/VirtualServer' responses: '200': description: Virtual server created. /axapi/v3/slb/virtual-server/{name}: parameters: - name: name in: path required: true schema: type: string get: summary: Get A Virtual Server operationId: getVirtualServer tags: - SLB Virtual Server responses: '200': description: The virtual server. content: application/json: schema: type: object properties: virtual-server: $ref: '#/components/schemas/VirtualServer' put: summary: Update A Virtual Server operationId: updateVirtualServer tags: - SLB Virtual Server requestBody: required: true content: application/json: schema: type: object properties: virtual-server: $ref: '#/components/schemas/VirtualServer' responses: '200': description: Virtual server updated. delete: summary: Delete A Virtual Server operationId: deleteVirtualServer tags: - SLB Virtual Server responses: '200': description: Virtual server deleted. /axapi/v3/slb/server: get: summary: List Real Servers operationId: listServers tags: - SLB Server responses: '200': description: A list of real servers. content: application/json: schema: type: object properties: server-list: type: array items: $ref: '#/components/schemas/Server' post: summary: Create A Real Server operationId: createServer tags: - SLB Server requestBody: required: true content: application/json: schema: type: object properties: server: $ref: '#/components/schemas/Server' responses: '200': description: Real server created. /axapi/v3/slb/server/{name}: parameters: - name: name in: path required: true schema: type: string get: summary: Get A Real Server operationId: getServer tags: - SLB Server responses: '200': description: The real server. content: application/json: schema: type: object properties: server: $ref: '#/components/schemas/Server' put: summary: Update A Real Server operationId: updateServer tags: - SLB Server requestBody: required: true content: application/json: schema: type: object properties: server: $ref: '#/components/schemas/Server' responses: '200': description: Real server updated. delete: summary: Delete A Real Server operationId: deleteServer tags: - SLB Server responses: '200': description: Real server deleted. /axapi/v3/slb/service-group: get: summary: List Service Groups operationId: listServiceGroups tags: - SLB Service Group responses: '200': description: A list of service groups. content: application/json: schema: type: object properties: service-group-list: type: array items: $ref: '#/components/schemas/ServiceGroup' post: summary: Create A Service Group operationId: createServiceGroup tags: - SLB Service Group requestBody: required: true content: application/json: schema: type: object properties: service-group: $ref: '#/components/schemas/ServiceGroup' responses: '200': description: Service group created. /axapi/v3/slb/service-group/{name}: parameters: - name: name in: path required: true schema: type: string get: summary: Get A Service Group operationId: getServiceGroup tags: - SLB Service Group responses: '200': description: The service group. content: application/json: schema: type: object properties: service-group: $ref: '#/components/schemas/ServiceGroup' put: summary: Update A Service Group operationId: updateServiceGroup tags: - SLB Service Group requestBody: required: true content: application/json: schema: type: object properties: service-group: $ref: '#/components/schemas/ServiceGroup' responses: '200': description: Service group updated. delete: summary: Delete A Service Group operationId: deleteServiceGroup tags: - SLB Service Group responses: '200': description: Service group deleted. /axapi/v3/health/monitor: get: summary: List Health Monitors operationId: listHealthMonitors tags: - SLB Health Monitor responses: '200': description: A list of health monitors. content: application/json: schema: type: object properties: monitor-list: type: array items: $ref: '#/components/schemas/HealthMonitor' post: summary: Create A Health Monitor operationId: createHealthMonitor tags: - SLB Health Monitor requestBody: required: true content: application/json: schema: type: object properties: monitor: $ref: '#/components/schemas/HealthMonitor' responses: '200': description: Health monitor created. components: securitySchemes: A10Signature: type: apiKey in: header name: Authorization description: > Signature returned from POST /axapi/v3/auth, sent as `Authorization: A10 `. schemas: AuthRequest: type: object required: - credentials properties: credentials: type: object required: - username - password properties: username: type: string description: Local ACOS administrator username. password: type: string format: password description: Local ACOS administrator password. AuthResponse: type: object properties: authresponse: type: object properties: signature: type: string description: Session signature; supply as `Authorization: A10 ` on subsequent calls. description: type: string VirtualServer: type: object required: - name - ip-address properties: name: type: string description: Unique virtual server name. ip-address: type: string format: ipv4 description: VIP address. ipv6-address: type: string format: ipv6 netmask: type: string port-list: type: array items: $ref: '#/components/schemas/VirtualPort' enable-disable-action: type: string enum: [enable, disable, disable-when-all-ports-down, disable-when-any-port-down] ha-group: type: integer VirtualPort: type: object required: - port-number - protocol properties: port-number: type: integer protocol: type: string enum: [tcp, udp, http, https, fast-http, ssl-proxy, smtp, ftp, ftp-proxy, rtsp, mms, sip, sip-tcp, sips, diameter, dns-tcp, dns-udp, mysql, mssql, radius, smpp-tcp] service-group: type: string description: Name of the service group bound to this virtual port. template-tcp: type: string template-http: type: string template-persist-source-ip: type: string Server: type: object required: - name properties: name: type: string host: type: string description: IPv4 address or hostname of the real backend. server-ipv6-addr: type: string format: ipv6 port-list: type: array items: type: object properties: port-number: type: integer protocol: type: string enum: [tcp, udp] health-check: type: string weight: type: integer minimum: 1 maximum: 1000 action: type: string enum: [enable, disable] health-check: type: string description: Health monitor template name. ServiceGroup: type: object required: - name - protocol properties: name: type: string protocol: type: string enum: [tcp, udp] lb-method: type: string enum: [round-robin, weighted-rr, least-connection, weighted-least-connection, service-least-connection, service-weighted-least-connection, fastest-response, least-request, round-robin-strict, src-ip-hash, src-ip-hash-only, dst-ip-hash, dst-ip-hash-only, per-pkt-round-robin, odd-even-hash] health-check: type: string member-list: type: array items: type: object required: - name - port properties: name: type: string description: Real server name (must already exist). port: type: integer member-state: type: string enum: [enable, disable, disable-with-health-check] member-priority: type: integer HealthMonitor: type: object required: - name properties: name: type: string retry: type: integer description: Consecutive failures before a server is marked down. consec-pass-value: type: integer description: Consecutive successes before a server is marked up. interval: type: integer description: Probe interval in seconds. timeout: type: integer method: type: object description: One-of probe-type discriminator (http, https, tcp, udp, icmp, dns, ftp, smtp, snmp, radius, etc).