You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: README.md
+28-87Lines changed: 28 additions & 87 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -70,121 +70,62 @@ The a10vThunder Universal Orchestrator extension If you have a support issue, pl
70
70
Before installing the a10vThunder Universal Orchestrator extension, we recommend that you install [kfutil](https://github.com/Keyfactor/kfutil). Kfutil is a command-line tool that simplifies the process of creating store types, installing extensions, and instantiating certificate stores in Keyfactor Command.
71
71
72
72
73
-
### 🔐 Setting Up API User and Access on A10 Thunder
73
+
### Creating a User for API Access on A10 vThunder
74
74
75
-
This section explains how to configure an API user and enable API (AXAPI) access on an A10 Thunder device using the CLI.
75
+
This guide explains how to create a user on A10 vThunder for API (AXAPI) access with appropriate privileges.
76
76
77
-
#### ✅ Prerequisites
78
-
79
-
- Admin credentials for the A10 Thunder device
80
-
- SSH access to the device
81
-
- Familiarity with A10 CLI commands
82
-
83
-
---
84
-
85
-
#### 🧑💻 Step 1: Create an API User
86
-
87
-
1. SSH into the A10 Thunder device:
88
-
89
-
```bash
90
-
ssh admin@<DEVICE_IP>
91
-
```
92
-
93
-
2. Enter configuration mode:
77
+
#### Step-by-Step Instructions
94
78
79
+
1.**Enter configuration mode:**
95
80
```bash
96
81
configure terminal
97
82
```
98
83
99
-
3. Create a user account for API access:
100
-
101
-
```bash
102
-
username <api_user> password <secure_password>
103
-
```
104
-
105
-
4. Assign admin privileges:
106
-
84
+
2.**Create the user and set a password:**
107
85
```bash
108
-
username <api_user> privilege 15
86
+
admin apiuser password yourStrongPassword
109
87
```
110
88
111
-
5. (Optional) Assign a role if using Role-Based Access Control (RBAC):
89
+
Replace `apiuser` with the desired username, and `yourStrongPassword` with a secure password.
112
90
91
+
3.**Assign necessary privileges:**
113
92
```bash
114
-
username <api_user> role <role_name>
93
+
privilege read
94
+
privilege write
95
+
privilege partition-enable-disable
96
+
privilege partition-read
97
+
privilege partition-write
115
98
```
116
99
117
-
6. Save the configuration:
100
+
These privileges grant the user:
101
+
- Global read and write access
102
+
- Per-partition read and write access
103
+
- Permission to enable or disable partitions
118
104
105
+
4.**(Optional) Enable external health monitor privilege (if needed):**
119
106
```bash
120
-
write memory
107
+
privilege hm
121
108
```
122
109
123
-
---
124
-
125
-
#### 🌐 Step 2: Enable and Verify API Access
126
-
127
-
A10 Thunder supports AXAPI, a REST-based API. Follow these steps to confirm access:
128
-
129
-
1. Ensure the management interface allows API traffic (if access-lists are used):
130
-
110
+
5.**Exit user configuration:**
131
111
```bash
132
-
ip access-list standard mgmt
133
-
permit <MGMT_SUBNET><SUBNET_MASK>
134
112
exit
135
-
136
-
interface management
137
-
access-list mgmt
138
113
```
139
114
140
-
2. (Optional) Bind SSL cert for secure access:
115
+
#### Notes
141
116
142
-
```bash
143
-
slb ssl-cert <CERT_NAME>
144
-
key <KEY_FILE>
145
-
certificate <CERT_FILE>
146
-
```
147
-
148
-
3. Authenticate using AXAPI v3 (example using `curl`):
149
-
150
-
```bash
151
-
curl -k -X POST https://<DEVICE_IP>/axapi/v3/auth \
0 commit comments