All Products
Search
Document Center

Security Center:List of operations by function

Last Updated:Nov 22, 2024
This product(Sas/2018-12-03) OpenAPI adopts RPC Signature style. See signature details in Description of the signature mechanism. We have packaged SDKs for common programming languages for developers. Developers can directly call the OpenAPI of this product by downloading the SDK without paying attention to the technical details. If the existing SDK cannot meet the usage requirements, you can connect through the signature mechanism. It will take about 5 working days. Therefore, it is recommended to join our DingTalk service group (78410016550) and sign under the guidance of experts.
Before using the API, you need to prepare your identity account and access key (AccessKey) to effectively access the API through client tools (SDK, CLI, etc.). For details see getAccessKey.

Security Report

APITitleDescription
DescribeCustomizeReportListDescribeCustomizeReportListQueries security reports.
DescribeReportExportDescribeReportExportQueries the information about a report export task.
CopyCustomizeReportConfigCopyCustomizeReportConfigClones an existing security report. The new security report has the same configuration as the existing security report.
DescribeChartListDescribeChartListQueries the charts that are supported by using the security report feature of Security Center.
DescribeReportRecipientStatusDescribeReportRecipientStatusQueries the status of a report recipient by using the security report feature of the System Configuration module in the Security Center console.

Application Whitelist

APITitleDescription
ModifyProcessWhiteListModifyProcessWhiteListAdds a process to or removes a process from the whitelist by using the application whitelist feature.
UpdateWhiteListStrategyStatusUpdateWhiteListStrategyStatusUpdates the status of an application whitelist policy.
SaveWhiteListStrategySaveWhiteListStrategyCreates an application whitelist policy.
DescribeWhiteListStrategyUuidCountDescribeWhiteListStrategyUuidCountQueries the number of the servers on which an application whitelist policy takes effect.
DescribeWhiteListStrategyStatisticsDescribeWhiteListStrategyStatisticsQueries the statistics of application whitelist policies.
DescribeWhiteListStrategyListDescribeWhiteListStrategyListQueries a list of application whitelist policies.
DescribeWhiteListProcessDescribeWhiteListProcessQueries the information about the processes that are detected in an application whitelist policy.
DescribeWhiteListEffectiveAssetsDescribeWhiteListEffectiveAssetsQueries the servers on which an application whitelist policy takes effect.
DescribeWhiteListAuthorizeDescribeWhiteListAuthorizeQueries the available quota for the application whitelist feature.
DescribeWhiteListAssetDescribeWhiteListAssetQueries the information about servers that can be added or are added to application whitelist policies.

Agentless Detection

APITitleDescription
DeleteMaliciousFileWhitelistConfigDeleteMaliciousFileWhitelistConfigDeletes a whitelist rule for alerts generated for sensitive files that are detected by using the agentless detection feature.
BatchDeleteMaliciousFileWhitelistConfigBatchDeleteMaliciousFileWhitelistConfigDeletes whitelist rules for alerts generated for sensitive files that are detected by using the agentless detection feature in batches.
UpdateMaliciousFileWhitelistConfigUpdateMaliciousFileWhitelistConfigModifies an alert whitelist rule of sensitive files that are detected by using the agentless detection feature.
BatchUpdateMaliciousFileWhitelistConfigBatchUpdateMaliciousFileWhitelistConfigModifies multiple alert whitelist rules of sensitive files that are detected by using the agentless detection feature at a time.
CreateMaliciousFileWhitelistConfigCreateMaliciousFileWhitelistConfigCreates an alert whitelist rule of sensitive files that are detected by using the agentless detection feature.
GetMaliciousFileWhitelistConfigGetMaliciousFileWhitelistConfigQueries an alert whitelist rule of sensitive files that are detected by using the agentless detection feature.
ListMaliciousFileWhitelistConfigsListMaliciousFileWhitelistConfigsQueries the alert whitelist rules of sensitive files that are detected by using the agentless detection feature.
CreateAgentlessScanTaskCreateAgentlessScanTaskCreates an agentless detection task.
DeleteMaliciousNoteDeleteMaliciousNoteRemoves the remarks added to alert events that are generated by the agentless detection feature.
CreateMaliciousNoteCreateMaliciousNoteAdds remarks to alert events for agentless detection.
ListAgentlessMaliciousFilesListAgentlessMaliciousFilesQueries malicious files that are detected by agentless detection tasks.
RetryAgentlessTaskRetryAgentlessTaskRetries agentless detection tasks.
ListAgentlessRelateMaliciousListAgentlessRelateMaliciousObtains the risks associated with an agentless detection event.
ListAgentlessRegionListAgentlessRegionQueries the regions that are supported by the agentless detection feature.
ListAgentlessTaskListAgentlessTaskQueries agentless detection tasks.
GetAgentlessTaskCountGetAgentlessTaskCountQueries the number of agentless detection tasks.
ListAgentlessRiskUuidListAgentlessRiskUuidQueries at-risk hosts that are detected by the agentless detection feature.

Core File Monitoring

APITitleDescription
ListFileProtectPluginStatusListFileProtectPluginStatusQueries information about the Security Center agent installed on servers on which core file monitoring rules take effect. The information includes the installation status of the Security Center agent and whether the core file monitoring feature is supported.
UpdateFileProtectEventStatusUpdateFileProtectEventStatusModifies the status of core file monitoring events reported by the Security Center agent.
GetFileProtectDashboardGetFileProtectDashboardQueries information about the core file monitoring feature, including the number of effective rules and the installation status of the Security Center agent on servers.
ListFileProtectEventListFileProtectEventQueries core file monitoring rules that meet the specified filter condition.
DeleteFileProtectRuleDeleteFileProtectRuleDeletes core file monitoring rules.
GetFileProtectEventCountGetFileProtectEventCountQueries the total number of core file monitoring events by filter condition.
UpdateFileProtectRemarkUpdateFileProtectRemarkAdds remarks to core file monitoring events reported by the Security Center agent.
GetFileProtectEventGetFileProtectEventQueries information about core file monitoring events.
UpdateFileProtectRuleUpdateFileProtectRuleModifies the content of a core file monitoring rule based on the ID of the rule.
ListFileProtectRuleListFileProtectRuleQueries core file monitoring rules.
CreateFileProtectRuleCreateFileProtectRuleCreates a core file monitoring rule.
GetFileProtectRuleGetFileProtectRuleQueries the information about a core file monitoring rule based on the ID of the rule.

Alarm Settings

APITitleDescription
ListClientAlertModeListClientAlertModeQueries the alert settings of assets. By default, the balanced mode is enabled. A detected list of assets can be returned only in strict mode.
UpdateClientAlertModeUpdateClientAlertModeModifies alerting settings for servers.

Proactive Defense for Containers

APITitleDescription
Non-Mirror Program DefenseNon-Mirror Program Defense
ListContainerDefenseRuleClustersListContainerDefenseRuleClustersQueries a list of clusters that are included in a rule for non-image program defense.
ListContainerDefenseRuleListContainerDefenseRuleQueries a list of rules for non-image program defense.
GetContainerDefenseRuleDetailGetContainerDefenseRuleDetailQueries the details of a rule for non-image program defense.
ModifyContainerDefenseRuleModifyContainerDefenseRuleModifies a rule for non-image program defense.
ModifyContainerDefenseRuleSwitchModifyContainerDefenseRuleSwitchChanges the status of non-image program defense rules.
DeleteContainerDefenseRuleDeleteContainerDefenseRuleDeletes a rule for non-image program defense.
AddContainerDefenseRuleAddContainerDefenseRuleCreates a rule for non-image program defense.
Risk mirror blockingRisk mirror blocking
ListOpaClusterStrategyNewListOpaClusterStrategyNewQueries at-risk image blocking rules.
CreateOpaStrategyNewCreateOpaStrategyNewCreates a rule to block at-risk images.
GetOpaStrategyDetailNewGetOpaStrategyDetailNewQueries the details of the rule that is used to block at-risk images.
UpdateOpaStrategyNewUpdateOpaStrategyNewUpdates the blocking rule for at-risk images.
DeleteOpaStrategyNewDeleteOpaStrategyNewDeletes rules of the at-risk image blocking type.
GetOpaStrategyTemplateSummaryGetOpaStrategyTemplateSummaryQueries the usage statistics about the templates provided in the feature of proactive defense for containers for rules of the at-risk image blocking type.
CreateOpaClusterPluginCreateOpaClusterPluginInstalls the components that are required by at-risk image blocking. The components are policy-template-controller, gatekeeper, and logtail-ds.
GetOpaPluginStatusGetOpaPluginStatusQueries the installation status of the components that are required for clusters protected by proactive defense for containers.
GetOpaClusterLabelListGetOpaClusterLabelListQueries information about the tags that are added to containers based on the feature of proactive defense for containers.
GetStrategyTemplateDetailGetStrategyTemplateDetailQueries the usage details of templates provided in the feature of proactive defense for containers for rules.
ListCriteriaStrategyListCriteriaStrategyQueries the IDs and names of rules configured for proactive defense for containers.
GetOpaClusterImageListGetOpaClusterImageList
GetOpaClusterNamespaceListGetOpaClusterNamespaceListQueries information about the namespaces of clusters for which the rules of the at-risk image blocking type are configured in proactive defense for containers.
GetOpaClusterBaseLineListGetOpaClusterBaseLineListQueries the baselines that are supported by at-risk image blocking.
ListImageBuildRiskItemListImageBuildRiskItemQueries the types of risky image build commands.
DescribeMatchedMaliciousNamesDescribeMatchedMaliciousNamesQueries a list of malicious image sample types.
未翻译(容器防逃逸)未翻译(容器防逃逸)
ListAegisContainerPluginRuleListAegisContainerPluginRuleQueries defense rules against container escapes.

Container File Protection

APITitleDescription
ListSasContainerWebDefenseRuleListSasContainerWebDefenseRuleQueries rules for container tamper-proofing.
OperateSwitchStatusOperateSwitchStatusChanges the status of a rule for container tamper-proofing.
AddSasContainerWebDefenseRuleAddSasContainerWebDefenseRuleCreates a rule for container tamper-proofing.
ModifySasContainerWebDefenseRuleModifySasContainerWebDefenseRuleModifies a rule for container tamper-proofing.
GetSasContainerWebDefenseRuleApplicationGetSasContainerWebDefenseRuleApplicationQueries the applications that are specified in a rule for container tamper-proofing.

Container firewall

APITitleDescription
ModifyClusterCnnfStatusUserConfirmModifyClusterCnnfStatusUserConfirmFixes the blocking status of clusters whose status is Normal to be confirmed.
GetInterceptionSummaryGetInterceptionSummaryQueries the statistics of the container firewall feature.
ListInterceptionTargetPageListInterceptionTargetPageQueries the network objects that are protected by the container firewall feature.
ListRuleTargetAllListRuleTargetAllQueries the network objects based on which a specified cluster is protected.
SetClusterInterceptionConfigSetClusterInterceptionConfigConfigures the status of the container firewall feature.
ModifyInterceptionTargetModifyInterceptionTargetModifies the information about a network object of the container firewall feature.
ListClusterInterceptionConfigListClusterInterceptionConfigQueries the defense rules that are created for a cluster.
ListClusterCnnfStatusDetailListClusterCnnfStatusDetailQueries the protection status of the container firewall.
ModifyInterceptionRuleModifyInterceptionRuleModifies a proactive defense rule for containers.
ModifyInterceptionRuleSwitchModifyInterceptionRuleSwitchEnables or disables a proactive defense rule for containers.

Agent client

APITitleDescription
GetClientRatioStatisticGetClientRatioStatisticQueries the installation rate and online rate of the agent.
ModifyClientConfStrategyModifyClientConfStrategyModifies an agent configuration policy.
DescribeClientConfStrategyDescribeClientConfStrategyQueries the configurations of servers to which different tags are added.
ModifyClientConfSetupModifyClientConfSetupModifies the resource configurations of the Security Center agent.
DescribeClientConfSetupDescribeClientConfSetupQueries the configurations of the Security Center agent.
DescribeInstallCodeDescribeInstallCodeQueries the installation verification code that is used to run the installation command of the Security Center agent.
DeleteInstallCodeDeleteInstallCodeDeletes the command that is used to install the Security Center agent.
ListPluginForUuidListPluginForUuidQueries the information about plug-ins on a server.
AddInstallCodeAddInstallCodeCreates a command that is used to install the Security Center agent.
OperateAgentClientInstallOperateAgentClientInstallInstalls the Security Center agent on servers.
PauseClientPauseClientEnables or disables the Security Center agent.
UnbindAegisUnbindAegisUnbinds servers that are not deployed on Alibaba Cloud from Security Center.
DescribeAgentInstallStatusDescribeAgentInstallStatusQueries the installation status of the Security Center agent after you run an installation command by using Cloud Assistant. You can call this operation to query the installation status only if the installation request is initiated within 2 minutes.
DescribeVendorListDescribeVendorListQueries the service providers whose assets can be added to Security Center.
DescribeInstallCaptchaDescribeInstallCaptchaQueries the verification code for you to manually install the Security Center agent.
SasInstallCodeSasInstallCodeQueries the installation verification code that is used to run the installation command of the Security Center agent.
DescribeInstallCodesDescribeInstallCodesQueries the commands that are used to manually install the Security Center Agent.
ListUninstallAegisMachinesListUninstallAegisMachinesQueries the information about the servers whose Security Center agent is not installed.
DescribeClientProblemTypeDescribeClientProblemTypeQueries a list of agent issue types.

Asset management

APITitleDescription
DeleteSearchConditionDeleteSearchConditionDeletes a frequently used search condition by using the asset management feature of the Assets module in the Security Center console.
StartIdcProbeScanStartIdcProbeScanStarts an IDC scan task.
ModifySearchConditionModifySearchConditionModifies common filter conditions to search for assets.
GetAssetDetailByUuidGetAssetDetailByUuidQueries the details of a server and the extended information about the server by using the UUID of the server.
DescribeGroupStructDescribeGroupStructQueries the structure of a group.
ListCloudAssetInstancesListCloudAssetInstancesQueries cloud service assets.
DescribeImageInfoListDescribeImageInfoListQueries images.
DescribeLogShipperStatusDescribeLogShipperStatusQueries the status information about the log analysis feature.
AddUninstallClientsByUuidsAddUninstallClientsByUuidsAdds servers from which you want to uninstall the Security Center agent.
AddTagWithUuidAddTagWithUuidAdds a tag to assets.
GetCloudAssetSummaryGetCloudAssetSummaryThe total number of instances that are at risk.
GetCloudAssetDetailGetCloudAssetDetailObtains the details of cloud assets.
ModifyAssetImportantModifyAssetImportantModifies the importance of an asset.
ModifyGroupPropertyModifyGroupPropertyChanges the name of a server group.
DescribeOfflineMachinesDescribeOfflineMachinesQueries the information about the servers whose Security Center agent status is Offline.
CheckUserHasEcsCheckUserHasEcsChecks whether Elastic Compute Service (ECS) instances exist.
CreateOrUpdateAssetGroupCreateOrUpdateAssetGroupModifies the mapping between an asset and an asset group. For example, you can call this operation to modify the server group to which the asset belongs or the asset list of the asset group.
RefreshAssetsRefreshAssetsSynchronizes assets.
DeleteGroupDeleteGroupDeletes a server group.
DeleteTagWithUuidDeleteTagWithUuidRemoves custom tags from assets.
DeleteLoginBaseConfigDeleteLoginBaseConfigDeletes the basic configuration information from the logon security configurations for a specific asset.
ModifyTagWithUuidModifyTagWithUuidModifies the names of the tags that are added to assets, or modifies the tags for assets.
ModifyLoginSwitchConfigModifyLoginSwitchConfigEnables or disables the logon security settings for a specific asset.
ModifyLoginBaseConfigModifyLoginBaseConfigModifies the logon configuration for a specified asset.
ModifyPushAllTaskModifyPushAllTaskPerforms security check tasks on servers with a few clicks.
DescribeAssetDetailByUuidDescribeAssetDetailByUuidQueries the details of a server and the extended information about the server by using the UUID of the server.
DescribeGroupedInstancesDescribeGroupedInstancesQueries the statistical information about assets based on a specified filter condition.
QueryGroupIdByGroupNameQueryGroupIdByGroupNameQueries the ID of an asset group by using the name of the asset group.
DescribeAssetSummaryDescribeAssetSummaryThe ID of the request, which is used to locate and troubleshoot issues.
DescribeAllEntityDescribeAllEntityQueries the information about all assets. The information includes asset group IDs and asset names.
DescribeFieldStatisticsDescribeFieldStatisticsQueries the statistics of servers.
DescribeGroupedTagsDescribeGroupedTagsQueries the statistics of asset tags.
DescribeAllGroupsDescribeAllGroupsQueries the information about server groups.
DescribeInstanceStatisticsDescribeInstanceStatisticsQueries the statistics of assets that are protected by Security Center.
DescribeCloudProductFieldStatisticsDescribeCloudProductFieldStatisticsQueries the statistics of cloud services whose instances are protected by Security Center.
DescribeDomainCountDescribeDomainCountQueries the number of domain assets within your Alibaba Cloud account.
DescribeDomainListDescribeDomainListQueries the information about the domain assets within your Alibaba Cloud account.
DescribeDomainDetailDescribeDomainDetailQueries the details of domain assets within your Alibaba Cloud account.
DescribeCloudCenterInstancesDescribeCloudCenterInstancesQueries the information about assets that meet specific search conditions. For example, you can search for assets by the instance name or region of the asset.
DescribeSummaryInfoDescribeSummaryInfoQueries the security information about your assets. The information includes the security score and the numbers of protected and unprotected assets.
DescribeSearchConditionDescribeSearchConditionQueries the filter conditions that are used to search for assets.
DescribeCriteriaDescribeCriteriaQueries the filter conditions that are used to search for assets in fuzzy match mode.
DescribeVpcListDescribeVpcListQueries the information about virtual private clouds (VPCs).
DescribeAssetDetailByUuidsDescribeAssetDetailByUuidsQueries the details of Elastic Compute Service (ECS) instances.
DescribeImageStatisticsDescribeImageStatisticsQueries the risk statistics of container images.
DescribeContainerStatisticsDescribeContainerStatisticsQueries the alert statistics of container assets.
ModifyAssetGroupModifyAssetGroupChanges the server group to which one or more servers belong.
InstallCloudMonitorInstallCloudMonitorInstalls the CloudMonitor agent on specified servers.
DescribeSasPmAgentListDescribeSasPmAgentListQueries the servers on which you want to install the CloudMonitor agent.
ListAssetCleanConfigListAssetCleanConfigQueries the configurations for cleaning offline hosts whose provider cannot be identified.
ModifyAssetCleanConfigModifyAssetCleanConfigModifies the configurations for cleaning offline hosts whose provider cannot be identified.
ListAssetRefreshTaskConfigListAssetRefreshTaskConfigQueries the configurations of asset synchronization.
ChangeAssetRefreshTaskConfigChangeAssetRefreshTaskConfigModifies the interval of asset synchronization configurations.
ListCloudVendorRegionsListCloudVendorRegionsQueries the synchronization region configurations of other clouds on a site.
AddCloudVendorAccountAKAddCloudVendorAccountAKAdds the configuration information of multi-cloud assets.
DeleteCloudVendorAccountAKDeleteCloudVendorAccountAK
DescribeCloudVendorAccountAKListDescribeCloudVendorAccountAKList
ModifyCloudVendorAccountAKModifyCloudVendorAccountAK
GetLocalDefaultRegionGetLocalDefaultRegionObtains the default region for synchronizing assets outside Alibaba Cloud.
SetSyncRefreshRegionSetSyncRefreshRegionConfigures the regions from which you want to synchronize assets.
GetSupportedModulesGetSupportedModules

Asset fingerprints

APITitleDescription
DescribeAssetsScaProcessNumDescribeAssetsScaProcessNumQueries the number of Java processes in an asset by using the asset fingerprints feature of Security Center.
DescribePropertyUsageTopDescribePropertyUsageTopUses the asset fingerprints feature to obtain the statistics on top five most frequently detected ports, processes, software, accounts, or middleware.
DescribePropertyScaProcessDetailDescribePropertyScaProcessDetailQueries the Java processes that are collected by the asset fingerprints feature of Security Center in your assets.
GetPropertyScheduleConfigGetPropertyScheduleConfigQueries the configurations for the collection frequency of asset fingerprints.
GetAssetsPropertyItemGetAssetsPropertyItemQueries the aggregation information about the asset fingerprints of the startup item, kernel module, or website type.
GetAssetsPropertyDetailGetAssetsPropertyDetailQueries the details about the asset fingerprints of the startup item, kernel module, or website type.
DescribePropertyTypeScaItemDescribePropertyTypeScaItemQueries middleware types.
DescribePropertyCronItemDescribePropertyCronItemQueries the scheduled tasks of your assets.
DescribePropertyScaItemDescribePropertyScaItemQueries middleware fingerprints.
DescribePropertyCronDetailDescribePropertyCronDetailQueries the details of scheduled tasks on the Host page.
DescribePropertyCountDescribePropertyCountQueries the statistics of asset fingerprints. The assets include processes, ports, software, accounts, middleware, websites, web services, scheduled tasks, startup items, and databases.
DescribePropertyPortDetailDescribePropertyPortDetailQueries the fingerprints of ports on a specified server.
DescribePropertyProcDetailDescribePropertyProcDetailQueries the fingerprints of processes on a specified server.
DescribePropertyPortItemDescribePropertyPortItemQueries information about all ports.
DescribePropertyProcItemDescribePropertyProcItemQueries information about all processes.
DescribePropertySoftwareDetailDescribePropertySoftwareDetailQueries the details of a software asset.
DescribePropertyUsageNewestDescribePropertyUsageNewestQueries the information about the most recently created five accounts.
DescribePropertySoftwareItemDescribePropertySoftwareItemQueries information about all software assets.
DescribePropertyUserDetailDescribePropertyUserDetailQueries the asset fingerprints for an account to which a server belongs.
DescribePropertyUserItemDescribePropertyUserItemQueries information about an account.
DescribeModuleConfigDescribeModuleConfigQueries the configurations of the asset fingerprint module.
DescribePropertyScaDetailDescribePropertyScaDetailQueries middleware fingerprints.
ModifyPropertyScheduleConfigModifyPropertyScheduleConfigModifies the collection frequency of asset fingerprints for an automatic periodic collection task.
DescribePropertyScheduleConfigDescribePropertyScheduleConfigQueries the configurations of scheduled tasks of asset fingerprint collection.

Security score

APITitleDescription
GetSecurityScoreRuleGetSecurityScoreRuleQueries the details of the deduction modules of the security score feature, including custom settings.
ChangeSecurityScoreRuleChangeSecurityScoreRuleModifies the details of the deduction modules of the security score feature, including custom settings.
DescribeSecureSuggestionDescribeSecureSuggestionQueries suggestions on how to handle the risks that affect the security score.

Asset exposure analysis

APITitleDescription
DescribeExposedInstanceCriteriaDescribeExposedInstanceCriteriaQueries the search conditions that are used to search for exposed assets.
DescribeExposedInstanceDetailDescribeExposedInstanceDetailQueries the details of a specified server that is exposed on the Internet.
DescribeExposedInstanceListDescribeExposedInstanceListQueries the information about the assets that are exposed on the Internet.
DescribeExposedStatisticsDescribeExposedStatisticsQueries the exposure statistics of the assets on the Internet.
DescribeExposedStatisticsDetailDescribeExposedStatisticsDetailQueries the gateway assets, ports, system components, or public IP addresses that are exposed on the Internet.

Container management

APITitleDescription
DescribeContainerTagsDescribeContainerTagsQueries the details of container assets by using an attribute.
DescribeAssetsSecurityEventSummaryDescribeAssetsSecurityEventSummaryQueries the risk information about containers.
DescribeImageDescribeImageQueries an image digest.
DescribeClusterInfoListDescribeClusterInfoListQueries the information about a cluster.
DescribeContainerCriteriaDescribeContainerCriteriaObtains the filter conditions that you can use to filter the containers.
DescribeContainerInstancesDescribeContainerInstancesQueries the information about containers.
DescribeImageCriteriaDescribeImageCriteriaQueries the search conditions that are used to query images.
DescribeImageInstancesDescribeImageInstancesQueries information about images.
DescribeImageRepoDetailListDescribeImageRepoDetailListQueries the information about image repositories.
DescribeImageRepoCriteriaDescribeImageRepoCriteriaObtains the filter conditions that are supported by the image repository.
GetClusterSuspEventStatisticsGetClusterSuspEventStatisticsQueries the statistics on alert events that are generated for containers.
GetClusterCheckItemWarningStatisticsGetClusterCheckItemWarningStatisticsQueries the statistics on baseline risk items of container clusters.
DescribeGroupedContainerInstancesDescribeGroupedContainerInstancesQueries containers by group type.
RefreshContainerAssetsRefreshContainerAssetsRefreshes the statistics of container assets in the Assets module.

Container visualization

APITitleDescription
DescribeClusterNetworkDescribeClusterNetworkQueries information about the network topology edge by cluster.
FindContainerNetworkConnectFindContainerNetworkConnect

Image security scans

APITitleDescription
SetBuildRiskDefineRuleConfigSetBuildRiskDefineRuleConfigModifies configurations for scanning image build command risks.
GetBuildRiskDefineRuleConfigGetBuildRiskDefineRuleConfigQueries configurations for scanning image build command risks.
ListPrivateRegistryTypeListPrivateRegistryTypeQueries the number of image repositories of each type.
ListPrivateRegistryListListPrivateRegistryListQueries image repositories.
DescribeCountNotScannedImageDescribeCountNotScannedImageQueries the number of images that are not scanned.
DescribeImageScanAuthorizationDescribeImageScanAuthorizationQueries whether Security Center is authorized to scan images.
GetImageScanNumInPeriodGetImageScanNumInPeriodQueries the number of image scans that are performed within the last several days.
SetRegistryScanDayNumSetRegistryScanDayNumSpecifies a cycle to scan images for image repositories. Unit: days.
SaveImageBaselineStrategySaveImageBaselineStrategySaves a baseline check policy for images.
OperateImageBaselineWhitelistOperateImageBaselineWhitelistAdds a check item of an image baseline to the whitelist, or removes a check item of an image baseline from the whitelist.
DescribeImageBaselineStrategyDescribeImageBaselineStrategyQueries the information about a baseline check policy for images.
DescribeImageBaselineItemListDescribeImageBaselineItemListQueries baseline check results based on images.
DescribeImageBaselineDetailDescribeImageBaselineDetailQueries the details about the baseline check result for an image.
DescribeImageBaselineCheckResultDescribeImageBaselineCheckResultQueries the security scan results of images.
DescribeAllImageBaselineDescribeAllImageBaselineQueries baselines that are used in image baseline checks.
DescribeImageListBySensitiveFileDescribeImageListBySensitiveFileQueries information about images that are affected by sensitive files.
OpenSensitiveFileScanOpenSensitiveFileScanEnables or disables sensitive file scan.
DescribeImageSensitiveFileListDescribeImageSensitiveFileListQueries information about sensitive files.
DescribeImageSensitiveFileByKeyDescribeImageSensitiveFileByKeyQueries the sensitive files in an image.
DescribeAffectedMaliciousFileImagesDescribeAffectedMaliciousFileImagesQueries the details of malicious image samples.
DescribeGroupedMaliciousFilesDescribeGroupedMaliciousFilesQueries a list of malicious image samples.
DescribeImageVulListDescribeImageVulListQueries the details of vulnerabilities that are detected by using container image scan and the affected images.
DescribeImageGroupedVulListDescribeImageGroupedVulListQueries image vulnerabilities.
DescribeImageListWithBaselineNameDescribeImageListWithBaselineNameQueries the details about images in the results of image baseline checks.
DescribeImageFixTaskDescribeImageFixTaskQueries the tasks that you create to fix image risks.
DescribeImageScanAuthCountDescribeImageScanAuthCountQueries the details of the quota for container image scan.
DescribeImageBaselineCheckSummaryDescribeImageBaselineCheckSummaryQueries the check results of image baselines that are included in an image scan task.
PublicPreCheckImageScanTaskPublicPreCheckImageScanTaskQueries the number of images to scan in an image scan task and the quota for container image scan to be consumed by the task.
PublicCreateImageScanTaskPublicCreateImageScanTaskCreates an image scan task.
PublicSyncAndCreateImageScanTaskPublicSyncAndCreateImageScanTaskAdds images to Security Center and creates an image scan task to scan the images.
DescribeCountScannedImageDescribeCountScannedImageQueries the number of images that are scanned.

Configuration Assessment

APITitleDescription
VerifyCheckInstanceResultVerifyCheckInstanceResultVerifies the instances on which risks are detected based on a check item.
VerifyCheckResultVerifyCheckResultVerifies risk items that are detected based on check items.
GetCloudAssetCriteriaGetCloudAssetCriteriaQueries the filter conditions that are used to search for cloud assets.
RemoveCheckResultWhiteListRemoveCheckResultWhiteListRemoves the check items of the configuration assessment feature from the whitelist.
AddCheckResultWhiteListAddCheckResultWhiteListAdds the check items of the configuration assessment feature to the whitelist.
RemoveCheckInstanceResultWhiteListRemoveCheckInstanceResultWhiteListRemoves an instance from the whitelist.
AddCheckInstanceResultWhiteListAddCheckInstanceResultWhiteListAdds instances on which risks are detected based on check items of the configuration assessment feature to a whitelist.
GetCheckSummaryGetCheckSummaryQueries the summary information about the configuration checks on cloud services.
ListInstanceCatalogListInstanceCatalogQueries the asset types and asset subtypes for configuration assessment.
GetCheckProcessGetCheckProcessQueries the progress of a configuration check task on cloud services.
SubmitCheckSubmitCheckSubmits a configuration assessment task.
ChangeCheckConfigChangeCheckConfigModifies the configuration items of the configuration assessment feature.
GetCheckConfigGetCheckConfigQueries the information about an automatic configuration check on cloud services.
GetCheckDetailGetCheckDetailQueries the details about a check item that is used for configuration assessment.
ListCheckInstanceResultListCheckInstanceResultQueries the instances that failed a specified check item of configuration assessment.
ListCheckResultListCheckResultQueries the details of the risk items that are detected in the configuration checks on cloud services.
ListCheckStandardListCheckStandardQueries the standards of configuration checks.
ListCheckItemListCheckItemQueries the check items that can be customized.
StartBaselineSecurityCheckStartBaselineSecurityCheckChecks cloud service configurations. You can check all items or a specific item and verify whether an item is checked.
ModifySecurityCheckScheduleConfigModifySecurityCheckScheduleConfigSpecifies the time when an automatic configuration check on cloud services runs.
DescribeRiskItemTypeDescribeRiskItemTypeQueries the types of check items in configuration assessment.
DescribeRiskCheckSummaryDescribeRiskCheckSummaryQueries the summary information about the check results of cloud service configurations. The information includes the number of risk items, the risk rate, the number of affected assets, the check time, and the statistics about each type of check items.
DescribeRiskCheckResultDescribeRiskCheckResultQueries the check results of cloud service configurations by check item type or name.
DescribeSecurityCheckScheduleConfigDescribeSecurityCheckScheduleConfigQueries the day of a week when custom check tasks are performed and the time range during which the custom check tasks are performed.
DescribeRiskCheckItemResultDescribeRiskCheckItemResultQueries the assets that are affected by the risk item detected in configuration assessment based on a specified check item.
DescribeRiskListCheckResultDescribeRiskListCheckResultQueries the number of risk items detected in the configuration assessment of one or more cloud services by using the instance IDs of the cloud services.
DescribeVersionConfigDescribeVersionConfigQueries the details about the edition of purchased Security Center.

Protection against ransomware

APITitleDescription
DeleteBackupSnapshotDeleteBackupSnapshotDeletes a backup snapshot that is created for anti-ransomware.
CreateRestoreJobCreateRestoreJobCreates a restoration task.
UninstallUniBackupAgentUninstallUniBackupAgentUninstalls the database backup agent.
StartPreCheckDatabaseStartPreCheckDatabaseStarts a database precheck task.
StartDiscoverDatabaseTaskStartDiscoverDatabaseTaskStarts a database scan task.
QueryPreCheckDatabaseQueryPreCheckDatabaseQueries the result of a database precheck task.
QueryDiscoverDatabaseQueryDiscoverDatabaseQueries the progress of a database scan task.
ModifyUniBackupPolicyModifyUniBackupPolicyModifies an anti-ransomware policy for databases.
InstallUniBackupAgentInstallUniBackupAgentInstalls the anti-ransomware agent for databases.
DescribeUniSupportRegionDescribeUniSupportRegionQueries the region that is supported by anti-ransomware for databases.
DescribeUniRecoverableListDescribeUniRecoverableListQueries the backup snapshots from which the data of a database can be restored.
DescribeUniBackupPolicyDetailDescribeUniBackupPolicyDetailQueries the details of an anti-ransomware policy for databases.
DescribeUniBackupPoliciesDescribeUniBackupPoliciesQueries the anti-ransomware policies that are created for databases.
DescribeUniBackupDatabaseDescribeUniBackupDatabaseQueries the information about databases for which anti-ransomware policies are created.
DescribeRestorePlansDescribeRestorePlansQueries restoration tasks.
DeleteUniBackupPolicyDeleteUniBackupPolicyDeletes anti-ransomware policies that are created for databases.
CreateUniRestorePlanCreateUniRestorePlanCreates a restoration task for a database.
CreateUniBackupPolicyCreateUniBackupPolicyCreates an anti-ransomware policy for a database.
DescribeSnapshotsDescribeSnapshotsQueries the backup snapshots that are created for anti-ransomware.
DescribeBackupMachineStatusDescribeBackupMachineStatusQueries the backup status of a sever to which an anti-ransomware policy is applied.
UpgradeBackupPolicyVersionUpgradeBackupPolicyVersionUpgrades the version of an anti-ransomware policy.
DescribeExcludeSystemPathDescribeExcludeSystemPathQueries the directories that are excluded from anti-ransomware.
DescribeBackupPolicyDescribeBackupPolicyQueries the details of an anti-ransomware policy for servers.
CreateBackupPolicyCreateBackupPolicyCreates an anti-ransomware policy for servers.
InstallBackupClientInstallBackupClientInstalls the anti-ransomware agent.
GetBackupStorageCountGetBackupStorageCountQueries the anti-ransomware capacity that is used.
DescribeBackupClientsDescribeBackupClientsQueries the servers on which the anti-ransomware agent is installed in a specified region.
DescribeBackupPoliciesDescribeBackupPoliciesQueries anti-ransomware policies.
DescribeBackupFilesDescribeBackupFilesQueries backup files.
DescribeSupportRegionDescribeSupportRegionQueries the regions in which the anti-ransomware feature is supported.
DescribeUserBackupMachinesDescribeUserBackupMachinesQueries the information about the servers to which an anti-ransomware policy is applied.
DescribeRestoreJobsDescribeRestoreJobsQueries the details about restoration tasks.
DescribeBackupRestoreCountDescribeBackupRestoreCountQueries the statistics of restoration tasks.
ModifyBackupPolicyStatusModifyBackupPolicyStatusEnables or disables an anti-ransomware policy.
ModifyBackupPolicyModifyBackupPolicyModifies an anti-ransomware policy.
DeleteBackupPolicyMachineDeleteBackupPolicyMachineDeletes a server from a specified anti-ransomware policy.
DeleteBackupPolicyDeleteBackupPolicyDeletes an anti-ransomware policy.
UninstallBackupClientUninstallBackupClientUninstalls the anti-ransomware agent.

Tamper protection

APITitleDescription
DescribeWebLockStatusDescribeWebLockStatusQueries the status of web tamper proofing.
DescribeWebLockFileEventsDescribeWebLockFileEventsQueries events on web tamper proofing.
ModifyWebLockDeleteConfigModifyWebLockDeleteConfigDeletes a directory on a specified server from the protected directories of web tamper proofing.
ModifyWebLockCreateConfigModifyWebLockCreateConfigAdds a directory to protect for a specified server.
ModifyWebLockUpdateConfigModifyWebLockUpdateConfigModifies protection policy for a specified server.
ModifyWebLockStartModifyWebLockStartConfigures and enables web tamper proofing for a specified server.
DescribeWebLockConfigListDescribeWebLockConfigListQueries the configurations of web tamper proofing for a specified server.
DescribeWebLockBindListDescribeWebLockBindListQueries the information about the servers that have web tamper proofing enabled.
ModifyWebLockStatusModifyWebLockStatusEnables or disables web tamper proofing for a server.
ModifyWebLockUnbindModifyWebLockUnbindDisables web tamper proofing for a specified server.
OperateWebLockFileEventsOperateWebLockFileEventsHandles alert events that are generated for web tamper proofing.
ModifyWebLockProcessStatusModifyWebLockProcessStatusChanges the status of processes for web tamper proofing.
JoinWebLockProcessWhiteListJoinWebLockProcessWhiteListAdds processes to the process whitelist of web tamper proofing.
DescribeWebLockTotalFileChangeCountDescribeWebLockTotalFileChangeCountQueries the number of times that the files protected by web tamper proofing are changed.
DescribeWebLockProcessListDescribeWebLockProcessListQueries the processes for web tamper proofing.
DescribeWebLockProcessBlockStatisticsDescribeWebLockProcessBlockStatisticsQueries the statistics on processes for web tamper proofing.
DescribeWebLockInclusiveFileTypeDescribeWebLockInclusiveFileTypeQueries the types of files that can be protected by web tamper proofing.
DescribeWebLockFileTypeSummaryDescribeWebLockFileTypeSummaryQueries the summary information about the types of files for which web tamper proofing is enabled.
DescribeWebLockFileChangeStatisticsDescribeWebLockFileChangeStatisticsQueries the statistics on changes to the files that are protected by web tamper proofing.
DescribeWebLockExclusiveFileTypeDescribeWebLockExclusiveFileTypeQueries the types of files that are excluded from web tamper proofing.

Virus detection

APITitleDescription
DescribeSuspiciousUUIDConfigDescribeSuspiciousUUIDConfigQueries the UUIDs of servers on which proactive defense of a specified type takes effect.
StartVirusScanTaskStartVirusScanTaskPerforms a virus scan task on a server or multiple servers.
DescribeLatestScanTaskDescribeLatestScanTaskQueries the progress of the last virus scan task.
CreateVirusScanOnceTaskCreateVirusScanOnceTaskCreates a one-time virus scan task that is immediately executed.
ListVirusScanMachineListVirusScanMachineQueries servers on which virus detection and removal tasks are performed.
GetVirusScanLatestTaskStatisticGetVirusScanLatestTaskStatisticQueries the information about the latest virus scan task.
ListVirusScanMachineEventListVirusScanMachineEventQueries the alert events that are generated for viruses detected on a server.
ListVirusScanTaskListVirusScanTaskQueries virus scan tasks based on conditions such as the task type, task status, and server information.
GetVirusScanConfigGetVirusScanConfigQueries the configurations of a periodic virus scan task.
DescribeScanTaskProgressDescribeScanTaskProgressQueries the progress of a virus scan task.
CheckQuaraFileIdCheckQuaraFileIdChecks whether the IDs of quarantined files are valid.
OperateSuspiciousTargetConfigOperateSuspiciousTargetConfigConfigures the scope on which proactive defense takes effect.
OperateVirusEventsOperateVirusEventsHandles alert events that are generated by the antivirus feature. You can perform in-depth detection and removal, add alert events to the whitelist, ignore alert events, or manually handle alert events.

Alerts

APITitleDescription
DescribeSecurityEventMarkMissListDescribeSecurityEventMarkMissListQueries the list of whitelist rules.
DeleteSecurityEventMarkMissListDeleteSecurityEventMarkMissListDeletes multiple custom defense rules at a time. The custom defense rules are used to add false positive alerts to the whitelist.
ExportSuspEventsExportSuspEventsExports the information about exceptions to a file.
DeleteSuspEventNodeDeleteSuspEventNodeDeletes the description of an alert.
AdvanceSecurityEventOperationsAdvanceSecurityEventOperationsQueries the configurations of an advanced whitelist rule.
DescribeBackUpExportInfoDescribeBackUpExportInfoQueries the information about a file to which archived alert events are exported.
DescribeLoginSwitchConfigsDescribeLoginSwitchConfigsQueries the alerting status for unapproved logon IP addresses, unapproved logon time ranges, or unapproved logon accounts.
DescribeWebPathDescribeWebPathQueries the custom web directories that are scanned based on the alerting feature.
ListUuidsByWebPathListUuidsByWebPathQueries protected assets by using the paths to specific web directories.
ModifyWebPathModifyWebPathModifies a custom web directory.
GetAlarmMachineCountGetAlarmMachineCountQueries the number of servers on which alerts are generated.
DescribeSuspEventExportInfoDescribeSuspEventExportInfoQueries the information about an export task of exceptions.
DescribeNsasSuspEventTypeDescribeNsasSuspEventTypeQueries the information about an alert type.
DescribeAlarmEventStackInfoDescribeAlarmEventStackInfoQueries the stack information about an alert event.
CreateSuspEventNoteCreateSuspEventNoteAdds remarks to an alert event.
QueryGroupedSecurityEventMarkMissListQueryGroupedSecurityEventMarkMissListQueries whitelist rules.
OperationCancelIgnoreSuspEventOperationCancelIgnoreSuspEventCancels ignoring alert events.
CreateSimilarSecurityEventsQueryTaskCreateSimilarSecurityEventsQueryTaskCreates a task to query alert events that are triggered by the same rule or of the same alert type.
DescribeAlarmEventDetailDescribeAlarmEventDetailQueries the details about an alert event. An alert event consists of an alert and exceptions. Each alert event is associated with multiple exceptions.
DescribeSuspEventsDescribeSuspEventsQueries a list of alert events that are generated without aggregation.
DescribeSuspEventDetailDescribeSuspEventDetailQueries the details of an exception. An alert event consists of an alert and exceptions. Each alert event is associated with multiple exceptions.
DescribeSecurityEventOperationsDescribeSecurityEventOperationsQueries the operations that you can perform to handle an alert.
DescribeSimilarSecurityEventsDescribeSimilarSecurityEventsQueries alert events that are triggered by the same rule or of the same alert type.
DescribeSuspEventQuaraFilesDescribeSuspEventQuaraFilesQueries quarantined files by page.
DescribeSecurityEventOperationStatusDescribeSecurityEventOperationStatusQueries the alert events that are triggered by the same IP address rule or of the same alert type as a specific alert event if you want to handle the specific alert event in batch operation mode.
DescribeSimilarEventScenariosDescribeSimilarEventScenariosAlibaba Cloud CLI is a tool used to manage and configure Alibaba Cloud resources. After simple installation and configuration, you can use Alibaba Cloud CLI to manage multiple Alibaba Cloud products and services and migrate your data and business to the cloud with ease.
DescribeSecurityStatInfoDescribeSecurityStatInfoQueries the statistics of each security check item and the daily statistics in the trend chart based on each security check item.
DescribeLoginBaseConfigsDescribeLoginBaseConfigsQueries the information about the configurations that are used to detect unusual logons to your servers.
GetSuspiciousStatisticsGetSuspiciousStatisticsQueries the statistics of alerts in one or more asset groups.
CheckSecurityEventIdCheckSecurityEventIdChecks whether one or more alerts are generated on a specified server based on alert IDs.
DescribeAttackAnalysisDataDescribeAttackAnalysisDataQueries the statistics of attack analysis.
HandleSimilarSecurityEventsHandleSimilarSecurityEventsHandles multiple alert events that are triggered by the same IP address rule or IP address rules of the same type at a time.
RollbackSuspEventQuaraFileRollbackSuspEventQuaraFileRestores a quarantined file.
HandleSecurityEventsHandleSecurityEventsHandles alert events.
OperationSuspEventsOperationSuspEventsHandles multiple exceptions at a time.

Brute-force attacks protection

APITitleDescription
ModifyCustomBlockRecordModifyCustomBlockRecordModifies a custom IP address blocking policy.
EnableCustomBlockRecordEnableCustomBlockRecordEnables a custom IP address blocking policy.
EnableBruteForceRecordEnableBruteForceRecordEnables an IP address blocking policy for a specified server.
DisableBruteForceRecordDisableBruteForceRecordDisables an IP address blocking policy that is in effect.
DisableCustomBlockRecordDisableCustomBlockRecordDisables a custom IP address blocking policy for servers.
DescribeBruteForceRecordsDescribeBruteForceRecordsQueries the IP addresses that are blocked by a defense rule against brute-force attacks.
DeleteCustomBlockRecordDeleteCustomBlockRecordDeletes a specified IP address blocking policy from one or more servers.
CreateCustomBlockRecordCreateCustomBlockRecordCreates an IP address blocking policy for one or more servers.
CreateAntiBruteForceRuleCreateAntiBruteForceRuleCreates a defense rule against brute-force attacks.
ModifyAntiBruteForceRuleModifyAntiBruteForceRuleModifies a defense rule against brute-force attacks.
ModifyInstanceAntiBruteForceRuleModifyInstanceAntiBruteForceRuleModifies the defense rule against brute-force attacks that is applied to a specified server.
DescribeBruteForceSummaryDescribeBruteForceSummaryQueries the statistics of IP address blocking policies that are used to defend against brute-force attacks and trigger alerts.
DescribeInstanceAntiBruteForceRulesDescribeInstanceAntiBruteForceRulesQueries the information about servers to which a defense rule against brute-force attacks is applied.
DescribeAntiBruteForceRulesDescribeAntiBruteForceRulesQueries created defense rules against brute-force attacks.
DeleteAntiBruteForceRuleDeleteAntiBruteForceRuleDeletes the specified defense rules against brute-force attacks.

Vulnerabilities

APITitleDescription
ListVulGlobalConfigListVulGlobalConfigQueries the global configurations of vulnerability detection.
ModifyRefreshProcessInfoModifyRefreshProcessInfoRefreshes the list of processes that are associated with a Linux software vulnerability.
OperateImageVulOperateImageVulHandles an image vulnerability, such as fixing the image vulnerability, verifying the fix of the image vulnerability, ignoring the image vulnerability, or canceling ignoring the image vulnerability.
ModifyVulTargetModifyVulTargetModifies the configurations of the vulnerability scan feature for a server.
ModifyVulConfigModifyVulConfigModifies the configurations of the vulnerability scan feature.
ModifyConcernNecessityModifyConcernNecessityModifies the priority to fix vulnerabilities.
ModifyAutoDelConfigModifyAutoDelConfigSpecifies the number of days after which a detected vulnerability is automatically deleted.
ModifyAppVulScanCycleModifyAppVulScanCycleConfigures a scan cycle for application vulnerabilities.
DescribeVulTargetStatisticsDescribeVulTargetStatisticsQueries the configurations of the vulnerability scan feature.
DescribeVulTargetConfigDescribeVulTargetConfigQueries the configurations of the vulnerability scan feature for a server.
DescribeVulNumStatisticsDescribeVulNumStatisticsQueries the statistics of vulnerabilities.
DescribeVulListPageDescribeVulListPageQueries the vulnerabilities that can be detected.
DescribeVulCheckTaskStatusDetailDescribeVulCheckTaskStatusDetailQueries the status information about vulnerability scan tasks on a server.
DescribeTaskErrorLogDescribeTaskErrorLogQueries the error logs on a task that failed to fix image vulnerabilities.
DescribeTargetDescribeTargetQueries the servers on which vulnerability scan is enabled.
DescribeMachineCanRebootDescribeMachineCanRebootQueries whether a server can be restarted after the vulnerabilities on the server are fixed. The fixes take effect only after the server is restarted.
DescribeEmgUserAgreementDescribeEmgUserAgreementQueries whether Security Center is authorized to scan for urgent vulnerabilities.
DescribeClusterVulStatisticsDescribeClusterVulStatisticsQueries the statistics of vulnerabilities that are detected on a cluster.
DescribeAppVulScanCycleDescribeAppVulScanCycleQueries the scan cycle for application vulnerabilities.
DescribeVulConfigDescribeVulConfigQueries the configurations of vulnerability management.
DescribeVulFixStatisticsDescribeVulFixStatisticsQueries the statistics of vulnerability fixes.
DescribeUuidsByVulNamesDescribeUuidsByVulNamesQueries a list of assets that support fixing based on vulnerability names.
ListVulAutoRepairConfigListVulAutoRepairConfigQueries the existing configurations of vulnerabilities that can be automatically fixed.
CreateVulAutoRepairConfigCreateVulAutoRepairConfigCreates a list of vulnerabilities that can be automatically fixed. After the list is created, you can select the list when you create a vulnerability fixing task on the Playbook page.
DescribeInstanceRebootStatusDescribeInstanceRebootStatusQueries the status of the servers that you restart.
RebootMachineRebootMachineRestarts a server. Only Windows servers are supported.
ModifyVulTargetConfigModifyVulTargetConfigConfigures vulnerability detection for a server.
ModifyStartVulScanModifyStartVulScanEnables the quick scan feature. You can also enable the feature on the Vulnerabilities page of the Security Center console.
ModifyEmgVulSubmitModifyEmgVulSubmitScans for urgent vulnerabilities.
ModifyCreateVulWhitelistModifyCreateVulWhitelistAdds vulnerabilities to the whitelist. After you add the vulnerabilities to the whitelist, Security Center no longer generates alerts for the vulnerabilities.
GetVulWhitelistGetVulWhitelistQueries information about a vulnerability whitelist.
DeleteVulWhitelistDeleteVulWhitelistDeletes a specified vulnerability whitelist.
ModifyOperateVulModifyOperateVulHandles detected vulnerabilities. You can fix, check, or ignore the vulnerabilities.
DescribeVulListDescribeVulListQueries vulnerabilities by type.
DescribeEmgVulItemDescribeEmgVulItemQueries the details of urgent vulnerabilities.
DescribeGroupedVulDescribeGroupedVulQueries vulnerabilities by group.
DescribeAutoDelConfigDescribeAutoDelConfigQueries the number of days during which a detected vulnerability is retained before the vulnerability is automatically deleted.
DescribeConcernNecessityDescribeConcernNecessityQueries the priorities to fix vulnerabilities.
DescribeVulDetailsDescribeVulDetailsQueries the details about a vulnerability.
DescribeVulWhitelistDescribeVulWhitelistQueries the whitelist of vulnerabilities by page.
ExportVulExportVulExports vulnerabilities.
DescribeVulExportInfoDescribeVulExportInfoQueries the progress of a task that exports vulnerabilities.
OperateVulsOperateVulsFixes Linux software vulnerabilities.
GetVulStatisticsGetVulStatisticsQueries the statistics on vulnerabilities in asset groups.
ModifyVulWhitelistTargetModifyVulWhitelistTargetModifies the servers that are added to a vulnerability whitelist.
DescribeFrontVulPatchListDescribeFrontVulPatchListQueries the pre-patches that are required to fix a specified Windows system vulnerability.

Baselines

APITitleDescription
ListBaselineCheckWhiteRecordListBaselineCheckWhiteRecordQueries the whitelist rules for a baseline check item.
ListCheckItemWarningSummaryListCheckItemWarningSummaryQueries the risk statistics of check items by page.
ListCheckItemWarningMachineListCheckItemWarningMachineQueries the servers that are affected by baseline risks.
DescribeWarningExportInfoDescribeWarningExportInfoQueries the progress of a export task for a baseline check result.
DescribeHcExportInfoDescribeHcExportInfoQueries the information about baseline export, including the name of the file to which baselines are exported and the download URL for the file.
DescribeRisksDescribeRisksQueries the information about baselines based on baseline IDs or names.
DescribeCheckWarningMachinesDescribeCheckWarningMachinesQueries the servers on which the same risk item is detected by specifying a baseline and a check item.
DescribeCheckFixDetailsDescribeCheckFixDetailsQueries the parameters that you can configure to fix specified risk items.
IgnoreCheckItemsIgnoreCheckItemsAdds risk items to the whitelist or removes risk items from the whitelist by specifying servers and risk items.
DescribeExposedCheckWarningDescribeExposedCheckWarningQueries the weak password-related risks of a specified server that is exposed on the Internet.
GetCheckRiskStatisticsGetCheckRiskStatisticsQueries the statistics on risk scenarios and check items that are used in the risk scenarios, including the statistics on low-risk, medium-risk, and high-risk items by baseline type.
ModifyStrategyModifyStrategyModifies a baseline check policy.
ModifyStrategyTargetModifyStrategyTargetModifies the servers to which a baseline check policy is applied.
DescribeCheckWarningSummaryDescribeCheckWarningSummaryQueries the statistical information about baseline check results. The information includes the number of servers on which a baseline check is performed, the number of baseline check items, and the pass rate of check items in the last baseline check.
DescribeRiskTypeDescribeRiskTypeQueries baseline types.
DescribeCheckWarningsDescribeCheckWarningsQueries information about specified risk items and the check items of a specified server.
DescribeCheckWarningDetailDescribeCheckWarningDetailQueries the details about a specified check item.
DescribeWarningMachinesDescribeWarningMachinesQueries information about servers on which a baseline check is performed. The information includes the IDs of the servers, the statistics of a risk item, and the status of the risk item.
DescribeStrategyExecDetailDescribeStrategyExecDetailQueries the results of the last baseline check by using a specified baseline check policy.
DescribeCheckEcsWarningsDescribeCheckEcsWarningsQueries the number of weak passwords that can cause high risks to your assets.
DescribeUserBaselineAuthorizationDescribeUserBaselineAuthorizationQueries whether Security Center is authorized to run configuration checks on cloud services.
DescribeStrategyDetailDescribeStrategyDetailQueries the information about a baseline check policy.
ExportWarningExportWarningExports baseline check results.
DescribeStrategyDescribeStrategyQueries the details about baseline check policies.
DescribeStrategyTargetDescribeStrategyTargetQueries the information about the assets to which a baseline check policy is applied.
DeleteStrategyDeleteStrategyDeletes a baseline check policy.
ValidateHcWarningsValidateHcWarningsVerifies whether risk items are fixed. If a risk item is fixed, the status of the related check item is updated to Passed.
FixCheckWarningsFixCheckWarningsFixes a baseline risk item.
AddBaselineCheckWhiteRecordAddBaselineCheckWhiteRecordCreates a whitelist rule for a baseline check item.
IgnoreHcCheckWarningsIgnoreHcCheckWarningsIgnores or cancels ignoring multiple baseline risk items at a time.
DescribeCustomizedStrategyTargetsDescribeCustomizedStrategyTargetsQueries the servers to which custom policies are applied.
ListCheckTypesListCheckTypesQueries the types of check items that meet the specified conditions based on the ID of a baseline.
CreateDynamicDictCreateDynamicDictCreates a dynamic dictionary of weak passwords.
UpdateBaselineCheckWhiteRecordUpdateBaselineCheckWhiteRecordUpdates the whitelist rule for a baseline check item.
DeleteCustomizedDictDeleteCustomizedDictDeletes the file that is uploaded to create custom weak password rules.
DescribeDefaultKeyInfoDescribeDefaultKeyInfoQueries the keywords of a custom dictionary that is generated by using weak passwords.
CreateUserSettingCreateUserSettingCreates the risk level settings for baseline check items.
ExecStrategyExecStrategyPerforms a baseline check on servers to which a specified baseline check policy is applied.
DeleteBaselineCheckWhiteRecordDeleteBaselineCheckWhiteRecordDeletes the whitelist record for a baseline check item.

AccessKey Leak Detection

APITitleDescription
ModifyAccessKeyLeakDealModifyAccessKeyLeakDealHandles AccessKey pair leaks.
DescribeAccesskeyLeakListDescribeAccesskeyLeakListQueries the AccessKey pair leaks that are detected on your assets.
DescribeAccessKeyLeakDetailDescribeAccessKeyLeakDetailQueries the details of AccessKey pair leaks.

Honey

APITitleDescription
DeleteHoneypotProbeBindDeleteHoneypotProbeBindDelete the probe service.
GetHoneypotAttackStatisticsGetHoneypotAttackStatistics
GetHoneypotStatisticsGetHoneypotStatistics
ListAvailableHoneypotListAvailableHoneypotQueries the information about available honeypot templates.
CreateHoneypotNodeCreateHoneypotNodeCreates a management node.
UpdateHoneypotNodeUpdateHoneypotNodeModifies the configuration of a specified management node.
ListHoneypotNodeListHoneypotNodeQueries the information about management nodes.
DeleteHoneypotNodeDeleteHoneypotNodeDeletes a specified management node.
GetHoneypotNodeGetHoneypotNodeQueries the details of a specified management node.
CreateHoneypotCreateHoneypotCreates a honeypot.
UpdateHoneypotUpdateHoneypotModifies the configuration of a specified honeypot.
DeleteHoneypotDeleteHoneypotDeletes a specified honeypot.
ListHoneypotListHoneypotQueries the information about honeypots.
CreateHoneypotPresetCreateHoneypotPresetCreates a honeypot template.
UpdateHoneypotPresetUpdateHoneypotPresetModifies the configurations of the specified honeypot template.
GetHoneypotPresetGetHoneypotPresetQueries the configurations of a specified honeypot template.
ListHoneypotPresetListHoneypotPresetQueries honeypot templates.
CreateHoneypotProbeCreateHoneypotProbeCreates a probe.
DeleteHoneypotProbeDeleteHoneypotProbeDeletes a specified probe.
UpdateHoneypotProbeUpdateHoneypotProbeModifies the attributes of a specified probe.
ListHoneypotProbeListHoneypotProbeQueries probes.
GetHoneypotProbeGetHoneypotProbeQueries the details about a specified probe.
ListHoneypotAlarmEventsListHoneypotAlarmEventsQueries the information about alert events that are generated.
DeleteHoneypotPresetDeleteHoneypotPresetDeletes a specified honeypot template.
AddVpcHoneyPotAddVpcHoneyPotCreates a honeypot.
DeleteVpcHoneyPotDeleteVpcHoneyPotDeletes a honeypot.
ModifyVpcHoneyPotModifyVpcHoneyPotEnables or disables a honeypot.
DescribeHoneyPotAuthDescribeHoneyPotAuthQueries the statistics about the quota on honeypots.
DescribeHoneyPotSuspStatisticsDescribeHoneyPotSuspStatisticsQueries the information about top 5 virtual private clouds (VPCs) or assets for which alerts are most frequently generated.
DescribeVpcHoneyPotCriteriaDescribeVpcHoneyPotCriteriaQueries the search conditions that can be used to query honeypots.
DescribeVpcHoneyPotListDescribeVpcHoneyPotListQueries honeypots.

Log analysis

APITitleDescription
GetLogMetaGetLogMetaQueries the status of a data shipping task of a log.
GetUserLangGetUserLangQueries the language settings of log analysis.
ChangeUserLangChangeUserLangModifies the language settings of log analysis. The modification on the language settings takes effect within 12 hours and affects only the language of the descriptions for security events in security logs.
ModifyLogMetaStatusModifyLogMetaStatusEnables or disables the log analysis feature.
DescribeLogMetaDescribeLogMetaQueries the configurations of the log analysis feature provided by Security Center.
ModifyOpenLogShipperModifyOpenLogShipperActivates Simple Log Service.
DescribeLogstoreStorageDescribeLogstoreStorageQueries the purchased log storage capacity.
ModifyClearLogstoreStorageModifyClearLogstoreStorageDeletes all logs that occupy your log storage.

Notifications

APITitleDescription
DeleteDingTalkDeleteDingTalkDeletes a DingTalk chatbot on the DingTalk Chatbot tab of the Notification Settings page.
ModifyDingTalkStatusModifyDingTalkStatusChanges the notification status of a DingTalk chatbot.
CreateOrUpdateDingTalkCreateOrUpdateDingTalkCreates or modifies a DingTalk chatbot that sends notifications.
ModifyNoticeConfigModifyNoticeConfigModifies notification settings.
DescribeDingTalkDescribeDingTalkObtains DingTalk notifications.
DescribeNoticeConfigDescribeNoticeConfigQueries notification settings.

Setting

APITitleDescription
CreateOrUpdateAutoTagRuleCreateOrUpdateAutoTagRuleCreates an asset auto-tagging rule or modifies an asset auto-tagging rule that is created on the Asset Management Rule tab.
ListAutoTagRulesListAutoTagRulesQueries asset auto-tagging rules that are created by using the feature of asset management rules. You can create rules on the System Configuration > Feature Settings > Multi-cloud Configuration Management > Asset Management Rule page in the Security Center console.
DeleteAutoTagRulesDeleteAutoTagRulesDeletes asset auto-tagging rules that are created by using the feature of asset management rules. You can create rules on the System Configuration > Feature Settings > Multi-cloud Configuration Management > Asset Management Rule page in the Security Center console.
IgnoreIdcProbeScanResultIgnoreIdcProbeScanResultAdds the result scanned by an IDC probe to the whitelist or ignores the scan result.
AddIdcProbeAddIdcProbeCreates an IDC probe to add assets in a data center to Security Center and manage the assets by using the Security Center console.
DeleteIdcProbeDeleteIdcProbeDeletes an IDC probe that is created in Security Center.
ModifyIdcProbeModifyIdcProbeModifies the configurations of an IDC probe.
DescribeCommonOverallConfigListDescribeCommonOverallConfigListQueries the configurations of features in proactive defense.
DescribeCommonTargetConfigDescribeCommonTargetConfigQueries the configurations of the proactive defense feature.
BatchOperateCommonOverallConfigBatchOperateCommonOverallConfigEnables or disables multiple features in proactive defense at a time.
DescribeCommonTargetResultListDescribeCommonTargetResultListQueries the information about the servers based on the specified configuration item.
OperateSuspiciousOverallConfigOperateSuspiciousOverallConfigEnables or disables a feature that detects exceptions.
OperateCommonOverallConfigOperateCommonOverallConfigEnables or disables a feature by type.
DescribeCommonOverallConfigDescribeCommonOverallConfigQueries the information about a specified feature.
OperateCommonTargetConfigOperateCommonTargetConfigConfigures features by type. The features include container image scan, local file detection, container network visualization, and container escape prevention.
DescribeSuspiciousOverallConfigDescribeSuspiciousOverallConfigQueries the configuration of a specified feature.

Export check results

APITitleDescription
DescribeExportInfoDescribeExportInfoQueries the progress of a task that exports your assets to an Excel file.
ExportRecordExportRecordExports the check results on the Host, Cloud Platform Configuration Assessment, Image Security, Attack Awareness, and AK leak detection pages to Excel files.

Service-linked roles

APITitleDescription
CreateServiceLinkedRoleCreateServiceLinkedRoleCreates a service-linked role and authorizes Security Center to access cloud resources.
DescribeServiceLinkedRoleStatusDescribeServiceLinkedRoleStatusChecks whether a service-linked role is created for Security Center.

File detect

APITitleDescription
GetFileDetectApiInvokeInfoGetFileDetectApiInvokeInfoObtains the usage information of the malicious file detection SDK.
CreateFileDetectUploadUrlCreateFileDetectUploadUrlQueries the parameters that are required to upload a file for detection.
CreateFileDetectCreateFileDetectPushes a file to the cloud for detection.
GetFileDetectResultGetFileDetectResultObtains file detection results.
ListCompressFileDetectResultListCompressFileDetectResultQueries the detection results of the files extracted from a package.

Malicious file detection OSS

APITitleDescription
DeleteOssScanConfigDeleteOssScanConfigDeletes the configuration of an Object Storage Service (OSS) file detection policy.
ListOssScanConfigListOssScanConfigQueries the configuration of an Object Storage Service (OSS) file detection policy.
CreateOssBucketScanTaskCreateOssBucketScanTaskCreates a bucket check task.
GetObjectScanEventGetObjectScanEventQueries the details of an alert event that is generated for a malicious object.
ListObjectScanEventListObjectScanEventQueries alerts that are generated for malicious files.
OperateBucketScanTaskOperateBucketScanTaskManages an Object Storage Service (OSS) bucket check task.
GetOssBucketScanStatisticGetOssBucketScanStatisticQueries the statistics about an Object Storage Service (OSS) bucket check.
ListOssBucketScanInfoListOssBucketScanInfoQueries the risk information of an Object Storage Service (OSS) bucket.
UpdateOssScanConfigUpdateOssScanConfigModifies a policy of detecting Object Storage Service (OSS) objects by using the SDK for malicious file detection feature.
ListOssBucketListOssBucketQueries Object Storage Service (OSS) buckets.
CreateOssScanConfigCreateOssScanConfigCreates a policy for detecting malicious Object Storage Service (OSS) objects by using the SDK for malicious file detection feature.
ListSupportObjectSuffixListSupportObjectSuffixQueries supported file suffixes.
RefreshOssBucketScanInfoRefreshOssBucketScanInfoRefreshes the list of Object Storage Service (OSS) buckets.
GetOssScanConfigGetOssScanConfigQueries the configurations of an Object Storage Service (OSS) bucket check policy.

Client Mission Management

APITitleDescription
CreateCycleTaskCreateCycleTaskCreates a periodic scan task. The task can be an image scan task, urgent vulnerability scan task, or virus scan task.
GenerateOnceTaskGenerateOnceTaskCreates a one-time scan task.
DeleteCycleTaskDeleteCycleTaskDeletes a periodic scan task. The task can be an image scan task, urgent vulnerability scan task, or virus scan task.
ModifyCycleTaskModifyCycleTaskModifies the execution cycle of periodic tasks, including image scan, urgent vulnerability scan, and virus detection tasks.
CancelOnceTaskCancelOnceTaskCancels the main task.
DescribeOnceTaskDescribeOnceTaskQueries agent tasks.
DescribeCycleTaskListDescribeCycleTaskListQueries periodic scan tasks. The tasks include image scan tasks, urgent vulnerability scan tasks, and virus scan tasks.
GetOnceTaskResultInfoGetOnceTaskResultInfoQueries the execution result of a one-time scan task, such as asset fingerprint collection, vulnerability scan, and image security scan.
GetLastOnceTaskInfoGetLastOnceTaskInfoQueries information about the latest scan task to determine whether the task is complete.
DescribeOnceTaskLeafRecordPageDescribeOnceTaskLeafRecordPageQueries the sub-task information of one-time scan task. A sub-task can be an image scan task or an image asset synchronization task.

Malicious Behavior Defense

APITitleDescription
ListSystemRuleAggregationTypesListSystemRuleAggregationTypesQueries the aggregation types of system defense rules.
ListClientUserDefineRulesListClientUserDefineRulesQueries custom defense rules.
ListSystemClientRuleTypesListSystemClientRuleTypesQueries the types of system rules.
ListSystemClientRulesListSystemClientRulesQueries system defense rules.
ListSystemAggregationRulesListSystemAggregationRulesQueries the details about the aggregation types of system defense rules.
ModifyClientUserDefineRuleModifyClientUserDefineRuleModifies a custom defense rule.
ListClientUserDefineRuleTypesListClientUserDefineRuleTypesQueries the supported types of custom defense rules.
GetRulesCountGetRulesCountQueries the numbers of system defense rules and custom defense rules.
GetClientUserDefineRuleGetClientUserDefineRuleQueries the information about a custom defense rule.
DeleteClientUserDefineRuleDeleteClientUserDefineRuleDeletes specified custom defense rules.
AddClientUserDefineRuleAddClientUserDefineRuleCreates a custom defense rule.

Asset Selection

APITitleDescription
UpdateSelectionKeyByTypeUpdateSelectionKeyByTypeUpdates the unique identifier of an asset selection.
CreateAssetSelectionConfigCreateAssetSelectionConfigCreate asset selection configurations.
ListAssetSelectionSelectedTargetListAssetSelectionSelectedTargetQueries the selected assets.
ListAssetSelectionTargetListAssetSelectionTargetQueries the required asset.
GetAssetSelectionConfigGetAssetSelectionConfigQueries asset selection configurations.
AddAssetSelectionCriteriaAddAssetSelectionCriteriaSelect an operation for assets.

Playbook

APITitleDescription
CreateSoarStrategyTaskCreateSoarStrategyTaskCreates a task on the My Policies tab of the Playbook page.
DeleteSoarStrategyTaskDeleteSoarStrategyTaskDeletes a policy task that is in the waiting state on the Playbook page.
DescribeSoarStrategiesDescribeSoarStrategiesQueries the policy templates on the Playbook page.
DescribeSoarStrategyParamDescribeSoarStrategyParamQueries the parameters of a policy on the Playbook page.
DescribeSoarStrategyTaskDetailDescribeSoarStrategyTaskDetailQueries the details of a policy task on the Playbook page, including the execution status of the task and the process information of the task.
DescribeSoarStrategyTasksDescribeSoarStrategyTasksQueries a list of policy tasks on the Playbook page.
ModifySoarStrategySubscribeModifySoarStrategySubscribeCreates or deletes a policy template on the My Policies tab of the Playbook page.
DescribeSoarSubscribedStrategyDescribeSoarSubscribedStrategyQueries a list of policies created on the Playbook page of Security Center.
DescribeSyncAssetTaskListDescribeSyncAssetTaskListQueries a list of IDC scan tasks.
DescribeSyncAssetTaskLogDetailDescribeSyncAssetTaskLogDetailQueries the details of an IDC scan task.

Website Security

APITitleDescription
DescribeDomainSecureVulListDescribeDomainSecureVulListQueries a list of vulnerabilities in your website security report.
DescribeDomainSecureRiskListDescribeDomainSecureRiskListQueries a list of risky websites in your website security report and the security information about the websites, including the number of vulnerabilities and the number of alerts.
DescribeDomainSecureAlarmListDescribeDomainSecureAlarmListQueries the security alert data of a website security report.
DescribeDomainSecureScoreDescribeDomainSecureScoreQueries the security score in your website security report. The full score is 100.

Other

APITitleDescription
DescribeAllRegionsStatisticsDescribeAllRegionsStatisticsQueries the statistics on global security events, including the numbers of unfixed vulnerabilities, baseline risks, and alerts.
InstallPmAgentInstallPmAgentInstalls the CloudMonitor agent on a server that is not deployed on Alibaba Cloud.
BindAuthToMachineBindAuthToMachineBinds servers to Security Center or unbinds servers from Security Center.
GetModuleConfigGetModuleConfigQueries the configurations of a module.
DescribeClusterBasicInfoDescribeClusterBasicInfoQueries the information about an cluster based on the cluster ID.
DescribeQuaraFileDownloadInfoDescribeQuaraFileDownloadInfoQueries the download information about a quarantined file.
DescribeAffectedAssetsDescribeAffectedAssetsQueries the affected servers in the result of a virus scan task.
DescribeEventOnStageDescribeEventOnStageQueries the platforms that are supported by the feature of container threat detection.
DescribeScanTaskStatisticsDescribeScanTaskStatisticsQueries the statistics of virus detection tasks.
DescribeSuspEventUserSettingDescribeSuspEventUserSettingQueries the user settings for exceptions.
DescribeTraceInfoNodeDescribeTraceInfoNodeQueries the details about a trace node.
DescribeTraceInfoDetailDescribeTraceInfoDetailQueries the trace information about alerts.
DescribeEventLevelCountDescribeEventLevelCountQueries the statistics of alert events by risk level.
SaveSuspEventUserSettingSaveSuspEventUserSettingSaves alert settings.
ConfirmVirusEventsConfirmVirusEventsConfirms the alert events that you want to handle.
ModifySecurityEventMarkMissIndividuallyModifySecurityEventMarkMissIndividuallyModifies the alert handling rule for alerts that are added to the whitelist by asset.
CreateContainerScanTaskCreateContainerScanTaskCreates a container scan task.
DescribeTotalStatisticsDescribeTotalStatisticsQueries event statistics.
DescribeImageLatestScanTaskDescribeImageLatestScanTaskQueries the most recent scan task that is created for an image.
DescribeImageRepoListDescribeImageRepoListQueries the statistics and configurations of the feature that protects images.
CreateJenkinsImageRegistryCreateJenkinsImageRegistryCreates a Jenkins image repository.
PageImageRegistryPageImageRegistryQueries image repositories by page.
QueryJenkinsImageRegistryPersistenceDayQueryJenkinsImageRegistryPersistenceDayQueries the retention period of images that are stored in a Jenkins image repository.
UpdateJenkinsImageRegistryNameUpdateJenkinsImageRegistryNameModifies the name of a Jenkins image repository.
UpdateJenkinsImageRegistryPersistenceDayUpdateJenkinsImageRegistryPersistenceDayModifies the retention period of images that are stored in a Jenkins image repository.
GetInterceptionTargetDetailGetInterceptionTargetDetailQueries the information about a specified network object that is protected by the container firewall feature.
DeleteInterceptionRuleDeleteInterceptionRuleDeletes a defense rule in the container firewall module.
DeleteInterceptionTargetDeleteInterceptionTargetRemoves the network objects that are in effect in the container firewall.
DescribeCustomBlockRecordsDescribeCustomBlockRecordsQueries the defense rules against brute-force attacks that are applied to one or more servers.
ListInterceptionRulePageListInterceptionRulePageQueries defense rules that are configured for the container firewall feature.
ListInterceptionHistoryListInterceptionHistoryQueries the alerts generated by defense rules.
CreateInterceptionRuleCreateInterceptionRuleCreates a defense rule in the container firewall module.
CreateInterceptionTargetCreateInterceptionTargetCreates a defense object.
GetInterceptionRuleDetailGetInterceptionRuleDetailQueries the details of a microsegmentation defense rule.
ListImageRegistryRegionListImageRegistryRegionQueries the regions in which you can add self-managed image repositories to Security Center.
GetAppNetworkGetAppNetworkQueries the network topology between containerized applications.
AddPrivateRegistryAddPrivateRegistryAdds a self-managed image repository.
DeletePrivateRegistryDeletePrivateRegistryDeletes a private image repository by using the ID of the image repository.
GetClusterRuleSummaryGetClusterRuleSummaryQueries the overall information about cluster defense rules that are configured for the container firewall feature.
ListPodRiskListPodRiskQueries the security risks of a pod.
ListImageRiskListImageRiskQueries security information about a container image.
ChangeCheckCustomConfigChangeCheckCustomConfigModifies the custom configuration items of a check item.
ListQueryRaspAppInfoListQueryRaspAppInfoQueries the installation information of one or more Runtime Application Self-protection-enabled (RASP-enabled) applications.
DeleteServiceTrailDeleteServiceTrailDeletes a service trail.
GetServiceTrailGetServiceTrailQueries the service trail that was delivered to ActionTrail.
CreateServiceTrailCreateServiceTrailCreate a service trail.
DeleteBinarySecurityPolicyDeleteBinarySecurityPolicyDeletes a binary security policy from the container signature feature.
DescribeMonitorAccountsDescribeMonitorAccountsQueries the list of accounts that are added to the multi-account management feature as members.
AddImageVulWhiteListAddImageVulWhiteListAdds image vulnerabilities to the whitelist.
DescribeImageVulWhiteListDescribeImageVulWhiteListQueries the whitelist of image vulnerabilities.
QueryAttackCountQueryAttackCountQueries the number of alert events in each attack phase.
GetSwitchRegionDetailGetSwitchRegionDetailQueries the details of a migration operation. For example, you can query the progress and status of a migration operation after you migrate a server from a region in the Chinese mainland to the Singapore region.
GetAuthVersionStatisticGetAuthVersionStatisticQueries the statistics about the numbers of assets protected by each edition of Security Center.
UpdateImageVulWhitelistTargetUpdateImageVulWhitelistTargetUpdates the vulnerability whitelist of an image.
DeleteImageVulWhitelistDeleteImageVulWhitelistDeletes an image vulnerability whitelist.
DescribeContainerScanConfigDescribeContainerScanConfigQueries the configurations of the vulnerability scan of one or more running container applications.
ModifyContainerScanConfigModifyContainerScanConfigModifies the configurations of vulnerability scan for a running container.
DescribeCanFixVulListDescribeCanFixVulListQueries the list of fixable vulnerabilities.
ModifyImageFixCycleConfigModifyImageFixCycleConfigModifies the configurations of a scheduled image fix.
DescribeImageFixCycleConfigDescribeImageFixCycleConfigQueries the configurations of the scheduled fix of image risks.
CreateContainerScanTaskByAppNameCreateContainerScanTaskByAppNameCreates a scan task for a running container application based on the application name.
GetCommonSwitchConfigGetCommonSwitchConfigQueries the configuration of a common switch.
CreateHoneypotProbeBindCreateHoneypotProbeBindCreates a monitoring or forwarding service for a probe.
ListHoneypotProbeUuidListHoneypotProbeUuid
StopHoneypotStopHoneypotStops a honeypot.
UpdateHoneypotProbeBindUpdateHoneypotProbeBindModifies a probe service.
ListHoneypotEventsListHoneypotEventsQueries the intrusion events detected by honeypots.
UpdateAlarmEventUpdateAlarmEventUpdates the status of the honeypot installation time.
RetryInstallProbeRetryInstallProbeRetry installing the honeypot probe.
ListHoneypotAttackerPortraitListHoneypotAttackerPortraitQueries the attacker profile based on the source IP address of the attack.
GetHoneypotEventTrendObtain the attack volume trend of honeypot attack sourcesObtain attack trend statistics for a single attack source.
ListHoneypotAttackerSourceListHoneypotAttackerSourceQueries the attack source IP addresses that are used to attack a honeypot.
UpdateCommonSwitchConfigUpdateCommonSwitchConfigModifies the settings of common switches.
CreateFileUploadLimitCreateFileUploadLimitSpecifies the queries per second (QPS) limit on the files uploaded from the client.
GetFileUploadLimitGetFileUploadLimitQueries the queries per second (QPS) limit on the files uploaded from the client.
UpdateFileUploadLimitUpdateFileUploadLimitModifies the queries per second (QPS) limit on the files uploaded from the client.
GetFileDetectReportGetFileDetectReportQueries the cloud sandbox check results of malicious files.
DescribeImageEventOperationPageDescribeImageEventOperationPageQueries alert handling rules by page.
GetImageEventOperationGetImageEventOperationQueries alert handling rules.
DescribeImageEventOperationConditionDescribeImageEventOperationConditionQueries the conditions for handling alert events in an image.
UpdateImageEventOperationUpdateImageEventOperationUpdates an alert handling rule.
DeleteImageEventOperationDeleteImageEventOperationDeletes an alert handling rule.
SetSensitiveDefineRuleConfigSetSensitiveDefineRuleConfigConfigure the check rules of sensitive files.
SetImageSensitiveFileStatusSetImageSensitiveFileStatusModifies the status of sensitive files in an image.
AddImageEventOperationAddImageEventOperationCreates an alert handling rule.
GetSensitiveDefineRuleConfigGetSensitiveDefineRuleConfigQueries the check rules of sensitive files.
GetHoneypotNodeMetricListGetHoneypotNodeMetricListQueries the monitoring data of management nodes to which the cloud honeypot belongs.
GetAegisContainerPluginRuleCriteriaGetAegisContainerPluginRuleCriteriaQueries search conditions that can be used to search for container file protection rules.
OperateApplicationOperateApplicationAdds or deletes container applications for tamper proofing.
GetSasContainerWebDefenseRuleCriteriaGetSasContainerWebDefenseRuleCriteriaQueries search conditions that can be used to search for container file protection rules.
DescribeContainerAppsDescribeContainerAppsQueries the information about a containerized application.
ListGroupsListGroupsQueries the server groups.
ListInstanceRiskNumListInstanceRiskNumQueries the statistics about risks in instances.
ListInstanceRiskLevelsListInstanceRiskLevelsQueries the risk levels of instances.
GetCheckSaleGetCheckSaleQueries the sales information about the configuration assessment feature, including the purchased quota and the consumed quota.
GetModuleTrialAuthInfoGetModuleTrialAuthInfoQueries the qualification information about the trial use of Security Center value-added features, including vulnerability fixing and threat analysis and response.
AddSasModuleTrialAddSasModuleTrialEnables the trial use of Security Center value-added features, including vulnerability fixing and threat analysis and response.
EnableCustomInstanceBlockRecordEnableCustomInstanceBlockRecordEnables a custom rule for an instance.
DescribeCustomBlockInstancesDescribeCustomBlockInstancesQueries the list of servers on which the custom defense rule against brute-force attacks takes effect.
GetHoneyPotUploadPolicyInfoGetHoneyPotUploadPolicyInfoObtains the URL that is used to upload a file to a honeypot.
UploadedHoneyPotFileUploadedHoneyPotFileUploads a honeypot file.
ListHoneypotEventFlowsListHoneypotEventFlowsQueries the details of an intrusion event in a honeypot.
ModifyImageRegistryModifyImageRegistryModifies the transfer time of an image repository.
DeleteK8sAccessInfoDeleteK8sAccessInfoDeletes the Kubernetes access information.
AddContainerPluginRuleAddContainerPluginRuleCreates a defense rule against container escapes.
DeleteContainerPluginRuleDeleteContainerPluginRuleDeletes a defense rule against container escapes.
ModifyContainerPluginRuleModifyContainerPluginRuleModifies the defense rule against container escapes.
DescribeDefaultProxyInstallVersionDescribeDefaultProxyInstallVersionQueries the default installation version of the proxy that is used in hybrid-cloud scenarios.
InstallHybridProxyInstallHybridProxyInstalls the Security Center agent on a proxy server in a hybrid cloud.
DeleteSasContainerWebDefenseRuleDeleteSasContainerWebDefenseRuleDeletes a rule for container tamper-proofing.
ListK8sAccessInfoListK8sAccessInfoQueries the information about Kubernetes clusters that are added to Security Center.
GenerateK8sAccessInfoGenerateK8sAccessInfoGenerates a command that is used to add a self-managed Kubernetes cluster.
ListClusterPluginInfoListClusterPluginInfoQueries the status of plug-ins on clusters.
MarkMonitorAccountsMarkMonitorAccountsMarks members for multi-account management. You can call this operation to mark selected members as followed. In the Security Center console, the drop-down list above the left-side navigation pane displays the followed members.
UnMarkMonitorAccountsUnMarkMonitorAccountsCancel marking for members. You can call this operation to remove followed members from the list. In the Security Center console, the drop-down list above the left-side navigation pane no longer displays the members.
QueryIncidentTracingJudgeQueryIncidentTracingJudgeQueries whether an event has a provenance graph based on the event ID.
QueryIncidentVertexExtendInfoQueryIncidentVertexExtendInfoQueries the extended information about an event node.
QueryIncidentVertexNodesQueryIncidentVertexNodesQueries the detailed information about an event node.
QueryIncidentSubNodesCountQueryIncidentSubNodesCountQueries the numbers of child nodes in the nodes.
QueryIncidentTracingDetailQueryIncidentTracingDetailQueries the provenance graph of an event by using the event ID.
BindHybridProxyBindHybridProxyAdds servers to Security Center over a proxy server. After you create a proxy cluster and deploy a proxy server, you can connect a server to the proxy cluster as a client. This way, the server is added to Security Center over the proxy server and is protected.
GetClusterStrategyCountGetClusterStrategyCountQueries the number of policies in each cluster.
ListUnfinishedOnceTaskListUnfinishedOnceTaskQueries tasks that are not complete by task type.
QueryIncidentIconListQueryIncidentIconListQueries the icons that correspond to nodes and edges.
ListBackupRecordListBackupRecordQueries backup records.
ResetHoneypotResetHoneypotResets a honeypot.
StartHoneypotStartHoneypotStarts a honeypot.
DeleteVulAutoRepairConfigDeleteVulAutoRepairConfigDeletes configurations of of an automatic vulnerability fixing task at a time on the Playbook page.
DescribeFixUsedCountDescribeFixUsedCountQueries the number of vulnerabilities that are fixed by the pay-as-you-go vulnerability fixing feature.
CreateAttestorCreateAttestorCreates a witness.
CreateBinarySecurityPolicyCreateBinarySecurityPolicyCreates a binary security policy.
DeleteAttestorDeleteAttestorDeletes a witness.
DescribeAttestorsDescribeAttestorsQueries a list of witnesses.
DescribeBinarySecurityPoliciesDescribeBinarySecurityPoliciesQueries binary security policies.
DescribeClusterHostSecuritySummaryDescribeClusterHostSecuritySummaryQueries the statistical information about host security.
DescribeClusterImageSecuritySummaryDescribeClusterImageSecuritySummaryQueries the statistical information about image security.
DescribeContainerServiceK8sClustersDescribeContainerServiceK8sClustersQueries a list of Container Service for Kubernetes (ACK) clusters.
DescribeCustomizedDictUploadInfoDescribeCustomizedDictUploadInfoQueries the Object Storage Service (OSS) information of the file that is uploaded to create custom weak password rules.
CheckStsTokenAuthCheckStsTokenAuthChecks a Security Token Service (STS) token and returns the ID of the Alibaba Cloud account.
CreateHybridProxyClusterCreateHybridProxyClusterCreates a hybrid-cloud proxy cluster.
DescribeVulDefendCountStatisticsDescribeVulDefendCountStatisticsQueries the vulnerability defense statistics in Security Center.
DescribeVulMetaCountStatisticsDescribeVulMetaCountStatisticsQueries the statistics of vulnerabilities in Security Center.
CreateCustomizedDictCreateCustomizedDictCreates custom weak password rules.
DescribeContainerFieldStatisticsDescribeContainerFieldStatisticsQueries the statistical information about containers.
DescribeContainerGroupedFieldDetailDescribeContainerGroupedFieldDetailQueries the attribute details of containers.
DescribeContainerServiceK8sClusterKritisStatusDescribeContainerServiceK8sClusterKritisStatusQueries the Kritis status of a Container Service for Kubernetes (ACK) cluster.
DescribeContainerServiceK8sClusterNamespacesDescribeContainerServiceK8sClusterNamespacesQueries the namespace of a Container Service for Kubernetes (ACK) cluster.
CreateJenkinsImageScanTaskCreateJenkinsImageScanTaskCreates a Jenkins scan task.
UpgradeHoneypotNodeUpgradeHoneypotNodeUpgrades the version of the management node to which a honeypot belongs.
GetAuthSummaryGetAuthSummaryQueries the statistics of asset protection quota.
QueryGuidTaskListQueryGuidTaskListQueries the list of beginner tasks. Security Center provides rewards for users who complete tasks. The rewards include the quota for a value-added feature and log storage capacity.
CreateSasTrialCreateSasTrialApplies for a trial of Security Center.
GetCanTrySasGetCanTrySasChecks whether the current user is qualified for the trial use of Security Center.
ReceiveFunctionTrialRewardByAliUidReceiveFunctionTrialRewardByAliUidReceives a reward that allows you to enable a free trial of the cloud honeypot feature or the feature of SDK for malicious file detection. You can receive a reward after you complete the required task.
DescribeAgentlessSensitiveFileByKeyDescribeAgentlessSensitiveFileByKeyQueries the list of assets on which a specific type of sensitive files are detected by using the agentless detection feature.
GetCheckStructureGetCheckStructureObtains the structure information about check items provided by the configuration assessment feature.
DescribeDynamicDictUploadInfoDescribeDynamicDictUploadInfoQueries the information about an uploaded Object Storage Service (OSS) object that contains custom weak passwords and is used for baseline checks.
DeleteCustomizeReportDeleteCustomizeReportDeletes a custom security report.
DescribeCustomizeReportConfigDetailDescribeCustomizeReportConfigDetailObtains the configurations of a security report.
DescribeDynamicDictDescribeDynamicDictQueries custom weak password rules for the baseline check feature.
DescribeIdcProbeScanResultListDescribeIdcProbeScanResultListQueries assets that are identified by Internet Data Center (IDC) probes.
DescribeSupervisonInfoDescribeSupervisonInfoQueries the time when a system vulnerability was last detected.
ExportCustomizeReportExportCustomizeReportExports a security report.
GenerateDynamicDictGenerateDynamicDictGenerates a custom dictionary of weak passwords for the baseline check feature.
GetDefenceCountGetDefenceCountQueries the numbers of handled alerts of the precision defense type and the web tamper proofing type.
OperationCustomizeReportChartOperationCustomizeReportChartModifies the chart of a security report.
SaveCustomizeReportConfigSaveCustomizeReportConfigSaves the configurations of a custom security report.
SendCustomizeReportSendCustomizeReportSends a security report to an email address that you specify. You can send only a security report whose statistics are collected in a custom time range.
UpdateCustomizeReportStatusUpdateCustomizeReportStatusChanges the status of a security report.
DescribeUniBackupStatisticsDescribeUniBackupStatisticsQueries the statistics on backups based on anti-ransomware policies.
DescribeUserSettingDescribeUserSettingQueries the settings of a custom baseline check policy.
GetDataTrendGetDataTrendQueries the security operations trends of the vulnerabilities, alerts, and baseline risks.
ResetLogShipperResetLogShipperResets and upgrades the log analysis feature. You can call this operation only when the log analysis feature uses the pay-as-you-go billing method.
ListLogShipperRegionsListLogShipperRegionsQueries the regions supported by the log delivery feature that uses the pay-as-you-go billing method.
DescribeScreenScoreThreadDescribeScreenScoreThreadQueries the trends of the scores on the security dashboard.
DescribeChartDataDescribeChartDataQueries the chart data of a security report.
ModifyPostPayModuleSwitchModifyPostPayModuleSwitchModifies the switch settings of pay-as-you-go modules.
OpenBackupAutoConfigOpenBackupAutoConfigEnables the automatic configuration of anti-ransomware policies for servers in the managed anti-ransomware feature. You can call this operation only after you purchase the managed anti-ransomware feature.
GetBackupAutoConfigStatusGetBackupAutoConfigStatusChecks whether the managed anti-ransomware feature can automatically configure an anti-ransomware policy for servers.
GetAegisContainerPluginRuleGetAegisContainerPluginRuleQueries the details of a defense rule against container escapes.
DeleteMonitorAccountDeleteMonitorAccountDeletes a member of the account managed by Security Center type of the multi-account management feature.
EnableServiceAccessResourceDirectoryEnableServiceAccessResourceDirectoryEnable the multi-account management feature of Security Center.
ListAccountsInResourceDirectoryListAccountsInResourceDirectoryQueries members in the resource directory that is involved when the multi-account management feature is enabled.
ModifyWebLockRefreshModifyWebLockRefreshRefreshes the status of the web tamper proofing feature for a server.
DescribeCheckResultDescribeCheckResultQueries the result of the ISO 27001 compliance check.
TriggerCheckTriggerCheckTriggers ISO 27001 compliance checks of Security Center.
ListRdDefaultSyncListListRdDefaultSyncListQueries the automatic management policies of members that are added to Security Center for multi-account management. The members in the automatic control management directory are automatically added to the member list of Security Center.
DescribeIdcAssetCriteriaDescribeIdcAssetCriteriaQueries the search conditions that can be used to query data center assets found after scanning in fuzzy match mode.
DeleteHybridProxyDeleteHybridProxyRemoves a proxy node from a specified proxy cluster.
DeleteHybridProxyClusterDeleteHybridProxyClusterDeletes a proxy cluster based on the name of the proxy cluster.
DescribeImageListByBuildRiskDescribeImageListByBuildRiskQueries a list of images that are affected by image build command risks by page.
DescribeImageBuildRiskListDescribeImageBuildRiskListQueries a list of image build command risks by page.
DescribeCheckWarningCountDescribeCheckWarningCountQueries the number of alerts that are triggered by a check item.