DescribeTenantSecurityConfigs - ApsaraDB for OceanBase - Alibaba Cloud Documentation Center

You can call this operation to query security check items of an OceanBase Database tenant.

Debugging

You can run this interface directly in OpenAPI Explorer, saving you the trouble of calculating signatures. After running successfully, OpenAPI Explorer can automatically generate SDK code samples.

Debug

Authorization information

The following table shows the authorization information corresponding to the API. The authorization information can be used in the Action policy element to grant a RAM user or RAM role the permissions to call this API operation. Description:

Operation: the value that you can use in the Action element to specify the operation on a resource.
Access level: the access level of each operation. The levels are read, write, and list.
Resource type: the type of the resource on which you can authorize the RAM user or the RAM role to perform the operation. Take note of the following items:
- The required resource types are displayed in bold characters.
- If the permissions cannot be granted at the resource level, All Resources is used in the Resource type column of the operation.
Condition Key: the condition key that is defined by the cloud service.
Associated operation: other operations that the RAM user or the RAM role must have permissions to perform to complete the operation. To complete the operation, the RAM user or the RAM role must have the permissions to perform the associated operations.

Operation	Access level	Resource type	Condition key	Associated operation
oceanbase:DescribeTenantSecurityConfigs		All Resources *	none	none

Request parameters

Parameter	Type	Required	Description	Example
InstanceId	string	Yes	The ID of the OceanBase cluster.	ob317v4uif****
TenantId	string	No	The ID of the tenant.	t4louaeei****
CheckId	string	No	The unique identifier of the security check.	****

Response parameters

Parameter	Type	Description	Example
	object	The return result of the request.
RequestId	string	The ID of the request.	523E7183-**-590D-**-12DFD316614B
Configs	object	The list of parameters.
TotalCheckCount	integer	The total number of security check items.	4
TotalRiskCount	integer	The total number of detected security risks.	0
TenantSecurityConfigs	array<object>	The check result.
TenantSecurityConfigs	object	The ID of the tenant.
TenantId	string	The ID of the tenant.	xxx
TenantName	string	The name of the tenant.	xxx
RiskCount	integer	The number of detected tenant security risks.	0
SecurityConfigs	array<object>	The list of risks.
SecurityConfigs	object	The list of risks.
ConfigGroup	string	The group of the risk.	WHITELIST
ConfigName	string	The name of the risk.	WHITELIST_RANGE_LARGE
Risk	boolean	Indicates whether the risk causes security issues.	true
RiskDescription	string	The description of the risk.	The scope of the allowlist is too big.
ConfigDescription	string	The name of the check item.	Check whether the scope of the cluster allowlist is too big
CheckId	string	The unique identifier of the check.	xxx
InstanceId	string	The ID of the OceanBase cluster.	ob317v4uif****
CheckTime	string	The time when the check was performed.	2023-08-07 15:30:00

Examples

Sample success responses

JSONformat

{
  "RequestId": "523E7183-****-590D-****-12DFD316614B",
  "Configs": {
    "TotalCheckCount": 4,
    "TotalRiskCount": 0,
    "TenantSecurityConfigs": [
      {
        "TenantId": "xxx",
        "TenantName": "xxx",
        "RiskCount": 0,
        "SecurityConfigs": [
          {
            "ConfigGroup": "WHITELIST",
            "ConfigName": "WHITELIST_RANGE_LARGE",
            "Risk": true,
            "RiskDescription": "The scope of the allowlist is too big.",
            "ConfigDescription": "Check whether the scope of the cluster allowlist is too big"
          }
        ]
      }
    ],
    "CheckId": " xxx",
    "InstanceId": "ob317v4uif****",
    "CheckTime": "2023-08-07 15:30:00"
  }
}

Error codes

For a list of error codes, visit the Service error codes.

Change history

Change time	Summary of changes	Operation
2023-10-30	The request parameters of the API has changed. The response structure of the API has changed	View Change Details