All Products
Search
Document Center

Security Center:DescribeCloudCenterInstances

Last Updated:Nov 25, 2024

Queries the information about assets that meet specific search conditions. For example, you can search for assets by the instance name or region of the asset.

Operation description

You can search for an asset by using search conditions, such as the instance ID, instance name, virtual private cloud (VPC) ID, region, and public IP address. You can also configure a logical relationship between multiple search conditions to search for the assets that meet the search conditions.

Debugging

You can run this interface directly in OpenAPI Explorer, saving you the trouble of calculating signatures. After running successfully, OpenAPI Explorer can automatically generate SDK code samples.

Authorization information

The following table shows the authorization information corresponding to the API. The authorization information can be used in the Action policy element to grant a RAM user or RAM role the permissions to call this API operation. Description:

  • Operation: the value that you can use in the Action element to specify the operation on a resource.
  • Access level: the access level of each operation. The levels are read, write, and list.
  • Resource type: the type of the resource on which you can authorize the RAM user or the RAM role to perform the operation. Take note of the following items:
    • The required resource types are displayed in bold characters.
    • If the permissions cannot be granted at the resource level, All Resources is used in the Resource type column of the operation.
  • Condition Key: the condition key that is defined by the cloud service.
  • Associated operation: other operations that the RAM user or the RAM role must have permissions to perform to complete the operation. To complete the operation, the RAM user or the RAM role must have the permissions to perform the associated operations.
OperationAccess levelResource typeCondition keyAssociated operation
yundun-sas:DescribeCloudCenterInstancesget
*All Resources
*
    none
none

Request parameters

ParameterTypeRequiredDescriptionExample
RegionIddeprecatedstringNo

The ID of the region in which the asset resides.

cn-hangzhou
CriteriastringNo

The search conditions. The value of this parameter is in the JSON format and is case-sensitive.

Note You can search for an asset by using the search conditions, such as the instance ID, instance name, VPC ID, region, or public IP address. You can call the DescribeCriteria operation to query the supported search conditions.
[{"name":"riskStatus","value":"YES"},{"name":"internetIp","value":"1.2.XX.XX"}]
MachineTypesstringNo

The type of the assets that you want to query. Valid values:

  • ecs: servers
  • cloud_product: Alibaba Cloud service
ecs
LogicalExpstringNo

The logical relationship among multiple search conditions. Valid values:

  • OR: The logical relationship among search conditions is OR.
  • AND: The logical relationship among search conditions is AND.
OR
PageSizeintegerNo

The number of entries to return on each page. Default value: 20.

100
CurrentPageintegerNo

The number of the page to return. Default value: 1.

1
ImportanceintegerNo

The importance of the asset. Valid values:

  • 2: an important asset
  • 1: a common asset
  • 0: a test asset
2
NoGroupTracebooleanNo

Specifies whether to internationalize the name of the default group. Valid values:

  • true: The system returns the Chinese name of the default group for the GroupTrace response parameter.
  • false: The system returns default for the GroupTrace response parameter.
false
LangstringNo

The language of the content within the request and response. Default value: zh. Valid values:

  • zh: Chinese
  • en: English
zh
UseNextTokenbooleanNo

Specifies whether to use the NextToken method to retrieve a new page of results. If you set UseNextToken to true, the value of TotalCount is not returned. Valid values:

  • true: The NextToken method is used.
  • false: The NextToken method is not used.
false
NextTokenstringNo

The value of NextToken that is returned when the NextToken method is used. You do not need to specify this parameter for the first request.

E17B501887A2D3AA5E8360A6EFA3B***
ResourceDirectoryAccountIdlongNo

The Alibaba Cloud account ID of the member in the resource directory.

Note You can call the DescribeMonitorAccounts operation to obtain the IDs.
1232428423234****
FlagsstringNo

The service provider of the asset. Separate multiple service providers with commas (,). Valid values:

  • 0: an asset provided by Alibaba Cloud
  • 1: an asset outside Alibaba Cloud
  • 2: an asset in a data center
  • 3, 4, 5, and 7: an asset from a third-party cloud service provider
  • 8: a lightweight asset
  • 9: a Serverless App Engine (SAE) instance
  • 10: an instance in Platform for AI (PAI)
1,2,3

Response parameters

ParameterTypeDescriptionExample
object
Successboolean

Indicates whether the call is successful. Valid values:

  • true: The call is successful.
  • false: The call fails.
true
RequestIdstring

The ID of the request, which is used to locate and troubleshoot issues.

32A73759-4C0F-4801-BE98-901223ACEE9A
PageInfoobject

The pagination information.

CurrentPageinteger

The page number of the returned page.

1
PageSizeinteger

The number of entries returned per page. Default value: 20.

20
TotalCountinteger

The total number of entries returned.

50
Countinteger

The number of entries returned on the current page.

10
NextTokenstring

The value of NextToken that is returned when the NextToken method is used.

B604532DEF982B875E8360A6EFA3B***
Instancesarray<object>

An array that consists of the details about the assets.

Instanceobject

The details about the asset.

Statusstring

The status of the asset. Valid values:

  • Running: running
  • notRunning: stopped
Running
CpuInfostring

The CPU information about the asset.

Intel(R) Xeon(R) Platinum 8269CY CPU @ 2.50GHz
InternetIpstring

The public IP address of the asset.

1.2.XX.XX
Kernelstring

The version of the kernel.

3.10.0-1127.19.1.el7.x86_64
Bindboolean

Indicates whether Security Center is authorized to scan the asset. Valid values:

  • true: Security Center is authorized to scan the asset.
  • false: Security Center is not authorized to scan the asset.
true
OsNamestring

The kernel version of the asset.

-
Tagstring

The name of the asset tag.

InternetIp,test
ClientStatusstring

The status of the Security Center agent installed on the asset. Valid values:

  • online: The Security Center agent is enabled.
  • offline: The Security Center agent is disabled.
  • pause: The Security Center agent is suspended.
online
Meminteger

The size of the memory. Unit: MB.

1024
VpcInstanceIdstring

The ID of the VPC to which the asset belongs.

vpc-uf60agqq65bs98zoo****
TagIdstring

The ID of the asset tag.

121313,41412
Flaginteger

Indicates whether the asset is an Alibaba Cloud asset. Valid values:

  • 0: The asset is an Alibaba Cloud asset.
  • 1: The asset is not an Alibaba Cloud asset.
0
LastLoginTimestamplong

The timestamp when the Security Center agent was last online. Unit: milliseconds.

1637592907000
AuthVersioninteger

The edition of Security Center that is authorized to scan the asset. Valid values:

  • 1: Basic edition
  • 6: Anti-virus edition
  • 5: Advanced edition
  • 3: Enterprise edition
  • 7: Ultimate edition
  • 10: Value-added Plan edition
3
Regionstring

The region ID of the asset.

cn-hangzhou-cm***-***
InstanceNamestring

The name of the asset.

yztest-l***
PodCountinteger

The number of pods.

1
VulCountinteger

The number of vulnerabilities that are detected on the asset.

2
HcStatusstring

Indicates whether baseline risks are detected on the asset. Valid values:

  • YES
  • NO
YES
CreatedTimelong

The timestamp when the cluster was created. Unit: milliseconds.

1607365213000
GroupTracestring

The name of the group to which the asset belongs.

default
ClusterIdstring

The ID of the cluster.

c690a0789419f4284a4e0a29e12fe****
RiskStatusstring

Indicates whether risks are detected on the asset. Valid values:

  • YES
  • NO
NO
Coresinteger

The number of the CPU cores used by the asset.

4
VulStatusstring

Indicates whether vulnerabilities are detected on the asset. Valid values:

  • YES
  • NO
YES
AlarmStatusstring

Indicates whether alerts are generated on the asset. Valid values:

  • YES
  • NO
NO
MacListStringstring

The MAC addresses of the system.

00:13:3e:31:13:39,02:12:67:b8:**:**
Importanceinteger

The importance of the asset. Valid values:

  • 2: an important asset
  • 1: a common asset
  • 0: a test asset
2
HealthCheckCountinteger

The number of baseline risks that are detected on the asset.

1
Ipstring

The public IP address of the asset.

1.2.XX.XX
Osstring

The operating system of the asset.

Linux
AuthModifyTimelong

The timestamp when Security Center is authorized to scan the asset.

1627974044000
SafeEventCountinteger

The number of alerts that are generated on the asset.

5
InstanceIdstring

The ID of the asset.

i-m5***
AssetTypestring

The type of the asset. Valid values:

  • 0: an ECS instance
  • 1: a Server Load Balancer (SLB) instance
  • 2: a Network Address Translation (NAT) gateway
  • 3: an ApsaraDB RDS instance
  • 4: an ApsaraDB for MongoDB instance
  • 5: an ApsaraDB for Redis instance
  • 6: a container image
  • 7: a container
ecs
IntranetIpstring

The private IP address of the asset.

1.2.XX.XX
Vendorinteger

The service provider of the asset. Valid values:

  • 0: an asset provided by Alibaba Cloud
  • 1: an asset outside Alibaba Cloud
  • 2: an asset in a data center
  • 3, 4, 5, and 7: an asset from a third-party cloud service provider
  • 8: a lightweight asset
  • 9: a SAE instance
  • 10: an instance in PAI
0
RegionIdstring

The ID of the region in which the asset resides.

cn-hanghzou
Uuidstring

The UUID of the asset.

c9107c04-942f-40c1-981a-f1c1***
GroupIdlong

The ID of the asset group to which the asset belongs.

4120080
RegionNamestring

The name of the region in which the asset resides.

China (Hangzhou)
VendorNamestring

The name of the service provider for the asset.

Valid values:

  • ALIYUN: Alibaba Cloud
  • OUT: a third-party service provider
  • IDC: a data center
  • TENCENT: Tencent Cloud
  • HUAWEICLOUD: Huawei Cloud
  • Microsoft: Microsoft Azure
  • AWS: Amazon Web Services (AWS)
  • TRIPARTITE: a lightweight server
  • SAE: a SAE instance
  • PAI: an instance in PAI
Tencent
AuthVersionNamestring

The name of the Security Center edition that is authorized to protect the asset. Valid values:

  • Basic edition
  • Anti-virus edition
  • Advanced edition
  • Enterprise edition
  • Ultimate edition
Ultimate Edition
ClusterNamestring

The name of the cluster.

cluster1
ExposedStatusinteger

Indicates whether the asset is exposed. Valid values:

  • 0: The asset is not exposed.
  • 1: The asset is exposed.
0
RiskCountstring

The total number of baseline risks that are detected on the asset. The value of this parameter is in the JSON format and contains the following fields:

  • account: the number of accounts that are used to log on from unapproved logon locations and whose passwords are cracked
  • appNum: the number of scanners
  • asapVulCount: the total number of high-severity vulnerabilities
  • baselineHigh: the number of high-risk baseline risks
  • baselineLow: the number of low-risk baseline risks
  • baselineMedium: the number of medium-risk baseline risks
  • baselineNum: the total number of baseline risks
  • cmsNum: the number of Web-CMS vulnerabilities
  • containerAsap: the number of high-severity vulnerabilities that are detected on containers
  • containerLater: the number of medium-severity vulnerabilities that are detected on containers
  • containerNntf: the number of low-severity vulnerabilities that are detected on containers
  • containerRemind: the number of alerts whose Emergency level is Reminder on containers
  • containerSerious: the number of alerts Emergency level is Urgent on containers
  • containerSuspicious: the number of alerts whose Emergency level is Suspicious on containers
  • cveNum: the number of Linux software vulnerabilities
  • emgNum: the number of urgent vulnerabilities
  • health: the number of baseline alerts that are unhandled
  • imageBaselineHigh: the number of high-risk baseline risks that are detected on images
  • imageBaselineLow: the number of low-risk baseline risks that are detected on images
  • imageBaselineMedium: the number of medium-risk baseline risks that are detected on images
  • imageBaselineNum: the total number of baseline risks that are detected on images
  • imageMaliciousFileRemind: the number of malicious files that are detected on images and have the Emergency level of Reminder
  • imageMaliciousFileSerious: the number of malicious files that are detected on images and have the Emergency level of Urgent
  • imageMaliciousFileSuspicious: the number of malicious files that are detected on images and have the Emergency level of Suspicious
  • imageVulAsap: the number of high-severity vulnerabilities that are detected on images
  • imageVulLater: the number of medium-severity vulnerabilities that are detected on an image
  • imageVulNntf: the number of low-severity vulnerabilities that are detected on an image
  • laterVulCount: the number of medium-severity vulnerabilities
  • newSuspicious: the number of alerts
  • nntfVulCount: the number of low-severity vulnerabilities.
  • remindNum: the number of alerts whose Emergency level is Reminder
  • scaNum: the number of vulnerabilities that are detected based on software component analysis
  • seriousNum: the number of alerts whose Emergency level is Urgent
  • suspNum: the number of alerts whose Emergency level is Suspicious
  • suspicious: the total number of alerts
  • sysNum: the number of Windows system vulnerabilities
  • trojan: the number of trojans
  • uuid: the UUIDs of assets
  • vul: the number of vulnerabilities
  • weakPWNum: the number of weak passwords
{"account":0,"appNum":0,"asapVulCount":0,"baselineHigh":0,"baselineLow":0,"baselineMedium":0,"baselineNum":0,"cmsNum":0,"containerAsap":0,"containerLater":0,"containerNntf":0,"containerRemind":0,"containerSerious":0,"containerSuspicious":0,"cveNum":0,"emgNum":0,"health":0,"imageBaselineHigh":0,"imageBaselineLow":0,"imageBaselineMedium":0,"imageBaselineNum":0,"imageMaliciousFileRemind":0,"imageMaliciousFileSerious":0,"imageMaliciousFileSuspicious":0,"imageVulAsap":0,"imageVulLater":0,"imageVulNntf":0,"laterVulCount":0,"newSuspicious":0,"nntfVulCount":0,"remindNum":0,"scaNum":0,"seriousNum":0,"suspNum":0,"suspicious":0,"sysNum":0,"trojan":0,"uuid":"inet-37316411-37fe-4b72-b245-346a2721d4b6","vul":0,"weakPWNum":0}
IpListStringstring

The IP addresses of the system.

172.31.XX.XX,172.171.XX.XX
AssetTypeNamestring

The name of the asset type.

Elastic Compute Service
FlagNamestring

The service provider of the asset. Valid values:

  • ALIYUN
  • OUT
  • IDC
  • Tencent
  • HUAWEICLOUD
  • Azure
  • AWS
  • ASK
  • TRIPARTITE
  • SAE
  • PAI
ASK
AppIdstring

The ID of the application.

Note This parameter is available only when the Vendor parameter is set to 9.
test
AppNamestring

The name of the application.

Note This parameter is available only when the Vendor parameter is set to 9.
testAppName

Examples

Sample success responses

JSONformat

{
  "Success": true,
  "RequestId": "32A73759-4C0F-4801-BE98-901223ACEE9A",
  "PageInfo": {
    "CurrentPage": 1,
    "PageSize": 20,
    "TotalCount": 50,
    "Count": 10,
    "NextToken": "B604532DEF982B875E8360A6EFA3B***"
  },
  "Instances": [
    {
      "Status": "Running",
      "CpuInfo": "Intel(R) Xeon(R) Platinum 8269CY CPU @ 2.50GHz",
      "InternetIp": "1.2.XX.XX",
      "Kernel": "3.10.0-1127.19.1.el7.x86_64",
      "Bind": true,
      "OsName": "-",
      "Tag": "InternetIp,test",
      "ClientStatus": "online",
      "Mem": 1024,
      "VpcInstanceId": "vpc-uf60agqq65bs98zoo****",
      "TagId": "121313,41412",
      "Flag": 0,
      "LastLoginTimestamp": 1637592907000,
      "AuthVersion": 3,
      "Region": "cn-hangzhou-cm***-***",
      "InstanceName": "yztest-l***",
      "PodCount": 1,
      "VulCount": 2,
      "HcStatus": "YES",
      "CreatedTime": 1607365213000,
      "GroupTrace": "default",
      "ClusterId": "c690a0789419f4284a4e0a29e12fe****",
      "RiskStatus": "NO",
      "Cores": 4,
      "VulStatus": "YES",
      "AlarmStatus": "NO",
      "MacListString": "00:13:3e:31:13:39,02:12:67:b8:**:**",
      "Importance": 2,
      "HealthCheckCount": 1,
      "Ip": "1.2.XX.XX",
      "Os": "Linux",
      "AuthModifyTime": 1627974044000,
      "SafeEventCount": 5,
      "InstanceId": "i-m5***",
      "AssetType": "ecs",
      "IntranetIp": "1.2.XX.XX",
      "Vendor": 0,
      "RegionId": "cn-hanghzou",
      "Uuid": "c9107c04-942f-40c1-981a-f1c1***",
      "GroupId": 4120080,
      "RegionName": "China (Hangzhou)",
      "VendorName": "Tencent",
      "AuthVersionName": "Ultimate Edition",
      "ClusterName": "cluster1",
      "ExposedStatus": 0,
      "RiskCount": "{\"account\":0,\"appNum\":0,\"asapVulCount\":0,\"baselineHigh\":0,\"baselineLow\":0,\"baselineMedium\":0,\"baselineNum\":0,\"cmsNum\":0,\"containerAsap\":0,\"containerLater\":0,\"containerNntf\":0,\"containerRemind\":0,\"containerSerious\":0,\"containerSuspicious\":0,\"cveNum\":0,\"emgNum\":0,\"health\":0,\"imageBaselineHigh\":0,\"imageBaselineLow\":0,\"imageBaselineMedium\":0,\"imageBaselineNum\":0,\"imageMaliciousFileRemind\":0,\"imageMaliciousFileSerious\":0,\"imageMaliciousFileSuspicious\":0,\"imageVulAsap\":0,\"imageVulLater\":0,\"imageVulNntf\":0,\"laterVulCount\":0,\"newSuspicious\":0,\"nntfVulCount\":0,\"remindNum\":0,\"scaNum\":0,\"seriousNum\":0,\"suspNum\":0,\"suspicious\":0,\"sysNum\":0,\"trojan\":0,\"uuid\":\"inet-37316411-37fe-4b72-b245-346a2721d4b6\",\"vul\":0,\"weakPWNum\":0}",
      "IpListString": "172.31.XX.XX,172.171.XX.XX",
      "AssetTypeName": "Elastic Compute Service",
      "FlagName": "ASK",
      "AppId": "test",
      "AppName": "testAppName"
    }
  ]
}

Error codes

HTTP status codeError codeError messageDescription
400NoPermissionno permission-
400RdCheckNoPermissionResource directory account verification has no permission.-
403NoPermissioncaller has no permissionYou are not authorized to do this operation.
500ServerErrorServerError-
500RdCheckInnerErrorResource directory account service internal error.-

For a list of error codes, visit the Service error codes.

Change history

Change timeSummary of changesOperation
2024-08-01The Error code has changed. The request parameters of the API has changed. The response structure of the API has changedView Change Details
2023-07-20The Error code has changed. The request parameters of the API has changedView Change Details
2023-07-04The Error code has changed. The request parameters of the API has changed. The response structure of the API has changedView Change Details
2022-12-23API Description Update. The API operation is not deprecated.. The Error code has changedView Change Details