DescribeAgentlessSensitiveFileByKey - Security Center - Alibaba Cloud Documentation Center

Queries the list of assets on which a specific type of sensitive files are detected by using the agentless detection feature.

Operation description

You can call this operation only when the agentless detection feature is purchased by using the pay-as-you-go billing method within your Alibaba Cloud account.

Debugging

You can run this interface directly in OpenAPI Explorer, saving you the trouble of calculating signatures. After running successfully, OpenAPI Explorer can automatically generate SDK code samples.

Debug

Authorization information

The following table shows the authorization information corresponding to the API. The authorization information can be used in the Action policy element to grant a RAM user or RAM role the permissions to call this API operation. Description:

Operation: the value that you can use in the Action element to specify the operation on a resource.
Access level: the access level of each operation. The levels are read, write, and list.
Resource type: the type of the resource on which you can authorize the RAM user or the RAM role to perform the operation. Take note of the following items:
- The required resource types are displayed in bold characters.
- If the permissions cannot be granted at the resource level, All Resources is used in the Resource type column of the operation.
Condition Key: the condition key that is defined by the cloud service.
Associated operation: other operations that the RAM user or the RAM role must have permissions to perform to complete the operation. To complete the operation, the RAM user or the RAM role must have the permissions to perform the associated operations.

Operation	Access level	Resource type	Condition key	Associated operation
yundun-sas:DescribeAgentlessSensitiveFileByKey	get	All Resources *	none	none

Request parameters

Parameter	Type	Required	Description	Example
SensitiveFileKey	string	Yes	The type of the sensitive file.	sshpasswd
Status	string	No	The status of the baseline risk. Valid values: 0: unfixed. 1: fixed.	0
InstanceId	string	No	The instance ID of the asset that is scanned. To query the instance ID, go to the Task Management page, click Details of a task, and then view the value of Check On.	i-bp1fu4aqltf1huhc****
Remark	string	No	The name or IP address of the asset.	1.2.XX.XX
PageSize	integer	No	The number of entries per page. Default value: 20. If you leave this parameter empty, 20 entries are returned on each page. Note We recommend that you do not leave this parameter empty.	50
CurrentPage	integer	No	The page number. Default value: 1.	1
ScanRange	array	No	The types of the assets that are scanned.
	string	No	The type of the asset that is scanned. Valid values: agentless_image: the image of the host. agentless_snapshot: the snapshot of the host. ecs_image: a custom image. ecs_snapshot: a user-created snapshot.	agentless_image
ImageUuid	string	No	The UUID of the asset that is scanned. You can query the UUID on the Host or Cloud Product page. If you scan a host, set this parameter to the UUID of the scanned host. If you scan a snapshot or a custom image, set this parameter to the ID of the scanned snapshot or image.	06293273b67d19516cfcc712194f****

Response parameters

Parameter	Type	Description	Example
	object	Schema of Response
RequestId	string	The request ID.	FBBEB173-1F43-505F-A876-C03ECDF6CE4C
PageInfo	object	The pagination information.
CurrentPage	integer	The page number.	1
PageSize	integer	The number of entries per page.	20
TotalCount	integer	The total number of entries returned.	100
Count	integer	The number of entries returned on the current page.	20
SensitiveFileList	array<object>	The information about the sensitive files that are detected by using the agentless detection feature.
SensitiveFileList	object	The information about the sensitive file that is detected by using the agentless detection feature.
SensitiveFileKey	string	The type of the sensitive file.	pem
RiskLevel	string	The risk level. Valid values: high medium low	high
InternetIp	string	The public IP address of the asset.	95.214.XX.XX
IntranetIp	string	The private IP address of the asset.	10.68.XX.XX
Uuid	string	The UUID of the asset.	73e6a851-e63b-49ef-9d7a-5542d765****
TargetName	string	The name of the asset.	SAS_Agentless_171869952****
Status	integer	The status of the sensitive file. Valid values: 0: unhandled. 1: ignored. 2: false positive.	0
InstanceName	string	The instance name of the asset.	test-server
FirstScanTime	long	The timestamp when the first scan was performed. Unit: milliseconds.	1663321552000
LastScanTime	long	The timestamp when the last scan was performed. Unit: milliseconds.	1663691592000
Success	boolean	Indicates whether the request was successful. Valid values: true false	true

Examples

Sample success responses

JSONformat

{
  "RequestId": "FBBEB173-1F43-505F-A876-C03ECDF6CE4C",
  "PageInfo": {
    "CurrentPage": 1,
    "PageSize": 20,
    "TotalCount": 100,
    "Count": 20
  },
  "SensitiveFileList": [
    {
      "SensitiveFileKey": "pem",
      "RiskLevel": "high",
      "InternetIp": "95.214.XX.XX",
      "IntranetIp": "10.68.XX.XX",
      "Uuid": "73e6a851-e63b-49ef-9d7a-5542d765****",
      "TargetName": "SAS_Agentless_171869952****",
      "Status": 0,
      "InstanceName": "test-server",
      "FirstScanTime": 1663321552000,
      "LastScanTime": 1663691592000
    }
  ],
  "Success": true
}

Error codes

HTTP status code	Error code	Error message	Description
403	NoPermission	caller has no permission	You are not authorized to do this operation.
500	ServerError	ServerError	-

For a list of error codes, visit the Service error codes.