All Products
Search
Document Center

Security Center:DescribeContainerInstances

Last Updated:Nov 25, 2024

Queries the information about containers.

Debugging

You can run this interface directly in OpenAPI Explorer, saving you the trouble of calculating signatures. After running successfully, OpenAPI Explorer can automatically generate SDK code samples.

Authorization information

The following table shows the authorization information corresponding to the API. The authorization information can be used in the Action policy element to grant a RAM user or RAM role the permissions to call this API operation. Description:

  • Operation: the value that you can use in the Action element to specify the operation on a resource.
  • Access level: the access level of each operation. The levels are read, write, and list.
  • Resource type: the type of the resource on which you can authorize the RAM user or the RAM role to perform the operation. Take note of the following items:
    • The required resource types are displayed in bold characters.
    • If the permissions cannot be granted at the resource level, All Resources is used in the Resource type column of the operation.
  • Condition Key: the condition key that is defined by the cloud service.
  • Associated operation: other operations that the RAM user or the RAM role must have permissions to perform to complete the operation. To complete the operation, the RAM user or the RAM role must have the permissions to perform the associated operations.
OperationAccess levelResource typeCondition keyAssociated operation
yundun-sas:DescribeContainerInstancesget
*All Resources
*
    none
none

Request parameters

ParameterTypeRequiredDescriptionExample
CriteriastringNo

The search conditions that are used to filter containers. The value of this parameter is in the JSON format and is case-sensitive. The value contains the following fields:

  • name: the search condition.

  • name: the value of the search condition.

  • logicalExp: the logical relationship among multiple search conditions. Valid values:

    • OR: Search conditions are evaluated by using a logical OR.
    • AND: Search conditions are evaluated by using a logical AND.
Note You can use search conditions such as the container ID, cluster ID, cluster name, cluster type, risk level, and region. You can call the DescribeContainerCriteria operation to query the supported search conditions.
[{"name":"flag","value":"0|8","logicalExp":"AND"},{"name":"ecsType","value":"!8","logicalExp":"AND"}][{"name":"clusterType","value":"NotManagedKubernetes","logicalExp":"AND"}]
LogicalExpstringNo

The logical operator that you want to use to evaluate multiple search conditions. Valid values:

  • OR: Search conditions are evaluated by using a logical OR.
  • AND: Search conditions are evaluated by using a logical AND.
AND
PageSizeintegerNo

The number of entries to return on each page. Default value: 20. If you leave this parameter empty, 20 entries are returned on each page.

Note We recommend that you do not leave this parameter empty.
20
CurrentPageintegerNo

The number of the page to return. Default value: 1.

1

Response parameters

ParameterTypeDescriptionExample
object

The response parameters.

RequestIdstring

The ID of the request, which is used to locate and troubleshoot issues.

79CFF74D-E967-5407-8A78-EE03B925FDAA
PageInfoobject

The pagination information.

CurrentPageinteger

The page number of the returned page.

1
PageSizeinteger

The number of entries returned per page.

20
TotalCountinteger

The total number of entries returned.

45
Countinteger

The number of entries returned on the current page.

3
ContainerInstanceListarray<object>

The details of the container asset.

ContainerInstanceobject

The information about the container.

ImageRepoTagstring

The tag that is added to the image.

0.3.1.0-dfa2010-aliyun
AppNamestring

The name of the application.

alibaba-log-controller
PodIpstring

The IP address of the pod.

172.24.XX.XX
VulCountinteger

The number of vulnerabilities that are detected in the container cluster.

15
HcStatusstring

Indicates whether baseline risks are detected. Valid values:

  • NO
  • YES
YES
ImageIdstring

The image ID.

registry-vpc.cn-beijing.aliyuncs.com/acs/log-controller@sha256:5b046e2de8c490819125193ee2eb71a66f2cc16c032dcd8b69ead4be1024****
ClusterIdstring

The ID of the cluster.

cfb41a869c71e4678a97021582dd8a****
ImageRepoNamestring

The name of the image repository.

log-controller
HostIpstring

The IP address of the host.

172.24.XX.XX
Podstring

The pod.

alibaba-log-controller-6f847f8786-mk2mg
RiskStatusstring

Indicates whether risks exist. Valid values:

  • NO
  • YES
YES
VulStatusstring

Indicates whether vulnerabilities are detected in the container. Valid values:

  • YES
  • NO
YES
AlarmStatusstring

Indicates whether alerts are generated for the container. Valid values:

  • YES
  • NO
YES
Imagestring

The image of the container.

docker.io/library/nginx:latest
ImageRepoNamespacestring

The namespace of the image repository.

acs
ImageDigeststring

The digest value of the image.

5b046e2de8c490819125193ee2eb71a66f2cc16c032dcd8b69ead4be1024****
Namespacestring

The namespace.

kube-system
InstanceIdstring

The instance ID of the asset.

i-2zegzjyotydfkz9****
NodeInfostring

The node information.

test
ImageUuidstring

The UUID of the image.

5f23dfbceec289a49ac94e035e2****
RegionIdstring

The region ID of the container.

cn-hangzhou
UpdateMarkstring

The update identifier of the container.

79cff74d-e967-5407-8a78-ee03b9****
ContainerIdstring

The ID of the container.

48a6d9a92435a13ad573372c3f3c63b7e04d106458141df9f92155709d****
NodeNamestring

The name of the node.

test
HcCountinteger

The number of baseline risks.

1
ClusterNamestring

The cluster name.

test
RiskCountstring

The number of risks.

1
AlarmCountinteger

The number of alerts.

1
CreateTimestamplong

The timestamp when the cluster was created. Unit: milliseconds.

1670368337000
Exposedinteger

Indicates whether the asset is exposed to the Internet.

  • 1: exposed
  • 0: not exposed
1
ExposedDetailstring

The exposure details. The value is a JSON string.

[{}]

Examples

Sample success responses

JSONformat

{
  "RequestId": "79CFF74D-E967-5407-8A78-EE03B925FDAA",
  "PageInfo": {
    "CurrentPage": 1,
    "PageSize": 20,
    "TotalCount": 45,
    "Count": 3
  },
  "ContainerInstanceList": [
    {
      "ImageRepoTag": "0.3.1.0-dfa2010-aliyun",
      "AppName": "alibaba-log-controller",
      "PodIp": "172.24.XX.XX",
      "VulCount": 15,
      "HcStatus": "YES",
      "ImageId": "registry-vpc.cn-beijing.aliyuncs.com/acs/log-controller@sha256:5b046e2de8c490819125193ee2eb71a66f2cc16c032dcd8b69ead4be1024****",
      "ClusterId": "cfb41a869c71e4678a97021582dd8a****",
      "ImageRepoName": "log-controller",
      "HostIp": "172.24.XX.XX",
      "Pod": "alibaba-log-controller-6f847f8786-mk2mg",
      "RiskStatus": "YES",
      "VulStatus": "YES",
      "AlarmStatus": "YES",
      "Image": "docker.io/library/nginx:latest",
      "ImageRepoNamespace": "acs",
      "ImageDigest": "5b046e2de8c490819125193ee2eb71a66f2cc16c032dcd8b69ead4be1024****",
      "Namespace": "kube-system",
      "InstanceId": "i-2zegzjyotydfkz9****",
      "NodeInfo": "test",
      "ImageUuid": "5f23dfbceec289a49ac94e035e2****",
      "RegionId": "cn-hangzhou",
      "UpdateMark": "79cff74d-e967-5407-8a78-ee03b9****",
      "ContainerId": "48a6d9a92435a13ad573372c3f3c63b7e04d106458141df9f92155709d****",
      "NodeName": "test",
      "HcCount": 1,
      "ClusterName": "test",
      "RiskCount": "1",
      "AlarmCount": 1,
      "CreateTimestamp": 1670368337000,
      "Exposed": 1,
      "ExposedDetail": "[{}]"
    }
  ]
}

Error codes

HTTP status codeError codeError messageDescription
403NoPermissioncaller has no permissionYou are not authorized to do this operation.
500ServerErrorServerError-

For a list of error codes, visit the Service error codes.

Change history

Change timeSummary of changesOperation
2023-06-21The response structure of the API has changedView Change Details