This topic describes the types of server assets and cloud services that work with Security Center.
Server assets
Servers that are deployed on Alibaba Cloud: Elastic Compute Service (ECS) instances and simple application servers
Servers that are not deployed on Alibaba Cloud: on-premises servers, servers in data centers, and third-party cloud servers
Cloud services
The following tables describe the cloud services that work with Security Center. The tables also describe whether the cloud services support the CSPM feature and whether you can view the resources of the cloud services in the Security Center console.
Note The following symbols are used in the table:
The feature columns in the following tables vary with cloud service providers. If a table does not contain a feature column, the feature is not supported.
Alibaba Cloud
Service category | Service | Service subtype | CSPM | Resource display |
Computing | Cloud server | Elastic Compute Service (ECS) | Instance | | |
Disk (storage) | | |
Security group | | |
Snapshot | | |
Image | | |
Simple Application Server | VERSION_CONFIG | | |
Auto Scaling | Scaling group | | |
Configuration for scaling groups of the ECS type | | |
Configuration for scaling groups of the Elastic Container Instance type | | |
WUYING | WUYING Workspace | Cloud desktop | | |
File Storage NAS (NAS) | | |
Container | Container service | Container Registry | Enterprise Edition | | |
Personal Edition | | |
Container Service for Kubernetes | Cluster | | |
Storage | Essential storage service | Object Storage Service (OSS) | Bucket | | |
File Storage NAS | File system | | |
Storage data service | Simple Log Service | Project | | |
Network and CDN | Cloud network | Server Load Balancer (SLB) | Classic Load Balancer (CLB) | | |
Application Load Balancer (ALB) | | |
Virtual Private Cloud | NAT Gateway | | |
Elastic IP Address (EIP) | | |
VPN | | |
Flow log | | |
VPC | | |
Elastic IP Address | Anycast EIP | | |
CDN | CDN | Domain name | | |
Cross-region network | Global Accelerator (GA) | Instance | | |
Domain name | | |
Listener | | |
Security | Cloud security | Anti-DDoS | Instance | | |
Domain name | | |
WEB_RULE | | |
Web Application Firewall | Instance | | |
Domain name | | |
Cloud Firewall | Asset | | |
Access control policy | | |
Access control policy group | | |
Bastionhost | Instance | | |
Data security | Certificate Management Service (Original SSL Certificate) | Certificate | | |
Data Security Center | Instance | | |
Key Management Service (KMS) | Instance | | |
Key | | |
Credential | | |
Identity security | Identity as a Service | Enterprise Identity Access Management (EIAM) instance | | |
Middleware | Microservices tool and platform | Microservices Engine | Cluster | | |
Gateway | | |
ApsaraMQ | ApsaraMQ for Kafka | Instance | | |
Application integration | API Gateway | Instance | | |
Database | Relational database | ApsaraDB RDS | Instance | | |
PolarDB | Cluster | | |
PolarDB for Xscale | Instance | | |
ApsaraDB for OceanBase | Database | | |
NoSQL database | ApsaraDB for MongoDB | Instance | | |
Tair (Redis OSS-compatible) | Instance | | |
Lindorm | Instance | | |
ApsaraDB for HBase | Instance | | |
Data warehouse | AnalyticDB for PostgreSQL | Instance | | |
AnalyticDB for MySQL | Instance | | |
ApsaraDB for ClickHouse | Instance | | |
ApsaraDB for SelectDB | Instance | | |
Database management tool | Data Management (DMS) | Instance | | |
User and tenant | | |
Analytics computing | Data computing and analytics | Elasticsearch (ES) | Instance | | |
MaxCompute | Project | | |
Hologres | Instance | | |
Data development and service | DataWorks | Workspace | | |
Enterprise service and cloud communication | Enterprise foundation service | Domain Names | Domain name | | |
Serverless | Computing | Function Compute | Domain name | | |
Application | | |
Development tool | Apsara DevOps | Apsara Devops | Organization | | |
Migration and O&M management | Cloud management | ActionTrail | Trail | | |
Resource Access Management | Account alias | | |
User | | |
Policy | | |
Group | | |
Role | | |
CAM | | |
Tencent Cloud
Service category | Service | Service subtype | CSPM | Resource display |
Computing | Cloud Virtual Machine (CVM) | Instance | | |
Security group | | |
Container | Tencent Container Registry | Instance | | |
Image repository information | | |
Essential storage service | Cloud Object Storage (COS) | Instance | | |
Cloud Block Storage (CBS) | Instance | | |
Relational database | TencentDB for MySQL | Instance | | |
Account | | |
TencentDB for PostgreSQL | Instance | | |
TencentDB for MariaDB | Instance | | |
Account | | |
Enterprise distributed database | TDSQL for MySQL | Instance | | |
NoSQL database | TencentDB for Redis | Instance | | |
Networking | Cloud Load Balancer | Instance | | |
Virtual Private Cloud (VPC) | Instance | | |
Domain and website | SSL Certificate Service | Instance | | |
Big data | Elasticsearch Service | Instance | | |
Management and audit | Cloud Access Management (CAM) | Collaborator | | |
Collaborator AccessKey | | |
Collaborator policy | | |
Role | | |
Role policy | | |
Sub-user | | |
Sub-user AccessKey | | |
Sub-user policy | | |
Amazon Web Services (AWS)
Service category | Service | Service subtype | CSPM | Resource display |
Analytics | Amazon Redshift | Cluster | | |
Computing | Amazon EC2 | Instance | | |
Security group | | |
Snapshot | | |
Subnet | | |
Volume | | |
VPC | | |
Transit gateway | | |
VPN | | |
Container | Amazon Elastic Container Service | Cluster | | |
Service | | |
Scheduled task | | |
Cryptography and public key infrastructure (PKI) | AWS Key Management Service | Key | | |
Database | Amazon RDS | Instance | | |
Cluster | | |
Cluster snapshot | | |
Amazon ElastiCache | Cluster | | |
Replication group | | |
Management and governance | AWS Auto Scaling | Group | | |
Launch configuration | | |
AWS Config | Configuration recording | | |
AWS CloudTrail | Trail | | |
Networking and content delivery | Load balancer | Elastic Load Balancing (ELB) | | |
CLB | | |
ALB | | |
Listener | | |
Amazon CloudFront | Distribution | | |
Security, identity and compliance | AWS Security Hub | Setting | | |
Identity and Access Management (IAM) | Policy | | |
Role policy | | |
Credential report | | |
User | | |
Password policy | | |
Account statistics | | |
Multi-factor authentication (MFA) device | | |
Key | | |
Service certificate | | |
Bucket policy | | |
Storage | Amazon S3 | Bucket | | |
Bucket lifecycle configuration | | |
Microsoft Azure
Service category | Service | Service subtype | Resource display |
Database | SQL Server on Azure Virtual Machines | Instance | |
Azure Database for MySQL | Instance | |
Azure Database for MariaDB | Instance | |
Azure Cosmos DB | Account | |
Storage | Azure Blob Storage | Account | |
Computing | Azure Kubernetes Service (AKS) | Computing | |
Virtual Machines | Instance | |
Container | Azure Container Registry | Container registry | |
Networking | Virtual Network | Instance | |
Security | Azure App Configuration | Instance | |
Huawei Cloud
Service category | Service | Service subtype | Resource display |
Computing | Elastic Cloud Server (ECS) | Instance | |
Auto Scaling | Auto Scaling group | |
Networking | Elastic Load Balance (ELB) | Instance | |
VPC | VPC | |
Elastic IP (EIP) | |
Storage | Object Storage Service (OBS) | Bucket | |
Elastic Volume Service (EVS) | Disk | |
Relational database | RDS | Instance | |
GaussDB | Instance | |
Non-relational database | GeminiDB | Instance | |