This topic describes the types of server assets and cloud services that work with Security Center.
Server assets
Servers that are deployed on Alibaba Cloud: Elastic Compute Service (ECS) instances and simple application servers
Servers that are not deployed on Alibaba Cloud: on-premises servers, servers in data centers, and third-party cloud servers
Security Center provides different protection capabilities for different types of servers. For more information, see Security Center features supported by different types of servers.
Cloud services
The following tables describe the cloud services that work with Security Center. The tables also describe whether the cloud services support the configuration assessment feature and whether you can view the resources of the cloud services in the Security Center console.
The following symbols are used in the table:
: The feature is supported. 
: The feature is not supported.
The feature columns in the following tables vary with cloud service providers. If a table does not contain a feature column, the feature is not supported.
Service category | Service | Service subtype | Configuration assessment | Resource display | |
Computing | Cloud server | Elastic Compute Service (ECS) | Instance |
|
|
Disk (storage) |
|
| |||
Security group |
|
| |||
Snapshot |
|
| |||
Image |
|
| |||
Simple Application Server | VERSION_CONFIG |
|
| ||
Auto Scaling | Scaling group |
|
| ||
Configuration for scaling groups of the ECS type |
|
| |||
Configuration for scaling groups of the Elastic Container Instance type |
|
| |||
WUYING | WUYING Workspace | Cloud desktop |
|
| |
File Storage NAS (NAS) |
|
| |||
Container | Container service | Container Registry | Enterprise Edition |
|
|
Personal Edition |
|
| |||
Container Service for Kubernetes | Cluster |
|
| ||
Storage | Essential storage service | Object Storage Service (OSS) | Bucket |
|
|
File Storage NAS | File system |
|
| ||
Storage data service | Simple Log Service | Project |
|
| |
Network and CDN | Cloud network | Server Load Balancer (SLB) | Classic Load Balancer (CLB) |
|
|
Application Load Balancer (ALB) |
|
| |||
Virtual Private Cloud | NAT Gateway |
|
| ||
Elastic IP Address (EIP) |
|
| |||
VPN |
|
| |||
Flow log |
|
| |||
VPC |
|
| |||
Elastic IP Address | Anycast EIP |
|
| ||
CDN | CDN | Domain name |
|
| |
Cross-region network | Global Accelerator (GA) | Instance |
|
| |
Domain name |
|
| |||
Listener |
|
| |||
Security | Cloud security | Anti-DDoS | Instance |
|
|
Domain name |
|
| |||
WEB_RULE |
|
| |||
Web Application Firewall | Instance |
|
| ||
Domain name |
|
| |||
Cloud Firewall | Asset |
|
| ||
Access control policy |
|
| |||
Access control policy group |
|
| |||
Bastionhost | Instance |
|
| ||
Data security | Certificate Management Service (Original SSL Certificate) | Certificate |
|
| |
Data Security Center | Instance |
|
| ||
Key Management Service (KMS) | Instance |
|
| ||
Key |
|
| |||
Credential |
|
| |||
Identity security | Identity as a Service | Enterprise Identity Access Management (EIAM) instance |
|
| |
Middleware | Microservices tool and platform | Microservices Engine | Cluster |
|
|
Gateway |
|
| |||
ApsaraMQ | ApsaraMQ for Kafka | Instance |
|
| |
Application integration | API Gateway | Instance |
|
| |
Database | Relational database | ApsaraDB RDS | Instance |
|
|
PolarDB | Cluster |
|
| ||
PolarDB for Xscale | Instance |
|
| ||
ApsaraDB for OceanBase | Database |
|
| ||
NoSQL database | ApsaraDB for MongoDB | Instance |
|
| |
Tair (Redis OSS-compatible) | Instance |
|
| ||
Lindorm | Instance |
|
| ||
ApsaraDB for HBase | Instance |
|
| ||
Data warehouse | AnalyticDB for PostgreSQL | Instance |
|
| |
AnalyticDB for MySQL | Instance |
|
| ||
ApsaraDB for ClickHouse | Instance |
|
| ||
ApsaraDB for SelectDB | Instance |
|
| ||
Database management tool | Data Management (DMS) | Instance |
|
| |
User and tenant |
|
| |||
Analytics computing | Data computing and analytics | Elasticsearch (ES) | Instance |
|
|
MaxCompute | Project |
|
| ||
Hologres | Instance |
|
| ||
Data development and service | DataWorks | Workspace |
|
| |
Enterprise service and cloud communication | Enterprise foundation service | Domain Names | Domain name |
|
|
Serverless | Computing | Function Compute | Domain name |
|
|
Application |
|
| |||
Development tool | Apsara DevOps | Apsara Devops | Organization |
|
|
Migration and O&M management | Cloud management | ActionTrail | Trail |
|
|
Resource Access Management | Account alias |
|
| ||
User |
|
| |||
Policy |
|
| |||
Group |
|
| |||
Role |
|
| |||
CAM |
|
| |||
Service category | Service | Service subtype | Configuration assessment | Resource display |
Computing | Cloud Virtual Machine (CVM) | Instance |
|
|
Security group |
|
| ||
Container | Tencent Container Registry | Instance |
|
|
Image repository information |
|
| ||
Essential storage service | Cloud Object Storage (COS) | Instance |
|
|
Cloud Block Storage (CBS) | Instance |
|
| |
Relational database | TencentDB for MySQL | Instance |
|
|
Account |
|
| ||
TencentDB for PostgreSQL | Instance |
|
| |
TencentDB for MariaDB | Instance |
|
| |
Account |
|
| ||
Enterprise distributed database | TDSQL for MySQL | Instance |
|
|
NoSQL database | TencentDB for Redis | Instance |
|
|
Networking | Cloud Load Balancer | Instance |
|
|
Virtual Private Cloud (VPC) | Instance |
|
| |
Domain and website | SSL Certificate Service | Instance |
|
|
Big data | Elasticsearch Service | Instance |
|
|
Management and audit | Cloud Access Management (CAM) | Collaborator |
|
|
Collaborator AccessKey |
|
| ||
Collaborator policy |
|
| ||
Role |
|
| ||
Role policy |
|
| ||
Sub-user |
|
| ||
Sub-user AccessKey |
|
| ||
Sub-user policy |
|
|
Service category | Service | Service subtype | Configuration assessment | Resource display |
Analytics | Amazon Redshift | Cluster |
|
|
Computing | Amazon EC2 | Instance |
|
|
Security group |
|
| ||
Snapshot |
|
| ||
Subnet |
|
| ||
Volume |
|
| ||
VPC |
|
| ||
Transit gateway |
|
| ||
VPN |
|
| ||
Container | Amazon Elastic Container Service | Cluster |
|
|
Service |
|
| ||
Scheduled task |
|
| ||
Cryptography and public key infrastructure (PKI) | AWS Key Management Service | Key |
|
|
Database | Amazon RDS | Instance |
|
|
Cluster |
|
| ||
Cluster snapshot |
|
| ||
Amazon ElastiCache | Cluster |
|
| |
Replication group |
|
| ||
Management and governance | AWS Auto Scaling | Group |
|
|
Launch configuration |
| |||
AWS Config | Configuration recording |
|
| |
AWS CloudTrail | Trail |
|
| |
Networking and content delivery | Load balancer | Elastic Load Balancing (ELB) |
|
|
CLB |
|
| ||
ALB |
|
| ||
Listener |
|
| ||
Amazon CloudFront | Distribution |
|
| |
Security, identity and compliance | AWS Security Hub | Setting |
|
|
Identity and Access Management (IAM) | Policy |
|
| |
Role policy |
|
| ||
Credential report |
|
| ||
User |
|
| ||
Password policy |
|
| ||
Account statistics |
|
| ||
Multi-factor authentication (MFA) device |
|
| ||
Key |
|
| ||
Service certificate |
|
| ||
Bucket policy |
|
| ||
Storage | Amazon S3 | Bucket |
|
|
Bucket lifecycle configuration |
|
|
Service category | Service | Service subtype | Resource display |
Database | SQL Server on Azure Virtual Machines | Instance |
|
Azure Database for MySQL | Instance |
| |
Azure Database for MariaDB | Instance |
| |
Azure Cosmos DB | Account |
| |
Storage | Azure Blob Storage | Account |
|
Computing | Azure Kubernetes Service (AKS) | Computing |
|
Virtual Machines | Instance |
| |
Container | Azure Container Registry | Container registry |
|
Networking | Virtual Network | Instance |
|
Security | Azure App Configuration | Instance |
|
Service category | Service | Service subtype | Resource display |
Computing | Elastic Cloud Server (ECS) | Instance |
|
Auto Scaling | Auto Scaling group |
| |
Networking | Elastic Load Balance (ELB) | Instance |
|
VPC | VPC |
| |
Elastic IP (EIP) |
| ||
Storage | Object Storage Service (OBS) | Bucket |
|
Elastic Volume Service (EVS) | Disk |
| |
Relational database | RDS | Instance |
|
GaussDB | Instance |
| |
Non-relational database | GeminiDB | Instance |
|
References
You can use protection capabilities provided by Security Center to protect servers only if you install the Security Center agent on the servers and the operating systems and kernel versions of the servers are supported. For more information, see Operating systems supported by the Security Center agent and Install the Security Center agent.
You can add assets from a third party such as Tencent Cloud, Huawei Cloud, AWS, and Microsoft Azure to Security Center for centralized protection and management. For more information, see Add a third-party asset to Security Center.
You can add assets in data centers to Security Center for centralized management. For more information, see Add assets in data centers to Security Center.
You can add the servers that are inaccessible over the Internet to Security Center by configuring a proxy server. The servers include hosts and containers. For more information, see Add servers to Security Center by using the proxy access feature.