All Products
Search
Document Center

Security Center:ListCheckResult

更新時間:Nov 25, 2024

Queries the details of the risk items that are detected in the configuration checks on cloud services.

Debugging

You can run this interface directly in OpenAPI Explorer, saving you the trouble of calculating signatures. After running successfully, OpenAPI Explorer can automatically generate SDK code samples.

Authorization information

The following table shows the authorization information corresponding to the API. The authorization information can be used in the Action policy element to grant a RAM user or RAM role the permissions to call this API operation. Description:

  • Operation: the value that you can use in the Action element to specify the operation on a resource.
  • Access level: the access level of each operation. The levels are read, write, and list.
  • Resource type: the type of the resource on which you can authorize the RAM user or the RAM role to perform the operation. Take note of the following items:
    • The required resource types are displayed in bold characters.
    • If the permissions cannot be granted at the resource level, All Resources is used in the Resource type column of the operation.
  • Condition Key: the condition key that is defined by the cloud service.
  • Associated operation: other operations that the RAM user or the RAM role must have permissions to perform to complete the operation. To complete the operation, the RAM user or the RAM role must have the permissions to perform the associated operations.
OperationAccess levelResource typeCondition keyAssociated operation
yundun-sas:ListCheckResultget
*All Resources
*
    none
none

Request parameters

ParameterTypeRequiredDescriptionExample
StandardIdsarrayNo

The standard IDs.

StandardIdlongNo

The standard ID.

2
RequirementIdsarrayNo

The IDs of the requirements.

RequirementIdlongNo

The ID of the requirement.

2
StatusesarrayNo

The statuses of check items. Separate multiple statuses with commas (,). Valid values:

  • PASS
  • NOT_PASS
  • CHECKING
  • NOT_CHECK
  • WHITELIST
stringNo

The statuses of check items. Separate multiple states with commas (,). Valid values:

  • PASS
  • NOT_PASS
  • CHECKING
  • NOT_CHECK
  • WHITELIST
PASS
RiskLevelsarrayNo

The risk levels of check items. Separate multiple risk levels with commas (,). Valid values:

  • HIGH
  • MEDIUM
  • LOW
stringNo

The risk levels of check items. Separate multiple risk levels with commas (,). Valid values:

  • HIGH
  • MEDIUM
  • LOW
HIGH
VendorsarrayNo

The cloud service providers. Valid values:

  • ALIYUN: Alibaba Cloud
  • TENCENT: Tencent Cloud
  • AWS: Amazon Web Services (AWS)
  • MICROSOFT: Microsoft Azure
stringNo

The cloud service provider. Valid values:

  • ALIYUN: Alibaba Cloud
  • TENCENT: Tencent Cloud
  • AWS: AWS
  • MICROSOFT: Microsoft Azure
ALIYUN
InstanceTypesarrayNo

The asset type of the cloud services. Valid values:

  • ECS: Elastic Compute Service (ECS)
  • SLB: Server Load Balancer (SLB)
  • RDS: ApsaraDB RDS
  • MONGODB: ApsaraDB for MongoDB (MongoDB)
  • KVSTORE: ApsaraDB for Redis (Redis)
  • ACR: Container Registry
  • CSK: Container Service for Kubernetes (ACK)
  • VPC: Virtual Private Cloud (VPC)
  • ACTIONTRAIL: ActionTrail
  • CDN: Alibaba Cloud CDN (CDN)
  • CAS: Certificate Management Service (formerly SSL Certificates Service)
  • RDC: Apsara Devops
  • RAM: Resource Access Management (RAM)
  • DDOS: Anti-DDoS
  • WAF: Web Application Firewall (WAF)
  • OSS: Object Storage Service (OSS)
  • POLARDB: PolarDB
  • POSTGRESQL: ApsaraDB RDS for PostgreSQL
  • MSE: Microservices Engine (MSE)
  • NAS: File Storage NAS (NAS)
  • SDDP: Sensitive Data Discovery and Protection (SDDP)
  • EIP: Elastic IP Address (EIP)
stringNo

The asset type of the cloud service. Valid values:

  • ECS: ECS
  • SLB: SLB
  • RDS: ApsaraDB RDS
  • MONGODB: MongoDB
  • KVSTORE: Redis
  • ACR: Container Registry
  • CSK: ACK
  • VPC: VPC
  • ACTIONTRAIL: ActionTrail
  • CDN: CDN
  • CAS: Certificate Management Service (formerly SSL Certificates Service)
  • RDC: Apsara Devops
  • RAM: RAM
  • DDOS: Anti-DDoS
  • WAF: WAF
  • OSS: OSS
  • POLARDB: PolarDB
  • POSTGRESQL: ApsaraDB RDS for PostgreSQL
  • MSE: MSE
  • NAS: NAS
  • SDDP: SDDP
  • EIP: EIP
ECS
CheckKeystringNo

The key that you want to use to search for check items in fuzzy match mode.

OSS
CurrentPageintegerNo

The page number.

2
PageSizeintegerNo

The number of entries per page. Maximum value: 100.

50
InstanceIdsarrayNo

The instance IDs of the cloud services that you want to query. Separate multiple IDs with commas (,).

stringNo

The instance IDs of the cloud services that you want to query. Separate multiple IDs with commas (,).

i-bp1du66x6w07z4yya****
LangstringNo

The language of the content within the request and response. Default value: zh. Valid values:

  • zh: Chinese
  • en: English
zh
SortTypesarrayNo

The types of the conditions based on which check items are sorted. Valid values:

  • RISK_LEVEL: risk level
  • STATUS: status
stringNo

The type of the condition based on which check items are sorted. Valid values:

  • RISK_LEVEL: risk level
  • STATUS: status
STATUS
TypesarrayNo

The types of check standards.

stringNo

The type of the check standard. Valid values:

  • RISK: Alibaba Cloud best security practices
  • COMPLIANCE: Center for Internet Security (CIS) compliance
  • IDENTITY_PERMISSION: identity and permission management
RISK
RegionIdstringNo

The region ID of the instance. Valid values:

  • cn-hangzhou: International
  • ap-southeast-1: Singapore
cn-hangzhou
CustomParambooleanNo

Specifies whether the check item supports custom parameters. Valid values:

  • true
  • false
true
CheckIdsarrayNo

The IDs of the check items.

longNo

The ID of the check item.

358
OperationTypesarrayNo

Specifies whether fixing is supported. Valid values:

  • SUPPORT_REPAIR
  • NOT_SUPPORT_REPAIR
stringNo

Specifies whether fixing is supported. Valid values:

  • SUPPORT_REPAIR
  • NOT_SUPPORT_REPAIR
SUPPORT_REPAIR

Response parameters

ParameterTypeDescriptionExample
object

ListCheckResultResponse

Checksarray<object>

The check items.

Checksobject

The check result.

CheckPoliciesarray<object>

The check policies.

CheckPolicieobject

The information about the standards, requirement items, and sections that are associated with the check result.

StandardIdlong

The standard ID of the check item.

1
StandardShowNamestring

The standard display name of the check item.

Best security practices
RequirementIdlong

The ID of the requirement item for the check item.

2
RequirementShowNamestring

The display name of the requirement item for the check item.

Alibaba cloud OSS best security practices
SectionIdlong

The ID of the section for the check item.

3
SectionShowNamestring

The display name of the section for the check item.

Log Audit
CheckIdlong

The ID of the check item.

5
CheckShowNamestring

The name of the check item.

OSS-PublicReadOpenManifestFileWithoutEncryption
Vendorstring

The cloud service provider.

ALIYUN
VendorShowNamestring

The name of the cloud service provider.

Aliyun
InstanceTypestring

The asset type of the cloud service. Valid values:

  • ECS: ECS
  • SLB: SLB
  • RDS: ApsaraDB RDS
  • MONGODB: MongoDB
  • KVSTORE: Redis
  • ACR: Container Registry
  • CSK: ACK
  • VPC: VPC
  • ACTIONTRAIL: ActionTrail
  • CDN: CDN
  • CAS: Certificate Management Service (formerly SSL Certificates Service)
  • RDC: Apsara Devops
  • RAM: RAM
  • DDOS: Anti-DDoS
  • WAF: WAF
  • OSS: OSS
  • POLARDB: PolarDB
  • POSTGRESQL: ApsaraDB RDS for PostgreSQL
  • MSE: MSE
  • NAS: NAS
  • SDDP: SDDP
  • EIP: EIP
ECS
InstanceSubTypestring

The asset subtype of the cloud service. Valid values:

  • If the InstanceType parameter is set to ECS, this parameter supports the following valid values:

    • INSTANCE
    • DISK
    • SECURITY_GROUP
  • If the InstanceType parameter is set to ACR, this parameter supports the following valid values:

    • REPOSITORY_ENTERPRISE
    • REPOSITORY_PERSON
  • If the InstanceType parameter is set to RAM, this parameter supports the following valid values:

    • ALIAS
    • USER
    • POLICY
    • GROUP
  • If the InstanceType parameter is set to WAF, this parameter supports the following valid values:

    • DOMAIN
  • If the InstanceType parameter is set to other values, this parameter supports the following valid values:

    • INSTANCE
DISK
RiskLevelstring

The risk level of the check item. Valid values:

  • HIGH
  • MEDIUM
  • LOW
HIGH
Statusstring

The status of the check item. Valid values:

  • PASS: passed
  • NOT_PASS: failed
  • CHECKING: being checked
  • NOT_CHECK: not checked
  • WHITELIST: added to the whitelist
PASS
TaskIdstring

The ID of the check task.

64
LastCheckTimelong

The timestamp when the last check was performed. Unit: milliseconds.

1657793398000
TrialPermissionboolean

Indicates whether the TRIAL permission is required.

true
StatusMessagestring

The message returned if the status of the check item is abnormal.

TIMEOUT
CheckSaleTypeinteger

The type of the check item. Valid values:

  • 0: paid
  • 1: free
1
AssetVendorinteger

The service provider of the asset. Valid values:

  • 0: Alibaba Cloud
  • 3: Huawei Cloud
  • 4: Microsoft Azure
  • 5: AWS
  • 7: Tencent Cloud
3
AssetTypeinteger

The type of the asset. Valid values:

  • 0: an ECS instance
  • 1: a SLB instance
  • 2: a NAT gateway
  • 3: an ApsaraDB RDS instance
  • 4: an ApsaraDB for MongoDB instance
  • 5: an ApsaraDB for Redis instance
  • 6: a container image
  • 7: a container
0
AssetSubTypeinteger

The subtype of the cloud service.

0
OperationTypestring

Indicates whether fixing is supported. Valid values:

  • SUPPORT_REPAIR
  • NOT_SUPPORT_REPAIR
NOT_SUPPORT_REPAIR
PageInfoobject

The pagination information.

CurrentPageinteger

The page number.

1
PageSizeinteger

The number of entries per page.

20
TotalCountinteger

The total number of entries returned.

100
Countinteger

The number of entries returned on the current page.

2
RequestIdstring

The ID of the request.

F9B6DD67-B289-5406-B35C-B0F4A217S23

Examples

Sample success responses

JSONformat

{
  "Checks": [
    {
      "CheckPolicies": [
        {
          "StandardId": 1,
          "StandardShowName": "Best security practices",
          "RequirementId": 2,
          "RequirementShowName": "Alibaba cloud OSS best security practices",
          "SectionId": 3,
          "SectionShowName": "Log Audit"
        }
      ],
      "CheckId": 5,
      "CheckShowName": "OSS-PublicReadOpenManifestFileWithoutEncryption",
      "Vendor": "ALIYUN",
      "VendorShowName": "Aliyun",
      "InstanceType": "ECS",
      "InstanceSubType": "DISK",
      "RiskLevel": "HIGH",
      "Status": "PASS",
      "TaskId": "64",
      "LastCheckTime": 1657793398000,
      "TrialPermission": true,
      "StatusMessage": "TIMEOUT",
      "CheckSaleType": 1,
      "AssetVendor": 3,
      "AssetType": 0,
      "AssetSubType": 0,
      "OperationType": "NOT_SUPPORT_REPAIR"
    }
  ],
  "PageInfo": {
    "CurrentPage": 1,
    "PageSize": 20,
    "TotalCount": 100,
    "Count": 2
  },
  "RequestId": "F9B6DD67-B289-5406-B35C-B0F4A217S23"
}

Error codes

HTTP status codeError codeError messageDescription
400IllegalParamIllegal param-
403NoPermissioncaller has no permissionYou are not authorized to do this operation.
500ServerErrorServerError-

For a list of error codes, visit the Service error codes.

Change history

Change timeSummary of changesOperation
2024-10-10The Error code has changed. The request parameters of the API has changed. The response structure of the API has changedView Change Details
2024-08-06The Error code has changed. The response structure of the API has changedView Change Details
2024-07-22The Error code has changed. The request parameters of the API has changedView Change Details
2024-05-10The Error code has changed. The response structure of the API has changedView Change Details
2024-03-14The Error code has changedView Change Details
2023-07-17The Error code has changed. The request parameters of the API has changed. The response structure of the API has changedView Change Details
2023-01-11The API operation is not deprecated.. The Error code has changedView Change Details
2022-11-21The Error code has changed. The response structure of the API has changedView Change Details
2022-07-18The Error code has changed. The request parameters of the API has changedView Change Details
2022-07-15Add OperationView Change Details