List of operations by function - Security Center

This product(Sas/2018-12-03) OpenAPI adopts RPC Signature style. See signature details in Description of the signature mechanism. We have packaged SDKs for common programming languages for developers. Developers can directly call the OpenAPI of this product by downloading the SDK without paying attention to the technical details. If the existing SDK cannot meet the usage requirements, you can connect through the signature mechanism. It will take about 5 working days. Therefore, it is recommended to join our DingTalk service group (78410016550) and sign under the guidance of experts.

Before using the API, you need to prepare your identity account and access key (AccessKey) to effectively access the API through client tools (SDK, CLI, etc.). For details see getAccessKey.

Security Report

API	Title	Description
DescribeCustomizeReportList	DescribeCustomizeReportList	Queries security reports.
DescribeReportExport	DescribeReportExport	Queries the information about a report export task.
CopyCustomizeReportConfig	CopyCustomizeReportConfig	Clones an existing security report. The new security report has the same configuration as the existing security report.
DescribeChartList	DescribeChartList	Queries the charts that are supported by using the security report feature of Security Center.
DescribeReportRecipientStatus	DescribeReportRecipientStatus	Queries the status of a report recipient by using the security report feature of the System Configuration module in the Security Center console.

Application Whitelist

API	Title	Description
ModifyProcessWhiteList	ModifyProcessWhiteList	Adds a process to or removes a process from the whitelist by using the application whitelist feature.
UpdateWhiteListStrategyStatus	UpdateWhiteListStrategyStatus	Updates the status of an application whitelist policy.
SaveWhiteListStrategy	SaveWhiteListStrategy	Creates an application whitelist policy.
DescribeWhiteListStrategyUuidCount	DescribeWhiteListStrategyUuidCount	Queries the number of the servers on which an application whitelist policy takes effect.
DescribeWhiteListStrategyStatistics	DescribeWhiteListStrategyStatistics	Queries the statistics of application whitelist policies.
DescribeWhiteListStrategyList	DescribeWhiteListStrategyList	Queries a list of application whitelist policies.
DescribeWhiteListProcess	DescribeWhiteListProcess	Queries the information about the processes that are detected in an application whitelist policy.
DescribeWhiteListEffectiveAssets	DescribeWhiteListEffectiveAssets	Queries the servers on which an application whitelist policy takes effect.
DescribeWhiteListAuthorize	DescribeWhiteListAuthorize	Queries the available quota for the application whitelist feature.
DescribeWhiteListAsset	DescribeWhiteListAsset	Queries the information about servers that can be added or are added to application whitelist policies.

Agentless Detection

API	Title	Description
DeleteMaliciousFileWhitelistConfig	DeleteMaliciousFileWhitelistConfig	Deletes a whitelist rule for alerts generated for sensitive files that are detected by using the agentless detection feature.
BatchDeleteMaliciousFileWhitelistConfig	BatchDeleteMaliciousFileWhitelistConfig	Deletes whitelist rules for alerts generated for sensitive files that are detected by using the agentless detection feature in batches.
UpdateMaliciousFileWhitelistConfig	UpdateMaliciousFileWhitelistConfig	Modifies an alert whitelist rule of sensitive files that are detected by using the agentless detection feature.
BatchUpdateMaliciousFileWhitelistConfig	BatchUpdateMaliciousFileWhitelistConfig	Modifies multiple alert whitelist rules of sensitive files that are detected by using the agentless detection feature at a time.
CreateMaliciousFileWhitelistConfig	CreateMaliciousFileWhitelistConfig	Creates an alert whitelist rule of sensitive files that are detected by using the agentless detection feature.
GetMaliciousFileWhitelistConfig	GetMaliciousFileWhitelistConfig	Queries an alert whitelist rule of sensitive files that are detected by using the agentless detection feature.
ListMaliciousFileWhitelistConfigs	ListMaliciousFileWhitelistConfigs	Queries the alert whitelist rules of sensitive files that are detected by using the agentless detection feature.
CreateAgentlessScanTask	CreateAgentlessScanTask	Creates an agentless detection task.
DeleteMaliciousNote	DeleteMaliciousNote	Removes the remarks added to alert events that are generated by the agentless detection feature.
CreateMaliciousNote	CreateMaliciousNote	Adds remarks to alert events for agentless detection.
ListAgentlessMaliciousFiles	ListAgentlessMaliciousFiles	Queries malicious files that are detected by agentless detection tasks.
RetryAgentlessTask	RetryAgentlessTask	Retries agentless detection tasks.
ListAgentlessRelateMalicious	ListAgentlessRelateMalicious	Obtains the risks associated with an agentless detection event.
ListAgentlessRegion	ListAgentlessRegion	Queries the regions that are supported by the agentless detection feature.
ListAgentlessTask	ListAgentlessTask	Queries agentless detection tasks.
GetAgentlessTaskCount	GetAgentlessTaskCount	Queries the number of agentless detection tasks.
ListAgentlessRiskUuid	ListAgentlessRiskUuid	Queries at-risk hosts that are detected by the agentless detection feature.

Core File Monitoring

API	Title	Description
ListFileProtectPluginStatus	ListFileProtectPluginStatus	Queries information about the Security Center agent installed on servers on which core file monitoring rules take effect. The information includes the installation status of the Security Center agent and whether the core file monitoring feature is supported.
UpdateFileProtectEventStatus	UpdateFileProtectEventStatus	Modifies the status of core file monitoring events reported by the Security Center agent.
GetFileProtectDashboard	GetFileProtectDashboard	Queries information about the core file monitoring feature, including the number of effective rules and the installation status of the Security Center agent on servers.
ListFileProtectEvent	ListFileProtectEvent	Queries core file monitoring rules that meet the specified filter condition.
DeleteFileProtectRule	DeleteFileProtectRule	Deletes core file monitoring rules.
GetFileProtectEventCount	GetFileProtectEventCount	Queries the total number of core file monitoring events by filter condition.
UpdateFileProtectRemark	UpdateFileProtectRemark	Adds remarks to core file monitoring events reported by the Security Center agent.
GetFileProtectEvent	GetFileProtectEvent	Queries information about core file monitoring events.
UpdateFileProtectRule	UpdateFileProtectRule	Modifies the content of a core file monitoring rule based on the ID of the rule.
ListFileProtectRule	ListFileProtectRule	Queries core file monitoring rules.
CreateFileProtectRule	CreateFileProtectRule	Creates a core file monitoring rule.
GetFileProtectRule	GetFileProtectRule	Queries the information about a core file monitoring rule based on the ID of the rule.

Alarm Settings

API	Title	Description
ListClientAlertMode	ListClientAlertMode	Queries the alert settings of assets. By default, the balanced mode is enabled. A detected list of assets can be returned only in strict mode.
UpdateClientAlertMode	UpdateClientAlertMode	Modifies alerting settings for servers.

Proactive Defense for Containers

API	Title	Description
Non-Mirror Program Defense	Non-Mirror Program Defense
ListContainerDefenseRuleClusters	ListContainerDefenseRuleClusters	Queries a list of clusters that are included in a rule for non-image program defense.
ListContainerDefenseRule	ListContainerDefenseRule	Queries a list of rules for non-image program defense.
GetContainerDefenseRuleDetail	GetContainerDefenseRuleDetail	Queries the details of a rule for non-image program defense.
ModifyContainerDefenseRule	ModifyContainerDefenseRule	Modifies a rule for non-image program defense.
ModifyContainerDefenseRuleSwitch	ModifyContainerDefenseRuleSwitch	Changes the status of non-image program defense rules.
DeleteContainerDefenseRule	DeleteContainerDefenseRule	Deletes a rule for non-image program defense.
AddContainerDefenseRule	AddContainerDefenseRule	Creates a rule for non-image program defense.
Risk mirror blocking	Risk mirror blocking
ListOpaClusterStrategyNew	ListOpaClusterStrategyNew	Queries at-risk image blocking rules.
CreateOpaStrategyNew	CreateOpaStrategyNew	Creates a rule to block at-risk images.
GetOpaStrategyDetailNew	GetOpaStrategyDetailNew	Queries the details of the rule that is used to block at-risk images.
UpdateOpaStrategyNew	UpdateOpaStrategyNew	Updates the blocking rule for at-risk images.
DeleteOpaStrategyNew	DeleteOpaStrategyNew	Deletes rules of the at-risk image blocking type.
GetOpaStrategyTemplateSummary	GetOpaStrategyTemplateSummary	Queries the usage statistics about the templates provided in the feature of proactive defense for containers for rules of the at-risk image blocking type.
CreateOpaClusterPlugin	CreateOpaClusterPlugin	Installs the components that are required by at-risk image blocking. The components are policy-template-controller, gatekeeper, and logtail-ds.
GetOpaPluginStatus	GetOpaPluginStatus	Queries the installation status of the components that are required for clusters protected by proactive defense for containers.
GetOpaClusterLabelList	GetOpaClusterLabelList	Queries information about the tags that are added to containers based on the feature of proactive defense for containers.
GetStrategyTemplateDetail	GetStrategyTemplateDetail	Queries the usage details of templates provided in the feature of proactive defense for containers for rules.
ListCriteriaStrategy	ListCriteriaStrategy	Queries the IDs and names of rules configured for proactive defense for containers.
GetOpaClusterImageList	GetOpaClusterImageList
GetOpaClusterNamespaceList	GetOpaClusterNamespaceList	Queries information about the namespaces of clusters for which the rules of the at-risk image blocking type are configured in proactive defense for containers.
GetOpaClusterBaseLineList	GetOpaClusterBaseLineList	Queries the baselines that are supported by at-risk image blocking.
ListImageBuildRiskItem	ListImageBuildRiskItem	Queries the types of risky image build commands.
DescribeMatchedMaliciousNames	DescribeMatchedMaliciousNames	Queries a list of malicious image sample types.
未翻译(容器防逃逸)	未翻译(容器防逃逸)
ListAegisContainerPluginRule	ListAegisContainerPluginRule	Queries defense rules against container escapes.

Container File Protection

API	Title	Description
ListSasContainerWebDefenseRule	ListSasContainerWebDefenseRule	Queries rules for container tamper-proofing.
OperateSwitchStatus	OperateSwitchStatus	Changes the status of a rule for container tamper-proofing.
AddSasContainerWebDefenseRule	AddSasContainerWebDefenseRule	Creates a rule for container tamper-proofing.
ModifySasContainerWebDefenseRule	ModifySasContainerWebDefenseRule	Modifies a rule for container tamper-proofing.
GetSasContainerWebDefenseRuleApplication	GetSasContainerWebDefenseRuleApplication	Queries the applications that are specified in a rule for container tamper-proofing.

Container firewall

API	Title	Description
ModifyClusterCnnfStatusUserConfirm	ModifyClusterCnnfStatusUserConfirm	Fixes the blocking status of clusters whose status is Normal to be confirmed.
GetInterceptionSummary	GetInterceptionSummary	Queries the statistics of the container firewall feature.
ListInterceptionTargetPage	ListInterceptionTargetPage	Queries the network objects that are protected by the container firewall feature.
ListRuleTargetAll	ListRuleTargetAll	Queries the network objects based on which a specified cluster is protected.
SetClusterInterceptionConfig	SetClusterInterceptionConfig	Configures the status of the container firewall feature.
ModifyInterceptionTarget	ModifyInterceptionTarget	Modifies the information about a network object of the container firewall feature.
ListClusterInterceptionConfig	ListClusterInterceptionConfig	Queries the defense rules that are created for a cluster.
ListClusterCnnfStatusDetail	ListClusterCnnfStatusDetail	Queries the protection status of the container firewall.
ModifyInterceptionRule	ModifyInterceptionRule	Modifies a proactive defense rule for containers.
ModifyInterceptionRuleSwitch	ModifyInterceptionRuleSwitch	Enables or disables a proactive defense rule for containers.

Agent client

API	Title	Description
GetClientRatioStatistic	GetClientRatioStatistic	Queries the installation rate and online rate of the agent.
ModifyClientConfStrategy	ModifyClientConfStrategy	Modifies an agent configuration policy.
DescribeClientConfStrategy	DescribeClientConfStrategy	Queries the configurations of servers to which different tags are added.
ModifyClientConfSetup	ModifyClientConfSetup	Modifies the resource configurations of the Security Center agent.
DescribeClientConfSetup	DescribeClientConfSetup	Queries the configurations of the Security Center agent.
DescribeInstallCode	DescribeInstallCode	Queries the installation verification code that is used to run the installation command of the Security Center agent.
DeleteInstallCode	DeleteInstallCode	Deletes the command that is used to install the Security Center agent.
ListPluginForUuid	ListPluginForUuid	Queries the information about plug-ins on a server.
AddInstallCode	AddInstallCode	Creates a command that is used to install the Security Center agent.
OperateAgentClientInstall	OperateAgentClientInstall	Installs the Security Center agent on servers.
PauseClient	PauseClient	Enables or disables the Security Center agent.
UnbindAegis	UnbindAegis	Unbinds servers that are not deployed on Alibaba Cloud from Security Center.
DescribeAgentInstallStatus	DescribeAgentInstallStatus	Queries the installation status of the Security Center agent after you run an installation command by using Cloud Assistant. You can call this operation to query the installation status only if the installation request is initiated within 2 minutes.
DescribeVendorList	DescribeVendorList	Queries the service providers whose assets can be added to Security Center.
DescribeInstallCaptcha	DescribeInstallCaptcha	Queries the verification code for you to manually install the Security Center agent.
SasInstallCode	SasInstallCode	Queries the installation verification code that is used to run the installation command of the Security Center agent.
DescribeInstallCodes	DescribeInstallCodes	Queries the commands that are used to manually install the Security Center Agent.
ListUninstallAegisMachines	ListUninstallAegisMachines	Queries the information about the servers whose Security Center agent is not installed.
DescribeClientProblemType	DescribeClientProblemType	Queries a list of agent issue types.

Asset management

API	Title	Description
DeleteSearchCondition	DeleteSearchCondition	Deletes a frequently used search condition by using the asset management feature of the Assets module in the Security Center console.
StartIdcProbeScan	StartIdcProbeScan	Starts an IDC scan task.
ModifySearchCondition	ModifySearchCondition	Modifies common filter conditions to search for assets.
GetAssetDetailByUuid	GetAssetDetailByUuid	Queries the details of a server and the extended information about the server by using the UUID of the server.
DescribeGroupStruct	DescribeGroupStruct	Queries the structure of a group.
ListCloudAssetInstances	ListCloudAssetInstances	Queries cloud service assets.
DescribeImageInfoList	DescribeImageInfoList	Queries images.
DescribeLogShipperStatus	DescribeLogShipperStatus	Queries the status information about the log analysis feature.
AddUninstallClientsByUuids	AddUninstallClientsByUuids	Adds servers from which you want to uninstall the Security Center agent.
AddTagWithUuid	AddTagWithUuid	Adds a tag to assets.
GetCloudAssetSummary	GetCloudAssetSummary	The total number of instances that are at risk.
GetCloudAssetDetail	GetCloudAssetDetail	Obtains the details of cloud assets.
ModifyAssetImportant	ModifyAssetImportant	Modifies the importance of an asset.
ModifyGroupProperty	ModifyGroupProperty	Changes the name of a server group.
DescribeOfflineMachines	DescribeOfflineMachines	Queries the information about the servers whose Security Center agent status is Offline.
CheckUserHasEcs	CheckUserHasEcs	Checks whether Elastic Compute Service (ECS) instances exist.
CreateOrUpdateAssetGroup	CreateOrUpdateAssetGroup	Modifies the mapping between an asset and an asset group. For example, you can call this operation to modify the server group to which the asset belongs or the asset list of the asset group.
RefreshAssets	RefreshAssets	Synchronizes assets.
DeleteGroup	DeleteGroup	Deletes a server group.
DeleteTagWithUuid	DeleteTagWithUuid	Removes custom tags from assets.
DeleteLoginBaseConfig	DeleteLoginBaseConfig	Deletes the basic configuration information from the logon security configurations for a specific asset.
ModifyTagWithUuid	ModifyTagWithUuid	Modifies the names of the tags that are added to assets, or modifies the tags for assets.
ModifyLoginSwitchConfig	ModifyLoginSwitchConfig	Enables or disables the logon security settings for a specific asset.
ModifyLoginBaseConfig	ModifyLoginBaseConfig	Modifies the logon configuration for a specified asset.
ModifyPushAllTask	ModifyPushAllTask	Performs security check tasks on servers with a few clicks.
DescribeAssetDetailByUuid	DescribeAssetDetailByUuid	Queries the details of a server and the extended information about the server by using the UUID of the server.
DescribeGroupedInstances	DescribeGroupedInstances	Queries the statistical information about assets based on a specified filter condition.
QueryGroupIdByGroupName	QueryGroupIdByGroupName	Queries the ID of an asset group by using the name of the asset group.
DescribeAssetSummary	DescribeAssetSummary	The ID of the request, which is used to locate and troubleshoot issues.
DescribeAllEntity	DescribeAllEntity	Queries the information about all assets. The information includes asset group IDs and asset names.
DescribeFieldStatistics	DescribeFieldStatistics	Queries the statistics of servers.
DescribeGroupedTags	DescribeGroupedTags	Queries the statistics of asset tags.
DescribeAllGroups	DescribeAllGroups	Queries the information about server groups.
DescribeInstanceStatistics	DescribeInstanceStatistics	Queries the statistics of assets that are protected by Security Center.
DescribeCloudProductFieldStatistics	DescribeCloudProductFieldStatistics	Queries the statistics of cloud services whose instances are protected by Security Center.
DescribeDomainCount	DescribeDomainCount	Queries the number of domain assets within your Alibaba Cloud account.
DescribeDomainList	DescribeDomainList	Queries the information about the domain assets within your Alibaba Cloud account.
DescribeDomainDetail	DescribeDomainDetail	Queries the details of domain assets within your Alibaba Cloud account.
DescribeCloudCenterInstances	DescribeCloudCenterInstances	Queries the information about assets that meet specific search conditions. For example, you can search for assets by the instance name or region of the asset.
DescribeSummaryInfo	DescribeSummaryInfo	Queries the security information about your assets. The information includes the security score and the numbers of protected and unprotected assets.
DescribeSearchCondition	DescribeSearchCondition	Queries the filter conditions that are used to search for assets.
DescribeCriteria	DescribeCriteria	Queries the filter conditions that are used to search for assets in fuzzy match mode.
DescribeVpcList	DescribeVpcList	Queries the information about virtual private clouds (VPCs).
DescribeAssetDetailByUuids	DescribeAssetDetailByUuids	Queries the details of Elastic Compute Service (ECS) instances.
DescribeImageStatistics	DescribeImageStatistics	Queries the risk statistics of container images.
DescribeContainerStatistics	DescribeContainerStatistics	Queries the alert statistics of container assets.
ModifyAssetGroup	ModifyAssetGroup	Changes the server group to which one or more servers belong.
InstallCloudMonitor	InstallCloudMonitor	Installs the CloudMonitor agent on specified servers.
DescribeSasPmAgentList	DescribeSasPmAgentList	Queries the servers on which you want to install the CloudMonitor agent.
ListAssetCleanConfig	ListAssetCleanConfig	Queries the configurations for cleaning offline hosts whose provider cannot be identified.
ModifyAssetCleanConfig	ModifyAssetCleanConfig	Modifies the configurations for cleaning offline hosts whose provider cannot be identified.
ListAssetRefreshTaskConfig	ListAssetRefreshTaskConfig	Queries the configurations of asset synchronization.
ChangeAssetRefreshTaskConfig	ChangeAssetRefreshTaskConfig	Modifies the interval of asset synchronization configurations.
ListCloudVendorRegions	ListCloudVendorRegions	Queries the synchronization region configurations of other clouds on a site.
AddCloudVendorAccountAK	AddCloudVendorAccountAK	Adds the configuration information of multi-cloud assets.
DeleteCloudVendorAccountAK	DeleteCloudVendorAccountAK
DescribeCloudVendorAccountAKList	DescribeCloudVendorAccountAKList
ModifyCloudVendorAccountAK	ModifyCloudVendorAccountAK
GetLocalDefaultRegion	GetLocalDefaultRegion	Obtains the default region for synchronizing assets outside Alibaba Cloud.
SetSyncRefreshRegion	SetSyncRefreshRegion	Configures the regions from which you want to synchronize assets.
GetSupportedModules	GetSupportedModules

Asset fingerprints

API	Title	Description
DescribeAssetsScaProcessNum	DescribeAssetsScaProcessNum	Queries the number of Java processes in an asset by using the asset fingerprints feature of Security Center.
DescribePropertyUsageTop	DescribePropertyUsageTop	Uses the asset fingerprints feature to obtain the statistics on top five most frequently detected ports, processes, software, accounts, or middleware.
DescribePropertyScaProcessDetail	DescribePropertyScaProcessDetail	Queries the Java processes that are collected by the asset fingerprints feature of Security Center in your assets.
GetPropertyScheduleConfig	GetPropertyScheduleConfig	Queries the configurations for the collection frequency of asset fingerprints.
GetAssetsPropertyItem	GetAssetsPropertyItem	Queries the aggregation information about the asset fingerprints of the startup item, kernel module, or website type.
GetAssetsPropertyDetail	GetAssetsPropertyDetail	Queries the details about the asset fingerprints of the startup item, kernel module, or website type.
DescribePropertyTypeScaItem	DescribePropertyTypeScaItem	Queries middleware types.
DescribePropertyCronItem	DescribePropertyCronItem	Queries the scheduled tasks of your assets.
DescribePropertyScaItem	DescribePropertyScaItem	Queries middleware fingerprints.
DescribePropertyCronDetail	DescribePropertyCronDetail	Queries the details of scheduled tasks on the Host page.
DescribePropertyCount	DescribePropertyCount	Queries the statistics of asset fingerprints. The assets include processes, ports, software, accounts, middleware, websites, web services, scheduled tasks, startup items, and databases.
DescribePropertyPortDetail	DescribePropertyPortDetail	Queries the fingerprints of ports on a specified server.
DescribePropertyProcDetail	DescribePropertyProcDetail	Queries the fingerprints of processes on a specified server.
DescribePropertyPortItem	DescribePropertyPortItem	Queries information about all ports.
DescribePropertyProcItem	DescribePropertyProcItem	Queries information about all processes.
DescribePropertySoftwareDetail	DescribePropertySoftwareDetail	Queries the details of a software asset.
DescribePropertyUsageNewest	DescribePropertyUsageNewest	Queries the information about the most recently created five accounts.
DescribePropertySoftwareItem	DescribePropertySoftwareItem	Queries information about all software assets.
DescribePropertyUserDetail	DescribePropertyUserDetail	Queries the asset fingerprints for an account to which a server belongs.
DescribePropertyUserItem	DescribePropertyUserItem	Queries information about an account.
DescribeModuleConfig	DescribeModuleConfig	Queries the configurations of the asset fingerprint module.
DescribePropertyScaDetail	DescribePropertyScaDetail	Queries middleware fingerprints.
ModifyPropertyScheduleConfig	ModifyPropertyScheduleConfig	Modifies the collection frequency of asset fingerprints for an automatic periodic collection task.
DescribePropertyScheduleConfig	DescribePropertyScheduleConfig	Queries the configurations of scheduled tasks of asset fingerprint collection.

Security score

API	Title	Description
GetSecurityScoreRule	GetSecurityScoreRule	Queries the details of the deduction modules of the security score feature, including custom settings.
ChangeSecurityScoreRule	ChangeSecurityScoreRule	Modifies the details of the deduction modules of the security score feature, including custom settings.
DescribeSecureSuggestion	DescribeSecureSuggestion	Queries suggestions on how to handle the risks that affect the security score.

Asset exposure analysis

API	Title	Description
DescribeExposedInstanceCriteria	DescribeExposedInstanceCriteria	Queries the search conditions that are used to search for exposed assets.
DescribeExposedInstanceDetail	DescribeExposedInstanceDetail	Queries the details of a specified server that is exposed on the Internet.
DescribeExposedInstanceList	DescribeExposedInstanceList	Queries the information about the assets that are exposed on the Internet.
DescribeExposedStatistics	DescribeExposedStatistics	Queries the exposure statistics of the assets on the Internet.
DescribeExposedStatisticsDetail	DescribeExposedStatisticsDetail	Queries the gateway assets, ports, system components, or public IP addresses that are exposed on the Internet.

Container management

API	Title	Description
DescribeContainerTags	DescribeContainerTags	Queries the details of container assets by using an attribute.
DescribeAssetsSecurityEventSummary	DescribeAssetsSecurityEventSummary	Queries the risk information about containers.
DescribeImage	DescribeImage	Queries an image digest.
DescribeClusterInfoList	DescribeClusterInfoList	Queries the information about a cluster.
DescribeContainerCriteria	DescribeContainerCriteria	Obtains the filter conditions that you can use to filter the containers.
DescribeContainerInstances	DescribeContainerInstances	Queries the information about containers.
DescribeImageCriteria	DescribeImageCriteria	Queries the search conditions that are used to query images.
DescribeImageInstances	DescribeImageInstances	Queries information about images.
DescribeImageRepoDetailList	DescribeImageRepoDetailList	Queries the information about image repositories.
DescribeImageRepoCriteria	DescribeImageRepoCriteria	Obtains the filter conditions that are supported by the image repository.
GetClusterSuspEventStatistics	GetClusterSuspEventStatistics	Queries the statistics on alert events that are generated for containers.
GetClusterCheckItemWarningStatistics	GetClusterCheckItemWarningStatistics	Queries the statistics on baseline risk items of container clusters.
DescribeGroupedContainerInstances	DescribeGroupedContainerInstances	Queries containers by group type.
RefreshContainerAssets	RefreshContainerAssets	Refreshes the statistics of container assets in the Assets module.

Container visualization

API	Title	Description
DescribeClusterNetwork	DescribeClusterNetwork	Queries information about the network topology edge by cluster.
FindContainerNetworkConnect	FindContainerNetworkConnect

Image security scans

API	Title	Description
SetBuildRiskDefineRuleConfig	SetBuildRiskDefineRuleConfig	Modifies configurations for scanning image build command risks.
GetBuildRiskDefineRuleConfig	GetBuildRiskDefineRuleConfig	Queries configurations for scanning image build command risks.
ListPrivateRegistryType	ListPrivateRegistryType	Queries the number of image repositories of each type.
ListPrivateRegistryList	ListPrivateRegistryList	Queries image repositories.
DescribeCountNotScannedImage	DescribeCountNotScannedImage	Queries the number of images that are not scanned.
DescribeImageScanAuthorization	DescribeImageScanAuthorization	Queries whether Security Center is authorized to scan images.
GetImageScanNumInPeriod	GetImageScanNumInPeriod	Queries the number of image scans that are performed within the last several days.
SetRegistryScanDayNum	SetRegistryScanDayNum	Specifies a cycle to scan images for image repositories. Unit: days.
SaveImageBaselineStrategy	SaveImageBaselineStrategy	Saves a baseline check policy for images.
OperateImageBaselineWhitelist	OperateImageBaselineWhitelist	Adds a check item of an image baseline to the whitelist, or removes a check item of an image baseline from the whitelist.
DescribeImageBaselineStrategy	DescribeImageBaselineStrategy	Queries the information about a baseline check policy for images.
DescribeImageBaselineItemList	DescribeImageBaselineItemList	Queries baseline check results based on images.
DescribeImageBaselineDetail	DescribeImageBaselineDetail	Queries the details about the baseline check result for an image.
DescribeImageBaselineCheckResult	DescribeImageBaselineCheckResult	Queries the security scan results of images.
DescribeAllImageBaseline	DescribeAllImageBaseline	Queries baselines that are used in image baseline checks.
DescribeImageListBySensitiveFile	DescribeImageListBySensitiveFile	Queries information about images that are affected by sensitive files.
OpenSensitiveFileScan	OpenSensitiveFileScan	Enables or disables sensitive file scan.
DescribeImageSensitiveFileList	DescribeImageSensitiveFileList	Queries information about sensitive files.
DescribeImageSensitiveFileByKey	DescribeImageSensitiveFileByKey	Queries the sensitive files in an image.
DescribeAffectedMaliciousFileImages	DescribeAffectedMaliciousFileImages	Queries the details of malicious image samples.
DescribeGroupedMaliciousFiles	DescribeGroupedMaliciousFiles	Queries a list of malicious image samples.
DescribeImageVulList	DescribeImageVulList	Queries the details of vulnerabilities that are detected by using container image scan and the affected images.
DescribeImageGroupedVulList	DescribeImageGroupedVulList	Queries image vulnerabilities.
DescribeImageListWithBaselineName	DescribeImageListWithBaselineName	Queries the details about images in the results of image baseline checks.
DescribeImageFixTask	DescribeImageFixTask	Queries the tasks that you create to fix image risks.
DescribeImageScanAuthCount	DescribeImageScanAuthCount	Queries the details of the quota for container image scan.
DescribeImageBaselineCheckSummary	DescribeImageBaselineCheckSummary	Queries the check results of image baselines that are included in an image scan task.
PublicPreCheckImageScanTask	PublicPreCheckImageScanTask	Queries the number of images to scan in an image scan task and the quota for container image scan to be consumed by the task.
PublicCreateImageScanTask	PublicCreateImageScanTask	Creates an image scan task.
PublicSyncAndCreateImageScanTask	PublicSyncAndCreateImageScanTask	Adds images to Security Center and creates an image scan task to scan the images.
DescribeCountScannedImage	DescribeCountScannedImage	Queries the number of images that are scanned.

Configuration Assessment

API	Title	Description
VerifyCheckInstanceResult	VerifyCheckInstanceResult	Verifies the instances on which risks are detected based on a check item.
VerifyCheckResult	VerifyCheckResult	Verifies risk items that are detected based on check items.
GetCloudAssetCriteria	GetCloudAssetCriteria	Queries the filter conditions that are used to search for cloud assets.
RemoveCheckResultWhiteList	RemoveCheckResultWhiteList	Removes the check items of the configuration assessment feature from the whitelist.
AddCheckResultWhiteList	AddCheckResultWhiteList	Adds the check items of the configuration assessment feature to the whitelist.
RemoveCheckInstanceResultWhiteList	RemoveCheckInstanceResultWhiteList	Removes an instance from the whitelist.
AddCheckInstanceResultWhiteList	AddCheckInstanceResultWhiteList	Adds instances on which risks are detected based on check items of the configuration assessment feature to a whitelist.
GetCheckSummary	GetCheckSummary	Queries the summary information about the configuration checks on cloud services.
ListInstanceCatalog	ListInstanceCatalog	Queries the asset types and asset subtypes for configuration assessment.
GetCheckProcess	GetCheckProcess	Queries the progress of a configuration check task on cloud services.
SubmitCheck	SubmitCheck	Submits a configuration assessment task.
ChangeCheckConfig	ChangeCheckConfig	Modifies the configuration items of the configuration assessment feature.
GetCheckConfig	GetCheckConfig	Queries the information about an automatic configuration check on cloud services.
GetCheckDetail	GetCheckDetail	Queries the details about a check item that is used for configuration assessment.
ListCheckInstanceResult	ListCheckInstanceResult	Queries the instances that failed a specified check item of configuration assessment.
ListCheckResult	ListCheckResult	Queries the details of the risk items that are detected in the configuration checks on cloud services.
ListCheckStandard	ListCheckStandard	Queries the standards of configuration checks.
ListCheckItem	ListCheckItem	Queries the check items that can be customized.
StartBaselineSecurityCheck	StartBaselineSecurityCheck	Checks cloud service configurations. You can check all items or a specific item and verify whether an item is checked.
ModifySecurityCheckScheduleConfig	ModifySecurityCheckScheduleConfig	Specifies the time when an automatic configuration check on cloud services runs.
DescribeRiskItemType	DescribeRiskItemType	Queries the types of check items in configuration assessment.
DescribeRiskCheckSummary	DescribeRiskCheckSummary	Queries the summary information about the check results of cloud service configurations. The information includes the number of risk items, the risk rate, the number of affected assets, the check time, and the statistics about each type of check items.
DescribeRiskCheckResult	DescribeRiskCheckResult	Queries the check results of cloud service configurations by check item type or name.
DescribeSecurityCheckScheduleConfig	DescribeSecurityCheckScheduleConfig	Queries the day of a week when custom check tasks are performed and the time range during which the custom check tasks are performed.
DescribeRiskCheckItemResult	DescribeRiskCheckItemResult	Queries the assets that are affected by the risk item detected in configuration assessment based on a specified check item.
DescribeRiskListCheckResult	DescribeRiskListCheckResult	Queries the number of risk items detected in the configuration assessment of one or more cloud services by using the instance IDs of the cloud services.
DescribeVersionConfig	DescribeVersionConfig	Queries the details about the edition of purchased Security Center.

Protection against ransomware

API	Title	Description
DeleteBackupSnapshot	DeleteBackupSnapshot	Deletes a backup snapshot that is created for anti-ransomware.
CreateRestoreJob	CreateRestoreJob	Creates a restoration task.
UninstallUniBackupAgent	UninstallUniBackupAgent	Uninstalls the database backup agent.
StartPreCheckDatabase	StartPreCheckDatabase	Starts a database precheck task.
StartDiscoverDatabaseTask	StartDiscoverDatabaseTask	Starts a database scan task.
QueryPreCheckDatabase	QueryPreCheckDatabase	Queries the result of a database precheck task.
QueryDiscoverDatabase	QueryDiscoverDatabase	Queries the progress of a database scan task.
ModifyUniBackupPolicy	ModifyUniBackupPolicy	Modifies an anti-ransomware policy for databases.
InstallUniBackupAgent	InstallUniBackupAgent	Installs the anti-ransomware agent for databases.
DescribeUniSupportRegion	DescribeUniSupportRegion	Queries the region that is supported by anti-ransomware for databases.
DescribeUniRecoverableList	DescribeUniRecoverableList	Queries the backup snapshots from which the data of a database can be restored.
DescribeUniBackupPolicyDetail	DescribeUniBackupPolicyDetail	Queries the details of an anti-ransomware policy for databases.
DescribeUniBackupPolicies	DescribeUniBackupPolicies	Queries the anti-ransomware policies that are created for databases.
DescribeUniBackupDatabase	DescribeUniBackupDatabase	Queries the information about databases for which anti-ransomware policies are created.
DescribeRestorePlans	DescribeRestorePlans	Queries restoration tasks.
DeleteUniBackupPolicy	DeleteUniBackupPolicy	Deletes anti-ransomware policies that are created for databases.
CreateUniRestorePlan	CreateUniRestorePlan	Creates a restoration task for a database.
CreateUniBackupPolicy	CreateUniBackupPolicy	Creates an anti-ransomware policy for a database.
DescribeSnapshots	DescribeSnapshots	Queries the backup snapshots that are created for anti-ransomware.
DescribeBackupMachineStatus	DescribeBackupMachineStatus	Queries the backup status of a sever to which an anti-ransomware policy is applied.
UpgradeBackupPolicyVersion	UpgradeBackupPolicyVersion	Upgrades the version of an anti-ransomware policy.
DescribeExcludeSystemPath	DescribeExcludeSystemPath	Queries the directories that are excluded from anti-ransomware.
DescribeBackupPolicy	DescribeBackupPolicy	Queries the details of an anti-ransomware policy for servers.
CreateBackupPolicy	CreateBackupPolicy	Creates an anti-ransomware policy for servers.
InstallBackupClient	InstallBackupClient	Installs the anti-ransomware agent.
GetBackupStorageCount	GetBackupStorageCount	Queries the anti-ransomware capacity that is used.
DescribeBackupClients	DescribeBackupClients	Queries the servers on which the anti-ransomware agent is installed in a specified region.
DescribeBackupPolicies	DescribeBackupPolicies	Queries anti-ransomware policies.
DescribeBackupFiles	DescribeBackupFiles	Queries backup files.
DescribeSupportRegion	DescribeSupportRegion	Queries the regions in which the anti-ransomware feature is supported.
DescribeUserBackupMachines	DescribeUserBackupMachines	Queries the information about the servers to which an anti-ransomware policy is applied.
DescribeRestoreJobs	DescribeRestoreJobs	Queries the details about restoration tasks.
DescribeBackupRestoreCount	DescribeBackupRestoreCount	Queries the statistics of restoration tasks.
ModifyBackupPolicyStatus	ModifyBackupPolicyStatus	Enables or disables an anti-ransomware policy.
ModifyBackupPolicy	ModifyBackupPolicy	Modifies an anti-ransomware policy.
DeleteBackupPolicyMachine	DeleteBackupPolicyMachine	Deletes a server from a specified anti-ransomware policy.
DeleteBackupPolicy	DeleteBackupPolicy	Deletes an anti-ransomware policy.
UninstallBackupClient	UninstallBackupClient	Uninstalls the anti-ransomware agent.

Tamper protection

API	Title	Description
DescribeWebLockStatus	DescribeWebLockStatus	Queries the status of web tamper proofing.
DescribeWebLockFileEvents	DescribeWebLockFileEvents	Queries events on web tamper proofing.
ModifyWebLockDeleteConfig	ModifyWebLockDeleteConfig	Deletes a directory on a specified server from the protected directories of web tamper proofing.
ModifyWebLockCreateConfig	ModifyWebLockCreateConfig	Adds a directory to protect for a specified server.
ModifyWebLockUpdateConfig	ModifyWebLockUpdateConfig	Modifies protection policy for a specified server.
ModifyWebLockStart	ModifyWebLockStart	Configures and enables web tamper proofing for a specified server.
DescribeWebLockConfigList	DescribeWebLockConfigList	Queries the configurations of web tamper proofing for a specified server.
DescribeWebLockBindList	DescribeWebLockBindList	Queries the information about the servers that have web tamper proofing enabled.
ModifyWebLockStatus	ModifyWebLockStatus	Enables or disables web tamper proofing for a server.
ModifyWebLockUnbind	ModifyWebLockUnbind	Disables web tamper proofing for a specified server.
OperateWebLockFileEvents	OperateWebLockFileEvents	Handles alert events that are generated for web tamper proofing.
ModifyWebLockProcessStatus	ModifyWebLockProcessStatus	Changes the status of processes for web tamper proofing.
JoinWebLockProcessWhiteList	JoinWebLockProcessWhiteList	Adds processes to the process whitelist of web tamper proofing.
DescribeWebLockTotalFileChangeCount	DescribeWebLockTotalFileChangeCount	Queries the number of times that the files protected by web tamper proofing are changed.
DescribeWebLockProcessList	DescribeWebLockProcessList	Queries the processes for web tamper proofing.
DescribeWebLockProcessBlockStatistics	DescribeWebLockProcessBlockStatistics	Queries the statistics on processes for web tamper proofing.
DescribeWebLockInclusiveFileType	DescribeWebLockInclusiveFileType	Queries the types of files that can be protected by web tamper proofing.
DescribeWebLockFileTypeSummary	DescribeWebLockFileTypeSummary	Queries the summary information about the types of files for which web tamper proofing is enabled.
DescribeWebLockFileChangeStatistics	DescribeWebLockFileChangeStatistics	Queries the statistics on changes to the files that are protected by web tamper proofing.
DescribeWebLockExclusiveFileType	DescribeWebLockExclusiveFileType	Queries the types of files that are excluded from web tamper proofing.

Virus detection

API	Title	Description
DescribeSuspiciousUUIDConfig	DescribeSuspiciousUUIDConfig	Queries the UUIDs of servers on which proactive defense of a specified type takes effect.
StartVirusScanTask	StartVirusScanTask	Performs a virus scan task on a server or multiple servers.
DescribeLatestScanTask	DescribeLatestScanTask	Queries the progress of the last virus scan task.
CreateVirusScanOnceTask	CreateVirusScanOnceTask	Creates a one-time virus scan task that is immediately executed.
ListVirusScanMachine	ListVirusScanMachine	Queries servers on which virus detection and removal tasks are performed.
GetVirusScanLatestTaskStatistic	GetVirusScanLatestTaskStatistic	Queries the information about the latest virus scan task.
ListVirusScanMachineEvent	ListVirusScanMachineEvent	Queries the alert events that are generated for viruses detected on a server.
ListVirusScanTask	ListVirusScanTask	Queries virus scan tasks based on conditions such as the task type, task status, and server information.
GetVirusScanConfig	GetVirusScanConfig	Queries the configurations of a periodic virus scan task.
DescribeScanTaskProgress	DescribeScanTaskProgress	Queries the progress of a virus scan task.
CheckQuaraFileId	CheckQuaraFileId	Checks whether the IDs of quarantined files are valid.
OperateSuspiciousTargetConfig	OperateSuspiciousTargetConfig	Configures the scope on which proactive defense takes effect.
OperateVirusEvents	OperateVirusEvents	Handles alert events that are generated by the antivirus feature. You can perform in-depth detection and removal, add alert events to the whitelist, ignore alert events, or manually handle alert events.

Alerts

API	Title	Description
DescribeSecurityEventMarkMissList	DescribeSecurityEventMarkMissList	Queries the list of whitelist rules.
DeleteSecurityEventMarkMissList	DeleteSecurityEventMarkMissList	Deletes multiple custom defense rules at a time. The custom defense rules are used to add false positive alerts to the whitelist.
ExportSuspEvents	ExportSuspEvents	Exports the information about exceptions to a file.
DeleteSuspEventNode	DeleteSuspEventNode	Deletes the description of an alert.
AdvanceSecurityEventOperations	AdvanceSecurityEventOperations	Queries the configurations of an advanced whitelist rule.
DescribeBackUpExportInfo	DescribeBackUpExportInfo	Queries the information about a file to which archived alert events are exported.
DescribeLoginSwitchConfigs	DescribeLoginSwitchConfigs	Queries the alerting status for unapproved logon IP addresses, unapproved logon time ranges, or unapproved logon accounts.
DescribeWebPath	DescribeWebPath	Queries the custom web directories that are scanned based on the alerting feature.
ListUuidsByWebPath	ListUuidsByWebPath	Queries protected assets by using the paths to specific web directories.
ModifyWebPath	ModifyWebPath	Modifies a custom web directory.
GetAlarmMachineCount	GetAlarmMachineCount	Queries the number of servers on which alerts are generated.
DescribeSuspEventExportInfo	DescribeSuspEventExportInfo	Queries the information about an export task of exceptions.
DescribeNsasSuspEventType	DescribeNsasSuspEventType	Queries the information about an alert type.
DescribeAlarmEventStackInfo	DescribeAlarmEventStackInfo	Queries the stack information about an alert event.
CreateSuspEventNote	CreateSuspEventNote	Adds remarks to an alert event.
QueryGroupedSecurityEventMarkMissList	QueryGroupedSecurityEventMarkMissList	Queries whitelist rules.
OperationCancelIgnoreSuspEvent	OperationCancelIgnoreSuspEvent	Cancels ignoring alert events.
CreateSimilarSecurityEventsQueryTask	CreateSimilarSecurityEventsQueryTask	Creates a task to query alert events that are triggered by the same rule or of the same alert type.
DescribeAlarmEventDetail	DescribeAlarmEventDetail	Queries the details about an alert event. An alert event consists of an alert and exceptions. Each alert event is associated with multiple exceptions.
DescribeSuspEvents	DescribeSuspEvents	Queries a list of alert events that are generated without aggregation.
DescribeSuspEventDetail	DescribeSuspEventDetail	Queries the details of an exception. An alert event consists of an alert and exceptions. Each alert event is associated with multiple exceptions.
DescribeSecurityEventOperations	DescribeSecurityEventOperations	Queries the operations that you can perform to handle an alert.
DescribeSimilarSecurityEvents	DescribeSimilarSecurityEvents	Queries alert events that are triggered by the same rule or of the same alert type.
DescribeSuspEventQuaraFiles	DescribeSuspEventQuaraFiles	Queries quarantined files by page.
DescribeSecurityEventOperationStatus	DescribeSecurityEventOperationStatus	Queries the alert events that are triggered by the same IP address rule or of the same alert type as a specific alert event if you want to handle the specific alert event in batch operation mode.
DescribeSimilarEventScenarios	DescribeSimilarEventScenarios	Alibaba Cloud CLI is a tool used to manage and configure Alibaba Cloud resources. After simple installation and configuration, you can use Alibaba Cloud CLI to manage multiple Alibaba Cloud products and services and migrate your data and business to the cloud with ease.
DescribeSecurityStatInfo	DescribeSecurityStatInfo	Queries the statistics of each security check item and the daily statistics in the trend chart based on each security check item.
DescribeLoginBaseConfigs	DescribeLoginBaseConfigs	Queries the information about the configurations that are used to detect unusual logons to your servers.
GetSuspiciousStatistics	GetSuspiciousStatistics	Queries the statistics of alerts in one or more asset groups.
CheckSecurityEventId	CheckSecurityEventId	Checks whether one or more alerts are generated on a specified server based on alert IDs.
DescribeAttackAnalysisData	DescribeAttackAnalysisData	Queries the statistics of attack analysis.
HandleSimilarSecurityEvents	HandleSimilarSecurityEvents	Handles multiple alert events that are triggered by the same IP address rule or IP address rules of the same type at a time.
RollbackSuspEventQuaraFile	RollbackSuspEventQuaraFile	Restores a quarantined file.
HandleSecurityEvents	HandleSecurityEvents	Handles alert events.
OperationSuspEvents	OperationSuspEvents	Handles multiple exceptions at a time.

Brute-force attacks protection

API	Title	Description
ModifyCustomBlockRecord	ModifyCustomBlockRecord	Modifies a custom IP address blocking policy.
EnableCustomBlockRecord	EnableCustomBlockRecord	Enables a custom IP address blocking policy.
EnableBruteForceRecord	EnableBruteForceRecord	Enables an IP address blocking policy for a specified server.
DisableBruteForceRecord	DisableBruteForceRecord	Disables an IP address blocking policy that is in effect.
DisableCustomBlockRecord	DisableCustomBlockRecord	Disables a custom IP address blocking policy for servers.
DescribeBruteForceRecords	DescribeBruteForceRecords	Queries the IP addresses that are blocked by a defense rule against brute-force attacks.
DeleteCustomBlockRecord	DeleteCustomBlockRecord	Deletes a specified IP address blocking policy from one or more servers.
CreateCustomBlockRecord	CreateCustomBlockRecord	Creates an IP address blocking policy for one or more servers.
CreateAntiBruteForceRule	CreateAntiBruteForceRule	Creates a defense rule against brute-force attacks.
ModifyAntiBruteForceRule	ModifyAntiBruteForceRule	Modifies a defense rule against brute-force attacks.
ModifyInstanceAntiBruteForceRule	ModifyInstanceAntiBruteForceRule	Modifies the defense rule against brute-force attacks that is applied to a specified server.
DescribeBruteForceSummary	DescribeBruteForceSummary	Queries the statistics of IP address blocking policies that are used to defend against brute-force attacks and trigger alerts.
DescribeInstanceAntiBruteForceRules	DescribeInstanceAntiBruteForceRules	Queries the information about servers to which a defense rule against brute-force attacks is applied.
DescribeAntiBruteForceRules	DescribeAntiBruteForceRules	Queries created defense rules against brute-force attacks.
DeleteAntiBruteForceRule	DeleteAntiBruteForceRule	Deletes the specified defense rules against brute-force attacks.

Vulnerabilities

API	Title	Description
ListVulGlobalConfig	ListVulGlobalConfig	Queries the global configurations of vulnerability detection.
ModifyRefreshProcessInfo	ModifyRefreshProcessInfo	Refreshes the list of processes that are associated with a Linux software vulnerability.
OperateImageVul	OperateImageVul	Handles an image vulnerability, such as fixing the image vulnerability, verifying the fix of the image vulnerability, ignoring the image vulnerability, or canceling ignoring the image vulnerability.
ModifyVulTarget	ModifyVulTarget	Modifies the configurations of the vulnerability scan feature for a server.
ModifyVulConfig	ModifyVulConfig	Modifies the configurations of the vulnerability scan feature.
ModifyConcernNecessity	ModifyConcernNecessity	Modifies the priority to fix vulnerabilities.
ModifyAutoDelConfig	ModifyAutoDelConfig	Specifies the number of days after which a detected vulnerability is automatically deleted.
ModifyAppVulScanCycle	ModifyAppVulScanCycle	Configures a scan cycle for application vulnerabilities.
DescribeVulTargetStatistics	DescribeVulTargetStatistics	Queries the configurations of the vulnerability scan feature.
DescribeVulTargetConfig	DescribeVulTargetConfig	Queries the configurations of the vulnerability scan feature for a server.
DescribeVulNumStatistics	DescribeVulNumStatistics	Queries the statistics of vulnerabilities.
DescribeVulListPage	DescribeVulListPage	Queries the vulnerabilities that can be detected.
DescribeVulCheckTaskStatusDetail	DescribeVulCheckTaskStatusDetail	Queries the status information about vulnerability scan tasks on a server.
DescribeTaskErrorLog	DescribeTaskErrorLog	Queries the error logs on a task that failed to fix image vulnerabilities.
DescribeTarget	DescribeTarget	Queries the servers on which vulnerability scan is enabled.
DescribeMachineCanReboot	DescribeMachineCanReboot	Queries whether a server can be restarted after the vulnerabilities on the server are fixed. The fixes take effect only after the server is restarted.
DescribeEmgUserAgreement	DescribeEmgUserAgreement	Queries whether Security Center is authorized to scan for urgent vulnerabilities.
DescribeClusterVulStatistics	DescribeClusterVulStatistics	Queries the statistics of vulnerabilities that are detected on a cluster.
DescribeAppVulScanCycle	DescribeAppVulScanCycle	Queries the scan cycle for application vulnerabilities.
DescribeVulConfig	DescribeVulConfig	Queries the configurations of vulnerability management.
DescribeVulFixStatistics	DescribeVulFixStatistics	Queries the statistics of vulnerability fixes.
DescribeUuidsByVulNames	DescribeUuidsByVulNames	Queries a list of assets that support fixing based on vulnerability names.
ListVulAutoRepairConfig	ListVulAutoRepairConfig	Queries the existing configurations of vulnerabilities that can be automatically fixed.
CreateVulAutoRepairConfig	CreateVulAutoRepairConfig	Creates a list of vulnerabilities that can be automatically fixed. After the list is created, you can select the list when you create a vulnerability fixing task on the Playbook page.
DescribeInstanceRebootStatus	DescribeInstanceRebootStatus	Queries the status of the servers that you restart.
RebootMachine	RebootMachine	Restarts a server. Only Windows servers are supported.
ModifyVulTargetConfig	ModifyVulTargetConfig	Configures vulnerability detection for a server.
ModifyStartVulScan	ModifyStartVulScan	Enables the quick scan feature. You can also enable the feature on the Vulnerabilities page of the Security Center console.
ModifyEmgVulSubmit	ModifyEmgVulSubmit	Scans for urgent vulnerabilities.
ModifyCreateVulWhitelist	ModifyCreateVulWhitelist	Adds vulnerabilities to the whitelist. After you add the vulnerabilities to the whitelist, Security Center no longer generates alerts for the vulnerabilities.
GetVulWhitelist	GetVulWhitelist	Queries information about a vulnerability whitelist.
DeleteVulWhitelist	DeleteVulWhitelist	Deletes a specified vulnerability whitelist.
ModifyOperateVul	ModifyOperateVul	Handles detected vulnerabilities. You can fix, check, or ignore the vulnerabilities.
DescribeVulList	DescribeVulList	Queries vulnerabilities by type.
DescribeEmgVulItem	DescribeEmgVulItem	Queries the details of urgent vulnerabilities.
DescribeGroupedVul	DescribeGroupedVul	Queries vulnerabilities by group.
DescribeAutoDelConfig	DescribeAutoDelConfig	Queries the number of days during which a detected vulnerability is retained before the vulnerability is automatically deleted.
DescribeConcernNecessity	DescribeConcernNecessity	Queries the priorities to fix vulnerabilities.
DescribeVulDetails	DescribeVulDetails	Queries the details about a vulnerability.
DescribeVulWhitelist	DescribeVulWhitelist	Queries the whitelist of vulnerabilities by page.
ExportVul	ExportVul	Exports vulnerabilities.
DescribeVulExportInfo	DescribeVulExportInfo	Queries the progress of a task that exports vulnerabilities.
OperateVuls	OperateVuls	Fixes Linux software vulnerabilities.
GetVulStatistics	GetVulStatistics	Queries the statistics on vulnerabilities in asset groups.
ModifyVulWhitelistTarget	ModifyVulWhitelistTarget	Modifies the servers that are added to a vulnerability whitelist.
DescribeFrontVulPatchList	DescribeFrontVulPatchList	Queries the pre-patches that are required to fix a specified Windows system vulnerability.

Baselines

API	Title	Description
ListBaselineCheckWhiteRecord	ListBaselineCheckWhiteRecord	Queries the whitelist rules for a baseline check item.
ListCheckItemWarningSummary	ListCheckItemWarningSummary	Queries the risk statistics of check items by page.
ListCheckItemWarningMachine	ListCheckItemWarningMachine	Queries the servers that are affected by baseline risks.
DescribeWarningExportInfo	DescribeWarningExportInfo	Queries the progress of a export task for a baseline check result.
DescribeHcExportInfo	DescribeHcExportInfo	Queries the information about baseline export, including the name of the file to which baselines are exported and the download URL for the file.
DescribeRisks	DescribeRisks	Queries the information about baselines based on baseline IDs or names.
DescribeCheckWarningMachines	DescribeCheckWarningMachines	Queries the servers on which the same risk item is detected by specifying a baseline and a check item.
DescribeCheckFixDetails	DescribeCheckFixDetails	Queries the parameters that you can configure to fix specified risk items.
IgnoreCheckItems	IgnoreCheckItems	Adds risk items to the whitelist or removes risk items from the whitelist by specifying servers and risk items.
DescribeExposedCheckWarning	DescribeExposedCheckWarning	Queries the weak password-related risks of a specified server that is exposed on the Internet.
GetCheckRiskStatistics	GetCheckRiskStatistics	Queries the statistics on risk scenarios and check items that are used in the risk scenarios, including the statistics on low-risk, medium-risk, and high-risk items by baseline type.
ModifyStrategy	ModifyStrategy	Modifies a baseline check policy.
ModifyStrategyTarget	ModifyStrategyTarget	Modifies the servers to which a baseline check policy is applied.
DescribeCheckWarningSummary	DescribeCheckWarningSummary	Queries the statistical information about baseline check results. The information includes the number of servers on which a baseline check is performed, the number of baseline check items, and the pass rate of check items in the last baseline check.
DescribeRiskType	DescribeRiskType	Queries baseline types.
DescribeCheckWarnings	DescribeCheckWarnings	Queries information about specified risk items and the check items of a specified server.
DescribeCheckWarningDetail	DescribeCheckWarningDetail	Queries the details about a specified check item.
DescribeWarningMachines	DescribeWarningMachines	Queries information about servers on which a baseline check is performed. The information includes the IDs of the servers, the statistics of a risk item, and the status of the risk item.
DescribeStrategyExecDetail	DescribeStrategyExecDetail	Queries the results of the last baseline check by using a specified baseline check policy.
DescribeCheckEcsWarnings	DescribeCheckEcsWarnings	Queries the number of weak passwords that can cause high risks to your assets.
DescribeUserBaselineAuthorization	DescribeUserBaselineAuthorization	Queries whether Security Center is authorized to run configuration checks on cloud services.
DescribeStrategyDetail	DescribeStrategyDetail	Queries the information about a baseline check policy.
ExportWarning	ExportWarning	Exports baseline check results.
DescribeStrategy	DescribeStrategy	Queries the details about baseline check policies.
DescribeStrategyTarget	DescribeStrategyTarget	Queries the information about the assets to which a baseline check policy is applied.
DeleteStrategy	DeleteStrategy	Deletes a baseline check policy.
ValidateHcWarnings	ValidateHcWarnings	Verifies whether risk items are fixed. If a risk item is fixed, the status of the related check item is updated to Passed.
FixCheckWarnings	FixCheckWarnings	Fixes a baseline risk item.
AddBaselineCheckWhiteRecord	AddBaselineCheckWhiteRecord	Creates a whitelist rule for a baseline check item.
IgnoreHcCheckWarnings	IgnoreHcCheckWarnings	Ignores or cancels ignoring multiple baseline risk items at a time.
DescribeCustomizedStrategyTargets	DescribeCustomizedStrategyTargets	Queries the servers to which custom policies are applied.
ListCheckTypes	ListCheckTypes	Queries the types of check items that meet the specified conditions based on the ID of a baseline.
CreateDynamicDict	CreateDynamicDict	Creates a dynamic dictionary of weak passwords.
UpdateBaselineCheckWhiteRecord	UpdateBaselineCheckWhiteRecord	Updates the whitelist rule for a baseline check item.
DeleteCustomizedDict	DeleteCustomizedDict	Deletes the file that is uploaded to create custom weak password rules.
DescribeDefaultKeyInfo	DescribeDefaultKeyInfo	Queries the keywords of a custom dictionary that is generated by using weak passwords.
CreateUserSetting	CreateUserSetting	Creates the risk level settings for baseline check items.
ExecStrategy	ExecStrategy	Performs a baseline check on servers to which a specified baseline check policy is applied.
DeleteBaselineCheckWhiteRecord	DeleteBaselineCheckWhiteRecord	Deletes the whitelist record for a baseline check item.

AccessKey Leak Detection

API	Title	Description
ModifyAccessKeyLeakDeal	ModifyAccessKeyLeakDeal	Handles AccessKey pair leaks.
DescribeAccesskeyLeakList	DescribeAccesskeyLeakList	Queries the AccessKey pair leaks that are detected on your assets.
DescribeAccessKeyLeakDetail	DescribeAccessKeyLeakDetail	Queries the details of AccessKey pair leaks.

Honey

API	Title	Description
DeleteHoneypotProbeBind	DeleteHoneypotProbeBind	Delete the probe service.
GetHoneypotAttackStatistics	GetHoneypotAttackStatistics
GetHoneypotStatistics	GetHoneypotStatistics
ListAvailableHoneypot	ListAvailableHoneypot	Queries the information about available honeypot templates.
CreateHoneypotNode	CreateHoneypotNode	Creates a management node.
UpdateHoneypotNode	UpdateHoneypotNode	Modifies the configuration of a specified management node.
ListHoneypotNode	ListHoneypotNode	Queries the information about management nodes.
DeleteHoneypotNode	DeleteHoneypotNode	Deletes a specified management node.
GetHoneypotNode	GetHoneypotNode	Queries the details of a specified management node.
CreateHoneypot	CreateHoneypot	Creates a honeypot.
UpdateHoneypot	UpdateHoneypot	Modifies the configuration of a specified honeypot.
DeleteHoneypot	DeleteHoneypot	Deletes a specified honeypot.
ListHoneypot	ListHoneypot	Queries the information about honeypots.
CreateHoneypotPreset	CreateHoneypotPreset	Creates a honeypot template.
UpdateHoneypotPreset	UpdateHoneypotPreset	Modifies the configurations of the specified honeypot template.
GetHoneypotPreset	GetHoneypotPreset	Queries the configurations of a specified honeypot template.
ListHoneypotPreset	ListHoneypotPreset	Queries honeypot templates.
CreateHoneypotProbe	CreateHoneypotProbe	Creates a probe.
DeleteHoneypotProbe	DeleteHoneypotProbe	Deletes a specified probe.
UpdateHoneypotProbe	UpdateHoneypotProbe	Modifies the attributes of a specified probe.
ListHoneypotProbe	ListHoneypotProbe	Queries probes.
GetHoneypotProbe	GetHoneypotProbe	Queries the details about a specified probe.
ListHoneypotAlarmEvents	ListHoneypotAlarmEvents	Queries the information about alert events that are generated.
DeleteHoneypotPreset	DeleteHoneypotPreset	Deletes a specified honeypot template.
AddVpcHoneyPot	AddVpcHoneyPot	Creates a honeypot.
DeleteVpcHoneyPot	DeleteVpcHoneyPot	Deletes a honeypot.
ModifyVpcHoneyPot	ModifyVpcHoneyPot	Enables or disables a honeypot.
DescribeHoneyPotAuth	DescribeHoneyPotAuth	Queries the statistics about the quota on honeypots.
DescribeHoneyPotSuspStatistics	DescribeHoneyPotSuspStatistics	Queries the information about top 5 virtual private clouds (VPCs) or assets for which alerts are most frequently generated.
DescribeVpcHoneyPotCriteria	DescribeVpcHoneyPotCriteria	Queries the search conditions that can be used to query honeypots.
DescribeVpcHoneyPotList	DescribeVpcHoneyPotList	Queries honeypots.

Log analysis

API	Title	Description
GetLogMeta	GetLogMeta	Queries the status of a data shipping task of a log.
GetUserLang	GetUserLang	Queries the language settings of log analysis.
ChangeUserLang	ChangeUserLang	Modifies the language settings of log analysis. The modification on the language settings takes effect within 12 hours and affects only the language of the descriptions for security events in security logs.
ModifyLogMetaStatus	ModifyLogMetaStatus	Enables or disables the log analysis feature.
DescribeLogMeta	DescribeLogMeta	Queries the configurations of the log analysis feature provided by Security Center.
ModifyOpenLogShipper	ModifyOpenLogShipper	Activates Simple Log Service.
DescribeLogstoreStorage	DescribeLogstoreStorage	Queries the purchased log storage capacity.
ModifyClearLogstoreStorage	ModifyClearLogstoreStorage	Deletes all logs that occupy your log storage.

Notifications

API	Title	Description
DeleteDingTalk	DeleteDingTalk	Deletes a DingTalk chatbot on the DingTalk Chatbot tab of the Notification Settings page.
ModifyDingTalkStatus	ModifyDingTalkStatus	Changes the notification status of a DingTalk chatbot.
CreateOrUpdateDingTalk	CreateOrUpdateDingTalk	Creates or modifies a DingTalk chatbot that sends notifications.
ModifyNoticeConfig	ModifyNoticeConfig	Modifies notification settings.
DescribeDingTalk	DescribeDingTalk	Obtains DingTalk notifications.
DescribeNoticeConfig	DescribeNoticeConfig	Queries notification settings.

Setting

API	Title	Description
CreateOrUpdateAutoTagRule	CreateOrUpdateAutoTagRule	Creates an asset auto-tagging rule or modifies an asset auto-tagging rule that is created on the Asset Management Rule tab.
ListAutoTagRules	ListAutoTagRules	Queries asset auto-tagging rules that are created by using the feature of asset management rules. You can create rules on the System Configuration > Feature Settings > Multi-cloud Configuration Management > Asset Management Rule page in the Security Center console.
DeleteAutoTagRules	DeleteAutoTagRules	Deletes asset auto-tagging rules that are created by using the feature of asset management rules. You can create rules on the System Configuration > Feature Settings > Multi-cloud Configuration Management > Asset Management Rule page in the Security Center console.
IgnoreIdcProbeScanResult	IgnoreIdcProbeScanResult	Adds the result scanned by an IDC probe to the whitelist or ignores the scan result.
AddIdcProbe	AddIdcProbe	Creates an IDC probe to add assets in a data center to Security Center and manage the assets by using the Security Center console.
DeleteIdcProbe	DeleteIdcProbe	Deletes an IDC probe that is created in Security Center.
ModifyIdcProbe	ModifyIdcProbe	Modifies the configurations of an IDC probe.
DescribeCommonOverallConfigList	DescribeCommonOverallConfigList	Queries the configurations of features in proactive defense.
DescribeCommonTargetConfig	DescribeCommonTargetConfig	Queries the configurations of the proactive defense feature.
BatchOperateCommonOverallConfig	BatchOperateCommonOverallConfig	Enables or disables multiple features in proactive defense at a time.
DescribeCommonTargetResultList	DescribeCommonTargetResultList	Queries the information about the servers based on the specified configuration item.
OperateSuspiciousOverallConfig	OperateSuspiciousOverallConfig	Enables or disables a feature that detects exceptions.
OperateCommonOverallConfig	OperateCommonOverallConfig	Enables or disables a feature by type.
DescribeCommonOverallConfig	DescribeCommonOverallConfig	Queries the information about a specified feature.
OperateCommonTargetConfig	OperateCommonTargetConfig	Configures features by type. The features include container image scan, local file detection, container network visualization, and container escape prevention.
DescribeSuspiciousOverallConfig	DescribeSuspiciousOverallConfig	Queries the configuration of a specified feature.

Export check results

API	Title	Description
DescribeExportInfo	DescribeExportInfo	Queries the progress of a task that exports your assets to an Excel file.
ExportRecord	ExportRecord	Exports the check results on the Host, Cloud Platform Configuration Assessment, Image Security, Attack Awareness, and AK leak detection pages to Excel files.

Service-linked roles

API	Title	Description
CreateServiceLinkedRole	CreateServiceLinkedRole	Creates a service-linked role and authorizes Security Center to access cloud resources.
DescribeServiceLinkedRoleStatus	DescribeServiceLinkedRoleStatus	Checks whether a service-linked role is created for Security Center.

File detect

API	Title	Description
GetFileDetectApiInvokeInfo	GetFileDetectApiInvokeInfo	Obtains the usage information of the malicious file detection SDK.
CreateFileDetectUploadUrl	CreateFileDetectUploadUrl	Queries the parameters that are required to upload a file for detection.
CreateFileDetect	CreateFileDetect	Pushes a file to the cloud for detection.
GetFileDetectResult	GetFileDetectResult	Obtains file detection results.
ListCompressFileDetectResult	ListCompressFileDetectResult	Queries the detection results of the files extracted from a package.

Malicious file detection OSS

API	Title	Description
DeleteOssScanConfig	DeleteOssScanConfig	Deletes the configuration of an Object Storage Service (OSS) file detection policy.
ListOssScanConfig	ListOssScanConfig	Queries the configuration of an Object Storage Service (OSS) file detection policy.
CreateOssBucketScanTask	CreateOssBucketScanTask	Creates a bucket check task.
GetObjectScanEvent	GetObjectScanEvent	Queries the details of an alert event that is generated for a malicious object.
ListObjectScanEvent	ListObjectScanEvent	Queries alerts that are generated for malicious files.
OperateBucketScanTask	OperateBucketScanTask	Manages an Object Storage Service (OSS) bucket check task.
GetOssBucketScanStatistic	GetOssBucketScanStatistic	Queries the statistics about an Object Storage Service (OSS) bucket check.
ListOssBucketScanInfo	ListOssBucketScanInfo	Queries the risk information of an Object Storage Service (OSS) bucket.
UpdateOssScanConfig	UpdateOssScanConfig	Modifies a policy of detecting Object Storage Service (OSS) objects by using the SDK for malicious file detection feature.
ListOssBucket	ListOssBucket	Queries Object Storage Service (OSS) buckets.
CreateOssScanConfig	CreateOssScanConfig	Creates a policy for detecting malicious Object Storage Service (OSS) objects by using the SDK for malicious file detection feature.
ListSupportObjectSuffix	ListSupportObjectSuffix	Queries supported file suffixes.
RefreshOssBucketScanInfo	RefreshOssBucketScanInfo	Refreshes the list of Object Storage Service (OSS) buckets.
GetOssScanConfig	GetOssScanConfig	Queries the configurations of an Object Storage Service (OSS) bucket check policy.

Client Mission Management

API	Title	Description
CreateCycleTask	CreateCycleTask	Creates a periodic scan task. The task can be an image scan task, urgent vulnerability scan task, or virus scan task.
GenerateOnceTask	GenerateOnceTask	Creates a one-time scan task.
DeleteCycleTask	DeleteCycleTask	Deletes a periodic scan task. The task can be an image scan task, urgent vulnerability scan task, or virus scan task.
ModifyCycleTask	ModifyCycleTask	Modifies the execution cycle of periodic tasks, including image scan, urgent vulnerability scan, and virus detection tasks.
CancelOnceTask	CancelOnceTask	Cancels the main task.
DescribeOnceTask	DescribeOnceTask	Queries agent tasks.
DescribeCycleTaskList	DescribeCycleTaskList	Queries periodic scan tasks. The tasks include image scan tasks, urgent vulnerability scan tasks, and virus scan tasks.
GetOnceTaskResultInfo	GetOnceTaskResultInfo	Queries the execution result of a one-time scan task, such as asset fingerprint collection, vulnerability scan, and image security scan.
GetLastOnceTaskInfo	GetLastOnceTaskInfo	Queries information about the latest scan task to determine whether the task is complete.
DescribeOnceTaskLeafRecordPage	DescribeOnceTaskLeafRecordPage	Queries the sub-task information of one-time scan task. A sub-task can be an image scan task or an image asset synchronization task.

Malicious Behavior Defense

API	Title	Description
ListSystemRuleAggregationTypes	ListSystemRuleAggregationTypes	Queries the aggregation types of system defense rules.
ListClientUserDefineRules	ListClientUserDefineRules	Queries custom defense rules.
ListSystemClientRuleTypes	ListSystemClientRuleTypes	Queries the types of system rules.
ListSystemClientRules	ListSystemClientRules	Queries system defense rules.
ListSystemAggregationRules	ListSystemAggregationRules	Queries the details about the aggregation types of system defense rules.
ModifyClientUserDefineRule	ModifyClientUserDefineRule	Modifies a custom defense rule.
ListClientUserDefineRuleTypes	ListClientUserDefineRuleTypes	Queries the supported types of custom defense rules.
GetRulesCount	GetRulesCount	Queries the numbers of system defense rules and custom defense rules.
GetClientUserDefineRule	GetClientUserDefineRule	Queries the information about a custom defense rule.
DeleteClientUserDefineRule	DeleteClientUserDefineRule	Deletes specified custom defense rules.
AddClientUserDefineRule	AddClientUserDefineRule	Creates a custom defense rule.

Asset Selection

API	Title	Description
UpdateSelectionKeyByType	UpdateSelectionKeyByType	Updates the unique identifier of an asset selection.
CreateAssetSelectionConfig	CreateAssetSelectionConfig	Create asset selection configurations.
ListAssetSelectionSelectedTarget	ListAssetSelectionSelectedTarget	Queries the selected assets.
ListAssetSelectionTarget	ListAssetSelectionTarget	Queries the required asset.
GetAssetSelectionConfig	GetAssetSelectionConfig	Queries asset selection configurations.
AddAssetSelectionCriteria	AddAssetSelectionCriteria	Select an operation for assets.

Playbook

API	Title	Description
CreateSoarStrategyTask	CreateSoarStrategyTask	Creates a task on the My Policies tab of the Playbook page.
DeleteSoarStrategyTask	DeleteSoarStrategyTask	Deletes a policy task that is in the waiting state on the Playbook page.
DescribeSoarStrategies	DescribeSoarStrategies	Queries the policy templates on the Playbook page.
DescribeSoarStrategyParam	DescribeSoarStrategyParam	Queries the parameters of a policy on the Playbook page.
DescribeSoarStrategyTaskDetail	DescribeSoarStrategyTaskDetail	Queries the details of a policy task on the Playbook page, including the execution status of the task and the process information of the task.
DescribeSoarStrategyTasks	DescribeSoarStrategyTasks	Queries a list of policy tasks on the Playbook page.
ModifySoarStrategySubscribe	ModifySoarStrategySubscribe	Creates or deletes a policy template on the My Policies tab of the Playbook page.
DescribeSoarSubscribedStrategy	DescribeSoarSubscribedStrategy	Queries a list of policies created on the Playbook page of Security Center.
DescribeSyncAssetTaskList	DescribeSyncAssetTaskList	Queries a list of IDC scan tasks.
DescribeSyncAssetTaskLogDetail	DescribeSyncAssetTaskLogDetail	Queries the details of an IDC scan task.

Website Security

API	Title	Description
DescribeDomainSecureVulList	DescribeDomainSecureVulList	Queries a list of vulnerabilities in your website security report.
DescribeDomainSecureRiskList	DescribeDomainSecureRiskList	Queries a list of risky websites in your website security report and the security information about the websites, including the number of vulnerabilities and the number of alerts.
DescribeDomainSecureAlarmList	DescribeDomainSecureAlarmList	Queries the security alert data of a website security report.
DescribeDomainSecureScore	DescribeDomainSecureScore	Queries the security score in your website security report. The full score is 100.

Other

API	Title	Description
DescribeAllRegionsStatistics	DescribeAllRegionsStatistics	Queries the statistics on global security events, including the numbers of unfixed vulnerabilities, baseline risks, and alerts.
InstallPmAgent	InstallPmAgent	Installs the CloudMonitor agent on a server that is not deployed on Alibaba Cloud.
BindAuthToMachine	BindAuthToMachine	Binds servers to Security Center or unbinds servers from Security Center.
GetModuleConfig	GetModuleConfig	Queries the configurations of a module.
DescribeClusterBasicInfo	DescribeClusterBasicInfo	Queries the information about an cluster based on the cluster ID.
DescribeQuaraFileDownloadInfo	DescribeQuaraFileDownloadInfo	Queries the download information about a quarantined file.
DescribeAffectedAssets	DescribeAffectedAssets	Queries the affected servers in the result of a virus scan task.
DescribeEventOnStage	DescribeEventOnStage	Queries the platforms that are supported by the feature of container threat detection.
DescribeScanTaskStatistics	DescribeScanTaskStatistics	Queries the statistics of virus detection tasks.
DescribeSuspEventUserSetting	DescribeSuspEventUserSetting	Queries the user settings for exceptions.
DescribeTraceInfoNode	DescribeTraceInfoNode	Queries the details about a trace node.
DescribeTraceInfoDetail	DescribeTraceInfoDetail	Queries the trace information about alerts.
DescribeEventLevelCount	DescribeEventLevelCount	Queries the statistics of alert events by risk level.
SaveSuspEventUserSetting	SaveSuspEventUserSetting	Saves alert settings.
ConfirmVirusEvents	ConfirmVirusEvents	Confirms the alert events that you want to handle.
ModifySecurityEventMarkMissIndividually	ModifySecurityEventMarkMissIndividually	Modifies the alert handling rule for alerts that are added to the whitelist by asset.
CreateContainerScanTask	CreateContainerScanTask	Creates a container scan task.
DescribeTotalStatistics	DescribeTotalStatistics	Queries event statistics.
DescribeImageLatestScanTask	DescribeImageLatestScanTask	Queries the most recent scan task that is created for an image.
DescribeImageRepoList	DescribeImageRepoList	Queries the statistics and configurations of the feature that protects images.
CreateJenkinsImageRegistry	CreateJenkinsImageRegistry	Creates a Jenkins image repository.
PageImageRegistry	PageImageRegistry	Queries image repositories by page.
QueryJenkinsImageRegistryPersistenceDay	QueryJenkinsImageRegistryPersistenceDay	Queries the retention period of images that are stored in a Jenkins image repository.
UpdateJenkinsImageRegistryName	UpdateJenkinsImageRegistryName	Modifies the name of a Jenkins image repository.
UpdateJenkinsImageRegistryPersistenceDay	UpdateJenkinsImageRegistryPersistenceDay	Modifies the retention period of images that are stored in a Jenkins image repository.
GetInterceptionTargetDetail	GetInterceptionTargetDetail	Queries the information about a specified network object that is protected by the container firewall feature.
DeleteInterceptionRule	DeleteInterceptionRule	Deletes a defense rule in the container firewall module.
DeleteInterceptionTarget	DeleteInterceptionTarget	Removes the network objects that are in effect in the container firewall.
DescribeCustomBlockRecords	DescribeCustomBlockRecords	Queries the defense rules against brute-force attacks that are applied to one or more servers.
ListInterceptionRulePage	ListInterceptionRulePage	Queries defense rules that are configured for the container firewall feature.
ListInterceptionHistory	ListInterceptionHistory	Queries the alerts generated by defense rules.
CreateInterceptionRule	CreateInterceptionRule	Creates a defense rule in the container firewall module.
CreateInterceptionTarget	CreateInterceptionTarget	Creates a defense object.
GetInterceptionRuleDetail	GetInterceptionRuleDetail	Queries the details of a microsegmentation defense rule.
ListImageRegistryRegion	ListImageRegistryRegion	Queries the regions in which you can add self-managed image repositories to Security Center.
GetAppNetwork	GetAppNetwork	Queries the network topology between containerized applications.
AddPrivateRegistry	AddPrivateRegistry	Adds a self-managed image repository.
DeletePrivateRegistry	DeletePrivateRegistry	Deletes a private image repository by using the ID of the image repository.
GetClusterRuleSummary	GetClusterRuleSummary	Queries the overall information about cluster defense rules that are configured for the container firewall feature.
ListPodRisk	ListPodRisk	Queries the security risks of a pod.
ListImageRisk	ListImageRisk	Queries security information about a container image.
ChangeCheckCustomConfig	ChangeCheckCustomConfig	Modifies the custom configuration items of a check item.
ListQueryRaspAppInfo	ListQueryRaspAppInfo	Queries the installation information of one or more Runtime Application Self-protection-enabled (RASP-enabled) applications.
DeleteServiceTrail	DeleteServiceTrail	Deletes a service trail.
GetServiceTrail	GetServiceTrail	Queries the service trail that was delivered to ActionTrail.
CreateServiceTrail	CreateServiceTrail	Create a service trail.
DeleteBinarySecurityPolicy	DeleteBinarySecurityPolicy	Deletes a binary security policy from the container signature feature.
DescribeMonitorAccounts	DescribeMonitorAccounts	Queries the list of accounts that are added to the multi-account management feature as members.
AddImageVulWhiteList	AddImageVulWhiteList	Adds image vulnerabilities to the whitelist.
DescribeImageVulWhiteList	DescribeImageVulWhiteList	Queries the whitelist of image vulnerabilities.
QueryAttackCount	QueryAttackCount	Queries the number of alert events in each attack phase.
GetSwitchRegionDetail	GetSwitchRegionDetail	Queries the details of a migration operation. For example, you can query the progress and status of a migration operation after you migrate a server from a region in the Chinese mainland to the Singapore region.
GetAuthVersionStatistic	GetAuthVersionStatistic	Queries the statistics about the numbers of assets protected by each edition of Security Center.
UpdateImageVulWhitelistTarget	UpdateImageVulWhitelistTarget	Updates the vulnerability whitelist of an image.
DeleteImageVulWhitelist	DeleteImageVulWhitelist	Deletes an image vulnerability whitelist.
DescribeContainerScanConfig	DescribeContainerScanConfig	Queries the configurations of the vulnerability scan of one or more running container applications.
ModifyContainerScanConfig	ModifyContainerScanConfig	Modifies the configurations of vulnerability scan for a running container.
DescribeCanFixVulList	DescribeCanFixVulList	Queries the list of fixable vulnerabilities.
ModifyImageFixCycleConfig	ModifyImageFixCycleConfig	Modifies the configurations of a scheduled image fix.
DescribeImageFixCycleConfig	DescribeImageFixCycleConfig	Queries the configurations of the scheduled fix of image risks.
CreateContainerScanTaskByAppName	CreateContainerScanTaskByAppName	Creates a scan task for a running container application based on the application name.
GetCommonSwitchConfig	GetCommonSwitchConfig	Queries the configuration of a common switch.
CreateHoneypotProbeBind	CreateHoneypotProbeBind	Creates a monitoring or forwarding service for a probe.
ListHoneypotProbeUuid	ListHoneypotProbeUuid
StopHoneypot	StopHoneypot	Stops a honeypot.
UpdateHoneypotProbeBind	UpdateHoneypotProbeBind	Modifies a probe service.
ListHoneypotEvents	ListHoneypotEvents	Queries the intrusion events detected by honeypots.
UpdateAlarmEvent	UpdateAlarmEvent	Updates the status of the honeypot installation time.
RetryInstallProbe	RetryInstallProbe	Retry installing the honeypot probe.
ListHoneypotAttackerPortrait	ListHoneypotAttackerPortrait	Queries the attacker profile based on the source IP address of the attack.
GetHoneypotEventTrend	Obtain the attack volume trend of honeypot attack sources	Obtain attack trend statistics for a single attack source.
ListHoneypotAttackerSource	ListHoneypotAttackerSource	Queries the attack source IP addresses that are used to attack a honeypot.
UpdateCommonSwitchConfig	UpdateCommonSwitchConfig	Modifies the settings of common switches.
CreateFileUploadLimit	CreateFileUploadLimit	Specifies the queries per second (QPS) limit on the files uploaded from the client.
GetFileUploadLimit	GetFileUploadLimit	Queries the queries per second (QPS) limit on the files uploaded from the client.
UpdateFileUploadLimit	UpdateFileUploadLimit	Modifies the queries per second (QPS) limit on the files uploaded from the client.
GetFileDetectReport	GetFileDetectReport	Queries the cloud sandbox check results of malicious files.
DescribeImageEventOperationPage	DescribeImageEventOperationPage	Queries alert handling rules by page.
GetImageEventOperation	GetImageEventOperation	Queries alert handling rules.
DescribeImageEventOperationCondition	DescribeImageEventOperationCondition	Queries the conditions for handling alert events in an image.
UpdateImageEventOperation	UpdateImageEventOperation	Updates an alert handling rule.
DeleteImageEventOperation	DeleteImageEventOperation	Deletes an alert handling rule.
SetSensitiveDefineRuleConfig	SetSensitiveDefineRuleConfig	Configure the check rules of sensitive files.
SetImageSensitiveFileStatus	SetImageSensitiveFileStatus	Modifies the status of sensitive files in an image.
AddImageEventOperation	AddImageEventOperation	Creates an alert handling rule.
GetSensitiveDefineRuleConfig	GetSensitiveDefineRuleConfig	Queries the check rules of sensitive files.
GetHoneypotNodeMetricList	GetHoneypotNodeMetricList	Queries the monitoring data of management nodes to which the cloud honeypot belongs.
GetAegisContainerPluginRuleCriteria	GetAegisContainerPluginRuleCriteria	Queries search conditions that can be used to search for container file protection rules.
OperateApplication	OperateApplication	Adds or deletes container applications for tamper proofing.
GetSasContainerWebDefenseRuleCriteria	GetSasContainerWebDefenseRuleCriteria	Queries search conditions that can be used to search for container file protection rules.
DescribeContainerApps	DescribeContainerApps	Queries the information about a containerized application.
ListGroups	ListGroups	Queries the server groups.
ListInstanceRiskNum	ListInstanceRiskNum	Queries the statistics about risks in instances.
ListInstanceRiskLevels	ListInstanceRiskLevels	Queries the risk levels of instances.
GetCheckSale	GetCheckSale	Queries the sales information about the configuration assessment feature, including the purchased quota and the consumed quota.
GetModuleTrialAuthInfo	GetModuleTrialAuthInfo	Queries the qualification information about the trial use of Security Center value-added features, including vulnerability fixing and threat analysis and response.
AddSasModuleTrial	AddSasModuleTrial	Enables the trial use of Security Center value-added features, including vulnerability fixing and threat analysis and response.
EnableCustomInstanceBlockRecord	EnableCustomInstanceBlockRecord	Enables a custom rule for an instance.
DescribeCustomBlockInstances	DescribeCustomBlockInstances	Queries the list of servers on which the custom defense rule against brute-force attacks takes effect.
GetHoneyPotUploadPolicyInfo	GetHoneyPotUploadPolicyInfo	Obtains the URL that is used to upload a file to a honeypot.
UploadedHoneyPotFile	UploadedHoneyPotFile	Uploads a honeypot file.
ListHoneypotEventFlows	ListHoneypotEventFlows	Queries the details of an intrusion event in a honeypot.
ModifyImageRegistry	ModifyImageRegistry	Modifies the transfer time of an image repository.
DeleteK8sAccessInfo	DeleteK8sAccessInfo	Deletes the Kubernetes access information.
AddContainerPluginRule	AddContainerPluginRule	Creates a defense rule against container escapes.
DeleteContainerPluginRule	DeleteContainerPluginRule	Deletes a defense rule against container escapes.
ModifyContainerPluginRule	ModifyContainerPluginRule	Modifies the defense rule against container escapes.
DescribeDefaultProxyInstallVersion	DescribeDefaultProxyInstallVersion	Queries the default installation version of the proxy that is used in hybrid-cloud scenarios.
InstallHybridProxy	InstallHybridProxy	Installs the Security Center agent on a proxy server in a hybrid cloud.
DeleteSasContainerWebDefenseRule	DeleteSasContainerWebDefenseRule	Deletes a rule for container tamper-proofing.
ListK8sAccessInfo	ListK8sAccessInfo	Queries the information about Kubernetes clusters that are added to Security Center.
GenerateK8sAccessInfo	GenerateK8sAccessInfo	Generates a command that is used to add a self-managed Kubernetes cluster.
ListClusterPluginInfo	ListClusterPluginInfo	Queries the status of plug-ins on clusters.
MarkMonitorAccounts	MarkMonitorAccounts	Marks members for multi-account management. You can call this operation to mark selected members as followed. In the Security Center console, the drop-down list above the left-side navigation pane displays the followed members.
UnMarkMonitorAccounts	UnMarkMonitorAccounts	Cancel marking for members. You can call this operation to remove followed members from the list. In the Security Center console, the drop-down list above the left-side navigation pane no longer displays the members.
QueryIncidentTracingJudge	QueryIncidentTracingJudge	Queries whether an event has a provenance graph based on the event ID.
QueryIncidentVertexExtendInfo	QueryIncidentVertexExtendInfo	Queries the extended information about an event node.
QueryIncidentVertexNodes	QueryIncidentVertexNodes	Queries the detailed information about an event node.
QueryIncidentSubNodesCount	QueryIncidentSubNodesCount	Queries the numbers of child nodes in the nodes.
QueryIncidentTracingDetail	QueryIncidentTracingDetail	Queries the provenance graph of an event by using the event ID.
BindHybridProxy	BindHybridProxy	Adds servers to Security Center over a proxy server. After you create a proxy cluster and deploy a proxy server, you can connect a server to the proxy cluster as a client. This way, the server is added to Security Center over the proxy server and is protected.
GetClusterStrategyCount	GetClusterStrategyCount	Queries the number of policies in each cluster.
ListUnfinishedOnceTask	ListUnfinishedOnceTask	Queries tasks that are not complete by task type.
QueryIncidentIconList	QueryIncidentIconList	Queries the icons that correspond to nodes and edges.
ListBackupRecord	ListBackupRecord	Queries backup records.
ResetHoneypot	ResetHoneypot	Resets a honeypot.
StartHoneypot	StartHoneypot	Starts a honeypot.
DeleteVulAutoRepairConfig	DeleteVulAutoRepairConfig	Deletes configurations of of an automatic vulnerability fixing task at a time on the Playbook page.
DescribeFixUsedCount	DescribeFixUsedCount	Queries the number of vulnerabilities that are fixed by the pay-as-you-go vulnerability fixing feature.
CreateAttestor	CreateAttestor	Creates a witness.
CreateBinarySecurityPolicy	CreateBinarySecurityPolicy	Creates a binary security policy.
DeleteAttestor	DeleteAttestor	Deletes a witness.
DescribeAttestors	DescribeAttestors	Queries a list of witnesses.
DescribeBinarySecurityPolicies	DescribeBinarySecurityPolicies	Queries binary security policies.
DescribeClusterHostSecuritySummary	DescribeClusterHostSecuritySummary	Queries the statistical information about host security.
DescribeClusterImageSecuritySummary	DescribeClusterImageSecuritySummary	Queries the statistical information about image security.
DescribeContainerServiceK8sClusters	DescribeContainerServiceK8sClusters	Queries a list of Container Service for Kubernetes (ACK) clusters.
DescribeCustomizedDictUploadInfo	DescribeCustomizedDictUploadInfo	Queries the Object Storage Service (OSS) information of the file that is uploaded to create custom weak password rules.
CheckStsTokenAuth	CheckStsTokenAuth	Checks a Security Token Service (STS) token and returns the ID of the Alibaba Cloud account.
CreateHybridProxyCluster	CreateHybridProxyCluster	Creates a hybrid-cloud proxy cluster.
DescribeVulDefendCountStatistics	DescribeVulDefendCountStatistics	Queries the vulnerability defense statistics in Security Center.
DescribeVulMetaCountStatistics	DescribeVulMetaCountStatistics	Queries the statistics of vulnerabilities in Security Center.
CreateCustomizedDict	CreateCustomizedDict	Creates custom weak password rules.
DescribeContainerFieldStatistics	DescribeContainerFieldStatistics	Queries the statistical information about containers.
DescribeContainerGroupedFieldDetail	DescribeContainerGroupedFieldDetail	Queries the attribute details of containers.
DescribeContainerServiceK8sClusterKritisStatus	DescribeContainerServiceK8sClusterKritisStatus	Queries the Kritis status of a Container Service for Kubernetes (ACK) cluster.
DescribeContainerServiceK8sClusterNamespaces	DescribeContainerServiceK8sClusterNamespaces	Queries the namespace of a Container Service for Kubernetes (ACK) cluster.
CreateJenkinsImageScanTask	CreateJenkinsImageScanTask	Creates a Jenkins scan task.
UpgradeHoneypotNode	UpgradeHoneypotNode	Upgrades the version of the management node to which a honeypot belongs.
GetAuthSummary	GetAuthSummary	Queries the statistics of asset protection quota.
QueryGuidTaskList	QueryGuidTaskList	Queries the list of beginner tasks. Security Center provides rewards for users who complete tasks. The rewards include the quota for a value-added feature and log storage capacity.
CreateSasTrial	CreateSasTrial	Applies for a trial of Security Center.
GetCanTrySas	GetCanTrySas	Checks whether the current user is qualified for the trial use of Security Center.
ReceiveFunctionTrialRewardByAliUid	ReceiveFunctionTrialRewardByAliUid	Receives a reward that allows you to enable a free trial of the cloud honeypot feature or the feature of SDK for malicious file detection. You can receive a reward after you complete the required task.
DescribeAgentlessSensitiveFileByKey	DescribeAgentlessSensitiveFileByKey	Queries the list of assets on which a specific type of sensitive files are detected by using the agentless detection feature.
GetCheckStructure	GetCheckStructure	Obtains the structure information about check items provided by the configuration assessment feature.
DescribeDynamicDictUploadInfo	DescribeDynamicDictUploadInfo	Queries the information about an uploaded Object Storage Service (OSS) object that contains custom weak passwords and is used for baseline checks.
DeleteCustomizeReport	DeleteCustomizeReport	Deletes a custom security report.
DescribeCustomizeReportConfigDetail	DescribeCustomizeReportConfigDetail	Obtains the configurations of a security report.
DescribeDynamicDict	DescribeDynamicDict	Queries custom weak password rules for the baseline check feature.
DescribeIdcProbeScanResultList	DescribeIdcProbeScanResultList	Queries assets that are identified by Internet Data Center (IDC) probes.
DescribeSupervisonInfo	DescribeSupervisonInfo	Queries the time when a system vulnerability was last detected.
ExportCustomizeReport	ExportCustomizeReport	Exports a security report.
GenerateDynamicDict	GenerateDynamicDict	Generates a custom dictionary of weak passwords for the baseline check feature.
GetDefenceCount	GetDefenceCount	Queries the numbers of handled alerts of the precision defense type and the web tamper proofing type.
OperationCustomizeReportChart	OperationCustomizeReportChart	Modifies the chart of a security report.
SaveCustomizeReportConfig	SaveCustomizeReportConfig	Saves the configurations of a custom security report.
SendCustomizeReport	SendCustomizeReport	Sends a security report to an email address that you specify. You can send only a security report whose statistics are collected in a custom time range.
UpdateCustomizeReportStatus	UpdateCustomizeReportStatus	Changes the status of a security report.
DescribeUniBackupStatistics	DescribeUniBackupStatistics	Queries the statistics on backups based on anti-ransomware policies.
DescribeUserSetting	DescribeUserSetting	Queries the settings of a custom baseline check policy.
GetDataTrend	GetDataTrend	Queries the security operations trends of the vulnerabilities, alerts, and baseline risks.
ResetLogShipper	ResetLogShipper	Resets and upgrades the log analysis feature. You can call this operation only when the log analysis feature uses the pay-as-you-go billing method.
ListLogShipperRegions	ListLogShipperRegions	Queries the regions supported by the log delivery feature that uses the pay-as-you-go billing method.
DescribeScreenScoreThread	DescribeScreenScoreThread	Queries the trends of the scores on the security dashboard.
DescribeChartData	DescribeChartData	Queries the chart data of a security report.
ModifyPostPayModuleSwitch	ModifyPostPayModuleSwitch	Modifies the switch settings of pay-as-you-go modules.
OpenBackupAutoConfig	OpenBackupAutoConfig	Enables the automatic configuration of anti-ransomware policies for servers in the managed anti-ransomware feature. You can call this operation only after you purchase the managed anti-ransomware feature.
GetBackupAutoConfigStatus	GetBackupAutoConfigStatus	Checks whether the managed anti-ransomware feature can automatically configure an anti-ransomware policy for servers.
GetAegisContainerPluginRule	GetAegisContainerPluginRule	Queries the details of a defense rule against container escapes.
DeleteMonitorAccount	DeleteMonitorAccount	Deletes a member of the account managed by Security Center type of the multi-account management feature.
EnableServiceAccessResourceDirectory	EnableServiceAccessResourceDirectory	Enable the multi-account management feature of Security Center.
ListAccountsInResourceDirectory	ListAccountsInResourceDirectory	Queries members in the resource directory that is involved when the multi-account management feature is enabled.
ModifyWebLockRefresh	ModifyWebLockRefresh	Refreshes the status of the web tamper proofing feature for a server.
DescribeCheckResult	DescribeCheckResult	Queries the result of the ISO 27001 compliance check.
TriggerCheck	TriggerCheck	Triggers ISO 27001 compliance checks of Security Center.
ListRdDefaultSyncList	ListRdDefaultSyncList	Queries the automatic management policies of members that are added to Security Center for multi-account management. The members in the automatic control management directory are automatically added to the member list of Security Center.
DescribeIdcAssetCriteria	DescribeIdcAssetCriteria	Queries the search conditions that can be used to query data center assets found after scanning in fuzzy match mode.
DeleteHybridProxy	DeleteHybridProxy	Removes a proxy node from a specified proxy cluster.
DeleteHybridProxyCluster	DeleteHybridProxyCluster	Deletes a proxy cluster based on the name of the proxy cluster.
DescribeImageListByBuildRisk	DescribeImageListByBuildRisk	Queries a list of images that are affected by image build command risks by page.
DescribeImageBuildRiskList	DescribeImageBuildRiskList	Queries a list of image build command risks by page.
DescribeCheckWarningCount	DescribeCheckWarningCount	Queries the number of alerts that are triggered by a check item.