You can call this operation to query and filter the configuration baseline check results of check items.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters

Parameter Type Required Example Description
Action String Yes DescribeRiskCheckResult

The operation that you want to perform. Set the value to DescribeRiskCheckResult.

AssetType String No RDS

The type of the cloud service.

CurrentPage Integer No 1

The number of the page to return.

GroupId Long No 21000

The type ID of the check item.

ItemIds.N RepeatList No sde***

The ID of the check item.

Lang String No zh

The language of the request and response. Valid values:

  • en: English
  • zh: Chinese
Name String No Cloud platform - Two-factor authentication configuration of Alibaba Cloud account

The name of the check item.

PageSize Integer No 10

The number of entries to return on each page.

RiskLevel String No high

The risk level of the check item. Valid values:

  • high
  • medium
  • low
SourceIp String No 1.2.3.4

The source IP address of the request.

Status String No pass

The status of check task to return.

  • pass: The check task returns positive results.
  • failed: The check task returns negative results.
  • running: The check task is running.
  • waiting: The check task is pending.
  • ignored: The check result is ignored.
  • falsePositive: The check result is marked false positive.

Response parameters

Parameter Type Example Description
Count Integer 10

The number of entries returned on the current page.

CurrentPage Integer 1

The page number of the current page in the result.

List Array

The information about the check item.

AffectedCount Integer 0

The amount of affected assets.

CheckTime Long 1543991525000

The time when the last check was performed.

ItemId Long 1

The ID of the check item.

RemainingTime Integer 0

The time when the next check will be performed.

RepairStatus String disabled

Indicates whether a solution is provided to fix the threats detected under the specified check item. Valid values:

  • enabled: Yes
  • disabled: No
RiskAssertType String ECS

The type of affected assets.

RiskItemResources Array

The detailed information about the check item.

ContentResource JSON {"type": "link", "value": "Risk: multi-factor authentication is disabled\n", "url": "https://***.aliyun.com/#/secure\n" }

The content of the check item.

ResourceName String bestPractice

The title of the content. Valid values:

  • bestPractice: Description
  • influence: Risks
  • suggestion: Solution
  • helpResource: Reference
RiskLevel String high

The risk level of the check item.

  • high
  • medium
  • low
Sort Integer 1

The sequence number of the configuration baseline check result.

StartStatus String enabled

Indicates whether the check item is supported by the specified cloud service. Valid values:

  • enabled: supported
  • disable: unsupported
Status String pass

The status of check task returned.. Valid values:

  • pass: The check task returned positive results.
  • failed: The check task returned negative results.
  • running: The check task is running.
  • waiting: The check task is pending.
  • ignored: The check result has been ignored.
  • falsePositive: The check result has been marked false positive.
TaskId Long 647189

The ID of the check task.

Title String Cloud platform - Two-factor authentication configuration of Alibaba Cloud account

The title of the check item.

Type String Identity authentication and permissions

The type of the check item.

PageCount Integer 20

The total number of pages returned.

PageSize Integer 10

The number of entries returned per page.

RequestId String AD271C07-4ACE-413D-AA9B-F14FD3B7717F

The ID of the request.

TotalCount Integer 12

The total number of returned entries.

Examples

Sample requests


http(s)://[Endpoint]/? Action=DescribeRiskCheckResult
&CurrentPage=1
&PageSize=20
&<Common request parameters>

Sample success responses

XML format

<DescribeRiskCheckResult>
	  <TotalCount>12</TotalCount>
	  <PageCount>2</PageCount>
	  <PageSize>10</PageSize>
	  <RequestId>AD271C07-4ACE-413D-AA9B-F14FD3B7717F</RequestId>
	  <CurrentPage>1</CurrentPage>
	  <Count>10</Count>
	  <List>
		    <Status>pass</Status>
		    <CheckTime>1543991525000</CheckTime>
		    <Type>zh-Identity authentication and permissions</Type>
		    <TaskId>58</TaskId>
		    <RiskItemResources>
			      <ContentResource>
				        <type>link</type>
				        <value>
					Risk: multi-factor authentication is disabled.
				</value>
				        <url>
					https://***.aliyun.com/#/secure
				</url>
			      </ContentResource>
			      <ResourceName>bestPractice</ResourceName>
		    </RiskItemResources>
		    <RiskItemResources>
			      <ContentResource>
				        <type>text</type>
				        <value>If you use only one password for authentication, hackers may use brute-force cracking or other methods to obtain the password to your cloud platform. We recommend that you enable password authentication and SMS verification for the administrator account of your cloud platform to prevent security risks caused by password leakage. </value>
			      </ContentResource>
			      <ResourceName>influence</ResourceName>
		    </RiskItemResources>
		    <RiskItemResources>
			      <ContentResource>
				        <type>link</type>
				        <value>Log on to the Alibaba Cloud console. On the Security Settings page, click Set corresponding to Virtual MFA.</value>
				        <url>https://***.aliyun.com/#/selectVerificationMethod</url>
			      </ContentResource>
			      <ResourceName>suggestion</ResourceName>
		    </RiskItemResources>
		    <RiskItemResources>
			      <ContentResource>
				        <type>text</type>
				        <value>
					1. Use multiple mechanisms to protect the Alibaba Cloud account:
					https://***/***.html
					2. Procedure of setting MFA:
				https://***/***.html</value>
			      </ContentResource>
			      <ResourceName>helpResource</ResourceName>
		    </RiskItemResources>
		    <AffectedCount>0</AffectedCount>
		    <RemainingTime>0</RemainingTime>
		    <Sort>3</Sort>
		    <Title>Cloud platform - Two-factor authentication configuration of Alibaba Cloud account</Title>
		    <ItemId>5</ItemId>
		    <RiskLevel>high</RiskLevel>
	  </List>
	  <List>
		    <Status>pass</Status>
		    <CheckTime>1543991523000</CheckTime>
		    <Type>zh-Identity authentication and permissions</Type>
		    <TaskId>57</TaskId>
		    <RiskItemResources>
			      <ContentResource>
				        <emptyGridValue>
					          <type>text</type>
					          <value>No impact</value>
				        </emptyGridValue>
				        <type>grid</type>
			      </ContentResource>
			      <ResourceName>bestPractice</ResourceName>
		    </RiskItemResources>
		    <RiskItemResources>
			      <ContentResource>
				        <type>text</type>
				        <value>Data breach may occur if a RAM user has not logged on to the Alibaba Cloud console for a long period of time. Others may log on with your RAM user account to control your cloud products. </value>
			      </ContentResource>
			      <ResourceName>influence</ResourceName>
		    </RiskItemResources>
		    <RiskItemResources>
			      <ContentResource>
				        <type>link</type>
				        <value>Log on to the RAM console and delete RAM user accounts that are not in use. </value>
				        <url>https://***.aliyun.com/?#/user/list</url>
			      </ContentResource>
			      <ResourceName>suggestion</ResourceName>
		    </RiskItemResources>
		    <RiskItemResources>
			      <ContentResource>
				        <columns>
					          <title>Zone</title>
					          <key>RegionId</key>
				        </columns>
				        <columns>
					          <title>Bucket name</title>
					          <key>RiskInstance</key>
				        </columns>
				        <columns>
					          <title>Risk description</title>
					          <key>RiskDescribe</key>
				        </columns>
				        <emptyGridValue>
					          <type>text</type>
					          <value>No risks</value>
				        </emptyGridValue>
				        <resultStatus>
					          <id>1</id>
					          <status>failed</status>
				        </resultStatus>
				        <type>grid</type>
			      </ContentResource>
			      <ResourceName>helpResource</ResourceName>
		    </RiskItemResources>
		    <AffectedCount>0</AffectedCount>
		    <RemainingTime>0</RemainingTime>
		    <Sort>13</Sort>
		    <Title>RAM user account - Unused for a long period of time</Title>
		    <ItemId>25</ItemId>
		    <RiskLevel>medium</RiskLevel>
	  </List>
</DescribeRiskCheckResult>

JSON format

{
	"PageCount":2,
	"Count":10,
	"TotalCount":12,
	"PageSize":10,
	"RequestId":"AD271C07-4ACE-413D-AA9B-F14FD3B7717F",
	"List":[
		{
			"Sort":3,
			"Status":"pass",
			"ItemId":5,
			"RiskItemResources":[
				{
					"ContentResource":{
						"value":"Risk: multi-factor authentication is disabled\n",
						"type":"link",
						"url":"https://***.aliyun.com/#/secure\n"
					},
					"ResourceName":"bestPractice"
				},
				{
					"ContentResource":{
						"value":"If you use only one password for authentication, hackers may use brute-force cracking or other methods to obtain the password to your cloud platform. We recommend that you enable password authentication and SMS verification for the administrator account of your cloud platform to prevent security risks caused by password leakage.",
						"type":"text"
					},
					"ResourceName":"influence"
				},
				{
					"ContentResource":{
						"value":"Log on to the Alibaba Cloud console. On the Security Settings page, click Set corresponding to Virtual MFA.",
						"type":"link",
						"url":"https://***.aliyun.com/#/selectVerificationMethod"
					},
					"ResourceName":"suggestion"
				},
				{
					"ContentResource":{
						"value":"1. Use multiple mechanisms to protect the Alibaba Cloud account: \nhttps://***/***.html\n2. Procedure of setting MFA: \nhttps://***/***.html",
						"type":"text"
					},
					"ResourceName":"helpResource"
				}
			],
			"RiskLevel":"high",
			"Type":"zh-Identity authentication and permissions",
			"CheckTime":1543991525000,
			"AffectedCount":0,
			"TaskId":58,
			"Title":"Cloud platform - Two-factor authentication configuration of Alibaba Cloud account",
			"RemainingTime":0
		},
		{
			"Sort":13,
			"Status":"pass",
			"ItemId":25,
			"RiskItemResources":[
				{
					"ContentResource":{
						"emptyGridValue":{
							"value":"No impact",
							"type":"text"
						},
						"type":"grid"
					},
					"ResourceName":"bestPractice"
				},
				{
					"ContentResource":{
						"value":"Data breach may occur if a RAM user has not logged on to the Alibaba Cloud console for a long period of time. Others may log on with your RAM user account to control your cloud products.",
						"type":"text"
					},
					"ResourceName":"influence"
				},
				{
					"ContentResource":{
						"value":"Log on to the RAM console and delete RAM user accounts that are not in use.",
						"type":"link",
						"url":"https://***.aliyun.com/?#/user/list"
					},
					"ResourceName":"suggestion"
				},
				{
					"ContentResource":{
						"emptyGridValue":{
							"value":"No risks",
							"type":"text"
						},
						"values":[],
						"columns":[
							{
								"title":"Zone",
								"key":"RegionId"
							},
							{
								"title":"Bucket name",
								"key":"RiskInstance"
							},
							{
								"title":"Risk description",
								"key":"RiskDescribe"
							}
						],
						"resultStatus":[
							{
								"id":1,
								"status":"failed"
							}
						],
						"type":"grid"
					},
					"ResourceName":"helpResource"
				}
			],
			"RiskLevel":"medium",
			"Type":"zh-Identity authentication and permissions",
			"CheckTime":1543991523000,
			"AffectedCount":0,
			"TaskId":57,
			"Title":"RAM user account - Unused for a long period of time",
			"RemainingTime":0
		}
	],
	"CurrentPage":1
}

Error codes

For a list of error codes, visit the API Error Center.