You can call this operation to query and filter the configuration baseline check results of check items.
Debugging
Request parameters
| Parameter | Type | Required | Example | Description |
|---|---|---|---|---|
| Action | String | Yes | DescribeRiskCheckResult |
The operation that you want to perform. Set the value to DescribeRiskCheckResult. |
| AssetType | String | No | RDS |
The type of the cloud service. |
| CurrentPage | Integer | No | 1 |
The number of the page to return. |
| GroupId | Long | No | 21000 |
The type ID of the check item. |
| ItemIds.N | RepeatList | No | sde*** |
The ID of the check item. |
| Lang | String | No | zh |
The language of the request and response. Valid values:
|
| Name | String | No | Cloud platform - Two-factor authentication configuration of Alibaba Cloud account |
The name of the check item. |
| PageSize | Integer | No | 10 |
The number of entries to return on each page. |
| RiskLevel | String | No | high |
The risk level of the check item. Valid values:
|
| SourceIp | String | No | 1.2.3.4 |
The source IP address of the request. |
| Status | String | No | pass |
The status of check task to return.
|
Response parameters
| Parameter | Type | Example | Description |
|---|---|---|---|
| Count | Integer | 10 |
The number of entries returned on the current page. |
| CurrentPage | Integer | 1 |
The page number of the current page in the result. |
| List | Array |
The information about the check item. |
|
| AffectedCount | Integer | 0 |
The amount of affected assets. |
| CheckTime | Long | 1543991525000 |
The time when the last check was performed. |
| ItemId | Long | 1 |
The ID of the check item. |
| RemainingTime | Integer | 0 |
The time when the next check will be performed. |
| RepairStatus | String | disabled |
Indicates whether a solution is provided to fix the threats detected under the specified check item. Valid values:
|
| RiskAssertType | String | ECS |
The type of affected assets. |
| RiskItemResources | Array |
The detailed information about the check item. |
|
| ContentResource | JSON | {"type": "link", "value": "Risk: multi-factor authentication is disabled\n", "url": "https://***.aliyun.com/#/secure\n" } |
The content of the check item. |
| ResourceName | String | bestPractice |
The title of the content. Valid values:
|
| RiskLevel | String | high |
The risk level of the check item.
|
| Sort | Integer | 1 |
The sequence number of the configuration baseline check result. |
| StartStatus | String | enabled |
Indicates whether the check item is supported by the specified cloud service. Valid values:
|
| Status | String | pass |
The status of check task returned.. Valid values:
|
| TaskId | Long | 647189 |
The ID of the check task. |
| Title | String | Cloud platform - Two-factor authentication configuration of Alibaba Cloud account |
The title of the check item. |
| Type | String | Identity authentication and permissions |
The type of the check item. |
| PageCount | Integer | 20 |
The total number of pages returned. |
| PageSize | Integer | 10 |
The number of entries returned per page. |
| RequestId | String | AD271C07-4ACE-413D-AA9B-F14FD3B7717F |
The ID of the request. |
| TotalCount | Integer | 12 |
The total number of returned entries. |
Examples
Sample requests
http(s)://[Endpoint]/? Action=DescribeRiskCheckResult
&CurrentPage=1
&PageSize=20
&<Common request parameters>
Sample success responses
XML format
<DescribeRiskCheckResult>
<TotalCount>12</TotalCount>
<PageCount>2</PageCount>
<PageSize>10</PageSize>
<RequestId>AD271C07-4ACE-413D-AA9B-F14FD3B7717F</RequestId>
<CurrentPage>1</CurrentPage>
<Count>10</Count>
<List>
<Status>pass</Status>
<CheckTime>1543991525000</CheckTime>
<Type>zh-Identity authentication and permissions</Type>
<TaskId>58</TaskId>
<RiskItemResources>
<ContentResource>
<type>link</type>
<value>
Risk: multi-factor authentication is disabled.
</value>
<url>
https://***.aliyun.com/#/secure
</url>
</ContentResource>
<ResourceName>bestPractice</ResourceName>
</RiskItemResources>
<RiskItemResources>
<ContentResource>
<type>text</type>
<value>If you use only one password for authentication, hackers may use brute-force cracking or other methods to obtain the password to your cloud platform. We recommend that you enable password authentication and SMS verification for the administrator account of your cloud platform to prevent security risks caused by password leakage. </value>
</ContentResource>
<ResourceName>influence</ResourceName>
</RiskItemResources>
<RiskItemResources>
<ContentResource>
<type>link</type>
<value>Log on to the Alibaba Cloud console. On the Security Settings page, click Set corresponding to Virtual MFA.</value>
<url>https://***.aliyun.com/#/selectVerificationMethod</url>
</ContentResource>
<ResourceName>suggestion</ResourceName>
</RiskItemResources>
<RiskItemResources>
<ContentResource>
<type>text</type>
<value>
1. Use multiple mechanisms to protect the Alibaba Cloud account:
https://***/***.html
2. Procedure of setting MFA:
https://***/***.html</value>
</ContentResource>
<ResourceName>helpResource</ResourceName>
</RiskItemResources>
<AffectedCount>0</AffectedCount>
<RemainingTime>0</RemainingTime>
<Sort>3</Sort>
<Title>Cloud platform - Two-factor authentication configuration of Alibaba Cloud account</Title>
<ItemId>5</ItemId>
<RiskLevel>high</RiskLevel>
</List>
<List>
<Status>pass</Status>
<CheckTime>1543991523000</CheckTime>
<Type>zh-Identity authentication and permissions</Type>
<TaskId>57</TaskId>
<RiskItemResources>
<ContentResource>
<emptyGridValue>
<type>text</type>
<value>No impact</value>
</emptyGridValue>
<type>grid</type>
</ContentResource>
<ResourceName>bestPractice</ResourceName>
</RiskItemResources>
<RiskItemResources>
<ContentResource>
<type>text</type>
<value>Data breach may occur if a RAM user has not logged on to the Alibaba Cloud console for a long period of time. Others may log on with your RAM user account to control your cloud products. </value>
</ContentResource>
<ResourceName>influence</ResourceName>
</RiskItemResources>
<RiskItemResources>
<ContentResource>
<type>link</type>
<value>Log on to the RAM console and delete RAM user accounts that are not in use. </value>
<url>https://***.aliyun.com/?#/user/list</url>
</ContentResource>
<ResourceName>suggestion</ResourceName>
</RiskItemResources>
<RiskItemResources>
<ContentResource>
<columns>
<title>Zone</title>
<key>RegionId</key>
</columns>
<columns>
<title>Bucket name</title>
<key>RiskInstance</key>
</columns>
<columns>
<title>Risk description</title>
<key>RiskDescribe</key>
</columns>
<emptyGridValue>
<type>text</type>
<value>No risks</value>
</emptyGridValue>
<resultStatus>
<id>1</id>
<status>failed</status>
</resultStatus>
<type>grid</type>
</ContentResource>
<ResourceName>helpResource</ResourceName>
</RiskItemResources>
<AffectedCount>0</AffectedCount>
<RemainingTime>0</RemainingTime>
<Sort>13</Sort>
<Title>RAM user account - Unused for a long period of time</Title>
<ItemId>25</ItemId>
<RiskLevel>medium</RiskLevel>
</List>
</DescribeRiskCheckResult>JSON format
{
"PageCount":2,
"Count":10,
"TotalCount":12,
"PageSize":10,
"RequestId":"AD271C07-4ACE-413D-AA9B-F14FD3B7717F",
"List":[
{
"Sort":3,
"Status":"pass",
"ItemId":5,
"RiskItemResources":[
{
"ContentResource":{
"value":"Risk: multi-factor authentication is disabled\n",
"type":"link",
"url":"https://***.aliyun.com/#/secure\n"
},
"ResourceName":"bestPractice"
},
{
"ContentResource":{
"value":"If you use only one password for authentication, hackers may use brute-force cracking or other methods to obtain the password to your cloud platform. We recommend that you enable password authentication and SMS verification for the administrator account of your cloud platform to prevent security risks caused by password leakage.",
"type":"text"
},
"ResourceName":"influence"
},
{
"ContentResource":{
"value":"Log on to the Alibaba Cloud console. On the Security Settings page, click Set corresponding to Virtual MFA.",
"type":"link",
"url":"https://***.aliyun.com/#/selectVerificationMethod"
},
"ResourceName":"suggestion"
},
{
"ContentResource":{
"value":"1. Use multiple mechanisms to protect the Alibaba Cloud account: \nhttps://***/***.html\n2. Procedure of setting MFA: \nhttps://***/***.html",
"type":"text"
},
"ResourceName":"helpResource"
}
],
"RiskLevel":"high",
"Type":"zh-Identity authentication and permissions",
"CheckTime":1543991525000,
"AffectedCount":0,
"TaskId":58,
"Title":"Cloud platform - Two-factor authentication configuration of Alibaba Cloud account",
"RemainingTime":0
},
{
"Sort":13,
"Status":"pass",
"ItemId":25,
"RiskItemResources":[
{
"ContentResource":{
"emptyGridValue":{
"value":"No impact",
"type":"text"
},
"type":"grid"
},
"ResourceName":"bestPractice"
},
{
"ContentResource":{
"value":"Data breach may occur if a RAM user has not logged on to the Alibaba Cloud console for a long period of time. Others may log on with your RAM user account to control your cloud products.",
"type":"text"
},
"ResourceName":"influence"
},
{
"ContentResource":{
"value":"Log on to the RAM console and delete RAM user accounts that are not in use.",
"type":"link",
"url":"https://***.aliyun.com/?#/user/list"
},
"ResourceName":"suggestion"
},
{
"ContentResource":{
"emptyGridValue":{
"value":"No risks",
"type":"text"
},
"values":[],
"columns":[
{
"title":"Zone",
"key":"RegionId"
},
{
"title":"Bucket name",
"key":"RiskInstance"
},
{
"title":"Risk description",
"key":"RiskDescribe"
}
],
"resultStatus":[
{
"id":1,
"status":"failed"
}
],
"type":"grid"
},
"ResourceName":"helpResource"
}
],
"RiskLevel":"medium",
"Type":"zh-Identity authentication and permissions",
"CheckTime":1543991523000,
"AffectedCount":0,
"TaskId":57,
"Title":"RAM user account - Unused for a long period of time",
"RemainingTime":0
}
],
"CurrentPage":1
}Error codes
For a list of error codes, visit the API Error Center.