DescribeCloudCenterInstances - Security Center - Alibaba Cloud Documentation Center

Queries the information about assets that meet specific search conditions. For example, you can search for assets by the instance name or region of the asset.

Operation description

You can search for an asset by using search conditions, such as the instance ID, instance name, virtual private cloud (VPC) ID, region, and public IP address. You can also configure a logical relationship between multiple search conditions to search for the assets that meet the search conditions.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer.

Debug

Authorization information

The following table shows the authorization information corresponding to the API. The authorization information can be used in the Action policy element to grant a RAM user or RAM role the permissions to call this API operation. Description:

Operation: the value that you can use in the Action element to specify the operation on a resource.
Access level: the access level of each operation. The levels are read, write, and list.
Resource type: the type of the resource on which you can authorize the RAM user or the RAM role to perform the operation. Take note of the following items:
- The required resource types are displayed in bold characters.
- If the permissions cannot be granted at the resource level, All Resources is used in the Resource type column of the operation.
Condition Key: the condition key that is defined by the cloud service.
Associated operation: other operations that the RAM user or the RAM role must have permissions to perform to complete the operation. To complete the operation, the RAM user or the RAM role must have the permissions to perform the associated operations.

Operation	Access level	Resource type	Condition key	Associated operation
yundun-sas:DescribeCloudCenterInstances	Read	All Resources *	none	none

Request parameters

Parameter	Type	Required	Description	Example
RegionId	string	No	The ID of the region in which the asset resides.	cn-hangzhou
Criteria	string	No	The search conditions. The value of this parameter is in the JSON format and is case-sensitive. Note You can search for an asset by using the search conditions, such as the instance ID, instance name, VPC ID, region, or public IP address. You can call the DescribeCriteria operation to query the supported search conditions.	[{"name":"riskStatus","value":"YES"},{"name":"internetIp","value":"1.2.XX.XX"}]
MachineTypes	string	No	The type of the assets that you want to query. Valid values: ecs: servers cloud_product: Alibaba Cloud service	ecs
LogicalExp	string	No	The logical relationship among multiple search conditions. Valid values: OR: The logical relationship among search conditions is OR. AND: The logical relationship among search conditions is AND.	OR
PageSize	integer	No	The number of entries to return on each page. Default value: 20.	100
CurrentPage	integer	No	The number of the page to return. Default value: 1.	1
Importance	integer	No	The importance of the asset. Valid values: 2: an important asset 1: a common asset 0: a test asset	2
NoGroupTrace	boolean	No	Specifies whether to internationalize the name of the default group. Valid values: true: The system returns the Chinese name of the default group for the GroupTrace response parameter. false: The system returns default for the GroupTrace response parameter.	false
Lang	string	No	The language of the content within the request and response. Default value: zh. Valid values: zh: Chinese en: English	zh
UseNextToken	boolean	No	Specifies whether to use the NextToken method to retrieve a new page of results. If you set UseNextToken to true, the value of TotalCount is not returned. Valid values: true: The NextToken method is used. false: The NextToken method is not used.	false
NextToken	string	No	The value of NextToken that is returned when the NextToken method is used. You do not need to specify this parameter for the first request.	E17B501887A2D3AA5E8360A6EFA3B***
ResourceDirectoryAccountId	long	No	The Alibaba Cloud account ID of the member in the resource directory. Note You can call the DescribeMonitorAccounts operation to obtain the IDs.	1232428423234****

Response parameters

Parameter	Type	Description	Example
	object
Success	boolean	Indicates whether the call is successful. Valid values: true: The call is successful. false: The call fails.	true
RequestId	string	The ID of the request, which is used to locate and troubleshoot issues.	32A73759-4C0F-4801-BE98-901223ACEE9A
PageInfo	object	The pagination information.
CurrentPage	integer	The page number of the returned page.	1
PageSize	integer	The number of entries returned per page. Default value: 20.	20
TotalCount	integer	The total number of entries returned.	50
Count	integer	The number of entries returned on the current page.	10
NextToken	string	The value of NextToken that is returned when the NextToken method is used.	B604532DEF982B875E8360A6EFA3B***
Instances	object []	An array that consists of the details about the asset.
Status	string	The status of the asset. Valid values: Running: running notRunning: stopped	Running
CpuInfo	string	The CPU information about the asset.	Intel(R) Xeon(R) Platinum 8269CY CPU @ 2.50GHz
InternetIp	string	The public IP address of the asset.	1.2.XX.XX
Kernel	string	The version of the kernel.	3.10.0-1127.19.1.el7.x86_64
Bind	boolean	Indicates whether Security Center is authorized to scan the asset. Valid values: true: Security Center is authorized to scan the asset. false: Security Center is not authorized to scan the asset.	true
OsName	string	The kernel version of the asset.	-
Tag	string	The name of the asset tag.	InternetIp,test
ClientStatus	string	The status of the Security Center agent installed on the asset. Valid values: online: The Security Center agent is enabled. offline: The Security Center agent is disabled. pause: The Security Center agent is suspended.	online
Mem	integer	The size of the memory. Unit: MB.	1024
VpcInstanceId	string	The ID of the VPC to which the asset belongs.	vpc-uf60agqq65bs98zoo****
TagId	string	The ID of the asset tag.	121313,41412
Flag	integer	Indicates whether the asset is an Alibaba Cloud asset. Valid values: 0: The asset is an Alibaba Cloud asset. 1: The asset is not an Alibaba Cloud asset.	0
LastLoginTimestamp	long	The timestamp when the Security Center agent was last online. Unit: milliseconds.	1637592907000
AuthVersion	integer	The edition of Security Center that is authorized to scan the asset. Valid values: 1: Basic edition 6: Anti-virus edition 5: Advanced edition 3: Enterprise edition 7: Ultimate edition 10: Value-added Plan edition	3
Region	string	The region ID of the asset.	cn-hangzhou-cm*-*
InstanceName	string	The name of the asset.	yztest-l***
PodCount	integer	The number of pods.	1
VulCount	integer	The number of vulnerabilities that are detected on the asset.	2
HcStatus	string	Indicates whether baseline risks are detected on the asset. Valid values: YES NO	YES
CreatedTime	long	The timestamp when the cluster was created. Unit: milliseconds.	1607365213000
GroupTrace	string	The name of the group to which the asset belongs.	default
ClusterId	string	The ID of the cluster.	c690a0789419f4284a4e0a29e12fe****
RiskStatus	string	Indicates whether risks are detected on the asset. Valid values: YES NO	NO
Cores	integer	The number of the CPU cores used by the asset.	4
VulStatus	string	Indicates whether vulnerabilities are detected on the asset. Valid values: YES NO	YES
AlarmStatus	string	Indicates whether alerts are generated on the asset. Valid values: YES NO	NO
MacListString	string	The MAC addresses of the system.	00:13:3e:31:13:39,02:12:67:b8::
Importance	integer	The importance of the asset. Valid values: 2: an important asset 1: a common asset 0: a test asset	2
HealthCheckCount	integer	The number of baseline risks that are detected on the asset.	1
Ip	string	The public IP address of the asset.	1.2.XX.XX
Os	string	The operating system of the asset.	Linux
AuthModifyTime	long	The timestamp when Security Center is authorized to scan the asset.	1627974044000
SafeEventCount	integer	The number of alerts that are generated on the asset.	5
InstanceId	string	The ID of the asset.	i-m5***
AssetType	string	The type of the asset. Valid values: 0: an ECS instance 1: a Server Load Balancer (SLB) instance 2: a Network Address Translation (NAT) gateway 3: an ApsaraDB RDS instance 4: an ApsaraDB for MongoDB instance 5: an ApsaraDB for Redis instance 6: a container image 7: a container	ecs
IntranetIp	string	The private IP address of the asset.	1.2.XX.XX
Vendor	integer	The type of the asset by source. Valid values: 0: an ECS instance. 1: a third-party cloud server. 2: a server in a data center. 3: a server deployed on Tencent Cloud. This value is returned only after the asset is protected by Security Center.	0
RegionId	string	The ID of the region in which the asset resides.	cn-hanghzou
Uuid	string	The UUID of the asset.	c9107c04-942f-40c1-981a-f1c1***
GroupId	long	The ID of the asset group to which the asset belongs.	4120080
RegionName	string	The name of the region in which the asset resides.	China (Hangzhou)
VendorName	string	The name of the service provider (SP) for the asset. Valid values: TENCENT: Tencent Cloud ALIYUN: Alibaba Cloud	Tencent
AuthVersionName	string	The name of the Security Center edition that is authorized to scan the asset. Valid values: Basic edition Anti-virus edition Advanced edition Enterprise edition Ultimate edition Value-added Plan edition	Ultimate Edition
ClusterName	string	The name of the cluster.	cluster1
ExposedStatus	integer	Indicates whether the asset is exposed. Valid values: 0: The asset is not exposed. 1: The asset is exposed.	0
RiskCount	string	The total number of baseline risks that are detected on the asset. The value of this parameter is in the JSON format and contains the following fields: account: the number of accounts that are used to log on from unapproved logon locations and whose passwords are cracked appNum: the number of scanners asapVulCount: the total number of high-severity vulnerabilities baselineHigh: the number of high-risk baseline risks baselineLow: the number of low-risk baseline risks baselineMedium: the number of medium-risk baseline risks baselineNum: the total number of baseline risks cmsNum: the number of Web-CMS vulnerabilities containerAsap: the number of high-severity vulnerabilities that are detected on containers containerLater: the number of medium-severity vulnerabilities that are detected on containers containerNntf: the number of low-severity vulnerabilities that are detected on containers containerRemind: the number of alerts whose Emergency level is Reminder on containers containerSerious: the number of alerts Emergency level is Urgent on containers containerSuspicious: the number of alerts whose Emergency level is Suspicious on containers cveNum: the number of Linux software vulnerabilities emgNum: the number of urgent vulnerabilities health: the number of baseline alerts that are unhandled imageBaselineHigh: the number of high-risk baseline risks that are detected on images imageBaselineLow: the number of low-risk baseline risks that are detected on images imageBaselineMedium: the number of medium-risk baseline risks that are detected on images imageBaselineNum: the total number of baseline risks that are detected on images imageMaliciousFileRemind: the number of malicious files that are detected on images and have the Emergency level of Reminder imageMaliciousFileSerious: the number of malicious files that are detected on images and have the Emergency level of Urgent imageMaliciousFileSuspicious: the number of malicious files that are detected on images and have the Emergency level of Suspicious imageVulAsap: the number of high-severity vulnerabilities that are detected on images imageVulLater: the number of medium-severity vulnerabilities that are detected on an image imageVulNntf: the number of low-severity vulnerabilities that are detected on an image laterVulCount: the number of medium-severity vulnerabilities newSuspicious: the number of alerts nntfVulCount: the number of low-severity vulnerabilities. remindNum: the number of alerts whose Emergency level is Reminder scaNum: the number of vulnerabilities that are detected based on software component analysis seriousNum: the number of alerts whose Emergency level is Urgent suspNum: the number of alerts whose Emergency level is Suspicious suspicious: the total number of alerts sysNum: the number of Windows system vulnerabilities trojan: the number of trojans uuid: the UUIDs of assets vul: the number of vulnerabilities weakPWNum: the number of weak passwords	{"account":0,"appNum":0,"asapVulCount":0,"baselineHigh":0,"baselineLow":0,"baselineMedium":0,"baselineNum":0,"cmsNum":0,"containerAsap":0,"containerLater":0,"containerNntf":0,"containerRemind":0,"containerSerious":0,"containerSuspicious":0,"cveNum":0,"emgNum":0,"health":0,"imageBaselineHigh":0,"imageBaselineLow":0,"imageBaselineMedium":0,"imageBaselineNum":0,"imageMaliciousFileRemind":0,"imageMaliciousFileSerious":0,"imageMaliciousFileSuspicious":0,"imageVulAsap":0,"imageVulLater":0,"imageVulNntf":0,"laterVulCount":0,"newSuspicious":0,"nntfVulCount":0,"remindNum":0,"scaNum":0,"seriousNum":0,"suspNum":0,"suspicious":0,"sysNum":0,"trojan":0,"uuid":"inet-37316411-37fe-4b72-b245-346a2721d4b6","vul":0,"weakPWNum":0}
IpListString	string	The IP addresses of the system.	172.31.XX.XX,172.171.XX.XX

Examples

Sample success responses

JSONformat

{
  "Success": true,
  "RequestId": "32A73759-4C0F-4801-BE98-901223ACEE9A",
  "PageInfo": {
    "CurrentPage": 1,
    "PageSize": 20,
    "TotalCount": 50,
    "Count": 10,
    "NextToken": "B604532DEF982B875E8360A6EFA3B***"
  },
  "Instances": [
    {
      "Status": "Running",
      "CpuInfo": "Intel(R) Xeon(R) Platinum 8269CY CPU @ 2.50GHz",
      "InternetIp": "1.2.XX.XX",
      "Kernel": "3.10.0-1127.19.1.el7.x86_64",
      "Bind": true,
      "OsName": "-",
      "Tag": "InternetIp,test",
      "ClientStatus": "online",
      "Mem": 1024,
      "VpcInstanceId": "vpc-uf60agqq65bs98zoo****",
      "TagId": "121313,41412",
      "Flag": 0,
      "LastLoginTimestamp": 1637592907000,
      "AuthVersion": 3,
      "Region": "cn-hangzhou-cm***-***",
      "InstanceName": "yztest-l***",
      "PodCount": 1,
      "VulCount": 2,
      "HcStatus": "YES",
      "CreatedTime": 1607365213000,
      "GroupTrace": "default",
      "ClusterId": "c690a0789419f4284a4e0a29e12fe****",
      "RiskStatus": "NO",
      "Cores": 4,
      "VulStatus": "YES",
      "AlarmStatus": "NO",
      "MacListString": "00:13:3e:31:13:39,02:12:67:b8:**:**",
      "Importance": 2,
      "HealthCheckCount": 1,
      "Ip": "1.2.XX.XX",
      "Os": "Linux",
      "AuthModifyTime": 1627974044000,
      "SafeEventCount": 5,
      "InstanceId": "i-m5***",
      "AssetType": "ecs",
      "IntranetIp": "1.2.XX.XX",
      "Vendor": 0,
      "RegionId": "cn-hanghzou",
      "Uuid": "c9107c04-942f-40c1-981a-f1c1***",
      "GroupId": 4120080,
      "RegionName": "China (Hangzhou)",
      "VendorName": "Tencent",
      "AuthVersionName": "Ultimate Edition",
      "ClusterName": "cluster1",
      "ExposedStatus": 0,
      "RiskCount": "{\"account\":0,\"appNum\":0,\"asapVulCount\":0,\"baselineHigh\":0,\"baselineLow\":0,\"baselineMedium\":0,\"baselineNum\":0,\"cmsNum\":0,\"containerAsap\":0,\"containerLater\":0,\"containerNntf\":0,\"containerRemind\":0,\"containerSerious\":0,\"containerSuspicious\":0,\"cveNum\":0,\"emgNum\":0,\"health\":0,\"imageBaselineHigh\":0,\"imageBaselineLow\":0,\"imageBaselineMedium\":0,\"imageBaselineNum\":0,\"imageMaliciousFileRemind\":0,\"imageMaliciousFileSerious\":0,\"imageMaliciousFileSuspicious\":0,\"imageVulAsap\":0,\"imageVulLater\":0,\"imageVulNntf\":0,\"laterVulCount\":0,\"newSuspicious\":0,\"nntfVulCount\":0,\"remindNum\":0,\"scaNum\":0,\"seriousNum\":0,\"suspNum\":0,\"suspicious\":0,\"sysNum\":0,\"trojan\":0,\"uuid\":\"inet-37316411-37fe-4b72-b245-346a2721d4b6\",\"vul\":0,\"weakPWNum\":0}",
      "IpListString": "172.31.XX.XX,172.171.XX.XX"
    }
  ]
}

Error codes

HTTP status code	Error code	Error message	Description
400	NoPermission	no permission	-
400	RdCheckNoPermission	Resource directory account verification has no permission.	-
403	NoPermission	caller has no permission	You are not authorized to do this operation.
500	ServerError	ServerError	-
500	RdCheckInnerError	Resource directory account service internal error.	-

For a list of error codes, visit the Service error codes.

Change history

Change time

Summary of changes

Operation

2023-07-20

The Error code has changed. The request parameters of the API has changed

see changesets

Change item	Change content
Error Codes	The Error code has changed.
	Error Codes 400 change
	Error Codes 500 change
Input Parameters	The request parameters of the API has changed.
	Added Input Parameters: ResourceDirectoryAccountId

2023-07-04

The Error code has changed. The request parameters of the API has changed. The response structure of the API has changed

see changesets

Change item	Change content
Error Codes	The Error code has changed.
	delete Error Codes: 400
	delete Error Codes: 500
Input Parameters	The request parameters of the API has changed.
	Added Input Parameters: UseNextToken
	Added Input Parameters: NextToken
Output Parameters	The response structure of the API has changed.

2022-12-23

API Description Update. The API operation is not deprecated.. The Error code has changed

see changesets

Change item	Change content
API Description	API Description Update.
API Deprecation Description	The API operation is not deprecated..
Error Codes	The Error code has changed.
	delete Error Codes: 400
	delete Error Codes: 500