Queries suggestions on how to manage the security risks that affect the security score.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters

Parameter Type Required Example Description
Action String Yes DescribeSecureSuggestion

The operation that you want to perform.

Set the value to DescribeSecureSuggestion.

SourceIp String No 1.2.3.4

The source IP address of the request.

Lang String No zh

The natural language of the request and response. Default value: zh. Valid values:

  • zh: Chinese
  • en: English

All Alibaba Cloud API operations must include common request parameters. For more information about common request parameters, see Common parameters.

For more information about sample requests, see the "Examples" section of this topic.

Response parameters

Parameter Type Example Description
RequestId String 676F80E3-4B3F-43DA-9CBB-5FF79F202AA2

The ID of the request.

Suggestions Array of Suggestion

The suggestions on risk management.

Detail Array of Detail

The details of risk management suggestions.

Description String You have four ApsaraDB RDS instances at risk.

The description of the suggestion for risk management.

SubType String CLOUD_HC_RDS

The type of the unhandled risk.

Title String The check on security policies of ApsaraDB RDS instances has failed. The instances are at risk.

The name of the unhandled risk.

Points Integer 40

The penalty points of each item.

SuggestType String SS_ALARM

The type of the unhandled risk. Valid values:

  • SS_REINFORCE: Key features, such as the antivirus feature, are not configured.
  • SS_ALARM: unhandled risks.
  • SS_VUL: unhandled vulnerabilities.
  • SS_HC: baseline check risks.
  • SS_AK: AccessKey pair leaks.
  • SS_CLOUD_HC: configuration risks in Alibaba Cloud services.
  • OTHER: other risks.
TotalCount Integer 15

The total number of unhandled risks.

Examples

Sample requests

http(s)://[Endpoint]/? Action=DescribeSecureSuggestion
&<Common request parameters>

Sample success responses

XML format

<DescribeSecureSuggestionResponse>
      <Suggestions>
            <Points>40</Points>
            <SuggestType>SS_ALARM</SuggestType>
            <Detail>
                  <Description>You have 6,160 security alerts, which affects 39 assets.</Description>
                  <SubType>ALARM_HIGH</SubType>
                  <Title>You have unhandled high-risk alerts</Title>
            </Detail>
            <Detail>
                  <Description>You have 88 security alerts, which affects 25 assets.</Description>
                  <SubType>ALARM_MEDIUM</SubType>
                  <Title>You have unhandled medium-risk alerts</Title>
            </Detail>
            <Detail>
                  <Description>You have one security alert, which affects one asset.</Description>
                  <SubType>ALARM_LOW</SubType>
                  <Title>You have unhandled low-risk alerts</Title>
            </Detail>
      </Suggestions>
      <Suggestions>
            <Points>12</Points>
            <SuggestType>SS_VUL</SuggestType>
            <Detail>
                  <Description>You have 34 vulnerabilities, which affects 19 servers.</Description>
                  <SubType>VUL_WIN</SubType>
                  <Title>You have unhandled Windows host vulnerabilities</Title>
            </Detail>
            <Detail>
                  <Description>You have 448 vulnerabilities, which affects 68 servers.</Description>
                  <SubType>VUL_LINUX</SubType>
                  <Title>You have unhandled Linux host vulnerabilities</Title>
            </Detail>
            <Detail>
                  <Description>You have 11 undetected emergency vulnerabilities.</Description>
                  <SubType>VUL_EMR_UNCHECK</SubType>
                  <Title>You have undetected emergency vulnerabilities</Title>
            </Detail>
            <Detail>
                  <Description>You have one unhandled emergency vulnerability.</Description>
                  <SubType>VUL_EMR_UNFIX</SubType>
                  <Title>You have unhandled emergency vulnerabilities</Title>
            </Detail>
      </Suggestions>
      <Suggestions>
            <Points>20</Points>
            <SuggestType>SS_HC</SuggestType>
            <Detail>
                  <Description>You have 17 servers that can be accessed from the Internet but use weak passwords. The servers may be attacked. We recommend that you increase password complexity in a timely manner.</Description>
                  <SubType>HC_WEAK_EXPLOIT_WARN</SubType>
                  <Title>You have potential password exposure</Title>
            </Detail>
            <Detail>
                  <Description>You have 18 servers that use weak passwords. We recommend that you change the password and increase password complexity in a timely manner.</Description>
                  <SubType>HC_WEAK_PASSWORD_WARN</SubType>
                  <Title>You have weak passwords</Title>
            </Detail>
            <Detail>
                  <Description>You have 105 servers do not meet the requirements of security compliance. We recommend that you handle the risks based on the enhancement suggestions and service requirements.</Description>
                  <SubType>HC_OTHER_WARN</SubType>
                  <Title>You have at-risk security configurations</Title>
            </Detail>
      </Suggestions>
      <Suggestions>
            <Points>30</Points>
            <SuggestType>SS_AK</SuggestType>
            <Detail>
                  <Description>You have one AccessKey pair leaks.</Description>
                  <SubType>ACCESSKEY_LEAK</SubType>
                  <Title>You have potential AccessKey pair leaks</Title>
            </Detail>
      </Suggestions>
      <Suggestions>
            <Points>28</Points>
            <SuggestType>SS_CLOUD_HC</SuggestType>
            <Detail>
                  <Description></Description>
                  <SubType>CLOUD_HC_ACCOUNT_DOUBLE_CHECK</SubType>
                  <Title>Your Alibaba Cloud account has two-factor authentication disabled and is exposed to risks</Title>
            </Detail>
            <Detail>
                  <Description>You have five high configuration risks for Alibaba Cloud services.</Description>
                  <SubType>CLOUD_HC_HIGH_LEVEL</SubType>
                  <Title>You have high configuration risks for Alibaba Cloud services</Title>
            </Detail>
            <Detail>
                  <Description>You have 16 medium or low configuration risks for Alibaba Cloud services.</Description>
                  <SubType>CLOUD_HC_OTHER_LEVEL</SubType>
                  <Title>You have medium or low configuration risks for Alibaba Cloud services</Title>
            </Detail>
      </Suggestions>
      <Suggestions>
            <Points>5</Points>
            <SuggestType>OTHER</SuggestType>
            <Detail>
                  <Description>You have been attacked 3,387 times.</Description>
                  <SubType>OTHER_ATTACH</SubType>
                  <Title>You are under attack</Title>
            </Detail>
      </Suggestions>
      <TotalCount>15</TotalCount>
      <RequestId>676F80E3-4B3F-43DA-9CBB-5FF79F202AA2</RequestId>
</DescribeSecureSuggestionResponse>

JSON format

{
	"Suggestions": [
		{
			"Points": 40,
			"SuggestType": "SS_ALARM",
			"Detail": [
				{
					"Description": "You have 6,160 security alerts, which affects 39 assets",
					"SubType": "ALARM_HIGH",
					"Title": "You have unhandled high-risk alerts"
				},
				{
					"Description": "You have 88 security alerts, which affects 25 assets",
					"SubType": "ALARM_MEDIUM",
					"Title": "You have unhandled medium-risk alerts"
				},
				{
					"Description": "You have one security alert, which affects one asset",
					"SubType": "ALARM_LOW",
					"Title": "You have unhandled low-risk alerts"
				}
			]
		},
		{
			"Points": 12,
			"SuggestType": "SS_VUL",
			"Detail": [
				{
					"Description": "You have 34 vulnerabilities, which affects 19 servers",
					"SubType": "VUL_WIN",
					"Title": "You have unhandled Windows host vulnerabilities"
				},
				{
					"Description": "You have 448 vulnerabilities, which affects 68 servers",
					"SubType": "VUL_LINUX",
					"Title": "You have unhandled Linux host vulnerabilities"
				},
				{
					"Description": "You have 11 undetected emergency vulnerabilities",
					"SubType": "VUL_EMR_UNCHECK",
					"Title": "You have undetected emergency vulnerabilities"
				},
				{
					"Description": "You have one unhandled emergency vulnerability",
					"SubType": "VUL_EMR_UNFIX",
					"Title": "You have unhandled emergency vulnerabilities"
				}
			]
		},
		{
			"Points": 20,
			"SuggestType": "SS_HC",
			"Detail": [
				{
					"Description": "You have 17 servers that can be accessed from the Internet but use weak passwords. The servers may be attacked. We recommend that you increase password complexity in a timely manner",
					"SubType": "HC_WEAK_EXPLOIT_WARN",
					"Title": "You have potential weak passwords exposure"
				},
				{
					"Description": "You have 18 servers using weak passwords. We recommend that you change the password and increase password complexity as soon as possible",
					"SubType": "HC_WEAK_PASSWORD_WARN",
					"Title": "You have weak passwords"
				},
				{
					You have 105 servers do not meet the requirements of security compliance. We recommend that you handle the risks based on the enhancement suggestions and service requirements.
					"SubType": "HC_OTHER_WARN",
					"Title": "You have potential security configuration risks"
				}
			]
		},
		{
			"Points": 30,
			"SuggestType": "SS_AK",
			"Detail": [
				{
					"Description": "You have one potential AccessKey pair leak",
					"SubType": "ACCESSKEY_LEAK",
					"Title": "You have potential AccessKey leaks"
				}
			]
		},
		{
			"Points": 28,
			"SuggestType": "SS_CLOUD_HC",
			"Detail": [
				{
					"Description": "",
					"SubType": "CLOUD_HC_ACCOUNT_DOUBLE_CHECK",
					"Title": "Your Alibaba Cloud account has two-factor authentication disabled and is exposed to risks"
				},
				{
					"Description": "You have five high configuration risks for Alibaba Cloud services",
					"SubType": "CLOUD_HC_HIGH_LEVEL",
					"Title": "You have high configuration risks for Alibaba cloud services"
				},
				{
					"Description": "You have 16 medium or low configuration risks for Alibaba Cloud services",
					"SubType": "CLOUD_HC_OTHER_LEVEL",
					"Title": "You have medium or low configuration risks for Alibaba cloud services"
				}
			]
		},
		{
			"Points": 5,
			"SuggestType": "OTHER",
			"Detail": [
				{
					"Description": "You have been attacked 3,387 times",
					"SubType": "OTHER_ATTACH",
					"Title": "You are under attack"
				}
			]
		}
	],
	"TotalCount": 15,
	"RequestId": "676F80E3-4B3F-43DA-9CBB-5FF79F202AA2"
}

Error codes

For a list of error codes, visit the API Error Center.