You can call this operation to query detailed suggestions about how to manage the security score.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters

Prameter Type Required Example Description
Action String Yes DescribeSecureSuggestion

The operation that you want to perform.

Set the value to DescribeSecureSuggestion.

SourceIp String No 1.2.3.4

The source IP address of the request.

Lang String No zh

The language of the request and response.

Valid values:

  • zh: Chinese
  • en: English

Response parameters

Parameter Type Example Description
RequestId String F35F45B0-5D6B-4238-BE02-A62D0760E840

The ID of the request.

Suggestions Array

The list of risk management suggestions.

Detail Array

The details of risk management suggestions.

Description String You have four ApsaraDB for RDS instances at risk.

Descriptions of the risk management suggestions.

SubType String CLOUD_HC_RDS

The type of unhandled risks.

Title String The check on security policies of ApsaraDB for RDS instances has failed. The instances are at risk.

The names of unhandled risks.

Points Integer 40

The penalty points of each item.

SuggestType String SS_ALARM

The type of unhandled risks.

Valid values:

  • SS_REINFORCE: key features are not configured (for example, the anti-virus feature ).
  • SS_ALARM: unhandled alerts.
  • SS_VUL: unhandled vulnerabilities.
  • SS_HC: baseline check risks.
  • SS_AK: AccessKey leaks.
  • SS_CLOUD_HC: configuration risks in Alibaba Cloud services.
  • OTHER: Other risks.
TotalCount Integer 15

The total number of unhandled risks.

Examples

Sample requests

http(s)://[Endpoint]/? Action=DescribeSecureSuggestion
&<Common request parameters>

Sample success responses

XML format

<DescribeSecureSuggestionResponse>
  <Suggestions>
        <Points>40</Points>
        <SuggestType>SS_ALARM</SuggestType>
        <Detail>
              <Description>You have 691 security alerts generated upon 56 assets.</Description>
              <SubType>ALARM_HIGH</SubType>
              <Title>You have unhandled high-risk alerts.</Title>
        </Detail>
        <Detail>
              <Description>You have 501 security alerts generated upon 119 assets.</Description>
              <SubType>ALARM_MEDIUM</SubType>
              <Title>You have unhandled middle-risk alerts.</Title>
        </Detail>
  </Suggestions>
  <Suggestions>
        <Points>12</Points>
        <SuggestType>SS_VUL</SuggestType>
        <Detail>
              <Description>You have five vulnerabilities.</Description>
              <SubType>VUL_CMS</SubType>
              <Title>You have unhandled CMS vulnerabilities.</Title>
        </Detail>
        <Detail>
              <Description>You have 107 vulnerabilities endangering 68 servers.</Description>
              <SubType>VUL_WIN</SubType>
              <Title>You have unhandled Windows host vulnerabilities.</Title>
        </Detail>
        <Detail>
              <Description>You have 701 vulnerabilities endangering 87 servers.</Description>
              <SubType>VUL_LINUX</SubType>
              <Title>You have unhandled Linux host vulnerabilities.</Title>
        </Detail>
        <Detail>
              <Description>You have 1 unhandled emergency vulnerability.</Description>
              <SubType>VUL_EMR_UNFIX</SubType>
              <Title>You have unhandled emergency vulnerabilities.</Title>
        </Detail>
  </Suggestions>
  <Suggestions>
        <Points>2</Points>
        <SuggestType>SS_HC</SuggestType>
        <Detail>
              <Description>You have 46 baseline check risks endangering 260 servers.</Description>
              <SubType>HC_WARN</SubType>
              <Title>You have unhandled baseline risks.</Title>
        </Detail>
  </Suggestions>
  <Suggestions>
        <Points>30</Points>
        <SuggestType>SS_AK</SuggestType>
        <Detail>
              <Description>You have 12 unhandled potential AccessKey leaks.</Description>
              <SubType>ACCESSKEY_LEAK</SubType>
              <Title>You have unhandled potential AccessKey leaks.</Title>
        </Detail>
  </Suggestions>
  <Suggestions>
        <Points>35</Points>
        <SuggestType>SS_CLOUD_HC</SuggestType>
        <Detail>
              <Description>You have four ApsaraDB for RDS instances at risk.</Description>
              <SubType>CLOUD_HC_RDS</SubType>
              <Title>The check on security policies of ApsaraDB for RDS instances failed. The instances are at risk.</Title>
        </Detail>
        <Detail>
              <Description>You have three high severity configuration risks for Alibaba Cloud services.</Description>
              <SubType>CLOUD_HC_HIGH_LEVEL</SubType>
              <Title>You have unhandled high severity configuration risks for Alibaba Cloud services.</Title>
        </Detail>
        <Detail>
              <Description>You have 28 unhandled middle or low severity configuration risks for Alibaba Cloud services.</Description>
              <SubType>CLOUD_HC_OTHER_LEVEL</SubType>
              <Title>You have middle or low severity unhandled configuration risks for Alibaba Cloud services.</Title>
        </Detail>
  </Suggestions>
  <Suggestions>
        <Points>5</Points>
        <SuggestType>OTHER</SuggestType>
        <Detail>
              <Description>You have been attacked 5,767 times.</Description>
              <SubType>OTHER_ATTACH</SubType>
              <Title>You are under attack.</Title>
        </Detail>
  </Suggestions>
  <TotalCount>12</TotalCount>
  <requestId>F35F45B0-5D6B-4238-BE02-A62D0760E840</requestId>
</DescribeSecureSuggestionResponse>

JSON format

{
    "Suggestions": [{
        "Points": 40,
        "SuggestType": "SS_ALARM",
        "Detail": [{
            "Description": "You have 691 security alerts generated upon 56 assets",
            "SubType": "ALARM_HIGH",
            "Title": "You have unhandled high-risk alerts"
        }, {
            "Description": "You have 501 security alerts generated upon 119 assets",
            "SubType": "ALARM_MEDIUM",
            "Title": "You have unhandled middle-risk alerts."
        }]
    }, {
        "Points": 12,
        "SuggestType": "SS_VUL",
        "Detail": [{
            "Description": "You have five vulnerabilities",
            "SubType": "VUL_CMS",
            "Title": "You have unhandled CMS vulnerabilities."
        }, {
            "Description": "You have 107 vulnerabilities endangering 68 servers",
            "SubType": "VUL_WIN",
            "Title": "You have unhandled Windows host vulnerabilities."
        }, {
            "Description": "You have 701 vulnerabilities endangering 87 servers",
            "SubType": "VUL_LINUX",
            "Title": "You have unhandled Linux host vulnerabilities."
        }, {
            "Description": "You have one unhandled emergency vulnerability",
            "SubType": "VUL_EMR_UNFIX",
            "Title": "You have unhandled emergency vulnerabilities."
        }]
    }, {
        "Points": 2,
        "SuggestType": "SS_HC",
        "Detail": [{
            "Description": "You have 46 baseline check risks endangering 260 servers",
            "SubType": "HC_WARN",
            "Title": "You have baseline check risks."
        }]
    }, {
        "Points": 30,
        "SuggestType": "SS_AK",
        "Detail": [{
            "Description": "You have 12 potential AccessKey leaks",
            "SubType": "ACCESSKEY_LEAK",
            "Title": "You have potential AccessKey leaks."
        }]
    }, {
        "Points": 35,
        "SuggestType": "SS_CLOUD_HC",
        "Detail": [{
            "Description": "You have four ApsaraDB for RDS instances at risk",
            "SubType": "CLOUD_HC_RDS",
            "Title": "The check on security policies of ApsaraDB for RDS instances has failed. The instances are at risk."
        }, {
            "Description": "You have 3 high severity configuration risks for Alibaba cloud services",
            "SubType": "CLOUD_HC_HIGH_LEVEL",
            "Title": "You have high severity configuration risks for Alibaba cloud services."
        }, {
            "Description": "You have 28 middle or low severity configuration risks for Alibaba cloud services",
            "SubType": "CLOUD_HC_OTHER_LEVEL",
            "Title": "You have middle or low severity configuration risks for Alibaba cloud services."
        }]
    }, {
        "Points": 5,
        "SuggestType": "OTHER",
        "Detail": [{
            "Description": "You have been attacked 5,767 times",
            "SubType": "OTHER_ATTACH",
            "Title": "You are under attack."
        }]
    }],
    "TotalCount": 12,
    "requestId": "F35F45B0-5D6B-4238-BE02-A62D0760E840"
}

Error code

For a list of error codes, visit the API Error Center.