This document answers common questions about the Alibaba Cloud 2026 Cloud Health Checkup.
Question | Answer |
1. What is this campaign? Who can participate? | This is an annual threat detection service for the cloud-based business systems of Alibaba Cloud users. This service is provided while ensuring the security and stability of the Alibaba Cloud platform. It covers more than 100 check items across three dimensions: security, stability, and AI. With your authorization, an automated tool completes the diagnostics and generates an exclusive report. This report helps you proactively identify and eliminate potential threats to ensure the continuous and healthy operation of your cloud business. |
2. Is there a fee for the diagnostics? | The standard checkup is completely free. They include more than 70 check items that cover identity and access security, infrastructure security, high availability (HA) and disaster recovery, and stability audit. Additionally, an AI Security Value-added Service Package is available. The first 1,000 AI asset scans are free. You must claim this benefit on the campaign page in advance. Usage that exceeds this limit may incur charges. |
3. What do I need to do to start the diagnostics? | Simply click the "Start Checkup" button on the landing page and authorize Alibaba Cloud to read your cloud resource configuration information. This information is used only for this diagnostic scan. The process does not require software installation and will not modify your configurations. |
4. Will the diagnostics modify my cloud resources? | No, they will not. The diagnostics perform a read-only scan. They will not modify, delete, or restart any of your cloud resources. |
5. How long do the diagnostics take? How do I get the report? | The scan usually takes 30 to 60 minutes, depending on the scale of your assets. After the scan is complete, the report is sent to you by email. You can also view the report by clicking "View Report" on the landing page. |
6. What does the report include? | The report covers more than 100 check items, which are presented in five categories:
Each item includes specific remediation suggestions and paths. |
7. I don't have any AI services. Can I still participate? | Yes, you can. The AI security diagnostics are optional. If you do not use services related to Alibaba Cloud PAI or Alibaba Cloud Model Studio, you can select the full free package. |
8. How can I try the AI security diagnostics? | First, go to the Security Center console to enable the pay-as-you-go feature for cloud security posture management. Second, on the landing page, click "Free Trial" under the AI Security Value-added Service Package to claim your 1,000 free scans. Then, select the "AI Security Value-added Service Package" checkbox to start the diagnostics. Note: You must claim the free quota first. Otherwise, you cannot use the 1,000 free scans. |
9. Can the same account run the diagnostics multiple times? Can I run it again after remediation to verify the results? | During this campaign, each account can run the diagnostics once. To run diagnostics again for specific check items, you can configure additional scans later using the features of related products in the Alibaba Cloud Management Console. |
10. Are the report results accurate? Do I need to fix everything? | The report is generated from a configuration snapshot taken at the time of the diagnostics, and the results are for reference only. • You should address high-risk items immediately. • You can optimize medium- and low-risk items in batches at a pace that suits your business needs. • You can make exceptions for items in environments such as staging environments, but you must record the reasons for these exceptions. |
11. Will my diagnostic data be leaked? | No, it will not. Alibaba Cloud strictly adheres to the Alibaba Cloud Legal and Privacy Policy. The diagnostic data is used only to generate your report and will not be used for other purposes or shared publicly. |
12. Should I use my Alibaba Cloud account or a RAM user to run the diagnostics? | You should use an account with sufficient permissions. If permissions are insufficient, some check items may fail to run. |
13. Will the diagnostics check non-Alibaba Cloud resources, such as self-managed IDCs or resources from other cloud providers? | No, they will not. These diagnostics target only resources on the Alibaba Cloud platform. They do not cover hybrid cloud or third-party cloud environments. |
14. How is the "Health Score" in the report calculated? | The Health Score is calculated based on the number of threats, their severity levels, and the dimensions they cover. The score is then compared with the results of all users to generate a tiered ranking, which reflects the relative health of your cloud environment. |
15. Can I export or download the diagnostics report? | You can view the full report on the landing page. On a PC, you can export the report as an HTML file. On mobile devices, you can only view the report online. To download the report, you must access the page from a PC. |
16. If I exit in the middle of the process, can I continue the diagnostics later? | Once started, the diagnostics run in the background. You do not need to keep the page open. You will receive a notification when the diagnostics are complete, and you can return to view the report at any time. |
17. Will the diagnostics affect my service performance? | The diagnostics have almost no impact on your service performance. The diagnostics use low-frequency, read-only API calls. They do not generate significant traffic or payload and will not affect your online services. |
18. Will there be quarterly or monthly diagnostics in the future, or is this only an annual event? | The Cloud Health Checkup is an annual Alibaba Cloud campaign. For routine checks, you can perform regular self-diagnostics through the consoles of products such as Cloud Governance Center and Security Center. |
19. Which AI products do the AI security diagnostics support? | The diagnostics primarily provide configuration threat detection for AI assets on Alibaba Cloud PAI (Platform for AI) and Alibaba Cloud Model Studio. |
20. How is the 1,000-scan free quota for AI security detection calculated? | Scanning one check item for one AI asset is counted as one scan. For example, checking five configuration items for one PAI instance is equivalent to five scans. You should evaluate whether to enable this feature based on the scale of your assets. Usage beyond the free quota will incur charges. |
21. How long is the free quota for AI diagnostics valid? | Once claimed, it is valid for 3 months. |
22. Can I run diagnostics for multiple Alibaba Cloud accounts separately? | Yes, you can. You must log on to each account separately to participate. This campaign does not limit the number of accounts that can participate. |
23. Will the diagnostics read my data? | No, they will not. These diagnostics analyze only resource configuration metadata. They do not read the content of your business data. |
24. What are the "Top 10 Configuration Risks of 2025" mentioned in the report? | These are the most common threats identified from the data of all users in 2025, such as enabled AccessKeys for an Alibaba Cloud account or security groups that expose vulnerable ports to the public network. While you wait for your report, you can review your 2025 diagnostic results. You can then check the new report to see your latest cloud health status. |
25. Can I view the report after the campaign ends? | Yes, you can. Your diagnostics report is available for long-term retention on the landing page. You can log on to view it at any time. |
26. If I clean up my resources, will the diagnostics still report historical threats? | The report is generated based on the state of your resources at the time the diagnostics are initiated. It reflects the resource status only at that specific time. In addition, if you perform remediation actions at the same time that you trigger the diagnostics, the changes may not be reflected in the report in real time because of data propagation delays. |
27. Will the AI security diagnostics analyze whether the output of large models is compliant? | No, they will not. The AI security diagnostics check only whether the relevant content detection feature is enabled. They do not involve auditing model training data or inference output. |
28. After the 1,000 free AI scans are used, how are subsequent scans billed? | After the 1,000 free scans are used, you are charged based on the standard pricing for the AI security posture management in Security Center. We recommend that you evaluate your asset volume in advance. |
29. Will I be charged for fixing the threats found in the health report? | You are responsible for performing the remediation for any identified threats. The diagnostics report provides remediation guidance and paths. Alibaba Cloud does not charge any service fees for this guidance. If you choose to use paid products such as Security Center for remediation and protection, you will be billed according to the standard pricing of those products. These charges are unrelated to this campaign. |
30. Why can't I select the "AI Security Value-added Service Package" checkbox? | To participate in the AI Security Value-added Service Package, you must first go to the Security Center console and enable the pay-as-you-go feature for cloud security posture management. To avoid unnecessary basic service fees, enable only the cloud security posture management feature. *Note: When you enable any pay-as-you-go feature in Security Center, a basic service fee is charged. If you no longer use the related services, disable the cloud security posture management feature promptly to avoid further charges. |