Query Custom Check Items with ListCheckItems API - Security Center

List custom check items for situational awareness

Try it now

Try this API in OpenAPI Explorer, no manual signing needed. Successful calls auto-generate SDK code matching your parameters. Download it with built-in credential security for local usage.

Test

RAM authorization

The table below describes the authorization required to call this API. You can define it in a Resource Access Management (RAM) policy. The table's columns are detailed below:

Action: The actions can be used in the Action element of RAM permission policy statements to grant permissions to perform the operation.
API: The API that you can call to perform the action.
Access level: The predefined level of access granted for each API. Valid values: create, list, get, update, and delete.
Resource type: The type of the resource that supports authorization to perform the action. It indicates if the action supports resource-level permission. The specified resource must be compatible with the action. Otherwise, the policy will be ineffective.
- For APIs with resource-level permissions, required resource types are marked with an asterisk (*). Specify the corresponding Alibaba Cloud Resource Name (ARN) in the Resource element of the policy.
- For APIs without resource-level permissions, it is shown as All Resources. Use an asterisk (*) in the Resource element of the policy.
Condition key: The condition keys defined by the service. The key allows for granular control, applying to either actions alone or actions associated with specific resources. In addition to service-specific condition keys, Alibaba Cloud provides a set of common condition keys applicable across all RAM-supported services.
Dependent action: The dependent actions required to run the action. To complete the action, the RAM user or the RAM role must have the permissions to perform all dependent actions.

Action

Access level

Resource type

Condition key

Dependent action

yundun-sas:ListCheckItems

get

*CustomCheckItem

acs:yundun-sas:{#regionId}:{#accountId}:customcheckitem/{#CheckId}

None

Request syntax

GET  HTTP/1.1

Request parameters

Parameter	Type	Required	Description	Example
CheckId	integer	No	The ID of the check item.	100000000001
CheckShowName	string	No	The name of the custom check item.	testCheckItemName
CheckTypes	array	No	The source type of the situational awareness check item.
	string	No	The type of the check item (identifies whether the policy is a system check item or a user check item): CUSTOM: User-defined SYSTEM: System-defined	SYSTEM
Lang	string	No	The language type for requests and responses. The default value is zh. Values: zh: Chinese en: English	zh
Statuses	array	No	The status of the check item.
	string	No	The status of the check item. Values: EDIT: In editing RELEASE: Released	RELEASE
PageSize	integer	No	Specifies the maximum number of data entries to display per page when performing a paginated query. The default number of data entries displayed per page is 20, and if the PageSize parameter is empty, it will default to returning 20 data entries. Note It is recommended that the PageSize value is not left empty.	20
CurrentPage	integer	No	Specifies the page number to display when performing a paginated query. The starting value is 1, and the default value is 1.	1

Response elements

Element	Type	Description	Example
	object	The response body of the API.
RequestId	string	The ID of the current request, which is a unique identifier generated by Alibaba Cloud for this request and can be used for troubleshooting and problem localization.	7BC55C8F-226E-5AF5-9A2C-2EC43864****
CheckItems	array<object>	Information about the check items.
	array<object>	Information about the check items.
CheckId	integer	The ID of the check item.	100000000001
CheckShowName	string	The name of the check item.	testCheckItemName
Vendor	string	The cloud asset vendor.	ALIYUN
InstanceType	string	The asset type of the cloud product.	ECS
InstanceSubType	string	The sub-type of the cloud product's asset.	DISK
RiskLevel	string	The risk level of the check item. Values: HIGH: High risk MEDIUM: Medium risk LOW: Low risk	HIGH
Status	string	The status of the check item. Values: EDIT: In editing RELEASE: Released	EDIT
CheckPolicies	array<object>	A list of standard, regulation, and section information associated with the check result.
	object	Information on the standards, regulations, and chapters associated with the inspection results.
StandardId	integer	Standard ID of the inspection item.	10000000001
StandardShowName	string	The display name of the standard for the check item.	testStandardShowName
RequirementId	integer	The ID of the requirement for the check item.	10000000001
RequirementShowName	string	The display name of the requirement for the check item.	testRequirementShowName
SectionId	integer	The ID of the section for the check item.	10000000001
SectionShowName	string	The display name of the section for the check item.	testSectionShowName
Type	string	The name of the associated policy category: AISPM:AI Configuration Management (AI-SPM) KISPM:Kubernetes Configuration Management (KSPM) IDENTITY_PERMISSION:Identity and Permission Management (CIEM) RISK:Security Risk COMPLIANCE:Compliance Risk	AISPM
Description	object	The description information of the check item.
Type	string	The type of the check description attribute. Values: text:Text	text
Value	string	The specific content of the description.	custom description.
Solution	object	The solution information for the check item.
Type	string	The type of the check item solution information. Values: text:Text	text
Value	string	The content of the solution for the check item risk.	test solution.
AssistInfo	object	The help information for the check item.
Type	string	The type of the help information for the check item risk. Values: text:Text	text
Value	string	The content of the help information for the check item risk.	test assistInfo.
CheckRule	string	Define rules for custom inspection items.	{"AssociatedData":{"ToDataList":[{"DataName":"ACS_ECS_Instance","PropertyPath":"InstanceId","FromPropertyPath":"InstanceId"}]},"MatchProperty":{"Operator":"AND","MatchProperties":[{"DataName":"ACS_ECS_Disk","PropertyPath":"InstanceId","MatchOperator":"EQ","MatchPropertyValue":"testId"},{"DataName":"ACS_ECS_Instance","PropertyPath":"InstanceId","MatchOperator":"EQ","MatchPropertyValue":"testInstanceId"}]}}
CheckType	string	The source type of the Security Posture check item: CUSTOM: User-defined SYSTEM: Predefined by the Security Posture platform	SYSTEM
Remark	string	Remark information.	remark.
PageInfo	object	Page information for paginated queries.
TotalCount	integer	Total number of data entries found.	100
Count	integer	Number of data entries displayed on the current page in a paginated query.	20
CurrentPage	integer	The page number of the current page when performing a paginated query.	1
PageSize	integer	The maximum number of records displayed per page when performing a paginated query.	20

Examples

Success response

JSON format

{
  "RequestId": "7BC55C8F-226E-5AF5-9A2C-2EC43864****",
  "CheckItems": [
    {
      "CheckId": 100000000001,
      "CheckShowName": "testCheckItemName",
      "Vendor": "ALIYUN",
      "InstanceType": "ECS",
      "InstanceSubType": "DISK",
      "RiskLevel": "HIGH",
      "Status": "EDIT",
      "CheckPolicies": [
        {
          "StandardId": 10000000001,
          "StandardShowName": "testStandardShowName",
          "RequirementId": 10000000001,
          "RequirementShowName": "testRequirementShowName",
          "SectionId": 10000000001,
          "SectionShowName": "testSectionShowName",
          "Type": "AISPM"
        }
      ],
      "Description": {
        "Type": "text",
        "Value": "custom description."
      },
      "Solution": {
        "Type": "text",
        "Value": "test solution."
      },
      "AssistInfo": {
        "Type": "text",
        "Value": "test assistInfo."
      },
      "CheckRule": "{\"AssociatedData\":{\"ToDataList\":[{\"DataName\":\"ACS_ECS_Instance\",\"PropertyPath\":\"InstanceId\",\"FromPropertyPath\":\"InstanceId\"}]},\"MatchProperty\":{\"Operator\":\"AND\",\"MatchProperties\":[{\"DataName\":\"ACS_ECS_Disk\",\"PropertyPath\":\"InstanceId\",\"MatchOperator\":\"EQ\",\"MatchPropertyValue\":\"testId\"},{\"DataName\":\"ACS_ECS_Instance\",\"PropertyPath\":\"InstanceId\",\"MatchOperator\":\"EQ\",\"MatchPropertyValue\":\"testInstanceId\"}]}}",
      "CheckType": "SYSTEM",
      "Remark": "remark."
    }
  ],
  "PageInfo": {
    "TotalCount": 100,
    "Count": 20,
    "CurrentPage": 1,
    "PageSize": 20
  }
}

Error codes

HTTP status code	Error code	Error message	Description
400	ParamIllegal.%s	The parameter %s is invalid, please fill it in again.	Invalid parameter, please fill in again

See Error Codes for a complete list.

Release notes

See Release Notes for a complete list.