DescribeCloudCenterInstances - Security Center - Alibaba Cloud Documentation Center

Queries the information about assets that meet specified search conditions. For example, you can search for an asset by using the instance name or region of the asset.

Operation Description

You can search for assets by using search conditions, such as the instance ID, instance name, virtual private cloud (VPC) ID, region, and public IP address. You can also configure a logical relationship between multiple search conditions to search for the assets that meet the search conditions.

Authorization information

There is currently no authorization information disclosed in the API.

Request parameters

Parameter	Type	Required	Description	Example
RegionId	string	No	The ID of the region in which the asset resides.	cn-hangzhou
Criteria	string	No	The search conditions that are used to filter assets. The value of this parameter is in the JSON format and is case-sensitive. NoteA search condition can be an instance ID, instance name, VPC ID, region, or public IP address. You can call the DescribeCriteria operation to query the supported search conditions.	[{"name":"riskStatus","value":"YES"},{"name":"internetIp","value":"1.2.XX.XX"}]
MachineTypes	string	No	The type of the assets that you want to query. Valid values: ecs: servers cloud_product: Alibaba Cloud services	ecs
LogicalExp	string	No	The logical relationship among multiple search conditions. Valid values: OR: The search conditions are evaluated by using a logical OR. AND: The search conditions are evaluated by using a logical AND.	OR
PageSize	integer	No	The number of entries to return on each page. Default value: 20.	100
CurrentPage	integer	No	The number of the page to return. Default value: 1.	1
Importance	integer	No	The importance of the asset. Valid values: 2: an important asset 1: a common asset 0: a test asset	2
NoGroupTrace	boolean	No	Specifies whether to internationalize the name of the default group. Default value: false . Valid values: true: The system returns the Chinese name of the default group for the GroupTrace response parameter.********** false**: The system returns default for the GroupTrace response parameter.	false
Lang	string	No	The language of the content within the request and response. Default value: zh. Valid values: zh: Chinese en: English	zh

Response parameters

Parameter	Type	Description	Example
	object
Success	boolean	Indicates whether the request was successful. Valid values: true: The request was successful. false: The request failed.	true
RequestId	string	The ID of the request, which is used to locate and troubleshoot issues.	32A73759-4C0F-4801-BE98-901223ACEE9A
PageInfo	object	The pagination information.
CurrentPage	integer	The page number of the returned page.	1
PageSize	integer	The number of entries returned per page. Default value: 20.	20
TotalCount	integer	The total number of entries returned.	50
Count	integer	The number of entries returned on the current page.	10
Instances	array	An array that consists of the details about the assets.
	object
Status	string	The status of the asset. Valid values: Running: running notRunning: stopped	Running
CpuInfo	string	The CPU information about the asset.	Intel(R) Xeon(R) Platinum 8269CY CPU @ 2.50GHz
InternetIp	string	The public IP address of the asset.	1.2.XX.XX
Kernel	string	The version of the kernel.	3.10.0-1127.19.1.el7.x86_64
Bind	boolean	Indicates whether Security Center is authorized to scan the asset. Valid values: true: yes false: no	true
OsName	string	The kernel version of the asset.	-
Tag	string	The name of the asset tag.	InternetIp,test
ClientStatus	string	The status of the Security Center agent installed on the asset. Valid values: online: The Security Center agent is enabled. offline: The Security Center agent is disabled. pause: The Security Center agent is suspended.	online
Mem	integer	The size of the memory. Unit: MB.	1024
VpcInstanceId	string	The ID of the VPC to which the asset belongs.	vpc-uf60agqq65bs98zoo****
TagId	string	The ID of the asset tag.	121313,41412
Flag	integer	Indicates whether the asset is an Alibaba Cloud asset. Valid values: 0: yes 1: no	0
LastLoginTimestamp	long	The timestamp when the Security Center agent was last online. Unit: milliseconds.	1637592907000
AuthVersion	integer	The edition of Security Center that is authorized to protect the asset. Valid values: 1: Basic edition 6: Anti-virus edition 5: Advanced edition 3: Enterprise edition 7: Ultimate edition	1
Region	string	The region ID of the asset.	cn-hangzhou-cm*-*
InstanceName	string	The name of the asset.	yztest-l***
PodCount	integer	The number of pods.	1
VulCount	integer	The number of vulnerabilities that are detected on the asset.	2
HcStatus	string	Indicates whether baseline risks are detected on the asset. Valid values: YES NO	YES
CreatedTime	long	The timestamp when the cluster was created. Unit: milliseconds.	1607365213000
GroupTrace	string	The name of the group to which the asset belongs.	default
ClusterId	string	The ID of the cluster.	c690a0789419f4284a4e0a29e12fe****
RiskStatus	string	Indicates whether risks are detected on the asset. Valid values: YES NO	NO
Cores	integer	The number of the CPU cores used by the asset.	4
VulStatus	string	Indicates whether vulnerabilities are detected on the asset. Valid values: YES NO	YES
AlarmStatus	string	Indicates whether alerts are generated on the asset. Valid values: YES NO	NO
MacListString	string	The MAC address of the system.	00:13:3e:31:13:39,02:12:67:b8::
Importance	integer	The importance of the asset. Valid values: 2: an important asset 1: a common asset 0: a test asset	2
HealthCheckCount	integer	The number of baseline risks that are detected on the asset.	1
Ip	string	The public IP address of the asset.	1.2.XX.XX
Os	string	The operating system of the asset.	Linux
AuthModifyTime	long	The timestamp when Security Center is authorized to scan the asset.	1627974044000
SafeEventCount	integer	The number of alerts that are generated on the asset.	5
InstanceId	string	The ID of the asset.	i-m5***
AssetType	string	The type of the asset. Valid values: 0: an ECS instance 1: a Server Load Balancer (SLB) instance 2: a NAT gateway 3: an ApsaraDB RDS instance 4: an ApsaraDB for MongoDB instance 5: an ApsaraDB for Redis instance 6: a container image 7: a container	0
IntranetIp	string	The private IP address of the asset.	1.2.XX.XX
Vendor	integer	The type of the asset by source. Valid values: 0: an asset provided by Alibaba Cloud. 1: a third-party cloud server 2: a server in a data center 3, 4, 5, and 7: other cloud asset 8: a lightweight asset	0
RegionId	string	The ID of the region in which the asset resides.	cn-hanghzou
Uuid	string	The UUID of the asset.	c9107c04-942f-40c1-981a-f1c1***
GroupId	long	The ID of the asset group to which the asset belongs.	4120080
RegionName	string	The name of the region in which the asset resides.	China (Hangzhou)
VendorName	string	The name of the service provider (SP) for the asset. Valid values: ALIYUN: Alibaba Cloud OUT: a third-party service provider IDC: a data center TENCENT: Tencent Cloud HUAWEICLOUD: Huawei Cloud Microsoft: Microsoft AWS: Amazon Web Services (AWS) TRIPARTITE: a lightweight server	IDC
AuthVersionName	string	The name of the Security Center edition that is authorized to scan the asset. Valid values: Basic edition Anti-virus edition Advanced edition Enterprise edition Ultimate edition Value-added Plan edition	Ultimate Edition
ClusterName	string	The name of the cluster.	cluster1
ExposedStatus	integer	Indicates whether the asset is exposed. Valid values: 0: no 1: yes	0
RiskCount	string	The total number of baseline risks that are detected on the asset. The value of this parameter is in the JSON format and contains the following fields: account: the number of accounts that are used to log on from unapproved logon locations and whose passwords are cracked appNum: the number of scanners asapVulCount: the total number of high-risk vulnerabilities baselineHigh: the number of high-risk baseline risks baselineLow: the number of low-risk baseline risks baselineMedium: the number of medium-risk baseline risks baselineNum: the total number of configuration risks cmsNum: the number of Web-CMS vulnerabilities containerAsap: the number of high-risk vulnerabilities that are detected on containers containerLater: the number of medium-risk vulnerabilities that are detected on containers containerNntf: the number of low-risk vulnerabilities that are detected on containers containerRemind: the number of alerts whose Emergency level is Reminder on containers containerSerious: the number of alerts whose Emergency level is Urgent on containers containerSuspicious: the number of alerts whose Emergency level is Suspicious on containers cveNum: the number of Linux software vulnerabilities emgNum: the number of urgent vulnerabilities health: the number of baseline alerts that are unhandled imageBaselineHigh: the number of high-risk baseline risks that are detected on images imageBaselineLow: the number of low-risk baseline risks that are detected on images imageBaselineMedium: the number of medium-risk baseline risks that are detected on images imageBaselineNum: the total number of baseline risks that are detected on images imageMaliciousFileRemind: the number of malicious files that are detected on images and have the Emergency level of Reminder imageMaliciousFileSerious: the number of malicious files that are detected on images and have the Emergency level of Urgent imageMaliciousFileSuspicious: the number of malicious files that are detected on images and have the Emergency level of Suspicious imageVulAsap: the number of high-risk vulnerabilities that are detected on images imageVulLater: the number of medium-risk vulnerabilities that are detected on an image imageVulNntf: the number of low-risk vulnerabilities that are detected on an image laterVulCount: the number of medium-risk vulnerabilities newSuspicious: the number of alerts nntfVulCount: the number of low-risk vulnerabilities. remindNum: the number of alerts whose Emergency level is Reminder scaNum: the number of vulnerabilities that are detected based on software component analysis seriousNum: the number of alerts whose Emergency level is Urgent suspNum: the number of alerts whose Emergency level is Suspicious suspicious: the total number of alerts sysNum: the number of Windows system vulnerabilities trojan: the number of trojans uuid: the UUIDs of assets vul: the number of vulnerabilities weakPWNum: the number of weak passwords	{ "account": 0, "appNum": 0, "asapVulCount": 0, "baselineHigh": 0, "baselineLow": 0, "baselineMedium": 0, "baselineNum": 0, "cmsNum": 0, "containerAsap": 0, "containerLater": 0, "containerNntf": 0, "containerRemind": 0, "containerSerious": 0, "containerSuspicious": 0, "cveNum": 0, "emgNum": 0, "health": 0, "imageBaselineHigh": 0, "imageBaselineLow": 0, "imageBaselineMedium": 0, "imageBaselineNum": 0, "imageMaliciousFileRemind": 0, "imageMaliciousFileSerious": 0, "imageMaliciousFileSuspicious": 0, "imageVulAsap": 0, "imageVulLater": 0, "imageVulNntf": 0, "laterVulCount": 0, "newSuspicious": 0, "nntfVulCount": 0, "remindNum": 0, "scaNum": 0, "seriousNum": 0, "suspNum": 0, "suspicious": 0, "sysNum": 0, "trojan": 0, "uuid": "inet-37316411-37fe-4b72-b245-346a2721****", "vul": 0, "weakPWNum": 0 }
IpListString	string	The IP addresses of the system.	172.31.XX.XX,172.171.XX.XX

Example

Normal return example

JSONFormat

{
  "Success": true,
  "RequestId": "32A73759-4C0F-4801-BE98-901223ACEE9A",
  "PageInfo": {
    "CurrentPage": 1,
    "PageSize": 20,
    "TotalCount": 50,
    "Count": 10
  },
  "Instances": [
    {
      "Status": "Running",
      "CpuInfo": "Intel(R) Xeon(R) Platinum 8269CY CPU @ 2.50GHz",
      "InternetIp": "1.2.XX.XX",
      "Kernel": "3.10.0-1127.19.1.el7.x86_64",
      "Bind": true,
      "OsName": "-",
      "Tag": "InternetIp,test",
      "ClientStatus": "online",
      "Mem": 1024,
      "VpcInstanceId": "vpc-uf60agqq65bs98zoo****",
      "TagId": "121313,41412",
      "Flag": 0,
      "LastLoginTimestamp": 1637592907000,
      "AuthVersion": 1,
      "Region": "cn-hangzhou-cm***-***",
      "InstanceName": "yztest-l***",
      "PodCount": 1,
      "VulCount": 2,
      "HcStatus": "YES",
      "CreatedTime": 1607365213000,
      "GroupTrace": "default",
      "ClusterId": "c690a0789419f4284a4e0a29e12fe****",
      "RiskStatus": "NO",
      "Cores": 4,
      "VulStatus": "YES",
      "AlarmStatus": "NO",
      "MacListString": "00:13:3e:31:13:39,02:12:67:b8:**:**",
      "Importance": 2,
      "HealthCheckCount": 1,
      "Ip": "1.2.XX.XX",
      "Os": "Linux",
      "AuthModifyTime": 1627974044000,
      "SafeEventCount": 5,
      "InstanceId": "i-m5***",
      "AssetType": "0",
      "IntranetIp": "1.2.XX.XX",
      "Vendor": 0,
      "RegionId": "cn-hanghzou",
      "Uuid": "c9107c04-942f-40c1-981a-f1c1***",
      "GroupId": 4120080,
      "RegionName": "China (Hangzhou)",
      "VendorName": "IDC",
      "AuthVersionName": "Ultimate Edition",
      "ClusterName": "cluster1",
      "ExposedStatus": 0,
      "RiskCount": "{\n      \"account\": 0,\n      \"appNum\": 0,\n      \"asapVulCount\": 0,\n      \"baselineHigh\": 0,\n      \"baselineLow\": 0,\n      \"baselineMedium\": 0,\n      \"baselineNum\": 0,\n      \"cmsNum\": 0,\n      \"containerAsap\": 0,\n      \"containerLater\": 0,\n      \"containerNntf\": 0,\n      \"containerRemind\": 0,\n      \"containerSerious\": 0,\n      \"containerSuspicious\": 0,\n      \"cveNum\": 0,\n      \"emgNum\": 0,\n      \"health\": 0,\n      \"imageBaselineHigh\": 0,\n      \"imageBaselineLow\": 0,\n      \"imageBaselineMedium\": 0,\n      \"imageBaselineNum\": 0,\n      \"imageMaliciousFileRemind\": 0,\n      \"imageMaliciousFileSerious\": 0,\n      \"imageMaliciousFileSuspicious\": 0,\n      \"imageVulAsap\": 0,\n      \"imageVulLater\": 0,\n      \"imageVulNntf\": 0,\n      \"laterVulCount\": 0,\n      \"newSuspicious\": 0,\n      \"nntfVulCount\": 0,\n      \"remindNum\": 0,\n      \"scaNum\": 0,\n      \"seriousNum\": 0,\n      \"suspNum\": 0,\n      \"suspicious\": 0,\n      \"sysNum\": 0,\n      \"trojan\": 0,\n      \"uuid\": \"inet-37316411-37fe-4b72-b245-346a2721****\",\n      \"vul\": 0,\n      \"weakPWNum\": 0\n}",
      "IpListString": "172.31.XX.XX,172.171.XX.XX"
    }
  ]
}

Error codes

Http code	Error code	Error message	Description
400	AccountIdNotExist	AccountIdNotExist	-
400	NoPermission	no permission	-
403	NoPermission	caller has no permission	You are not authorized to do this operation.
500	ServerError	ServerError	-

For a list of error codes, visit the API error center.

Change history

Change time

Summary of changes

Operate

2022-12-23

API Description Update, The API operation is not deprecated., The error codes of the API operation has changed

Change item	Change content
API Description	API Description Update
API Deprecation Description	The API operation is not deprecated.
Error Codes	The error codes of the API operation has changed
	delete Error Codes: 400
	delete Error Codes: 500