Queries suggestions on how to manage the security risks that affect the security score.
Debugging
Request parameters
| Parameter | Type | Required | Example | Description |
|---|---|---|---|---|
| Action | String | Yes | DescribeSecureSuggestion |
The operation that you want to perform. Set the value to DescribeSecureSuggestion. |
| SourceIp | String | No | 1.2.3.4 |
The source IP address of the request. |
| Lang | String | No | zh |
The natural language of the request and response. Default value: zh. Valid values:
|
All Alibaba Cloud API operations must include common request parameters. For more information about common request parameters, see Common parameters.
For more information about sample requests, see the "Examples" section of this topic.
Response parameters
| Parameter | Type | Example | Description |
|---|---|---|---|
| RequestId | String | 676F80E3-4B3F-43DA-9CBB-5FF79F202AA2 |
The ID of the request. |
| Suggestions | Array of Suggestion |
The suggestions on risk management. |
|
| Detail | Array of Detail |
The details of risk management suggestions. |
|
| Description | String | You have four ApsaraDB RDS instances at risk. |
The description of the suggestion for risk management. |
| SubType | String | CLOUD_HC_RDS |
The type of the unhandled risk. |
| Title | String | The check on security policies of ApsaraDB RDS instances has failed. The instances are at risk. |
The name of the unhandled risk. |
| Points | Integer | 40 |
The penalty points of each item. |
| SuggestType | String | SS_ALARM |
The type of the unhandled risk. Valid values:
|
| TotalCount | Integer | 15 |
The total number of unhandled risks. |
Examples
Sample requests
http(s)://[Endpoint]/? Action=DescribeSecureSuggestion
&<Common request parameters>Sample success responses
XML format
<DescribeSecureSuggestionResponse>
<Suggestions>
<Points>40</Points>
<SuggestType>SS_ALARM</SuggestType>
<Detail>
<Description>You have 6,160 security alerts, which affects 39 assets.</Description>
<SubType>ALARM_HIGH</SubType>
<Title>You have unhandled high-risk alerts</Title>
</Detail>
<Detail>
<Description>You have 88 security alerts, which affects 25 assets.</Description>
<SubType>ALARM_MEDIUM</SubType>
<Title>You have unhandled medium-risk alerts</Title>
</Detail>
<Detail>
<Description>You have one security alert, which affects one asset.</Description>
<SubType>ALARM_LOW</SubType>
<Title>You have unhandled low-risk alerts</Title>
</Detail>
</Suggestions>
<Suggestions>
<Points>12</Points>
<SuggestType>SS_VUL</SuggestType>
<Detail>
<Description>You have 34 vulnerabilities, which affects 19 servers.</Description>
<SubType>VUL_WIN</SubType>
<Title>You have unhandled Windows host vulnerabilities</Title>
</Detail>
<Detail>
<Description>You have 448 vulnerabilities, which affects 68 servers.</Description>
<SubType>VUL_LINUX</SubType>
<Title>You have unhandled Linux host vulnerabilities</Title>
</Detail>
<Detail>
<Description>You have 11 undetected emergency vulnerabilities.</Description>
<SubType>VUL_EMR_UNCHECK</SubType>
<Title>You have undetected emergency vulnerabilities</Title>
</Detail>
<Detail>
<Description>You have one unhandled emergency vulnerability.</Description>
<SubType>VUL_EMR_UNFIX</SubType>
<Title>You have unhandled emergency vulnerabilities</Title>
</Detail>
</Suggestions>
<Suggestions>
<Points>20</Points>
<SuggestType>SS_HC</SuggestType>
<Detail>
<Description>You have 17 servers that can be accessed from the Internet but use weak passwords. The servers may be attacked. We recommend that you increase password complexity in a timely manner.</Description>
<SubType>HC_WEAK_EXPLOIT_WARN</SubType>
<Title>You have potential password exposure</Title>
</Detail>
<Detail>
<Description>You have 18 servers that use weak passwords. We recommend that you change the password and increase password complexity in a timely manner.</Description>
<SubType>HC_WEAK_PASSWORD_WARN</SubType>
<Title>You have weak passwords</Title>
</Detail>
<Detail>
<Description>You have 105 servers do not meet the requirements of security compliance. We recommend that you handle the risks based on the enhancement suggestions and service requirements.</Description>
<SubType>HC_OTHER_WARN</SubType>
<Title>You have at-risk security configurations</Title>
</Detail>
</Suggestions>
<Suggestions>
<Points>30</Points>
<SuggestType>SS_AK</SuggestType>
<Detail>
<Description>You have one AccessKey pair leaks.</Description>
<SubType>ACCESSKEY_LEAK</SubType>
<Title>You have potential AccessKey pair leaks</Title>
</Detail>
</Suggestions>
<Suggestions>
<Points>28</Points>
<SuggestType>SS_CLOUD_HC</SuggestType>
<Detail>
<Description></Description>
<SubType>CLOUD_HC_ACCOUNT_DOUBLE_CHECK</SubType>
<Title>Your Alibaba Cloud account has two-factor authentication disabled and is exposed to risks</Title>
</Detail>
<Detail>
<Description>You have five high configuration risks for Alibaba Cloud services.</Description>
<SubType>CLOUD_HC_HIGH_LEVEL</SubType>
<Title>You have high configuration risks for Alibaba Cloud services</Title>
</Detail>
<Detail>
<Description>You have 16 medium or low configuration risks for Alibaba Cloud services.</Description>
<SubType>CLOUD_HC_OTHER_LEVEL</SubType>
<Title>You have medium or low configuration risks for Alibaba Cloud services</Title>
</Detail>
</Suggestions>
<Suggestions>
<Points>5</Points>
<SuggestType>OTHER</SuggestType>
<Detail>
<Description>You have been attacked 3,387 times.</Description>
<SubType>OTHER_ATTACH</SubType>
<Title>You are under attack</Title>
</Detail>
</Suggestions>
<TotalCount>15</TotalCount>
<RequestId>676F80E3-4B3F-43DA-9CBB-5FF79F202AA2</RequestId>
</DescribeSecureSuggestionResponse>JSON format
{
"Suggestions": [
{
"Points": 40,
"SuggestType": "SS_ALARM",
"Detail": [
{
"Description": "You have 6,160 security alerts, which affects 39 assets",
"SubType": "ALARM_HIGH",
"Title": "You have unhandled high-risk alerts"
},
{
"Description": "You have 88 security alerts, which affects 25 assets",
"SubType": "ALARM_MEDIUM",
"Title": "You have unhandled medium-risk alerts"
},
{
"Description": "You have one security alert, which affects one asset",
"SubType": "ALARM_LOW",
"Title": "You have unhandled low-risk alerts"
}
]
},
{
"Points": 12,
"SuggestType": "SS_VUL",
"Detail": [
{
"Description": "You have 34 vulnerabilities, which affects 19 servers",
"SubType": "VUL_WIN",
"Title": "You have unhandled Windows host vulnerabilities"
},
{
"Description": "You have 448 vulnerabilities, which affects 68 servers",
"SubType": "VUL_LINUX",
"Title": "You have unhandled Linux host vulnerabilities"
},
{
"Description": "You have 11 undetected emergency vulnerabilities",
"SubType": "VUL_EMR_UNCHECK",
"Title": "You have undetected emergency vulnerabilities"
},
{
"Description": "You have one unhandled emergency vulnerability",
"SubType": "VUL_EMR_UNFIX",
"Title": "You have unhandled emergency vulnerabilities"
}
]
},
{
"Points": 20,
"SuggestType": "SS_HC",
"Detail": [
{
"Description": "You have 17 servers that can be accessed from the Internet but use weak passwords. The servers may be attacked. We recommend that you increase password complexity in a timely manner",
"SubType": "HC_WEAK_EXPLOIT_WARN",
"Title": "You have potential weak passwords exposure"
},
{
"Description": "You have 18 servers using weak passwords. We recommend that you change the password and increase password complexity as soon as possible",
"SubType": "HC_WEAK_PASSWORD_WARN",
"Title": "You have weak passwords"
},
{
You have 105 servers do not meet the requirements of security compliance. We recommend that you handle the risks based on the enhancement suggestions and service requirements.
"SubType": "HC_OTHER_WARN",
"Title": "You have potential security configuration risks"
}
]
},
{
"Points": 30,
"SuggestType": "SS_AK",
"Detail": [
{
"Description": "You have one potential AccessKey pair leak",
"SubType": "ACCESSKEY_LEAK",
"Title": "You have potential AccessKey leaks"
}
]
},
{
"Points": 28,
"SuggestType": "SS_CLOUD_HC",
"Detail": [
{
"Description": "",
"SubType": "CLOUD_HC_ACCOUNT_DOUBLE_CHECK",
"Title": "Your Alibaba Cloud account has two-factor authentication disabled and is exposed to risks"
},
{
"Description": "You have five high configuration risks for Alibaba Cloud services",
"SubType": "CLOUD_HC_HIGH_LEVEL",
"Title": "You have high configuration risks for Alibaba cloud services"
},
{
"Description": "You have 16 medium or low configuration risks for Alibaba Cloud services",
"SubType": "CLOUD_HC_OTHER_LEVEL",
"Title": "You have medium or low configuration risks for Alibaba cloud services"
}
]
},
{
"Points": 5,
"SuggestType": "OTHER",
"Detail": [
{
"Description": "You have been attacked 3,387 times",
"SubType": "OTHER_ATTACH",
"Title": "You are under attack"
}
]
}
],
"TotalCount": 15,
"RequestId": "676F80E3-4B3F-43DA-9CBB-5FF79F202AA2"
}Error codes
For a list of error codes, visit the API Error Center.