CSPM in Alibaba Cloud Services
Aqua supports CSPM in Alibaba Cloud services accounts to help ensure the security and compliance of Alibaba Cloud resources.
TABLE OF CONTENTS
Getting Started
Connecting Aqua to your Alibaba Cloud account is simple and straightforward, and takes about 5 minutes. CSPM connects to your account through the use of an access key and secret. Refer to the Alibaba setup guide for complete installation steps.
The Scanning Process
Once connected, CSPM will query various read-only APIs in your account to obtain information about the configuration of your infrastructure services. This information will be processed and analyzed by Aqua's security control plugins to produce a security report.
Example Findings
CSPM has hundreds of plugins, representing a variety of cloud security controls. Some example findings include:
- Misconfigured OSS buckets exposed publicly
- ECS security groups configured to allow inbound access to sensitive services from the internet
- RDS databases, and other services that are not encrypted
- Various misconfigured RAM settings like password expiry, password minimum length, and so on.
Next Steps
To begin auditing your Alibaba accounts, simply register for an Aqua account and follow the connection process above.
Did you find it helpful? Yes No
Send feedback