Aqua supports CSPM in Alibaba Cloud services accounts to help ensure the security and compliance of Alibaba Cloud resources.


TABLE OF CONTENTS


Getting Started

Connecting Aqua to your Alibaba Cloud account is simple and straightforward, and takes about 5 minutes. CSPM connects to your account through the use of an access key and secret. Refer to the Alibaba setup guide for complete installation steps.


The Scanning Process

Once connected, CSPM will query various read-only APIs in your account to obtain information about the configuration of your infrastructure services. This information will be processed and analyzed by Aqua's security control plugins to produce a security report.


Example Findings

CSPM has hundreds of plugins, representing a variety of cloud security controls. Some example findings include:

  • Misconfigured OSS buckets exposed publicly
  • ECS security groups configured to allow inbound access to sensitive services from the internet
  • RDS databases, and other services that are not encrypted
  • Various misconfigured RAM settings like password expiry, password minimum length, and so on.


Next Steps

To begin auditing your Alibaba accounts, simply register for an Aqua account and follow the connection process above.