Connecting Aqua to your Alibaba Cloud account is simple and straightforward, and takes about 5 minutes. CSPM connects to your account through the use of an access key and secret. Refer to the Alibaba setup guide for complete installation steps.
The Scanning Process
Once connected, CSPM will query various read-only APIs in your account to obtain information about the configuration of your infrastructure services. This information will be processed and analyzed by Aqua's security control plugins to produce a security report.
CSPM has hundreds of plugins, representing a variety of cloud security controls. Some example findings include:
Misconfigured OSS buckets exposed publicly
ECS security groups configured to allow inbound access to sensitive services from the internet
RDS databases, and other services that are not encrypted
Various misconfigured RAM settings like password expiry, password minimum length, and so on.