Alibaba Cloud (Aliyun) · 183 checks
The cloud your other tools don't cover.
Alibaba Cloud is a real blind spot for most enterprises: the big Western cost and CSPM tools under-serve it, so waste and misconfiguration accumulate unwatched, often in the China-region estate nobody else is scanning.
InfraSweep gives Alibaba first-class coverage, ECS, OSS, RDS, SLB/ALB, VPC, RAM, KMS, Security Center, and ACR, with a heavy emphasis on security posture (80 of its checks are security), so the cloud your incumbents ignore finally gets a read-only second opinion.
Underserved
Few cost or CSPM tools cover Alibaba Cloud at all, so this is often the first real visibility a team gets into it.
80 checks
A security-first detector set: RAM hygiene, OSS exposure, Security Center gaps, and KMS posture.
Same pass
Idle ECS, unused SLB/ALB, and orphaned disks priced alongside the security findings, one scan, one report.
What we scan on Alibaba Cloud
80 security checksA representative sample of the 183 Alibaba Cloud checks, grouped by service domain. Cost waste and security risk are surfaced in the same read-only pass.
Compute & storage
ECS, OSS, block storage, serverless, ACR.Idle & oversized ECS instances
Compute running with little or no real load.
OSS bucket exposure & lifecycle
Public buckets and cold data on hot-tier pricing.
Orphaned disks & snapshots
Block storage left behind by deleted instances.
Serverless & container registry waste
Function and ACR resources nobody uses.
Database & messaging
RDS, NoSQL, Kafka, Elasticsearch, messaging.Idle RDS instances
Managed databases with near-zero activity.
NoSQL & Elasticsearch over-provisioning
Capacity sized well above consumption.
Kafka & messaging idle
Streaming and queue resources with no throughput.
Network
VPC, SLB/ALB, EIP, peering, cloud firewall.Idle SLB / ALB load balancers
Balancers with no targets or traffic.
Unused EIPs & VPC plumbing
Reserved addresses and peering carrying nothing.
Edge & CDN waste
Distributions and edge resources serving no requests.
Security & identity
RAM, KMS, Security Center, audit, cloud firewall.RAM identity & policy hygiene
Over-broad permissions and stale users/keys.
OSS public exposure
Object storage open beyond intent.
Security Center & audit gaps
Detective controls left disabled.
KMS & cloud-firewall posture
Key rotation and perimeter configuration.
How you connect
An AccessKey or a RAM-role STS session
Provide a read-only AccessKey, or assume a RAM role via STS for short-lived credentials.
How the dollars are calculated
Curated baseline pricing (live Alibaba pricing is on the roadmap); every finding labels its pricing source.
Every finding is backed by the raw cloud API response it came from, with a confidence score and the pricing source labelled, no black-box numbers.
Scan your Alibaba Cloud estate free
Connect an accesskey or a ram-role sts session and run a read-only scan. Findings come priced in real dollars with a fix and the evidence for each.
Start scanning free