Alibaba Cloud (Aliyun) · 183 checks

The cloud your other tools don't cover.

Alibaba Cloud is a real blind spot for most enterprises: the big Western cost and CSPM tools under-serve it, so waste and misconfiguration accumulate unwatched, often in the China-region estate nobody else is scanning.

InfraSweep gives Alibaba first-class coverage, ECS, OSS, RDS, SLB/ALB, VPC, RAM, KMS, Security Center, and ACR, with a heavy emphasis on security posture (80 of its checks are security), so the cloud your incumbents ignore finally gets a read-only second opinion.

Underserved

Few cost or CSPM tools cover Alibaba Cloud at all, so this is often the first real visibility a team gets into it.

80 checks

A security-first detector set: RAM hygiene, OSS exposure, Security Center gaps, and KMS posture.

Same pass

Idle ECS, unused SLB/ALB, and orphaned disks priced alongside the security findings, one scan, one report.

What we scan on Alibaba Cloud

80 security checks

A representative sample of the 183 Alibaba Cloud checks, grouped by service domain. Cost waste and security risk are surfaced in the same read-only pass.

Compute & storage

ECS, OSS, block storage, serverless, ACR.

Idle & oversized ECS instances

Compute running with little or no real load.

OSS bucket exposure & lifecycle

Public buckets and cold data on hot-tier pricing.

Orphaned disks & snapshots

Block storage left behind by deleted instances.

Serverless & container registry waste

Function and ACR resources nobody uses.

Database & messaging

RDS, NoSQL, Kafka, Elasticsearch, messaging.

Idle RDS instances

Managed databases with near-zero activity.

NoSQL & Elasticsearch over-provisioning

Capacity sized well above consumption.

Kafka & messaging idle

Streaming and queue resources with no throughput.

Network

VPC, SLB/ALB, EIP, peering, cloud firewall.

Idle SLB / ALB load balancers

Balancers with no targets or traffic.

Unused EIPs & VPC plumbing

Reserved addresses and peering carrying nothing.

Edge & CDN waste

Distributions and edge resources serving no requests.

Security & identity

RAM, KMS, Security Center, audit, cloud firewall.

RAM identity & policy hygiene

Over-broad permissions and stale users/keys.

OSS public exposure

Object storage open beyond intent.

Security Center & audit gaps

Detective controls left disabled.

KMS & cloud-firewall posture

Key rotation and perimeter configuration.

How you connect

An AccessKey or a RAM-role STS session

Provide a read-only AccessKey, or assume a RAM role via STS for short-lived credentials.

ReadOnlyAccess. No write permissions, encrypted at rest, revocable any time.

How the dollars are calculated

Curated baseline pricing (live Alibaba pricing is on the roadmap); every finding labels its pricing source.

Every finding is backed by the raw cloud API response it came from, with a confidence score and the pricing source labelled, no black-box numbers.

Scan your Alibaba Cloud estate free

Connect an accesskey or a ram-role sts session and run a read-only scan. Findings come priced in real dollars with a fix and the evidence for each.

Start scanning free

Other clouds we scan