Skip to main content

Onboarding an Alibaba Cloud account

Follow these steps to integrate your account:

  1. Under Scan Configuration, select Add an Alibaba Cloud account.

    CSPM_Alibaba_onboarding_add_account_cp_545972_en_.PNG

    The Add new Cloud Account window is displayed.

  2. On the Setting up a policy section, copy the JSON text available under step 4.

  3. Follow the instructions described on the page:

    1. Log in to your Alibaba account.

    2. Go to Resource and Access Management (RAM) > RAM Policies.

    3. Click on Create Policy.

      CSPM_Alibaba_onboarding_create_policy_cp_545972_en_.PNG
    4. Select the JSON tab and paste the JSON copied in step 2.

      CSPM_Alibaba_onboarding_json_tab_cp_545972_en_.PNG
    5. Click the Next to edit policy information button.

    6. Enter a descriptive name under the Name field.

    7. Click OK.

      The policy is created.

  4. Go back to the GravityZone Cloud Security console and click Next.

    The Create a user page is displayed.

  5. Follow the instructions described on the page:

    1. Go back to your Alibaba account.

    2. Go to Resource and Access Management (RAM) > RAM Users.

    3. Click Create user.

      CSPM_Alibaba_onboarding_create_user_cp_545972_en_.PNG
    4. Enter a descriptive name under the Logon Name field.

      CSPM_Alibaba_onboarding_create_user_name_cp_545972_en_.PNG
    5. Select the OpenAPI Access option.

    6. Click OK.

    7. Copy the AccessKey ID and AccessKey Secret and paste them in the fields available on your GravityZone Cloud Security console page.

      CSPM_Alibaba_onboarding_create_user_copy_id_cp_545972_en_.PNG
    8. Follow the instructions described on the page for Policy assignment

      1. Select the checkbox next to the user name.

      2. Click Add Permissions.

        CSPM_Alibaba_onboarding_create_user_add_permissions_cp_545972_en_.PNG

        The Grant Permission page is displayed.

      3. Under Resource Scope, ensure Account is selected.

      4. Under Policy section, select Custom Policy from the dropdown.

        CSPM_Alibaba_onboarding_custom_policy_cp_545972_en_.PNG
      5. Search the policy that was created above.

      6. Click Grant permissions.

  6. For the Account selection, copy the Account ID and paste in the field available on your GravityZone Cloud Security page.

  7. Click Add account.