aliyun-sas-manage

$npx mdskill add cinience/alicloud-skills/aliyun-sas-manage

Manages Alibaba Cloud Security Center resources via OpenAPI/SDK

  • Solves tasks like resource management, configuration updates, and API troubleshooting
  • Relies on Alibaba Cloud OpenAPI, SDKs, and OpenAPI Explorer for Security Center
  • Decides actions based on user intent, region, and required API parameters
  • Delivers results through API responses, status verification, and actionable feedback
SKILL.md
.github/skills/aliyun-sas-manageView on GitHub ↗
---
name: aliyun-sas-manage
description: Use when managing Alibaba Cloud Security Center (Sas) via OpenAPI/SDK, including the user needs Security Center resource operations, configuration updates, status queries, and troubleshooting Sas API or security workflow issues.
version: 1.0.0
---

Category: service

# Security Center

Use Alibaba Cloud OpenAPI (RPC) with official SDKs or OpenAPI Explorer to manage resources for Security Center.

## Workflow

1) Confirm region, resource identifiers, and desired action.
2) Discover API list and required parameters (see references).
3) Call API with SDK or OpenAPI Explorer.
4) Verify results with describe/list APIs.

## AccessKey priority (must follow)

1) Environment variables: `ALIBABACLOUD_ACCESS_KEY_ID` / `ALIBABACLOUD_ACCESS_KEY_SECRET` / `ALIBABACLOUD_REGION_ID`
Region policy: `ALIBABACLOUD_REGION_ID` is an optional default. If unset, decide the most reasonable region for the task; if unclear, ask the user.
2) Shared config file: `~/.alibabacloud/credentials`

## API discovery

- Product code: `Sas`
- Default API version: `2021-01-14`
- Use OpenAPI metadata endpoints to list APIs and get schemas (see references).

## High-frequency operation patterns

1) Inventory/list: prefer `List*` / `Describe*` APIs to get current resources.
2) Change/configure: prefer `Create*` / `Update*` / `Modify*` / `Set*` APIs for mutations.
3) Status/troubleshoot: prefer `Get*` / `Query*` / `Describe*Status` APIs for diagnosis.

## Minimal executable quickstart

Use metadata-first discovery before calling business APIs:

```bash
python scripts/list_openapi_meta_apis.py
```

Optional overrides:

```bash
python scripts/list_openapi_meta_apis.py --product-code <ProductCode> --version <Version>
```

The script writes API inventory artifacts under the skill output directory.

## Output policy

If you need to save responses or generated artifacts, write them under:
`output/aliyun-sas-manage/`

## Validation

```bash
mkdir -p output/aliyun-sas-manage
for f in skills/security/host/aliyun-sas-manage/scripts/*.py; do
  python3 -m py_compile "$f"
done
echo "py_compile_ok" > output/aliyun-sas-manage/validate.txt
```

Pass criteria: command exits 0 and `output/aliyun-sas-manage/validate.txt` is generated.

## Output And Evidence

- Save artifacts, command outputs, and API response summaries under `output/aliyun-sas-manage/`.
- Include key parameters (region/resource id/time range) in evidence files for reproducibility.

## Prerequisites

- Configure least-privilege Alibaba Cloud credentials before execution.
- Prefer environment variables: `ALIBABACLOUD_ACCESS_KEY_ID`, `ALIBABACLOUD_ACCESS_KEY_SECRET`, optional `ALIBABACLOUD_REGION_ID`.
- If region is unclear, ask the user before running mutating operations.

## References

- Sources: `references/sources.md`
More from cinience/alicloud-skills