Updated on 2025-07-01 GMT+08:00

Concepts

  • A has full access permissions for all the resources and cloud services. It can be used to reset user passwords and grant users permissions. The should not be used directly to perform routine management. For security purposes, create Identity and Access Management (IAM) users and grant user permissions for routine management.

  • IAM user

    A user is created to use cloud services. Each user has its own identity credentials (password and access keys).

    You can view the ID and user ID on the My Credentials page of the console. The name, username, and password will be required for API authentication.

  • Region

    Regions are divided based on geographical location and network latency. Public services, such as Elastic Cloud Server (ECS), Elastic Volume Service (EVS), Object Storage Service (OBS), Virtual Private Cloud (VPC), Elastic IP (EIP), and Image Management Service (IMS), are shared within the same region. Regions are classified as universal regions and dedicated regions. A universal region provides universal cloud services for common tenants. A dedicated region provides services of the same type or only provides services for specific tenants.

  • AZ

    AZs are physically isolated locations in a region, but are interconnected through an internal network for enhanced application availability.

  • Project

    A project corresponds to a region. Default projects are defined to group and physically isolate resources (including compute, storage, and network resources) between different regions. Users can be granted permissions in a default project to access all resources under their in the region associated with the project. For more refined access control, create subprojects under a project and resources in the subprojects. Users can then be assigned permissions to access only specific resources in the subprojects.

    Figure 1 Project isolating model