Updated on 2024-04-22 GMT+08:00

Concepts

  • Account

    An account is created upon successful registration with the cloud system. The account has full access permissions for all of its cloud services and resources. It can be used to reset user passwords and grant user permissions. The account is a payment entity, which should not be used directly to perform routine management. For security purposes, create Identity and Access Management (IAM) users and grant them permissions for routine management.

  • IAM user

    An IAM user is created under an account to use cloud services. Each user has its own identity credentials (password and access keys).

    An IAM user can view the account ID and user ID on the My Credentials page of the management console. The account name, username, and password will be required for API authentication.

  • Region

    A region is a physical location where a cloud service is deployed. Availability zones (AZ) in the same region can communicate with each other over an intranet but AZs in different regions cannot communicate with each other. By creating cloud resources in different regions, you can design applications to better meet customer requirements and comply with local laws and regulations.

  • Availability zone (AZ)

    An AZ contains one or more physical data centers. It has independent cooling, fire extinguishing, moisture-proof, and electricity facilities. Within an AZ, compute network, storage, and other resources are logically divided into multiple clusters. AZs within a region are interconnected using high-speed optical fibers to allow users to build cross-AZ high-availability systems.

  • Project

    A project corresponds to a region. Default projects are defined to group and physically isolate resources (including compute, storage, and network resources) across regions. Users can be granted permissions in a default project to access all resources under their accounts in the region associated with the project. For more refined access control, create subprojects under a project and purchase resources in the subprojects. Users can then be assigned permissions to access only specific resources in the subprojects.

    You can obtain the project ID on the API Credentials page.