All Products
Document Center


Last Updated: Jun 08, 2020


A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | Z

ApsaraDB Hybrid for MySQL (ApsaraDB HybridDB for MySQL)

A relational database designed for hybrid transaction analytical processing (HTAP) that supports massive online transactions and massive online analytics.

A record

A record that maps a host name or a domain name to an IP address.

AAAA record

A record that maps a host name or a domain name to an IPv6 address.

AccessKey (AK)

An authentication method that uses an AccessKeyId and AccessKeySecret pair to authenticate users. Accesskeyid identifies the user and can be public. Accesskeysecret is the key that the user uses to encrypt the signature string and that the OSS uses to validate the signature string. To ensure security, the Accesskeysecret must be kept private.

account ID

User credentials that enable the DNS service to be accessed through the API. Once the DNS service is enabled, this account ID can be created. Once created, it cannot be modified

additional write throughput

The amount in which the actual consumed write throughput exceeds the reserved read throughput. The statistical period is one second.

Address Resolution Protocol (ARP)

ARP provides dynamic mapping of network addresses, such as IP addresses, to corresponding hardware addresses, such as MAC addresses.

administrative Contact/admin Contact

A person responsible for administering the domain. The admin contact does not have to be the same as the owner of the domain.

administrator right

A user with the right to unrestricted access to a system, including ability to create, modify, or delete any folders or files as well as change system settings.

aggregate function

A function where the values of multiple rows are grouped together to form a single value of more significant meaning or measurement such as a set, a bag or a list.

alarm contact

The receiver of an alert notification.

alarm group

Multiple alarm contacts can be pooled together as a group. This group can then collectively receives the same alarm notifications when predetermined conditions are met.

alarm rule

A condition that is set by the user in which the system monitors for, and triggers an alarm if met.

alarm service

Allows users to set alarm rules to monitor services and detect when the rules are met.

Alibaba Cloud ActionTrail (ActionTrail)

A logging service that allows you to log cloud account operations and save them to the target OSS bucket. You can also query the logs.

Alibaba Cloud AnalyticDB (AnalyticDB)

Formerly known as ADS. A real-time Online Analytical Processing (OLAP) managed database cloud service that can crunch massive amounts of data. As a fast and flexible database service, AnalyticDB is compatible with the MySQL protocol, including metadata information. AnalyticDB easily integrates into your business ecosystem to allow you to discover new trends and transform your business based on data analysis.

See AnalyticDB.

Alibaba Cloud Anti-DDoS Service Pro (Anti-DDoS Service Pro)

A premium value-added service to provide high availability and complete protection from numerout types of DDoS attacks to your business. Incoming traffic is either diverted to Alibaba Cloud Anti-DDoS scrubbing centers, or the original website IP is replaced by an Anti-DDoS IP provided by Alibaba Cloud.

See Anti-DDoS Pro.

Alibaba Cloud API Gateway (API Gateway)

An API hosting service that provides lifecycle management including API provisioning, administration, maintenance, and go-to-market. It aggregates multiple backend micro-services, decouples frontends and back ends, integrates multiple systems, and exposes functions and data to your partners and the developer community in an easy to use, agile, and cost-effective manner.

See API Gateway.

Alibaba Cloud Application Real-time Monitoring Service (ARMS)

An end-to-end service monitoring solution for PaaS products in the Alibaba Cloud ecosystem. Integrating advanced components such as data collection, messaging channels, real-time computing statistics, online storage, and more, users can build monitoring programs based on their business requirements to achieve world-class business monitoring and response capabilities.

Alibaba Cloud ApsaraDB for RDS (ApsaraDB for RDS)

An on-demand database service that automatically manages many administrative tasks of managing a database, leaving you with more time to focus on developing your core business.

Alibaba Cloud ApsaraDB for Redis (ApsaraDB for Redis)

An automated and scalable tool for developers to manage data storage shared across multiple processes, applications, or servers.

Alibaba Cloud ApsaraDB for SQL Server (ApsaraDB for SQL Server)

A commercial database that supports complex SQL queries for applications based on Windows .NET architecture.

Alibaba Cloud Archive Storage (Archive Storage)

An integral part of the Alibaba Cloud data storage ecosystem; it provides low-cost, reliable data archiving services that are suitable for long-term archiving and backup of massive data.

See Archive.

Alibaba Cloud Auto Scaling (Auto Scaling)

A management service that can automatically adjust ECS instances according to business needs and policies.

Alibaba Cloud Bastion Host (Bastion Host)

A system that is fully exposed to attacks and is critical for network security. They are special purpose systems that are specifically designed and configured to withstand attacks. The system generally hosts a single exposed application such as a DNS, proxy server, email server, FTP server, web server, VPN server, or Honeypot. All other services are removed, or restricted, to reduce threats to machines.

Alibaba Cloud Block Storage (Block Storage)

A low latency, persistent, high reliability block-level random storage for ECS instances.

Alibaba Cloud Cloud Service Bus (CSB)

An open API service platform based on highly available distributed cluster technology. The API helps realize the interoperability of service capabilities across technology platforms, application systems and enterprise organizations.

Alibaba Cloud CloudMonitor (CloudMonitor)

CloudMonitor is a flexible monitoring service that provides in-depth insights into your cloud deployments.

Alibaba Cloud Content Delivery Network (CDN)

A distributed content delivery network built on, and overlaying, the bearer network, and is composed of edge node server clusters distributed across different regions. Alibaba Cloud CDN delivers the source content to edge nodes, and works to a precise scheduling system. It distributes user requests to the most suitable nodes, allowing users to retrieve their desired content quickly and conveniently, reducing traffic congestion across the Internet and increasing the response speed of users visiting websites.

See Alibaba Cloud CDN.

Alibaba Cloud Data Encryption Service (Data Encryption Service)

A cloud data encryption service that protects data on the cloud, and enables you to comply with data security regulations.

Alibaba Cloud Data Integration (Data Integration)

Provides stable, efficient, and flexible data synchronization for Alibaba Cloud products and platforms.

Alibaba Cloud Data Management (DMS)

A data management service that integrates data manipulation, object management, resource market, instance authorization, security auditing, data trends, data tracking, data graphing, optimization, and server management. It supports relational databases such as MySQL, SQL server, PostgreSQL, MongoDB, Redis, and NoSQL database management, while also supporting Linux server management.

Alibaba Cloud Data Risk Control (Data Risk Control)

A risk engine for enterprise users to protect enterprise accounts, activities, transactions, etc. against fraud.

Alibaba Cloud Data Transmission (DTS)

Helps you migrate data between data storages, such as relational database, NoSQL, and OLAP.

Alibaba Cloud DataV (DataV)

Helps non-professional engineers to construct professional visual application on the GUI for daily service monitoring, scheduling and presentation scenarios.

Alibaba Cloud DataWorks (DataWorks)

A Big Data platform product that provides all-in-one Big Data development, data permission management, offline job scheduling, and other features.

See DataWorks.

Alibaba Cloud DirectMail (DirectMail)

A simple, efficient email service that helps send transactional notifications and batch emails.

Alibaba Cloud Distributed Relational Database Service (DRDS)

A distributed relational database service that is reliable, robust, and offers highly scalable capacity and service. It is compatible with the MySQL protocol and syntax and supports automatic horizontal splitting, scaling, expansion of service capabilities, and transparent read and write separation. It also offers management and control of the entire database life cycle.

Alibaba Cloud DNS (DNS)

Alibaba Cloud DNS is a highly available, highly scalable authoritative DNS service and DNS management service.

Alibaba Cloud Elastic Compute Service (ECS)

A type of computing service that features elastic processing capabilities. It has a simpler and more efficient management mode than physical servers. You can create instances, resize disks, and add or release any number of ECS instances at any time to fit your business needs.

Alibaba Cloud Elastic IP (Elastic IP)

An Elastic IP address is a NAT IP address. It resides in the public network gateway of Alibaba Cloud and is mapped to the private network gateway of the bound ECS instance by NAT. It allows the ECS instance to communicate with the Internet without exposing its IP address.

Alibaba Cloud Elastic Web Hosting (Elastic Web Hosting)

A next generation web hosting solution that uses containers to implement better network isolation, security, and stability.

Alibaba Cloud E-MapReduce (E-MapReduce)

A big data processing solution based on Apache Hadoop and Apache Spark. It lets you manage and process big data for uses such as trend analysis, data warehousing, and analysis of continuous data streams.

See E-MapReduce Service.

Alibaba Cloud Express Connect (Express Connect)

It provides a fast, stable, secure, and private or dedicated network communication between different cloud environments, including VPC intranet intercommunication and dedicated leased line connection across regions and users.

Alibaba Cloud Function Compute (Function Compute)

An event-driven serverless computing service. Users simply compile and upload the code, and Alibaba Cloud Function Compute executes the code in a way that scales smoothly with user access traffic.

Alibaba Cloud Graph Analytics (Graph Analytics)

A data modeling tool that can be used to build algorithms for targeted scenarios such as financial security services needing to undertake internal corporate reviews or risk scenarios.

Alibaba Cloud HPC (HPC)

A high-performance, stable, secure computing service that helps you quickly build applications with extreme processing capabilities and superior computational efficiency.

Alibaba Cloud HTTPDNS

A DNS service that uses the HTTP protocol to directly access the Alibaba Cloud DNS. It bypasses the carrier’s local DNS to prevent DNS hijacking and to provide real-time DNS resolution.

Alibaba Cloud LiveVideo (LiveVideo)

A direct platform to build content access and distribution networks using large-scale distributed real-time streaming media transcoding technology. It provides convenient access and smooth, high quality, low latency, high concurrent audio, and video broadcast service.

Alibaba Cloud Marketplace

A marketplace that provides cloud applications for Alibaba Cloud. On the Marketplace, you can buy cloud applications form third-party vendors.

Alibaba Cloud MaxCompute (MaxCompute)

A Big Data processing platform developed by Alibaba Cloud. It is mainly used for batch structural data storage and processing to provide massive data warehouse solutions and Big Data modeling.

See MaxCompute.

Alibaba Cloud Message Queue (MQ)

It provides messaging capabilities including creating and tracking subscriptions, resource statistic measuring, alarm monitoring, and more, to build a complete set of enterprise-level messaging functions using highly available distributed cluster technology.

Alibaba Cloud Mobile Feedback (Mobile Feedback)

Allows mobile developers to gather and analyze user responses and issues within select apps to enhance app development. It also supports automatic collection of developer reviews in targeted app markets.

Alibaba Cloud Network Address Translation (NAT)

An IETF (Internet Engineering Task Force) standard that allows an entire network to appear on the Internet as a single public IP address.

Alibaba Cloud Network Attached Storage (NAS)

A file storage service for compute nodes such as Alibaba Cloud ECS instances and docker. It provides standard file access protocols, and is transparent so that users do not need to modify existing applications.

Alibaba Cloud Object Storage Service (OSS)

A cloud storage service that enables you to store, backup, and archive large amounts of data on the cloud. It can be used for a wide variety of scenarios including websites, enterprise development, or individual developers.

See Object Storage Service.

Alibaba Cloud OpenSearch (OpenSearch)

A managed service that supports structured data, search sorting, and data processing.

Alibaba Cloud Private Line Service (Private Line Service)

An internet product that lets partners embed private line capabilities into their business. It’s dependent on the partner’s network operator, but it can provide improved privacy protection for business partners.

Alibaba Cloud Quick BI (Quick BI)

A next-generation intelligent BI service platform tailored for cloud users.

Alibaba Cloud R&D Collaboration (RDC)

An R&D platform for enterprise users. They can go from product coding, to testing, and releasing all while resolving cross-organizational development processes through data-drive measurement analytics and improved decision-making processes for improved performance.

Alibaba Cloud Recommendation Engine (RecEng)

A set of recommended service frameworks available in the Alibaba Cloud computing environment. It predicts user preferences for items in real time. It supports customized recommendation algorithm, and comparison of A/B test results.

Alibaba Cloud Resource Access Management (RAM)

A user identity and access control service which enables you to centrally manage your users (including employees, systems, or applications) and securely control their access to your resources by applying permission levels.

See Resource Access Management.

Alibaba Cloud SchedulerX (SchedulerX)

A distributed task scheduling product developed by Alibaba Cloud. SchedulerX server clusters provide high availability and stability guarantee for scheduling, and can provide distributed scheduling for client machine clusters. Applications that use the SchedulerX client can receive schedules set in the SchedulerX console.

Alibaba Cloud Security Partner’s Product Console (SPPC)

A unified management platform for Alibaba Cloud security partner products. Users can login and buy and manage security partner products.

Alibaba Cloud Server Guard (Server Guard)

It provides real-time monitoring of your servers and databases.

See Server Guard.

Alibaba Cloud Short Message Service (SMS)

A communication service that supports rapid delivery of SMS authentication codes, SMS notifications, and addition SMS functions, to users.

Alibaba Cloud Situation Awareness (Situation Awareness)

Collects 20 different kinds of logs and cyberspace threat information, and uses machine learning to recover from attacks and predict future attacks.

Alibaba Cloud Table Store (Table Store)

A massive, highly concurrent, low latency NoSQL data storage service.

Alibaba Cloud Virtual Private Cloud (VPC)

An Alibaba Cloud Virtual Private Cloud (VPC) is a private network built and customized based on Alibaba Cloud. Full logical isolation is achieved between Alibaba VPCs. Users can create and manage cloud product instances, such as ECS, Intranet Server Load Balancer, and RDS, in their own VPCs.

Alibaba Cloud Web Application Firewall (WAF)

A cloud firewall service that protects core website data and safeguards the security and availability of your website. It controls access to content by allowing or blocking web requests based on criteria that you specify, such as header values or the IP addresses that the requests originate from. It helps protect web applications from common web exploits that could affect application availability, compromise security, or consume excessive resources.

Alibaba Cloud IoT

Alibaba Cloud IoT is built specifically for IoT. It allows developers to build secure and powerful data channels and two-way communications for IoT devices.


A container in which EDAS runs its services. It integrates core functions such as publishing, subscription, and call chain tracking. Applications must be published into this container for execution either at design time or at run time.

Alibaba Cloud Message Service (Message Service)

A high performance, reliable, safe, extensible distributed message and notification service that supports massive messages and concurrent operations. It decouples message transfers between applications and the system.


An action often implemented to inhibit to bandwidth leeching, a script is run on a website’s server that automatically bans the IP that attempts to leech (that is, drain resources, bandwidth, or data in an unethical manner) or redirects leechers to defective files.

API consumer

Users who manage API consumer applications and have subscriptions to CSB open APIs.

API consumer application

An application that uses CSB APIs.

API consumption token

A token used by the CSB to authenticate API consumer applications that call and subscribe to CSB APIs. It is comprised of an AccessKey and SecretKey pair (AK/SK for short).

API provider

Accounts that publish and manage API application and services through the CSB open API service.

API provider application

Applications published by API providers that can be accessed by API consumers through the CSB open API service.

API reference

Application Programming Interface. A set of subroutine definitions, protocols, and tools for building applications software.


An application can be created from a single image or layout template. Each application can contain one or more services.


A user’s set of data configurations including data source structure, index structure, and additional configurations.

application diagnosis

A detailed performance and troubleshooting analysis for Java applications such as heap/non-heap memory, class loaders, Tomcat connection statistics, and more.

application grouping

In-application group management that enables users to package beta releases, AB tests, and grayscale releases. It also enables improved application lifecycle management and resource monitoring.

application monitoring

The action in which users can view real-time traffic and historical information of select applications to monitor the health status and quickly detect and resolve issues.

application programming interface (API)

A set of routines that an application uses to request and carry out lower-level services performed by a computer’s or device’s operating system. These routines usually carry out maintenance tasks such as managing files and displaying information.

Apsara distributed file system

A large-scale, general purpose operating system that can connect millions of servers to form, in essence, a supercomputer, which can provide computing power in the form of online public services.

Apsara Stack

A dedicated enterprise cloud platform running on bare metal systems that provides private IaaS capabilities, and Containers as a Service (CaaS) functionality, for enterprises.

ApsaraDB (ApsaraDB)

The proprietary distributed computing architecture that many of Alibaba Cloud’s services are supported on. It supports massive scalability with up to 5,000 servers, 100 petabyte storage capacity, and 100,000 CPU cores.

ApsaraDB for HBase (ApsaraDB for HBase)

ApsaraDB for Hbase is a distrubuted database based on Hadoop that supports petabytes (PB) of data storage for high-throughput read and write scenarios.

ApsaraDB for Memcache (ApsaraDB for Memcache)

ApsaraDB for Memcache is a managed memory based caching service that supports high-speed access to queries and data.

ApsaraDB for Memcache Cluster

The system that stores the key-value data. All the data is stored in the memory, enabling fast access and performance.

ApsaraDB for Memcache control flow

The action in which users can perform management operations on an instance, such as adding instances, deleting instances, changing instances, and querying information about the instances.

ApsaraDB for MongoDB (ApsaraDB for MongoDB)

A secure, reliable, and elastically scalable cloud database service that supports the ReplicaSet and Sharding architectures.

ApsaraDB for OceanBase (ApsaraDB for OceanBase)

An independently built, scalable database that implements inter-bank cross-table transactions and supports hundreds of billions of SQL statemetents to support transactional data generated in ecommerce environments.

ApsaraDB for PPAS (ApsaraDB for PPAS)

A stable, secure, and scalable enterprise-level relational database based on PostgreSQL. PPAS delivers enhanced performance and application solutions, and can run Oracle applications directly.

ApsaraDB HybridDB for PostgreSQL (ApsaraDB HybridDB for PostgreSQL)

A distributed cloud database composed of multiple groups to provide online MPP (Massively Parallel Processing) data warehousing services. HybridDB for PostgreSQL is developed based on the Greenplum Open Source Database program and is enhanced with some in-depth extensions by Alibaba Cloud.

atomicity, consistency, isolation, durability (ACID)

The abbreviation of a set of properties of database transactions intended to guarantee validity. The properties are atomicity, consistency, isolation, durability, which are necessary for a transaction supporting database, otherwise the data correctness cannot be guaranteed nor the requirement of the counterparty be met during the transaction.


Information that determines the properties of a field or tag in a database. There is no limit to the amount of attribute columns.

attribute field

Used to output statistics and other functions. The field type can be filter, sort, aggregate, or distinct.

authorization policy

A set of permissions that either allow or deny a user access to a certain resource. After an authorization policy is attached to a user or group, the user or users in the group will be granted access to resources that were specified in the authorization policy. Authorization policies are described using the policy language. For more information, refer to Policy Language.

automatic snapshot policy

A rule that defines when the automatic snapshots are taken and how long they are retained.

automatic snapshot policy

A rule that defines when the automatic snapshots are taken and how long they will be retained.


The ability of authorized entities to access and use a resource as needed.

average response time

The average response time, in milliseconds, when DRDS performs logical SQL queries during a cycle. It is calculated as follows: (the time point recorded by the DRDS for the last package of the result set) - (the point at which DRDs receives the SQL query).


A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | Z

backend server

A set of cloud servers that accept load-balanced distribution requests. The load balancing service forwards external access requests to the backend servers based on the rules set by the users.

backend server weight

A relative value. The bigger the weight, the more requests a backend server will be sent.

basic monitoring

EDAS collects data from ECS instances running the application, and monitors the CPU, memory, load, network, and disks used for system analysis and data processing.

Batch Compute

A distributed cloud service for large-scale parallel batch processing jobs.

beta release

A software release to select users for testing and reporting of any bugs or performance issues before a general release.

billing method

How cloud service resources are billed. This can be by traffic, bandwidth, duration, etc.

binary log file position (Binlog file position)

In a MySQL Binary log file, each line records a data change action. The position of the line is referred to as binary log (binlog) file position.


The action of transmitting a packet that will be received by every device on the network.

broadcast consumption

In this mode, each consumer instance for a consumer ID will consume each message once. For example, a topic has 9 messages and a consumer ID has 3 consumer instances, so each instance will consume 9 messages.


A bucket is a container for objects stored in Alibaba Cloud OSS. Every object is contained in a bucket.

buffer hit rate

A measurement that is the percentage of time in which the system is retrieving records from memory versus from disk.

buffer pool

A cache of existing database connections. It allows applications to reuse database connections that already exist in the pool, and reduces repeated attempts to create new database connections. This technology can improve system performance and avoid the overhead of building a new connection.

byte hit rate

The probability that a requested number of bytes hits the cache within a specified period of time.


A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | Z

canonical name record (CNAME record)

A DNS resource record type. It specifies a domain name as an alias for another domain.

canonical name resolution (CNAME resolution)

It maps multiple domain names to one destination IP address.

canonicalized query string

A query string that has been converted into a “standard”, “normal”, or canonical form by concatenating the equals sign with the & sign and parameter names in lexicographic order.


Country code top-level domain. An Internet top-level domain generally used or reserved for a country, sovereign state, or dependent territory identified with a country code.

Cellular Data Package

An internet data service that enables Alibaba Cloud users to use cellular data services with mobile phones and IoT devices.


Certificates are used in HTTPS. After uploading a certificate to a Server Load Balancer, users can bind the certificate during HTTPS listener creation to provide HTTPS service. Certificates include both server-side and client-side certificates.

certificate authority (CA)

An entity that issues digital certificates.

channel subscription ID

Unique identifier for a subscription channel. When users consume incremental data using the SDK, they need to configure the corresponding subscription channel ID.

character encoding

Computing actions that represent a repertoire of characters by some kind of encoding system. Depending on the abstraction level and context, corresponding code points and the resulting code space may be regarded as bit patterns, octets, natural numbers, electrical pulses, and so on. ASCII is an example.

Chinese domain name

A domain name for a China-based domain.

classless inter-domain routing (CIDR)

Also called supernetting, it is a method to prevent the expansion of Internet route tables. It is a method of allocating multiple IP addresses to reduce the total number of route entries in a route table.

See What is CIDR?.


When you connect an MQTT client application, the server checks whether session information has been saved from a previous connection to the server. If a previous session still exists, and cleanSession=true, then the previous session information at the client and server is cleared. If cleanSession=false the previous session is resumed. If no previous session exists, a new session is started.

client ID

The unique identifier for each client in MQTT. It is used to connect to MQTT services and is in the format GroupID@@@DeviceID.


A program that establishes connections to send requests.


A status that indicates that it is not possible to delete the domain name registration, which can prevent unauthorized deletions resulting from hijacking and/or fraud. If you do want to delete your domain, you must first contact your registrar and request that they remove this status code.


A status that indicates the registrar has placed the domain name on hold and its web-related functions are inactive.


A status that indicates the registrar has modified the name so that it cannot be renewed.


A status that indicates your domain is prohibited from being transferred without consent from the domain’s registrant.


A status that indicates that it is not possible to transfer the domain name registration, which will help prevent unauthorized transfers resulting from hijacking and/or fraud.

Cloud Service Bus group (CSB group)

A collection of CSB nodes creates a CSB group. CSB groups can be created and managed within the CSB Management console.

cloud service bus instance (CSB instance)

A cluster of CSB nodes creates one independent CSB instance. A CSB instance is used to open capabilities in one service domain and release external capabilities within the service domain.

Cloud Service Monitoring

The means through which using the CloudMonitor console a user can view and query performance indicators of their instances, analyze usage, monitor trends, and detect and diagnose system problems.


A cloud computing container that contains sever nodes

cluster consumption

A consumption mode where all consumer instances for a consumer ID share consumption of messages evenly. For example, a topic has 9 messages and the consumer ID has 3 consumer instances, so each instance consumes 3 messages.

compound indicator

An indicator that is calculated based on another indicator.

configuration push service

A configuration management feature provided by EDAS. It provides centralized management of distributed systems. Users can add, modify, and delete configuartions in real time, and then push the configuration updates globally or within the application.


A TCP connection between the client and the RDS instance. If the clinet uses a connection pool the connection is long. Otehrwise, it is short.

connection mode

The connection mode for an RDS instance. There are two modes: Performance is the standard access mode; Safety is the high security access mode.

connection password

The password for connecting to specific cloud databse instance. The connection password format is: instance ID:custom password. For example, at the time of purchase, the cutom password is set to 1234, and the assigned instance ID is XXXX, then the connection password is xxxx:1234. The connection password can be changed in the management console.

connection pool

A unified connection management technology designed to improve application performance and reduce database load. It is responsible for allocating, managing, and releasing database connections.

connection pool

A cache of database connections maintained so that the connections can be reused when future requests to the database are required. Connection pools are used to enhance the performance of executing commands on a database.

connection string

A connection string includes a connection address, port, database name, database account, and the account password. For example,,username/password.

connection timeout

The connectTimeout timer specified in the SDK configuration is exceeded.


A consumer can obtain an assigned number of shards and can consume the data on these shards. A consumer name must be unique within a consumer group.


A message subscriber who receives and consumes messages.

consumer group

Consumer groups are sub-resources of Logstores. Consumers with the same consumer group name consume data from the same Logstore, but the data consumed by each consumer is different. Up to ten consumer groups can be created under one Logstore, but the group names must be unique within the Logstore. Different consumer groups under the same Logstore consume data independently.

consumer ID

A unique identifier for a consumer.

consumer instance

An instance for a consumer. An instance can be used to run different processes or on different machines.


A run-time instance created using Docker. A node can run multiple containers.

Container Service

A fully managed cloud container management service that enables you to run and manage Docker applications on a distributed cluster of Alibaba Cloud ECS instances.

control flow

The pathway for performing management operations on the instance such as adding instances, deleting instances, changing instances and querying information about the instances. Website users can activate the service on the purchase page and monitor and manage the service on the console. Channel users can perform all the control operations on the Alibaba Cloud API platform.

A small piece of data(usually encrypted) that websites store on the user’s local terminal. It can be used for session tracking, authentication, or recording any other program state information.

cooldown period

After scaling, there is a coldown period where you cannot perform a scaling operation on the same scaling group.

CPU usage

The amount of time for which a central processing unit (CPU) uses to process instructions of a computer program or operating system.

cross-site scripting (XSS)

A type of computer security vulnerability typically found in web applications. XSS enables attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to bypass access controls such as the same-origin policy

custom image

A binary that includes all of the requirements for launching a container and the metadata describing its needs and capabilities.

custom monitoring

Through the OpenAPI, users can monitor and analyze data reported to the CloudMonitor to better understand the output and determine cause of alarms.


A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | Z


A platform that allows users to quickly see an overview of cloud-monitoring data from multiple instances of different products.

data center

A large group of networked computer servers typically used by organizations for the remote storage, processing, or distribution of large amounts of data.

data cleansing

Data cleansing or data cleaning is the process of detecting and correcting (or removing) corrupt or inaccurate records from a record set, table, or database. For ARMS it specifically refers to the process of splitting the log data, performing static Join, and finally transforming the standard Key-Value (KV) format.

data collection rules

Rules that define the target instance data sources for monitoring and data collection by monitoring tasks.

data disk

A disk that contains only data. It does not include an operating system.

Data Process Center (DPC)

Alibaba Cloud’s underlying platform for massive parallel processing data development and analysis that includes data integration, machine learning, and output, for majority of its users.

data screening

Define in the data set what kind of data will be used for data set filtering. Data that does not meet the filter criteria will be filtered out the data set.

data sharding

The means of database partitioning that separates very large databases into smaller, faster, more easily managed parts called data shards.

data source

A data source is simply the source of the data. For example they can be a file, a database, or monitoring tasks such as Loghub, MQ Topic, etc.

data update

A type of database update. Data updates only modify data. They do not modify the schema.

Database Audit (DB Audit)

Monitors, records, and provides alarms for database risks, such as bad operations or SQL injection attempts.

database partition

After horizontal splitting of DRDS, the database data is split logically and stored on multiple physical storage instances. Each physical instance is a database partition.

database shard

After horizontal splitting of DRDS, the database data is split logically and stored on multiple physical storage instances. Each physical instance is a database shard.


Defines how the monitoring task makes aggregation calculations, persistent storage, and Open API access output based on the collected data.

dataset dimension

The key value that is used to aggregate a dataset when it is created. Similar to the GroupBy column.

default display field

Used through the API parameter fetch_fields to display results about the field or fields provided in the query result.

delayed message

A message sent to the MQ server at a specified time instead of directly in real time.

delayed queue

The message queue where messages scheduled to be delivered later are sent. A user can specify the message delay parameter to send a message at a specified time through the CreateQueue and SetQueueAttribute operations. If no message delay parameter is specified, the message in the delay queue may take an extended amount of time to be fetched.

destination network address translation (DNAT)

It changes the destination address of an IP packet to another address.

device ID

The unique identifier of each device as specified by the manufacturer or user. For example, device serial numbers. These must be globally unique.

distributed configuration administration

EDAS provides central management of distributed systems from the EDAS control panel. You can modify configurations on the control panel and update all machines in real time within seconds.

distributed denial of service (DDoS)

Distributed Denial of Service is an attack using client/server technology. Multiple systems are combined to form an attack platform and initiate a DDoS attack against one or more targets, increasing the threat posed by denial of service attacks exponentially.

See DDoS attacks.

distributed file system

A client/server-based application that allows clients to access and process data stored on the server as if it were on their own computer. When a user accesses a file on the server, the server sends the user a copy of the file, which is cached on the user’s computer while the data is being processed and is then returned to the server.

Docker image

The Docker official Ubuntu images. It includes everything needed to run the application and can be used to create custom images as well.


A searchable structured data unit. A document can contain multiple fields, but must contain one primary key firld. OpenSearch uses the primary key to determine if the document and its contents are unique, and duplicates the primary key (thereby overwriting the content) if the document is not unique.

domain name

A domain name is a server or network system name that identifies IP resources connected to the Internet. All domain names are unique worldwide.

domain name format

A series of labels separated by dots which comply with rules and procedures of the DNS. An example is

domain name proxy service

A value-added domain name service that protects personal identity information used when registering a domain name by making it unavailable in the WHOIS database.

domain name resolution

The process of mapping a domain name to an IP address.

domain name resolution

The translation of domain names to corresponding IP addresses needed for locating and identifying computer services and devices with the underlying network protocols.

domain name system (DNS)

An industry standard for managing domain names and their IP addresses.

domain renewals

To retain ownership of a domain name, you generally need to pay an annual domain fee to extend its period of validity.

domain status

A code set by the registry or registrar to indicate the current state of a domain name.

domain transfer-in

The process of the new registrar transferring the domain name to their service. The new registrar can automatically copy over the domain server information to ensure the website function normally. If the domain server information is not copied, it will need to be updated with the new registrar.

domain transfer-out

The process of changing the designated registrar of a domain name. The end user contacts the new registrar when they want to transfer the domain name to their service, and supplies the authentication code.

DRDS hint

Custom comments provided by DRDS to specify special behaviour such as specific syntax that affects the way SQL is executed.

DRDS instance

A DRDS instance is made up of several DRDS Server nodes form a DRDS instance. Multiple DRDS databases can exist in one DRDS instance.

DRDS instance ID

The unique identifier for each DRDS instance.


A high-performance, Java based RPC framework open-sourced by Alibaba. It is the core framework of Alibaba SOA and is widely used across all Alibaba web platforms.


A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | Z

EaaS (energy as a service)

The management of one or more aspects of a customer’s energy portfolio—including strategy, program management, energy supply, energy use, and asset management—by applying new products, services, financing instruments, and technology solutions.

EDAS agent

A Daemon installed on ECS instances. It is responsible for communication between the EDAS service cluster and any applications deployed on the ECS instance, and enables application-based controls.

EDAS application life cycle

EDAS provides complete lifecycle management for applications. It includes application creation, deployment, launching, rolling-back, capacity scaling, and more.

EDAS Eagleeye

The EDAS service monitoring system. It can be used to trace and analyze system calls, message sending, and database access to pinpoint bottlenecks and hidden risks.

EDAS RPC service

An RPC service based on the Dubbo framework, and deployed through WAR. It offers seamless publishing and management of applications on EDAS, as well as the service management data operation features of EDAS.

edge node

A network node with a comparatively small number of accessible links to improve the responsiveness and connection speed for the end user.

encryption service instance

An instance type that utilizes advanced encryption and decryption capabilities.


The access domain name served by the OSS over the Internet or intranet.


Each instance corresponds to an endpoint (also known as the connection URL). The endpoint must be specified before you can perform any operations.


Generally a client of the messaging system is configured with a URL, email address, phone number, or other necessary configurations so that an application can then use it to send or receive messages. It is the interface between an application and a messaging system.

Enterprise Distributed Application Service (EDAS)

A core component of Alibaba Clouds enterprise oriented cloud computing solutions. It makes full use of Alibaba Cloud’s resource management and service system, and provides a complete set of mature Alibaba middleware distributed products to help enterprise customers build large-scale distributed services.

ephemeral SSD

A disk located in the physical machine where the instance is located.

error code

An enumerated message that corresponds to the status of a specific software application and are typically used to identify faults such as those in faulty hardware, software, or incorrect user input.

eviction policy

The policy used when the Redis database reaches its limit.

existing data initialization

Initializes the historical data of the synchronization object to the target instance before synchronizing the link incremental data.

expiration date

The ending of the fixed period for which a contract is valid.


A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | Z

Field Programmable Gate Array instance (FPGA instance)

An Alibaba Cloud computing instance that includes a FPGA and are suitable for scenarios involving parallel computing workloads (such as DNA analysis). FPGA instances can be created on the Alibaba Cloud console and programmed by users as required.


A network security system used to separate intranets from public networks. It monitors and controls incoming and outgoing network traffic based on predetermined security rules.

forwarding rule

An action that directs traffic to specific target servers and works in conjunction with health checks and load balancing algorithms.

forwarding weighting

A user setting that specifies the forwarding weight of each ECS in the backend server. An ECS with a higher weight is assigned more access requests.

fragmented storage

Splits files into multiple fragments and multiple copies across multiple storage disks.

frames per second (FPS)

The number of picture frames displayed on the screen per second for a video, or game. Also called frame rate.

full snapshot

A first snapshot of a disk, where all the disk data is saved. Incremental snapshots save the differences from this first snapshot.

full table scan

In database splitting mode, full table scan is when the DRDS will execute the SQL query on all the sub-tables and merge the results. This should be avoided as it negatively affects database performance.


A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | Z

Global Transaction Service (GTS)

A high-performance, highly reliable middleware to ensure transaction consistency for distributed transaction systems.

globally ordered message

For a topic, all messages are published and consumed in the strict order of first in, first out (FIFO).

Graphics Processing Unit-intensive instance (GPU instance)

An Alibaba Cloud computing instance that includes a Graphics Processing Unit. They are ideal for GPU-intensive computing workloads such as video decoding, graphic rending, deep learning, and scientific computing, as well as floating-point computing. Users can easily create GPU instances through the Alibaba Cloud console.


The operation unit in HybridDB for PostgreSQL. A HybridDB for PostgreSQL instance is composed of multiple groups. Increasing the number of groups can result in improved linear performance.

group ID

Identifies sets of logically sharded nodes that represent classes of devices with identical functions.

group type

The available package of computing resources. Each group type includes CPU, IO, memory, and disk resources. Different group types deliver different performance specifications. Resources in one group are allocated to the same physical host.


Generic top-level domain. A category of top-level domain maintained by the IANA for use in DNS. The core group of gTLD include com, info, net, and org domains.

GTS server

Responsible for the advancement of distributed transactions, assigning a globally unique transaction ID to the client-initiated distributed transaction request, and recording the status of the transaction branch submitted by the Resource Manager. It is ultimately responsible for committing or rolling back global transactions.


A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | Z


It provides high availability, load balancing, and proxying for TCP and HTTP-based applications. It is the de facto standard open source load balancer that is now shipped with most mainstream Linux distributions.

health check

As a basic Server Load Balancer function, health checks are performed on each backend server. Traffic is only forwarded to servers in the normal status to ensure high availability of Server Load Balancer.


A periodic signal generated to indicate normal operations. It is usually sent between machines at regular intervals.

heterogeneous indexing

For the DRDS table, WHERE clauses in SQL statements are routed to a specific sub-library to improve query efficiency. If no partial table partitioning key is available in the WHERE condition, DRDS performs a full table scan using a heterogeneous index.

high availability (HA)

A characteristic of system and application durability in which downtime for users due to regular maintenance operations (planned) and sudden system crashes (unplanned) is minimized. A highly available system is likely to operate continuously without failure for a desirably long time.

high-availability control system

Responsible for monitoring system health and real-time handovers between all database instances to ensure high availability (up to 99.99%).

hit rate

It is calculated as follows: (successful user reads)/(total user reads).

homepage detection

A service that allows you to check if your home page is attached, linked, or if there are any access issues.

horizontal partitioning

The partitioning of tables over multiple machines. When you shard a database, you create replicas of the schema, and then divide what data is stored in each shard based on a shard key.

horizontal sharding

The partitioning of tables over multiple machines. When you shard a database, you create replicas of the schema, and then divide what data is stored in each shard based on a shard key.


Hyper Text Transfer Protocol Secure (HTTPS). It is a more secure version of HTTP and uses SSL and TLS protocols to establish an encrypted connection.

Hypertext Transfer Protocol (HTTP)

An application protocol for distributed, collaborative, and hypermedia information systems. It is the foundation of data communication for the World Wide Web. HTTPS is a more secure variant of this protocol that uses HTTP over TLS.


A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | Z

ID key

A unique identifier required for the encryption service instance management software in conjunction with a USB key to manage the keys.


It describes an operation that produces the same results no matter how many times a client makes it. Note that while idempotent operations produce the same result on the server (no side effects), the response itself may not be the same (e.g. a resource’s state may change between requests).

identity credential

Authentication you must provide when you log on to a user account. For example, a password, AccessKey, or an MFA code.


A running environment template for ECS instances. It generally includes an operating system and preinstalled software. There are three types of images: public images, custom images, and shared images. You can use an image to create an ECS instance or change the system disk of an ECS instance.

image sharing

An account can share custom images with other Alibaba Cloud accounts. These can be used to create an ECS instance or change the system disk of an ECS instance.

imported database

An existing MySQL database that is mounted directly to the DRDS.


Indicates an inactive state

inbound traffic

Traffic that comes inside your machine.

incremental data migration

A data migration solution that splits a large data migration into smaller migration tasks whereby incremental data is synchronized in real-time from the source instance to the target instance. Incremental data migration must be manually ended through the console.

index building

The action of collecting, parsing, and storing data to facilitate fast and accurate information retrieval.

index field

A data structure optimized for document retrieval. Multiple index fields can be created. The index field must be specified when using the query action.


The default storage engine for MySQL version 5.5 or later. It provides ACID-compliant transaction feature, foreign key support, and row-level locking.

input/output operations per second (IOPS)

The total number of I/O operations per second (when performing a mix of read and write tests). An input/output performance measurement for computer storage devices that is frequently mischaracterized as a benchmark. IOPS numbers do not relate to real-world application performance.


An independent virtual machine that includes basic cloud computing components such as CPU, memory, operating system, bandwidth, disks, etc.

instance ID

The ID for the instances you have purchased .It can be viewed on the console. ApsaraDB for Redis limits connection quantities, bandwidth, CPU specifications, and other aspects based on capacity specifications of individual corresponding instances.

Intelligent Speech Interaction (ISI)

Software that utilizes voice recognition, speech synthesis, natural language processing and other technologies to generally intelligent human-computer interactions.

interactive dashboard

A set of interactive reports that can be customized in ARMS by the user based on the dataset.


A shared boundary across which two or more separate components of a computer system exchange information. The exchange can be between software, computer hardware, peripheral devices, humans and combinations of these.

Internet IP address

A connection address top access a host on a public networks. Public addresses are assigned by InterNIC and consist of class-based network IDs or blocks of CIDR-based addresses that are guaranteed to be globally unique to the Internet.


An internal computer network that uses the same technology as the Internet. It is generally established within an enterprise or organization to provide information sharing and exchange services to its members through a local or restricted communications network.

intranet IP address

A connection address used to access the host on a private network.

inverted rank

A process for full-text search that consists of a list of all the unique words that appear in a document, and for each word, a list of the documents in which it appears.


A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | Z


A specific computational requirement performed in BatchCompute. Users can submit, query, and manage jobs through the BatchCompute Management console of the SDK.


A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | Z

Key Management Service

Alibaba Cloud Key Management Service (KMS) is a secure and easy-to-use service to create, control, and manage encryption keys used to secure your data.


A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | Z


The delay before a transfer of data begins following an instruction for its transfer.

Linux virtual server (LVS)

Linux Virtual Server (LVS) is a clustering and load balancing technology. It provides both IP load balancing and application-level load balancing. A dispatcher with a large request handling capacity distributes requests among many servers in a cluster. In this model, the backend servers appear like a single server that is highly available and delivers high performance. Users do not have to be aware of the backend servers that are actually delivering the service. This architecture does not require any reengineering of the client software or server software.

See also:

Linux virtual server gateway (LVS Gateway)

The Linux Virtual Server (LVS) gateway is a set of load balancers that appear as a single IP address to clients.


The minimum data unit processed by the log service.

log group

A set of logs. The basic unit for reading and writing logs. Log groups can have up to 4096 lines, and take up to 10 MB in space.

log hub

It provides real-time data collection and consumption.

Log Service

A fully managed service for data collection, consumption, shipping, query, and analysis without development.

log shipper

Moves the Log Hib data to the storage service for storage and big data analysis.


An exception class in the SDK for handling logical errors in the log service.

Loghub log4j appender

An open source project which allows you fine control over the log output destination, and the format and level of each log. You can configure it using a configuration file without needing to modify application codes.

Loghub producer library

A LogHub class library written for high concurrency Java applications. The Producer Library and Consumer Library are used by LogHub to read and write packaging to lower the threshold for data collection and consumption.

logical SQL

SQL queries sent to the DRDS from the application side.


The collection, storage, and query unit of log data for Log Service. Each log library is part of a project, and each project can create multiple logstores.


An access service that makes it quick and easy to retrieve logs from servers.

logtail configuration

It contains the settings for how a Logtail collects logs and processes them, and then determines where the logs are sent to. You can configure a logtail for each logstore.


A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | Z

M3U8 file

A UTF-8 encoded playlist file. Videos are generally 3-5 minute .ts vdieo file segments. The .ts files are listed in the M3U8 file.

Machine Learning

Utilizing machine learning applications and a graphical programming interface, developers can quickly perform accurate testing and development on new, unseen examples/tasks using a learning machine after it is configured with a learning data set.

mail exchange record (MX record)

A DNS resource record that specifies the mail server that accepts mail for the recipient’s domain. It includes a preference value that is used for prioritization if multiple mail servers are available.

manual gateway (MGW)

A user-created dedicated gateway.

mapping table

A user-defined static table that maps the value of the query result into certain business attributes, for example, query results of cities can be mapped into postal code attributes for better data analysis.

massively parallel processing (MPP)

A distrubuted computing architecture that improves performance by means of parallel processing on non-shared nodes (a computing group in HybridDB).

master-slave dual node

An instance configured according to master-slave architecture.


The property column defines the maximum number of versions of the data.

Media Transcoding

A highly scalable transcoding service for multimedia files. It can transcode multimedia files into formats suitable for playback on PCs, TVs, and mobile devices.

medical smartwear

Wearable technology designed not only to log data about users’ health but to predict and potentially avert crises.


A high performance, general-purpose distributed memory caching system.

merge sort

An efficient, general-purpose, comparison-based sorting algorithm. Sometimes written as mergesort.


A message contains data and attributes.

message accumulation

The action in which the MQ server saves unused messages in instances where a large amount of messages cannot be consumed correctly in the time available.

message filtering

The process by which messages are filtered according to their tags to ensure that consumers only receive specific messages. Message filtering is performed at the MQ server side.

message ID

A globally unique identifier for a message automatically generated by Alibaba MQ.

message key

A unique identifier for a message that is set by the message sender.

Message Queue Telemetry Transport (MQTT)

A lightweight, open instant messaging protocol based on the publish-subscribe model and applicable for mobile and IoT scenarios.

message status

The status of Alibaba Cloud Message Service messages. This can be Active, Inactive, Deleted, Delayed, or Expired.

message track

The process by which users can track a message according to the relevant nodes used and incorporating time, date, and other data that is used to complete the message link.

Mobile Accelerator

A wireless acceleration technology that provides developers with faster, more stable network access. Built on the Alibaba Cloud platform, it utilizes acceleration nodes and massive bandwidth resources to provide better availability and an enhanced user experience.

Mobile Analytics

It helps developers implement big data operations such as analyzing user behavior, developing customer analysis, and leveraging applications to enhance user stickiness and improve user experience.

Mobile Push

It helps apps integrate mobile push capabilities to deliver efficient and accurate real-time mobile services while reducing associated development costs.

Mobile Security (Mobile Security)

An online mobile application security service that protects applications from potential risks, threats, and vulnerabilities.

Mobile Testing

Alibaba Cloud Mobile Testing is a machine testing service that enables developers and customers to interact with and test for various risks, threats, and vulnerabilities in apps in oder to improve quality, enhance security, and get them ready for the market.


Forwards data entry requests from MongoDB clusters to the corresponding shard server. Multiple mongos can be selected as the entry request.

monitor system

Monitors instances, physical resources, networks, and alarms to ensure that the system is functioning properly.

monitored items

Items monitored by the system. These can be set by the user. The default monitoring items depend on which product is being monitored.

mount point

The access destination address of the file system in a VPC or classic network. Each mount point is mapped to a domain name. When using the mount command, you can specify the domain name of the mount point to mount the corresponding NAS file system to a local destination.


Group communication where data transmission is addressed to a group of destination computers simultaneously and is often employed in IP applications of streaming media.

multi-factor authentication (MFA)

An access control system that provides enhanced security protection more than just using usernames and passwords. After MFA is enabled, when a user logs on to Alibaba Cloud website, the system requires the user to enter the username and password (first security factor), and then requires the user to enter a variable verification code (second security factor) provided by the MFA device.

multipart upload

The process by which objects larger than 5 GB are split into multiple data blocks (or parts in OSS) with each data block then uploaded separately. When all data block uploads are complete, the parts are combined back into the original object.

Multi-Service Transfer Platform (Multi-Service Transfer Platform)

A unified network management platform for multi service nodes based on SDH. It allows you to manage TDM, ATM, Ethernet, and so on.


A physical area composed of multiple zones in a single region. They can be used to address zone-level faults.

MX record

A mail exchanger (MX) record is a type of resource record in the DNS that specifies a mail server responsible for accepting email messages on behalf of a recipient’s domain, and a preference value used to prioritize mail delivery if multiple mail servers are available.


The default storage engine for MySQL prior to version 5.5. Each MyISAM table is stored as three files, a .frm file, a .MYD file, and a .MYI file.


A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | Z

NAT Gateway

NAT Gateway is an enterprise-class public network gateway. It provides an Internet gateway for a VPC to allow you to access the cloud service. You can control access using customized SNAT and DNAT rules. Furthermore, it supports the sharing of public network bandwidth by multiple IPs, while its static bandwidth resources help reduce operation costs.

network type

The network type defines the accessible range of an RDS instance intranet address. Classic-type networks allows access from within the public cloud, while VPC-type networks only allow access from within the VPC network.


A virtual machine instance or physical server that Docker Engine has been installed on. It can be used for the deployment and management of containers. The container service agent program is installed on the node, and the node is registered to a cluster. The number of nodes in a cluster can be scaled based on your requirements.

non-partition mode

A mode to use existing MySQL databases with DRDS. It only allows the use of the DRDS read/write splitting. Other DRDS features are not usable in this mode.

notification method

The way in which users can choose to receive alarm notifications. Available methods include MNS console notifications, email, and SMS.


A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | Z


Objects are the basic storage unit of Alibaba Cloud OSS. Objects consist of user data, file name, and metadata.


Indicates a normal state

Open Ad

It enables businesses to build their own DSP, AND, or DMP system to provide reliable services including bidding, audience targeting, CTR estimation, delivery, and more.

Open API

A publicly available application programming interface that provides developers with programmatic access to a proprietary software application or web service.


A user operation that utilizes a cloud resource. These can be a console operation or an API call.

Optical Character Recognition (OCR)

A technology that converts different types of documents (such as scanned paper documents, PDFs, or images) into editable and searchable data.

orchestration template

A text file that defines the collection of cloud computing resources, the dependency between the resources, resource configuration details, and more. It is used by ROS to automatically create and configure all resources for automatic deployment, operation, and maintenance. You can edit the file as required and use version control software to easily switch between different configurations.

ordered consumption of messages

For a specified Topic, the client receives the messages in sequential order.

ordered delivery of messages

For a specified Topic, the client sends the message in sequential order.

ordered message

An MQ message type that is published and consumed sequentially. It is divided into global sequential messages and partitioned sequential messages.

outbound traffic

Traffic that goes outside your machine.


The person responsible for setting and controlling the permissions of objects, and who can grant such permissions to other users.


A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | Z

packet loss

An event where one or more packets or data traveling across a computer network fail to reach their destination.

packet loss rate

The ratio of packets lost with respect to packets sent, generally measured as a percentage value.


Pandora is a light weight container (technically known as taobao-hsf.sar). It isolates web apps and middleware, and middleware dependancies, to minimize issues. EDAS Pandora integrates various plugins into the container to enable services such as discovery, configuration pushing, and link-tracing calls. These plugins allow you full management of EDAS applications.

parent topic

The first level of a Topic as defined by the MQTT protocol.

partition mode

A mode that allows full use of all DRDS features. Its creates multiple libraries for a MySQL instance, and creates a DRDS database from these tables.

payment account

An account used to purchase EDAS products. Payment accounts can be bound to up to 5 main accounts. Payment accounts are also master accounts.

payment method

A method by which a user can pay a fee, such as a credit/debit card, PayPal, or direct banking.


A status that indicates the doamin name has been in redemptionPeriod status for 30 days and has not been restored. The domain name remains in pendingDelete status for an additional five days, at which point it will be deleted from the registry database and made available to anyone for registration.


A status that indicates the domain name is being transferred to another registrar, and cannot be modified during this process.

Performance Testing Service (PTS)

A world-class, powerful testing platform that simulates real-world business scenarios involving massive users to observe real world capabilities and identify limitations.


Allow or deny a user (or user group) from performing an operation (or list of operations) on a resource (or list of resources).

persistent connection

A connection used to send multiple data packets in a row. During the period the connection is persisted, both parties must send link detection packets if no data packets are sent.

physical average response time

For a measurement period, DRDS calulates the average response time for a physical SQL query in milliseconds. The response time is calculated as: (When DRDS receives the result set returned by RDS) - (when DRDS starts receiving the RDS connection)

physical connection

A physical connection is the abstraction of a physical line used to directly connect a customer to Alibaba Cloud. Every connection a customer uses to access Alibaba Cloud, is considered as one Alibaba Cloud physical connection object under the customer’s name.

physical QPS

The number of physical SQL queries per second the DRDS executes on RDS.

physical SQL

The SQL query that is sent to the RDS after the DRDS parses a logical SQL query.

pornographic content detection

A service that determines if probable erotic content is detected on your resources and censors according to the calculated probability. For example, in OSS an object is frozen if it is determined as having probable erotic content.


A port is an endpoint of communication in computer networking. This can be hardware port, a logical port, or both. TCP and UDP ports are identified by their port number (an integer from 0 to 65535).

primary key

The unique identifier for each row in a table. It consists of up to 4 primary key columns. The contents of the primary key must be explicitly specified during table creation. A primary key can be of String, Integer, or Binary type (if it is String or Binary type, the length cannot exceed 1 KB).

primary zone

The main zone in which requests for instances are sent to. If instances in the primary zone fail, load balancing redirects the requests to a secondary zone to maintain service availability.


A message publisher who creates and sends messages.

producer ID

A unique identifier for a producer

producer instance

An instance for a producer. An instance can run different processes or on different machines.

production flow

The operations performed on on the key-value using the web client or app. These can be add, delete, replace, set and get operations.

programming model

A style of programming where execution is invoked by making what appear to be library calls.

proprietary intellectual property right

Ownership of intellectual property which may include financial information, intellectual property (concepts, designs, techniques), technical documentation, artwork, and so on, and which are protected under law.

proxy connection point

An intermediary point used by encryption service instances to provide SSL encryption while also enabling secure load balancing across multiple encryption service instances.

Public Recognition

Proprietary software involving machine learning, semantic analysis, and advanced algorithms that uses publicly available data to analyze trends in brand image, popular events, public policies, and so on to promote better business decision making.


The client that sends messages to a topic. Also known as a producer.


A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | Z

queries per second (QPS)

A metric for measuring the traffic processed by a query server. DNS server performance, for example, is measured this way.

queue owner

The account used to create the queue through the CreateQueue operation. An owner has access to all queue operations. The queue owner Account ID can be viewed on the Alibaba Cloud console.


A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | Z

read policy

Defines the ratio of DRDS reads for the main instance and sub-instances.

read timeout

When calling a constructor using the SDK, it specifies the period of time that the SDK waits when attempting to read data from an API response before timing out.

read/write capacity unit (read/write CU)

The smallest billing unit for data read and write operations. A CU is 4 KB. Data that only uses part of a CU will be rounded up. For example, writing 7.6 KB data will count as two write CUs, and reading 0.1 KB data will count as one read CU.

read/write splitting

A way to improve performance for a DRDS system. Read and write queries are first automatically identified, then read queries are sent to the secondary tables while write queries are sent to the primary table.

read-only instance

Data in a read-only instance can be accessed but not modified.

real-time streaming media cluster

A scalable cluster for video streams with built in load balancing capabilities. The cluster automatically scales based on changes to the cluster’s overall load for the video stream.

receipt handle

A temporary ID generated by MNS when fetching messages. These are single use IDs that cannot be reused.

received traffic

The application’s SQL network traffic sent to the DRDS.

recovery point objective (RPO)

Refers to the amount of data at risk, which is determined by the amount of time between data protection events and reflects the amount of data that potentially could be lost during a disaster recovery.


The action by which to renew a domain name upon its expiration.

redemption period

A 30 day time period in which an expired domain name is held until it is removed from the international domain name pool. If a domain name expires, and is not renewed during the normal renewal timeframe, the 30 day redemption period begins.


An open source (BSD licensed), in-memory data structure store, used as a database, cache, and message broker. It supports data structures such as strings, hashes, lists, sets, sorted sets with range queries, bitmaps, hyperloglogs, and geospatial indexes with radius queries. Redis has built-in replication, Lua scripting, LRU eviction, transactions, and different levels of on-disk persistence, and provides high availability using Redis Sentinel and automatic partitioning with Redis Cluster.

Redis database

A cloud-based version of Redis. Redis is an open-source in-memory database that implements a distributed, in-memory key-value store with optional durability. It supports 256 DB. By default, it writes to the 0 DB.


References geographical locations where instances are physically located.

See Regions.


A person or company that registers a domain name.


An organization or commercial entity that manages the reservation of internet domain names. A domain name registrar must be accredited by a generic top-level domain (gTLD) registry and/or a country code top-level domain (ccTLD) registry. The management is done in accordance with the guidelines of the designated domain name registries.


The action or process of registering or of being registered.


A database of all domain names and the associated registrant information in the top level domains of the DNS that allow third party entities to request administrative control of a domain name.


A publish and subscription feature of MQ that realizes interoperability between services in different network environments.

requests per second

The number of SQL statements recorded in one second.

reserved read throughput

Provisioned throughput capacity reserved for reads is a configuration of a table. Table Store reserves the requisite resources based on this configuration.

reserved write throughput

Provisioned throughput capacity reserved for writes is a configuration of a table. Table Store reserves the requisite resources based on this configuration.


An abstraction of a cloud service provided to a user such as ECS instances, OSS storage buckets, and so on.


Any hardware or software that is accessible by the computer, network or other object connected to a computer. In Alibaba Cloud, a resource is an abstraction of object entities that a user interacts with, for example. ECS instances and OSS buckets.

resource manager

A resource manager abstraction in a transaction, which defines the behavior of resources participating in a transaction. Different transaction modes correspond to different resource managers.

Resource Orchestration Service (ROS)

It provides developers and system managers with a simple method to create and manage their Alibaba Cloud resources.

Rewards Program (Rewards Program)

A program for rewarding white hat hackers for reporting security vulnerabilities. Companies can decide how much to pay for high, medium, and low risk vulnerabilities.


The action of restoring a disk to a state and setting from a previous point in time.

root certificate

A public key certificate that identifies a root certificate authority (CA). A root certificate is used to “sign” other certificates in which the signed certificates then inherit the trustworthiness of the root certificate.

round-robin scheduling

A scheduling algorithm that distributes requests across backend ECS servers sequentially.

route entry

Each item in the route table is a route entry. A route entry defines the next hop address for the network traffic to be routed to the specified destination CIDR block. Route entries are categorized into system routes and custom routes.

route table

A list of route entries on the VRouter.

router interface

A router interface (or VRouter interface) is a virtual network device. It can be attached to a VRouter to establish an Express Connect connection with another VRouter interface. This creates an intranet connection between different networks.

Rule Engine

A solution for scenarios where the business rules of an online service change frequently. It can help customers separate business rules from the application code to make managing business rules easier.


A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | Z

scaling configuration

Defines the configuration of ECS instances used for Auto Scaling.

scaling group

A scaling group is a collection of ECS instances with similar configurations deployed in an application scenario. It defines the maximum and minimum number of ECS instances in the group, associated Server Load Balancer and RDS instances, and other attributes.

scaling rule

Defines how many instances to add or remove when scaling.


A PaaS distributed task scheduling product.

schema migration

A type of migration. In database migration, it refers to the migration of scema definitions including tables, views, triggers, stored procedures, and storage functions. For migration between heterogeneous databases, the data type mapping is carried out in the schema migration phase, and the object type is changed to the appropriate target type. For example, when Oracle is migrated to MySQL, the number type in Oracle is mapped to the decimal type in MySQL.

schema update

An update that modifys the schema definition such as create table, alter table, drop view and so on. Users can choose whether to subscribe to schema updates when creating a subscription channel.

seamless scaling

When you use horizontal splitting to distribute data dynamically in physical instances, the process is done asynchronously and does not require any change to the business code.

secondary zone

Server Load Balancer can be deployed in multiple zones in a region. The user can specify a primary and a secondary zones for a Server Load Balancer instance. The Server Load Balancer instance runs in the primary zone by default, and uses the secondary zone as a backup.

Secure Shell (SSH)

A cryptographic network protocol for operating network services securely over an unsecured network based at the application layer and transport layer.

Secure Shell key pair (SSH key pair)

An authentication method available for logging in to ESC instances remotely. An SSH key pair is a pair of keys generated through an encryption algorithm: one key is publically available (the public key) and the other key is kept confidential (the private key).

If you have placed the public key in a Linux instance, you can use the private key to log on to the instance using SSH commands or related tools from a local computer or another instance without a password.

See SSH key pairs.

security group

A named set of allowed inbound network connections for an instance (VPC Security groups also support outbound connections). Each security group consists of a list of protocols, ports, and IP address ranges. A single security group can apply to multiple instances, and multiple security groups can apply to a single instance.

Security Token Service (STS)

A cross-platform open standard core component of the OASIS group’s WS-Trust web services single sign-on infrastructure framework. Alibaba cloud use it to grant temporary user credentials to to RAM roles.

See STS introduction.

Server Load Balancer (SLB)

A ready-to-use service that seamlessly integrates with Elastic Compute Service (ECS) to automatically manage sudden spikes in traffic, minimize response time, and maintain 99.99% availability of your web applications.

See Server Load Balancer.


A status that indicates your domain is prevented by the registry from being deleted.


A status that indicates the domain’s registry has placed the domain name on hold, and its web-related functions are inactive.


A status that indicates the registry has modified the domain name so that it cannot be renewed.


A status that indicates your domain is prohibited from being transferred without consent from the registry.


A status that indicates your domain is prevented from being updated.


A scalable micro service. It uses a set of containers based on the same mirror and configuration.

service access authorization

When API publishers give API consumers the requisite credentials to allow them to call an API.

service authentication

The HSF service framework ensures the stability and security of each user’s distributed calls. Each step of the process has strict service authentication.

service call monitoring

EDAS is able to monitor the service’s QPS, response time and error rates for application calls to the service.

service downgrade

A downstream process in which low priority calls to non-core service providers are timed out to ensure that upstream core applications are not affected.

service group

The basic business unit of APIs. When you launch a new API you must assign it to a service group. APIs can only belong to one group.

service publication

The service is open on CSB and CSB provides the corresponding API call to access the service.

service-level agreement (SLA)

An agreement between a service provider and a client for a service agreed upon by both parties. This can include details such as quality, availability, and responsibilities. Note 1: Service level agreements can also be established between service providers and other providers. These other providers may be a group within an organization or a customer. Note 2: Service level agreements may be a part of a contract or another type of written agreement.

session persistence

A basic Server Load Balancer function that distributes access requests from a single client to the same backend server for processing.


MongoDB uses sharding for horizontal scaling of databases. Each shard is a separate server that handles a subset of the overall workload.

shard key

A column in the logical table. DRDS routes SQL statements to the table indicated in this column.

Simple Authentication and Security Layer (SASL)

A framework for authentication and data security in Internet protocols. It decouples authentication mechanisms from application protocols. In theory, this allows any authentication method supported by SASL to be used with any application protocol that supports SASL.

single point of failure (SPOF)

A part of a system that, if it fails, will stop the entire system from working.

site monitor

Simulates user access scenarios to enable monitoring of availability, connectivity, DNS resolution, and other management tasks

SLB instance

An instance running the Server Load Balancer service. To use the Server Load Balancer service, the user must first create an Server Load Balancer instance. The LoadBalancerId is the unique identifier of a user’s Server Load Balancer instance.

SLB listener

A concept used in Server Load Balancer instances. A listener defines how the incoming requests are distributed. You must add at least one listener to a Server Load Balancer instance. It includes frontend ports, backend ports, Server Load Balancer policies, and health check configurations. Each listener corresponds to a backend application service.

Smart Conversation Analysis (SCA)

Software that utilizes dialogue recordings or text, and analyzes the content based on intelligent rules to achieve natural human speech patterns.

smart electric meters

An electronic device that records consumption of electric energy in intervals of an hour or less and communicates that information at least daily back to the utility for monitoring and billing.


A copy of data on a disk at a certain time point. There are two types of snapshots, automatic snapshots and user-created snapshots.

SNAT table

A configuration table on the NAT Gateway for SNAT configurations to permit ECS instances access to the Internet using a specified public IP address.

software defined network (SDN)

An approach to computer networking that allows network administrators to programmatically initialize, control, change, and manage network behavior dynamically via open interfaces and abstraction of lower-level functionality.

software development kit (SDK)

A collection of development tools used by software engineers when creating application software for a specific software package, software framework, hardware platform, or operating system.

souce field

The smallest unit of source data. It contains the field name and field value and can be of text, integer, or floating-point type.

source data

A user’s raw data that can contain multiple source fields.

source network address translation (SNAT)

It translates the source address of an IP packet to another address.

SRV record

A record that defines the location of servers for specified services in the Domain Name System. It includes the hostname and port number of the specified server.

SSL certificate

Secure Sockets Layer (SSL) certificte. It is a small data file that digitally binds a cryptographic key to an organization’s details.It complies with the SSL protocol and is issued by trusted root certification authorities.

standard message

Messages sent to the queue that can be fetched immediately.

standard queue

The default message delay time is zero which means any message not set with delay seconds attribute is available for receiving at once.

static website

Websites with web pages composed of fixed content, including scripts such as JavaScript, that are executed by the client without the need for prior web programming or database design.

static website hosting

Users can configure their own bucket as a static web host. After it is configured, the bucket can be accessed as a static website, and can automatically jump to the index page and error pages.


A general-purpose computing platform that provides stream data computing services in real time.


Users subscribed to a topic. They receive messages about the topic.


An agreement to establish a relationship that enables subscribed users to receive messages from publishers


A topic under the parent topic.

synchronization latency

The difference between the timestamp of the target instance on the source library, and the current timestamp of the homologous instance.

synchronized records per second

The number of records synchronized to the target instance per second.

system disk

A disk that contains an operating system.


A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | Z

table broadcast/replication

By synchronizing in advance the data of a single-warehouse table to all the sub-libraries, DRDS can convert the cross-database combined query into a push-down joint query to be completed on the physical database.

table shard

The physical data table for each shard.


An identifier used to classify and manage ECS instances.


An identifier used to classify and manage a large number of ECS instances.

TCP retransmission

The resending of TCP packets that have been damaged or lost during transmission. TCP handles a retransmission by setting a timeout when it sends data, and if the data isn’t acknowledged when the timeout expires, it retransmits the data.

technical contact/tech contact

A person responsible for resolving technical issues concerning the domain name and domain status.


A user or group of users who share a common access with specific privileges to software instances.


An open source webserver that is based on the Nginx HTTP server. It originated from Taobao, and is now actively developed by the Tengine team.


A word or phrase used to describe a thing or to express a concept.

terms of service

Rules by which one must agree to abide in order to use a service.


A limit beyond which something changes.


The amount of data successfully transmitted through a network, device, port, virtual circuit, or another facility within a given time.


Logs within a logstore can be divided up by the journal topic. User can specify topics when creating logs and can use topics to query logs.


A message type.


A customizable section of a URL that can be used to point to a specific page.


A series of operations performed as a single logical unit of work. You must execute all of the operations or none of them.

transaction alias

A customizable part of the customer application that is placed in the @TxcTransaction note. It identifies whether a transaction in the runtime has a global transaction open which can be seen on the console.

transaction boundary

Marks the start and end of a transaction.

transaction branch

A distributed transaction may contain multiple branches, and only if all the branches succeed, the distributed transaction succeeds, and the failure of a branch causes the rollback of the distributed transaction. Under the GTS framework, a branch may be an SQL statement executed on a library or a manual mode branch.

transaction group

A unque name specified by the customer data and the system parameters. Each GTS application must apply for a transaction group.

transaction ID (XID)

The global transaction ID of a GTS distributed transation. It is unique so it can be used to troubleshoot problems using the logs.

transaction initiator

The GTS client that starts/submits the distributed transaction through the transaction co-ordinator.

transaction instance name

The indentifier for the code block that starts the transaction in the client application. It is used to identify which part of the application starts the transaction. This can be viewed on the console.

transaction message

Used by MQ to provide a similar function to X/Open XA for distributed transactions, to ensure that transactions are ACID.

transactions per second (TPS)

The number of database transaction per second.

transfer prohibition lock

A method that prevents unauthorized outbound domain name transfers between registrars.

transient connection

A type of connection created when both parties need to send data to or receive data from each other. After data is sent, the connection is closed. Only one data transmission occurs for each connection.

Transmission Control Protocol (TCP)

One of the main protocols of the Internet protocol suite. It provides reliable, ordered, and error-checked delivery of a stream of octets between applications running on hosts communicating by an IP network. Major Internet applications such as the World Wide Web, email, remote administration, and file transfer rely on TCP.

transmitted traffic

DRDS network traffic sent to the application result set.

Transparent Data Encryption (TDE)

Performs real-time I/O encryption and decryption of the entire database. It is completely transparent to applications and does not require any modifications to existing applications.

two-phase commit protocol (2PC)

A processing protocol for distributed transactions.

TXT record

A text (TXT) record is a type of resource record in the DNS used to provide the ability to associate some arbitrary and unformatted text with a host name or a domain name.


A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | Z

update prohibition lock

A method that protects domain name registrant information from unauthorized modification or tampering.

URL forwarding

The automatic redirection to a different URL when a domain is visited. It includes both explicit and implicit URL forwarding actions.

User Datagram Protocol (UDP)

A core component of the Internet protocol suite, UDP uses a connectioness communication model with a minimum protocol mechanism. Through UDP, applications send datagrams to other hosts on an IP network without the need to set up a communication channel or data path.

user group

A pool of user accounts that, when grouped, can be granted the same permissions.


A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | Z

virtual border router (VBR)

Customers can create multiple VBRs on a physical connection. Each VBR is responsible for forwarding the data of one VLAN on the leased line to an address in Alibaba Cloud. Using VBRs, customer data can be directly transmitted to any Alibaba Cloud region.

virtual extensible LAN (VXLAN)

A network virtualization technology that uses VLAN-like encapsulation techniques to address scalability problems associated with large cloud computing deployments.

virtual local area network (VLAN)

A virtual LAN (VLAN) is any broadcast domain that is partitioned and isolated in a computer network at the data link layer (OSI layer 2).

virtual local area network (VLAN)

VLAN abstracts the idea of a LAN. VLAN can divide up a LAN into logical segments that cannot see each other’s traffic. It can also be used to allow geographically dispersed systems to communicate as if they are on the same LAN.

virtual network layer

The network hosting the ECS instances. It avoids the restrictions on the physical network layer. User logic and transmitted content at the virtual network layer are invisible to the physical network layer so the physical network layer does not parse the information transmitted at the virtual network layer, protecting user privacy. The virtual network layer is completely implemented using software. Data/control plane separation, path decision and policy delivery are done by the controller at the virtual network layer, thus implementing a Software Defined Network (SDN).

Virtual Private Network (VPN)

A virtual private network (VPN) extends a private network across a public or shared network. It enables users to securely send and receive data across the public network as if their devices were directly connected to the private network.

Voice Messaging Service

A communication service that supports voice notifications, authetication of calls, multi-party calls, and other communication capabilities.


A networking hub in the VPC. It connects all VSwitches in the VPC and serves as a gateway device that connects the VPC to other networks. It forwards network traffic according to specific route entries.

VServer group

A group of backend servers that can be customized and managed in the listener dimension. They allow listeners under an SLB instance to distribute different requests to different backend servers depending on the configured forwarding rule.


A basic network device on the VPC network. It can be connected to different cloud product instances. When creating a cloud product instance in a VPC network, you must specify a VSwitch for the cloud product instance.


A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | Z

web content detection

A service that notifies you if any illegal or illicit content is detected in any of your webpages. Web content detection will send the snapshot created at the time the content is detected, the URL of the suspected page or pages, and will help facilitate a review and recommend actions in order to rectify any issues.

web SQL injection

An injection attack wherein an attacker executes malicious SQL statements (known as a malicious payload) to control a web application’s database server or RDBMS.


A relative value that indicates the relative importance of the index in the overall evaluation.

weighted round robin (WRR)

In this mode, external and internal access requests are distributed to the backend ECS instances based on the weight you set each server.


An access control method. When a user is added to the whitelist, the user is permitted access. Users who are not on whitelist are not permitted access. The opposite of a blacklist.

wildcard DNS

A DNS record in a DNS zone that will match requests for non-existent domain names. A wildcard DNS record is specified by using a “*“ as the leftmost label (part) of a domain name. e.g. * This wildcard DNS record will cause DNS lookups on domain names ending in that do not exist to have MX records synthesized for them. So, a lookup for the MX record for would return an MX record pointing to

word breaking

The fragmentation of a string of written language into its component words.


A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | Z


Refers to physical areas with independent power grids and networks in a region. The network latency for resources within the same zone is lower than across zones. Intranet communication can take place between resources in different zones of the same region, and fault isolation can be performed between zones. Deployment of resources in the same zone depends on the requirements for disaster recovery and network latency.

See Zones.