This topic introduces the basic terms that are involved in ActionTrail. This helps you better understand and use this service.
A management account is an account that is used to enable a resource directory and is the super administrator of the resource directory. The management account has all administrative permissions on the resource directory and the member accounts in the resource directory. Only an Alibaba Cloud account that has passed enterprise real-name verification can be used as a management account. Each resource directory has only one management account.
A member account serves as a container for resources and is also an organizational unit in a resource directory. A member account indicates a project or an application. The resources of different member accounts are isolated. You can use a management account to authorize RAM users, user groups, or roles to access the resources of member accounts.
You can use a management account to invite a member account to join a resource directory or create a member account in a resource directory.
|user-initiated event||A user-initiated event is a record that is generated when you use the Alibaba Cloud Management Console, API operations, or developer tools to access and manage cloud services. A user-initiated event records information about an operation that you perform, including the operation time, username, resource, operation type, operation result, and source IP address.|
|Alibaba Cloud-initiated event||An Alibaba Cloud-initiated event is a record that is generated when the Alibaba Cloud O&M team maintains services for you. You can create a trail for the Inner-ActionTrail feature to deliver Alibaba Cloud-initiated events to a specified storage object.|
|global service||A global service is a service that applies to all regions of Alibaba Cloud, such as Resource Access Management (RAM). Global services generate global events.|
|global event||A global event is a record of a global service. On the Event Detail Query page in the ActionTrail console, you can select a region to view all the global events. After you create a trail to deliver events to a specified Object Storage Service (OSS) bucket, global events are recorded in the same directory as the events that occur in the home region of the trail.|
|home region||A home region is the region where a trail is created.|
|trail||A trail is created to deliver events to a specified OSS bucket or Log Service Logstore for storage and further analysis. Trails are divided into the following categories based on the creator and applicable scope: single-account trails, multi-account trails, and trails for the Inner-ActionTrail feature.|
|single-account trail||A single-account trail is a trail that is created to track and record the events of the Alibaba Cloud account that is used to create the trail.|
|multi-account trail||A multi-account trail is a trail that is created by using a management account to track and record the events of all member accounts. A multi-account trail can deliver the events of all member accounts in a resource directory to a specified OSS bucket or Log Service Logstore.|
|trail for the Inner-ActionTrail feature||A trail for the Inner-ActionTrail feature is a trail that is created by using an Alibaba Cloud account to deliver Alibaba Cloud-initiated events to a specified storage object.|
|shadow trail||A shadow trail is a trail that ActionTrail creates by replicating the configurations of a trail that you create to track events in multiple regions. ActionTrail creates a shadow trail in each of the regions to track and record the events in these regions.|