All Products
Document Center


Last Updated: Nov 12, 2018

Data isolation

To ensure data security, PrivateZone isolates private zone data in different VPCs.

  • The records in your private zones cannot be looked up from the Internet. This protects your business information and internal system architectures from malicious probing.
  • Your private zones cannot be queried in unassociated VPCs. This helps you better control who can access the core data in the internal system.
  • The data in a private zone is strictly protected by the tunneling feature of Alibaba Cloud VPC. This ensures that your private zone data is not compromised.


You can add an unlimited number of private zone files.

  • You can add any private zone such as and associate it with a VPC. The private zone record of in the VPC overrides the DNS record on the Internet.
  • You can add custom domain names in the VPC. For example, example.test and example.abcd.
  • You can associate private zones with the same name to VPCs that reside in different regions. This allows you to access different resources using the same domain name. The system automatically assigns the resource that is closest to you. For example, if you send DNS requests for in VPCs that reside in China (Beijing) and China (Shanghai), the DNS resolver returns IP addresses for the two regions.