All Products
Document Center

Storage & CDN

Last Updated: May 23, 2019

Alibaba Cloud for AWS Professionals


This topic compares the storage and content delivery network services of Alibaba and AWS. It covers the services in the following table.

Feature AWS Alibaba Cloud
Object storage Simple Storage Service(S3) Object Storage Service (OSS)
Content Delivery Network CloudFront CDN
File Storage Elastic File System (EFS) Network Attached Storage (NAS)
NoSQL Database DynamoDB Table Store

1. Object storage

This section compares AWS Simple Storage Service S3 and Alibaba Cloud Object Storage Service (OSS).

Object storage is a type of data storage where data are managed as objects, instead of blocks or files. Typically, object storage is used to store large files that undergo many read operations. Like AWS S3, Alibaba Cloud OSS is highly reliability, cost-effective, and scalable. Users can request data of any size, at any time, and from any location.

OSS provides three storage types: Standard, Infrequent Access, and Archive. The types vary in storage price, read speed, and availability. All storage types have the same reliability and can be easily managed by using the OSS API. Standard is designed general storage, whereas Infrequent Access and Archive are designed for more long-term storage options. For more information, see Introduction to Storage Types.

1.1 Service models

The following table compares the basic functions and terminologies of AWS S3 and Alibaba Cloud OSS.

Function Feature Amazon S3 Alibaba Cloud OSS
Deployment unit Bucket Storage space
Object identifier Key Key
Object metadata Metadata Object meta
Object version control Supported Not supported
Object lifecycle management Supported Supported
Update event notification Supported Supported
Storage type Standard, Intelligent-Tiering, Standard-Infrequent Access, One Zone-Infrequent Access, Glacier, Glacier Deep Archive Standard, Infrequent Access, Archive
Deployment location Region Region

1.1.1 Storage space (bucket)

Like AWS S3, Alibaba Cloud OSS uses buckets to store data. You can configure the region, access permissions, and lifecycle rules of each bucket. Both OSS buckets and S3 buckets must be named in accordance with the DNS standard. Bucket names must be globally unique, and they should not be nested.

By setting a bucket ACL, OSS authenticates a user to see whether they have access permission for a bucket, thereby implementing access control by using storage space levels.

OSS buckets do not currently support object version control, though it is supported by AWS S3. OSS will support this feature soon. You can check the OSS Release notes for the latest announcements.

The following table compares the features and terminologies of the deployment unit functions of AWS S3 and Alibaba Cloud OSS.

Function Feature Amazon S3 Alibaba Cloud OSS
Object storage Simple Storage Service (S3) Object Storage Service (OSS)
Deployment Unit Bucket Storage space (bucket)
Bucket ACL Supported Supported
Lifecycle Management Supported Supported
Max Bucket Quantity 100 30
Storage Type Standard, Intelligent-Tiering, Standard-Infrequent Access, One Zone-Infrequent Access, Glacier, Glacier Deep Archive Standard, Infrequent Access, and Archive
Version Control Supported Not Supported
Deployment Location Region Region

1.1.2 Object

Alibaba Cloud OSS stores file data in buckets. The file data is composed of a Key-Value and Object Meta pair. The Key is a unique identifier within a bucket. The Value stores object content. The Object Meta is a pair of key values which describe object properties, including the last modification time, size, and custom information.

Alibaba Cloud OSS buckets have no upper limit on total storage and number of objects. For large files, OSS supports segment-by-segment uploading. The maximum file size in OSS is 48.8 TB, whereas the maximum object size in AWS S3 is 5 TB.

1.2 Security

1.2.1 Object permission management (Object ACL)

Alibaba Cloud OSS and AWS S3 use similar methods to manage object permissions. Each OSS object can be configured with read and write permissions for the root account or any sub-account. By default, access permissions inherit bucket ACL properties. Users can set an ACL to Private-Read-Write, Public-Read, or Public-Read-Write. To follow good data security practices, we do not recommend that you use the Public-Read-Write permission unless necessary.

In addition, in combination with Alibaba Cloud Security Token Service (STS), OSS can employ the temporary security credentials of STS to implement object access without exposing the account AccessKey, thereby achieving highly secure access control.

1.2.2 Data security management

Alibaba Cloud OSS provides similar data encryption functions as AWS S3 to protect data while it is being transferred and when it is stored. Users can protect data during transfers by encrypting it through a client.

Alibaba Cloud OSS uses AES256 algorithms to implement data encryption on a server. After data is uploaded to OSS, the server encrypts the data and stores it on OSS. If a user downloads the data, OSS decrypts the data and returns the original data to the user.

1.3 Object management

1.3.1 Object lifecycle management

Alibaba Cloud OSS and AWS S3 provide similar lifecycle management functions. Alibaba Cloud OSS provides conversion and expiration operations for object lifecycles, allowing users to set matching rules, countdown times, and a schedule for objects, based on which the OSS degrades the storage type of the objects or deletes the objects that have expired.

Alibaba Cloud OSS categorizes storage types into Standard, Infrequent Access, and Archive, which correspond to the Standard, Standard IA, and Glacier types on AWS S3.

1.3.2 Event notification

Both Alibaba Cloud OSS and AWS S3 provide event notification functions. To enable users to receive notifications of events, Alibaba Cloud OSS allows users to create event notification rules. Based on these rules, a message is sent to a target if specific events occur.

Alibaba Cloud OSS has a different message push target from AWS S3. OSS allows an event message to be sent to a specified URL over HTTP or Alibaba Cloud Message Service. Users can obtain event messages after subscribing to the topic.

1.4 Functional difference

1.4.1 Append write

With OSS, you can constantly append written data to the end of the object while reading the data at the front of the object. This function allows the newly generated content at the end of a file and the front content to be read simultaneously by an application. This is useful for live media streaming scenarios.

S3 does not support appending of tail data. Instead, the object data must be re-uploaded to a new file, and so S3 cannot effectively meet the requirements of live streaming applications.

1.4.2 Strong consistency for delete and update

Alibaba Cloud supports strong read-after-write consistency for object deletion and update. S3 does not support strong consistency for update and delete. Instead, S3 provides eventual consistency, meaning that after you delete or update an object, you may not see the change if you read the data shorty afterwards.

1.5 OSS image processing service (Image service)

Alibaba Cloud OSS provides easy-to-use image processing functions for image files. After a user uploads images to OSS, the user can process the images through the RESTful API, for example, converting the image format, zooming, cropping, rotating, or adding watermarks.The following table compares the features and terminologies of the object functions of AWS S3 and Alibaba Cloud OSS.

Function Feature Amazon S3 Alibaba Cloud OSS
Storage object Object Object
Object ACL Supported Supported
Max object size 5 TB 48.8 TB
Data reliability 99.999999999% (11 nines) 99.999999999% (11 nines)
Object metadata Metadata Object meta
Object lifecycle management Supported Supported
Object version control Supported Not Supported
Update event notification Supported Supported
Cross-region Replication Supported Supported
Object append write Not Supported Supported
Concurrent or segment upload Supported Supported
High consistency Yes Yes
Data encryption Encrypted on client and server Encrypted on client and server
Request protocol HTTP/HTTPS HTTP/HTTPS/Bit Torrent
Image processing function Not Supported Supported

1.6 Service level agreement (SLA)

Both AWS S3 and Alibaba Cloud OSS provide service availability guarantees. If performance does not reach the guaranteed standard, the cloud providers will provide compensation according to the time the service is unavailable. For more information about the Alibaba Cloud OSS SLA, see Alibaba Cloud OSS Service Level Agreement.

1.7 Pricing

Amazon S3 offers a free usage tier for each month, where users only pay for the resources they consumed that exceed a predefined limit. The pricing for your S3 is dependent on the storage usage by storage type and size, request type and quantity, storage management fees, amount of data transferred out of Amazon S3, and data transfer acceleration fees.Like Amazon S3, Object Storage Service (OSS) fees are calculated based on the total volume of storage used, the amount of data transferred, and number of API requests made. For more information, see OSS Pricing.

2 Content Delivery Network

Alibaba Cloud Content Delivery Network (CDN) and Amazon CloudFront both deliver the content of the source site to the node nearest to the end user. This allows end users globally to receive their content with low latency and high efficiency. It resolves access delays caused by distribution, bandwidth, and server performance, and is applicable to scenarios such as website acceleration, video on demand, and live streaming.

Alibaba Cloud CDN has over 1500 nodes that cover 70 countries and regions in the world. Amazon CloudFront has 132 access points in 26 countries and regions.

CDN supports video AI, implements automatic content audit, and effectively identifies image and audio contents to avoid content violations.

Alibaba Cloud CDN includes five products: CDN, SCDN, PCDN, whole site acceleration, and edge node service. Their details are as follows:

  • CDN: Delivers the content of the source site to the node located nearest to the end user, so the user can retrieve the desired content faster and with greater reliability. It resolves access delays caused by distribution, bandwidth, and server performance, and is applicable to scenarios such as website acceleration, video on demand, and live streaming.
  • SCDN: Accelerates website access while protecting the website from threats such as DDoS, CC, Web app attacks, and malicious Web crawlers. It is suitable for websites that require content acceleration and security simultaneously.
  • PCDN: Delivers content by using the mass fragmented idle resources in the edge networks based on P2P technology. It can offer distribution quality equal to or higher than CDN, and significantly reduce the distribution cost. It is suitable in scenarios where you must deliver content in real time, such as video on demand, live streaming, and large file downloads.
  • Whole site acceleration: Improves the access experience of static resource hybrid websites. It supports static resource edge caches, dynamic content transmission back to the source through optimum routing, and provides improved access speeds and stability for whole websites. It is suitable for dynamic and static hybrid type websites, and pure dynamic type websites or applications.
  • Edge node service: Reduces the response delay and the bandwidth cost, reduces the pressure on the central cluster, and is suitable for businesses under the “center + edge” structure. CDN-based edge flexible infrastructure is provided, so that you no longer need to maintain computing and forwarding infrastructure.

2.1 Service model

Similar to AWS CloudFront, Alibaba Cloud CDN transfers source content to an edge node within a vast network of globally deployed nodes. In combination with a precise scheduling system, the CDN improves users’ web request speed.

2.2 Basic functions

The following table compares the basic features and terminologies of AWS CloudFront and Alibaba Cloud CDN.

Function Feature Amazon CloudFront Alibaba Cloud CDN
Source Station Type S3 domain name, custom domain name OSS domain name, custom domain name, and IP address
Automatic Compression Supported Supported
Cache Request Type Default: GET, HEAD Optional: OPTIONS GET
Transparently Transmitted Request Type Configurable. The following options are supported: 1) GET, HEAD; 2) GET, HEAD, OPTIONS; 3) GET, HEAD, OPTIONS, PUT, POST, PATCH, DELETE The following requests are supported but not configurable: GET, POST, HEAD, PUT, DELETE, OPTIONS
Cache Refresh Not supported Supported
Cache Failure Supported Not supported
HTTP Jump to HTTPS Supported Supported
CDN Cache TTL Configuration Supported Supported
Access Log S3 Console
Geographic Location Limit Supported Not Supported

2.2.1 Source station type

Alibaba Cloud CDN can be configured as an origin site, including OSS domain name, custom origin domain name, and IP address.

AWS CloudFront accelerates delivery of S3 domain name or custom origin domain name configurations.

2.2.2 Data compression

To reduce transmission content and accelerate delivery speed, both Alibaba Cloud CDN and AWS CloudFront provide the data compression function.

2.2.3 Standard protocol support

It supports HTTP-1.1 standard protocol, HTTP-2.0 protocol optimization transmission and end-to-end HTTPS secure transmission.

2.2.4 Cache refresh

In certain situations, such as source site update and static content modification, the user may need to manually refresh the CDN cache. Alibaba Cloud CDN allows the user to extract the latest contents from the source site to refresh the CDN contents. CDN supports URL refresh, directory refresh and URL push. AWS CloudFront does support the refresh of designated cache contents.

2.2.5 Cache invalidation

In certain situations, the end user may need to delete the CDN cache contents ahead of time. The user may set the cache object as disabled and extract the latest contents to access the object, or use the object version management function based on files containing the object version.

2.2.6 Access log

Alibaba Cloud CDN and AWS CloudFront provide log download/combination tools. Alibaba Cloud CDN implements log download on the console, but AWS CloudFront stores logs in S3 buckets for users to download.

2.2.7 Site acceleration

The whole site acceleration supports dynamic/static content acceleration and websocket long connection protocol. For the websites with industry dynamic contents, dynamic and static hybrid contents, especially websites with many dynamic resource requests (for example, asp, jsp or php files), we recommended that you use Alibaba Cloud whole website acceleration, which can accelerate both dynamic content and static content.

2.2.8 Geographic location restriction

To specify the regions for content delivery, the end user is permitted to set the white list and black list of countries and regions. The data on distribution place can be identified based on the white list and black list.

2.3 Security

The following table compares the security functions and terminologies of AWS CloudFront and Alibaba Cloud CDN.

Function Feature Amazon CloudFront Alibaba Cloud CDN
Full Link HTTPS Supported Supported
Integrated Certificate Management Yes Yes
Access Authentication Supported Supported
Sub-account Access Control Supported Supported
WAF Security Defense Supported Supported

2.3.1 Https

Like AWS CloudFront, Alibaba Cloud CDN supports full link HTTPS speedup. Alibaba Cloud users can select a certificate using the certificate service or upload a custom certificate/private key and query and update the certificate in online mode.

The two cloud providers support redirect HTTP to HTTPS. Alibaba Cloud CDN supports HTTP and HTTPS, redirect HTTP to HTTPS, and redirect to HTTP or HTTPS.

Alibaba Cloud CDN does not currently support SNI back-to-source.

2.3.2 Access authentication

AWS CloudFront and Alibaba Cloud CDN support access authentication for private content. Alibaba Cloud CDN uses signature URL through which a user initiates a request to the CDN. Upon receiving the request, the CDN node checks the request for its validity and rejects invalid requests. Alibaba Cloud CDN supports three models of signature encryption methods.

AWS CloudFront creates Origin Access Identity user (Trusted Signer), and authorizes the Trusted Signer with the right to access private content. When a user who meets the permission requirement requests to access the private content, an App delivers a Signed URL or Set-Cookie headers. The user clicks the Signed URL or Set-Cookie, and AWS CloudFront checks the request for its validity using a key and rejects invalid requests.

2.3.3 Sub-account access control

Like AWS CloudFront, Alibaba Cloud CDN authorizes sub-accounts with a policy to access CDN resources based on the Resource Access Management (RAM) service, thereby limiting or authorizing permissions on the CDN resources.

2.3.4 WAF security defense

AWS CloudFront and Alibaba Cloud CDN can combine with WAF to implement security defense.

2.4 Streaming media

Alibaba Cloud CDN supports live streaming, on-demand, RTMP video scenarios, and provides video transcoding, slicing, and playback functions.

The following table compares the streaming media functions of AWS CloudFront and Alibaba Cloud CDN:

Function Feature Amazon CloudFront Alibaba Cloud CDN
Live Streaming Supported Supported
On-demand Videos Supported Supported
Video Transcoding Supported Supported
Format Microsoft Smooth, HLS, HDS or MPEG-DASH, and RTMP HLS, RTMP

2.5 Pricing

AWS CloudFront offers two types of pricing model: On-demand pricing and reserved capacity pricing. The costs for CloudFront comprises of data transfer fees out to Internet/region and the request fees of all HTTP/HTTPS methods.

The pricing of Alibaba Cloud CDN comprises of data transfer traffic and HTTPS requests for secure acceleration. There are two billing methods for data transfer fees: Pay-By-Bandwidth and Pay-By-Traffic. You can also subscribe to one or more Traffic Packages for a year.

For the duration of the resource package, fees are deducted for your use of the traffic quota. For traffic exceeding the quota, fees are billed based on the existing billing rules.

3. File storage

AWS and Alibaba Cloud both provide file storage services. In this section we are going to compare and contrast Amazon Elastic File System (Amazon EFS) with Alibaba Cloud Network Attached Storage (NAS).

3.1 Service model

An Amazon Elastic File System (Amazon EFS) is accessed by EC2 instances running inside VPC. Amazon EFS allow users to create and configure file systems. You can mount EFS file system on EC2 instance through a standard file system interface and file system access semantic.

Like Amazon EFS, you can access the Alibaba Cloud NAS file system through standard POSIX interfaces when using Alibaba Cloud ECS instances or other nodes such as HPC or Docker.

Function Feature Amazon EFS Alibaba Cloud NAS
Access Point Mount target Mount Point
Storage Capacity Petabyte scale 10 PB (Capacity-type),1 PB (Performance-type)*
Scale Up/Down Supported (automation) Supported
Performance Supported Supported
Cross Instance Access Supported Supported
Multiple Client Access Supported Supported
Access Control Supported Supported
Protocol NFSv4.0, v4.1 NFSv3, NFSv4, >SMB2.0*
Compute Node EC2 ECS, HPC, Docker

3.2 Performance

There are two performance modes that Amazon EFS offers: General Purpose and Max I/O. Users can choose the preferred performance mode according to specific use cases.

Throughput on Amazon EFS scales as a file system grows. And Amazon EFS offers a burstable performance capability for high throughput levels in short periods of time.

Like Amazon EFS, Alibaba Cloud NAS also offers two performance modes: capacity-type and performance-type*. Each model offers different performance and storage capability.

Total throughput for each performance-type* file system (MB/s) = minimum [0.6 MB/s * capacity of file system (GB) + 600 MB/s, 20 GB/s]

Total throughput for each capacity-type file system (MB/s) = minimum [0.15 MB/s * capacity of file system (GB) + 150 MB/s, 10 GB/s]

The upper limit of the storage capacity of an SSD performance-type file system is 1 petabyte, and that of a capacity-type file system is 10 petabytes.

Performance Amazon EFS Alibaba Cloud NAS
Latency Millisecond-level Millisecond-level
Total throughput for Each File System 1-3GB/s,Burst up to 10+ GB/s 10 GB/s (Capacity-type), 20 GB/s(Performance-type)*
Concurrent Clients per File System Several thousand 10,000+
  • As of January 2018, SMB for Windows and performance type NAS (all SSD) are only available on the Mainland China portal. These two features will be launched on the International portal soon.

3.3 Security

Amazon EFS offers four levels of access control to consider for Amazon EFS file systems, with different mechanisms used for each.

Like Amazon EFS, Alibaba Cloud NAS also provided multiple security mechanisms including support for network isolation (VPC) and user isolation (classic network), file system standard access and group permissions control, and RAM master account and sub-account authorization. These features are implemented to ensure complete data security in the file system.

3.4 Migration

Amazon EFS File Sync provides a fast and simple way for you to securely sync data from existing on-premises or in-cloud file systems into Amazon EFS file systems. Users need to download and deploy a File Sync agent into the source environment, configure the source and destination file systems, and start the sync.

Alibaba Cloud NAS also provides migration tool named nasimport. It supports migration to Alibaba Cloud NAS from a wide variety of source storage including:

  • Local data centers
  • Alibaba Cloud OSS
  • Third-party storage services (Amazon S3, Baidu Object Storage, Tencent Cloud COS, Jinshan Object Storage, UPYUN, Qiniu, and HTTP links)

For more information, see Nasimport Tools.

3.5 Pricing

With Amazon EFS, you pay only for the storage used by your file system. You don’t need to provision storage in advance and there is no minimum fee or setup cost.

Like Amazon EFS, Alibaba Cloud NAS fees are calculated based on the total volume of storage used per month. There is no minimum fee and there are no set-up charges. There are also no charges for bandwidth or requests. Furthermore, NAS provides a storage plan for users who want to create a NAS file system. By purchasing a storage plan ahead of time, you realize significant cost savings compared to Pay-As-You-Go storage fee per GB.

For more information, see Alibaba Cloud NAS pricing.

4. Nosql database

Amazon DynamoDB and Alibaba Cloud Table Store are two similar fully managed cloud NoSQL database services. With cloud based NoSQL database service, users do not have to care about hardware provisioning, setup and configuration, replication, partition, software patching, and cluster scaling.

4.1 Service model

Amazon DynamoDB is a fully managed NoSQL database service whose service-side latencies are typically within a single-digit millisecond. With a distributed database cluster, DynamoDB provides unlimited storage space and it automatically scales up and down.

DynamoDB supports both document and key-value data structures. Like other database systems, DynamoDB stores data in tables. A table is a collection of items, and each item is a collection of attributes. Once you have created a DynamoDB table, use the AWS SDKs to write, read, modify, and query items in DynamoDB.

Similarly, Alibaba Cloud Table Store is a fully managed NoSQL database service based on automatic data partitioning and load balancing technologies. Based on SSD technology, this cloud NoSQL database service enables you to store large quantities of structured and semi-structured data with real-time access. Table Store also features strong consistency and single-digit millisecond latency.You can query Table Store by RESTful API, web-based Management Console, or SDKs.

Function Feature Amazon DynamoDB Alibaba Cloud Table Store
Data Model Amazon DynamoDB Alibaba Cloud Table Store
Latency Single-digit milliseconds Single-digit milliseconds
Scale Any Any
Storage Medium SSD SSD
Data Partition Supported Supported
Data structure Document/ Key-value Structured and semi-structured
Access method SDKs, the Management Console and API RESTful API and SDKs

4.2 Data model

A table is a collection of data in Amazon DynamoDB. Each table contains multiple items. An item is a group of attributes and can have its own distinct attributes. Each item is composed of one or more attributes. Most of the attributes are scalar, which means that they can have only one value. Some of the items have a nested attribute (address).

In order to determine the partition for each item, you must specify the primary key in each table. A primary key can be either a partition key or a partition key & sort key.

DynamoDB also allows user to define up to five global secondary indexes and 5 local secondary indexes in each table to improving data access. DynamoDB supports nested attributes up to 32 levels deep.Like Amazon DynamoDB, the data model of Alibaba Cloud Table Store is described by Table, Row, Primary Key, and Attribute. A table is a set of rows, and a row consists of the Primary Key and Attribute. The Primary Key and Attribute consist of names and values.

A table must define at least one Primary Key. And the first primary key will be the partition key.

Each Attribute column can contain multiple versions, and each version (that is, the timestamp) corresponds to a value, which is different from that of a Primary Key column.

4.2.1 Version control

Unlike Amazon DynamoDB, Alibaba Cloud Table Store provides version management for each attribute columns. The version is a timestamp defined by the number of milliseconds that have elapsed since 01/01/1970 00:00:00 UTC. When you read from each row, you can specify the maximum number of versions per attribute column, or the version range. The earlier versions will be discarded when the number of version exceeds the value of Max Versions.

4.2.2 Time to live (TTL)

Similar to Amazon DynamoDB, Alibaba Cloud has the TTL attribute which provides a mechanism to set a specific timestamp for expiring items from your table. Table Store clears any data asynchronously that exceeds the TTL.

The following table compares the data model of each service:

Data Model Amazon EFS Alibaba Cloud Table Store
Schema Schema-less Schema-less
Data Unit Table Table
Data Record Item Row
Unique Identifier Partition key /Partition key and sort key Primary Key
Primary Key Type String, number, or binary String, integer, or binary
Secondary Indexes Supported Not Supported
Nested Attribute Supported Not Supported
Versioning Not Supported Supported
TTL Supported Supported

4.3 Performance

When you create a table or index in Amazon DynamoDB, you must specify the throughput capacity in terms of read capacity units and enter the capacity units. And if your read or write requests exceed the throughput settings for a table, DynamoDB can throttle that request.

DynamoDB provides the three mechanisms for managing throughput:

  • DynamoDB Auto Scaling: By setting a DynamoDB auto scaling, the table will increase and decrease the throughput to adjust the request.

  • Provisioned Throughput: By defining the throughput manually, DynamoDB will throttle your application if it exceeds your provisioned throughput settings.

  • Reserved Capacity: You pay a one-time upfront fee and commit to a minimum usage level over a period of time.

Like AWS DynamoDB, the read/write throughput of Alibaba Cloud Table Store is measured by read/write capacity units (CUs). Table Store provides two options for managing throughput:

  • Reserved throughput: Set the reserved read/write throughput to a value greater than 0, and Table Store will assign and reserve enough resources for the table according to this configuration to guarantee low resource costs.

  • Additional throughput: If the actual consumed read/write throughput exceeds the reserved read/write throughput, Table Store will allocate additional throughput automatically to meet your requirements.

Performance Amazon DynamoDB Alibaba Cloud Table Store
Read Capacity Units(per second) Strongly consistent read: 4 KB/item 4 KB/item
Write Capacity Units(per second) 1 KB/item 4 KB/item

4.4 Security

AWS provides authentication and access control for Amazon DynamoDB by integrating with AWS Identity and Access Management (IAM) for fine-grained access control for users within your organization. You can assign unique security credentials to each user and control each user’s access to services and resources. You can also obtain temporary security credentials from AWS Security Token Service (AWS STS) by using web identity federation.

Alibaba Cloud Table Store also offers user-level data isolation, and access control and permission management. When it is used with Alibaba Cloud Resource Access Management (RAM) and Security Token Service (STS), Table Store allows users to access tables through subaccounts with different permissions. You can control permissions by granting users temporary access authorization.

4.5 Backup and restore

Amazon DynamoDB provides on-demand backup and restore capability. You can back up and restore your DynamoDB table data with a single click in the AWS Management Console or with a single API call.

Unlike Amazon DynamoDB, Alibaba Cloud Table Store automates the backup and restore process. Table Store can manage multiple cloud data backups across different servers and racks. If any node of the backups fails, the other servers with backup copies will immediately restore the data to achieve zero data loss.

4.6 Pricing

Amazon DynamoDB offers a free tier limit. Users only need to pay for the resources they consume after exceeding the limits. The DynamoDB fees depend on indexed data storage, throughput type, Capability Units consumption, the traffic of data transfer “out”, and the storage size of the table for backup and restore operations.

Like DynamoDB, Alibaba Cloud Table Store pricing is divided into four parts: data storage that exceed free quota, the reserved read/write throughput, the additional read/write throughput, and Internet downstream traffic. For more information, see Table Store Pricing.