Cloud Glossary: Letter A

Navigation: A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z

A

ABAC (Attribute-Based Access Control)

Access control method that grants permissions based on attributes (like user department, time of day, or resource tags) rather than fixed roles. More flexible than role-based access control for complex environments.

Abstraction

Hiding complex implementation details behind a simpler interface. In cloud infrastructure, abstraction layers let you interact with resources without managing underlying hardware or low-level operations.

Abstraction Layer

A software layer that provides a simplified interface to complex systems. Cloud abstraction layers hide differences between providers, making applications more portable.

Access Control

Security mechanisms that determine who can access specific resources and what actions they can perform. Includes authentication (proving identity) and authorization (granting permissions).

Access Control List (ACL)

A list of rules that specify which users or systems can access a resource and what operations they can perform. Common in network security and storage systems.

Access Key

A credential consisting of an access key ID and secret access key, used to make programmatic requests to cloud APIs. Treat these like passwords and rotate them regularly.

Access Management

The processes and technologies used to control who can access resources in your cloud environment. Includes identity management, permissions, and access policies.

Access Point

A network device that allows wireless devices to connect to a wired network. In cloud contexts, also refers to simplified access configurations for services like storage.

Access Policy

A document that defines permissions and access rules for resources. Policies specify who can do what with which resources under what conditions.

Access Token

A credential that grants temporary access to resources without exposing long-term credentials. Commonly used in API authentication and OAuth flows.

Account

A container for cloud resources and billing. Organizations typically use multiple accounts to separate environments (production, staging, development) or business units.

ACID (Atomicity, Consistency, Isolation, Durability)

A set of properties that guarantee database transactions are processed reliably. Critical for systems requiring strong data consistency like financial applications.

Active Directory

Microsoft's directory service for managing users, computers, and other resources in a network. Often integrated with cloud environments for identity management.

Active-Active

An architecture where multiple systems run simultaneously, all handling requests. Provides better performance and availability than active-passive setups.

Active-Passive

A failover architecture where one system handles requests while backup systems remain on standby. If the active system fails, a passive system takes over.

Activity Log

A record of operations performed on cloud resources. Essential for auditing, troubleshooting, and security monitoring.

Adapter

A component that translates between different interfaces or protocols, enabling incompatible systems to work together. Common in integration and migration scenarios.

Address Space

The range of IP addresses available in a network. Proper address space planning prevents conflicts and supports future growth.

Admin Console

A web-based interface for managing cloud resources, users, and settings. Provides a visual alternative to command-line tools.

Administrator

A user with full permissions to manage cloud resources. Use administrative access sparingly and follow the principle of least privilege.

AES (Advanced Encryption Standard)

A widely-used symmetric encryption algorithm. AES-256 is the current standard for encrypting sensitive data at rest and in transit.

Affinity

Rules that determine which resources should run together on the same physical hardware. Improves performance by reducing network latency between related components.

Agent

Software installed on servers or containers that collects data, executes tasks, or enables management from a central system. Common in monitoring and configuration management.

Agentless

Monitoring or management solutions that don't require installing software on target systems. Relies on APIs, remote protocols, or network scanning instead.

Aggregate

Combining multiple data points or resources into a summary or single unit. Used in monitoring metrics, cost reports, and data analysis.

AIOps (Artificial Intelligence for IT Operations)

Using machine learning and AI to automate IT operations tasks like anomaly detection, root cause analysis, and incident prediction.

Alarm

An automated alert triggered when a metric crosses a defined threshold. Critical for proactive monitoring and incident response.

Alert

A notification sent when specific conditions are met, such as high CPU usage or failed deployments. Helps teams respond quickly to issues.

Algorithm

A step-by-step procedure for solving a problem or performing a computation. In cloud contexts, refers to encryption algorithms, load balancing algorithms, or routing algorithms.

Alias

An alternate name for a resource that's easier to remember than the actual identifier. Commonly used for DNS records and resource references.

Allowlist

A security approach that explicitly permits specific entities (IPs, users, applications) while blocking everything else. More secure than blocklists but requires more maintenance.

Amplify (AWS)

AWS service for building and deploying full-stack web and mobile applications. Provides hosting, authentication, APIs, and backend services.

Ansible

An open-source automation tool for configuration management, application deployment, and task automation. Uses simple YAML files and doesn't require agents on target systems.

Anti-affinity

Rules that ensure resources don't run on the same physical hardware. Improves reliability by spreading workloads across different failure domains.

Anti-pattern

A common but ineffective or counterproductive solution to a problem. Learning anti-patterns helps avoid costly architectural mistakes.

Anthos (Google Cloud)

Google's hybrid and multi-cloud application platform. Enables consistent deployment and management across on-premises, Google Cloud, and other cloud providers.

Anycast

A network routing method where a single IP address is announced from multiple locations. Requests are routed to the nearest location, improving performance and reliability.

Apache

Open-source web server software and the Apache Software Foundation that maintains many widely-used projects (Kafka, Spark, Hadoop, Cassandra).

API (Application Programming Interface)

A set of rules and protocols that allows different software applications to communicate. APIs define what requests can be made, how to make them, and what responses to expect.

API Endpoint

A specific URL where an API can be accessed. Each endpoint typically corresponds to a specific function or resource in the system.

API Gateway

A service that acts as a single entry point for API requests. Handles routing, authentication, rate limiting, monitoring, and protocol translation.

API Key

A unique identifier used to authenticate API requests. Simpler than OAuth but less secure; typically used for server-to-server communication.

API Management

Tools and practices for publishing, securing, analyzing, and scaling APIs. Includes features like rate limiting, versioning, and developer portals.

API Rate Limiting

Restricting the number of API requests a user or application can make within a time period. Prevents abuse and ensures fair resource usage.

API Throttling

Slowing down or rejecting API requests when rate limits are exceeded. Protects backend systems from being overwhelmed.

API Version

A specific release of an API with defined functionality. Versioning allows changes without breaking existing integrations.

APM (Application Performance Monitoring)

Tools and practices for tracking application performance, user experience, and system health. Monitors response times, error rates, and resource usage.

App Engine (Google Cloud)

Google Cloud's platform for building and hosting web applications. Handles infrastructure management automatically so developers can focus on code.

App Service (Azure)

Azure's platform for building, deploying, and scaling web apps and APIs. Supports multiple languages and frameworks with automated management.

Application

A software program designed to perform specific tasks. In cloud contexts, refers to the complete stack including code, dependencies, and configurations.

Application Delivery Controller

A network device or service that manages and optimizes application traffic. Provides load balancing, SSL termination, and application security.

Application Gateway (Azure)

Azure's layer 7 load balancer with web application firewall capabilities. Routes traffic based on application-level attributes like URL paths.

Application Layer

The topmost layer in network architecture where applications and end-users interact. Includes protocols like HTTP, HTTPS, and FTP.

Application Load Balancer (ALB)

A load balancer that operates at the application layer (Layer 7), making routing decisions based on content like URLs, headers, or cookies.

Application Migration

Moving applications from on-premises to cloud, between clouds, or modernizing application architecture. Includes assessment, planning, and execution phases.

Application Modernization

Updating legacy applications to use modern architectures, often involving containerization, microservices, or serverless approaches.

Application Security

Practices and tools for protecting applications from threats throughout their lifecycle. Includes secure coding, vulnerability scanning, and runtime protection.

Application Server

Software that hosts and runs application code, handling business logic and database connections. Examples include Tomcat, JBoss, and IIS.

Application Tier

A logical layer in multi-tier architecture. Common tiers include presentation (UI), application (business logic), and data (database).

Arc (Azure)

Azure's service for managing servers, Kubernetes clusters, and data services across on-premises, multi-cloud, and edge environments from a single control plane.

Architecture

The high-level structure of a system, including components, their relationships, and principles guiding design and evolution.

Architecture Diagram

A visual representation of system components and their relationships. Essential for communication, documentation, and planning.

Archive

Moving infrequently accessed data to lower-cost, long-term storage. Archived data has longer retrieval times but significantly reduced costs.

Archive Storage

Storage tier optimized for long-term retention of rarely accessed data. Offers the lowest cost per gigabyte with higher retrieval fees and delays.

Artifact

A deployable unit produced by a build process, such as compiled code, container images, or packaged applications. Stored in artifact repositories.

Artifact Registry

A service for storing and managing build artifacts like container images, packages, and dependencies. Supports versioning and access control.

Asymmetric Encryption

Encryption using a public key for encryption and a private key for decryption. More secure than symmetric encryption but slower; used for key exchange and digital signatures.

Asynchronous

Operations that don't block execution while waiting for completion. Improves performance and responsiveness by allowing other work to proceed simultaneously.

Asynchronous Replication

Copying data to another location without waiting for confirmation. Faster than synchronous replication but risks data loss if the primary system fails before replication completes.

At-Rest Encryption

Encrypting data while stored on disk or in databases. Protects data if storage media is stolen or improperly disposed of.

Atomic Operation

An operation that completes entirely or not at all, with no partial states visible. Essential for maintaining data consistency in distributed systems.

Attach

Connecting a resource to another resource, such as attaching a storage volume to a virtual machine or a policy to a user.

Attack Surface

The sum of all points where an unauthorized user could attempt to access or extract data. Reducing attack surface is a key security principle.

Attack Vector

A method or path an attacker uses to gain unauthorized access to a system. Common vectors include phishing, SQL injection, and misconfigured permissions.

Attestation

Cryptographic proof that a system is in a known, trusted state. Used in secure boot processes and confidential computing.

Attribute

A property or characteristic of a resource, such as tags, metadata, or configuration settings. Used for organization, access control, and automation.

Audit

A systematic examination of systems, processes, or data to ensure compliance, security, and proper operation. Critical for regulatory compliance.

Audit Log

A chronological record of system activities and events. Essential for security investigations, compliance, and troubleshooting.

Audit Trail

A complete, tamper-evident record of all actions taken on a system. Used to demonstrate compliance and investigate security incidents.

Authentication

The process of verifying the identity of a user, application, or system. Common methods include passwords, tokens, certificates, and biometrics.

Authorization

Determining what actions an authenticated user or system is permitted to perform. Happens after authentication and enforces access policies.

Auto-healing

Automatically detecting and recovering from failures without manual intervention. Includes restarting failed services, replacing unhealthy instances, or switching to backups.

Auto-provisioning

Automatically creating and configuring resources based on demand or policies. Reduces manual work and ensures consistency.

Auto-scaling

Automatically adjusting computing resources based on demand. Scales up during traffic spikes and down during quiet periods to optimize costs and performance.

Auto Scaling Group (ASG)

A collection of instances managed as a logical unit for automatic scaling and management. Maintains desired capacity and replaces unhealthy instances.

Automated Backup

Scheduled, automatic copying of data to protect against loss. Includes retention policies, versioning, and recovery testing.

Automated Deployment

Using scripts or tools to deploy applications consistently without manual steps. Reduces errors and speeds up release cycles.

Automated Failover

Automatically switching to a backup system when the primary system fails. Minimizes downtime and maintains service availability.

Automated Patching

Automatically applying security updates and patches to systems. Reduces vulnerabilities while minimizing manual maintenance.

Automated Rollback

Automatically reverting to a previous version when a deployment fails or causes issues. Protects production from bad releases.

Automated Testing

Running tests automatically as part of the development or deployment process. Catches bugs early and ensures quality.

Automation

Using technology to perform tasks with minimal human intervention. Improves consistency, speed, and reliability while reducing errors.

Autonomous System (AS)

A collection of IP networks under a single organization's control that presents a common routing policy to the internet. Identified by an AS Number (ASN).

Availability

The percentage of time a system is operational and accessible. Measured as uptime divided by total time, often expressed as "nines" (99.9% = three nines).

Availability Set

A logical grouping that ensures virtual machines are distributed across multiple physical hardware to prevent simultaneous failure.

Availability Zone (AZ)

Isolated data centers within a cloud region, each with independent power, cooling, and networking. Using multiple zones protects against data center failures.

AWS (Amazon Web Services)

Amazon's comprehensive cloud computing platform offering over 200 services including compute, storage, databases, networking, and machine learning.

Azure

Microsoft's cloud computing platform providing services for computing, analytics, storage, networking, and more, with strong integration with Microsoft products.