Atlas Cloud’s surface is small but the nouns are not always obvious. This page names every primitive in one screen.
| Noun | What it is | Where it shows up |
|---|---|---|
| Zone | A physical region. Atlas has one: is1 (Iceland). | Required on every resource. |
| Template | An operating-system image (Ubuntu 24.04, Debian 12, etc.). | Instance creation. |
| Compute Offering | A VM size — a vCPU+RAM combination (e.g. Small = 1 vCPU / 4 GiB). | Instance creation. |
| Disk Offering | A data-disk size. Optional. Root disks are sized by the Compute Offering. | Instance creation, volumes. |
| Instance | A running virtual machine (KVM under the hood). | Compute. See Launch a VM. |
| Volume | A block storage volume. Persists through reboots. | Compute. |
| Snapshot | A point-in-time copy of a volume or instance. | Compute. See Snapshots. |
| SSH key pair | A public key registered with Atlas; injected into VMs at boot. | Compute. See SSH keys. |
| User data | A cloud-init script run at instance first boot. | Compute. See User data & cloud-init. |
| Guest network | A simple L2 network with NAT to the internet. The “home Wi-Fi” of Atlas. | Networking. See Guest networks. |
| VPC | A routed multi-tier network with private subnets. | Networking. See VPC. |
| Public IP | A routable IPv4 address. Allocated, then bound to a VM via port-forwarding. | Networking. See Public IPs. |
| Firewall rule | An ingress rule on a Public IP (which protocols/ports to accept). | Networking. |
| Port-forward rule | A NAT rule mapping public_ip:public_port → vm:private_port. | Networking. |
| Network ACL | A stateless subnet-level firewall (applies to VPC tiers). | Networking. See ACLs. |
| Site-to-site VPN | An IPsec tunnel between Atlas and your on-prem network. | Networking. See Site-to-site VPN. |
| Bucket | An S3-compatible object storage container at s3.runatlas.is. | Storage. See Buckets. |
| Object | A file stored in a bucket. | Storage. |
| API credential | An API key + Secret key pair used to sign requests against sky.runatlas.is/client/api. | All interfaces except the Console. See Credentials. |
| Account | A billing entity. Owns instances, volumes, networks, buckets. | All. |
| User | A person authorized within an Account. | Identity. See Create a user. |
| Domain | A hierarchical grouping of Accounts (CloudStack concept). Most users only need the default. | Identity. |
If you’re new to CloudStack-shaped clouds, the surprises are usually:
- A Public IP is not implicitly attached to a VM. You allocate one, forward ports, and firewall them.
- Guest networks and VPCs are different beasts. A Guest network is simple and flat; a VPC has tiers, route tables, and ACLs.
- Templates are not images you SSH into directly — you launch an Instance from a template.
Everything else maps to its AWS equivalent: VPC ≈ VPC, ACL ≈ Security Group (stateless), Instance ≈ EC2, Bucket ≈ S3, Volume ≈ EBS.