Glossary
Key terms and concepts used throughout the KredSLA platform and documentation.
Cloud & Infrastructure
| Term | Definition |
|---|---|
| SLA (Service Level Agreement) | A contractual commitment from a cloud provider guaranteeing a minimum level of service availability, typically expressed as a monthly uptime percentage (e.g., 99.99%). |
| SLO (Service Level Objective) | An internal performance target set by an organization, often more stringent than the provider's SLA. |
| SLI (Service Level Indicator) | A quantitative measure of a specific aspect of service performance, such as uptime, latency, or error rate. |
| SLA Credit | Monetary compensation (typically bill credits) owed by a cloud provider when their service fails to meet the agreed SLA. |
| Uptime Percentage | The fraction of time a service was available during a billing period. Usually measured monthly. Example: 99.95% uptime = ~21.9 minutes of downtime per month. |
| Multi-AZ | A deployment architecture spanning multiple Availability Zones within a cloud region for high availability. |
| Cross-Region Replica | A database or service copy in a different geographic region for disaster recovery. |
| IAM Role | An identity in AWS (or equivalent in other clouds) with specific permissions. KredSLA uses read-only IAM roles to access your cloud environment. |
| Service Principal | The Azure equivalent of an IAM role — an identity used by applications to access resources. |
KredSLA Platform
| Term | Definition |
|---|---|
| Cloud Account | A connected AWS, Azure, GCP, or OCI account that KredSLA monitors for SLA breaches. |
| Monitored Resource | A cloud resource (e.g., EC2 instance, RDS database, Cloud SQL instance) covered by an SLA and actively monitored for violations. |
| Discovery Scan | The automated process of enumerating all SLA-eligible resources in a connected cloud account. |
| Service Dependency Graph | A tree structure mapping the relationships between cloud resources, used to trace outages to their root managed-service failure. |
| Evidence Bundle | A structured package of metrics, incident records, and SLA references assembled to support a credit claim. |
| Claim Lifecycle | The progression of an SLA credit claim: Detected → Bundled → Filed → Approved/Rejected → Reconciled. |
| Observability Bridge | The KredSLA component that connects to cloud-native monitoring platforms (CloudWatch, Azure Monitor, GCP Monitoring, OCI Observability) for richer SLA detection. |
| SLA Library | A read-only reference of cloud provider SLA definitions, including uptime thresholds, credit tiers, and filing windows. |
| Contingency Fee | The percentage of recovered credits that KredSLA charges as its service fee (default 20%). No recovery = no fee. |
| Savings Widget | The dashboard panel displaying total recovered credits, trends, and provider-level breakdowns. |
| Claims Tracker | The dashboard table showing every SLA claim with its current status, evidence, and financial impact. |
Claim Statuses
| Status | Definition |
|---|---|
| Detected | An SLA breach has been identified and verified against the provider's official health feed. |
| Bundled | Evidence (metrics, incident records, dependency path, SLA reference) has been compiled for filing. |
| Filed | A support case has been submitted to the cloud provider via their API. |
| Approved | The cloud provider has accepted the claim and issued a credit. |
| Reconciled | The credit has been confirmed on the customer's billing statement. |
| Rejected | The cloud provider denied the claim. |
Security & Compliance
| Term | Definition |
|---|---|
| SOC 2 | A compliance framework that evaluates an organization's controls for security, availability, processing integrity, confidentiality, and privacy. Type I assesses control design; Type II tests effectiveness over time. |
| GDPR | The General Data Protection Regulation — EU legislation governing how personal data is collected, processed, stored, and deleted. |
| Right to Erasure (GDPR Art. 17) | A data subject's right to have their personal data deleted. KredSLA implements this as an immediate cascading deletion across all data stores. |
| DPA (Data Processing Agreement) | A contract between a data controller (customer) and data processor (KredSLA) required under GDPR Article 28. |
| OpenBao | An open-source fork of HashiCorp Vault used by KredSLA for secrets management. Cloud credentials are stored here, never in the application database. |
| RBAC (Role-Based Access Control) | Access control based on user roles. In KredSLA, every API request is scoped to the caller's organization, preventing cross-tenant access. |
| JWT (JSON Web Token) | A compact token format used for API authentication. KredSLA JWTs include issuer and audience claims with a 1-hour TTL. |
| 2FA (Two-Factor Authentication) | An additional verification step beyond username/password. KredSLA uses email-delivered one-time codes. |
| SAST (Static Application Security Testing) | Automated code analysis for security vulnerabilities. KredSLA uses Bandit for Python SAST in CI/CD. |
| RPO (Recovery Point Objective) | The maximum acceptable amount of data loss measured in time. KredSLA targets ≤ 5 minutes via RDS Point-in-Time Recovery. |
| RTO (Recovery Time Objective) | The maximum acceptable time to restore service after a failure. KredSLA targets ≤ 1 hour. |
Cloud Provider Terms
| Term | Definition |
|---|---|
| AWS Health API | Amazon's API for programmatic access to service events and outage information. |
| Azure Service Health | Microsoft's service for tracking the health of Azure resources. |
| GCP Status | Google's dashboard and API for reporting GCP service availability. |
| OCI Status | Oracle Cloud's service health reporting. |
| CloudWatch | AWS's monitoring service for metrics, logs, and alarms. |
| Azure Monitor | Microsoft's full-stack monitoring service for Azure resources. |
| GCP Cloud Monitoring | Google's infrastructure monitoring service (formerly Stackdriver). |
| Filing Window | The time period after an incident during which a credit claim must be submitted. Varies by provider: AWS (2 billing cycles), Azure (2 months), GCP (30 days). |
FinOps
| Term | Definition |
|---|---|
| FinOps | A financial operations practice for managing cloud costs, combining technology, finance, and business disciplines. |
| Cost Assurance | The practice of ensuring organizations pay only for delivered performance — recovering credits when providers fail to meet SLA commitments. |
| Financial Leakage | Money lost through unclaimed SLA credits, undetected billing errors, or unoptimized resource usage. |
| Vendor Accountability | Using performance data and recovery history to hold cloud providers accountable during contract renewals. |