公开(公告)号：US11496519B1

公开(公告)日：2022-11-08

申请号：US16699320

申请日：2019-11-29

Applicant: Amazon Technologies, Inc.

Inventor： Diwakar Gupta ,  David Wachtfogel ,  Marc Stephen Olson ,  Anthony Nicholas Liguori ,  Stephen David Hildrey

IPC: H04L9/40 ,  H04L9/08

Abstract: Security can be provided for data stored using resources that are deployed in an environment managed by a third party. Physical and logical detection mechanisms can be used to monitor various security aspects, and the resulting security data can be used to identify potential threats to these resources. In some embodiments, suspicious activity can cause resources such as data servers to be automatically and remotely rebooted such that keys stored in volatile memory on those data servers will be lost from those servers, such that an attacker will be unable to decrypt data stored on those servers. Once a determination of safety is made, the keys can be provided to the respective data servers such that data operations can resume.

公开(公告)号：US11470047B1

公开(公告)日：2022-10-11

申请号：US16699306

申请日：2019-11-29

Applicant: Amazon Technologies, Inc.

Inventor： Upendra Bhalchandra Shevade ,  Diwakar Gupta ,  Ishwardutt Parulkar ,  Georgios Elissaios

IPC: G06F15/00 ,  H04L9/40 ,  H04L67/10 ,  H04L41/0806 ,  H04L67/306 ,  H04L12/46

Abstract: Techniques are described for a cloud provider to provide a managed experience related to the use of virtual networks and subnets to logically group user computing resources deployed at provider substrate extensions. A cloud provider enables users to create virtual network templates used when deploying computing resources at provider substrate extensions, where such virtual network templates may include various networking, security, and other configurations to be applied to network traffic and other activity of resources deployed within an associated virtual network. Once a virtual network template is defined, a user can use the template as the basis to launch resources into the virtual network and, by extension, into provider substrate extensions associated with the virtual network. Upon receiving such a request, the provider network can manage the creation and configuration of underlying subnets, route tables, and other resource, as needed, at each of the relevant provider substrate extensions.

公开(公告)号：US20220311837A1

公开(公告)日：2022-09-29

申请号：US17216019

申请日：2021-03-29

Applicant: Amazon Technologies, Inc.

Inventor： Diwakar Gupta ,  Upendra Bhalchandra Shevade ,  Kaixiang Hu ,  Kiran Kumar Edara ,  Shane Ashley Hall ,  Ishwardutt Parulkar

IPC: H04L29/08 ,  G06F9/54 ,  G06F9/445 ,  G06F21/57 ,  G06F21/53

Abstract: Disclosed are various embodiments that provide customizable data-processing network functions for radio-based networks. In one embodiment, a data-processing network function is operated in a radio-based network for a customer. Input data is received from the customer to configure the data-processing network function to perform a customized function for the radio-based network. The data-processing network function is configured, in response to the input data, to perform the customized function when executed in the radio-based network.

公开(公告)号：US20220191303A1

公开(公告)日：2022-06-16

申请号：US17118569

申请日：2020-12-10

Applicant: Amazon Technologies, Inc.

Inventor： Diwakar Gupta ,  Kiran Kumar Edara ,  Igor A. Kostic ,  Kaixiang Hu ,  Shane Ashley Hall

IPC: H04L29/08 ,  H04W72/08

Abstract: Disclosed are various embodiments relating to an intersection of on-demand network slicing and content delivery. In one embodiment, in response to an application programming interface (API) request, a network slice is provisioned with a quality-of-service requirement in a radio-based network having a radio access network and an associated core network. Also in response to the API request, a transfer of content to a content delivery service at an edge location in the radio-based network is initiated in order to meet the quality-of-service requirement for the network slice.

公开(公告)号：US20220191131A1

公开(公告)日：2022-06-16

申请号：US17118558

申请日：2020-12-10

Applicant: Amazon Technologies, Inc.

Inventor： Diwakar Gupta ,  Kiran Kumar Edara ,  Igor A. Kostic ,  Kaixiang Hu ,  Shane Ashley Hall ,  Joseph Elmar Magerramov ,  Stephen Callaghan ,  Ethan Joseph Torretta ,  Ishwardutt Parulkar

IPC: H04L12/707 ,  H04L12/46 ,  H04L12/26

Abstract: Disclosed are various embodiments that provide highly available data-processing network functions for radio-based networks. In one embodiment, a tunnel host consistently routes network traffic associated with a range of network addresses in a radio-based network to a first instance of a data-processing network function instead of a second instance of the data-processing network function. A problem with the first instance of the data-processing network function is then detected. Additional network traffic associated with the range of network addresses is redirected from the first instance of the data-processing network function to the second instance of the data-processing network function.

公开(公告)号：US20220191112A1

公开(公告)日：2022-06-16

申请号：US17118563

申请日：2020-12-10

Applicant: Amazon Technologies, Inc.

Inventor： Diwakar Gupta ,  Igor A. Kostic ,  Kiran Kumar Edara ,  Kaixiang Hu ,  Shane Ashley Hall ,  Ishwardutt Parulkar

IPC: H04L12/24 ,  H04W84/18 ,  H04L29/08 ,  H04W36/14

Abstract: Disclosed are various embodiments for managing radio-based private networks. In one embodiment, a cellular network comprises at least one cell that provides a radio-based private network coverage of a site of an organization. The system further comprises at least one computing device in a cloud provider network that implements one or more network functions for an associated core network of the radio-based private network.

公开(公告)号：US11349718B2

公开(公告)日：2022-05-31

申请号：US16450854

申请日：2019-06-24

Applicant: Amazon Technologies, Inc.

Inventor： Alan Hadley Goodman ,  Georgios Elissaios ,  Diwakar Gupta

IPC: H04L12/24 ,  H04L41/0896 ,  H04L41/12

Abstract: Techniques for capacity bursting using a remote control plane are described. A method of capacity bursting using a remote control plane includes determining that a first control plane associated with a first area of a provider network has insufficient capacity to manage a plurality of resources in the first area, sending a request for a second control plane in a second area of the provider network to manage at least a first portion of the plurality of resources in the first area, the second control plane identified based at least on a backup hierarchy, and updating management of at least the first portion of the resources in the first area from the first control plane to the second control plane, wherein one or more references to endpoints of the first control plane are updated to be references to endpoints of the second control plane for at least the first portion of the resources managed by the second control plane.

公开(公告)号：US11336721B2

公开(公告)日：2022-05-17

申请号：US16699344

申请日：2019-11-29

Applicant: Amazon Technologies, Inc.

Inventor： Ishwardutt Parulkar ,  Diwakar Gupta ,  Georgios Elissaios

IPC: H04L29/08 ,  H04L67/1074 ,  H04L67/60 ,  G06F9/455 ,  H04L43/16

Abstract: Techniques for dynamic resource movement in heterogeneous computing environments including provider substrate extensions are described. A dynamic resource movement service of a provider network monitor conditions of heterogeneous computing environments, including provider substrate extensions of the cloud provider network, to evaluate customer-provided movement policy conditions governing when to move customer application resources from these environments, where to move the resource to, and/or how to move the customer application resources. The customer-provided movement policy conditions may be based on a variety of factors, such as a latency between end-users of the customer application and the application itself.

公开(公告)号：US11113120B1

公开(公告)日：2021-09-07

申请号：US16406290

申请日：2019-05-08

Applicant: Amazon Technologies, Inc.

Inventor： James Greenfield ,  Willem Visser ,  Diwakar Gupta

IPC: G06F9/50

Abstract: Techniques are described for enabling users to configure the auto scaling of virtual computing resources using various intent-based auto scaling configurations. Intent-based configurations generally provide various indications of how a user intends to use a scalable group of virtual computing resources and what expectations a user might have about how those resources are scaled in response to changes in demand. A service provider network receives first input to create a scalable group of virtualized computing resources, the first input indicating at least one primary scaling configuration used by the hardware virtualization service to scale the scalable group of compute instances over time, and further receives second input indicating at least one secondary, intent-based scaling configuration used to scale the virtualized computing resources, for example, when the service is unable to scale the group of virtualized computing resources according to the at least one primary scaling condition.

公开(公告)号：US11036554B1

公开(公告)日：2021-06-15

申请号：US16365327

申请日：2019-03-26

Applicant: Amazon Technologies, Inc.

Inventor： Leslie Andrew Prock ,  Diwakar Gupta ,  Jeremy Truelove ,  Zachary Christopher Mouri

IPC: G06F9/50 ,  H04L9/32 ,  H04L9/08 ,  G06F9/455

Abstract: A first request to reserve a quantity of resources that comply with a constraint specified in the first request is obtained. A set of available resources that fulfills the constraint is determined based on current capacity usage. A token is associated with the set of available resources, with the token being associated with an expiration. The quantity of resources from the set of available resources is reserved, where the quantity allocated is unavailable, until the expiration, to fulfill resource requests that lack the token. The token is provided in response to the first request.