公开(公告)号：US20160344671A1

公开(公告)日：2016-11-24

申请号：US14716713

申请日：2015-05-19

Applicant: Amazon Technologies, Inc.

Inventor： Amjad Hussain ,  Steven Merlin Twitchell ,  Mats Erik Lanner ,  Manivannan Sundaram ,  Sivaprasad Venkata Padisetty ,  Martin Chen Mao

IPC: H04L12/58 ,  H04L29/08

CPC classification number: H04L51/18 ,  G06F9/546 ,  G06F2209/541 ,  H04L51/046 ,  H04L67/10

Abstract: A method for executing commands on virtual machine instances in a distributed computing environment can include receiving, from a client computing device, a command execution request for executing a command on one or more virtual machine instances within the distributed computing environment. The command execution request includes a tag, and instance identification information for the one or more virtual machine instances is retrieved based on the tag. A command specification document associated with the command specified by the command execution request is retrieved. A command execution message, including the command specification document and at least one command parameter, is communicated to each of the one or more virtual machine instances. A command execution result from executing the command at the one or more virtual machine instances is received from the one or more virtual machine instances. The command execution result is sent to the client computing device.

Abstract translation: 在分布式计算环境中的用于在虚拟机实例上执行命令的方法可以包括从客户端计算设备接收用于在分布式计算环境中的一个或多个虚拟机实例上执行命令的命令执行请求。 命令执行请求包括标签，并且基于标签检索一个或多个虚拟机实例的实例标识信息。 检索与命令执行请求指定的命令相关联的命令规范文档。 包括命令规范文档和至少一个命令参数的命令执行消息被传送到一个或多个虚拟机实例中的每一个。 从一个或多个虚拟机实例接收到从一个或多个虚拟机实例执行命令的命令执行结果。 命令执行结果发送到客户端计算设备。

公开(公告)号：US20160241438A1

公开(公告)日：2016-08-18

申请号：US14622765

申请日：2015-02-13

Applicant: Amazon Technologies, Inc.

Inventor： Manivannan Sundaram ,  Manoj Krishna Ghosh ,  Nikolaos Pamboukas ,  Martin Chen Mao ,  Aaron Jeremiah Sheldon ,  Sivaprasad Venkata Padisetty

IPC: H04L12/24

CPC classification number: H04L41/0806 ,  G06F9/44 ,  G06F9/445 ,  G06F9/45558

Abstract: A service is disclosed that allows configuration, management and deployment of instances. A configuration document can be stored by the service and one or more instance identifiers can be linked to the configuration document. As a result, multiple instances can be launched and configured using a single configuration document allowing for a consistent result across instances. Local agents running on the instances can execute plug-ins in order to effectuate the configuration. As a result, administrators of instances can configure, manage and easily deploy their unique instance configurations. Customers who manage their instances can scale and manage their entire fleet with repeatable configuration tasks that seamlessly integrate into their instance workflow.

Abstract translation: 公开了允许实例的配置，管理和部署的服务。 服务可以存储配置文档，并且可以将一个或多个实例标识符链接到配置文档。 因此，可以使用单个配置文档启动和配置多个实例，以允许跨实例的一致结果。 在实例上运行的本地代理可以执行插件以实现配置。 因此，实例的管理员可以配置，管理和轻松部署其独特的实例配置。 管理其实例的客户可以通过无缝集成到其实例工作流程中的可重复配置任务来扩展和管理其整个车队。

公开(公告)号：US12061920B2

公开(公告)日：2024-08-13

申请号：US16715992

申请日：2019-12-16

Applicant: Amazon Technologies, Inc.

Inventor： Lekshmi Unnikrishnan ,  Manivannan Sundaram ,  Martin Chen Mao ,  Sivaprasad Venkata Padisetty ,  Praerit Garg ,  Sameer Palande ,  Bradley Scott Murphy ,  Manoj Krishna Ghosh

IPC: G06F9/455

CPC classification number: G06F9/45558 ,  G06F2009/4557

Abstract: A customer submits a request to a virtual computer system service to launch a virtual machine instance and to join this instance to a managed directory. The service may obtain, from the customer, a domain name and Internet Protocol addresses for the selected directory, which is then stored within a systems management server. When launched, the instance may initiate an agent, which may communicate with the systems management server to obtain the configuration information. The agent may use this configuration information to establish a communications channel with the managed directory and create a temporary set of computer credentials that may be used to verify that the customer is authorized to join the virtual machine instance to the managed directory. If the credentials are valid, the managed directory may generate a computer account within the managed directory, which may be used to join the virtual machine instance to the managed directory.

公开(公告)号：US11144513B1

公开(公告)日：2021-10-12

申请号：US15934792

申请日：2018-03-23

Applicant: Amazon Technologies, Inc.

Inventor： Sivaprasad Venkata Padisetty ,  Projesh Chowdhary ,  Volodymyr Drozdenko ,  Manivannan Sundaram ,  Jun He

IPC: G06F16/185 ,  G06F16/11 ,  G06F16/23 ,  G06F16/28

Abstract: A processing device determines that a parameter in a data store is associated with a parameter policy, wherein the parameter comprises a key-value pair and the parameter policy comprises metadata that affects a behavioral characteristic of the parameter. The processing device determines that a criterion included in the parameter policy is satisfied. The processing device determines one or more operations specified in the parameter policy and performs the one or more operations.

公开(公告)号：US10509663B1

公开(公告)日：2019-12-17

申请号：US14614230

申请日：2015-02-04

Applicant: Amazon Technologies, Inc.

Inventor： Lekshmi Unnikrishnan ,  Manivannan Sundaram ,  Martin Chen Mao ,  Sivaprasad Venkata Padisetty ,  Praerit Garg ,  Sameer Palande ,  Bradley Scott Murphy ,  Manoj Krishna Ghosh

IPC: G06F9/455

Abstract: A customer submits a request to a virtual computer system service to launch a virtual machine instance and to join this instance to a managed directory. The service may obtain, from the customer, a domain name and Internet Protocol addresses for the selected directory, which is then stored within a systems management server. When launched, the instance may initiate an agent, which may communicate with the systems management server to obtain the configuration information. The agent may use this configuration information to establish a communications channel with the managed directory and create a temporary set of computer credentials that may be used to verify that the customer is authorized to join the virtual machine instance to the managed directory. If the credentials are valid, the managed directory may generate a computer account within the managed directory, which may be used to join the virtual machine instance to the managed directory.

公开(公告)号：US10075557B2

公开(公告)日：2018-09-11

申请号：US14984957

申请日：2015-12-30

Applicant: Amazon Technologies, Inc.

Inventor： Edward Bradford Smith, II ,  Graeme David Baer ,  Manivannan Sundaram

IPC: H04L29/08 ,  H04L29/06

CPC classification number: H04L67/327 ,  H04L63/06 ,  H04L63/061 ,  H04L63/08 ,  H04L63/10 ,  H04L63/102 ,  H04L63/123 ,  H04L63/166

Abstract: The present document describes systems and methods that authorize client resources such as computers, servers, computing appliances, and virtual machines to access online services provided by an online service provider. To authorize a client resource, a client submits a registration request on behalf of the client resource to an authorization service provided by the service provider. The authorization service returns an activation code to the client. The activation code may expire after an amount of time, or upon first use. The client provides the activation code to an agent running on the client resource. The agent establishes communication with the authorization service, and upon providing the activation code to the authorization service, receives an authorization token that can be used by the client resource to access online services in accordance with security roles or permissions specified with the registration request.

公开(公告)号：US09794292B2

公开(公告)日：2017-10-17

申请号：US14975376

申请日：2015-12-18

Applicant: Amazon Technologies, Inc.

Inventor： Amjad Hussain ,  Manivannan Sundaram ,  Sivaprasad Venkata Padisetty ,  Nikolaos Pamboukas ,  Alan Hadley Goodman

IPC: H04L29/06 ,  H04L12/24 ,  G06F21/62

CPC classification number: H04L63/20 ,  G06F21/62 ,  H04L41/22 ,  H04L41/28 ,  H04L63/105

Abstract: A selection of a document that includes a command and a parameter is received, and a user is caused to be associated with a policy that grants permission to execute the document. A request is received, from a requestor, to execute the document, the request including a parameter value, and the requestor is determined to be the user associated with the policy. The user is validated to have access to a resource indicated by the parameter value, and the command is caused to be executed against the resource.