公开(公告)号：US20240223618A1

公开(公告)日：2024-07-04

申请号：US18604379

申请日：2024-03-13

Applicant: Amazon Technologies, Inc.

Inventor： Jacob A. Kjelstrup ,  Bharath Mukkati Prakash ,  Brigid Ann Johnson ,  Ujjwal Rajkumar Pugalia

IPC: H04L9/40 ,  G06N20/00

CPC classification number: H04L63/205 ,  G06N20/00 ,  H04L63/105

Abstract: Methods, systems, and computer-readable media for auto-tuning permissions using a learning mode are disclosed. A plurality of access requests to a plurality of services and resources by an application are determined during execution of the application in a learning mode in a pre-production environment. The plurality of services and resources are hosted in a multi-tenant provider network. A subset of the services and resources that were used by the application during the learning mode are determined. An access control policy is generated that permits access to the subset of the services and resources used by the application during the learning mode. The access control policy is attached to a role associated with the application to permit access to the subset of the services and resources in a production environment.

公开(公告)号：US11968241B1

公开(公告)日：2024-04-23

申请号：US16453931

申请日：2019-06-26

Applicant: Amazon Technologies, Inc.

Inventor： Jacob A. Kjelstrup ,  Bharath Mukkati Prakash ,  Brigid Ann Johnson ,  Ujjwal Rajkumar Pugalia

IPC: H04L9/40 ,  G06N20/00

CPC classification number: H04L63/205 ,  G06N20/00 ,  H04L63/105

Abstract: Methods, systems, and computer-readable media for auto-tuning permissions using a learning mode are disclosed. A plurality of access requests to a plurality of services and resources by an application are determined during execution of the application in a learning mode in a pre-production environment. The plurality of services and resources are hosted in a multi-tenant provider network. A subset of the services and resources that were used by the application during the learning mode are determined. An access control policy is generated that permits access to the subset of the services and resources used by the application during the learning mode. The access control policy is attached to a role associated with the application to permit access to the subset of the services and resources in a production environment.