公开(公告)号：US10440151B2

公开(公告)日：2019-10-08

申请号：US16127140

申请日：2018-09-10

Applicant: Amazon Technologies, Inc.

Inventor： Edward Bradford Smith, II ,  Graeme David Baer ,  Manivannan Sundaram

IPC: H04L29/08 ,  H04L29/06

Abstract: The present document describes systems and methods that authorize client resources such as computers, servers, computing appliances, and virtual machines to access online services provided by an online service provider. To authorize a client resource, a client submits a registration request on behalf of the client resource to an authorization service provided by the service provider. The authorization service returns an activation code to the client. The activation code may expire after an amount of time, or upon first use. The client provides the activation code to an agent running on the client resource. The agent establishes communication with the authorization service, and upon providing the activation code to the authorization service, receives an authorization token that can be used by the client resource to access online services in accordance with security roles or permissions specified with the registration request.

公开(公告)号：US20180103066A1

公开(公告)日：2018-04-12

申请号：US15785314

申请日：2017-10-16

Applicant: Amazon Technologies, Inc.

Inventor： Amjad Hussain ,  Manivannan Sundaram ,  Sivaprasad Venkata Padisetty ,  Nikolaos Pamboukas ,  Alan Hadley Goodman

IPC: H04L29/06 ,  G06F21/62 ,  H04L12/24

CPC classification number: H04L63/20 ,  G06F21/62 ,  H04L41/22 ,  H04L41/28 ,  H04L63/105

Abstract: A selection of a document that includes a command and a parameter is received, and a user is caused to be associated with a policy that grants permission to execute the document. A request is received, from a requestor, to execute the document, the request including a parameter value, and the requestor is determined to be the user associated with the policy. The user is validated to have access to a resource indicated by the parameter value, and the command is caused to be executed against the resource.

公开(公告)号：US09882855B1

公开(公告)日：2018-01-30

申请号：US14725364

申请日：2015-05-29

Applicant: Amazon Technologies, Inc.

Inventor： Steven Merlin Twitchell ,  Emily Grace Aimette Freebairn ,  Amjad Hussain ,  Sivaprasad Venkata Padisetty ,  Manivannan Sundaram ,  Aaron Jeremiah Sheldon

IPC: G06F15/16 ,  H04L12/58 ,  G06F9/455

CPC classification number: G06F9/45558 ,  G06F9/54 ,  G06F2009/4557 ,  G06F2009/45595 ,  H04L51/30 ,  H04L51/34

Abstract: A method for communicating messages between a service and a virtual machine instance may include receiving a message from a service. The message includes a target instance identification of at least one virtual machine instance (VMI) to receive the message. A notification of the message and the target instance identification is stored in a message queue for each of a plurality of host servers associated with a plurality of VMIs. The message is stored in a message store without storing at least a portion of the message in the message queue. A request for undelivered messages is received from a VMI associated with a customer account. In response to the request, it is determined that a local cache contains an indication that the message is undelivered, where the local cache is within at least one of the plurality of host server computers associated with the VMI sending the request.

公开(公告)号：US20170195457A1

公开(公告)日：2017-07-06

申请号：US14984957

申请日：2015-12-30

Applicant: Amazon Technologies, Inc.

Inventor： Edward Bradford Smith, II ,  Graeme David Baer ,  Manivannan Sundaram

IPC: H04L29/08 ,  H04L29/06

CPC classification number: H04L67/327 ,  H04L63/06 ,  H04L63/061 ,  H04L63/08 ,  H04L63/10 ,  H04L63/102 ,  H04L63/123 ,  H04L63/166

Abstract: The present document describes systems and methods that authorize client resources such as computers, servers, computing appliances, and virtual machines to access online services provided by an online service provider. To authorize a client resource, a client submits a registration request on behalf of the client resource to an authorization service provided by the service provider. The authorization service returns an activation code to the client. The activation code may expire after an amount of time, or upon first use. The client provides the activation code to an agent running on the client resource. The agent establishes communication with the authorization service, and upon providing the activation code to the authorization service, receives an authorization token that can be used by the client resource to access online services in accordance with security roles or permissions specified with the registration request.

公开(公告)号：US20170118247A1

公开(公告)日：2017-04-27

申请号：US14975376

申请日：2015-12-18

Applicant: Amazon Technologies, Inc.

Inventor： Amjad Hussain ,  Manivannan Sundaram ,  Sivaprasad Venkata Padisetty ,  Nikolaos Pamboukas ,  Alan Hadley Goodman

IPC: H04L29/06 ,  H04L12/24

CPC classification number: H04L63/20 ,  G06F21/62 ,  H04L41/22 ,  H04L41/28 ,  H04L63/105

Abstract: A selection of a document that includes a command and a parameter is received, and a user is caused to be associated with a policy that grants permission to execute the document. A request is received, from a requestor, to execute the document, the request including a parameter value, and the requestor is determined to be the user associated with the policy. The user is validated to have access to a resource indicated by the parameter value, and the command is caused to be executed against the resource.

公开(公告)号：US20190007525A1

公开(公告)日：2019-01-03

申请号：US16127140

申请日：2018-09-10

Applicant: Amazon Technologies, Inc.

Inventor： Edward Bradford Smith, II ,  Graeme David Baer ,  Manivannan Sundaram

IPC: H04L29/08 ,  H04L29/06

CPC classification number: H04L67/327 ,  H04L63/06 ,  H04L63/061 ,  H04L63/08 ,  H04L63/10 ,  H04L63/102 ,  H04L63/123 ,  H04L63/166

Abstract: The present document describes systems and methods that authorize client resources such as computers, servers, computing appliances, and virtual machines to access online services provided by an online service provider. To authorize a client resource, a client submits a registration request on behalf of the client resource to an authorization service provided by the service provider. The authorization service returns an activation code to the client. The activation code may expire after an amount of time, or upon first use. The client provides the activation code to an agent running on the client resource. The agent establishes communication with the authorization service, and upon providing the activation code to the authorization service, receives an authorization token that can be used by the client resource to access online services in accordance with security roles or permissions specified with the registration request.

公开(公告)号：US10091055B2

公开(公告)日：2018-10-02

申请号：US14622765

申请日：2015-02-13

Applicant: Amazon Technologies, Inc.

Inventor： Manivannan Sundaram ,  Manoj Krishna Ghosh ,  Nikolaos Pamboukas ,  Martin Chen Mao ,  Aaron Jeremiah Sheldon ,  Sivaprasad Venkata Padisetty

IPC: G06F15/177 ,  H04L12/24 ,  G06F9/455 ,  G06F9/445 ,  G06F9/44

Abstract: A service is disclosed that allows configuration, management and deployment of instances. A configuration document can be stored by the service and one or more instance identifiers can be linked to the configuration document. As a result, multiple instances can be launched and configured using a single configuration document allowing for a consistent result across instances. Local agents running on the instances can execute plug-ins in order to effectuate the configuration. As a result, administrators of instances can configure, manage and easily deploy their unique instance configurations. Customers who manage their instances can scale and manage their entire fleet with repeatable configuration tasks that seamlessly integrate into their instance workflow.

公开(公告)号：US11550652B1

公开(公告)日：2023-01-10

申请号：US16684099

申请日：2019-11-14

Applicant: Amazon Technologies, Inc.

Inventor： Siddharth Arora ,  Forest Dale Johns ,  Tyler W. Carlton ,  Manas Dadarkar ,  Subbiah Ganesan ,  Manivannan Sundaram ,  Siva Padisetty ,  Sandeep Gonugunta ,  Abdou Mahmoud

IPC: G06F11/00 ,  G06F11/07 ,  G06F11/34 ,  G06F11/30 ,  G06F11/22

Abstract: This disclosure describes automatically collecting, analyzing, and remediating operational issues with respect to systems executing within a network. For example, a service provider network may include a monitoring service may generate notifications related to operational issues upon detection of operational issues within a system executing within the service provider network. The monitoring service may provide one or more notifications related to an aggregation service that may aggregate the one or more notifications into a standardized format. Contextual information related to the operational issues may be automatically gathered by an analytics service, which may analyze the contextual information to determine a potential cause of the operational issues. Based on the potential cause, a remediation service may automatically remediate the operational issues.

公开(公告)号：US10609080B2

公开(公告)日：2020-03-31

申请号：US15785314

申请日：2017-10-16

Applicant: Amazon Technologies, Inc.

Inventor： Amjad Hussain ,  Manivannan Sundaram ,  Sivaprasad Venkata Padisetty ,  Nikolaos Pamboukas ,  Alan Hadley Goodman

IPC: H04L29/06 ,  G06F21/62 ,  H04L12/24

Abstract: A selection of a document that includes a command and a parameter is received, and a user is caused to be associated with a policy that grants permission to execute the document. A request is received, from a requestor, to execute the document, the request including a parameter value, and the requestor is determined to be the user associated with the policy. The user is validated to have access to a resource indicated by the parameter value, and the command is caused to be executed against the resource.

公开(公告)号：US10348702B1

公开(公告)日：2019-07-09

申请号：US15353526

申请日：2016-11-16

Applicant: Amazon Technologies, Inc.

Inventor： Manivannan Sundaram ,  Ananth Vaidyanathan ,  Junyin Wu ,  Sivaprasad Venkata Padisetty

IPC: H04L29/06 ,  H04L9/08

Abstract: A technology is described for resolving command parameter that are included in command invocations. An example method may include receiving a request to invoke a command that includes a command parameter. The command may be executed by a software agent hosted on a computing resource managed within a service provider environment. In response to the request, a parameter value for the command parameter may be obtained from a parameter data store using a parameter ID. A command message having command instructions to execute the command the parameter value may be generated and the command message may be encrypted using a cryptographic key associated with the software agent. The command message may then be sent to the software agent, enabling the software agent to decrypt the command message and execute the command.