-
公开(公告)号:US20230012869A1
公开(公告)日:2023-01-19
申请号:US17941613
申请日:2022-09-09
Applicant: Amazon Technologies, Inc.
Inventor: Anthony Joseph Suarez , Scott Kerns Windsor , Nare Hayrapetyan , Daniel Robert Gerdesmeier , Pooja Kalpana Prakash
Abstract: A request to store a container image is received from a device associated with a customer of a computing resource service provider. Validity of a security token associated with the request is authenticated using a cryptographic key maintained as a secret by the computing resource service provider. One or more layers of the container image is built based at least in part on at least one build artifact to form a set of built layers. The software image including the set of built layers is stored in a repository associated with the customer. A manifest of metadata for the set of built layers is stored in a database of a structured data store. The container image is obtained in the form of an obtained container image. The obtained container image is deployed as the software container in at least one virtual machine instance associated with the customer.
-
公开(公告)号:US20210042108A1
公开(公告)日:2021-02-11
申请号:US16940261
申请日:2020-07-27
Applicant: Amazon Technologies, Inc.
Inventor: Anthony Joseph Suarez , Scott Kerns Windsor , Nare Hayrapetyan , Daniel Robert Gerdesmeier , Pooja Kalpana Prakash
Abstract: A request to store a container image is received from a device associated with a customer of a computing resource service provider. Validity of a security token associated with the request is authenticated using a cryptographic key maintained as a secret by the computing resource service provider. One or more layers of the container image is built based at least in part on at least one build artifact to form a set of built layers. The software image including the set of built layers is stored in a repository associated with the customer. A manifest of metadata for the set of built layers is stored in a database of a structured data store. The container image is obtained in the form of an obtained container image. The obtained container image is deployed as the software container in at least one virtual machine instance associated with the customer.
-
公开(公告)号:US20170180346A1
公开(公告)日:2017-06-22
申请号:US14975631
申请日:2015-12-18
Applicant: Amazon Technologies, Inc.
Inventor: Anthony Joseph Suarez , Scott Kerns Windsor , Nare Hayrapetyan , Daniel Robert Gerdesmeier , Pooja Kalpana Prakash
CPC classification number: G06F8/71 , G06F8/63 , G06F9/45558 , G06F21/53 , G06F21/6209 , G06F2009/4557 , G06F2221/033
Abstract: A request to store, in first data store associated with a customer of a computing resource service provider, a software image is received, the request including a set of layers of the software image to be stored. As a result of successful authentication of the request, based at least in part on a security token included with the request, a subset of layers of the software image that have not previously been stored in the first data store are determined, based at least in part on first metadata obtained from a second data store, the subset of layers in the first data store are stored, second metadata about the subset of layers are stored in the second data store, and the software image is caused to be launched in a software container of an instance based at least in part on the subset of layers.
-
公开(公告)号:US11487530B2
公开(公告)日:2022-11-01
申请号:US16940261
申请日:2020-07-27
Applicant: Amazon Technologies, Inc.
Inventor: Anthony Joseph Suarez , Scott Kerns Windsor , Nare Hayrapetyan , Daniel Robert Gerdesmeier , Pooja Kalpana Prakash
Abstract: A request to update a software container image within a container registry hosted by a computing resource service provider is received from an entity associated with a customer account with the computing resource service provider, where the container registry is a scalable distributed data storage service. The software container image is stored in the container registry in association with the customer account. A layer of the software container image stored in the container registry is scanned for a reference identifier associated with a security vulnerability as a result of said scan finding the reference identifier within the software container image, notice is provided to the entity indicating that the security vulnerability was found. Software within the software container image is updated based at least in part on the vulnerability scan; and the update software is deployed.
-
公开(公告)号:US10725775B2
公开(公告)日:2020-07-28
申请号:US16383523
申请日:2019-04-12
Applicant: Amazon Technologies, Inc.
Inventor: Anthony Joseph Suarez , Scott Kerns Windsor , Nare Hayrapetyan , Daniel Robert Gerdesmeier , Pooja Kalpana Prakash
Abstract: A request to store a container image is received from a device associated with a customer of a computing resource service provider. Validity of a security token associated with the request is authenticated using a cryptographic key maintained as a secret by the computing resource service provider. One or more layers of the container image is built based at least in part on at least one build artifact to form a set of built layers. The software image including the set of built layers is stored in a repository associated with the customer. A manifest of metadata for the set of built layers is stored in a database of a structured data store. The container image is obtained in the form of an obtained container image. The obtained container image is deployed as the software container in at least one virtual machine instance associated with the customer.
-
Patent Agency Ranking
公开(公告)号:US10261782B2
公开(公告)日:2019-04-16
申请号:US14975631
申请日:2015-12-18
Applicant: Amazon Technologies, Inc.
Inventor: Anthony Joseph Suarez , Scott Kerns Windsor , Nare Hayrapetyan , Daniel Robert Gerdesmeier , Pooja Kalpana Prakash
Abstract: A request to store, in first data store associated with a customer of a computing resource service provider, a software image is received, the request including a set of layers of the software image to be stored. As a result of successful authentication of the request, based at least in part on a security token included with the request, a subset of layers of the software image that have not previously been stored in the first data store are determined, based at least in part on first metadata obtained from a second data store, the subset of layers in the first data store are stored, second metadata about the subset of layers are stored in the second data store, and the software image is caused to be launched in a software container of an instance based at least in part on the subset of layers.
-
公开(公告)号:US11789723B2
公开(公告)日:2023-10-17
申请号:US17941613
申请日:2022-09-09
Applicant: Amazon Technologies, Inc.
Inventor: Anthony Joseph Suarez , Scott Kerns Windsor , Nare Hayrapetyan , Daniel Robert Gerdesmeier , Pooja Kalpana Prakash
CPC classification number: G06F8/71 , G06F8/63 , G06F9/45558 , G06F21/53 , G06F21/6209 , G06F2009/4557 , G06F2221/033
Abstract: A request to store a container image is received from a device associated with a customer of a computing resource service provider. Validity of a security token associated with the request is authenticated using a cryptographic key maintained as a secret by the computing resource service provider. One or more layers of the container image is built based at least in part on at least one build artifact to form a set of built layers. The software image including the set of built layers is stored in a repository associated with the customer. A manifest of metadata for the set of built layers is stored in a database of a structured data store. The container image is obtained in the form of an obtained container image. The obtained container image is deployed as the software container in at least one virtual machine instance associated with the customer.
-
公开(公告)号:US20190235861A1
公开(公告)日:2019-08-01
申请号:US16383523
申请日:2019-04-12
Applicant: Amazon Technologies, Inc.
Inventor: Anthony Joseph Suarez , Scott Kerns Windsor , Nare Hayrapetyan , Daniel Robert Gerdesmeier , Pooja Kalpana Prakash
CPC classification number: G06F8/71 , G06F8/63 , G06F9/45558 , G06F21/53 , G06F21/6209 , G06F2009/4557 , G06F2221/033
Abstract: A request to store a container image is received from a device associated with a customer of a computing resource service provider. Validity of a security token associated with the request is authenticated using a cryptographic key maintained as a secret by the computing resource service provider. One or more layers of the container image is built based at least in part on at least one build artifact to form a set of built layers. The software image including the set of built layers is stored in a repository associated with the customer. A manifest of metadata for the set of built layers is stored in a database of a structured data store. The container image is obtained in the form of an obtained container image. The obtained container image is deployed as the software container in at least one virtual machine instance associated with the customer.
-
公开(公告)号:US10032032B2
公开(公告)日:2018-07-24
申请号:US14975637
申请日:2015-12-18
Applicant: Amazon Technologies, Inc.
Inventor: Anthony Joseph Suarez , Scott Kerns Windsor , Nare Hayrapetyan , Daniel Robert Gerdesmeier , Pooja Kalpana Prakash
Abstract: A request to a scan a software image for specified criteria is received, the software image comprising layers stored in a first data store. Metadata in a second data store, different from the first data store, is searched through to obtain information corresponding to the software image. A first set of the layers that matches the specified criteria is determined, based at least in part on the information. The first set of layers is marked as un-referenceable. Asynchronous to fulfillment of the request, a second set of layers of the layers to be deleted is determined, based at least in part on the metadata, the second set of layers including layers marked as un-referenceable, and the second set of layers is deleted.
-
公开(公告)号:US10002247B2
公开(公告)日:2018-06-19
申请号:US14975627
申请日:2015-12-18
Applicant: Amazon Technologies, Inc.
Inventor: Anthony Joseph Suarez , Scott Kerns Windsor , Nare Hayrapetyan , Daniel Robert Gerdesmeier , Pooja Kalpana Prakash
CPC classification number: G06F21/53 , G06F8/60 , G06F9/45558 , G06F21/31 , G06F2009/4557 , G06F2221/033
Abstract: A software image associated with a first customer of a computing resource service provider and criteria for identifying an event is received, the software image comprising a set of layers. The set of layers is stored in a first data store to form a stored set of layers, the first data store being physically located in a first region. The set of layers is copied to a second data store to form a copied set of layers, the second data store being physically located in a second region different from the first region. The copied set of layers is launched as a container executing in an instance that is physically located in the second region, and, as a result of identifying an occurrence of the event, the container is caused to be unavailable to an entity associated with the instance.
-
-
-
-
-
-
-
-
-
Search Results
12
records
(took 0.017 seconds)
