公开(公告)号：US11159528B2

公开(公告)日：2021-10-26

申请号：US16457504

申请日：2019-06-28

Applicant: Amazon Technologies, Inc.

Inventor： Adam Charles Siefker ,  Sean Oczkowski ,  David Richardson ,  Samvid H. Dwarakanath ,  Marc John Brooker ,  Orr Weinstein

IPC: H04L29/06 ,  H04L12/24

Abstract: Systems and methods are described for facilitating authentication of hosted network services to other services. A target service, such as a database, may require specific authentication information, such as a username and password, to access the target service. While this information could be manually specified in the hosted network service, de-centralized storage of authentication information is generally discouraged by security best practices. This disclosure provides an authentication proxy system that reduces or eliminates a need for hosted network services to store authentication information for target services. Rather, the authentication proxy system can obtain authentication information for the hosted network service that is provided by a hosting system, and authenticate the hosted network service using that authentication information. If authenticated, the proxy system can retrieve authentication information for the target service, and pass operations from the hosted network service to the target service using the authentication information for the target service.

公开(公告)号：US11803524B1

公开(公告)日：2023-10-31

申请号：US16834944

申请日：2020-03-30

Applicant: Amazon Technologies, Inc.

Inventor： Samvid H. Dwarakanath ,  Sean Oczkowski ,  Rory Richardson

IPC: G06F16/21 ,  G06F16/242 ,  H04L67/56 ,  G06F16/2455

CPC classification number: G06F16/214 ,  G06F16/219 ,  G06F16/2448 ,  H04L67/56 ,  G06F16/24564

Abstract: Techniques for streamlined database migration with stored procedure extraction into on-demand execution environments are described. A stored procedure of a first database is obtained and a code segment corresponding to the stored procedure is deployed as a function of an on-demand code execution service. A client application may directly execute the stored procedure by issuing a call to the on-demand code execution service to invoke the function, or by issuing a request to execute the stored procedure that is intercepted by a database proxy, which services the request by invoking the function on the client application's behalf.

公开(公告)号：US11190609B2

公开(公告)日：2021-11-30

申请号：US16457570

申请日：2019-06-28

Applicant: Amazon Technologies, Inc.

Inventor： Adam Charles Siefker ,  Sean Oczkowski ,  David Richardson ,  Samvid H. Dwarakanath ,  Marc John Brooker ,  Orr Weinstein

IPC: H04L29/08 ,  H04L29/12 ,  H04L12/46 ,  H04L29/06

Abstract: Systems and methods are described for providing connection pools between source network devices and a target, connection-limited service. Each connection pool can facilitate connections between source devices and the target service, while ensuring that connections to the connection-limited service do not exceed a defined limit. A connection manager service can initialize a connection pool for a target service on request by a client device, and provide an identifier for the connection pool to the client device. Source network devices can then transmit operations for the target service to the connection manager service, which can route the operations to an appropriate connection pool based on the identifier.

公开(公告)号：US11115404B2

公开(公告)日：2021-09-07

申请号：US16457537

申请日：2019-06-28

Applicant: Amazon Technologies, Inc.

Inventor： Adam Charles Siefker ,  Sean Oczkowski ,  David Richardson ,  Samvid H. Dwarakanath ,  Marc John Brooker ,  Orr Weinstein

IPC: H04L29/06 ,  H04L29/08 ,  G06F9/455

Abstract: Systems and methods are described for facilitating service connections by user-defined code executing on an on-demand code execution system. Rather than hard code state information used by network services into the code, the code can be provided with an interface that augments requests for network services with state information. When the user-defined code is executed by the on-demand code execution system, additional code can also be executed that provides the interface. The user-defined code may access the target network service through the interface, as if the target network service existed locally to an environment of the code. The interface can then augment requests to the target network service with state information. Because state information is maintained outside the user-defined code, portability of the user-defined code can be increased.