公开(公告)号：US20210044504A1

公开(公告)日：2021-02-11

申请号：US16933172

申请日：2020-07-20

Applicant: Amazon Technologies, Inc.

Inventor： Varun Verma ,  Daniel Rabinovich ,  Shobha Agrawal ,  Josephine Reiko Gibney ,  Rucha Nene

IPC: H04L12/24 ,  H04L29/08

Abstract: Policies can be applied to, and enforced for, specific resources by applying a corresponding tag to those resources. An entity, such as a customer of a resource provider, can generate one or more policies to be applied to a set of resources, where those policies can relate to data retention, backup, lifecycle events, and other such aspects. Each policy can be associated with a particular tag, which may comprise a key-value pair to be applied to various resources. A policy enforcement manager can determine the tagged resources and ensure that the relevant policies are applied. The policies can include logic or intelligence for performing a variety of tasks with respect to resources, groups of resources, or types of resources, as identified using the tags.

公开(公告)号：US10909094B1

公开(公告)日：2021-02-02

申请号：US15967433

申请日：2018-04-30

Applicant: Amazon Technologies, Inc.

Inventor： Sandeep Kumar ,  Ankit Singh ,  Varun Verma ,  Rajkrishnan Parameswaran

IPC: G06F16/21 ,  G06F16/27

Abstract: Systems and methods are provided to implement a metadata record migration system that schedules the migrations of metadata records that are frequently mutated. In embodiments, the scheduler collects timing data of jobs that modify the metadata records, including the timing of various mutation operations within the jobs. In embodiments, when it is determined that a metadata record is to be migrated to a different storage location, the scheduler determines a time to migrate the metadata record. The migration time may lie within a migration window, selected based on an expected migration time needed for the metadata record and the collected time data in order to reduce a probability that record mutations will occur during the migration. In embodiments, the jobs may be snapshot jobs that modify a snapshot record, and the migration may be performed as a result of a cell partitioning operation occurring within the snapshotting system.

公开(公告)号：US20160286003A1

公开(公告)日：2016-09-29

申请号：US14668543

申请日：2015-03-25

Applicant: Amazon Technologies, Inc.

Inventor： David Pessis ,  Nelamangal Krishnaswamy Srinivas ,  Hakimuddin Hanif ,  Eugene Michael Farrell ,  Deepak Suryanarayanan ,  Varun Verma ,  Erik Jonathon Tellvik ,  Nathan Bartholomew Thomas

IPC: H04L29/06

CPC classification number: H04L67/42 ,  G06F9/45558 ,  G06F9/541 ,  G06F2009/4557 ,  H04L67/08 ,  H04L69/18

Abstract: A method for selecting a communication protocol for a virtual desktop instance in a service provider environment may include providing to a client computing device, access to a virtual desktop instance running on a server computer using a first communication channel associated with a first communication protocol. A request for functionality from a user of the device is detected, the requested functionality being unsupported by the first communication protocol. A second communication protocol from a plurality of available communication protocols may be selecting based on the requested functionality. The second communication protocol may support the requested functionality. A user authorization for using the second communication protocol can be verified. Upon successful verification, a second communication channel is established between the server computer and the device using the second communication protocol for performing the functionality, while maintaining access to the virtual desktop instance using the first communication channel.

Abstract translation: 用于在服务提供商环境中为虚拟桌面实例选择通信协议的方法可以包括向客户端计算设备提供对使用与第一通信协议相关联的第一通信信道在服务器计算机上运行的虚拟桌面实例的访问。 检测到来自设备的用户的功能请求，所请求的功能被第一通信协议不支持。 来自多个可用通信协议的第二通信协议可以基于所请求的功能进行选择。 第二通信协议可以支持所请求的功能。 可以验证用于使用第二通信协议的用户授权。 在成功验证之后，使用第二通信协议在服务器计算机和设备之间建立第二通信信道来执行功能，同时使用第一通信信道保持对虚拟桌面实例的访问。

公开(公告)号：US11502824B2

公开(公告)日：2022-11-15

申请号：US16909814

申请日：2020-06-23

Applicant: Amazon Technologies, Inc.

Inventor： Sandeep Kumar ,  Danny Wei ,  Lalit Jain ,  Varun Verma ,  Oscar Allen Grim Courchaine ,  Kristina Kraemer Brenneman ,  Sriram Venugopal ,  Arvind Chandrasekar

IPC: H04L9/08 ,  H04L9/06 ,  H04L9/14

Abstract: Generally described, one or more aspects of the present application correspond to techniques for creating encrypted block store volumes of data from unencrypted object storage snapshots of the volumes. These encryption techniques use a special pool of servers for performing the encryption. These encryption servers are not accessible to users, and they perform encryption and pass encrypted volumes to other block store servers for user access. The encryption context for the volumes can be persisted on the encryption severs for as long as needed for encryption and not shared with the user-facing servers in order to prevent user access to encryption context.

公开(公告)号：US20200322138A1

公开(公告)日：2020-10-08

申请号：US16909814

申请日：2020-06-23

Applicant: Amazon Technologies, Inc.

Inventor： Sandeep Kumar ,  Danny Wei ,  Lalit Jain ,  Varun Verma ,  Oscar Allen Grim Courchaine ,  Kristina Kraemer Brenneman ,  Sriram Venugopal ,  Arvind Chandrasekar

IPC: H04L9/08 ,  H04L9/06 ,  H04L9/14

Abstract: Generally described, one or more aspects of the present application correspond to techniques for creating encrypted block store volumes of data from unencrypted object storage snapshots of the volumes. These encryption techniques use a special pool of servers for performing the encryption. These encryption servers are not accessible to users, and they perform encryption and pass encrypted volumes to other block store servers for user access. The encryption context for the volumes can be persisted on the encryption severs for as long as needed for encryption and not shared with the user-facing servers in order to prevent user access to encryption context.

公开(公告)号：US10705690B1

公开(公告)日：2020-07-07

申请号：US14644064

申请日：2015-03-10

Applicant: Amazon Technologies, Inc.

Inventor： Gaurang Pankaj Mehta ,  Varun Verma

IPC: H04L12/18 ,  G06F3/0484

Abstract: A virtual desktop service may receive a request from a user to provision a virtual desktop and establish a secure communications connection between the virtual desktop service, a user client device, and additional client devices via a proxy server in order to stream same feed or virtual screens from the virtual desktop to multiple client devices. The virtual desktop service may provide for natively sharing or multiplexing an entire data stream from a virtual desktop to multiple client devices or natively sharing or multiplexing portions of a data stream from a virtual desktop to render each portion on a different client device.

公开(公告)号：US10452453B1

公开(公告)日：2019-10-22

申请号：US15902950

申请日：2018-02-22

Applicant: Amazon Technologies, Inc.

Inventor： Sandeep Kumar ,  Ankit Singh ,  Varun Verma

IPC: G06F15/173 ,  G06F9/50 ,  G06F11/07 ,  G06F3/06

Abstract: A router of a block-level data storage service receives a request to generate a snapshot of a block device. The router, based on routing metadata for the block-level data storage service, identifies active metadata that indicates a first cell that may maintain the block device and alternate metadata that indicates a second cell that may maintain the block device. Based on a first state of the block device in the first cell, a second state of the block device in the second cell, and a predetermined set of rules defining operations corresponding to outcomes associated with the first state and the second state, the router determines which of the first cell and the second cell authoritatively maintains the block device. The router transmits the request to the appropriate cell in accordance with the predetermined set of rules.

公开(公告)号：US20190317780A1

公开(公告)日：2019-10-17

申请号：US16389796

申请日：2019-04-19

Applicant: Amazon Technologies, Inc.

Inventor： Nathan Bartholomew Thomas ,  Varun Verma ,  Deepak Suryanarayanan ,  Ajit Nagendra Padukone ,  Nakul Namdeo Dhande

IPC: G06F9/455 ,  G06F9/48 ,  G06F9/50 ,  H04L29/08 ,  G06F9/451

Abstract: A computing system that provides virtual computing services may generate and manage remote computing sessions between client computing devices and virtual desktop instances hosted on the service provider's network. A computing resource instance manager may monitor connections to and disconnections from a virtual desktop instance during particular time periods, and may apply a resource management policy to determine whether and when to shut down an underlying virtualized computing resource instance following a disconnection (e.g., immediately, after some period of time, or only between certain hours). A storage volume for the virtual desktop instance may be detached during a shutdown. In response to a reconnection request, the virtualized computing resource instance (or another such instance) may be restarted and the storage volume may be reattached. The computing resource instance manager may develop a model for predicting when to shut down or restart an instance based on historical data or machine learning.

公开(公告)号：US11048534B2

公开(公告)日：2021-06-29

申请号：US16389796

申请日：2019-04-19

Applicant: Amazon Technologies, Inc.

Inventor： Nathan Bartholomew Thomas ,  Varun Verma ,  Deepak Suryanarayanan ,  Ajit Nagendra Padukone ,  Nakul Namdeo Dhande

IPC: G06F9/455 ,  G06F9/48 ,  G06F9/50 ,  H04L29/08 ,  G06F9/451

Abstract: A computing system that provides virtual computing services may generate and manage remote computing sessions between client computing devices and virtual desktop instances hosted on the service provider's network. A computing resource instance manager may monitor connections to and disconnections from a virtual desktop instance during particular time periods, and may apply a resource management policy to determine whether and when to shut down an underlying virtualized computing resource instance following a disconnection (e.g., immediately, after some period of time, or only between certain hours). A storage volume for the virtual desktop instance may be detached during a shutdown. In response to a reconnection request, the virtualized computing resource instance (or another such instance) may be restarted and the storage volume may be reattached. The computing resource instance manager may develop a model for predicting when to shut down or restart an instance based on historical data or machine learning.

公开(公告)号：US10122828B1

公开(公告)日：2018-11-06

申请号：US14547821

申请日：2014-11-19

Applicant: Amazon Technologies, Inc.

Inventor： Varun Verma

IPC: G06F15/16 ,  H04L29/06 ,  H04L29/12

Abstract: Systems and methods for geographic-aware virtual desktops are disclosed. In one example, a pool of network addresses can be maintained. Each network address can be associated with a respective geographical location. The pool of network addresses can include network addresses associated with different respective geographical locations. A geographical location associated with a client device accessing a virtual desktop can be determined. An external-facing network address can be selected from the pool of network addresses based on the geographical location associated with the client device. The external-facing network address can be assigned for network traffic associated with the virtual desktop.