-
公开(公告)号:US10257184B1
公开(公告)日:2019-04-09
申请号:US14500432
申请日:2014-09-29
Applicant: Amazon Technologies, Inc.
Inventor: Gaurang Pankaj Mehta , Shon Kiran Shah , Neelam Satish Agrawal , Lawrence Hun-Gi Aung
Abstract: A centralized policy management may allow for one set of credentials to various applications and services offered by a computing resource service provider or other third-party servers. An entity responsible for the administration of a directory made available through a managed directory service may specify one or more policies for users and/or groups of users that utilize the directory. For example, the managed directory service may include a policy management subsystem that manages a set of policies for users and/or groups of users that controls a level of access to applications and services. Administrators can assign one or more policies to a user or a group of users and users can select one or more policies provided to the user by the administrator when attempting to access an application or service.
-
公开(公告)号:US20180198829A1
公开(公告)日:2018-07-12
申请号:US15911493
申请日:2018-03-05
Applicant: Amazon Technologies, Inc.
Inventor: Gaurang Pankaj Mehta , Shon Kiran Shah , Krithi Rai , Guruprakash Bangalore Rao
CPC classification number: H04L63/205 , G06F21/44 , G06F21/604 , G06F21/62 , G06F21/6209 , G06F21/6218 , H04L61/1505 , H04L63/10 , H04L63/20
Abstract: Features are disclosed for facilitating management of network directories of multiple organizations by a directory management system. Various applications can access the directories of the organizations via the directory management system according to the permissions that the applications have been granted by the respective organizations. Organizations may maintain directories on-premises or off-premises, and the applications can access the directories via the directory management system regardless of the physical location of the directories. Additionally, the applications may be hosted by a computing service provider that also hosts or otherwise manages the directory management service, or the applications can be hosted by third-party servers separate from the directory management system and the organizations.
-
公开(公告)号:US09736159B2
公开(公告)日:2017-08-15
申请号:US14098298
申请日:2013-12-05
Applicant: Amazon Technologies, Inc.
Inventor: Shon Kiran Shah , Guruprakash Bangalore Rao , Thomas Christopher Rizzo , Gaurang Pankaj Mehta
IPC: H04L29/06
CPC classification number: H04L63/10 , G06F2221/2113 , H04L63/08 , H04L67/025
Abstract: A customer of a computing resource service provider may utilize a set of credentials to request creation of an identity pool within a managed directory service. Accordingly, the managed directory service may create the identity pool. Instead of having the customer create a separate account within this identity pool, the managed directory service may create a shadow administrator account within the identity pool, which may be used to manage other users and resources in the identity pool within the managed directory service. The managed directory service further exposes an application programming interface command that may be used to obtain a set of credentials for accessing the shadow administrator account. The customer may use this command to receive the set of credentials and access the shadow administrator account. Accordingly, the customer can manage users and resources in the identity pool within the managed directory service.
-
公开(公告)号:US10908937B2
公开(公告)日:2021-02-02
申请号:US14098323
申请日:2013-12-05
Applicant: Amazon Technologies, Inc.
Inventor: Shon Kiran Shah , Gaurang Pankaj Mehta , Thomas Christopher Rizzo , Guruprakash Bangalore Rao
Abstract: A customer utilizes an interface provided by a virtual computer system service to provision a virtual machine instance and join this instance to a directory. The interface may have previously obtained the domain name and the Internet Protocol addresses for one or more directories available to the customer for joining the virtual machine instance. The virtual computer system service may communicate with a managed directory service to obtain a set of temporary credentials that may be used to transmit a request to the directory to allow joining of the virtual machine instance. Upon provisioning of the instance, an agent operating within the instance may be configured to obtain the domain name and Internet Protocol addresses for the directory to establish a connection with the directory. The agent may also be configured to obtain the set of temporary credentials to transmit a request to the directory for joining of the instance.
-
公开(公告)号:US10530742B2
公开(公告)日:2020-01-07
申请号:US14098445
申请日:2013-12-05
Applicant: Amazon Technologies, Inc.
Inventor: Shon Kiran Shah , Guruprakash Bangalore Rao , Gaurang Pankaj Mehta , Thomas Christopher Rizzo , Sameer Palande , Krithi Rai
Abstract: Techniques for connecting computer system entities to remote computer system resources are described herein. A computer system entity that requests access to a remote computer system resource has that request fulfilled by a managed directory service which receives the request and connects the computer system entity to the remote computer system resource. While connected, the managed directory service receives commands to perform operations on the remote computer system resource and, if the computer system entity is authorized to perform the operations on the remote computer system resource, the managed directory service performs the operation on the remote computer system resource.
-
Patent Agency Ranking
公开(公告)号:US10355942B1
公开(公告)日:2019-07-16
申请号:US14499879
申请日:2014-09-29
Applicant: Amazon Technologies, Inc.
Inventor: Gaurang Pankaj Mehta , Shon Kiran Shah , Sameer Palande
IPC: G06F15/173 , H04L12/24 , H04L12/26 , H04L12/911 , G06Q10/00
Abstract: Features are disclosed for facilitating remote management of network directories of organizations by a directory management system. The network directories may change over time, experiencing growth in size and number of current connections, increased latency, reduced performance, and the like. The network directories may also shrink over time, experience fewer connections, etc. Organizations can define scaling policies by which the directory management system can automatically respond to the occurrence of various events, such as changes in the size or usage of the organizations' network directories, by scaling resources associated with the directories. The directory management system can perform various scaling actions on-demand or without requiring additional action by the organizations, thereby reducing the time and effort required by the organizations to monitor their own directories and implement (or request implementation of) changes.
-
公开(公告)号:US20170149780A1
公开(公告)日:2017-05-25
申请号:US15424691
申请日:2017-02-03
Applicant: Amazon Technologies, Inc.
Inventor: Erik Jonathon Tellvik , Gaurang Pankaj Mehta , Ajit Nagendra Padukone , Chirag Pravin Pandya , Colin Harrison Brace , Deepak Suryanarayanan , Guruprakash Bangalore Rao , Krithi Rai , Malcolm Russell Ah Kun , Sameer Palande , Shon Kiran Shah , Vivek Lakshmanan
IPC: H04L29/06
CPC classification number: H04L63/0807 , H04L63/083
Abstract: A virtual computing environment service may receive a request from a customer to provision a virtual computing environment and join the virtual computing environment to a managed directory. The virtual computing environment service may provision the virtual computing environment and uses a set of administrator credentials from the customer and a set of credentials corresponding to the environment to access the managed directory and request joining of the environment to the managed directory. In response, the managed directory may create a computer account corresponding to the environment and which enables the environment to be used to access the managed directory. The virtual computing environment service may then enable the customer to specify one or more users that may utilize the virtual computing environment to access the managed directory.
-
18.发明申请公开(公告)号:US20150135257A1
公开(公告)日:2015-05-14
申请号:US14098341
申请日:2013-12-05
Applicant: Amazon Technologies, Inc.
Inventor: Shon Kiran Shah , Gaurang Pankaj Mehta , Venakta N. S. S. Harsha Koonaparaju , Thomas Christopher Rizzo , Guruprakash Bangalore Rao
IPC: H04L29/06
CPC classification number: H04L63/08 , G06F9/45558 , G06F21/41 , G06F21/6218 , G06F2009/45587 , G06F2009/45595 , H04L63/0807 , H04L63/0815 , H04L63/10 , H04L63/102 , H04L63/104 , H04L63/105 , H04L63/20 , H04L67/02 , H04L67/10 , H04L67/306
Abstract: A user may utilize a set of credentials to access, through a managed directory service, one or more services provided by a computing resource service provider. The managed directory service may be configured to identify one or more policies applicable to the user. These policies may define the level of access to the one or more services provided by the computing resource service provider. Based at least in part on these policies, the managed directory service may transmit a request to an identity management system to obtain a set of temporary credentials that may be used to enable the user to access the one or more services. Accordingly, the managed directory service may be configured to enable the user, based at least in part on the policies and the set of temporary credentials, to access an interface, which can be used to access the one or more services.
Abstract translation: 用户可以利用一组凭证来通过托管目录服务访问由计算资源服务提供商提供的一个或多个服务。 托管目录服务可以被配置为识别适用于用户的一个或多个策略。 这些策略可以定义对由计算资源服务提供商提供的一个或多个服务的访问级别。 至少部分地基于这些策略,托管目录服务可以向身份管理系统发送请求以获得可以用于使得用户访问一个或多个服务的一组临时凭证。 因此,托管目录服务可以被配置为至少部分地基于策略和一组临时凭证来使用户能够访问可以用于访问一个或多个服务的接口。
-
公开(公告)号:US20200028752A1
公开(公告)日:2020-01-23
申请号:US16512170
申请日:2019-07-15
Applicant: Amazon Technologies, Inc.
Inventor: Gaurang Pankaj Mehta , Shon Kiran Shah , Sameer Palande
IPC: H04L12/24 , H04L12/26 , H04L12/911 , G06Q10/00
Abstract: Features are disclosed for facilitating remote management of network directories of organizations by a directory management system. The network directories may change over time, experiencing growth in size and number of current connections, increased latency, reduced performance, and the like. The network directories may also shrink over time, experience fewer connections, etc. Organizations can define scaling policies by which the directory management system can automatically respond to the occurrence of various events, such as changes in the size or usage of the organizations' network directories, by scaling resources associated with the directories. The directory management system can perform various scaling actions on-demand or without requiring additional action by the organizations, thereby reducing the time and effort required by the organizations to monitor their own directories and implement (or request implementation of) changes.
-
公开(公告)号:US10447610B1
公开(公告)日:2019-10-15
申请号:US14098446
申请日:2013-12-05
Applicant: Amazon Technologies, Inc.
Inventor: Shon Kiran Shah , Guruprakash Bangalore Rao , Thomas Christopher Rizzo , Connor John Yorks , Kevin Gillett , Gaurang Pankaj Mehta
IPC: H04L29/12 , H04L12/911 , G06F16/955 , G06F17/22 , H04L29/08 , H04L12/24
Abstract: Techniques for connecting computer system entities to remotely located computer system resources by redirecting locators are described herein. A computer system entity that requests access to a computer system resource may first obtain an identifier for that resource and, based on the identifier, may determine the region for that resource. A routing service then resolves the locator to locate a content management system that stores executable scripts that provide access to the computer system resources by redirecting the locator. The location of the executable scripts is based at least in part on the processing of the locator by the content management system.
-
-
-
-
-
-
-
-
-
Search Results
24
records
(took 0.019 seconds)
