公开(公告)号：US20160132808A1

公开(公告)日：2016-05-12

申请号：US14538719

申请日：2014-11-11

Applicant: AMAZON TECHNOLOGIES, INC.

Inventor： QUAN BINH TO ,  FREDERIK CHRISTOPHE DELACOURT ,  SHESHADRI SUPREETH KOUSHIK ,  CHRISTOPHER WHITAKER ,  BENJAMIN DAVID NEWMAN ,  JULIEN JACQUES ELLIE ,  ZACHARY THOMAS CROWELL

IPC: G06Q10/06

CPC classification number: G06Q10/06315 ,  Y02P90/86

Abstract: A service provider system may implement an enterprise catalog service that manages catalogs and portfolios of software products (e.g., desktop applications and server products) on behalf of service provider customer organizations. Through the service, a customer organization administrator may create a portfolio (e.g., a container) and configure the portfolio for subsequent use by end users in the organization, which may include adding products, users, permissions, and constraints on the usage of the products (individually or collectively) to the portfolio for all authorized end users or particular end users. Portfolios may be shared with other administrators by publishing them or through direct notification of sharing. A recipient of a shared portfolio may, after importing it, further restrict access to the portfolio or the use of the products therein, but cannot modify the portfolio itself. Changes made by a portfolio owner may be propagated to authorized users and to portfolio importers automatically.

Abstract translation: 服务提供商系统可以代表服务提供商客户组织来实施管理软件产品（例如，桌面应用和服务器产品）的目录和组合的企业目录服务。 通过该服务，客户组织管理员可以创建投资组合（例如，容器）并配置投资组合以供组织中的最终用户随后使用，其中可能包括添加产品，用户，权限以及产品使用限制 （个人或集体）到所有授权的最终用户或特定最终用户的投资组合。 投资组合可以通过发布或通过直接的共享通知与其他管理员共享。 共享投资组合的收件人可以在进口之后进一步限制对投资组合的访问或其中的产品的使用，但不能修改投资组合本身。 投资组合所有者进行的变更可能会自动传播给授权用户和组合进口商。

公开(公告)号：US20180212898A1

公开(公告)日：2018-07-26

申请号：US15936238

申请日：2018-03-26

Applicant: Amazon Technologies, Inc.

Inventor： AVINASH JAISINGHANI ,  RETO KRAMER ,  PRASHANT JAYARAMAN ,  CHRISTOPHER WHITAKER ,  VENKATES PARAMASIVAM BALAKRISHNAN

IPC: H04L12/911 ,  G06F9/50 ,  H04L12/24 ,  H04L29/08

CPC classification number: H04L47/827 ,  G06F9/5061 ,  H04L29/08072 ,  H04L41/0806 ,  H04L69/329

Abstract: A resource stack managed by a resource stack provider is created based on a resource stack template that integrates a custom resource from a second provider into the resource stack using a notification system with the second provider. For example, a customer may create a template that defines a resource stack that comprises resources available from the resource stack provider and one or more custom resources provided by a second provider. When a resource stack is created, resources available from the resource stack provider may be provisioned. Custom resources may be initialized by notifying the provider of the custom resource of the requested integration of the custom resource with the resource stack and requested configuration details. The custom resource provider may respond with an indication of successful integration when the custom resource has been successfully initialized. After initializing the resources, the resource stack may be enabled for use.

公开(公告)号：US20160132806A1

公开(公告)日：2016-05-12

申请号：US14538718

申请日：2014-11-11

Applicant: Amazon Technologies, Inc.

Inventor： QUAN BINH TO ,  CHRISTOPHER WHITAKER ,  SHESHADRI SUPREETH KOUSHIK ,  BENJAMIN DAVID NEWMAN ,  JULIEN JACQUES ELLIE ,  ZACHARY THOMAS CROWELL

IPC: G06Q10/06 ,  G06F3/0482 ,  G06F9/445 ,  H04L29/08 ,  G06Q30/00

CPC classification number: G06Q10/06313 ,  G06Q30/018 ,  Y02P90/86

Abstract: A service provider system may implement an enterprise catalog service that manages catalogs or portfolios of software products (e.g., desktop applications and server products) on behalf of service provider customer organizations. Through the enterprise catalog service, an administrator in a customer organization may discover, select, and ingest products (e.g., based on their features, pricing, and terms), and may add them to catalogs or portfolios for subsequent use by end users in the organization. The administrator may apply constraints on product use and limit product access to particular end users. The products may include third party products that are made available through the enterprise catalog service and a customer's own applications. The enterprise catalog service may monitor usage of third party products and bill the customer organization. Products managed by the enterprise catalog service may be deployed through an application fulfillment platform or resource stack management platform.

Abstract translation: 服务提供商系统可以代表服务提供商客户组织实施管理软件产品（例如，桌面应用和服务器产品）的目录或组合的企业目录服务。 通过企业目录服务，客户组织中的管理员可以发现，选择和摄取产品（例如，基于其功能，定价和条款），并将其添加到目录或投资组合中，供最终用户随后使用 组织。 管理员可以对产品使用施加限制，并限制对特定最终用户的产品访问。 产品可能包括通过企业目录服务提供的第三方产品和客户自己的应用程序。 企业目录服务可以监控第三方产品的使用情况并向客户组织收费。 可以通过应用程序履行平台或资源堆栈管理平台部署企业目录服务管理的产品。

公开(公告)号：US20140365668A1

公开(公告)日：2014-12-11

申请号：US14473037

申请日：2014-08-29

Applicant: Amazon Technologies, Inc.

Inventor： AVINASH JAISINGHANI ,  RETO KRAMER ,  CHRISTOPHER WHITAKER ,  NISHANTH SHANKARAN ,  JAYKUMAR H. GOSAR ,  JEFFREY L. BAKER ,  DANIEL OSIECKI ,  DANNY RABBANI ,  PRASHANT JAYARAMAN ,  VENKATES P. BALAKRISHNAN ,  ADAM M. THOMAS

IPC: H04L12/923 ,  H04L12/24

CPC classification number: H04L47/762 ,  G06F8/65 ,  H04L41/0816

Abstract: Techniques are described that enable a user to upgrade a stack of resources by providing a template that reflects the desired end state of the stack. Upon receiving a new template, the system automatically detects changes that should be performed and determines the order in which the changes should be performed. The system can also detect if the desired changes to the stack are a result of direct modifications; because parameters to the resources have changed; or the changes are indirectly caused by other dependency/attribute changing. Additionally, the system determines whether the changes require creating new resources or if the changes can be made to the resources live. In case of replacement of resources, the system will first create the new resource, move that new resource into the stack and remove the old resource(s). In case of failures, the system ensures that the stack rolls back to the initial state.

Abstract translation: 描述了使得用户能够通过提供反映堆栈的期望结束状态的模板来升级资源堆栈的技术。 系统收到新模板后，会自动检测应执行的更改，并确定应执行更改的顺序。 系统还可以检测对堆栈的所需更改是否是直接修改的结果; 因为资源的参数已经改变了; 或更改间接地由其他依赖/属性更改引起。 此外，系统确定更改是否需要创建新资源，或者是否可以对资源进行更改。 在更换资源的情况下，系统将首先创建新资源，将该新资源移入堆栈并删除旧的资源。 在故障的情况下，系统确保堆栈回滚到初始状态。

公开(公告)号：US20160269446A1

公开(公告)日：2016-09-15

申请号：US15162323

申请日：2016-05-23

Applicant: Amazon Technologies, Inc.

Inventor： AVINASH JAISINGHANI ,  RETO KRAMER ,  CHRISTOPHER WHITAKER ,  VENKATES P. BALAKRISHNAN ,  PRASHANT JAYARAMAN ,  RICHARD CURTIS EDWARDS, JR.

IPC: H04L29/06

Abstract: Systems and methods are described for enabling users to model security resources and user access keys as resources in a template language. The template can be used to create and update a stack of resources that will provide a network-accessible service. The security resources and access keys can be referred to in the template during both stack creation process and the stack update process. The security resources can include users, groups and policies. Additionally, users can refer to access keys in the template as dynamic parameters without any need to refer to the access keys in plaintext. The system securely stores access keys within the system and allows for templates to refer to them once defined. These key references can then be passed within a template to resources that need them as well as passing them on securely to resources like server instances through the use of the user-data field.

公开(公告)号：US20160132805A1

公开(公告)日：2016-05-12

申请号：US14538714

申请日：2014-11-11

Applicant: AMAZON TECHNOLOGIES, INC.

Inventor： FREDERIK CHRISTOPHE DELACOURT ,  QUAN BINH TO ,  CHRISTOPHER WHITAKER ,  RICHARD CURTIS EDWARDS, Jr. ,  JULIEN JACQUES ELLIE ,  ZACHARY THOMAS CROWELL ,  BENJAMIN DAVID NEWMAN

IPC: G06Q10/06 ,  G06F9/44 ,  G06F9/445

Abstract: A service provider system may implement an enterprise catalog service that manages software products and portfolios of software products on behalf of service provider customer organizations. Through an administrator interface of the service, a customer organization administrator may create constraints on the use of the software products, and each constraint may include one or more rules about how the products can be launched. These may include environmental constraints (specifying a region in which a product launches), restrictions on input parameter values (including the types of resource instances on which a product can be launched), quotas (controlling the number of product installations), or billing constraints. Constraints may be applied on a user-to-product arc or on a portfolio-to-product arc. Constraints may be stored as objects, and reference to those objects may be added to product or portfolio objects. Constraints may be shared across object versions, portfolios, or service provider customer accounts.

Abstract translation: 服务提供商系统可以实现代表服务提供商客户组织管理软件产品和软件产品组合的企业目录服务。 通过该服务的管理员界面，客户组织管理员可以对软件产品的使用创建约束，并且每个约束可以包括关于如何启动产品的一个或多个规则。 这些可能包括环境限制（指定产品启动的区域），对输入参数值的限制（包括可以启动产品的资源实例的类型），配额（控制产品安装数量）或计费限制 。 约束可以应用于用户到产品的弧线或投资组合到产品弧上。 约束可以存储为对象，并且可以将对这些对象的引用添加到产品或投资组合对象。 约束可以在对象版本，投资组合或服务提供商客户帐户之间共享。

公开(公告)号：US20160072920A1

公开(公告)日：2016-03-10

申请号：US14930482

申请日：2015-11-02

Applicant: Amazon Technologies, Inc.

Inventor： RETO KRAMER ,  DANIEL LEE OSIECKI ,  NISHANTH SHANKARAN ,  VENKATES P. BALAKRISHNAN ,  GEOFFREY SCOTT PARE ,  BLAKE MEIKE ,  CHRISTOPHER WHITAKER

IPC: H04L29/08

CPC classification number: H04L67/34 ,  H04L41/0843 ,  H04L67/1097

Abstract: A resource provisioning service allows users to provision multiple, different network resources in an atomic manner and with a single call to a resource provisioning service. In some instances, the multiple, different network resources comprise individual types of resources that form a portion of one or more cloud-computing platforms. For instance, one or more entities may host and operate a cloud-computing platform that includes different types of network resources, such a storage service, a load balancing service, a compute service, a security service, or any other similar or different type of network-accessible service.

Abstract translation: 资源配置服务允许用户以原子方式和对资源供应服务的单个呼叫来配置多个不同的网络资源。 在一些情况下，多个不同的网络资源包括形成一个或多个云计算平台的一部分的各种类型的资源。 例如，一个或多个实体可以托管和操作包括不同类型的网络资源的云计算平台，例如存储服务，负载平衡服务，计算服务，安全服务或任何其他类似或不同类型的 网络可访问服务。

公开(公告)号：US20150288618A1

公开(公告)日：2015-10-08

申请号：US14739774

申请日：2015-06-15

Applicant: Amazon Technologies, Inc.

Inventor： AVINASH JAISINGHANI ,  RETO KRAMER ,  PRASHANT JAYARAMAN ,  CHRISTOPHER WHITAKER ,  VENKATES PARAMASIVAM BALAKRISHNAN

IPC: H04L12/911

CPC classification number: H04L47/827 ,  G06F9/5061 ,  H04L29/08072 ,  H04L41/0806

Abstract: A resource stack managed by a resource stack provider is created based on a resource stack template that integrates a custom resource from a second provider into the resource stack using a notification system with the second provider. For example, a customer may create a template that defines a resource stack that comprises resources available from the resource stack provider and one or more custom resources provided by a second provider. When a resource stack is created, resources available from the resource stack provider may be provisioned. Custom resources may be initialized by notifying the provider of the custom resource of the requested integration of the custom resource with the resource stack and requested configuration details. The custom resource provider may respond with an indication of successful integration when the custom resource has been successfully initialized. After initializing the resources, the resource stack may be enabled for use.

Abstract translation: 由资源堆栈提供者管理的资源堆栈是基于资源堆栈模板创建的，该资源堆栈模板使用与第二供应商的通知系统将来自第二供应商的自定义资源集成到资源堆栈中。 例如，客户可以创建定义资源堆栈的模板，该资源堆栈包括可从资源堆栈提供者获得的资源和由第二供应商提供的一个或多个自定义资源。 当创建资源堆栈时，可以提供资源堆栈提供者可用的资源。 可以通过向提供商通过资源堆栈和请求的配置详细信息通知提供者请求的自定义资源集成的自定义资源来初始化自定义资源。 当自定义资源已成功初始化时，自定义资源提供者可以响应成功集成的指示。 资源初始化后，可以启用资源堆栈使用。

公开(公告)号：US20150150081A1

公开(公告)日：2015-05-28

申请号：US14611933

申请日：2015-02-02

Applicant: Amazon Technologies, Inc.

Inventor： AVINASH JAISINGHANI ,  RETO KRAMER ,  CHRISTOPHER WHITAKER ,  VENKATES P. BALAKRISHNAN ,  PRASHANT JAYARAMAN ,  RICHARD CURTIS EDWARDS, JR.

IPC: H04L29/06

CPC classification number: H04L63/20 ,  H04L41/0806 ,  H04L63/06 ,  H04L63/0823 ,  H04L63/10 ,  H04L63/102

Abstract: Systems and methods are described for enabling users to model security resources and user access keys as resources in a template language. The template can be used to create and update a stack of resources that will provide a network-accessible service. The security resources and access keys can be referred to in the template during both stack creation process and the stack update process. The security resources can include users, groups and policies. Additionally, users can refer to access keys in the template as dynamic parameters without any need to refer to the access keys in plaintext. The system securely stores access keys within the system and allows for templates to refer to them once defined. These key references can then be passed within a template to resources that need them as well as passing them on securely to resources like server instances through the use of the user-data field.

Abstract translation: 描述了系统和方法，使用户能够将安全资源和用户访问密钥建模为模板语言中的资源。 该模板可用于创建和更新将提供网络可访问服务的一堆资源。 在堆栈创建过程和堆栈更新过程期间，可以在模板中引用安全资源和访问密钥。 安全资源可以包括用户，组和策略。 另外，用户可以将模板中的访问密钥引用为动态参数，无需以明文方式引用访问密钥。 系统安全地存储系统内的访问密钥，并允许模板在定义后引用它们。 然后，这些关键引用可以在模板中传递到需要它们的资源，并通过使用用户数据字段将它们安全地传递给诸如服务器实例的资源。