Capability based placement
    3.
    发明授权
    Capability based placement 有权
    基于能力的放置

    公开(公告)号:US09471352B1

    公开(公告)日:2016-10-18

    申请号:US14089644

    申请日:2013-11-25

    Abstract: Capability based placement can be used for placing virtual machine instances on server computers (which can be configured to support one or more virtual machine slots) that are capable of running the instances in an efficient manner. For example, capability tags can be determined from the detailed characteristics (e.g., detailed hardware, software, and/or other characteristics) of the server computer and/or slots. For example, capability tags can indicate capabilities such as disk throughput, network bandwidth, database support, encryption support, video editing support, etc. Requests to launch virtual machine instances can be received and capability tags can be determined from the requests. Servers and/or slots that match the determined capability tags can be identified and used for launching the instances.

    Abstract translation: 基于能力的布局可用于将虚拟机实例放置在能够以有效方式运行实例的服务器计算机(可配置为支持一个或多个虚拟机插槽)上。 例如,可以从服务器计算机和/或时隙的详细特征(例如,详细的硬件,软件和/或其它特征)来确定能力标签。 例如,能力标签可以指示诸如磁盘吞吐量,网络带宽,数据库支持,加密支持,视频编辑支持等功能。可以接收启动虚拟机实例的请求,并且可以根据请求确定能力标签。 可以识别与确定的能力标签匹配的服务器和/或时隙,并用于启动实例。

    Instance host configuration
    4.
    发明授权

    公开(公告)号:US09413604B2

    公开(公告)日:2016-08-09

    申请号:US14679824

    申请日:2015-04-06

    Abstract: Methods and apparatus for instance host configuration are disclosed. A system includes a plurality of instance hosts configurable for resource instances of a network-accessible service, and control servers to manage remote configuration of the instance hosts. In response to an instance configuration request from a client, a selected control server transmits, to a selected instance host, a sequence of one or more commands. The selected instance host instantiates a remote command executor. The remote command executor initiates configuration operations corresponding to the command sequence, and terminates. The selected control server provides a response to the instance configuration request, based at least in part on results of the operations initiated by the executor.

    Opportunistic initiation of potentially invasive actions
    5.
    发明授权
    Opportunistic initiation of potentially invasive actions 有权
    机会性地启动潜在的侵入性行为

    公开(公告)号:US09032400B1

    公开(公告)日:2015-05-12

    申请号:US13660668

    申请日:2012-10-25

    CPC classification number: G06F11/008

    Abstract: A system and method for opportunistically initiating potentially invasive actions on a computer system hosting virtual machine instances is described. When a specific state of operation of the VMI or computing service is detected, such as inactivity, an action, such as a reboot, kernel update, or other potentially invasive action can be performed on the software and/or hardware supporting the VMI. In addition to the foregoing, other aspects are described in the claims, detailed description, and figures.

    Abstract translation: 描述了在托管虚拟机实例的计算机系统上机会地启动潜在侵入动作的系统和方法。 当检测到VMI或计算服务的特定操作状态(诸如不活动)时,可以对支持VMI的软件和/或硬件执行诸如重新引导,内核更新或其他潜在侵入性动作的动作。 除了上述之外,其他方面在权利要求,详细描述和附图中描述。

    PORTABLE NETWORK INTERFACES FOR AUTHENTICATION AND LICENSE ENFORCEMENT

    公开(公告)号:US20220222593A1

    公开(公告)日:2022-07-14

    申请号:US17711790

    申请日:2022-04-01

    Abstract: Methods and apparatus for portable network interfaces to manage authentication and license enforcement. A system may include a plurality of resource instances including a producer instance configured to implement a network-accessible service, and an authentication coordinator. The coordinator may assign an interface record to the service, wherein the interface record comprises an IP address and a set of security properties. The coordinator may configure the security properties to allow a client to request an attachment of the interface record to a selected resource instance, such that the selected resource instance is enabled to transmit network messages from the IP address using one or more physical network interfaces of the selected resource instance. The producer resource instance initiates authentication operations for the service, including at least one authentication operation based on the IP address of the interface record.

    Trust-based resource allocation
    7.
    发明授权

    公开(公告)号:US11086648B1

    公开(公告)日:2021-08-10

    申请号:US16295594

    申请日:2019-03-07

    Abstract: Methods and systems for provisioning computing resource instances among implementation resources based on trust to reduce interference between computing resource instances implemented by the same implementation resources. In an embodiment, a trust rating is determined for a computing resource instance based at least in part on one or more trust factors. The suitability of an implementation resource to implement the given computing resource instance may be evaluated based at least in part on the trust rating of the computing resource instance and a trust rating of the implementation resource. In some embodiments, the trust rating of the implementation resource may be predefined or based on trust ratings of computing resource instances that are currently implemented by the implementation resource. An implementation resource may be selected to implement the computing resource instance based at least in part on its suitability thus determined.

    Managing use of program execution capacity

    公开(公告)号:US10915491B2

    公开(公告)日:2021-02-09

    申请号:US15860524

    申请日:2018-01-02

    Abstract: Techniques are described for managing execution of programs. In some situations, program execution is managed for multiple users using excess program execution capacity of one or more computing systems. In some such situations, excess or otherwise unused program execution capacity may be made available to execute programs on a temporary basis, such that the programs executing using the excess program execution capacity may be terminated at any time if other preferred use for the excess program execution capacity arises. The excess program execution capacity may in some situations be provided in conjunction with other dedicated program execution capacity that is allocated to particular users, such as to use unused dedicated capacity of some users as excess capacity for other users. In some situations, the techniques are used in conjunction with a fee-based program execution service that executes multiple programs on behalf of multiple users of the service.

    CONTEXT-BASED ACCESS CONTROLS
    10.
    发明申请

    公开(公告)号:US20200082065A1

    公开(公告)日:2020-03-12

    申请号:US16687435

    申请日:2019-11-18

    Abstract: A system includes access controls that allow or deny a request based at least in part on a context associated with the request. A service receives a request from a client, and forwards information that describes the request and the context of the request to a context management service. The context management service determines whether the request should be allowed by querying a set of context validation plugins. Each context validation plugin analyzes particular characteristics of a request's context, and based at least in part on the request's context, indicates to the context management service that the request should be allowed or denied. If a quorum of the context validation plugins indicate to the context management service that the request should be allowed, the context management service indicates to the service that the request is allowed within the provided context.

Patent Agency Ranking