-
公开(公告)号:US12282540B1
公开(公告)日:2025-04-22
申请号:US17020642
申请日:2020-09-14
Applicant: Amazon Technologies, Inc.
Inventor: Samartha Chandrashekar
Abstract: An emulated hardware security device is configured for a compute instance. A state descriptor of the compute instance comprising software identification metadata prepared using the emulated hardware security device is provided to a resource verifier. The metadata identifies a program to be executed at the compute instance. In response to a response received from the resource verifier, a decision is made as to whether to execute the software program at the compute instance.
-
公开(公告)号:US20240118915A1
公开(公告)日:2024-04-11
申请号:US18489752
申请日:2023-10-18
Applicant: Amazon Technologies, Inc.
Inventor: Samartha Chandrashekar , Francois Daniels
CPC classification number: G06F9/45558 , H04L67/34 , G06F2009/4557 , G06F2009/45595
Abstract: Methods, systems, and computer-readable media for automated management of machine images are disclosed. A machine image management system determines that a trigger for a machine image build process has occurred. The machine image management system performs the machine image build process responsive to the trigger. The machine image build process generates a machine image, and the machine image comprises a plurality of operating system components associated with an application. The machine image is validated by the machine image management system for compliance with one or more policies. The machine image management system provides the machine image to one or more recipients. One or more compute resources are launched using the machine image, and the application is executed on the compute resource(s) launched using the machine image.
-
公开(公告)号:US12212568B1
公开(公告)日:2025-01-28
申请号:US17337900
申请日:2021-06-03
Applicant: Amazon Technologies, Inc.
Inventor: Samartha Chandrashekar
Abstract: An attestation service is configured to receive a request to enable attestation for a compute instance according to an attestation policy indicating one or more baseline health measurement values for validating compute instances. The attestation service provides a network endpoint for the compute instance to request attestation. The attestation service receives, via the network endpoint from a compute instance, one or more health measurement values of the compute instance. The attestation service validates the compute instance based at least on a comparison of the one or more current health measurement values and the one or more baseline health measurement values. The attestation service, in response to validating the compute instance, generates an attestation token indicating that the compute instance is authorized to access a secured resource of the provider network.
-
公开(公告)号:US11915026B1
公开(公告)日:2024-02-27
申请号:US17020634
申请日:2020-09-14
Applicant: Amazon Technologies, Inc.
Inventor: Samartha Chandrashekar , Archana Srikanta
CPC classification number: G06F9/45558 , G06F9/4881 , G06F9/5077 , G06F9/547 , G06F21/606 , G06F2009/45587
Abstract: In accordance with input received via a programmatic interface, a level of isolation at which a software container is to be executed is determined. Based on the level of isolation, a category of virtual machines of a virtualized computing service is selected for executing the software containers. The selected category differs from other categories in at least the number of devices emulated for virtual machines of the categories. The software container is run within a virtual machine of the selected category.
-
公开(公告)号:US11467826B1
公开(公告)日:2022-10-11
申请号:US17110711
申请日:2020-12-03
Applicant: Amazon Technologies, Inc.
Inventor: Vivek Chawda , Daniel John Scholl , Koushik Rajagopal , Roland Mesde , Sophia Tsang , Samartha Chandrashekar , Raviprasad V. Mummidi , Sriram Venkatadri
Abstract: Disclosed are various embodiments for the extraction of isolated nodes during source code refactoring. A graph model representative of a computing application is generated having nodes and bridges that connect some nodes to other nodes. An application component corresponding to a selected one of the nodes may be extracted from the computing application. An independently deployable component of the computing application may be generated and deployed on a network service such that the independently deployable component is accessible through a network-based call.
-
Patent Agency Ranking
公开(公告)号:US20210157623A1
公开(公告)日:2021-05-27
申请号:US16698431
申请日:2019-11-27
Applicant: Amazon Technologies, Inc.
Inventor: Samartha Chandrashekar , Francois Daniels
Abstract: Methods, systems, and computer-readable media for automated management of machine images are disclosed. A machine image management system determines that a trigger for a machine image build process has occurred. The machine image management system performs the machine image build process responsive to the trigger. The machine image build process generates a machine image, and the machine image comprises a plurality of operating system components associated with an application. The machine image is validated by the machine image management system for compliance with one or more policies. The machine image management system provides the machine image to one or more recipients. One or more compute resources are launched using the machine image, and the application is executed on the compute resource(s) launched using the machine image.
-
公开(公告)号:US11829792B1
公开(公告)日:2023-11-28
申请号:US17027402
申请日:2020-09-21
Applicant: Amazon Technologies, Inc.
Inventor: Samartha Chandrashekar
IPC: G06F9/455 , G06F9/50 , G06F12/0868
CPC classification number: G06F9/45558 , G06F9/5077 , G06F12/0868 , G06F2009/4557 , G06F2009/45562 , G06F2009/45583 , G06F2009/45595
Abstract: Techniques for in-place live migration of guest domain compute instances are described. A secondary host domain, which may be a patched version of an initial host domain, is launched on a computing device in a candidate host domain role or as a guest domain with escalated privileges. Existing guest domains are live migrated within the computing device to utilize the secondary host domain while the initial host domain continues to serve guest domains that have not yet been migrated. When all guest domains have been migrated, the initial host domain may be terminated, resulting in a patched computing device without network-based failures or noticeable service degradation for the guest domains, and while allowing existing guest domain workflows and network connections to continue unaffected.
-
公开(公告)号:US11327750B1
公开(公告)日:2022-05-10
申请号:US17159755
申请日:2021-01-27
Applicant: Amazon Technologies, Inc.
Inventor: Vivek Chawda , Roland Mesde , Sophia Tsang , Samartha Chandrashekar , Javier Arturo Thiele-Ruiz , Sushil Ravoori , Shailaja Yadav , Nikhilkumar Jadhav , Divya Balasubramanian
Abstract: Disclosed are various embodiments for domain-driven application breakout. Application components are identified based on analysis of a computing application, where the application components are different portions of the computing application. Individual ones of the application components are associated with a category, where the category may include a business domain category. One or more of the application components associated with the category are extracted as an independently deployable subunit, which may include a microservice. The independently deployable subunit is generated for the category using the at least one of the application components and deployed separate from the computing application. A local call in the computing application to the extracted application components is refactored to a network call to the independently deployable subunit.
-
公开(公告)号:US12032979B2
公开(公告)日:2024-07-09
申请号:US16676329
申请日:2019-11-06
Applicant: Amazon Technologies, Inc.
Inventor: Samartha Chandrashekar
CPC classification number: G06F9/45558 , G06F9/5077 , G06F21/53 , G06F21/556 , G06F21/602 , G06F2009/45587
Abstract: A virtualization host is identified for an isolated run-time environment. One or more records generated at a security module of the host, which indicate that a first phase of a multi-phase establishment of an isolated run-time environment has been completed by a virtualization management component of the host, is transmitted to a resource verifier. In response to a host approval indicator from the resource verifier, the multi-phase establishment is completed at the virtualization host.
-
公开(公告)号:US11853753B1
公开(公告)日:2023-12-26
申请号:US17409448
申请日:2021-08-23
Applicant: Amazon Technologies, Inc.
Inventor: Vivek Chawda , Samartha Chandrashekar , Sophia Tsang
Abstract: Techniques are described for identifying resource bottlenecks in decomposing monolithic software applications as part of software modernization processes. An application modernization system constructs a graph model of a software application based on an analysis of application artifacts associated with the software application. The graph model includes nodes representing independent application components, and further includes edges representing identified dependency relationships among the application components. An application modernization system further generates application profile metrics associated with the identified dependencies, and weights derived from the metrics are applied to the nodes and/or the edges of the graph model to generate a weighted graph model that identifies the resource bottlenecks among the application components and the identified dependency relationships. The weighted graph model is transmitted to a computing device for display to a user.
-
-
-
-
-
-
-
-
-
Search Results
17
records
(took 0.018 seconds)
