| 发明名称 |
IDENTITY POOL BRIDGING FOR MANAGED DIRECTORY SERVICES |
| 摘要 |
A customer of a computing resource service provider may utilize a set of credentials to request creation of an identity pool within a managed directory service. Accordingly, the managed directory service may create the identity pool. Instead of having the customer create a separate account within this identity pool, the managed directory service may create a shadow administrator account within the identity pool, which may be used to manage other users and resources in the identity pool within the managed directory service. The managed directory service further exposes an application programming interface command that may be used to obtain a set of credentials for accessing the shadow administrator account. The customer may use this command to receive the set of credentials and access the shadow administrator account. Accordingly, the customer can manage users and resources in the identity pool within the managed directory service. |
| 申请公布号 |
US2015135272(A1) |
申请公布日期 |
2015.05.14 |
| 申请号 |
US201314098298 |
申请日期 |
2013.12.05 |
| 申请人 |
Amazon Technologies, Inc. |
发明人 |
Shah Shon Kiran;Rao Guruprakash Bangalore;Rizzo Thomas Christopher;Mehta Gaurang Pankaj |
| 分类号 |
H04L29/06 |
主分类号 |
H04L29/06 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A computer-implemented method for identity pool bridging, comprising:
under the control of one or more computer systems configured with executable instructions,
enabling a user to utilize a set of credentials to access an interface provided by a computing resource service provider to access a managed directory service;receiving, at the computing resource service provider, a first request from the user to create an identity pool within the managed directory service of the computing resource service provider, the first request comprising information based at least in part on the set of credentials;as a result of the first request, creating, at the managed directory service, the identity pool and a shadow administrative account within the identity pool, the shadow administrative account usable for managing access to a directory within the managed directory service;transmitting, through the computing resource service provider and to the managed directory service, a second request from the user to obtain a directory token for accessing the shadow administrative account;receiving the directory token from the managed directory service; andenabling the user to utilize the received directory token to perform actions within the directory. |
| 地址 |
Reno NV US |
