| 发明名称 |
USE OF FREEFORM METADATA FOR ACCESS CONTROL |
| 摘要 |
Approaches are described for security and access control for computing resources. Various embodiments utilize metadata, e.g., tags that can be applied to one or more computing resources (e.g., virtual machines, host computing devices, applications, databases, etc.) to control access to these and/or other computing resources. In various embodiments, the tags and access control policies described herein can be utilized in a multitenant shared resource environment. |
| 申请公布号 |
US2014208414(A1) |
申请公布日期 |
2014.07.24 |
| 申请号 |
US201313747224 |
申请日期 |
2013.01.22 |
| 申请人 |
Amazon Technologies, Inc. |
发明人 |
Brandwine Eric Jason;DeSantis Peter Nicholas;Thrane Léon |
| 分类号 |
G06F21/62 |
主分类号 |
G06F21/62 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A computer implemented method for using tags to control access to resources, said method comprising:
under the control of one or more computer systems configured with executable instructions,
providing one or more computing resources by a service provider, the one or more computing resources provided to a customer in a multitenant environment;associating an access control policy with a user of an account, the access control policy specifying metadata as part of a condition for controlling access to the one or more computing resources;receiving, from the user, an application programming interface (API) call to perform an operation on the one or more computing resources;evaluating, in response to the API call, the access control policy including the metadata specified in the access control policy; andauthorizing the API call to perform the operation on the one or more computing resources based at least in part on the metadata specified in the access control policy. |
| 地址 |
US |
