Abstract: A communication system may include a plurality of geographically proximate nodes that communicate via one or more range-limited wireless technologies such as BLUETOOTH® low energy (BLE). An origin node may generate and communicate a first message responsive to detecting an event occurrence. The message may include an identifier associated with the origin node, data indicative of the event occurrence, a hop count, a maximum hop count, and a number of designated recipient nodes within the communication system. A first designated recipient node may, upon receiving the first message, attempt to confirm the event occurrence included in the first message. Upon confirming the event occurrence, the first designated recipient node may communicate a notification to an external third party. If unable to confirm the event occurrence, the first designated recipient node may generate and communicate a second message to a second designated recipient node included in the first message.

Abstract: A consistent view of associations between independently replicated data objects may be provided. Data objects may be stored in separate data stores. Copies of the data stores may also store the data objects. The copies of the data stores may independently receive the data objects to be stored as part of independently replicating data stores to one or more copies of the data stores. An association can be created between objects in the different data store. If when the association is created it is determined that a referenced object is not yet stored in a copy of a data store, then both the association and the referenced object may be stored in the same data store so that the association and the referenced object are replicated together to a copy of the same data store.

Abstract: A provider network implements a proxy to control access to web-based resources of a provider network. The proxy receives requests to access web-based services. The proxy allows access to a web-based service only if user-configured access control rules are satisfied and credentials associated with the web-based service are authenticated. The proxy prevents access to a web-based service if user-configured access control rules are not satisfied or credentials associated with the web-based service are not authenticated. The provider network may also implement a proxy configuration service to set up and launch the proxy. The proxy configuration service receives from the client a specification of the access control rules, configures the proxy based on the access control rules, and launches the proxy.

Abstract: A communication system may include a plurality of geographically proximate nodes that communicate via one or more range-limited wireless technologies such as BLUETOOTH® low energy (BLE). An origin node may generate and communicate a first message responsive to detecting an event occurrence. The message may include an identifier associated with the origin node, data indicative of the event occurrence, a hop count, a maximum hop count, and a number of designated recipient nodes within the communication system. A first designated recipient node may, upon receiving the first message, attempt to confirm the event occurrence included in the first message. Upon confirming the event occurrence, the first designated recipient node may communicate a notification to an external third party. If unable to confirm the event occurrence, the first designated recipient node may generate and communicate a second message to a second designated recipient node included in the first message.

Abstract: A method and system for generating permissions policies and permission boundary policies are described. The system receives a first request from a central administrator to create a delegated administrator, the first request specifying with one or more access permissions. The system generates a permission boundary policy that specifies the one or more access permissions and a first permissions policy that grants permissions to the delegated administrator to at least one of create an IAM principal with the permission boundary policy or attach a second permissions policy to the IAM principal. An effective permission given to the IAM principal is an intersection of access permissions specified in the first permissions policy and the one or more access permissions in the permission boundary policy. The system attaches the first permissions policy and the permission boundary policy to the delegated administrator.

Abstract: A system, such as an extension service, receives a first public key that is derivable based at least in part on a secret that is shared between at least a first device and a second device. The system, in an embodiment, derives a cryptographic key based at least in part on the first public key and transmits a second public key that enables another system to derive the cryptographic key. In an embodiment, the cryptographic key is a symmetric key and the system lacks access to a first private key that corresponds to the first public key.

Abstract: A security token service receives a request for a token. The request indicates a set of access control policies that define a set of permissions for access to a resource. The security token service generates the token to comprise a set of identifiers of the set of access control policies. The security token service provides the token in response to the request to enable the token to be used to access the resource in accordance with the set of access control policies.

Abstract: Techniques for region management for distributed services in provider networks are described. A region management service (RMS) receives requests to enable or disable regions a provider network for users. The RMS identifies what services operate within the involved regions and transmits requests to configure resources within the regions that are specific to the users to the services. The RMS also receives messages indicating whether the transmitting services have successfully configured user resources pertaining to the services for the region.

Abstract: Tags may be used in decisions by an access management service regarding access of computing resources (“resources”) by principals (e.g., users, roles, etc.). The tags may also be used to determine cost information, for grouping resources and/or principals, and for other reasons. The tags may be assigned to principals, to resources, or both. The resource may be a virtual or physical type of computing resource. Tags may be metadata, which may include a key-value pair. Tags may include email addresses, cost centers, project identifiers, location, team name, etc. The value may be a number, letters, or a combination of both. In some embodiments, the values may be limited to certain numbers or bytes, and some numbers and/or letter combinations may be excluded for special use.

Abstract: A method and system for generating access policy suggestions are described. The system initiates a test mode for a web service to be access by a user. The system authorizes access to the web service by the user in the test mode and records test data regarding the access to the web service by the user in the test mode. The system generates an access policy suggestion based on the test data.

Abstract: Tags may be used in decisions by an access management service regarding access of computing resources (“resources”) by principals (e.g., users, roles, etc.). The tags may also be used to determine cost information, for grouping resources and/or principals, and for other reasons. The tags may be assigned to principals, to resources, or both. The resource may be a virtual or physical type of computing resource. Tags may be metadata, which may include a key-value pair. Tags may include email addresses, cost centers, project identifiers, location, team name, etc. The value may be a number, letters, or a combination of both. In some embodiments, the values may be limited to certain numbers or bytes, and some numbers and/or letter combinations may be excluded for special use.

Abstract: A key distribution host determines a trust level of a user authentication server, wherein the trust level is based, at least in part, on one or more attributes of the user authentication server and provides one or more authentication keys to the user authentication server only if the trust level of the user authentication server is above a threshold value.

Abstract: User identities can managed at an organization level, instead of across multiple individual resource accounts. In a resource provider environment, access to various resources and services may require users to have identities with specific resource accounts. Users can instead be associated with organization accounts, or virtual accounts that are not associated with specific resources or services. The organization accounts are attached at the appropriate location(s) in an organizational hierarchy. A user having an organization account can project the identity in any sub-account in the organization hierarchy. This can include any lower-level resource account, or can child accounts under a relevant branch of the hierarchy. A user can validate against the organization account, and receive access to the relevant service or resources using the identity projected in the corresponding resource account.

Abstract: User identities can managed at an organization level, instead of across multiple individual resource accounts. In a resource provider environment, access to various resources and services may require users to have identities with specific resource accounts. Users can instead be associated with organization accounts, or virtual accounts that are not associated with specific resources or services. The organization accounts are attached at the appropriate location(s) in an organizational hierarchy. A user having an organization account can project the identity in any sub-account in the organization hierarchy. This can include any lower-level resource account, or can child accounts under a relevant branch of the hierarchy. A user can validate against the organization account, and receive access to the relevant service or resources using the identity projected in the corresponding resource account.

Abstract: A mechanism is described for facilitating dynamic and trusted cloud-based extension upgrades for computing systems according to one embodiment of the invention. A method of embodiments of the invention includes detecting a computing device needing an upgrade. The upgrade may relate to a hardware component at the computing device needing an upgrade element for the upgrade. The method may further include calling a first cloud server to provide the upgrade over a network. The first cloud server may have first resources including the upgrade element. The method may further include facilitating the hardware component to access the upgrade element at the first cloud server without having to upgrade or replace the hardware component.

Abstract: A computing device stores code associated with a computing function in a protected computing environment, such as a trusted execution environment, wherein the computing function is attested by a code measurement service associated with the protected computing environment. The computing device links the computing function to a secret stored in a hardware security module (HSM), the secret to enable execution of the computing function in the protected computing environment.

Abstract: A database server (e.g., a replica) generates a local checksum from a sequence of database operations and contributes the sequence of operations and the local checksum to a shared log of a distributed database. Additional database servers, similarly, generate local checksums. A checksum replica agent determines a first ordering of database operations of a first database server of a database, determines a second ordering of database operations of a second database server of the database; determines whether a third ordering of database operations that is based at least in part on the first ordering and the second ordering is valid. In an embodiment, a checksum replica agent generates a global checksum over the third ordering. Checksums, in an embodiment, are digitally signed and/or encrypted.

Abstract: Tags may be used in decisions by an access management service regarding access of computing resources (“resources”) by principals (e.g., users, roles, etc.). The tags may also be used to determine cost information, for grouping resources and/or principals, and for other reasons. The tags may be assigned to principals, to resources, or both. The resource may be a virtual or physical type of computing resource. Tags may be metadata, which may include a key-value pair. Tags may include email addresses, cost centers, project identifiers, location, team name, etc. The value may be a number, letters, or a combination of both. In some embodiments, the values may be limited to certain numbers or bytes, and some numbers and/or letter combinations may be excluded for special use.

Abstract: An unmanned vehicle may be utilized to perform various tasks, such as delivering packages and picking up packages for delivery in coordination with a physical access control device. Authentication and authorization processes may be used to grant the unmanned vehicle access to a physical space controlled by a physical access control device. A subsystem of the unmanned vehicle and the physical access control device may both support execution of computer instructions in a protected execution environment. A protected execution environment may be configured to provide an attestation to a remote counterparty, receive a purported attestation associated with the counterparty, verify the purported attestation is authentic using a root of trust in common with the remote counterparty, and perform authentication and authorization routines in connection with access policies of the unmanned vehicle, the physical access control device, or both.

Abstract: A database server (e.g., a replica) generates a local checksum from a sequence of database operations and contributes the sequence of operations and the local checksum to a shared log of a distributed database. Additional database servers, similarly, generate local checksums. A checksum replica agent determines a first ordering of database operations of a first database server of a database, determines a second ordering of database operations of a second database server of the database; determines whether a third ordering of database operations that is based at least in part on the first ordering and the second ordering is valid. In an embodiment, a checksum replica agent generates a global checksum over the third ordering. Checksums, in an embodiment, are digitally signed and/or encrypted.