Abstract: When requesting network services, clients often supply authentication information such as digital signatures. A network provider may from time to time change its authentication scheme. Clients are notified of the change and are provided with an updated authentication specification. Upon receiving the updated authentication specification, a client updates its authentication logic accordingly, and subsequently prepares and provides authentication information in accordance with the new authentication scheme.

Abstract: Techniques are described for providing client computing nodes with enhanced access to remote network-accessible services, such as by providing local capabilities specific to the remote services. In at least some situations, access to remote services by a client computing node may be enhanced by automatically locally performing some activities of the remote services, such as to improve the efficiency of communications that are sent between the client computing node and the remote service and/or to improve the efficiency by the remote service of processing communications from the client computing node. As one example, a node manager system local to a client computing node may perform authentication of communications sent by the client computing node to a remote service and/or may perform other activities specific to the remote service, so that the remote service does not need to perform the authentication and/or other performed activities for the communications.

Abstract: In an environment such as a cloud computing environment where various guests can be provisioned on a host machine or other hardware device, it can be desirable to prevent those users from rebooting or otherwise restarting the machine or other resources using unauthorized information or images that can be obtained from across the network. A cloud manager can cause one or more network switches or other routing or communication processing components to deny communication access between user-accessible ports on a machine or device and the provisioning systems, or other specific network resources, such that the user cannot cause the host machine to pull information from those resources upon a restart or reboot of the machine. Further, various actions can be taken upon a reboot or attempted reboot, such as to isolate the host machine or even power off the specific machine.

Abstract: Techniques are described for managing execution of programs. In some situations, program execution is managed for multiple users using excess program execution capacity of one or more computing systems. In some such situations, excess or otherwise unused program execution capacity may be made available to execute programs on a temporary basis, such that the programs executing using the excess program execution capacity may be terminated at any time if other preferred use for the excess program execution capacity arises. The excess program execution capacity may in some situations be provided in conjunction with other dedicated program execution capacity that is allocated to particular users, such as to use unused dedicated capacity of some users as excess capacity for other users. In some situations, the techniques are used in conjunction with a fee-based program execution service that executes multiple programs on behalf of multiple users of the service.

Abstract: Techniques are described for providing client computing nodes with enhanced access to data from remote locations, such as by providing and using local capabilities specific to the remote locations. In at least some situations, the access of a client computing node to data from a remote location may be enhanced by automatically performing activities local to the client computing node that improve the efficiency of communications sent between the client computing node and the remote location. As one example, access to data from a remote service may be enhanced by locally performing activities specific to the remote service, such as by using information about the remote service's internal mechanisms to cause the desired data to be provided from internal storage devices of the remote service without passing through front-end or other intermediate devices of the remote service while traveling to the client computing node.

Abstract: Techniques are described for managing execution of programs. In some situations, program execution is managed for multiple users using excess program execution capacity of one or more computing systems. In some such situations, excess or otherwise unused program execution capacity may be made available to execute programs on a temporary basis, such that the programs executing using the excess program execution capacity may be terminated at any time if other preferred use for the excess program execution capacity arises. The excess program execution capacity may in some situations be provided in conjunction with other dedicated program execution capacity that is allocated to particular users, such as to use unused dedicated capacity of some users as excess capacity for other users. In some situations, the techniques are used in conjunction with a fee-based program execution service that executes multiple programs on behalf of multiple users of the service.

Abstract: Implementation resources are operated in a manner furthering a particular purpose while excluding use of the implementation resources for other purposes. At least some of the implementation resources have capacity that is usable to implement multiple other resources. The capacity of the implementation resources is allocated in a manner that satisfies one or more conditions on the capacity of the implementation resources that is used. Generally, the capacity is allocated in a manner that reduces the likelihood that resources initiated close in time will fail together should underlying implementation resources fail. The implementation resources may be hardware devices that implement virtual computer systems.

Abstract: Implementation resources are operated in a manner furthering a particular purpose while excluding use of the implementation resources for other purposes. At least some of the implementation resources have capacity that is usable to implement multiple other resources. The capacity of the implementation resources is allocated in a manner that satisfies one or more conditions on the capacity of the implementation resources that is used. Generally, the capacity is allocated in a manner that reduces the likelihood that resources initiated close in time will fail together should underlying implementation resources fail. The implementation resources may be hardware devices that implement virtual computer systems.

Abstract: Generally described, systems and methods are provided for monitoring and detecting causes of failures of network paths. The system collects performance information from a plurality of nodes and links in a network, aggregates the collected performance information across paths in the network, processes the aggregated performance information for detecting failures on the paths, analyzes each of the detected failures to determine at least one root cause, and initiates a remedial workflow for the at least one root cause determined. In some aspects, processing the aggregated information may include performing a statistical regression analysis or otherwise solving a set of equations for the performance indications on each of a plurality of paths. In another aspect, the system may also include an interface which makes available for display one or more of the network topology, the collected and aggregated performance information, and indications of the detected failures in the topology.

Abstract: Techniques are described for managing access of executing programs to non-local block data storage. In some situations, a block data storage service uses multiple server storage systems to reliably store copies of network-accessible block data storage volumes that may be used by programs executing on other physical computing systems, and snapshot copies of some volumes may also be stored (e.g., on remote archival storage systems). A group of multiple server block data storage systems that store block data volumes may in some situations be co-located at a data center, and programs that use volumes stored there may execute on other computing systems at that data center, while the archival storage systems may be located outside the data center. The snapshot copies of volumes may be used in various ways, including to allow users to obtain their own copies of other users' volumes (e.g., for a fee).

Abstract: Techniques are described for managing access of executing programs to non-local block data storage. In some situations, a block data storage service uses multiple server storage systems to reliably store network-accessible block data storage volumes that may be used by programs executing on other physical computing systems. A group of multiple server block data storage systems that store block data volumes may in some situations be co-located at a data center, and programs that use volumes stored there may execute on other physical computing systems at that data center. If a program using a volume becomes unavailable, another program (e.g., another copy of the same program) may in some situations obtain access to and continue to use the same volume, such as in an automatic manner in some such situations.

Abstract: Techniques are described for managing access of executing programs to non-local block data storage. In some situations, a block data storage service uses multiple server storage systems to reliably store copies of network-accessible block data storage volumes that may be used by programs executing on other physical computing systems, and snapshot copies of some volumes may also be stored (e.g., on remote archival storage systems). A group of multiple server block data storage systems that store block data volumes may in some situations be co-located at a data center, and programs that use volumes stored there may execute on other computing systems at that data center, while the archival storage systems may be located outside the data center. The snapshot copies of volumes may be used in various ways, including to allow users to obtain their own copies of other users' volumes (e.g., for a fee).

Abstract: Techniques are described for providing client computing nodes with enhanced access to remote network-accessible services, such as by providing local capabilities specific to the remote services. In at least some situations, access to remote services by a client computing node may be enhanced by automatically locally performing some activities of the remote services, such as to improve the efficiency of communications that are sent between the client computing node and the remote service and/or to improve the efficiency by the remote service of processing communications from the client computing node. As one example, a node manager system local to a client computing node may perform authentication of communications sent by the client computing node to a remote service and/or may perform other activities specific to the remote service, so that the remote service does not need to perform the authentication and/or other performed activities for the communications.

Abstract: Techniques are described for managing access of executing programs to non-local block data storage. In some situations, a block data storage service uses multiple server storage systems to reliably store network-accessible block data storage volumes that may be used by programs executing on other physical computing systems. A group of multiple server block data storage systems that store block data volumes may in some situations be co-located at a data center, and programs that use volumes stored there may execute on other physical computing systems at that data center. If a program using a volume becomes unavailable, another program (e.g., another copy of the same program) may in some situations obtain access to and continue to use the same volume, such as in an automatic manner in some such situations.

Abstract: Techniques are described for providing client computing nodes with enhanced access to remote network-accessible services, such as by providing local capabilities specific to the remote services. In at least some situations, access to remote services by a client computing node may be enhanced by automatically locally performing some activities of the remote services, such as to improve the efficiency of communications that are sent between the client computing node and the remote service and/or to improve the efficiency by the remote service of processing communications from the client computing node. As one example, a node manager system local to a client computing node may perform authentication of communications sent by the client computing node to a remote service and/or may perform other activities specific to the remote service, so that the remote service does not need to perform the authentication and/or other performed activities for the communications.

Abstract: Generally described, systems and methods are provided for monitoring and detecting causes of failures of network paths. The system collects performance information from a plurality of nodes and links in a network, aggregates the collected performance information across paths in the network, processes the aggregated performance information for detecting failures on the paths, analyzes each of the detected failures to determine at least one root cause, and initiates a remedial workflow for the at least one root cause determined. In some aspects, processing the aggregated information may include performing a statistical regression analysis or otherwise solving a set of equations for the performance indications on each of a plurality of paths. In another aspect, the system may also include an interface which makes available for display one or more of the network topology, the collected and aggregated performance information, and indications of the detected failures in the topology.

Abstract: Intelligent content delivery enables content to be delivered to different devices in formats appropriate for those devices based on the capabilities of those devices. A user might access the same piece of content on two different devices, and can automatically receive a higher quality format on a device capable of playing that higher quality format. The user can purchase rights to content in any format, such that as new formats emerge or the user upgrades to devices with enhanced capabilities, the user can receive the improved formats automatically without having to repurchase the content. Further, the user can pause and resume content between devices even when those devices utilize different formats, and can access content on devices not otherwise associated with the user, receiving content in formats that are appropriate for those unknown devices even if the user has not previously accessed content in those formats.

Abstract: The generation and management of shared session information between the client computing device and the network computing provider are provided. The shared session information can correspond to a specification of a set of network resources accessed by the client computing device and the preservation of browse session information associated with the previous access of the set of network resources. The shared session information is utilized by one or more client computing devices to access and recreate a browse session corresponding to the set of network resources.

Abstract: Techniques are described for managing access of executing programs to non-local block data storage. In some situations, a block data storage service uses multiple server storage systems to reliably store block data that may be accessed over one or more networks by programs executing on other physical computing systems. Users may create block data storage volumes that are each stored by at least two of the server block data storage systems, and may initiate use of such volumes by one or more executing programs, such as in a reliable manner by enabling an automatic switch to a second volume copy if a first volume copy becomes unavailable. A group of multiple server block data storage systems that store block data volumes may in some situations be co-located at a data center, and programs that use volumes stored there may execute on other physical computing systems at that data center.

Abstract: Generally described, systems and methods are provided for monitoring and detecting causes of failures of network paths. The system collects performance information from a plurality of nodes and links in a network, aggregates the collected performance information across paths in the network, processes the aggregated performance information for detecting failures on the paths, analyzes each of the detected failures to determine at least one root cause, and initiates a remedial workflow for the at least one root cause determined. In some aspects, processing the aggregated information may include performing a statistical regression analysis or otherwise solving a set of equations for the performance indications on each of a plurality of paths. In another aspect, the system may also include an interface which makes available for display one or more of the network topology, the collected and aggregated performance information, and indications of the detected failures in the topology.