POLICY APPROVAL LAYER
First Claim
Patent Images
1. A computer-implemented method, comprising:
- under the control of one or more computer systems each having one or more hardware processors configured with executable instructions including,receiving a request to modify a policy, the request specifying a modification to a current state of the policy and processing of the request creates a modified policy;
determining a description of the request based at least in part on the modification to the current state of the policy;
receiving a first number of approvals from a second number of entities of a set of entities authorized to approve modifications to the policy, where the first number of approvals is received as a result of at least one notification including the description; and
transmitting an instruction to a policy management service to process the request as a result of receiving the first number of approvals to implement the modified policy.
1 Assignment
0 Petitions
Accused Products
Abstract
A customer of a policy management service may use an interface with a configuration and management service to interact with policies that may be applicable to the customer'"'"'s one or more resources. The customer may create and/or modify the policies and the configuration and management service may notify one or more other entities of the created and/or modified policies. The one or more other entities may be operated by user authorized to approve the created and/or modified policies. Interactions with the configuration and management service may be the same as the interactions with the policy management service.
16 Citations
20 Claims
-
1. A computer-implemented method, comprising:
under the control of one or more computer systems each having one or more hardware processors configured with executable instructions including, receiving a request to modify a policy, the request specifying a modification to a current state of the policy and processing of the request creates a modified policy; determining a description of the request based at least in part on the modification to the current state of the policy; receiving a first number of approvals from a second number of entities of a set of entities authorized to approve modifications to the policy, where the first number of approvals is received as a result of at least one notification including the description; and transmitting an instruction to a policy management service to process the request as a result of receiving the first number of approvals to implement the modified policy. - View Dependent Claims (2, 3, 4)
-
5. A system, comprising:
-
a configuration and management service comprising; one or more processors; and memory with instructions that, when executed by the one or more processors, cause the system to; receive a request to interact with a policy, where the policy is enforced at least in part by a policy management service distinct from the configuration and management service; detect a modification to the policy based at least in part on an interaction with the policy; determine a description of the modification based at least in part on the interaction with the policy and a current state of the policy; and as a result of receiving a plurality of approvals from at least two entities, transmit a command to the policy management service to cause the policy management service apply the modification. - View Dependent Claims (6, 7, 8, 9, 10, 11, 12)
-
-
13. A non-transitory computer-readable storage medium having stored thereon executable instructions that, as a result of execution by one or more processors of a computer system, cause the computer system to at least:
-
receive an indication of an interaction with a policy, the indication is formatted in accordance with another service supported at least in part by a second computer system operated by a computing resource service provider; transmit a notification to an first entity of the interaction with the policy, the notification allowing the first entity to approve of the interaction with the policy and including a description of the interaction based at least in part on a state of the policy prior to the interaction; receive a second indication, the second indication specifies approval of the interaction with the policy; and in response to the second indication, provide a second notification to a second entity, the second notification allowing the second entity to approve the interaction and including the description. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
-
Specification