Methods and apparatus for controlling snapshot exports

US 8,789,208 B1
Filed: 12/13/2011
Issued: 07/22/2014
Est. Priority Date: 10/04/2011
Status: Active Grant

First Claim

Patent Images

1. A method, comprising:

performing, by a snapshot export control process implemented on one or more devices on a provider network;

obtaining, from a client of the provider network, a request directed to one or more snapshots stored on a data store on the provider network, wherein a snapshot is a differential backup of a client volume;

determining if the client has rights to export the one or more snapshots, wherein said determining comprises, for each of the one or more snapshots, examining a snapshot manifest file corresponding to the snapshot, wherein the snapshot manifest file maps data blocks of the client data volume to locations of data chunks stored in the snapshot and records account identifiers for creators of the data blocks, wherein each snapshot manifest file includes creator account information for data blocks in the respective snapshot, and wherein said examining compares account information for the client with the creator account information for the data blocks in the respective snapshot;

identifying, via said examining, a snapshot that includes at least one data block created by a different account than the client account, wherein the client does not have rights to export a snapshot that includes data created by the different account; and

generating a response to the request that does not include the identified snapshot.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods, apparatus, and computer-accessible storage media for controlling export of snapshots to external networks in service provider environments. Methods are described that may be used to prevent customers of a service provider from downloading snapshots of volumes, such as boot images created by the service provider or provided by third parties, to which the customer does not have the appropriate rights. A request may be received from a user to access one or more snapshots, for example a request to export the snapshot or a request for a listing of snapshots. For each snapshot, the service provider may determine if the user has rights to the snapshot, for example by checking a manifest for the snapshot to see if entries in the snapshot manifest belong to an account other than the customer'"'"'s. If the user has rights to the snapshot, the request is granted; otherwise, the request is not granted.

Citations

29 Claims

1. A method, comprising:
- performing, by a snapshot export control process implemented on one or more devices on a provider network;
  
  obtaining, from a client of the provider network, a request directed to one or more snapshots stored on a data store on the provider network, wherein a snapshot is a differential backup of a client volume;
  
  determining if the client has rights to export the one or more snapshots, wherein said determining comprises, for each of the one or more snapshots, examining a snapshot manifest file corresponding to the snapshot, wherein the snapshot manifest file maps data blocks of the client data volume to locations of data chunks stored in the snapshot and records account identifiers for creators of the data blocks, wherein each snapshot manifest file includes creator account information for data blocks in the respective snapshot, and wherein said examining compares account information for the client with the creator account information for the data blocks in the respective snapshot;
  
  identifying, via said examining, a snapshot that includes at least one data block created by a different account than the client account, wherein the client does not have rights to export a snapshot that includes data created by the different account; and
  
  generating a response to the request that does not include the identified snapshot.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method as recited in claim 1, further comprising identifying, via said examining, at least one snapshot that includes only data for which the client has rights to export, wherein the response to the request includes the identified at least one snapshot.
  - 3. The method as recited in claim 1, wherein the request is a request to export a specified snapshot to an external network, and wherein said generating a response to the request comprises informing the client that the client does not have rights to export the specified snapshot to the external network.
  - 4. The method as recited in claim 1, wherein the request is a request for a list of the client'"'"'s snapshots stored on the data store, and wherein said generating a response to the request that does not include the identified snapshot comprises not including an indication of the identified snapshot in the list.
  - 5. The method as recited in claim 4, further comprising:
    - identifying, via said examining, at least one snapshot that the client has rights to export;
      
      including an indication of the identified at least one snapshot that the client has rights to export in the list; and
      
      returning the list to the client in the response to the request.
  - 6. The method as recited in claim 1, further comprising, for each of the one or more snapshots, adding an indication of the snapshot and an indication of the client'"'"'s determined rights regarding export of the snapshot to a cache that includes indications of snapshots and indications of the client'"'"'s rights regarding export of the snapshots.
  - 7. The method as recited in claim 1, wherein said determining if the client has rights to export the one or more snapshots comprises:
    - checking a cache that includes indications of snapshots and indications of the client'"'"'s rights regarding export of the snapshots indicated in the cache to determine if the one or more snapshot are listed in the cache; and
      
      if a given snapshot is listed in the cache, determining the client'"'"'s rights regarding export of the snapshot from the cache.

8. A system, comprising:
- at least one processor; and
  
  a memory comprising program instructions, wherein the program instructions are executable by the at least one processor to;
  
  obtain a request from a client of a provider network directed to one or more snapshots stored on a data store on the provider network, wherein each snapshot is a differential backup of a client volume;
  
  for each of the one or more snapshots;
  
  determine, from information related to the snapshot, if the client has rights to export the snapshot to an external network;
  
  if the client has rights to export the snapshot to the external network, fulfill the request for the snapshot; and
  
  if the client does not have rights to export the snapshot to the external network, not fulfill the request for the snapshot.
- View Dependent Claims (9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
- - 9. The system as recited in claim 8, wherein the information related to the snapshot comprises a snapshot manifest file for the snapshot, wherein a snapshot manifest file maps data blocks of a client volume to locations of data chunks stored in the snapshot and records account identifiers for creators of the data blocks.
  - 10. The system as recited in claim 8, wherein, to determine, from information related to the snapshot, if the client has rights to export the snapshot to an external network, the program instructions are executable by the at least one processor to:
    - examine a snapshot manifest file corresponding to the snapshot, wherein the snapshot manifest file includes creator account information for data in the respective snapshot, and wherein said examining compares account information for the client with the creator account information for the data blocks in the respective snapshot; and
      
      determine, via said examining, if the snapshot includes at least one data block created by a different account than the client account, wherein the client does not have rights to export data created by the different account.
  - 11. The system as recited in claim 8, wherein the program instructions are further executable by the at least one processor to add an indication of the snapshot and an indication of the client'"'"'s determined rights regarding export of the snapshot to a cache that includes indications of snapshots and indications of the client'"'"'s rights regarding export of the snapshots.
  - 12. The system as recited in claim 8, wherein, to determine, from information related to the snapshot, if the client has rights to export the snapshot to an external network, the program instructions are executable by the at least one processor to:
    - check a cache that includes indications of snapshots and indications of the client'"'"'s rights regarding export of the snapshots indicated in the cache to determine if the snapshot is listed in the cache; and
      
      if the snapshot is listed in the cache, determine the client'"'"'s rights regarding export of the snapshot from the cache.
  - 13. The system as recited in claim 12, wherein the program instructions are further executable by the at least one processor to, if the snapshot is not listed in the cache:
    - examine a snapshot manifest file corresponding to the snapshot, wherein the snapshot manifest file includes creator account information for data in the respective snapshot, and wherein said examining compares account information for the client with the creator account information for the data blocks in the respective snapshot; and
      
      determine, via said examining, if the snapshot includes at least one data block created by a different account than the client account, wherein the client does not have rights to export data created by the different account.
  - 14. The system as recited in claim 13, wherein the program instructions are further executable by the at least one processor to add an indication of the snapshot and an indication of the client'"'"'s determined rights regarding export of the snapshot to the cache.
  - 15. The system as recited in claim 8, wherein the request is a request to export a specified snapshot to the external network, and wherein said export of the specified snapshot is performed if the client has rights to export the snapshot to the external network and is not performed if the client does not have rights to export the snapshot to the external network.
  - 16. The system as recited in claim 15, wherein said export of the specified snapshot to the external network creates a volume from the specified snapshot on the external network.
  - 17. The system as recited in claim 15, wherein, to export the snapshot to the external network, a gateway control plane of the provider network exports the snapshot to the external network via a storage gateway process instantiated on the external network, wherein the storage gateway process provides an interface between one or more client processes on the external network and the client'"'"'s data stored on the data store on the provider network.
  - 18. The system as recited in claim 17, wherein the system is a component of the gateway control plane.
  - 19. The system as recited in claim 8, wherein the request is a request for a list of the client'"'"'s snapshots stored on the data store, and wherein an indication of a given snapshot is included in the list if the client has rights to export the snapshot to the external network and is not included in the list if the client does not have rights to export the snapshot to the external network.
  - 20. The system as recited in claim 8, wherein the provider network allows clients to create machine image instances on the provider network from boot images on the data store, and wherein at least one client volume corresponding to the one or more snapshots is a boot image on the data store corresponding to a machine image instance on the provider network.
  - 21. The system as recited in claim 8, wherein, to obtain the request, the program instructions are executable by the at least one processor to receive the request from the client via a console process instantiated on one or more devices on the provider network.

22. A non-transitory computer-accessible storage medium storing program instructions that when executed by one or more computers implement a snapshot export control process and cause the snapshot export control process to:
- receive information indicating a client of a provider network and a snapshot stored on a data store on the provider network, wherein the snapshot is a differential backup of a client volume on the provider network;
  
  determine, from a snapshot manifest for the snapshot, that the client does not have rights to export the snapshot to an external network, wherein the snapshot manifest includes account information for one or more creators of data in the respective snapshot, and wherein the client does not have rights to export a snapshot that includes data created by at least one account that is not the client'"'"'s account; and
  
  in response to said determining that the client does not have rights to export the snapshot to the external network, return an indication that the client does not have rights to export the snapshot to the external network.
- View Dependent Claims (23, 24, 25, 26, 27, 28, 29)
- - 23. The non-transitory computer-accessible storage medium as recited in claim 22, wherein the snapshot manifest maps data blocks of the client volume to locations of data chunks stored in the snapshot and records account identifiers for creators of the data blocks.
  - 24. The non-transitory computer-accessible storage medium as recited in claim 23, wherein, to determine, from a snapshot manifest for the snapshot, that the client does not have rights to export the snapshot to an external network, the snapshot export control process is configured to:
    - compare account information for the client with the creator account information for the data blocks in the snapshot manifest; and
      
      determine, via said comparing, that the snapshot includes at least one data block created by a different account than the client'"'"'s account, wherein the client does not have rights to export data created by the different account.
  - 25. The non-transitory computer-accessible storage medium as recited in claim 22, wherein the snapshot export control process is further configured to add an indication of the snapshot and an indication of the client'"'"'s determined rights regarding export of the snapshot to a cache that includes indications of snapshots and indications of the client'"'"'s rights regarding export of the snapshots.
  - 26. The non-transitory computer-accessible storage medium as recited in claim 22, wherein the snapshot export control process is further configured to check a cache that includes indications of snapshots and indications of the client'"'"'s rights regarding export of the snapshots indicated in the cache to determine if the snapshot is listed in the cache, wherein said determining, from the snapshot manifest for the snapshot, that the client does not have rights to export the snapshot to an external network is performed in response to determining that the snapshot is not listed in the cache.
  - 27. The non-transitory computer-accessible storage medium as recited in claim 26, wherein the snapshot export control process is further configured to add an indication of the snapshot and an indication of the client'"'"'s determined rights regarding export of the snapshot to the cache.
  - 28. The non-transitory computer-accessible storage medium as recited in claim 22, wherein the information indicating the client and the snapshot are received from the client in a request to export the snapshot to the external network.
  - 29. The non-transitory computer-accessible storage medium as recited in claim 22, wherein the information indicating the client and the snapshot are received in response to a request from the client for a list of the client'"'"'s snapshots stored on the data store, wherein an indication of a given snapshot is included in the list only if the client has rights to export the snapshot to the external network.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Amazon Technologies, Inc. (Amazon.com, Inc.)
Original Assignee
Amazon Technologies, Inc. (Amazon.com, Inc.)
Inventors
Sundaram, Arun, Lin, Yun, Salyers, David C.
Primary Examiner(s)
Pwu, Jeffrey
Assistant Examiner(s)
TRUONG, THONG P

Application Number

US13/324,907
Time in Patent Office

952 Days
Field of Search

726/29, 726/30, 726/28, 726/31
US Class Current

726/29
CPC Class Codes

G06F 16/128   Details of file system snap...

G06F 16/178   Techniques for file synchro...

G06F 16/27   Replication, distribution o...

G06F 21/6218   to a system of files or obj...

G06F 21/78   to assure secure storage of...

G06F 3/0604   Improving or facilitating a...

G06F 3/0622   in relation to access

G06F 3/0637   Permissions

G06F 3/065   Replication mechanisms

G06F 3/067   Distributed or networked st...

H04L 67/1097   for distributed storage of ...

H04L 9/40   Network security protocols

Methods and apparatus for controlling snapshot exports

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

29 Claims

Specification

Solutions

Use Cases

Quick Links

Methods and apparatus for controlling snapshot exports

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

29 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links