US 11,695,765 B2
Techniques for selective container access to cloud services based on hosting node
Olgierd Stanislaw Pieczul, Dublin (IE); Shrey Arora, Seattle, WA (US); and Robert Graham Clark, Clyde Hill, WA (US)
Assigned to Oracle International Corporation, Redwood Shores, CA (US)
Filed by Oracle International Corporation, Redwood Shores, CA (US)
Filed on Jan. 6, 2021, as Appl. No. 17/143,133.
Prior Publication US 2022/0217139 A1, Jul. 7, 2022
Int. Cl. G06F 21/51 (2013.01); G06F 21/74 (2013.01); H04L 9/40 (2022.01); H04L 67/561 (2022.01); G06F 21/53 (2013.01)
CPC H04L 63/0876 (2013.01) [H04L 63/0236 (2013.01); H04L 63/20 (2013.01); H04L 67/561 (2022.05)] 17 Claims
OG exemplary drawing
 
1. A method for providing access to a cloud service, comprising:
receiving, by a request forwarder hosted on a compute instance of the cloud service, a request for access to the cloud service including a container credential, the request received from a container hosted on the compute instance;
determining, by the request forwarder, an identification of the container using the container credential;
verifying, by the request forwarder, that the container requesting access to the cloud service is authorized based at least in part on one or more stored policies; and
based at least in part on a determination that the container requesting access to the cloud service is authorized:
requesting, by the request forwarder from a metadata service hosted on the compute instance, an instance credential for the compute instance;
receiving the instance credential for the compute instance from the metadata service hosted on the compute instance;
including the instance credential to the request; and
sending the request with the instance credential to the cloud service.