	US 11,695,776 B2
	Techniques for automatically configuring minimal cloud service access rights for container applications
Olgierd Stanislaw Pieczul, Dublin (IE); Hubert Alexander Foskett, Sammamish, WA (US); and Robert Graham Clark, Clyde Hill, WA (US)
Assigned to Oracle International Corporation, Redwood Shores, CA (US)
Filed by Oracle International Corporation, Redwood Shores, CA (US)
Filed on Feb. 16, 2021, as Appl. No. 17/177,159.
Prior Publication US 2022/0263835 A1, Aug. 18, 2022
Int. Cl. H04L 9/40 (2022.01); G06F 9/455 (2018.01)

CPC H04L 63/104 (2013.01) [H04L 63/08 (2013.01); H04L 63/20 (2013.01); G06F 9/45558 (2013.01); G06F 2009/45562 (2013.01); G06F 2009/45587 (2013.01)]

17 Claims

1. A method, comprising:

receiving one or more requests for access to one or more cloud services;

storing the one or more requests in a request log;

receiving one or more access rules applicable to cloud service access rights for the one or more cloud services;

aggregating the one or more requests of the request log to determine access requirements for a container, the container being configured to store one or more applications;

generating container access policies that define access rights of for containers to the one or more cloud services, the container access policies generated based at least in part on the aggregated one or more requests and the one or more access rules;

generating node access policies, the node access policies defining a combined access right for one or more containers on a node comprising a group of compute instances; and

storing the node access policies in a memory;

storing the container access policies in the memory; and

sending the container access policies to a request forwarder of a compute instance in a production environment, the request forwarder accessing the container access policies to grant the access rights for the one or more containers to the one or more cloud services.