Disclosed are various embodiments for automatic enrollment of Internet of Things (IoT) endpoints. An identity of an IoT endpoint is verified by an IoT gateway. The IoT gateway is configured to transmit, over a network, an enrollment request to an IoT management service. The enrollment of the IoT endpoint with the IoT management service is confirmed. A compliance policy for the IoT endpoint is retrieved from a command queue. The compliance policy is stored in the command queue until retrieved by the IoT gateway. The IoT gateway enforces the compliance policy on the IoT endpoint.

An example operation includes one or more of receiving a notification of an available software update configured to alter functionality of a transport, enabling the altered functionality for an amount of time, and responsive to the altered functionality not being utilized during the amount of time, sending a notification indicating a negative outcome.

A method of reporting differences between a plurality of computing cluster configurations for executing containerized software applications may comprise routinely retrieving, at preset time intervals, cluster configuration files stored at computing clusters for configuring the computing clusters for execution of a containerized software application, receiving a user selection of a first cluster configuration file and a second cluster configuration file within the stored cluster configuration files, and comparing the first cluster configuration file and the second cluster configuration file. The method may also include displaying a difference between the first cluster configuration file and the second cluster configuration file resulting in the first cluster configuration file configuring one or more computing clusters for execution of the containerized software application differently than the second cluster configuration file configures one or more computing clusters for execution of the containerized software application.

Techniques for implementing an infrastructure orchestration service are described. In some examples, a declarative provisioner of the infrastructure orchestration service receives instructions for deployment of a resource. The declarative provisioner identifies that the deployment of the resource is a long-running task stores state information corresponding to the deployment of the resource. In certain embodiments, upon identifying that the deployment of the resource is a long-running task, the declarative provisioner pauses its execution of the long-running task. Responsive to a trigger received from the infrastructure orchestration service, the declarative provisioner resumes execution of the deployment of the resource using the state information and transmits deployment information corresponding to the deployment of the resource to the infrastructure orchestration service.

Methods, apparatuses, and systems of a common skill store are described herein to provide common skill storage and distribution for different virtual assistants on different provider platforms. A developer may not be bound by any virtual assistant or provider platform to develop skills in a required computer programming language, format, or style. They also need not to develop the same skill multiple times for different virtual assistants. After receiving a request to download a skill for use on any virtual assistant and provider platform, the common skill store may modify the requested program code to adapt it for the requesting virtual assistant. If a user has multiple user devices with different virtual assistants, they may only need to request the same skill one time, and the common skill store may send different sets of adapted program code to the multiple user devices with the different virtual assistants.

A method of authenticating a device management system of a cloud-managed network includes transmitting a first transmission signal, from an access point, to a secondary port of the device management system. The first transmission signal comprises a first request of the access point to connect to the cloud-managed network. When the access point is incompatible with the cloud-managed network, the access point receives a re-direction instruction from the device management system to redirect the access point to a predefined Internet address to provide compatibility data for the access point. The method further includes that in response to receiving the compatibility data, transmitting a second transmission signal to the secondary port that includes a second request to connect to the cloud-managed network. The method include that in response to authentication by the access point, receiving an instruction from the secondary port to connect via a primary port to the cloud-managed network.

Techniques for deploying, monitoring, and modifying network topologies operating across multi-domain environments using formal models and weighting factors assigned to computing elements in the network topologies. The weighting factors restrict or allow the movement of various computing elements and/or element groupings to prevent undesirable disruptions or outages in the network topologies. Generally, the weighting factors may be determined based on an amount of disruption experienced in the network topologies if the corresponding computing element or grouping was migrated. As the amount of disruption caused by modifying a particular computing element increases, the weighting factor represents a greater measure of resistivity for migrating the computing element. In this way, topology deployment systems may allow, or disallow, the modification of particular computing elements based on weighting factors. Thus, the amount of disruption in the functioning of network topologies may be considered when optimizing the allocation of computing elements across multi-domain environments.

Techniques are described for enabling a software modernization assessment service of a cloud provider network to maintain a modernization knowledge base and to use the knowledge base to generate modernization recommendations for users' software applications. A modernization knowledge base comprises one or more modernization ontologies, where a modernization ontology defines concepts and relationships used to describe modernization tool capabilities and limitations, modernization strategies, etc. The modernization assessment service uses the modernization knowledge base to automate various software modernization processes including, for example, providing modernization recommendations for software applications (e.g., applications identified by users as candidates for modernization) and generating modernization assessment reports. A modernization knowledge base, including an ontology understood by a modernization assessment engine, can be readily updated to account for new modernization strategy information, modernization tool information, and modernization process and tool constraints, without necessitating changes to static definitions of such information defined by a modernization assessment service.

A method for configuring a fabric managed by a software-defined networking (SDN) controller includes, with a first control host installed in a first rack having a first management switch and a second control host installed in a second rack, executing controller nodes that implement an SDN controller using a controller virtual network extending between the first rack and the second rack. The first management switch is configured to route traffic between the controller virtual network and a device management network extending from the first management switch to a fabric network device of the fabric managed by the SDN controller. The method further includes configuring, with the SDN controller, via the first management switch, the fabric network device with the controller virtual network to enable communications, via the controller virtual network, between the first control host and a compute node or a storage node connected to the fabric network device.

Techniques for optimization-based pool protection for a cloud provider network are described. An exemplary method includes receiving historical usage data of virtual machine instances of a capacity pool of a cloud provider network for each account of a plurality of accounts of the cloud provider network, generating a linearly extrapolated usage, based at least in part on an extrapolating parameter, for each account based at least in part on respective usage percentiles of the virtual machine instances from the historical usage data, determining a usage of the virtual machine instances for each account based at least in part on the linearly extrapolated usage for a same extrapolating parameter value, receiving, by the cloud provider network, a request to launch a computing resource for an account, determining a usage limit for the account based at least in part on the usage for that account, and launching the computing resource when a requested usage for the computing resource is less than or equal to the usage limit and not launching the computing resource when the requested usage for the computing resource is greater than the usage limit.