DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This office action is in response to the communication filed on 06/26/2020.

Reasons for Allowance
The following is an examiner's statement of reasons for allowance:
Claims 1-20 are allowed. 
By interpreting the claims in light of the Specification ([0010], Container orchestration engines such as Kubernetes can be extended using custom resource definitions (CRDs). CRDs declare and define a new custom resource (CR) which may be picked up by a controller to perform some meaningful action (servicing the CR), such as provision an external system. These CRDs can be used as an extension point for a system. The resource definition of a CR can be annotated with a class to further specify a particular implementation for the CR. [0011]   However, when a CR is defined, there is no way to know if a controller that can service the CR exists, and thus there is no way to know if anything meaningful will happen with the CR. This problem can be exacerbated if the CR has class annotations defining a specific implementation(s), as it is even less likely that a controller matching the CRs definitions will exist), the Examiner finds the claimed invention to be patentably distinct from the prior art of records. Specifically, the prior art of records, individually or in combination, fail to explicitly teach, suggest or render obvious the claimed invention as recited in each independent claim 1, 8, 15, reciting annotating each of controllers with filter metadata describing object types the 
Related arts:

McQuaid (US 2021/0397729) discloses 
[0024] Kubernetes API 106 is a pluggable API that allows for the definition and registration of resources beyond the standard set of “core” resources defined in the Kubernetes code. This modularity allows for custom logic to be implemented outside of the core Kubernetes API 106 in a custom controller and for this custom controller to be deployed separately from the “core” Kubernetes API. By allowing Custom Resource Definitions (CRD), Kubernetes allows third parties to register their own custom resource types with the core Kubernetes API but delegate the business logic of those resources to custom controllers. Information describing Kubernetes Custom Resources may be found on the Internet at https:**kubernetes.io*docs*concepts*extend-kubernetes*api-extension*custom-resources*, incorporated herein by reference. This model allows users of these CRDs to utilize the full set of tools made possible by Kubernetes (such as “kubectl”), but the custom business-specific logic can be deployed, maintained, and updated separately from Kubernetes itself. In short, CRDs can be developed privately without the input of the Kubernetes community to implement custom functionality and 
[0028] One way to deploy an Operator is to add the Custom Resource Definition and its associated controller to a cluster. The controller will normally run outside of the Kubernetes control plane, similar to running any containerized application. An Operator (and associated controller) may be implemented using any language/runtime that can act as a client for the Kubernetes API.
[0029] The novel JIT grant operator of embodiments of the present invention (and associated JIT grant controller 132) allows administrators (e.g., admin 124) of Kubernetes clusters to provide time-based temporary access to a cluster 105 in a way that is simple, declarative and works across all Kubernetes cloud services providers (CSPs). In one implementation, embodiments utilize the Kubernetes Controller Pattern to monitor Custom Resources and make changes to the service accounts 120, roles 116, and role bindings 118 managed by Kubernetes. These resources are present in all Kubernetes clusters regardless of CSP, thereby allowing embodiments to work in any cloud computing environment provided by any CSP. Information describing the Kubernetes Controller Pattern may be found on the Internet at https:**kubernetes.io*docs*concepts*architecture*controller*#controller-pattern (with “/” being replaced by “*” to prevent live links), incorporated herein by reference.

Karaya (US 11010218) discloses in col. 5-6 “According to some embodiments, the dependency controller platform 450 may accept the following information as inputs: 

Kutch et al. (US 2020/0287813) discloses in [0035] “In one embodiment, The SLA Analytics Descriptor 420 represents 1) a Kubernetes custom resource; 2) VNF metrics to monitor; and 3) Thresholds/integration periods and combination rules for analysis and triggers that generate violations. In one embodiment, controller 417 represents 1) Kubernetes custom controller watching SLA Analytics Descriptors; 2) Integrates with Kubernetes Control plane; 3) Location(s) to report violations; 4) Communicates SLA Monitor descriptors to SLA Monitor and local analytics on pod; 5) Updates SLA Monitor descriptors when required; and 6) Logical solution of rules from SLA Analysis Descriptor to identify violations.”
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably 

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure is included in form PTO 892.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to examiner Hieu Hoang whose telephone number is 571-270-1253.  The examiner can normally be reached on Mon-Thu, 8a.m.-5p.m., EST Mon-Fri 9 AM -5 PM.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Thu Nguyen can be reached on 571-272-6967.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.


/HIEU T HOANG/Primary Examiner, Art Unit 2452