Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
EXAMINER’S AMENDMENT
An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Authorization for this examiner’s amendment was given in a telephone interview with John Golian (the Undersigned Attorney, Reg. No.54,702) on 2/24/22.
The application has been amended as follows: 
IN THE CLAIMS:             Please replace claims as follows:
(Currently Amended)	One or more computer storage media storing computer-useable instructions that, when used by one or more computing devices, cause the one or more computing devices to perform operations comprising:
receiving, at a device access service in a cloud computing environment, a request for a management action to be performed for a network device in the cloud computing environment, the request being received from an execution service remote from the cloud computing environment and not having persistent access to restricted data in the cloud computing environment including access control data required to directly 
obtaining, by the device access service, the access control data for the network device from an access control data store in the cloud computing environment; and
issuing, by the device access service to the network device, one or more commands to perform the requested management action on the network device using the access control data to access the network device.
(Original)	The one or more computer storage media of claim 1, wherein the requested management action comprises a monitoring action, an incident management action, a software deployment action, a firmware deployment action, or a network buildout action.
(Original)	The one or more computer storage media of claim 1, wherein the request comprises a request for telemetry data for the network device and the device access service comprises an SNMP proxy that obtains the telemetry data from the network device.
(Original)	The one or more computer storage media of claim 1, wherein the device access service comprises a hardware proxy that performs an operation on the network device in response to the request.
(Original)	The one or more computer storage media of claim 1, wherein the operations further comprise:
providing non-restricted data regarding the management action performed for the network device in the cloud computing environment.

transmitting, from an execution service to a device access service in a cloud computing environment, a request for a management action to be performed for a network device in the cloud computing environment, the execution service being remote from the cloud computing environment and not having persistent access to restricted data in the cloud computing environment including access control data required to directly access the network device in the cloud computing environment, the request causing the device access service to obtain the access control data for the network device from an access control data store in the cloud computing environment and issue one or more commands to perform the requested management action on the network device using the access control data to access the network device; and
receiving, from the cloud computing environment, non-restricted data regarding the management action performed for the network device in the cloud computing environment.
(Original)	The computer-implemented method of claim 6, wherein the requested management action comprises a monitoring action, an incident management action, a software deployment action, a firmware deployment action, or a network buildout action.
(Original)	The computer-implemented method of claim 6, wherein the non-restricted data comprises monitoring data for the network device.

(Original)	The computer-implemented method of claim 6, wherein the non-restricted data comprises state information regarding a current state of the network device after the requested management action was performed on the network device.
(Original)	The computer-implemented method of claim 10, wherein the method further comprises storing the state information using a network state service.
(Currently Amended)	A computerized system comprising:
an execution service that implements workflows to manage a cloud computing environment by issuing requests to perform management actions on network devices in the cloud computing environment, the execution service being remote from the cloud computing environment and not having persistent access to restricted data in the cloud computing environment including access control data required to directly access the network devices in the cloud computing environment; and
a device access service in the cloud computing environment that, in response to the requests to perform the management actions on the network devices, obtains the access control data for the network devices from an access control data store in the cloud computing environment and issues commands to 
(Original)	The system of claim 12, wherein the execution service comprises a monitoring service that employs the device access service to obtain telemetry data for at least one of the network devices in the cloud computing environment.
(Original)	The system of claim 12, wherein the execution service comprises a deployment service that employs the device access service to deploy software to at least one of the network devices in the cloud computing environment. 
(Original)	The system of claim 12, wherein the execution service comprises a buildout service that employs the device access service to configure at least one new network device added to the cloud computing environment.
(Original)	The system of claim 12, wherein the device access service comprises an SNMP proxy that obtains telemetry data for the network devices in the cloud computing environment using the access control data to access the network devices.
(Original)	The system of claim 12, wherein the device access service comprises a hardware proxy that issues commands to the network devices in the cloud computing environment using the access control data to access the network devices.
(Original)	The system of claim 12, wherein the system further comprises:
a source of truth service that collects network configuration information for the cloud computing environment and makes the network configuration information available to the execution service.
(Original)	The system of claim 18, wherein the source of truth service comprises a network graph service that builds a network graph from the network configuration information for each cloud computing environment.
(Original)	The system of claim 18, wherein the source of truth service comprises a network state service that hosts information regarding states of the network devices in the cloud computing environment.


Allowable Subject Matter
Claims 1-20 are allowed.

Reason for allowance
This communication warrants no examiner's reason for allowance, as applicant's reply makes evident the reason for allowance, satisfying the record as whole as required by rule 37 CFR 1.104(e). In this case, the substance of applicant's remarks filed on 3/22/18 and claim 40 with respect to the added claim limitation point out the reason claims are patentable over the prior art of record. Thus, the reason for allowance is in all probability evident from the record and no statement for examiner's reason for allowance is necessary (see MPEP 13202.14).


Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Khanh Dinh whose telephone number is (571) 272-3936. The examiner can normally be reached on Monday through Friday from 8:00 A.m. to 5:00 P.m.
	If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, Kevin Bates, can be reached on (571) 272-3980.   The fax phone number for this group is (571) 273-8300.
	Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov.  Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free).


/KHANH Q DINH/Primary Examiner, Art Unit 2458