DETAILED ACTION
Claims 1-20 are cancelled. Claims 21-40 are new. Claims 21-40 are pending in the application.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

Examiner’s Notes
The Examiner cites particular sections in the references as applied to the claims below for the convenience of the applicant(s). Although the specified citations are representative of the teachings in the art and are applied to the specific limitations within the individual claim, other passages and figures may apply as well. It is respectfully requested that, in preparing responses, the applicant(s) fully consider the references in their entirety as potentially teaching all or part of the claimed invention, as well as the context of the passage as taught by the prior art or disclosed by the Examiner.

Specification
Applicant is reminded of the proper language and format for an abstract of the disclosure.
The abstract should be in narrative form and generally limited to a single paragraph on a separate sheet within the range of 50 to 150 words in length. The abstract should describe the disclosure sufficiently to assist readers in deciding whether there is a need for consulting the full patent text for details.
The language should be clear and concise and should not repeat information given in the title. It should avoid using phrases which can be implied, such as, “The disclosure concerns,” “The disclosure defined by this invention,” “The disclosure describes,” etc.  In addition, the form and legal phraseology often used in patent claims, such as “means” and “said,” should be avoided.
The abstract of the disclosure is objected to because it uses phrases which can be implied, such as “Some embodiments provide”.  Corrections are required.  See MPEP § 608.01(b).
The use of the terms VMWARE and JAVASCRIPT, which are trade names or a marks used in commerce, has been noted in this application. The terms should be accompanied by the generic terminology; furthermore the terms should be capitalized wherever they appear or, where appropriate, include a proper symbol indicating use in commerce such as ™, SM , or ® following the terms.
Although the use of trade names and marks used in commerce (i.e., trademarks, service marks, certification marks, and collective marks) are permissible in patent applications, the proprietary nature of the marks should be respected and every effort made to prevent their use in any manner which might adversely affect their validity as commercial marks.

Claim Objections
Claims 21-40 are objected to because of the following informalities:
Claim 21: “API” (line 3), “the API” (line 5), and “the requests” (line 8) should have been –Application Programming Interface (API)—, --the hierarchical API—, and –the plurality of requests--, respectively.
Claims 22-30 inherit the features of claim 21 and are objected to accordingly.
Claim 22: “the resources” (line 1) should have been –the plurality of resources--.
Claims 23-27 inherit the features of claim 22 and are objected to accordingly.
Claim 23: “the resources” (line 1) should have been –the plurality of resources--.
Claim 24: “the resources” (line 1) should have been –the plurality of resources--.
Claim 25 inherits the features of claim 24 and is objected to accordingly.
Claim 25: “the service” (line 1) should have been –the middlebox service--.
Claim 29: “API” (line 2) and “API” (line 5) should have been –hierarchical API-- and–hierarchical API—, respectively.
Claim 30: “API” (line 2) and “API” (line 4) should have been –hierarchical API-- and–hierarchical API—, respectively.
Claim 31: “API” (line 4), “the API” (line 6), and “the requests” (line 9) should have been –Application Programming Interface (API)—, --the hierarchical API—, and –the plurality of requests--, respectively.
Claims 32-40 inherit the features of claim 31 and are objected to accordingly.
Claim 32: “the resources” (line 1) should have been –the plurality of resources--.
Claims 33-37 inherit the features of claim 32 and are objected to accordingly.
Claim 33: “the resources” (line 1) should have been –the plurality of resources--.
Claim 34: “the resources” (line 1) should have been –the plurality of resources--.
Claim 35 inherits the features of claim 34 and is objected to accordingly.
Claim 35: “the service” (line 1) should have been –the middlebox service--.
Claim 39: “API” (line 2) and “API” (line 6) should have been –hierarchical API-- and–hierarchical API—, respectively.
Claim 40: “API” (line 2) and “API” (line 6) should have been –hierarchical API-- and–hierarchical API—, respectively.
Appropriate corrections are required. Applicant is advised to review the entire claims for further needed corrections.

Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


Claims 21-40 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Cole et al. (US 2018/0083835 A1; from IDS filed on 09/14/2021; hereinafter Cole).

With respect to claim 21, Cole teaches: A method of deploying resources in a software defined datacenter (SDDC) (see e.g. paragraph 191: “IDCS implements a distributed data grid”; and paragraph 31: “a microservice is an independently deployable service”), the method comprising: 
receiving a hierarchical API command (see e.g. paragraph 31: “a single application as a suite of small services, each running in its own process and communicating with lightweight mechanisms (e.g., an HTTP resource API)”; and paragraph 127: “a request with an authorization header and an access token”) that specifies a plurality of resources (see e.g. paragraph 31: “small, independent processes communicating with each other using language-agnostic APIs… a suite of small services, each running in its own process and communicating with lightweight mechanisms” and paragraph 33: “a collection of services, and each service runs a respective process and uses a lightweight protocol to communicate (e.g., a unique API for each microservice)”) to deploy in the SDDC (see e.g. paragraph 31: “a microservice is an independently deployable service”); 
parsing the API command to identify a plurality of requests (see e.g. paragraph 127: “act as an OAuth2 resource server/filter 720…  access to the API”) to deploy the plurality of resources (see e.g. paragraph 127: “act as an OAuth2 resource server/filter 720 for an application's protected REST APIs 714. It checks for the presence of a request with an authorization header and an access token. When client 708 (e.g., mobile, web apps, JavaScript, etc.) presents an access token (issued by IDCS) to use with a protected REST API 714, Cloud Gate 702 validates the access token before allowing access to the API (e.g., signature, expiration, audience, etc.)”); 
defining a sorted order for the plurality of requests (see e.g. paragraph 127: “validates the access token before allowing access to the API”); 
based on the sorted order, providing the requests (see e.g. paragraph 127: “validates the access token before allowing access to the API”) to a set of servers to deploy the plurality of resources (see e.g. paragraph 84: “The OAuth2 platform service provides token authorization services. It provides a rich API infrastructure for creating and validating access tokens conveying user rights to make API calls. It supports a range of useful token grant types, enabling customers to securely connect clients to their services”; paragraph 87: “All IDCS configuration artifacts are resources, and the APIs of the administration services allow for managing IDCS resources… REST APIs for Create, Read, Update, Delete, and Query (“CRUDQ”) operations on all IDCS resources”; and paragraph 190: “A distributed data grid is a system in which a collection of computer servers work together in one or more clusters to manage information and related operations, such as computations, within a distributed or clustered environment”).

With respect to claim 22, Cole teaches: The method of claim 21, wherein the resources include application segments of a multi-segmented application (see e.g. paragraph 31: “a single application as a suite of small services, each running in its own process and communicating with lightweight mechanisms (e.g., an HTTP resource API)”).

With respect to claim 23, Cole teaches: The method of claim 22, wherein the resources further include managed forwarding elements for forwarding data messages between the application segments (see e.g. paragraph 31: “the term microservice contemplates a software architecture design pattern in which complex applications are composed of small, independent processes communicating with each other using language-agnostic APIs… a single application as a suite of small services, each running in its own process and communicating with lightweight mechanisms (e.g., an HTTP resource API)”; paragraph 193: “The servers (e.g., 1220a, 1220b, 1220c, 1220d) in a data grid cluster 1200a are connected using high bandwidth NICs (e.g., PCI-X or PCIe) to a high-performance network switch 1220 (for example, gigabit Ethernet or better)”; and paragraph 194: “each data grid cluster is ideally confined to a single switch 1202 which provides single hop communication between servers. A cluster may thus be limited by the number of ports on the switch 1202. A typical cluster will therefore include between 4 and 96 physical servers”).

With respect to claim 24, Cole teaches: The method of claim 22, wherein the resources further include middlebox service elements for performing middlebox service operations on data messages sent to or from the application segments (see e.g. paragraph 22: “implements a number of microservices in a stateless middle tier environment to provide cloud-based multi-tenant identity and access management services. In one embodiment, each requested identity management service is broken into real-time and near-real-time tasks. The real-time tasks are handled by a microservice in the middle tier… a middle tier to enforce a security model for accessing the microservices”).

With respect to claim 25, Cole teaches: The method of claim 24, wherein the service operations include at least one of firewall operations (see e.g. paragraph 171: “interactions between a component within IDCS (e.g., 1004, 1006, 1008) and a component outside IDCS (e.g., 1002, 1011, 1042) are performed through firewalls 1044”), load balancing operations (see e.g. paragraph 79: “HTTP requests of applications/services 602 that require IDCS services go through an Oracle Public Cloud BIG-IP appliance 604 and an IDCS BIG-IP appliance 606 (or similar technologies such as a Load Balancer, or a component called a Cloud Load Balancer as a Service (“LBaaS”) that implements appropriate security rules to protect the traffic)”), network address translation operations, encryption operations (see e.g. paragraph 232: “The SamlServiceProvider facet allows an App to act as a ServiceProvider in runtime flows of the Security Assertion Markup Language (“SAML”) protocol. The SamlServiceProvider facet includes… (15) encryptionCertificate; (16) encryptionAlgorithm; (17) encryptionAssertion”), intrusion detection operations, and intrusion prevention operations.

With respect to claim 26, Cole teaches: The method of claim 22, wherein the multi-segmented application has at least three application segments defined in the hierarchical API command (see e.g. paragraph 223: “embodiments provide functionality to extend the App indefinitely by adding a facet to describe each specific type of behavior. Each App can have any number of facets. Each facet is a set of attributes that describe one aspect of the App's behavior, often with respect to runtime services of IDCS”; paragraph 82: “IDCS microservices include platform services such as OpenID Connect, OAuth, SAML2, System for Cross-domain Identity Management++ (“SCIM++”), etc.”; paragraph 92; and Fig. 6: “IDCS Microservices 614”).

With respect to claim 27, Cole teaches: The method of claim 22, wherein the multi-segmented application has more than five application segments defined in the hierarchical API command (see e.g. paragraph 223: “embodiments provide functionality to extend the App indefinitely by adding a facet to describe each specific type of behavior. Each App can have any number of facets. Each facet is a set of attributes that describe one aspect of the App's behavior, often with respect to runtime services of IDCS”; paragraph 82: “IDCS microservices include platform services such as OpenID Connect, OAuth, SAML2, System for Cross-domain Identity Management++ (“SCIM++”), etc.”; paragraph 92; and Fig. 6: “IDCS Microservices 614”).

With respect to claim 28, Cole teaches: The method of claim 21, wherein the plurality of deployed resources comprises at least one virtual machine (see e.g. paragraph 196: “In a distributed data grid, the nodes may be, for example, software applications, virtual machines… In an Oracle Coherence data grid, each node is a Java virtual machine (“JVM”). A number of JVMs/nodes may be provided on each server”) or container (see e.g. paragraph 33: “Each microservice is a self-contained module that can talk to other modules/microservices”).

With respect to claim 29, Cole teaches: The method of claim 21, wherein 
the API command includes a set of parameters to update an earlier deployed machine (see e.g. paragraph 87: “REST APIs for Create, Read, Update, Delete, and Query (“CRUDQ”) operations on all IDCS resources”), and 
deploying the plurality of resources comprises updating the earlier deployed machine based on a set of parameters specified in the parsed API command (see e.g. paragraph 87: “All IDCS configuration artifacts are resources, and the APIs of the administration services allow for managing IDCS resources… REST APIs for Create, Read, Update, Delete, and Query (“CRUDQ”) operations on all IDCS resources”).

With respect to claim 30, Cole teaches: The method of claim 21, wherein 
the API command includes a set of parameters to update an earlier deployed set of rules (see e.g. paragraph 23: “identity cloud service supports administrators in… creating/updating/disabling/enabling/deleting users, assigning/un-assigning users into/from groups, creating/updating/deleting groups… managing policies”; and paragraph 47: “Customers can manage application access for users by mapping IDCS users' groups to cloud applications managed in IDCS 208. Whenever the users' group membership is changed on-premise 206, their corresponding cloud application access changes automatically”), and 
deploying the plurality of resources comprises updating the earlier provided set of rules based on a set of parameters specified in the parsed API command (see e.g. paragraph 47: “Customers can manage application access for users by mapping IDCS users' groups to cloud applications managed in IDCS 208. Whenever the users' group membership is changed on-premise 206, their corresponding cloud application access changes automatically”; and paragraph 48: “an employee moving from engineering to sales can get near instantaneous access to the sales cloud and lose access to the developer cloud. When this change is reflected in on-premise AD 204, cloud application access change is accomplished in near-real-time. Similarly, access to cloud applications managed in IDCS 208 is revoked for users leaving the company”).

With respect to claims 31-40: Claims 31-40 are directed to a non-transitory machine readable medium storing a program, which when executed by at least one processing unit, performs operations corresponding to the method disclosed in claims 21-30, respectively; please see the rejections directed to claims 21-30 above which also cover the limitations recited in claims 21-30. Note that, Cole also discloses 

CONCLUSION
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure:
US 2019/0103992 A1 by Cidon et al. discloses a software defined multi-tenant datacenter to configure software routers executing on host computers to implement a logical network that spans the host computers.

Contact Information
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Umut Onat whose telephone number is (571)270-1735. The examiner can normally be reached M-Th 9:00-7:30.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Hyung (Sam) S Sough can be reached on (571) 272-6799. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/UMUT ONAT/Primary Examiner, Art Unit 2194