公开(公告)号：US11252126B1

公开(公告)日：2022-02-15

申请号：US16367798

申请日：2019-03-28

Applicant: Amazon Technologies, Inc.

Inventor： Kiran Thunga ,  Bing Xia ,  Yohanes Santoso ,  Matthew Engskow ,  Quan Jia

IPC: H04L29/12 ,  H04L12/66 ,  H04L12/46 ,  H04L12/715 ,  H04L61/106 ,  H04L61/4511 ,  H04L45/00

Abstract: Systems and methods are provided for domain name system (DNS) resolutions in a network environment that includes multiple virtual private clouds (VPCs) attached indirectly to each other via a transit gateway that serves as a hub in a hub and spoke model. An administrator of a VPC may specify rules for resolving DNS resolution requests at the given VPC, and the rules may be taken into account by DNS resolvers at other VPCs attached to the same transit gateway based on information propagated by the transit gateway.

公开(公告)号：US11489814B1

公开(公告)日：2022-11-01

申请号：US17198162

申请日：2021-03-10

Applicant: Amazon Technologies, Inc.

Inventor： Matthew Engskow ,  Kiran Thunga ,  Vikram Saurabh ,  Yu Wang ,  Huida Tao ,  Rishi Goel ,  Kevis Tsao ,  Abhay Raina ,  Alexander Thomas Herrick ,  Jeffrey J Damick ,  Hemakshi Sharma

IPC: G06F15/16 ,  H04L9/40 ,  H04L41/22 ,  H04L61/4511

Abstract: Methods, systems, and computer-readable media for customized domain name resolution for virtual private clouds are disclosed. A domain name system (DNS) resolution service receives a DNS request from a computing resource associated with a virtual private cloud (VPC) in a cloud provider network. The service determines that the VPC is associated with one or more firewall rules. Responsive to determining that the VPC is associated with the firewall rule(s), the service determines whether the DNS request is allowed or blocked according to the one or more firewall rules. If the DNS request is allowed, the service resolves the DNS request using a DNS server and returns a response to the computing resource. If the DNS request is blocked, the service does not resolve the DNS request.

公开(公告)号：US12095734B1

公开(公告)日：2024-09-17

申请号：US17489168

申请日：2021-09-29

Applicant: Amazon Technologies, Inc.

Inventor： Matthew Engskow ,  Vikram Saurabh ,  Yu Wang ,  Huida Tao ,  Daniel Bradley ,  Bing Xia ,  Mekias Mebrahtu Yohannes ,  Abhinav Punj ,  Jeffrey J. Damick

IPC: G06F21/00 ,  H04L9/40 ,  H04L61/4511

CPC classification number: H04L63/0263 ,  H04L61/4511 ,  H04L63/0272

Abstract: A container may be created, and a plurality of domain name system (DNS) configuration objects may be added to the container. The plurality of DNS configuration objects may comprise at least one of private DNS zones, outbound forwarding rules, DNS query log configurations, and firewall rule groups. The container may be associated with a plurality of private logical networks. The container may also be across a plurality of customer accounts. Based on the plurality of DNS configuration objects, a plurality of DNS operations associated with the plurality of private logical networks may be performed. The plurality of DNS operations may comprise at least one of DNS query resolution, DNS query outbound forwarding, configuring a query log, or configuring a firewall.