公开(公告)号：US09992086B1

公开(公告)日：2018-06-05

申请号：US15245089

申请日：2016-08-23

Applicant: Amazon Technologies, Inc.

Inventor： Andrey Mizik ,  Lee-Ming Zen ,  Pavlo Kaplin ,  Yu Gu ,  Minli Lai

IPC: G06F15/173 ,  H04L12/26 ,  H04L12/46 ,  H04L29/08

CPC classification number: H04L43/0817 ,  H04L43/10 ,  H04L67/10

Abstract: Systems and methods are described to enable health checking of computing devices within a virtual private cloud (VPC) networking environment, without requiring that the devices be accessible via a public network address. An endpoint is placed within the VPC, which enables interaction with an external health checking system via a substrate network. The endpoint handles communications between the heath checking system and the VPC, and can modify data originating from the health checking system such that it appears to originate from the endpoint. Thus, from the viewpoint of the VPC, the endpoint itself may appear to be conducting health checking. Thus, external health checking can be used on a VPC without compromising the security of the VPC by requiring that a portion of the VPC be externally addressable.

公开(公告)号：US20180287916A1

公开(公告)日：2018-10-04

申请号：US15994631

申请日：2018-05-31

Applicant: Amazon Technologies, Inc.

Inventor： Andrey Mizik ,  Lee-Ming Zen ,  Pavlo Kaplin ,  Yu Gu ,  Minli Lai

IPC: H04L12/26 ,  H04L12/46 ,  H04L29/08

CPC classification number: H04L43/0817 ,  H04L12/4641 ,  H04L43/10 ,  H04L67/10

Abstract: Systems and methods are described to enable health checking of computing devices within a virtual private cloud (VPC) networking environment, without requiring that the devices be accessible via a public network address. An endpoint is placed within the VPC, which enables interaction with an external health checking system via a substrate network. The endpoint handles communications between the heath checking system and the VPC, and can modify data originating from the health checking system such that it appears to originate from the endpoint. From the viewpoint of the VPC, the endpoint itself may appear to be conducting health checking. Thus, external health checking can be used on a VPC without compromising the security of the VPC by requiring that a portion of the VPC be externally addressable.

公开(公告)号：US10516590B2

公开(公告)日：2019-12-24

申请号：US15994631

申请日：2018-05-31

Applicant: Amazon Technologies, Inc.

Inventor： Andrey Mizik ,  Lee-Ming Zen ,  Pavlo Kaplin ,  Yu Gu ,  Minli Lai

IPC: G06F15/173 ,  H04L12/26 ,  H04L12/46 ,  H04L29/08

Abstract: Systems and methods are described to enable health checking of computing devices within a virtual private cloud (VPC) networking environment, without requiring that the devices be accessible via a public network address. An endpoint is placed within the VPC, which enables interaction with an external health checking system via a substrate network. The endpoint handles communications between the heath checking system and the VPC, and can modify data originating from the health checking system such that it appears to originate from the endpoint. From the viewpoint of the VPC, the endpoint itself may appear to be conducting health checking. Thus, external health checking can be used on a VPC without compromising the security of the VPC by requiring that a portion of the VPC be externally addressable.

公开(公告)号：US10469442B2

公开(公告)日：2019-11-05

申请号：US16042584

申请日：2018-07-23

Applicant: Amazon Technologies, Inc.

Inventor： Andrey Mizik ,  Lee-Ming Zen ,  Gavin Derek McCullagh ,  Yohanes Santoso ,  Vadim Meleshuk ,  Yu Gu ,  Minli Lai ,  Ivan Mistrianu ,  Rebecca Claire Weiss ,  Yi Cheng Chen ,  Ronald Andrew Hoskinson

IPC: G06F15/16 ,  H04L29/12 ,  H04L12/931 ,  H04L29/08 ,  G06F9/445 ,  H04L12/46 ,  G06F9/455

Abstract: Systems and methods are described to enable adaptive handling of domain resolution requests originating from a virtual private cloud (VPC) networking environment. An administrator of the VPC can provide a set of rules specific to the VPC that designates how requests for a domain name should be handled. The rules may specify, for example, that a request for a given domain name should be routed to a particular domain name server, which may include a private domain name server, should be dropped, or should be routed according to a default behavior (e.g., a public domain name system). Resolution requests originating in the VPC can be associated with a VPC identifier. When an adaptive resolution system receives the request, it can retrieve rules associated with the VPC identifier, and apply the rules to determine further routing for the request.

公开(公告)号：US20180351904A1

公开(公告)日：2018-12-06

申请号：US16042584

申请日：2018-07-23

Applicant: Amazon Technologies, Inc.

Inventor： Andrey Mizik ,  Lee-Ming Zen ,  Gavin Derek McCullagh ,  Yohanes Santoso ,  Vadim Meleshuk ,  Yu Gu ,  Minli Lai ,  Ivan Mistrianu ,  Rebecca Claire Weiss ,  Yi Cheng Chen ,  Ronald Andrew Hoskinson

IPC: H04L29/12 ,  H04L12/931 ,  H04L29/08

CPC classification number: H04L61/1511 ,  G06F9/445 ,  G06F9/45558 ,  G06F2009/45595 ,  H04L12/4641 ,  H04L49/354 ,  H04L67/10

Abstract: Systems and methods are described to enable adaptive handling of domain resolution requests originating from a virtual private cloud (VPC) networking environment. An administrator of the VPC can provide a set of rules specific to the VPC that designates how requests for a domain name should be handled. The rules may specify, for example, that a request for a given domain name should be routed to a particular domain name server, which may include a private domain name server, should be dropped, or should be routed according to a default behavior (e.g., a public domain name system). Resolution requests originating in the VPC can be associated with a VPC identifier. When an adaptive resolution system receives the request, it can retrieve rules associated with the VPC identifier, and apply the rules to determine further routing for the request.

公开(公告)号：US10243919B1

公开(公告)日：2019-03-26

申请号：US15279196

申请日：2016-09-28

Applicant: Amazon Technologies, Inc.

Inventor： Sairam Suresh ,  Alireza Farhangi ,  Sean Henry Lewis Meckley ,  Christopher B. Barclay ,  Yu Gu ,  Deepak Singh ,  Sharon Shapira ,  Pierre Rognant

IPC: G06F9/455 ,  H04L29/06 ,  H04L29/12 ,  H04L29/08 ,  H04L12/26

Abstract: Systems and methods are described to enable automation of service discovery records, such as domain name system (DNS) records, based on rules. An administrator of a hosted server, such as a virtual machine instance, may submit a rule to a rule-based DNS resolution system for generating DNS records to assist in discover of the hosted server. The rule may include criteria specifying servers to which the rule applies, as well as criteria for generating a domain name to associate with the server within a DNS record. The rule-based DNS resolution system can integrate with a hosting system providing the hosted server to obtain configuration information of the hosted server and generate DNS records in accordance with the rule. Rules may also be utilized to automate other aspects of the rule-based DNS resolution system, such as health checking and load balancing.

公开(公告)号：US10033691B1

公开(公告)日：2018-07-24

申请号：US15245847

申请日：2016-08-24

Applicant: Amazon Technologies, Inc.

Inventor： Andrey Mizik ,  Lee-Ming Zen ,  Gavin Derek McCullagh ,  Yohanes Santoso ,  Vadim Meleshuk ,  Yu Gu ,  Minli Lai ,  Ivan Mistrianu ,  Rebecca Claire Weiss ,  Yi Cheng Chen ,  Ronald Andrew Hoskinson

IPC: G06F15/16 ,  H04L29/12 ,  H04L29/08 ,  H04L12/931

CPC classification number: H04L61/1511 ,  G06F9/445 ,  G06F9/45558 ,  G06F2009/45595 ,  H04L12/4641 ,  H04L49/354 ,  H04L67/10

Abstract: Systems and methods are described to enable adaptive handling of domain resolution requests originating from a virtual private cloud (VPC) networking environment. An administrator of the VPC can provide a set of rules specific to the VPC that designates how requests for a domain name should be handled. The rules may specify, for example, that a request for a given domain name should be routed to a particular domain name server, which may include a private domain name server, should be dropped, or should be routed according to a default behavior (e.g., a public domain name system). Resolution requests originating in the VPC can be associated with a VPC identifier. When an adaptive resolution system receives the request, it can retrieve rules associated with the VPC identifier, and apply the rules to determine further routing for the request.