公开(公告)号：US10812384B2

公开(公告)日：2020-10-20

申请号：US16025822

申请日：2018-07-02

Applicant: Amazon Technologies, Inc.

Inventor： Kyle Tailor Akers ,  Chao Yuan ,  Kevin Christopher Miller ,  Andrew Bruce Dickinson ,  Michael Siaosi Voegele ,  Daniel Lee McCarriar ,  Yohanes Santoso ,  David Brian Lennon

IPC: G06F15/173 ,  H04L12/741 ,  H04L29/12

Abstract: Techniques are described for managing customer-specified routing policies for network-accessible computing resources. In some situations, the customer-specified routing policies may be based at least in part on DNS (“Domain Name System”) information specified by a customer, such as if the customer specifies one or more target destinations to use with an indicated DNS domain name that are different from the destination IP address(es) provided for that DNS domain name by DNS servers—if so, the managing of such a DNS-based routing policy for that customer may include identifying when network-accessible computing resources provided to the customer send electronic communications to that DNS domain name, and causing those electronic communications to be redirected to the customer-specified target destination(s). Such customer-specified target destinations may include, in different situations, final destinations, intermediate destinations, etc., as well as identify particular routes.

公开(公告)号：US10397344B2

公开(公告)日：2019-08-27

申请号：US16029468

申请日：2018-07-06

Applicant: Amazon Technologies, Inc.

Inventor： Kyle Tailor Akers ,  Michael Siaosi Voegele ,  Kevin Christopher Miller ,  Chao Yuan ,  David Brian Lennon ,  Patrick Stephenson

IPC: G06F13/00 ,  H04L29/08 ,  H04L29/06 ,  H04L12/46

Abstract: A service implemented at a first isolated virtual network of a provider network is added to a database of privately-accessible services. Configuration changes that enable network packets to flow between the first isolated virtual network and a second isolated virtual network without utilizing a network address accessible from the public Internet are implemented. Service requests originating at the second isolated virtual network are transmitted to the first isolated virtual network via private pathways of the provider network. Metrics corresponding to service requests directed from the second isolated network to the service are collected and provided to the respective owners of one or both isolated virtual networks.

公开(公告)号：US09723072B2

公开(公告)日：2017-08-01

申请号：US14822757

申请日：2015-08-10

Applicant: Amazon Technologies, Inc.

Inventor： Kevin Christopher Miller ,  Krishna P. Balasubramanian ,  Andrew Jeffrey Doane ,  Jeremy T. Hall ,  David Brian Lennon

IPC: G06F15/16 ,  H04L29/08 ,  H04L29/06 ,  H04L12/701 ,  H04L12/24 ,  H04L12/14

CPC classification number: H04L67/1091 ,  H04L12/14 ,  H04L29/06 ,  H04L29/06027 ,  H04L29/08072 ,  H04L29/08144 ,  H04L41/0816 ,  H04L41/5006 ,  H04L41/5025 ,  H04L41/5054 ,  H04L45/00 ,  H04L63/0272

Abstract: Methods and apparatus for interfaces to manage last-mile connectivity and dynamic reconfiguration for direct network peerings. A system may include a data center, endpoint routers and a connectivity coordinator. The coordinator implements an interface defining connectivity operations. The coordinator receives a request for dedicated connectivity to data center resources, formatted according to the interface. The coordinator determines a connectivity provider to provide last-mile connectivity to the requester, and transmits a notification identifying the selected connectivity provider.

公开(公告)号：US20230388390A1

公开(公告)日：2023-11-30

申请号：US18305265

申请日：2023-04-21

Applicant: Amazon Technologies, Inc.

Inventor： Kyle Tailor Akers ,  Michael Siaosi Voegele ,  Kevin Christopher Miller ,  Chao Yuan ,  David Brian Lennon ,  Patrick Stephenson

IPC: H04L67/51 ,  H04L9/40 ,  H04L67/10

CPC classification number: H04L67/51 ,  H04L63/0272 ,  H04L67/10 ,  H04L12/4641

Abstract: A service implemented at a first isolated virtual network of a provider network is added to a database of privately-accessible services. Configuration changes that enable network packets to flow between the first isolated virtual network and a second isolated virtual network without utilizing a network address accessible from the public Internet are implemented. Service requests originating at the second isolated virtual network are transmitted to the first isolated virtual network via private pathways of the provider network. Metrics corresponding to service requests directed from the second isolated network to the service are collected and provided to the respective owners of one or both isolated virtual networks.

公开(公告)号：US10826723B1

公开(公告)日：2020-11-03

申请号：US15903246

申请日：2018-02-23

Applicant: Amazon Technologies, Inc.

Inventor： Benjamin David Strauss ,  David Brian Lennon

IPC: H04L12/46 ,  H04L12/713 ,  G06F9/455

Abstract: Techniques for virtual network address space auto-migration are described. An existing network address space of a virtual network can be automatically migrated to a new network address space. The new network address space can be added to the virtual network, new subnets can be added to the new network address space that mirror existing subnets, and new compute instances can be added to the new subnets that mirror existing compute instances. Subsequent to the auto-migration, the virtual network can be connected with another network that has an address space that conflicted with the previous network address space of the virtual network but not the new network address space.

公开(公告)号：US20190356587A1

公开(公告)日：2019-11-21

申请号：US16530881

申请日：2019-08-02

Applicant: Amazon Technologies, Inc.

Inventor： Kevin Christopher Miller ,  Andrew Bruce Dickinson ,  Eric Wayne Schultze ,  Ian Roger Searle ,  Shane Ashley Hall ,  Deepak Mohan ,  David Brian Lennon

IPC: H04L12/713 ,  H04L29/06 ,  H04L12/741

Abstract: Methods and apparatus that allow clients to connect resource instances to virtual networks in provider network environments via private IP. Via private IP linking methods and apparatus, a client of a provider network can establish private IP communications between the client's resource instances on the provider network and the client's resource instances provisioned in the client's virtual network via links from the private IP address space of the virtual network to the private IP address space of the provider network. The provider network client resource instances remain part of the client's provider network implementation and may thus also communicate with other resource instances on the provider network and/or with entities on external networks via public IP while communicating with the virtual network resource instances via private IP.

公开(公告)号：US10021196B1

公开(公告)日：2018-07-10

申请号：US14746519

申请日：2015-06-22

Applicant: Amazon Technologies, Inc.

Inventor： Kyle Tailor Akers ,  Michael Siaosi Voegele ,  Kevin Christopher Miller ,  Chao Yuan ,  David Brian Lennon ,  Patrick Stephenson

IPC: G06F13/00 ,  H04L29/08 ,  H04L12/46 ,  H04L29/06

CPC classification number: H04L67/16 ,  H04L12/4641 ,  H04L63/0272

Abstract: A service implemented at a first isolated virtual network of a provider network is added to a database of privately-accessible services. Configuration changes that enable network packets to flow between the first isolated virtual network and a second isolated virtual network without utilizing a network address accessible from the public Internet are implemented. Service requests originating at the second isolated virtual network are transmitted to the first isolated virtual network via private pathways of the provider network. Metrics corresponding to service requests directed from the second isolated network to the service are collected and provided to the respective owners of one or both isolated virtual networks.

公开(公告)号：US12047462B2

公开(公告)日：2024-07-23

申请号：US18305265

申请日：2023-04-21

Applicant: Amazon Technologies, Inc.

Inventor： Kyle Tailor Akers ,  Michael Siaosi Voegele ,  Kevin Christopher Miller ,  Chao Yuan ,  David Brian Lennon ,  Patrick Stephenson

IPC: G06F13/00 ,  H04L9/40 ,  H04L67/10 ,  H04L67/51 ,  H04L12/46

CPC classification number: H04L67/51 ,  H04L63/0272 ,  H04L67/10 ,  H04L12/4641

Abstract: A service implemented at a first isolated virtual network of a provider network is added to a database of privately-accessible services. Configuration changes that enable network packets to flow between the first isolated virtual network and a second isolated virtual network without utilizing a network address accessible from the public Internet are implemented. Service requests originating at the second isolated virtual network are transmitted to the first isolated virtual network via private pathways of the provider network. Metrics corresponding to service requests directed from the second isolated network to the service are collected and provided to the respective owners of one or both isolated virtual networks.

公开(公告)号：US11012521B1

公开(公告)日：2021-05-18

申请号：US16144980

申请日：2018-09-27

Applicant: Amazon Technologies, Inc.

Inventor： Daniel Robert Fuller ,  David Brian Lennon ,  Michael Tyler Borgerding ,  Piyush Mathur ,  Siddartha Saddala

IPC: H04L29/08 ,  H04L12/24 ,  H04L12/26

Abstract: Techniques for defining and enforcing a set of rules that regulate network activity on a virtual network within a provider are described. An activity rule that regulates network activity on a virtual network within a provider network is received, the virtual network shared by a first customer of the provider network to allow other customers of the provider network to connect resource instances to the virtual network. Network activity data is received from a monitoring agent within the provider network, the network activity data relating to an activity of a first resource instance of a first other customer on the virtual network. The activity of the first resource instance is determined to violate the activity rule. The first resource instance is isolated from at least a portion of the virtual network.

公开(公告)号：US10693715B1

公开(公告)日：2020-06-23

申请号：US15794584

申请日：2017-10-26

Applicant: Amazon Technologies, Inc.

Inventor： Benjamin David Strauss ,  David Brian Lennon

IPC: G06F15/177 ,  H04L12/24 ,  H04L12/46 ,  H04L29/12

Abstract: Techniques for dynamic allocation of network address spaces in virtual networks implemented in a service provider system are described. Upon a scaling condition of an allocation rule being determined to be satisfied, a network address space of a virtual network can be automatically expanded or contracted. The scaling condition can be specified by a customer associated with the virtual network. The allocation rule may also include a allocation factor that indicates an amount of network addresses that are to be added to or removed from the virtual network.