公开(公告)号：US20240205051A1

公开(公告)日：2024-06-20

申请号：US18081496

申请日：2022-12-14

Applicant: Amazon Technologies, Inc.

Inventor： Piyush Mathur ,  Oleg Albegov ,  Ashish Kumar ,  Joseph Elmar Magerramov ,  Nishant Mehta

IPC: H04L12/46 ,  H04L9/40

CPC classification number: H04L12/4675 ,  H04L63/10

Abstract: Techniques for resource sharing between cloud-hosted virtual networks are described. A first network address of a first virtual network is associated with a resource connected to a second virtual network, the first and second virtual networks within a cloud provider network. A service of the cloud provider network receives a message destined for the first network address. The service translates the first network address to a second network address of the resource in the second virtual private network. The service sends the message to the resource at the second network address in the second virtual network.

公开(公告)号：US10785056B1

公开(公告)日：2020-09-22

申请号：US16194120

申请日：2018-11-16

Applicant: Amazon Technologies, Inc.

Inventor： Piyush Mathur ,  David Lennon ,  Daniel Fuller ,  Steven Betten ,  Andrew Dickinson ,  Mahmoud Abuelela ,  Michael Borgerding ,  Rebecca Weiss

IPC: H04L12/46 ,  H04L12/755 ,  H04L12/713 ,  H04L29/06 ,  G06F9/455

Abstract: A subnet of a logically isolated network within a provider network may be shared between client accounts of the provider network. A request to share a subnet of a logically isolated network created for one client account with another client account may be received. A link between an account object for the other client account and a shared subnet object for the subnet may be stored. When a request to host a resource with the subnet is received, an evaluation of the graph may indicate whether the request to place the host is permitted. If permitted, the resource for the other client host may be hosted within the subnet.

公开(公告)号：US11012521B1

公开(公告)日：2021-05-18

申请号：US16144980

申请日：2018-09-27

Applicant: Amazon Technologies, Inc.

Inventor： Daniel Robert Fuller ,  David Brian Lennon ,  Michael Tyler Borgerding ,  Piyush Mathur ,  Siddartha Saddala

IPC: H04L29/08 ,  H04L12/24 ,  H04L12/26

Abstract: Techniques for defining and enforcing a set of rules that regulate network activity on a virtual network within a provider are described. An activity rule that regulates network activity on a virtual network within a provider network is received, the virtual network shared by a first customer of the provider network to allow other customers of the provider network to connect resource instances to the virtual network. Network activity data is received from a monitoring agent within the provider network, the network activity data relating to an activity of a first resource instance of a first other customer on the virtual network. The activity of the first resource instance is determined to violate the activity rule. The first resource instance is isolated from at least a portion of the virtual network.