公开(公告)号：US20180287916A1

公开(公告)日：2018-10-04

申请号：US15994631

申请日：2018-05-31

Applicant: Amazon Technologies, Inc.

Inventor： Andrey Mizik ,  Lee-Ming Zen ,  Pavlo Kaplin ,  Yu Gu ,  Minli Lai

IPC: H04L12/26 ,  H04L12/46 ,  H04L29/08

CPC classification number: H04L43/0817 ,  H04L12/4641 ,  H04L43/10 ,  H04L67/10

Abstract: Systems and methods are described to enable health checking of computing devices within a virtual private cloud (VPC) networking environment, without requiring that the devices be accessible via a public network address. An endpoint is placed within the VPC, which enables interaction with an external health checking system via a substrate network. The endpoint handles communications between the heath checking system and the VPC, and can modify data originating from the health checking system such that it appears to originate from the endpoint. From the viewpoint of the VPC, the endpoint itself may appear to be conducting health checking. Thus, external health checking can be used on a VPC without compromising the security of the VPC by requiring that a portion of the VPC be externally addressable.

公开(公告)号：US09992086B1

公开(公告)日：2018-06-05

申请号：US15245089

申请日：2016-08-23

Applicant: Amazon Technologies, Inc.

Inventor： Andrey Mizik ,  Lee-Ming Zen ,  Pavlo Kaplin ,  Yu Gu ,  Minli Lai

IPC: G06F15/173 ,  H04L12/26 ,  H04L12/46 ,  H04L29/08

CPC classification number: H04L43/0817 ,  H04L43/10 ,  H04L67/10

Abstract: Systems and methods are described to enable health checking of computing devices within a virtual private cloud (VPC) networking environment, without requiring that the devices be accessible via a public network address. An endpoint is placed within the VPC, which enables interaction with an external health checking system via a substrate network. The endpoint handles communications between the heath checking system and the VPC, and can modify data originating from the health checking system such that it appears to originate from the endpoint. Thus, from the viewpoint of the VPC, the endpoint itself may appear to be conducting health checking. Thus, external health checking can be used on a VPC without compromising the security of the VPC by requiring that a portion of the VPC be externally addressable.

公开(公告)号：US10033691B1

公开(公告)日：2018-07-24

申请号：US15245847

申请日：2016-08-24

Applicant: Amazon Technologies, Inc.

Inventor： Andrey Mizik ,  Lee-Ming Zen ,  Gavin Derek McCullagh ,  Yohanes Santoso ,  Vadim Meleshuk ,  Yu Gu ,  Minli Lai ,  Ivan Mistrianu ,  Rebecca Claire Weiss ,  Yi Cheng Chen ,  Ronald Andrew Hoskinson

IPC: G06F15/16 ,  H04L29/12 ,  H04L29/08 ,  H04L12/931

CPC classification number: H04L61/1511 ,  G06F9/445 ,  G06F9/45558 ,  G06F2009/45595 ,  H04L12/4641 ,  H04L49/354 ,  H04L67/10

Abstract: Systems and methods are described to enable adaptive handling of domain resolution requests originating from a virtual private cloud (VPC) networking environment. An administrator of the VPC can provide a set of rules specific to the VPC that designates how requests for a domain name should be handled. The rules may specify, for example, that a request for a given domain name should be routed to a particular domain name server, which may include a private domain name server, should be dropped, or should be routed according to a default behavior (e.g., a public domain name system). Resolution requests originating in the VPC can be associated with a VPC identifier. When an adaptive resolution system receives the request, it can retrieve rules associated with the VPC identifier, and apply the rules to determine further routing for the request.

公开(公告)号：US09967232B1

公开(公告)日：2018-05-08

申请号：US14617608

申请日：2015-02-09

Applicant: Amazon Technologies, Inc.

Inventor： Sergey Royt ,  Lee-Ming Zen ,  Kalyanaraman Prasad ,  Valeri Liborski ,  Nicholas Trebon ,  Sean Henry Lewis Meckley

IPC: H04L29/12

CPC classification number: H04L29/12 ,  H04L61/1511 ,  H04L61/2514

Abstract: A service is described that makes it easy and cost-effective to configure network traffic flowing to multiple endpoints. Enterprises and developers can easily manage the way that end-users are routed to applications running in different geographic regions. Customers can route traffic based on multiple criteria in a customer policy. Customers can manage large-scale, multi-region applications, increase application availability, and minimize latency to end-users. The service can consider the state of end-users, such as their geography, their network, and their latency to different geographic regions. The service can also consider the state of the customer's applications, such as the load on the application, the application's health, the cost of using that application (e.g., resource costs), resource states (e.g., disk throughput), resource location, customer-provided endpoint cost parameters, etc.

公开(公告)号：US10516590B2

公开(公告)日：2019-12-24

申请号：US15994631

申请日：2018-05-31

Applicant: Amazon Technologies, Inc.

Inventor： Andrey Mizik ,  Lee-Ming Zen ,  Pavlo Kaplin ,  Yu Gu ,  Minli Lai

IPC: G06F15/173 ,  H04L12/26 ,  H04L12/46 ,  H04L29/08

Abstract: Systems and methods are described to enable health checking of computing devices within a virtual private cloud (VPC) networking environment, without requiring that the devices be accessible via a public network address. An endpoint is placed within the VPC, which enables interaction with an external health checking system via a substrate network. The endpoint handles communications between the heath checking system and the VPC, and can modify data originating from the health checking system such that it appears to originate from the endpoint. From the viewpoint of the VPC, the endpoint itself may appear to be conducting health checking. Thus, external health checking can be used on a VPC without compromising the security of the VPC by requiring that a portion of the VPC be externally addressable.

公开(公告)号：US10469442B2

公开(公告)日：2019-11-05

申请号：US16042584

申请日：2018-07-23

Applicant: Amazon Technologies, Inc.

Inventor： Andrey Mizik ,  Lee-Ming Zen ,  Gavin Derek McCullagh ,  Yohanes Santoso ,  Vadim Meleshuk ,  Yu Gu ,  Minli Lai ,  Ivan Mistrianu ,  Rebecca Claire Weiss ,  Yi Cheng Chen ,  Ronald Andrew Hoskinson

IPC: G06F15/16 ,  H04L29/12 ,  H04L12/931 ,  H04L29/08 ,  G06F9/445 ,  H04L12/46 ,  G06F9/455

Abstract: Systems and methods are described to enable adaptive handling of domain resolution requests originating from a virtual private cloud (VPC) networking environment. An administrator of the VPC can provide a set of rules specific to the VPC that designates how requests for a domain name should be handled. The rules may specify, for example, that a request for a given domain name should be routed to a particular domain name server, which may include a private domain name server, should be dropped, or should be routed according to a default behavior (e.g., a public domain name system). Resolution requests originating in the VPC can be associated with a VPC identifier. When an adaptive resolution system receives the request, it can retrieve rules associated with the VPC identifier, and apply the rules to determine further routing for the request.

公开(公告)号：US20180351904A1

公开(公告)日：2018-12-06

申请号：US16042584

申请日：2018-07-23

Applicant: Amazon Technologies, Inc.

Inventor： Andrey Mizik ,  Lee-Ming Zen ,  Gavin Derek McCullagh ,  Yohanes Santoso ,  Vadim Meleshuk ,  Yu Gu ,  Minli Lai ,  Ivan Mistrianu ,  Rebecca Claire Weiss ,  Yi Cheng Chen ,  Ronald Andrew Hoskinson

IPC: H04L29/12 ,  H04L12/931 ,  H04L29/08

CPC classification number: H04L61/1511 ,  G06F9/445 ,  G06F9/45558 ,  G06F2009/45595 ,  H04L12/4641 ,  H04L49/354 ,  H04L67/10

Abstract: Systems and methods are described to enable adaptive handling of domain resolution requests originating from a virtual private cloud (VPC) networking environment. An administrator of the VPC can provide a set of rules specific to the VPC that designates how requests for a domain name should be handled. The rules may specify, for example, that a request for a given domain name should be routed to a particular domain name server, which may include a private domain name server, should be dropped, or should be routed according to a default behavior (e.g., a public domain name system). Resolution requests originating in the VPC can be associated with a VPC identifier. When an adaptive resolution system receives the request, it can retrieve rules associated with the VPC identifier, and apply the rules to determine further routing for the request.