Providing local secure network access to remote services
First Claim
1. A computer-implemented method for providing private computer networks with local network access to remote network services, the method comprising:
- creating, by a configurable network service running on one or more computer systems, a local private network extension of a remote private computer network, the local private network extension including a first group of multiple computing systems and the remote private computer network including a second group of multiple other computing systems;
receiving, by the configurable network service, configuration information via a provided programmatic interface for configuring the local private network extension, the received configuration information including multiple user-specified private network addresses of the remote private computer network and including information about an indicated remote resource service that is external to the remote private computer network and external to the local private network extension, the received configuration information further including network access constraint information to prevent access from the local private network extension to external computing systems that are not part of the first and second groups of computing systems and not associated with the remote resource service;
associating, by the configurable network service, each of the multiple computing systems of the first group with one of the user-specified private network addresses;
creating a local access mechanism within the local private network extension that represents the remote resource service and that enables interactions with the remote resource service by the multiple computing systems of the local private network extension, the creating of the local access mechanism including assigning, by the configurable network service, one of the user-specified private network addresses to represent the remote resource service within the local private network extension;
configuring, by the configurable network service, the local private network extension to prevent communications from being sent from the multiple computing systems of the first group to network addresses that are not part of the user-specified private network addresses; and
forwarding to the remote resource service, by the configurable network service, communications sent to the one network address assigned to represent the remote resource service, the forwarding occurring via one or more public networks external to the remote private computer network.
1 Assignment
0 Petitions
Accused Products
Abstract
Techniques are described for providing users with access to computer networks, such as to enable users to create computer networks that are provided by a remote configurable network service for use by the users. Such provided computer networks may be configured to be private computer networks accessible only by the users who create them, and may each be created and configured by a client of the configurable network service to be an extension to an existing computer network of the client, such as a private computer network extension to an existing private computer network of the client. In addition, access to remote resource services may be configured and provided from such computer networks in various manners, such as to include a local access mechanism as part of a provided computer network that is configured to forward communications sent to the access mechanism to a particular remote resource service.
-
Citations
21 Claims
-
1. A computer-implemented method for providing private computer networks with local network access to remote network services, the method comprising:
-
creating, by a configurable network service running on one or more computer systems, a local private network extension of a remote private computer network, the local private network extension including a first group of multiple computing systems and the remote private computer network including a second group of multiple other computing systems; receiving, by the configurable network service, configuration information via a provided programmatic interface for configuring the local private network extension, the received configuration information including multiple user-specified private network addresses of the remote private computer network and including information about an indicated remote resource service that is external to the remote private computer network and external to the local private network extension, the received configuration information further including network access constraint information to prevent access from the local private network extension to external computing systems that are not part of the first and second groups of computing systems and not associated with the remote resource service; associating, by the configurable network service, each of the multiple computing systems of the first group with one of the user-specified private network addresses; creating a local access mechanism within the local private network extension that represents the remote resource service and that enables interactions with the remote resource service by the multiple computing systems of the local private network extension, the creating of the local access mechanism including assigning, by the configurable network service, one of the user-specified private network addresses to represent the remote resource service within the local private network extension; configuring, by the configurable network service, the local private network extension to prevent communications from being sent from the multiple computing systems of the first group to network addresses that are not part of the user-specified private network addresses; and forwarding to the remote resource service, by the configurable network service, communications sent to the one network address assigned to represent the remote resource service, the forwarding occurring via one or more public networks external to the remote private computer network. - View Dependent Claims (2, 3)
-
-
4. A computer-implemented method for providing local network access to remote network services, the method comprising:
-
receiving, by one or more computing systems of a configurable network service, one or more requests to initiate creation of a first private computer network that includes multiple computing nodes; receiving, by the one or more computing systems, configuration information for the first private computer network, the configuration information including multiple specified network addresses for use with the first private computer network and including an indication of a resource service that provides computing-related resources and that is external to the first private computer network; associating, by the one or more computing systems, each of the multiple computing nodes with one of the specified network addresses; configuring, by the one or more computing systems, the first private computer network to enable local access from within the first private computer network to the indicated resource service, the configuring including assigning an indicated first one of the specified network addresses that is not associated with one of the multiple computing nodes to represent the indicated resource service within the first private computer network; configuring, by the one or more computing systems, the first private computer network to block communications from the multiple computing nodes to network addresses that are not part of the specified network addresses in accordance with specified network access constraint information; and forwarding to the indicated resource service, by the one or more computing systems, one or more communications sent to the first network address by using one or more networks that are external to the first private computer network. - View Dependent Claims (5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
-
Specification