Providing private access to network-accessible services
First Claim
1. A computer-implemented method comprising:
- providing, by one or more computing systems of a configurable network service, a virtual computer network having multiple computing nodes for use by a customer of the configurable network service, the providing including assigning one of a plurality of virtual network addresses for the virtual computer network to represent a Lightweight Directory Access Protocol (“
LDAP”
) service that is made available by the configurable network service externally to the virtual computer network; and
initiating, by the one or more computing systems and for a communication that is sent by one of the multiple computing nodes to the assigned virtual network address for the LDAP service, providing functionality of the LDAP service to the virtual computer network by encoding the communication in a manner specific to a substrate network on which the virtual computer network is overlaid, and by forwarding the encoded communication over the substrate network to at least one LDAP computer server of the LDAP service that is external to the virtual computer network.
0 Assignments
0 Petitions
Accused Products
Abstract
Techniques are described for managing communications for a managed virtual computer network overlaid on a distinct substrate computer network. The techniques may be used in situations in which a configurable network service provides managed virtual computer networks for clients and also provides one or more network-accessible services that are available to the managed virtual computer networks, with particular managed virtual computer networks being configured to provide local private access to at least one of the provided network-accessible services, despite those provided network-accessible services being located externally to the particular managed virtual computer networks. In some situations, a Lightweight Directory Access Protocol (“LDAP”) network-accessible service is provided, and a logical endpoint for the LDAP service is created within a managed virtual computer network to enable the multiple computing nodes of the managed virtual computer network to communicate with one or more LDAP computer servers from the LDAP service.
25 Citations
20 Claims
-
1. A computer-implemented method comprising:
-
providing, by one or more computing systems of a configurable network service, a virtual computer network having multiple computing nodes for use by a customer of the configurable network service, the providing including assigning one of a plurality of virtual network addresses for the virtual computer network to represent a Lightweight Directory Access Protocol (“
LDAP”
) service that is made available by the configurable network service externally to the virtual computer network; andinitiating, by the one or more computing systems and for a communication that is sent by one of the multiple computing nodes to the assigned virtual network address for the LDAP service, providing functionality of the LDAP service to the virtual computer network by encoding the communication in a manner specific to a substrate network on which the virtual computer network is overlaid, and by forwarding the encoded communication over the substrate network to at least one LDAP computer server of the LDAP service that is external to the virtual computer network. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A non-transitory computer-readable medium having stored contents that cause a computing system of a configurable network service to:
-
provide, by the computing system, a virtual computer network having multiple computing nodes for use by a client, the providing including assigning one of a plurality of virtual network addresses for the virtual computer network to represent a network-accessible service provided by the configurable network service external to the virtual computer network, to enable use by the multiple computing nodes of the network-accessible service; and initiate, by the computing system and for a communication directed to the assigned virtual network address for the network-accessible service, providing functionality of the network-accessible service to the virtual computer network by encoding the communication in a manner specific to a substrate network, and by forwarding the encoded communication over the substrate network to at least one computer server of the network-accessible service that is not part of the virtual computer network. - View Dependent Claims (15, 16, 17)
-
-
18. A system, comprising:
-
one or more hardware processors of one or more computing systems; and one or more memories with stored instructions that, when executed by at least one of the one or more hardware processors, cause the at least one hardware processor to provide for a client a virtual computer network that is overlaid on a distinct substrate network and that has a plurality of virtual network addresses for use with multiple computing nodes of the virtual computer network, the providing of the virtual computer network including; assigning one of the plurality of virtual network addresses to represent one or more Lightweight Directory Access Protocol (“
LDAP”
) computer servers that are available externally to the virtual computer network, to enable functionality of the one or more LDAP computer servers to be accessible within the virtual computer network to the multiple computing nodes;encoding, in a manner specific to the substrate network, a first network communication directed to a destination that is one of the multiple computing nodes and is specified using one of the plurality of virtual network addresses other than the assigned virtual network address, and sending the encoded first network communication to the substrate network for forwarding to the destination one computing node; and encoding, in a manner specific to the substrate network, a second network communication directed to the assigned virtual network address by one of the multiple computing nodes, and sending the encoded second network communication to the substrate network for forwarding to the one or more LDAP computer servers. - View Dependent Claims (19, 20)
-
Specification