Domain name service information propagation
First Claim
1. A computer-implemented method for assigning a domain name to a computing resource, comprising:
- under the control of one or more computer systems configured with executable instructions,receiving, from a customer of a computing resource service provider, a request to assign a first alias for a first computing resource, the first alias usable to determine a first domain name for the first computing resource;
obtaining a first domain name service record, wherein the first domain name service record specifies one or more entities authorized to utilize the first alias and the first domain name service record is encrypted;
obtaining, from the computing resource service provider, one or more cryptographic keys to decrypt the first domain name service record;
determining whether the customer corresponds to an entity specified in the first domain name service record;
on a condition that it is determined that the customer corresponds to an entity specified in the first domain name service record, causing a domain name service to assign the first alias to the first computing resource;
detecting that a second alias for a second computing resource has been released by the customer;
updating an entry in a second domain name service record to indicate that the second alias has been released;
determining that the second alias was previously reserved for the customer; and
updating the second domain name service record to indicate that the second alias is reserved for the customer.
1 Assignment
0 Petitions
Accused Products
Abstract
A computing resource service receives a request from a customer to assign a domain name to a computing resource. The computing resource service may submit a query to a domain name system service to determine whether the domain name has been reserved for the customer. The domain name system service may provide an encrypted alias record corresponding to the requested domain name and specifying one or more identifiers of customers for whom the domain name has been reserved. The computing resource service may decrypt the alias record and determine whether the customer corresponds to one of the one or more identifiers within the alias record. If the customer does correspond to one of the one or more identifiers within the alias record, the computing resource service may assign the domain name to the computing resource.
-
Citations
20 Claims
-
1. A computer-implemented method for assigning a domain name to a computing resource, comprising:
under the control of one or more computer systems configured with executable instructions, receiving, from a customer of a computing resource service provider, a request to assign a first alias for a first computing resource, the first alias usable to determine a first domain name for the first computing resource; obtaining a first domain name service record, wherein the first domain name service record specifies one or more entities authorized to utilize the first alias and the first domain name service record is encrypted; obtaining, from the computing resource service provider, one or more cryptographic keys to decrypt the first domain name service record; determining whether the customer corresponds to an entity specified in the first domain name service record; on a condition that it is determined that the customer corresponds to an entity specified in the first domain name service record, causing a domain name service to assign the first alias to the first computing resource; detecting that a second alias for a second computing resource has been released by the customer; updating an entry in a second domain name service record to indicate that the second alias has been released; determining that the second alias was previously reserved for the customer; and updating the second domain name service record to indicate that the second alias is reserved for the customer. - View Dependent Claims (2, 3, 4)
-
5. A system, comprising at least one computing device including one or more processors and one or more memories and that implements one or more services, wherein the one or more services:
-
store, in a domain name service, a record in association with a domain name, wherein the record specifies one or more entities authorized to cause at least one of the one or more services to perform an operation and the record is encrypted; receive, from an entity, a request to cause the at least one of the one or more services to perform the operation; utilize a cryptographic key to decrypt the record; determine, based at least in part on the record, whether the entity is authorized to cause the at least one of the one or more services to perform the operation; as a result of determining that the entity is authorized to cause the at least one of the one or more services to perform the operation, enable the entity to cause the at least one of the one or more services to perform the operation; detect that a second domain name to a second computing resource has been released; update an entry in a second record in association with the second domain name to indicate that the second domain name has been released; determine that the second domain name was previously reserved for the entity; and update the second record in association with the second domain name to indicate that the second domain name is reserved for the entity. - View Dependent Claims (6, 7, 8, 9, 10, 11, 12)
-
-
13. A non-transitory computer-readable storage medium having collectively stored thereon executable instructions that, as a result of being executed by one or more processors of a computer system, cause the computer system to at least:
-
perform, to a domain name service, a query to obtain a record specifying one or more entities authorized to cause the computer system to perform an operation in response to a request from an entity to cause the computer system to perform the operation and the record being encrypted; utilize a cryptographic key to decrypt the record; determine, based at least in part on the record, that the entity corresponds to the one or more entities specified in the record; as a result of determining that the entity is authorized to cause the computer system to perform the operation, cause the operation to be performed; detect that a domain name to a computing resource has been released; update an entry in a second record associated with the domain name to indicate that the domain name has been released; determine that the domain name was previously reserved for the entity; and update the second record to indicate that the domain name is reserved to the computing resource for the entity. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
-
Specification