| 摘要 |
Techniques are described for providing users with access to computer networks, such as to enable users to create computer networks that are provided by a remote configurable network service for use by the users. Such provided computer networks may be configured to be private computer networks accessible only by the users who create them, and may each be created and configured by a client of the configurable network service to be an extension to an existing computer network of the client, such as a private computer network extension to an existing private computer network of the client. In addition, access to remote resource services may be configured and provided from such computer networks in various manners, such as to include a local access mechanism as part of a provided computer network that is configured to forward communications sent to the access mechanism to a particular remote resource service. |
| 主权项 |
1. A computer-implemented method for providing private computer networks with local network access to remote network services, the method comprising:
creating, by a configurable network service running on one or more computer systems, a local private network extension of a remote private computer network, the local private network extension including a first group of multiple computing systems and the remote private computer network including a second group of multiple other computing systems; receiving, by the configurable network service, configuration information via a provided programmatic interface for configuring the local private network extension, the received configuration information including multiple user-specified private network addresses of the remote private computer network and including information about an indicated remote resource service that is external to the remote private computer network and external to the local private network extension, the received configuration information further including network access constraint information to prevent access from the local private network extension to external computing systems that are not part of the first and second groups of computing systems and not associated with the remote resource service; associating, by the configurable network service, each of the multiple computing systems of the first group with one of the user-specified private network addresses; creating a local access mechanism within the local private network extension that represents the remote resource service and that enables interactions with the remote resource service by the multiple computing systems of the local private network extension, the creating of the local access mechanism including assigning, by the configurable network service, one of the user-specified private network addresses to represent the remote resource service within the local private network extension; configuring, by the configurable network service, the local private network extension to prevent communications from being sent from the multiple computing systems of the first group to network addresses that are not part of the user-specified private network addresses; and forwarding to the remote resource service, by the configurable network service, communications sent to the one network address assigned to represent the remote resource service, the forwarding occurring via one or more public networks external to the remote private computer network. |
