As computer networks have grown in size, an initial focus on connectivity has been tempered by security concerns. For example, unrestricted flow of data traffic to a network containing a server computer hosting a public information facility can compromise the facility, the server and/or other computers connected to the network. Network firewalls have become a relatively common mechanism for addressing at least some such security concerns. In a typical configuration, a conventional network firewall interrupts a network connection, and allows data traffic to flow across the interruption in accordance with a set of rules. For example, the rules may allow or deny data traffic addressed to particular computers that are behind the firewall, and/or allow or deny data traffic in accordance with particular communication protocols. However, conventional network firewalls have some problematic limitations.
Increasingly, network facilities are implemented with computing infrastructure, such as computing hardware, that is not under the direct control of the facility provider. For example, an Internet Web site maintained by a facility provider may be implemented, at least in part, with a data object storage service purchased on a commodity basis (e.g., per gigabyte stored and/or transferred) from a vendor of such computing services. Such computing services may be implemented with various collections of computers and network elements that are allocated to multiple customers (“tenants”) in accordance with service supply contracts and/or varying demand. Tenants need not be aware of which particular computers and/or network elements are allocated to implement their computing services, and this is generally regarded as a benefit. However, difficulties arise when attempting to use conventional firewalls with multi-tenant computing services. For example, rules established by one tenant at a conventional firewall protecting a multi-tenant distributed computing service can affect other tenants of the service.
Same numbers are used throughout the disclosure and figures to reference like components and features, but such repetition of number is for purposes of simplicity of explanation and understanding, and should not be viewed as a limitation on the various embodiments.