Systems and methods for dynamic distributed name resolution

What is claimed is: 1 . A method comprising steps of: receiving a request from a user to access a destination service; resolving the request to direct the request to a control layer associated with a cloud-based system; directing the request to the control layer; resolving an Internet Protocol (IP) address for the destination service based on one or more characteristics of the request; resolving an internal IP address for the destination service; enforcing one or more controls on the request including enforcing, via the cloud-based system, zero trust policy on the request, based on a configuration provided by an owner of the destination service; providing access to the destination service to the user based on the one or more controls, wherein the providing access includes stitching a connection between the user and the destination service through an application on a device associated with the user, one or more nodes of the cloud-based system, and a lightweight connector associated with the destination service; and becoming a Domain Name System (DNS) authority for the destination service and all subdomains associated with the destination service, and directing requests to the destination service or all subdomains based thereon. 2 . The method of claim 1 , wherein the characteristics include any of characteristics associated with the user and characteristics associated with the destination service. 3 . The method of claim 2 , wherein the characteristics include any of the initiator, a location of the initiator, a network associated with the initiator, and the type of destination service being requested. 4 . The method of claim 1 , wherein the steps comprise: creating a connection to the destination service based on the configuration and the characteristics. 5 . The method of claim 1 , wherein the steps further comprise: receiving the configuration from the owner, wherein the configuration defines one or more destination services requiring protection, and one or more policies; and based on the request being to one of the one or more destination services requiring protection, enforcing the one or more controls on the request based on the policies. 6 . The method of claim 1 , wherein neither the user nor the destination service share an internet routable network. 7 . A non-transitory computer-readable medium comprising instructions that, when executed, cause one or more processors to perform steps of: receiving a request from a user to access a destination service; resolving the request to direct the request to a control layer associated with a cloud-based system; directing the request to the control layer; resolving an Internet Protocol (IP) address for the destination service based on one or more characteristics of the request; resolving an internal IP address for the destination service; enforcing one or more controls on the request including enforcing, via the cloud-based system, zero trust policy on the request, based on a configuration provided by an owner of the destination service; providing access to the destination service to the user based on the one or more controls, wherein the providing access includes stitching a connection between the user and the destination service through an application on a device associated with the user, one or more nodes of the cloud-based system, and a lightweight connector associated with the destination service; and becoming a Domain Name System (DNS) authority for the destination service and all subdomains associated with the destination service, and directing requests to the destination service or all subdomains based thereon. 8 . The non-transitory computer-readable medium of claim 7 , wherein the characteristics include any of characteristics associated with the user and characteristics associated with the destination service. 9 . The non-transitory computer-readable medium of claim 8 , wherein the characteristics include any of the initiator, a location of the initiator, a network associated with the initiator, and the type of destination service being requested. 10 . The non-transitory computer-readable medium of claim 7 , wherein the steps comprise: creating a connection to the destination service based on the configuration and the characteristics. 11 . The non-transitory computer-readable medium of claim 7 , wherein the steps further comprise: receiving the configuration from the owner, wherein the configuration defines one or more destination services requiring protection, and one or more policies; and based on the request being to one of the one or more destination services requiring protection, enforcing the one or more controls on the request based on the policies. 12 . The non-transitory computer-readable medium of claim 7 , wherein neither the user nor the destination service share an internet routable network.