aws_public_ips

What's it for

aws_public_ips is a tool to fetch all public IP addresses (both IPv4/IPv6) associated with an AWS account.

It can be used as a library and as a CLI, and supports the following AWS services (all with both Classic & VPC flavors):

APIGateway
CloudFront
EC2 (and as a result: ECS, EKS, Beanstalk, Fargate, Batch, & NAT Instances)
ElasticSearch
ELB (Classic ELB)
ELBv2 (ALB/NLB)
Lightsail
RDS
Redshift

If a service isn't listed (S3, ElastiCache, etc) it's most likely because it doesn't have anything to support (i.e. it might not be deployable publicly, it might have all ip addresses resolve to global AWS infrastructure, etc).

Quick start

Install the gem and run it:

$ gem install aws_public_ips

# Uses default ~/.aws/credentials
$ aws_public_ips
52.84.11.13
52.84.11.83
2600:9000:2039:ba00:1a:cd27:1440:93a1
2600:9000:2039:6e00:1a:cd27:1440:93a1

# With a custom profile
$ AWS_PROFILE=production aws_public_ips
52.84.11.159

The gem can also be run from Docker:

$ docker pull arkadiyt/aws_public_ips

# For credentials, ensure the appropriate environment variables are defined in the host environment:
$ docker run -e AWS_REGION -e AWS_ACCESS_KEY_ID -e AWS_SECRET_ACCESS_KEY -e AWS_SESSION_TOKEN arkadiyt/aws_public_ips

CLI reference

$ aws_public_ips --help
Usage: aws_public_ips [options]
    -s, --services <s1>,<s2>,<s3>    List of AWS services to check. Available services: apigateway,cloudfront,ec2,elasticsearch,elb,elbv2,lightsail,rds,redshift. Defaults to all.
    -f, --format <format>            Set output format. Available formats: json,prettyjson,text. Defaults to text.
    -v, --[no-]verbose               Enable debug/trace output
        --version                    Print version
    -h, --help                       Show this help message

Configuration

For authentication aws_public_ips uses the default aws-sdk-ruby configuration, meaning that the following are checked in order:

Environment variables:

AWS_ACCESS_KEY_ID
AWS_SECRET_ACCESS_KEY
AWS_REGION
AWS_PROFILE

Shared credentials files:

~/.aws/credentials
~/.aws/config

Instance profile via metadata endpoint (if running on EC2, ECS, EKS, or Fargate)

For more information see the AWS SDK documentation on configuration.

IAM permissions

To find the public IPs from all AWS services, the minimal policy needed by your IAM user is:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "apigateway:GET",
        "cloudfront:ListDistributions",
        "ec2:DescribeInstances",
        "elasticloadbalancing:DescribeLoadBalancers",
        "lightsail:GetInstances",
        "lightsail:GetLoadBalancers",
        "rds:DescribeDBInstances",
        "redshift:DescribeClusters",
        "es:ListDomainNames"
      ],
      "Resource": "*"
    }
  ]
}

Changelog

Please see CHANGELOG.md. This project follows semantic versioning.

Contributing

Please see CONTRIBUTING.md.

Getting in touch

Feel free to tweet or direct message me: @arkadiyt

arkadiyt/aws_public_ips

arkadiyt

Reviews

Repository Details