• Stars
    star
    629
  • Rank 71,454 (Top 2 %)
  • Language
    Ruby
  • License
    MIT License
  • Created over 6 years ago
  • Updated over 3 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Fetch all public IP addresses tied to your AWS account. Works with IPv4/IPv6, Classic/VPC networking, and across all AWS services

aws_public_ips Gem TravisCI Coverage Status License

Table of Contents

What's it for

aws_public_ips is a tool to fetch all public IP addresses (both IPv4/IPv6) associated with an AWS account.

It can be used as a library and as a CLI, and supports the following AWS services (all with both Classic & VPC flavors):

  • APIGateway
  • CloudFront
  • EC2 (and as a result: ECS, EKS, Beanstalk, Fargate, Batch, & NAT Instances)
  • ElasticSearch
  • ELB (Classic ELB)
  • ELBv2 (ALB/NLB)
  • Lightsail
  • RDS
  • Redshift

If a service isn't listed (S3, ElastiCache, etc) it's most likely because it doesn't have anything to support (i.e. it might not be deployable publicly, it might have all ip addresses resolve to global AWS infrastructure, etc).

Quick start

Install the gem and run it:

$ gem install aws_public_ips

# Uses default ~/.aws/credentials
$ aws_public_ips
52.84.11.13
52.84.11.83
2600:9000:2039:ba00:1a:cd27:1440:93a1
2600:9000:2039:6e00:1a:cd27:1440:93a1

# With a custom profile
$ AWS_PROFILE=production aws_public_ips
52.84.11.159

The gem can also be run from Docker:

$ docker pull arkadiyt/aws_public_ips

# For credentials, ensure the appropriate environment variables are defined in the host environment:
$ docker run -e AWS_REGION -e AWS_ACCESS_KEY_ID -e AWS_SECRET_ACCESS_KEY -e AWS_SESSION_TOKEN arkadiyt/aws_public_ips

CLI reference

$ aws_public_ips --help
Usage: aws_public_ips [options]
    -s, --services <s1>,<s2>,<s3>    List of AWS services to check. Available services: apigateway,cloudfront,ec2,elasticsearch,elb,elbv2,lightsail,rds,redshift. Defaults to all.
    -f, --format <format>            Set output format. Available formats: json,prettyjson,text. Defaults to text.
    -v, --[no-]verbose               Enable debug/trace output
        --version                    Print version
    -h, --help                       Show this help message

Configuration

For authentication aws_public_ips uses the default aws-sdk-ruby configuration, meaning that the following are checked in order:

  1. Environment variables:
  • AWS_ACCESS_KEY_ID
  • AWS_SECRET_ACCESS_KEY
  • AWS_REGION
  • AWS_PROFILE
  1. Shared credentials files:
  • ~/.aws/credentials
  • ~/.aws/config
  1. Instance profile via metadata endpoint (if running on EC2, ECS, EKS, or Fargate)

For more information see the AWS SDK documentation on configuration.

IAM permissions

To find the public IPs from all AWS services, the minimal policy needed by your IAM user is:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "apigateway:GET",
        "cloudfront:ListDistributions",
        "ec2:DescribeInstances",
        "elasticloadbalancing:DescribeLoadBalancers",
        "lightsail:GetInstances",
        "lightsail:GetLoadBalancers",
        "rds:DescribeDBInstances",
        "redshift:DescribeClusters",
        "es:ListDomainNames"
      ],
      "Resource": "*"
    }
  ]
}

Changelog

Please see CHANGELOG.md. This project follows semantic versioning.

Contributing

Please see CONTRIBUTING.md.

Getting in touch

Feel free to tweet or direct message me: @arkadiyt

More Repositories

1

bounty-targets-data

This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for reports
3,099
star
2

bounty-targets

This project crawls bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) hourly and dumps them into the bounty-targets-data repo
Ruby
593
star
3

zoom-redirector

Zoom Redirector is a browser extension that transparently redirects any meeting links to use Zoom's browser based web client.
JavaScript
580
star
4

protodump

A utility to dump all Protobuf file descriptors from a given binary as *.proto files
Go
264
star
5

ssrf_filter

A ruby gem for defending against Server Side Request Forgery (SSRF) attacks
Ruby
78
star
6

free-ft

44
star
7

symantec-certificate-checker

Ruby
17
star
8

chrome-extension-downloader

A ruby script to download and unpack chrome extensions
Ruby
8
star
9

ddexport

A cli utility to export datadog logs and spans (more than the 5000 allowed in the UI)
Go
6
star
10

dftest

Domain fronting tester - a small utility script to make a request with a different host header and server name indication
Ruby
4
star
11

dot-files

Dot files
Vim Script
2
star
12

github_readonly_team

Script to give a github team read-only permissions to all repositories in an organization
Ruby
2
star
13

acm-cloudfront

Ruby
1
star
14

mullvad-rpki

Script for testing Mullvad exit ISPs for RPKI validation
Ruby
1
star
15

order-jira-bookmarklet

A bookmark that when executed on a JIRA epic page, re-orders all the tickets to be in order of status.
JavaScript
1
star
16

kill_billd

Chrome extension to kill or rebuild builds on buildbot
JavaScript
1
star
17

onion-service

Code for the onion service for my personal website: arkadiy7niszn5gkb4s6sqzst4go7d4oc57xnt2q3kvy4tdklf3f7jyd.onion
Dockerfile
1
star