I recently worked for a client (whose Identity I will gracefully keep undisclosed) who happened to have most of their infrastructure exposed publicly, with components (yes, even the database! don't try this at home) communicating across regions together over the Internet.
I found myself analysing VPC Flow logs, trying to find out who exactly was connecting to the database, who various components were connecting to. And often wondering: does this IP belong to AWS? And if it does, which services does it belong to? and in which region?
Discover my IP range tool!
Thankfully, AWS regularly publishes a list of IP ranges it uses for all the services and regions. However, it's a huge JSON file with many CIDR blocks, so it's not totally trivial to find out if an IP is within these ranges.
I'm happy to announce I just released "does-this-ip-belong-to-aws", a homemade tool that will solve this for you.
The tool actually comes in two flavours.
- If you need a command-line interface to use it programmatically, a python implementation
- If you just want it within a webpage, you can visit does-this-ip-belong-to-aws.terracloud.fr.
The latter implementation is not as efficient, but it was an occasion for me to learn a very nice and powerful JSON query and transformation language, JSONata.