Amazon Web Services (AWS) operates an extensive network infrastructure with a vast number of IP addresses and CIDR blocks. As a developer or network administrator, you may need to programmatically retrieve the IP ranges or CIDRs associated with AWS regions and services for various reasons, such as configuring firewall rules or network security groups. In this guide, we’ll show you how to accomplish this using Python.

Prerequisites

Before we dive into the code, make sure you have the following prerequisites in place:

  • Python installed on your machine.
  • The requests library for making HTTP requests. You can install it using pip:
1

pip install requests

Python Code to Fetch AWS IP Ranges

We can use the official AWS IP Address Ranges service to obtain the IP ranges and CIDRs associated with AWS regions and services. AWS provides this information in JSON format through a publicly accessible URL. Here’s a Python script that fetches and parses these IP ranges:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19

import requests

# URL for AWS IP ranges JSON data
url = "https://ip-ranges.amazonaws.com/ip-ranges.json"

# Send an HTTP GET request to fetch the JSON data
response = requests.get(url).json()

# Initialize an empty list to store IP prefixes for a specific region (e.g., eu-central-1)
uae = []

# Iterate through the 'prefixes' key in the JSON response
for i in response['prefixes']:
    if i['region'] == 'eu-central-1':
        uae.append(i['ip_prefix'])

# Print the total number of IP prefixes and the list of IP prefixes for the region
print("Total IP Prefixes:", len(uae))
print("IP Prefixes for eu-central-1:", uae)

In this code:

  • We use the requests library to send an HTTP GET request to the AWS IP Address Ranges service.
  • We parse the JSON response and extract the IP prefixes for the 'eu-central-1' region as an example.

Running the Script

To run the script:

  1. Copy the code into a Python file (e.g., get_aws_ip_ranges.py).
  2. Open a terminal or command prompt.
  3. Navigate to the directory containing the script.
  4. Run the script using the python command:
1

python get_aws_ip_ranges.py

The script will fetch and display the total number of IP prefixes and the list of IP prefixes for the specified region. You can modify the script to target other regions or services by changing the region code in the if condition.

Example output

1
2

Total IP Prefixes: 290
IP Prefixes for eu-central-1: ['52.93.244.0/24', '52.219.170.0/23', '52.219.168.0/24', '52.93.126.135/32', '13.34.73.96/27', '16.12.32.0/22', '142.4.161.168/29', '16.12.24.0/21', '3.5.136.0/22', '15.230.241.0/24', '52.219.72.0/22', '18.192.0.0/15', '52.93.126.132/32', '64.252.89.0/24', '13.34.101.64/27', '99.78.156.0/22', '13.34.87.224/27', '150.222.86.0/24', '104.153.114.0/24', '99.77.136.0/24', '150.222.245.122/31', '150.222.27.0/24', '13.34.5.0/27', '13.34.92.64/27', '142.4.160.192/29', '52.219.211.0/24', '52.93.127.238/32', '13.34.92.96/27', '142.4.161.160/29', '142.4.161.176/29', '150.222.5.0/24', '13.34.33.64/27', '52.58.0.0/15', '15.220.48.0/21', '18.184.0.0/15', '13.34.88.128/27', '15.230.111.0/24', '52.57.0.0/16', '150.222.120.0/24', '13.34.73.160/27', '13.248.97.0/24', '150.222.213.0/24', '54.93.0.0/16', '3.124.0.0/14', '13.34.47.0/27', '13.34.5.64/27', '15.230.65.0/26', '136.18.18.0/24', '15.220.64.0/20', '3.33.35.0/24', '52.95.255.128/28', '150.222.10.0/24', '15.220.152.0/21', '54.239.54.0/23', '18.156.0.0/14', '13.34.5.32/27', '15.220.144.0/23', '15.230.65.64/26', '54.239.64.0/21', '15.230.64.192/26', '52.219.210.0/24', '13.34.33.0/27', '13.34.98.128/27', '52.93.126.133/32', '13.34.47.64/27', '52.94.69.0/24', '52.93.127.139/32', '64.252.87.0/24', '150.222.104.0/24', '13.34.33.96/27', '99.77.158.0/24', '150.222.122.0/24', '150.222.139.124/30', '52.93.127.237/32', '13.34.47.32/27', '3.64.0.0/12', '151.148.35.0/24', '13.34.87.192/27', '13.34.33.160/27', '52.94.198.48/28', '15.230.85.0/24', '99.77.247.0/24', '64.252.88.0/24', '52.94.136.0/21', '54.239.4.0/22', '52.94.204.0/23', '52.29.0.0/16', '52.144.209.0/26', '15.230.15.0/24', '99.78.160.0/21', '99.151.188.0/23', '15.230.144.0/24', '15.193.4.0/24', '54.239.106.0/23', '99.78.168.0/23', '99.150.16.0/21', '3.120.0.0/14', '18.198.0.0/15', '15.230.131.0/24', '52.94.248.112/28', '52.219.218.0/24', '13.34.98.160/27', '15.230.80.0/24', '13.34.88.160/27', '15.221.3.0/24', '52.144.210.192/26', '52.94.17.0/24', '13.248.123.0/24', '35.156.0.0/14', '52.219.44.0/22', '13.34.5.96/27', '13.34.33.128/27', '52.219.169.0/24', '54.239.0.160/28', '150.222.139.116/30', '15.230.52.0/24', '13.34.33.32/27', '52.219.140.0/24', '18.153.0.0/16', '173.83.196.0/23', '99.83.99.0/24', '142.4.160.152/29', '52.93.127.138/32', '150.222.139.120/30', '13.34.73.128/27', '150.222.230.0/24', '54.239.56.0/21', '64.252.86.0/24', '18.196.0.0/15', '13.34.47.96/27', '52.95.248.0/24', '52.94.146.0/24', '3.2.35.0/26', '52.144.211.0/26', '18.89.0.0/18', '18.194.0.0/15', '99.82.163.0/24', '52.46.184.0/22', '52.93.111.0/24', '52.119.188.0/22', '13.34.73.64/27', '13.34.101.96/27', '52.219.208.0/23', '150.222.4.0/24', '150.222.129.0/24', '13.34.9.76/32', '52.93.23.0/24', '63.176.0.0/12', '52.93.126.134/32', '35.71.105.0/24', '52.28.0.0/16', '3.5.134.0/23', '15.177.68.0/23', '99.77.247.0/24', '52.219.170.0/23', '52.219.168.0/24', '16.12.32.0/22', '16.12.24.0/21', '3.5.136.0/22', '52.219.72.0/22', '52.219.211.0/24', '52.219.210.0/24', '52.219.218.0/24', '52.219.44.0/22', '52.219.169.0/24', '52.219.140.0/24', '52.219.208.0/23', '3.5.134.0/23', '52.94.17.0/24', '35.71.105.0/24', '142.4.161.168/29', '3.5.136.0/22', '18.192.0.0/15', '64.252.89.0/24', '99.77.136.0/24', '142.4.160.192/29', '142.4.161.160/29', '142.4.161.176/29', '52.58.0.0/15', '15.220.48.0/21', '18.184.0.0/15', '52.57.0.0/16', '54.93.0.0/16', '3.124.0.0/14', '15.220.64.0/20', '3.33.35.0/24', '52.95.255.128/28', '15.220.152.0/21', '18.156.0.0/14', '15.220.144.0/23', '64.252.87.0/24', '99.77.158.0/24', '3.64.0.0/12', '151.148.35.0/24', '99.77.247.0/24', '64.252.88.0/24', '52.29.0.0/16', '99.151.188.0/23', '15.193.4.0/24', '99.150.16.0/21', '3.120.0.0/14', '18.198.0.0/15', '52.94.248.112/28', '35.156.0.0/14', '18.153.0.0/16', '173.83.196.0/23', '142.4.160.152/29', '64.252.86.0/24', '18.196.0.0/15', '52.95.248.0/24', '52.94.146.0/24', '3.2.35.0/26', '18.89.0.0/18', '18.194.0.0/15', '52.46.184.0/22', '35.71.105.0/24', '52.28.0.0/16', '3.5.134.0/23', '15.177.68.0/23', '13.248.97.0/24', '13.248.123.0/24', '99.83.99.0/24', '99.82.163.0/24', '15.177.68.0/23', '18.156.52.0/24', '18.156.54.0/23', '18.157.237.128/26', '18.157.237.192/26', '18.157.71.192/26', '18.184.138.224/27', '18.184.2.128/25', '18.184.203.128/27', '18.192.142.0/23', '18.192.216.0/22', '18.196.161.0/27', '18.196.161.184/29', '18.196.161.192/29', '18.196.161.200/29', '18.196.161.32/27', '18.196.161.80/29', '18.196.161.88/29', '3.120.181.224/27', '3.120.181.40/29', '3.122.128.0/23', '3.123.12.192/26', '3.123.14.0/24', '3.123.15.0/25', '3.123.44.0/27', '3.123.44.128/27', '3.123.44.160/27', '3.123.44.80/28', '3.123.44.96/27', '3.127.48.128/26', '3.127.48.244/30', '3.127.48.248/30', '3.127.74.0/23', '3.64.1.0/26', '3.64.1.128/26', '3.64.1.192/29', '3.64.1.200/29', '3.64.1.64/26', '3.64.226.232/29', '3.64.226.240/30', '3.65.124.0/22', '3.65.128.0/22', '3.65.132.0/22', '3.65.246.0/28', '3.65.246.16/28', '3.66.172.0/24', '3.68.251.176/30', '3.68.251.232/29', '3.70.195.128/25', '3.70.195.64/26', '3.70.211.0/25', '3.70.212.128/26', '3.71.104.0/24', '3.71.120.0/22', '3.72.168.0/24', '3.72.33.128/25', '3.74.148.128/26', '3.75.112.0/24', '3.77.79.224/29', '3.77.79.232/29', '3.78.202.0/23', '3.78.204.0/22', '35.157.127.248/29', '35.158.127.64/26', '35.158.136.0/24', '52.57.254.0/24', '52.59.127.0/24']

Conclusion

Programmatically fetching AWS IP ranges and CIDRs can be useful for managing network security, firewall rules, and other network-related tasks. With the provided Python script, you can easily retrieve this information and integrate it into your infrastructure and security policies.

For more details on AWS IP ranges and to stay up-to-date with changes, refer to the official AWS IP Address Ranges documentation.