Saturday, September 15, 2018

Grabbing AWS CloudFront IPs with curl and jq

There's times when you want to restrict access to your infrastructure behind CloudFront so that requests must go through the CloudFront CDN instead of your origin directly. Fortunately, AWS lists their public IP ranges in a JSON format in the following link, https://ip-ranges.amazonaws.com/ip-ranges.json. However, there are a lot of services in the above link and it would be very tedious to take the entire JSON and read through it to grab specific CloudFront IP's. Using the combination of command line tools curl and jq we can easily grab just the CloudFront IP ranges to lock down whatever origin that exists. Below is the command that I've used to grab just the CloudFront IP's. Enjoy!

curl https://ip-ranges.amazonaws.com/ip-ranges.json | jq '.prefixes | .[] | select(.service == "CLOUDFRONT") | .ip_prefix'

BC

3 comments:

  1. This post is really useful and helpful to know more about the things which you have shared. I appreciate you for such a great amount of information. I assure this would be beneficial for many people. Best AWS Training in Delhi

    ReplyDelete
  2. You have shared a nice article with well-researched aboud AWS Cloud computing. You told how to AWS cloud is beneficial. to learn AWS cloud computing, then join cloud computing summer training in jaipur

    ReplyDelete