Docs
PackagesTry AWS Native preview for resources not in the classic version.
aws.getIpRanges
Explore with Pulumi AI
Try AWS Native preview for resources not in the classic version.
Use this data source to get the IP ranges of various AWS products and services. For more information about the contents of this data source and required JSON syntax if referencing a custom URL, see the AWS IP Address Ranges documentation.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const europeanEc2 = aws.getIpRanges({
regions: [
"eu-west-1",
"eu-central-1",
],
services: ["ec2"],
});
const fromEurope = new aws.ec2.SecurityGroup("from_europe", {
name: "from_europe",
ingress: [{
fromPort: 443,
toPort: 443,
protocol: "tcp",
cidrBlocks: europeanEc2.then(europeanEc2 => europeanEc2.cidrBlocks),
ipv6CidrBlocks: europeanEc2.then(europeanEc2 => europeanEc2.ipv6CidrBlocks),
}],
tags: {
CreateDate: europeanEc2.then(europeanEc2 => europeanEc2.createDate),
SyncToken: europeanEc2.then(europeanEc2 => europeanEc2.syncToken),
},
});
import pulumi
import pulumi_aws as aws
european_ec2 = aws.get_ip_ranges(regions=[
"eu-west-1",
"eu-central-1",
],
services=["ec2"])
from_europe = aws.ec2.SecurityGroup("from_europe",
name="from_europe",
ingress=[aws.ec2.SecurityGroupIngressArgs(
from_port=443,
to_port=443,
protocol="tcp",
cidr_blocks=european_ec2.cidr_blocks,
ipv6_cidr_blocks=european_ec2.ipv6_cidr_blocks,
)],
tags={
"CreateDate": european_ec2.create_date,
"SyncToken": european_ec2.sync_token,
})
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws"
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
europeanEc2, err := aws.GetIpRanges(ctx, &aws.GetIpRangesArgs{
Regions: []string{
"eu-west-1",
"eu-central-1",
},
Services: []string{
"ec2",
},
}, nil)
if err != nil {
return err
}
_, err = ec2.NewSecurityGroup(ctx, "from_europe", &ec2.SecurityGroupArgs{
Name: pulumi.String("from_europe"),
Ingress: ec2.SecurityGroupIngressArray{
&ec2.SecurityGroupIngressArgs{
FromPort: pulumi.Int(443),
ToPort: pulumi.Int(443),
Protocol: pulumi.String("tcp"),
CidrBlocks: interface{}(europeanEc2.CidrBlocks),
Ipv6CidrBlocks: interface{}(europeanEc2.Ipv6CidrBlocks),
},
},
Tags: pulumi.StringMap{
"CreateDate": pulumi.String(europeanEc2.CreateDate),
"SyncToken": pulumi.Int(europeanEc2.SyncToken),
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var europeanEc2 = Aws.GetIpRanges.Invoke(new()
{
Regions = new[]
{
"eu-west-1",
"eu-central-1",
},
Services = new[]
{
"ec2",
},
});
var fromEurope = new Aws.Ec2.SecurityGroup("from_europe", new()
{
Name = "from_europe",
Ingress = new[]
{
new Aws.Ec2.Inputs.SecurityGroupIngressArgs
{
FromPort = 443,
ToPort = 443,
Protocol = "tcp",
CidrBlocks = europeanEc2.Apply(getIpRangesResult => getIpRangesResult.CidrBlocks),
Ipv6CidrBlocks = europeanEc2.Apply(getIpRangesResult => getIpRangesResult.Ipv6CidrBlocks),
},
},
Tags =
{
{ "CreateDate", europeanEc2.Apply(getIpRangesResult => getIpRangesResult.CreateDate) },
{ "SyncToken", europeanEc2.Apply(getIpRangesResult => getIpRangesResult.SyncToken) },
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.AwsFunctions;
import com.pulumi.aws.inputs.GetIpRangesArgs;
import com.pulumi.aws.ec2.SecurityGroup;
import com.pulumi.aws.ec2.SecurityGroupArgs;
import com.pulumi.aws.ec2.inputs.SecurityGroupIngressArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var europeanEc2 = AwsFunctions.getIpRanges(GetIpRangesArgs.builder()
.regions(
"eu-west-1",
"eu-central-1")
.services("ec2")
.build());
var fromEurope = new SecurityGroup("fromEurope", SecurityGroupArgs.builder()
.name("from_europe")
.ingress(SecurityGroupIngressArgs.builder()
.fromPort("443")
.toPort("443")
.protocol("tcp")
.cidrBlocks(europeanEc2.applyValue(getIpRangesResult -> getIpRangesResult.cidrBlocks()))
.ipv6CidrBlocks(europeanEc2.applyValue(getIpRangesResult -> getIpRangesResult.ipv6CidrBlocks()))
.build())
.tags(Map.ofEntries(
Map.entry("CreateDate", europeanEc2.applyValue(getIpRangesResult -> getIpRangesResult.createDate())),
Map.entry("SyncToken", europeanEc2.applyValue(getIpRangesResult -> getIpRangesResult.syncToken()))
))
.build());
}
}
resources:
fromEurope:
type: aws:ec2:SecurityGroup
name: from_europe
properties:
name: from_europe
ingress:
- fromPort: '443'
toPort: '443'
protocol: tcp
cidrBlocks: ${europeanEc2.cidrBlocks}
ipv6CidrBlocks: ${europeanEc2.ipv6CidrBlocks}
tags:
CreateDate: ${europeanEc2.createDate}
SyncToken: ${europeanEc2.syncToken}
variables:
europeanEc2:
fn::invoke:
Function: aws:getIpRanges
Arguments:
regions:
- eu-west-1
- eu-central-1
services:
- ec2
Using getIpRanges
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getIpRanges(args: GetIpRangesArgs, opts?: InvokeOptions): Promise<GetIpRangesResult>
function getIpRangesOutput(args: GetIpRangesOutputArgs, opts?: InvokeOptions): Output<GetIpRangesResult>def get_ip_ranges(id: Optional[str] = None,
regions: Optional[Sequence[str]] = None,
services: Optional[Sequence[str]] = None,
url: Optional[str] = None,
opts: Optional[InvokeOptions] = None) -> GetIpRangesResult
def get_ip_ranges_output(id: Optional[pulumi.Input[str]] = None,
regions: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
services: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
url: Optional[pulumi.Input[str]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetIpRangesResult]func GetIpRanges(ctx *Context, args *GetIpRangesArgs, opts ...InvokeOption) (*GetIpRangesResult, error)
func GetIpRangesOutput(ctx *Context, args *GetIpRangesOutputArgs, opts ...InvokeOption) GetIpRangesResultOutput> Note: This function is named GetIpRanges in the Go SDK.
public static class GetIpRanges
{
public static Task<GetIpRangesResult> InvokeAsync(GetIpRangesArgs args, InvokeOptions? opts = null)
public static Output<GetIpRangesResult> Invoke(GetIpRangesInvokeArgs args, InvokeOptions? opts = null)
}public static CompletableFuture<GetIpRangesResult> getIpRanges(GetIpRangesArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet
fn::invoke:
function: aws:index/getIpRanges:getIpRanges
arguments:
# arguments dictionaryThe following arguments are supported:
- Services List<string>
Filter IP ranges by services. Valid items are
amazon(for amazon.com),amazon_connect,api_gateway,cloud9,cloudfront,codebuild,dynamodb,ec2,ec2_instance_connect,globalaccelerator,route53,route53_healthchecks,s3andworkspaces_gateways. See the [serviceattribute][2] documentation for other possible values.NOTE: If the specified combination of regions and services does not yield any CIDR blocks, this call will fail.
- Id string
- Regions List<string>
- Filter IP ranges by regions (or include all regions, if
omitted). Valid items are
global(forcloudfront) as well as all AWS regions (e.g.,eu-central-1) - Url string
- Custom URL for source JSON file. Syntax must match AWS IP Address Ranges documentation. Defaults to
https://ip-ranges.amazonaws.com/ip-ranges.json.
- Services []string
Filter IP ranges by services. Valid items are
amazon(for amazon.com),amazon_connect,api_gateway,cloud9,cloudfront,codebuild,dynamodb,ec2,ec2_instance_connect,globalaccelerator,route53,route53_healthchecks,s3andworkspaces_gateways. See the [serviceattribute][2] documentation for other possible values.NOTE: If the specified combination of regions and services does not yield any CIDR blocks, this call will fail.
- Id string
- Regions []string
- Filter IP ranges by regions (or include all regions, if
omitted). Valid items are
global(forcloudfront) as well as all AWS regions (e.g.,eu-central-1) - Url string
- Custom URL for source JSON file. Syntax must match AWS IP Address Ranges documentation. Defaults to
https://ip-ranges.amazonaws.com/ip-ranges.json.
- services List<String>
Filter IP ranges by services. Valid items are
amazon(for amazon.com),amazon_connect,api_gateway,cloud9,cloudfront,codebuild,dynamodb,ec2,ec2_instance_connect,globalaccelerator,route53,route53_healthchecks,s3andworkspaces_gateways. See the [serviceattribute][2] documentation for other possible values.NOTE: If the specified combination of regions and services does not yield any CIDR blocks, this call will fail.
- id String
- regions List<String>
- Filter IP ranges by regions (or include all regions, if
omitted). Valid items are
global(forcloudfront) as well as all AWS regions (e.g.,eu-central-1) - url String
- Custom URL for source JSON file. Syntax must match AWS IP Address Ranges documentation. Defaults to
https://ip-ranges.amazonaws.com/ip-ranges.json.
- services string[]
Filter IP ranges by services. Valid items are
amazon(for amazon.com),amazon_connect,api_gateway,cloud9,cloudfront,codebuild,dynamodb,ec2,ec2_instance_connect,globalaccelerator,route53,route53_healthchecks,s3andworkspaces_gateways. See the [serviceattribute][2] documentation for other possible values.NOTE: If the specified combination of regions and services does not yield any CIDR blocks, this call will fail.
- id string
- regions string[]
- Filter IP ranges by regions (or include all regions, if
omitted). Valid items are
global(forcloudfront) as well as all AWS regions (e.g.,eu-central-1) - url string
- Custom URL for source JSON file. Syntax must match AWS IP Address Ranges documentation. Defaults to
https://ip-ranges.amazonaws.com/ip-ranges.json.
- services Sequence[str]
Filter IP ranges by services. Valid items are
amazon(for amazon.com),amazon_connect,api_gateway,cloud9,cloudfront,codebuild,dynamodb,ec2,ec2_instance_connect,globalaccelerator,route53,route53_healthchecks,s3andworkspaces_gateways. See the [serviceattribute][2] documentation for other possible values.NOTE: If the specified combination of regions and services does not yield any CIDR blocks, this call will fail.
- id str
- regions Sequence[str]
- Filter IP ranges by regions (or include all regions, if
omitted). Valid items are
global(forcloudfront) as well as all AWS regions (e.g.,eu-central-1) - url str
- Custom URL for source JSON file. Syntax must match AWS IP Address Ranges documentation. Defaults to
https://ip-ranges.amazonaws.com/ip-ranges.json.
- services List<String>
Filter IP ranges by services. Valid items are
amazon(for amazon.com),amazon_connect,api_gateway,cloud9,cloudfront,codebuild,dynamodb,ec2,ec2_instance_connect,globalaccelerator,route53,route53_healthchecks,s3andworkspaces_gateways. See the [serviceattribute][2] documentation for other possible values.NOTE: If the specified combination of regions and services does not yield any CIDR blocks, this call will fail.
- id String
- regions List<String>
- Filter IP ranges by regions (or include all regions, if
omitted). Valid items are
global(forcloudfront) as well as all AWS regions (e.g.,eu-central-1) - url String
- Custom URL for source JSON file. Syntax must match AWS IP Address Ranges documentation. Defaults to
https://ip-ranges.amazonaws.com/ip-ranges.json.
getIpRanges Result
The following output properties are available:
- Cidr
Blocks List<string> - Lexically ordered list of CIDR blocks.
- Create
Date string - Publication time of the IP ranges (e.g.,
2016-08-03-23-46-05). - Id string
- Ipv6Cidr
Blocks List<string> - Lexically ordered list of IPv6 CIDR blocks.
- Services List<string>
- Sync
Token int - Publication time of the IP ranges, in Unix epoch time format
(e.g.,
1470267965). - Regions List<string>
- Url string
- Cidr
Blocks []string - Lexically ordered list of CIDR blocks.
- Create
Date string - Publication time of the IP ranges (e.g.,
2016-08-03-23-46-05). - Id string
- Ipv6Cidr
Blocks []string - Lexically ordered list of IPv6 CIDR blocks.
- Services []string
- Sync
Token int - Publication time of the IP ranges, in Unix epoch time format
(e.g.,
1470267965). - Regions []string
- Url string
- cidr
Blocks List<String> - Lexically ordered list of CIDR blocks.
- create
Date String - Publication time of the IP ranges (e.g.,
2016-08-03-23-46-05). - id String
- ipv6Cidr
Blocks List<String> - Lexically ordered list of IPv6 CIDR blocks.
- services List<String>
- sync
Token Integer - Publication time of the IP ranges, in Unix epoch time format
(e.g.,
1470267965). - regions List<String>
- url String
- cidr
Blocks string[] - Lexically ordered list of CIDR blocks.
- create
Date string - Publication time of the IP ranges (e.g.,
2016-08-03-23-46-05). - id string
- ipv6Cidr
Blocks string[] - Lexically ordered list of IPv6 CIDR blocks.
- services string[]
- sync
Token number - Publication time of the IP ranges, in Unix epoch time format
(e.g.,
1470267965). - regions string[]
- url string
- cidr_
blocks Sequence[str] - Lexically ordered list of CIDR blocks.
- create_
date str - Publication time of the IP ranges (e.g.,
2016-08-03-23-46-05). - id str
- ipv6_
cidr_ Sequence[str]blocks - Lexically ordered list of IPv6 CIDR blocks.
- services Sequence[str]
- sync_
token int - Publication time of the IP ranges, in Unix epoch time format
(e.g.,
1470267965). - regions Sequence[str]
- url str
- cidr
Blocks List<String> - Lexically ordered list of CIDR blocks.
- create
Date String - Publication time of the IP ranges (e.g.,
2016-08-03-23-46-05). - id String
- ipv6Cidr
Blocks List<String> - Lexically ordered list of IPv6 CIDR blocks.
- services List<String>
- sync
Token Number - Publication time of the IP ranges, in Unix epoch time format
(e.g.,
1470267965). - regions List<String>
- url String
Package Details
- Repository
- AWS Classic pulumi/pulumi-aws
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
awsTerraform Provider.
Try AWS Native preview for resources not in the classic version.