1. Pulumi Registry
  2. AWS Classic
  3. API Docs
  4. getIpRanges
aws logo
AWS Classic v5.34.0, Mar 30 23

aws.getIpRanges

Use this data source to get the IP ranges of various AWS products and services. For more information about the contents of this data source and required JSON syntax if referencing a custom URL, see the AWS IP Address Ranges documentation.

Example Usage

using System.Collections.Generic;
using Pulumi;
using Aws = Pulumi.Aws;

return await Deployment.RunAsync(() => 
{
    var europeanEc2 = Aws.GetIpRanges.Invoke(new()
    {
        Regions = new[]
        {
            "eu-west-1",
            "eu-central-1",
        },
        Services = new[]
        {
            "ec2",
        },
    });

    var fromEurope = new Aws.Ec2.SecurityGroup("fromEurope", new()
    {
        Ingress = new[]
        {
            new Aws.Ec2.Inputs.SecurityGroupIngressArgs
            {
                FromPort = 443,
                ToPort = 443,
                Protocol = "tcp",
                CidrBlocks = europeanEc2.Apply(getIpRangesResult => getIpRangesResult.CidrBlocks),
                Ipv6CidrBlocks = europeanEc2.Apply(getIpRangesResult => getIpRangesResult.Ipv6CidrBlocks),
            },
        },
        Tags = 
        {
            { "CreateDate", europeanEc2.Apply(getIpRangesResult => getIpRangesResult.CreateDate) },
            { "SyncToken", europeanEc2.Apply(getIpRangesResult => getIpRangesResult.SyncToken) },
        },
    });

});

package main

import (
	"github.com/pulumi/pulumi-aws/sdk/v5/go/aws"
	"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/ec2"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		europeanEc2, err := aws.GetIpRanges(ctx, &aws.GetIpRangesArgs{
			Regions: []string{
				"eu-west-1",
				"eu-central-1",
			},
			Services: []string{
				"ec2",
			},
		}, nil)
		if err != nil {
			return err
		}
		_, err = ec2.NewSecurityGroup(ctx, "fromEurope", &ec2.SecurityGroupArgs{
			Ingress: ec2.SecurityGroupIngressArray{
				&ec2.SecurityGroupIngressArgs{
					FromPort:       pulumi.Int(443),
					ToPort:         pulumi.Int(443),
					Protocol:       pulumi.String("tcp"),
					CidrBlocks:     interface{}(europeanEc2.CidrBlocks),
					Ipv6CidrBlocks: interface{}(europeanEc2.Ipv6CidrBlocks),
				},
			},
			Tags: pulumi.StringMap{
				"CreateDate": *pulumi.String(europeanEc2.CreateDate),
				"SyncToken":  *pulumi.Int(europeanEc2.SyncToken),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.AwsFunctions;
import com.pulumi.aws.inputs.GetIpRangesArgs;
import com.pulumi.aws.ec2.SecurityGroup;
import com.pulumi.aws.ec2.SecurityGroupArgs;
import com.pulumi.aws.ec2.inputs.SecurityGroupIngressArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var europeanEc2 = AwsFunctions.getIpRanges(GetIpRangesArgs.builder()
            .regions(            
                "eu-west-1",
                "eu-central-1")
            .services("ec2")
            .build());

        var fromEurope = new SecurityGroup("fromEurope", SecurityGroupArgs.builder()        
            .ingress(SecurityGroupIngressArgs.builder()
                .fromPort("443")
                .toPort("443")
                .protocol("tcp")
                .cidrBlocks(europeanEc2.applyValue(getIpRangesResult -> getIpRangesResult.cidrBlocks()))
                .ipv6CidrBlocks(europeanEc2.applyValue(getIpRangesResult -> getIpRangesResult.ipv6CidrBlocks()))
                .build())
            .tags(Map.ofEntries(
                Map.entry("CreateDate", europeanEc2.applyValue(getIpRangesResult -> getIpRangesResult.createDate())),
                Map.entry("SyncToken", europeanEc2.applyValue(getIpRangesResult -> getIpRangesResult.syncToken()))
            ))
            .build());

    }
}

import pulumi
import pulumi_aws as aws

european_ec2 = aws.get_ip_ranges(regions=[
        "eu-west-1",
        "eu-central-1",
    ],
    services=["ec2"])
from_europe = aws.ec2.SecurityGroup("fromEurope",
    ingress=[aws.ec2.SecurityGroupIngressArgs(
        from_port=443,
        to_port=443,
        protocol="tcp",
        cidr_blocks=european_ec2.cidr_blocks,
        ipv6_cidr_blocks=european_ec2.ipv6_cidr_blocks,
    )],
    tags={
        "CreateDate": european_ec2.create_date,
        "SyncToken": european_ec2.sync_token,
    })

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const europeanEc2 = aws.getIpRanges({
    regions: [
        "eu-west-1",
        "eu-central-1",
    ],
    services: ["ec2"],
});
const fromEurope = new aws.ec2.SecurityGroup("fromEurope", {
    ingress: [{
        fromPort: 443,
        toPort: 443,
        protocol: "tcp",
        cidrBlocks: europeanEc2.then(europeanEc2 => europeanEc2.cidrBlocks),
        ipv6CidrBlocks: europeanEc2.then(europeanEc2 => europeanEc2.ipv6CidrBlocks),
    }],
    tags: {
        CreateDate: europeanEc2.then(europeanEc2 => europeanEc2.createDate),
        SyncToken: europeanEc2.then(europeanEc2 => europeanEc2.syncToken),
    },
});

resources:
  fromEurope:
    type: aws:ec2:SecurityGroup
    properties:
      ingress:
        - fromPort: '443'
          toPort: '443'
          protocol: tcp
          cidrBlocks: ${europeanEc2.cidrBlocks}
          ipv6CidrBlocks: ${europeanEc2.ipv6CidrBlocks}
      tags:
        CreateDate: ${europeanEc2.createDate}
        SyncToken: ${europeanEc2.syncToken}
variables:
  europeanEc2:
    fn::invoke:
      Function: aws:getIpRanges
      Arguments:
        regions:
          - eu-west-1
          - eu-central-1
        services:
          - ec2

Using getIpRanges

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getIpRanges(args: GetIpRangesArgs, opts?: InvokeOptions): Promise<GetIpRangesResult>
function getIpRangesOutput(args: GetIpRangesOutputArgs, opts?: InvokeOptions): Output<GetIpRangesResult>
def get_ip_ranges(regions: Optional[Sequence[str]] = None,
                  services: Optional[Sequence[str]] = None,
                  url: Optional[str] = None,
                  opts: Optional[InvokeOptions] = None) -> GetIpRangesResult
def get_ip_ranges_output(regions: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
                  services: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
                  url: Optional[pulumi.Input[str]] = None,
                  opts: Optional[InvokeOptions] = None) -> Output[GetIpRangesResult]
func GetIpRanges(ctx *Context, args *GetIpRangesArgs, opts ...InvokeOption) (*GetIpRangesResult, error)
func GetIpRangesOutput(ctx *Context, args *GetIpRangesOutputArgs, opts ...InvokeOption) GetIpRangesResultOutput

> Note: This function is named GetIpRanges in the Go SDK.

public static class GetIpRanges 
{
    public static Task<GetIpRangesResult> InvokeAsync(GetIpRangesArgs args, InvokeOptions? opts = null)
    public static Output<GetIpRangesResult> Invoke(GetIpRangesInvokeArgs args, InvokeOptions? opts = null)
}
public static CompletableFuture<GetIpRangesResult> getIpRanges(GetIpRangesArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet

fn::invoke:
  function: aws:index/getIpRanges:getIpRanges
  arguments:
    # arguments dictionary

The following arguments are supported:

Services List<string>

Filter IP ranges by services. Valid items are amazon (for amazon.com), amazon_connect, api_gateway, cloud9, cloudfront, codebuild, dynamodb, ec2, ec2_instance_connect, globalaccelerator, route53, route53_healthchecks, s3 and workspaces_gateways. See the [service attribute][2] documentation for other possible values.

Regions List<string>

Filter IP ranges by regions (or include all regions, if omitted). Valid items are global (for cloudfront) as well as all AWS regions (e.g., eu-central-1)

Url string

Custom URL for source JSON file. Syntax must match AWS IP Address Ranges documentation. Defaults to https://ip-ranges.amazonaws.com/ip-ranges.json.

Services []string

Filter IP ranges by services. Valid items are amazon (for amazon.com), amazon_connect, api_gateway, cloud9, cloudfront, codebuild, dynamodb, ec2, ec2_instance_connect, globalaccelerator, route53, route53_healthchecks, s3 and workspaces_gateways. See the [service attribute][2] documentation for other possible values.

Regions []string

Filter IP ranges by regions (or include all regions, if omitted). Valid items are global (for cloudfront) as well as all AWS regions (e.g., eu-central-1)

Url string

Custom URL for source JSON file. Syntax must match AWS IP Address Ranges documentation. Defaults to https://ip-ranges.amazonaws.com/ip-ranges.json.

services List<String>

Filter IP ranges by services. Valid items are amazon (for amazon.com), amazon_connect, api_gateway, cloud9, cloudfront, codebuild, dynamodb, ec2, ec2_instance_connect, globalaccelerator, route53, route53_healthchecks, s3 and workspaces_gateways. See the [service attribute][2] documentation for other possible values.

regions List<String>

Filter IP ranges by regions (or include all regions, if omitted). Valid items are global (for cloudfront) as well as all AWS regions (e.g., eu-central-1)

url String

Custom URL for source JSON file. Syntax must match AWS IP Address Ranges documentation. Defaults to https://ip-ranges.amazonaws.com/ip-ranges.json.

services string[]

Filter IP ranges by services. Valid items are amazon (for amazon.com), amazon_connect, api_gateway, cloud9, cloudfront, codebuild, dynamodb, ec2, ec2_instance_connect, globalaccelerator, route53, route53_healthchecks, s3 and workspaces_gateways. See the [service attribute][2] documentation for other possible values.

regions string[]

Filter IP ranges by regions (or include all regions, if omitted). Valid items are global (for cloudfront) as well as all AWS regions (e.g., eu-central-1)

url string

Custom URL for source JSON file. Syntax must match AWS IP Address Ranges documentation. Defaults to https://ip-ranges.amazonaws.com/ip-ranges.json.

services Sequence[str]

Filter IP ranges by services. Valid items are amazon (for amazon.com), amazon_connect, api_gateway, cloud9, cloudfront, codebuild, dynamodb, ec2, ec2_instance_connect, globalaccelerator, route53, route53_healthchecks, s3 and workspaces_gateways. See the [service attribute][2] documentation for other possible values.

regions Sequence[str]

Filter IP ranges by regions (or include all regions, if omitted). Valid items are global (for cloudfront) as well as all AWS regions (e.g., eu-central-1)

url str

Custom URL for source JSON file. Syntax must match AWS IP Address Ranges documentation. Defaults to https://ip-ranges.amazonaws.com/ip-ranges.json.

services List<String>

Filter IP ranges by services. Valid items are amazon (for amazon.com), amazon_connect, api_gateway, cloud9, cloudfront, codebuild, dynamodb, ec2, ec2_instance_connect, globalaccelerator, route53, route53_healthchecks, s3 and workspaces_gateways. See the [service attribute][2] documentation for other possible values.

regions List<String>

Filter IP ranges by regions (or include all regions, if omitted). Valid items are global (for cloudfront) as well as all AWS regions (e.g., eu-central-1)

url String

Custom URL for source JSON file. Syntax must match AWS IP Address Ranges documentation. Defaults to https://ip-ranges.amazonaws.com/ip-ranges.json.

getIpRanges Result

The following output properties are available:

CidrBlocks List<string>

Lexically ordered list of CIDR blocks.

CreateDate string

Publication time of the IP ranges (e.g., 2016-08-03-23-46-05).

Id string

The provider-assigned unique ID for this managed resource.

Ipv6CidrBlocks List<string>

Lexically ordered list of IPv6 CIDR blocks.

Services List<string>
SyncToken int

Publication time of the IP ranges, in Unix epoch time format (e.g., 1470267965).

Regions List<string>
Url string
CidrBlocks []string

Lexically ordered list of CIDR blocks.

CreateDate string

Publication time of the IP ranges (e.g., 2016-08-03-23-46-05).

Id string

The provider-assigned unique ID for this managed resource.

Ipv6CidrBlocks []string

Lexically ordered list of IPv6 CIDR blocks.

Services []string
SyncToken int

Publication time of the IP ranges, in Unix epoch time format (e.g., 1470267965).

Regions []string
Url string
cidrBlocks List<String>

Lexically ordered list of CIDR blocks.

createDate String

Publication time of the IP ranges (e.g., 2016-08-03-23-46-05).

id String

The provider-assigned unique ID for this managed resource.

ipv6CidrBlocks List<String>

Lexically ordered list of IPv6 CIDR blocks.

services List<String>
syncToken Integer

Publication time of the IP ranges, in Unix epoch time format (e.g., 1470267965).

regions List<String>
url String
cidrBlocks string[]

Lexically ordered list of CIDR blocks.

createDate string

Publication time of the IP ranges (e.g., 2016-08-03-23-46-05).

id string

The provider-assigned unique ID for this managed resource.

ipv6CidrBlocks string[]

Lexically ordered list of IPv6 CIDR blocks.

services string[]
syncToken number

Publication time of the IP ranges, in Unix epoch time format (e.g., 1470267965).

regions string[]
url string
cidr_blocks Sequence[str]

Lexically ordered list of CIDR blocks.

create_date str

Publication time of the IP ranges (e.g., 2016-08-03-23-46-05).

id str

The provider-assigned unique ID for this managed resource.

ipv6_cidr_blocks Sequence[str]

Lexically ordered list of IPv6 CIDR blocks.

services Sequence[str]
sync_token int

Publication time of the IP ranges, in Unix epoch time format (e.g., 1470267965).

regions Sequence[str]
url str
cidrBlocks List<String>

Lexically ordered list of CIDR blocks.

createDate String

Publication time of the IP ranges (e.g., 2016-08-03-23-46-05).

id String

The provider-assigned unique ID for this managed resource.

ipv6CidrBlocks List<String>

Lexically ordered list of IPv6 CIDR blocks.

services List<String>
syncToken Number

Publication time of the IP ranges, in Unix epoch time format (e.g., 1470267965).

regions List<String>
url String

Package Details

Repository
AWS Classic pulumi/pulumi-aws
License
Apache-2.0
Notes

This Pulumi package is based on the aws Terraform Provider.