Hacker News new | comments | ask | show | jobs | submit login
Show HN: aws_public_ips, a tool to fetch all public IPs tied to an AWS account (github.com)
36 points by arkadiyt 8 months ago | hide | past | web | favorite | 9 comments

Note that these IP addresses will almost certainly change. Don't go hard coding these anywhere or you'll be in for a shock.

I deal with a number of more traditional/large financial firms and when they inevitably ask me what my public IP addresses are so that they can white list them on their firewall, I have to send them a large number of ranges covering various cloud services ... kind of renders the exercise pointless.

Caveat: it needs to be your AWS account. You can't use this to fetch all public IPs from somebody else's AWS account.

How is this a caveat? If the owner of the other account gave you correct credentials, it will work.

Based on the submitted title, I thought it was a vulnerability, allowing you to find out all of somebody else's IP addresses.

doesn't this functionality builtin with awscli?

sth like this

    aws ec2 describe-instances --query "Reservations[*].Instances[*].[PublicIpAddress]"

I understand what it's retrieving but what's the use case for this?

Listing out all your internet routable interfaces presumably to lock down the unintentional ones?

It's for security teams to find infrastructure that shouldn't be exposed / put together a list of IPs for a network vulnerability scan / etc.

Doesn't AWS console list those Elastic IPs?

Yes, but it's not practical to copy/paste them.

I did something similar here[0] when I wanted all the internal hostnames I had to resolve locally via dnsmasq:


Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact