Up-to-date IP address ranges for major cloud providers in multiple formats.
- Introduction
- Features
- Supported Cloud Providers
- Data Formats
- Folder Structure
- Usage
- Use Cases
- Automating Updates
- License
- Acknowledgments
Working with multiple cloud providers often requires accessing their IP address ranges for various purposes, such as configuring firewalls, setting up access controls, or performing network analysis. Managing these IP lists individually can be time-consuming and error-prone.
I wanted a single, unique source for all the cloud providers I work with, tailored to different needs. Instead of writing separate scripts to extract or transform these IP addresses, I decided to create a comprehensive script that collects and updates all of them daily. This not only serves my use cases—like generating Nginx configurations and simple text files—but also provides a valuable resource for others.
I've decided to share this data publicly so everyone can have easy access to up-to-date IP address ranges from major cloud providers.
- Regular Updates: Stay current with the latest IP ranges from major cloud providers.
- Automatic Refresh: All IP lists are updated every 24 hours automatically.
- Multiple Formats: Access data in TXT, CSV, JSON, and SQL formats for flexibility.
- Web Server Configurations: Implement allow/deny rules with ready-to-use Nginx and Apache config files.
- Detailed Segmentation: Obtain IP lists by region and service for AWS, Google Cloud, and Azure.
- Organized Structure: Navigate easily through provider-specific folders.
- General IP Lists: Combined, IPv4-only, and IPv6-only lists.
- Configuration Files: Nginx and Apache allow/deny configurations.
- General IP Lists: Comprehensive lists of all AWS IP ranges.
- Region-Specific Lists: IP addresses segmented by AWS regions.
- Service-Specific Lists: IP addresses segmented by AWS services (e.g., EC2, S3).
- Configuration Files: Nginx and Apache allow/deny configurations for general, regional, and service-specific IPs.
- General IP Lists: Combined, IPv4-only, and IPv6-only lists.
- Region-Specific Lists: IP addresses segmented by GCP regions.
- Service-Specific Lists: IP addresses segmented by GCP services.
- Configuration Files: Nginx and Apache allow/deny configurations.
- General IP Lists: Combined, IPv4-only, and IPv6-only lists.
- Region-Specific Lists: IP addresses segmented by Azure regions.
- Service-Specific Lists: IP addresses segmented by Azure services.
- Configuration Files: Nginx and Apache allow/deny configurations.
For each cloud provider, the following data formats are available:
- TXT: Plain text files with one IP address or CIDR block per line.
- CSV: Comma-separated values including IP type, region, and service.
- JSON: Structured data suitable for programmatic access.
- SQL: Scripts to create and populate SQL databases with IP addresses.
- Nginx Configs: Allow or deny rules ready to include in Nginx configurations.
- Apache Configs: Allow or deny directives ready for inclusion in Apache configurations.
The repository is organized as follows:
cloud-provider-ip-addresses/
├── aws/
│ ├── aws_ips.txt
│ ├── aws_ips_v4.txt
│ ├── aws_ips_v6.txt
│ ├── regions/
│ │ ├── us-east-1/
│ │ │ ├── aws_us-east-1_ips.txt
│ │ │ ├── ...
│ ├── services/
│ │ ├── ec2/
│ │ │ ├── aws_ec2_ips.txt
│ │ │ ├── ...
│ ├── nginx_allow.conf
│ ├── nginx_deny.conf
│ ├── apache_allow.conf
│ └── apache_deny.conf
├── cloudflare/
│ ├── cloudflare_ips.txt
│ ├── cloudflare_ips_v4.txt
│ ├── cloudflare_ips_v6.txt
│ ├── nginx_allow.conf
│ ├── nginx_deny.conf
│ ├── apache_allow.conf
│ └── apache_deny.conf
├── googlecloud/
│ ├── googlecloud_ips.txt
│ ├── googlecloud_ips_v4.txt
│ ├── googlecloud_ips_v6.txt
│ ├── regions/
│ │ ├── us-central1/
│ │ │ ├── googlecloud_us-central1_ips.txt
│ │ │ ├── ...
│ ├── services/
│ │ ├── compute/
│ │ │ ├── googlecloud_compute_ips.txt
│ │ │ ├── ...
│ ├── nginx_allow.conf
│ ├── nginx_deny.conf
│ ├── apache_allow.conf
│ └── apache_deny.conf
├── azure/
│ ├── azure_ips.txt
│ ├── azure_ips_v4.txt
│ ├── azure_ips_v6.txt
│ ├── regions/
│ │ ├── eastus/
│ │ │ ├── azure_eastus_ips.txt
│ │ │ ├── ...
│ ├── services/
│ │ ├── appservice/
│ │ │ ├── azure_appservice_ips.txt
│ │ │ ├── ...
│ ├── nginx_allow.conf
│ ├── nginx_deny.conf
│ ├── apache_allow.conf
│ └── apache_deny.conf
├── LICENSE
└── README.md
- Provider Folders: Each cloud provider has its own directory at the root level.
regions/andservices/: Subdirectories for region-specific and service-specific data.- Configuration Files: Located within each provider's folder.
Navigate to the cloud provider's directory in the repository to find the IP lists and configuration files you need.
- Go to
aws/aws_ips_v4.txt. - Click on Raw to view the raw content.
- Save the file to your system.
You can access any file directly via GitHub Raw URLs. This is useful for programmatic access or automating updates.
- Navigate to the file in the GitHub repository.
- Click on the Raw button to view the raw file.
- Copy the URL from your browser's address bar.
-
Cloudflare Combined IPs:
https://raw.githubusercontent.com/rezmoss/cloud-provider-ip-addresses/main/cloudflare/cloudflare_ips.txt -
AWS EC2 IPv4 Addresses:
https://raw.githubusercontent.com/rezmoss/cloud-provider-ip-addresses/main/aws/services/ec2/aws_ec2_ips_v4.txt
You can use tools like curl or wget to download the files directly:
curl -O https://raw.githubusercontent.com/rezmoss/cloud-provider-ip-addresses/main/aws/aws_ips_v4.txt-
Download the Nginx Allow Configuration:
- For AWS:
aws/nginx_allow.conf - Raw URL:
https://raw.githubusercontent.com/rezmoss/cloud-provider-ip-addresses/main/aws/nginx_allow.conf
- For AWS:
-
Include in Your Nginx Configuration:
In your server block:
server { # Your existing configuration include /path/to/nginx_allow.conf; }
-
Reload Nginx:
sudo nginx -s reload
-
Download the Nginx Deny Configuration:
- For AWS:
aws/nginx_deny.conf - Raw URL:
https://raw.githubusercontent.com/rezmoss/cloud-provider-ip-addresses/main/aws/nginx_deny.conf
- For AWS:
-
Include in Your Nginx Configuration as above, but with the deny file.
-
Download the Apache Allow Configuration:
- For AWS:
aws/apache_allow.conf - Raw URL:
https://raw.githubusercontent.com/rezmoss/cloud-provider-ip-addresses/main/aws/apache_allow.conf
- For AWS:
-
Include in Your Apache Configuration:
In your
.htaccessfile or virtual host configuration:<Directory /var/www/html> AllowOverride None Require all denied Include /path/to/apache_allow.conf </Directory>
-
Reload Apache:
sudo systemctl reload apache2
-
Download the Apache Deny Configuration:
- For AWS:
aws/apache_deny.conf - Raw URL:
https://raw.githubusercontent.com/rezmoss/cloud-provider-ip-addresses/main/aws/apache_deny.conf
- For AWS:
-
Include in Your Apache Configuration as above, but with the deny file.
- Security: Restrict access to your applications or services to specific cloud provider IPs.
- Compliance: Ensure compliance by allowing or denying access based on IP origin.
- Traffic Management: Control traffic flow by permitting or blocking IP ranges.
- Data Analysis: Use IP data for network analysis and monitoring.
IP ranges change frequently. To keep your configurations up to date, consider automating the retrieval of the latest data.
Since all IP lists update every 24 hours automatically, you can set up your systems to fetch the latest files daily.
git clone https://github.com/rezmoss/cloud-provider-ip-addresses.gitSet up a cron job to pull the latest changes daily:
0 0 * * * cd /path/to/cloud-provider-ip-addresses && git pullAlternatively, you can download specific files directly using curl or wget and the GitHub Raw URLs.
Ensure that your systems reference the files from the updated repository path or download location.
This project is dedicated to the public domain under the CC0 1.0 Universal Public Domain Dedication.
- Cloudflare: IP Ranges
- Amazon Web Services: AWS IP Address Ranges
- Google Cloud Platform: GCP IP Ranges
- Microsoft Azure: Azure IP Ranges and Service Tags