CODEWITHSUNDEEP
amazon-web-servicesazurevirtual-machine
user1371314
user1371314

Reputation: 832

How to detect Azure/Amazon VM

Is there any way to detect, in general, if your code is executing on an Azure or Amazon virtual machine. I am not referring to some sort of web or worker role in particular, I mean given any executable, is there anything that resolves that machine to a cloud VM - for example under Azure there is no domain so i cannot simply rely on a domain name.

Upvotes: 7

Views: 11017

Answers (5)

Dan
Dan

Reputation: 864

You could look at the machine's IP address, and determine if it is in a particular cloud's IP address block.

For Azure, the published list of IP address ranges for each subregion is an XML file at:

http://download.microsoft.com/download/E/F/C/EFC5E4D8-E4EA-4EFE-9356-D8AEEBC85F50/Azure_IP_Ranges.xml

Amazon will post a blog entry when they add new ranges. They are currently:

US East (Northern Virginia):

  • 72.44.32.0/19 (72.44.32.0 - 72.44.63.255)
  • 67.202.0.0/18 (67.202.0.0 - 67.202.63.255)
  • 75.101.128.0/17 (75.101.128.0 - 75.101.255.255)
  • 174.129.0.0/16 (174.129.0.0 - 174.129.255.255)
  • 204.236.192.0/18 (204.236.192.0 - 204.236.255.255)
  • 184.73.0.0/16 (184.73.0.0184.73.255.255)
  • 184.72.128.0/17 (184.72.128.0 - 184.72.255.255)
  • 184.72.64.0/18 (184.72.64.0 - 184.72.127.255)
  • 50.16.0.0/15 (50.16.0.0 - 50.17.255.255)
  • 50.19.0.0/16 (50.19.0.0 - 50.19.255.255)
  • 107.20.0.0/14 (107.20.0.0 - 107.23.255.255)
  • 23.20.0.0/14 (23.20.0.023.23.255.255)
  • 54.242.0.0/15 (54.242.0.054.243.255.255)
  • 54.234.0.0/15 (54.234.0.054.235.255.255) NEW
  • 54.236.0.0/15 (54.236.0.054.237.255.255) NEW

US West (Oregon):

  • 50.112.0.0/16 (50.112.0.0 - 50.112.255.255)
  • 54.245.0.0/16 (54.245.0.054.245.255.255)

US West (Northern California):

  • 204.236.128.0/18 (204.236.128.0 - 204.236.191.255)
  • 184.72.0.0/18 (184.72.0.0184.72.63.255)
  • 50.18.0.0/16 (50.18.0.0 - 50.18.255.255)
  • 184.169.128.0/17 (184.169.128.0 - 184.169.255.255)
  • 54.241.0.0/16 (54.241.0.054.241.255.255)

EU (Ireland):

  • 79.125.0.0/17 (79.125.0.0 - 79.125.127.255)
  • 46.51.128.0/18 (46.51.128.0 - 46.51.191.255)
  • 46.51.192.0/20 (46.51.192.0 - 46.51.207.255)
  • 46.137.0.0/17 (46.137.0.0 - 46.137.127.255)
  • 46.137.128.0/18 (46.137.128.0 - 46.137.191.255)
  • 176.34.128.0/17 (176.34.128.0 - 176.34.255.255)
  • 176.34.64.0/18 (176.34.64.0176.34.127.255)
  • 54.247.0.0/16 (54.247.0.054.247.255.255)
  • 54.246.0.0/16 (54.246.0.054.246.255.255) NEW

Asia Pacific (Singapore)

  • 175.41.128.0/18 (175.41.128.0 - 175.41.191.255)
  • 122.248.192.0/18 (122.248.192.0 - 122.248.255.255)
  • 46.137.192.0/18 (46.137.192.0 - 46.137.255.255)
  • 46.51.216.0/21 (46.51.216.0 - 46.51.223.255)
  • 54.251.0.0/16 (54.251.0.054.251.255.255)

Asia Pacific (Tokyo)

  • 175.41.192.0/18 (175.41.192.0 - 175.41.255.255)
  • 46.51.224.0/19 (46.51.224.0 - 46.51.255.255)
  • 176.32.64.0/19 (176.32.64.0 - 176.32.95.255)
  • 103.4.8.0/21 (103.4.8.0 - 103.4.15.255)
  • 176.34.0.0/18 (176.34.0.0 - 176.34.63.255)
  • 54.248.0.0/15 (54.248.0.0 - 54.249.255.255)

South America (Sao Paulo)

  • 177.71.128.0/17 (177.71.128.0 - 177.71.255.255)
  • 54.232.0.0/16 (54.232.0.054.232.255.255) NEW

Upvotes: 3

Luis Feliz
Luis Feliz

Reputation: 11

You can use a metadata endpoint for Azure VMs as well:

Invoke-RestMethod -Headers @{"Metadata"="true"} -Method GET -Proxy $Null -Uri "http://169.254.169.254/metadata/instance?api-version=2021-02-01" | ConvertTo-Json -Depth 64

Ref: https://learn.microsoft.com/en-us/azure/virtual-machines/windows/instance-metadata-service?tabs=windows

Upvotes: 1

Michael Richmond
Michael Richmond

Reputation: 411

AWS

If your guest has networking up then you can probe the instance metadata by accessing http://169.254.169.254

For example:

$ curl http://169.254.169.254/1.0/meta-data/instance-id
i-87dc2f76

However, hitting the network is fairly heavy-weight.

On AWS you can also check by looking at dmidecode:

$ /usr/sbin/dmidecode -s bios-version | tr "[:upper:]" "[:lower:]" | grep -q "amazon"

dmidecode is light-weight since it only hits the memory of the guest OS. However, as pointed out in previous answers it is dependent on Amazon continuing to include the word "amazon" in their version strings.

Azure

On Azure, you can detect the hypervisor details but this doesn't allow you to discriminate between Azure and HyperV. Depending on your scenario this might not be necessary.

To detect Azure/HyperV using dmidecode check the following strings:

$ /usr/sbin/dmidecode -s system-manufacturer | tr "[:upper:]" "[:lower:]" | grep -q "microsoft corporation"

$ /usr/sbin/dmidecode -s system-product-name | tr "[:upper:]" "[:lower:]" | grep -q "virtual machine"

Upvotes: 6

Rory Savage
Rory Savage

Reputation: 11

This is an internal way to check if you machine instance is in amazon or not:

dmidecode | grep Version
version: 4.2.amazon     <--- This is what you would want to key on

This would only work as long as Amazon maintains their signature in their VM's virtual BIOS settings. I have not worked with Azure, but I am sure you could extrapolate information using dmidecode as well. I have done it with VMware, and VirtualBox.

Upvotes: 1

artfulhacker
artfulhacker

Reputation: 4873

@Dan's answer no longer works for Azure, use the following URL to get a better list

http://msdn.microsoft.com/en-us/library/windowsazure/dn175718.aspx

If this url ever disappears here is a copy from today (August 12th 2013)

Europe West
65.52.128.0/19
213.199.128.0/20
168.63.0.0/19
168.63.96.0/19
137.116.192.0/19
137.117.128.0/17
168.61.56.0/21

Europe North
65.52.64.0/20
65.52.224.0/19
168.63.92.0/22
168.63.32.0/19
94.245.88.0/21
94.245.104.0/21
168.63.64.0/20
168.63.80.0/20
168.61.96.0/19
137.116.224.0/20

US East
168.62.32.0/19
157.56.176.0/21
168.62.160.0/19
168.61.32.0/20
168.61.48.0/21
137.117.64.0/18
137.135.64.0/18
138.91.96.0/19
137.116.112.0/20

US West
168.62.192.0/20
168.62.208.0/21
168.61.0.0/20
168.61.64.0/20
137.117.0.0/19
137.135.0.0/18
137.116.184.0/21
138.91.64.0/19
65.52.112.0/20
168.63.89.0/24
157.56.160.0/21
168.62.0.0/19

US North Central
65.52.0.0/19
65.52.0.0/20
65.52.16.0/20
65.52.192.0/19
65.52.48.0/20
157.55.24.0/21
157.55.64.0/20
157.55.160.0/20
157.55.136.0/21
157.55.208.0/20
157.56.8.0/21
157.55.252.0/22
168.62.96.0/19
157.55.248.0/22
168.62.224.0/19

US South Central
157.55.176.10/22
157.55.183.223/27
157.55.184.10/22
157.55.191.223/27
157.55.192.10/24
157.55.193.223/27
157.55.194.10/24
157.55.195.223/27
157.55.196.10/23
157.55.200.10/23
157.55.80.10/23
157.55.83.223/27
157.55.84.10/23
157.55.87.223/27
65.52.32.10/22
65.52.39.224/28
70.37.160.10/22
70.37.167.224/28
70.37.118.0/24
70.37.119.138/28
70.37.119.170/28
70.37.48.10/22
70.37.55.224/28
70.37.56.10/22
70.37.63.224/28
70.37.116.0/24

SE Asia
111.221.96.0/20
168.63.160.0/19
111.221.80.0/20
168.63.224.0/19
137.116.128.0/19

East Asia
65.52.160.0/19
111.221.78.0/23
168.63.128.0/19
168.63.192.0/19
137.116.160.0/20

Upvotes: 0

Related Questions