Reputation: 941
AWS - What is the simplest way to get a dump of all allowed inbound IP addresses?
Pretty new to the AWS APIs/Lambda so apologies if I'm missing something simple. I just want to get an automated dump of the inbound IP addresses under each of our security groups on a weekly interval. Is this something I can setup under lambda or do I need to do it through the API or CLI? I've looked at the DescribeSecurityGroup functions under https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeSecurityGroups.html and https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-security-groups.html, but am wondering if I'm overcomplicating. Thanks in advance.
Upvotes: 1
Views: 75
Answers (1)
Reputation: 200607
You would need to write an AWS Lambda function that queries the security groups for CIDR rules, using the AWS SDK for whatever programming language you are writing the Lambda function in. Then you could write the output to a file in the /tmp folder of the AWS Lambda environment, and then copy that file to S3 using the AWS SDK. Then you would schedule the Lambda function to run weekly.
If you already have an EC2 instance running on AWS then the "simplest" way would probably be to add a cron job to that instance that uses the AWS CLI tool to query for the CIDR rules.
Upvotes: 4
Related Questions
- How to get a list of AWS EIP addresses from the command line?
- AWS: List of assigned IPs in subnet
- Find list of Elastic IPs from running Amazon Instance
- AWS Lambda IP address ranges
- Generate list of IPs used by AWS Lamba
- Return list of _all_ ip addresses using AWS CLI
- AWS: Find IP address of all connections to RDS instances
- How to retrieve the IP address of a EC2 (Server) from Lambda acting as a Client?
- How to get a list of all public IPs and their instance names on Amazon EC2
- How to find out the list of all IP addresses which accesses a EC2 instance