AWS IP address ranges

AWS publishes its current IP address ranges in JSON format. With this information, you can identify traffic from AWS. You can also use this information to allow or deny traffic to or from some AWS services.

Note

Only some AWS service IP address ranges are published in ip-ranges.json; we publish the IP address ranges for services that customers commonly want to perform egress filtering on.
Services may use the IP address ranges to communicate with other services or services may use the IP ranges to communicate with a customer network.

To view the current ranges, download the .json file. To maintain history, save successive versions of the .json file on your system. To determine whether there have been changes since the last time that you saved the file, check the publication time in the current file and compare it to the publication time in the last file that you saved.

The IP address ranges that you bring to AWS through bring your own IP addresses (BYOIP) are not included in the .json file.

Alternatively, some services publish their address ranges using AWS-managed prefix lists. For more information, see Available AWS-managed prefix lists.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Optimize AWS infrastructure management with prefix lists

Work with ip-ranges.json

AWS IP address ranges

Note

Contents