AWS IP address ranges
AWS publishes its current IP address ranges in JSON format. With this information, you can identify traffic from AWS. You can also use this information to allow or deny traffic to or from some AWS services.
Note
Only some AWS service IP address ranges are published in ip-ranges.json; we publish the IP address ranges for services that customers commonly want to perform egress filtering
on. Services may use the IP address ranges to communicate with other services or services may use the IP ranges to communicate with a customer network.
To view the current ranges, download the .json
file. To maintain history,
save successive versions of the .json
file on your system. To determine
whether there have been changes since the last time that you saved the file, check the
publication time in the current file and compare it to the publication time in the last file
that you saved.
The IP address ranges that you bring to AWS through bring your own IP addresses (BYOIP)
are not included in the .json
file.
Alternatively, some services publish their address ranges using AWS-managed prefix lists. For more information, see Available AWS-managed prefix lists.
Download
Download ip-ranges.json
If you access this file programmatically, it is your responsibility to ensure that the application downloads the file only after successfully verifying the TLS certificate presented by the server.