amazon.aws.aws_service_ip_ranges lookup – Look up the IP ranges for services provided in AWS such as EC2 and S3.
Note
This lookup plugin is part of the amazon.aws collection (version 3.5.0).
You might already have this collection installed if you are using the ansible
package.
It is not included in ansible-core
.
To check whether it is installed, run ansible-galaxy collection list
.
To install it, use: ansible-galaxy collection install amazon.aws
.
You need further requirements to be able to use this lookup plugin,
see Requirements for details.
To use it in a playbook, specify: amazon.aws.aws_service_ip_ranges
.
Synopsis
AWS publishes IP ranges used on the public internet by EC2, S3, CloudFront, CodeBuild, Route53, and Route53 Health Checking.
This module produces a list of all the ranges (by default) or can narrow down the list to the specified region or service.
Requirements
The below requirements are needed on the local controller node that executes this lookup.
must have public internet connectivity
Keyword parameters
This describes keyword parameters of the lookup. These are the values key1=value1
, key2=value2
and so on in the following
examples: lookup('amazon.aws.aws_service_ip_ranges', key1=value1, key2=value2, ...)
and query('amazon.aws.aws_service_ip_ranges', key1=value1, key2=value2, ...)
Parameter |
Comments |
---|---|
When ipv6_prefixes=True the lookup will return ipv6 addresses instead of ipv4 addresses |
|
The AWS region to narrow the ranges to. Examples: us-east-1, eu-west-2, ap-southeast-1 |
|
The service to filter ranges by. Options: EC2, S3, CLOUDFRONT, CODEbUILD, ROUTE53, ROUTE53_HEALTHCHECKS |
Examples
vars:
ec2_ranges: "{{ lookup('aws_service_ip_ranges', region='ap-southeast-2', service='EC2', wantlist=True) }}"
tasks:
- name: "use list return option and iterate as a loop"
debug: msg="{% for cidr in ec2_ranges %}{{ cidr }} {% endfor %}"
# "52.62.0.0/15 52.64.0.0/17 52.64.128.0/17 52.65.0.0/16 52.95.241.0/24 52.95.255.16/28 54.66.0.0/16 "
- name: "Pull S3 IP ranges, and print the default return style"
debug: msg="{{ lookup('aws_service_ip_ranges', region='us-east-1', service='S3') }}"
# "52.92.16.0/20,52.216.0.0/15,54.231.0.0/17"
Return Value
Key |
Description |
---|---|
comma-separated list of CIDR ranges Returned: success |