A daily-updated repository providing IP address ranges for major cloud providers (AWS, Google Cloud, Azure, Cloudflare) in multiple formats with ready-to-use Nginx and Apache configurations.
CC0-1.0 License
Up-to-date IP address ranges for major cloud providers in multiple formats.
Working with multiple cloud providers often requires accessing their IP address ranges for various purposes, such as configuring firewalls, setting up access controls, or performing network analysis. Managing these IP lists individually can be time-consuming and error-prone.
I wanted a single, unique source for all the cloud providers I work with, tailored to different needs. Instead of writing separate scripts to extract or transform these IP addresses, I decided to create a comprehensive script that collects and updates all of them daily. This not only serves my use cases—like generating Nginx configurations and simple text files—but also provides a valuable resource for others.
I've decided to share this data publicly so everyone can have easy access to up-to-date IP address ranges from major cloud providers.
For each cloud provider, the following data formats are available:
The repository is organized as follows:
cloud-provider-ip-addresses/
├── aws/
│ ├── aws_ips.txt
│ ├── aws_ips_v4.txt
│ ├── aws_ips_v6.txt
│ ├── regions/
│ │ ├── us-east-1/
│ │ │ ├── aws_us-east-1_ips.txt
│ │ │ ├── ...
│ ├── services/
│ │ ├── ec2/
│ │ │ ├── aws_ec2_ips.txt
│ │ │ ├── ...
│ ├── nginx_allow.conf
│ ├── nginx_deny.conf
│ ├── apache_allow.conf
│ └── apache_deny.conf
├── cloudflare/
│ ├── cloudflare_ips.txt
│ ├── cloudflare_ips_v4.txt
│ ├── cloudflare_ips_v6.txt
│ ├── nginx_allow.conf
│ ├── nginx_deny.conf
│ ├── apache_allow.conf
│ └── apache_deny.conf
├── googlecloud/
│ ├── googlecloud_ips.txt
│ ├── googlecloud_ips_v4.txt
│ ├── googlecloud_ips_v6.txt
│ ├── regions/
│ │ ├── us-central1/
│ │ │ ├── googlecloud_us-central1_ips.txt
│ │ │ ├── ...
│ ├── services/
│ │ ├── compute/
│ │ │ ├── googlecloud_compute_ips.txt
│ │ │ ├── ...
│ ├── nginx_allow.conf
│ ├── nginx_deny.conf
│ ├── apache_allow.conf
│ └── apache_deny.conf
├── azure/
│ ├── azure_ips.txt
│ ├── azure_ips_v4.txt
│ ├── azure_ips_v6.txt
│ ├── regions/
│ │ ├── eastus/
│ │ │ ├── azure_eastus_ips.txt
│ │ │ ├── ...
│ ├── services/
│ │ ├── appservice/
│ │ │ ├── azure_appservice_ips.txt
│ │ │ ├── ...
│ ├── nginx_allow.conf
│ ├── nginx_deny.conf
│ ├── apache_allow.conf
│ └── apache_deny.conf
├── LICENSE
└── README.md
regions/
and services/
: Subdirectories for region-specific and service-specific data.Navigate to the cloud provider's directory in the repository to find the IP lists and configuration files you need.
aws/aws_ips_v4.txt
.You can access any file directly via GitHub Raw URLs. This is useful for programmatic access or automating updates.
Cloudflare Combined IPs:
https://raw.githubusercontent.com/rezmoss/cloud-provider-ip-addresses/main/cloudflare/cloudflare_ips.txt
AWS EC2 IPv4 Addresses:
https://raw.githubusercontent.com/rezmoss/cloud-provider-ip-addresses/main/aws/services/ec2/aws_ec2_ips_v4.txt
You can use tools like curl
or wget
to download the files directly:
curl -O https://raw.githubusercontent.com/rezmoss/cloud-provider-ip-addresses/main/aws/aws_ips_v4.txt
Download the Nginx Allow Configuration:
aws/nginx_allow.conf
https://raw.githubusercontent.com/rezmoss/cloud-provider-ip-addresses/main/aws/nginx_allow.conf
Include in Your Nginx Configuration:
In your server block:
server {
# Your existing configuration
include /path/to/nginx_allow.conf;
}
Reload Nginx:
sudo nginx -s reload
Download the Nginx Deny Configuration:
aws/nginx_deny.conf
https://raw.githubusercontent.com/rezmoss/cloud-provider-ip-addresses/main/aws/nginx_deny.conf
Include in Your Nginx Configuration as above, but with the deny file.
Download the Apache Allow Configuration:
aws/apache_allow.conf
https://raw.githubusercontent.com/rezmoss/cloud-provider-ip-addresses/main/aws/apache_allow.conf
Include in Your Apache Configuration:
In your .htaccess
file or virtual host configuration:
<Directory /var/www/html>
AllowOverride None
Require all denied
Include /path/to/apache_allow.conf
</Directory>
Reload Apache:
sudo systemctl reload apache2
Download the Apache Deny Configuration:
aws/apache_deny.conf
https://raw.githubusercontent.com/rezmoss/cloud-provider-ip-addresses/main/aws/apache_deny.conf
Include in Your Apache Configuration as above, but with the deny file.
IP ranges change frequently. To keep your configurations up to date, consider automating the retrieval of the latest data.
Since all IP lists update every 24 hours automatically, you can set up your systems to fetch the latest files daily.
git clone https://github.com/rezmoss/cloud-provider-ip-addresses.git
Set up a cron job to pull the latest changes daily:
0 0 * * * cd /path/to/cloud-provider-ip-addresses && git pull
Alternatively, you can download specific files directly using curl
or wget
and the GitHub Raw URLs.
Ensure that your systems reference the files from the updated repository path or download location.
This project is dedicated to the public domain under the CC0 1.0 Universal Public Domain Dedication.