Many of our customers have asked us for a detailed list of the IP address ranges assigned to and used by AWS. While the use cases vary from customer to customer, they generally involve firewalls and other forms of network access controls. In the past we have met this need by posting human-readable information to the EC2, S3, SNS, and CloudFront Forums.

IP Ranges in JSON Form

I am happy to announce that this information is now available in JSON form at https://ip-ranges.amazonaws.com/ip-ranges.json. The information in this file is generated from our internal system-of-record and is authoritative. You can expect it to change several times per week and should poll accordingly.

Here are the the first couple of lines:

{ "syncToken": "1416523628", "createDate": "2014-11-20-22-51-01", "prefixes": [ { "ip_prefix": "50.19.0.0/16", "region": "us-east-1", "service": "AMAZON" }, { "ip_prefix": "54.239.98.0/24", "region": "us-east-1", "service": "AMAZON" },

Valid values for the service key include “AMAZON”, “EC2”, “ROUTE53”, “ROUTE53_HEALTHCHECKS”, and “CLOUDFRONT.” If you need to know all of the ranges and don’t care about the service, use the “AMAZON” entries. The other entries are subsets of this one. Also, some of the services, such as S3, are represented in “AMAZON” and do not have an entry that is specific to the service. We plan to add additional values over time; code accordingly!

For more information, read the documentation on AWS IP Address Ranges.

— Jeff;

PS – By my count, there are now 10,130,200 IP addresses in the EC2 range. My code excludes the first (all zeroes) and last (all ones) address in each CIDR block.