» Data Source: aws_ip_ranges

Use this data source to get the IP ranges of various AWS products and services. For more information about the contents of this data source and required JSON syntax if referencing a custom URL, see the AWS IP Address Ranges documention.

» Example Usage

data "aws_ip_ranges" "european_ec2" {
  regions  = ["eu-west-1", "eu-central-1"]
  services = ["ec2"]
}

resource "aws_security_group" "from_europe" {
  name = "from_europe"

  ingress {
    from_port        = "443"
    to_port          = "443"
    protocol         = "tcp"
    cidr_blocks      = ["${data.aws_ip_ranges.european_ec2.cidr_blocks}"]
    ipv6_cidr_blocks = ["${data.aws_ip_ranges.european_ec2.ipv6_cidr_blocks}"]
  }

  tags = {
    CreateDate = "${data.aws_ip_ranges.european_ec2.create_date}"
    SyncToken  = "${data.aws_ip_ranges.european_ec2.sync_token}"
  }
}

» Argument Reference

regions - (Optional) Filter IP ranges by regions (or include all regions, if omitted). Valid items are global (for cloudfront) as well as all AWS regions (e.g. eu-central-1)
services - (Required) Filter IP ranges by services. Valid items are amazon (for amazon.com), cloudfront, codebuild, ec2, route53, route53_healthchecks and S3.

NOTE: If the specified combination of regions and services does not yield any CIDR blocks, Terraform will fail.

url - (Optional) Custom URL for source JSON file. Syntax must match AWS IP Address Ranges documention. Defaults to https://ip-ranges.amazonaws.com/ip-ranges.json.

» Attributes Reference

cidr_blocks - The lexically ordered list of CIDR blocks.
ipv6_cidr_blocks - The lexically ordered list of IPv6 CIDR blocks.
create_date - The publication time of the IP ranges (e.g. 2016-08-03-23-46-05).
sync_token - The publication time of the IP ranges, in Unix epoch time format (e.g. 1470267965).