arkadiyt / aws_public_ips Goto Github PK

Hello,

After Installed the gem install aws_public_ips, we are getting the error below.

#<Net::HTTPFatalError: 503 "Service Unavailable">

We have verified the aws profile, for access/secret key & token with region. Please assist. Thank you !!!

When cycling through the regions and looking for stuff, this tool seems to assume that all regions have the same set of services, and that is not true for some services. So far, it seems that lightsail is the biggest offender, but I'm sure there are others.

When you try to get a list of all services/servers running with public IP addresses in lightsail where that service is not available in that region, you get an error message that looks like this:

#<Aws::Errors::NoSuchEndpointError: Encountered a `SocketError` while attempting to connect to:

  https://lightsail.us-west-1.amazonaws.com

This is typically the result of an invalid `:region` option or a
poorly formatted `:endpoint` option.

* Avoid configuring the `:endpoint` option directly. Endpoints are constructed
  from the `:region`. The `:endpoint` option is reserved for connecting to
  non-standard test endpoints.

* Not every service is available in every region.

* Never suffix region names with availability zones.
  Use "us-east-1", not "us-east-1a"

Known AWS regions include (not specific to this service):

ap-northeast-1
ap-northeast-2
ap-south-1
ap-southeast-1
ap-southeast-2
ca-central-1
eu-central-1
eu-west-1
eu-west-2
eu-west-3
sa-east-1
us-east-1
us-east-2
us-west-1
us-west-2
cn-north-1
cn-northwest-1
us-gov-west-1

It would be really nice if the code could check to see what services were available in the current region that is being accessed, and then only try to describe each of those services.

Hi I wonder if anyone can help me please to install this application, which command I need to use. Thanks

This would be handy as a Dockerfile :) I'm currently on holiday so can't do it, however if there are enough 👍🏼then I'll happily issue a PR :)

First of all, thanks for your work .. but I don't understand how to configure

Can we have multi-region support instead of supplying the region via Profile or Env variable? This will be usfull for accounts having multiple regions

It would be great if there was a switch to omit ipv6 addresses from the program output.

Hi there.

I do a gem install but then unable to run the actual command. Am i missing something?

Thank you

I would like to know if there is a way to obtain the IPs of several aws organizations, i.e. several accounts at the same time.

DMS creates EC2 instances that can be made public. Will this tool list such instances?

Thanks!

Would it be possible to update the ruby gem to understand profiles, so that I could sweep through a number of profiles for different AWS accounts easily?

Or is that feature already available but not documented in the CLI reference?

Can we display which service in the output per Public P found?

Right now I would have to run aws_public_ips -s one by one to find that info...

Thanks

It misses NAT gateways (which have largely replaced NAT instances now). NAT gateways do not appear as EC2 instances. They can be scanned by specifically looking for NAT gateways via DescribeNatGateways. However, I'd suggest using the DescribeAddresses API to query all Elastic IP Addresses:
https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAddresses.html

You can filter out EC2 instances by skipping any Elastic IP that has an Instance ID provided. I'd suggest keeping the existing EC2 scanning code because it let's you show ips associated with the instance using them with the verbose option. For elastic ips I'd suggest showing them associated with the network interface they are attached to. Sadly this is more abstracted from what people are using them for but it's the best you can do without writing a ton of code for each use that isn't an EC2 instance.

You can filter out unused elastic ips by looking for empty network interface or association ids. It may be worth having an option that let's you see the out of use ips too.

I haven't specifically tested this but I suspect that by not scanning DescribeAddresses you actually miss Fargate containers with public ips attached because they don't show up as EC2 instances despite your documentation mentioning that you'd find Fargate via EC2. Which is part of the reason I suggest this path.

I found this in https://github.com/arkadiyt/aws_public_ips/blob/master/spec/spec_helper.rb

::ENV['AWS_REGION'] = 'us-east-1'
::ENV['AWS_ACCESS_KEY_ID'] = 'AAAAAAAAAAAAAAAAAAAA'
::ENV['AWS_SECRET_ACCESS_KEY'] = 'AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA'

Hi,
Good tool but it would be useful to be able to run it with a --profile option rather than using default.

Thanks

First of all thanks for a nice tool!

I'm not a Ruby developer and I don't have Ruby installed so I decided to make a similar tool for Python (which is my working language). During my work I noticed that AWS SDK for Python have pagination parameters for API Gateway, CloudFront, EC2, ELB, ELBv2, Lightsail. I don't know how this implemented in AWS SDK for Ruby but in Python it is required to add such parameters explicitly. If such parameters not set then many resources can be missed in the tool output and this could be an issue for large AWS deployments.

Is there or will there be an option to use multiple profiles? Limiting it to the default requires a separate credentials and config file.

Hi

I am not having any luck getting this running. I have tried on a couple of Debian Jessie and a Ubuntu 18.04 and the result is the same on both.

If I simply type in aws_public_ips on its own or with -v , it simply returns with an exit code of 0. If I run:
aws_public_ips -v -s ec2 (or any other -s value)

I get:

/var/lib/gems/2.1.0/gems/aws_public_ips-1.0.2/lib/aws_public_ips/cli.rb:105:in 'rescue in run': undefined method '[]' for nil:NilClass (NoMethodError) from /var/lib/gems/2.1.0/gems/aws_public_ips-1.0.2/lib/aws_public_ips/cli.rb:96:in 'run' from /var/lib/gems/2.1.0/gems/aws_public_ips-1.0.2/bin/aws_public_ips:7:in '<top (required)>' from /usr/local/bin/aws_public_ips:23:in 'load' from /usr/local/bin/aws_public_ips:23:in '<main>'
with an exit code of 1

So, with the format prettyjson (and presumably with standard json), we get information about each public IP address that is used, such as the id, the hostname, etc....

However, with text format, all we get is the IP addresses. Nothing else.

There is a documented -v flag to provide verbose output, but in text format this doesn't seem to do anything. Could that be changed so that everything you would put into prettyjson would be output in text verbose mode?

This currently misses an instance with multiple Elastic IPv4 addresses associated with it on a single network interface because it's looking at the resp.reservations[*].instances[*].network_interfaces[*].association.public_ip rather than resp.reservations[*].instances[*].network_interfaces[*].private_ip_addresses[*].association.public_ip

As peculiar as it is to look for public ip addresses in the private_ip_addresses array. It is indeed how you can find all the public ip addresses for a given instance. The one in the association is just the first public ip address.