Create AWS whitelist for apache

create-apache-aws-whitelist.py

#!/usr/bin/env python
import requests

ip_ranges = requests.get('https://ip-ranges.amazonaws.com/ip-ranges.json').json()['prefixes']
amazon_ips = [item['ip_prefix'] for item in ip_ranges if item["region"] == "eu-west-1"]

#ec2_ips = [item['ip_prefix'] for item in ip_ranges if item["service"] == "EC2"]

#amazon_ips_less_ec2=[]

#for ip in amazon_ips:
#    if ip not in ec2_ips:
#        amazon_ips_less_ec2.append(ip)

#for ip in amazon_ips_less_ec2: print(str(ip))

amazon_ips_less_ec2=[]

for ip in amazon_ips:
   amazon_ips_less_ec2.append(ip)

# modo 1
# ======
for ip in amazon_ips_less_ec2:
    # questo vale solo se non c'è il cidr perchè fa un match sulla stringa
    print 'SetEnvIf Remote_Addr "' + str(ip) + '" aws-eu-west-1'

print """
<Location "/">
   Order allow,deny
   Allow from env=aws-eu-west-1
   Satisfy Any
</Location>
"""

# modo 2
# ======
print """
<Location "/">
   Order allow,deny
"""

for ip in amazon_ips_less_ec2:
    # Se hai il cidr devi usare questa forma
    print 'Allow from' + str(ip)

print """
   Satisfy Any
</Location>
"""