Home > 1 > Quickly Restrict Amazon service to Single Country

Quickly Restrict Amazon service to Single Country

Sometimes you need to restrict a service to only your country. Quickest approach is via Amazon security groups. Note that Amazon security groups accepts a maximum of 100 rules.

Steps:-

  1. Download a csv file with country IP block ranges from http://www.nirsoft.net e.g. http://www.nirsoft.net/countryip/ug.html
  2. With help of IPy and Summarize, you could use the python script below to summarize the IP blocks and generate Amazon CLI commands to add the security groups. Redirect output to script file you can run at ounce.
    from summarize import summarize
    import csv
    
    if __name__ == "__main__":    
        ifile  = open('ug.csv', "rb")
        reader = csv.reader(ifile)        
        for row in reader:
            if len(row) > 1:
                blockSummary = summarize(row[0],row[1])
                print 'aws ec2 authorize-security-group-ingress --group-id your_security_group_id --protocol tcp --port %s --cidr %s' % (80, blockSummary[0])
        ifile.close()
    
Advertisements
Categories: 1
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: