Skip to content

Instantly share code, notes, and snippets.

@oneoy

oneoy/add_cloudflare_ips.sh

Forked from dduvnjak/add_cloudflare_ips.sh
Created October 27, 2022 03:38
Show Gist options
  • Save oneoy/592090b0453bfb496cc1275b3b456aa3 to your computer and use it in GitHub Desktop.
Save oneoy/592090b0453bfb496cc1275b3b456aa3 to your computer and use it in GitHub Desktop.
Download ZIP
Add CloudFlare IP addresses to an EC2 Security Group using awscli
Raw
add_cloudflare_ips.sh
# first we download the list of IP ranges from CloudFlare
wget https://www.cloudflare.com/ips-v4
# set the security group ID
SG_ID="sg-00000000000000"
# iterate over the IP ranges in the downloaded file
# and allow access to ports 80 and 443
while read p
do
aws ec2 authorize-security-group-ingress --group-id $SG_ID --ip-permissions IpProtocol=tcp,FromPort=80,ToPort=80,IpRanges="[{CidrIp=$p,Description='Cloudflare'}]"
aws ec2 authorize-security-group-ingress --group-id $SG_ID --ip-permissions IpProtocol=tcp,FromPort=443,ToPort=443,IpRanges="[{CidrIp=$p,Description='Cloudflare'}]"
done< ips-v4
rm ips-v4
@oneoy
Copy link
Author

oneoy commented Oct 27, 2022
edited
Loading 

SG_ID="sg-00000000000000"

wget https://www.cloudflare.com/ips-v4
while read p;
    do
        aws ec2 authorize-security-group-ingress --group-id $SG_ID --ip-permissions IpProtocol=tcp,FromPort=80,ToPort=80,IpRanges="[{CidrIp=$p,Description='Cloudflare'}]";
        aws ec2 authorize-security-group-ingress --group-id $SG_ID --ip-permissions IpProtocol=tcp,FromPort=443,ToPort=443,IpRanges="[{CidrIp=$p,Description='Cloudflare'}]";
done< ips-v4
rm ips-v4

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment