Keep Route53 Health check source IP's up to date

March 16th, 2015

We wanted to add Route53 health checks for some of our DNS end points but the list of origin IP’s for these checks is not guaranteed. This being the case we put together a small script to keep them up to date.

Depedencies

JQ - jq is like sed for JSON data
AWS CLI - Aws AWS Command Line Interface (CLI)

Example

GROUPID=sg-abc123456
PORTS="5060 5671"

for h in `aws route53 get-checker-ip-ranges | jq -r '.CheckerIpRanges[]'`; do

  for port in `echo $PORTS`; do
    printf "Adding ${h}:$port "
    aws ec2 authorize-security-group-ingress --group-id $GROUPID --protocol tcp --port $port --cidr $h 2&>1
    EXIT_CODE=$?
    if [[ $EXIT_CODE -eq 0 ]]; then
      echo " - Added"
    elif [[ $EXIT_CODE -eq 255 ]]; then
      echo " - Already present"
    else
      echo "Error"
      echo "---> $EXIT_CODE"
    fi
  done
done

aws (4)

aws (2) ,
route53 (1) ,
amazon (1) ,
health (1)

johntdyer

John T Dyer

Keep Route53 Health check source IP's up to date

Depedencies

Example

Share Post

johntdyer