I wanted to find the IP ranges for all of Amazon’s US-based S3 regions. After a lot of searching through outdated forums, I found out how to get the ranges directly from the source. 

The Amazon Simple Storage Service (S3) is broken up into buckets that are stored in different regions. Currently, there are three US regions documented. I had to search for their actual hosts names which are documented in the AWS Java SDK.

• s3.amazonaws.com
• s3-us-west-1.amazonaws.com
• s3-us-west-2.amazonaws.com

To find each region’s IP range, I used two basic command line tools- host and whois. Host is a DNS lookup utility that resolves a host to an IP.

$ host s3-us-west-1.amazonaws.com
s3-us-west-1.amazonaws.com has address 204.246.160.224

Now that I have the IP, I can run whois on it to find its NetRange. Since whois also returns a bunch of other information, I grepped for exactly what I wanted.

$ whois 204.246.160.224 | grep NetRange
NetRange: 204.246.160.0 - 204.246.191.255

Now I have the IP range for the US West (Northern-California) S3 region.

A note about the US Standard region: s3.amazonaws.com is actually aliased between s3-1.amazonaws.com and s3-2.amazonaws.com so I had to whois both of those hosts.

$ host s3.amazonaws.com
s3.amazonaws.com is an alias for s3.geo.amazonaws.com.
s3.geo.amazonaws.com is an alias for s3-2.amazonaws.com.
s3-2.amazonaws.com has address 207.171.187.117