Last active
August 29, 2015 14:11
-
-
Save jof/2372203b832d72bf8fe4 to your computer and use it in GitHub Desktop.
AWS VPC VPN Tunnel Addressing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| jof@thq-m-jlass01 ~/tmp % ruby show_aws_inside_addressing.rb | |
| +---------+-----------+--------------+-----------------------------+-------------------------------+---------------------------------+---------------------------------+---------------------------------+ | |
| | Account | Region | VPN ID | VPN Name | Local TEPs | AWS TEPs | Tunnel 1 Inside IPs | Tunnel 2 Inside IPs | | |
| +---------+-----------+--------------+-----------------------------+-------------------------------+---------------------------------+---------------------------------+---------------------------------+ | |
| | prod | us-west-1 | vpn-xxxx | aws-common-gateway0-testing | x.x.x.x / x.x.x.x | 204.246.160.78 / 204.246.163.62 | 169.254.253.18 / 169.254.253.17 | 169.254.253.22 / 169.254.253.21 | | |
| | prod | us-west-1 | vpn-xxxx | aws-prod-gateway0 | x.x.x.x / x.x.x.x | 204.246.163.62 / 204.246.160.78 | 169.254.253.22 / 169.254.253.21 | 169.254.253.18 / 169.254.253.17 | | |
| | prod | us-west-1 | vpn-xxxx | aws-common-gateway0 | x.x.x.x / x.x.x.x | 204.246.160.78 / 204.246.163.62 | 169.254.253.26 / 169.254.253.25 | 169.254.253.30 / 169.254.253.29 | | |
| | prod | us-west-2 | vpn-xxxx | aws-prod-gateway0 | x.x.x.x / x.x.x.x | 54.239.50.133 / 54.239.50.132 | 169.254.249.62 / 169.254.249.61 | 169.254.249.58 / 169.254.249.57 | | |
| | dev | us-west-2 | vpn-xxxx | aws-dev-gateway0 | x.x.x.x / x.x.x.x | 54.239.50.133 / 54.239.50.132 | 169.254.249.62 / 169.254.249.61 | 169.254.249.58 / 169.254.249.57 | | |
| +---------+-----------+--------------+-----------------------------+-------------------------------+---------------------------------+---------------------------------+---------------------------------+ |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env ruby | |
| require 'json' | |
| require 'nokogiri' | |
| require 'text-table' | |
| require 'pry' | |
| ACCOUNTS = [ | |
| [ 'prod', 'AKIAxxxxxxxxxx', 'xxxxxx' ], | |
| [ 'dev', 'AKIAxxxxxxxxxx', 'xxxxxx' ] | |
| ] | |
| def capture(shell) | |
| # STDERR.puts "Running: #{shell}" | |
| # env_keys = ENV.keys.select {|k| k =~ /^AWS/ } | |
| # STDERR.puts env_keys.map{|k|"#{k}=#{ENV[k]}"}.join(" ") | |
| output = `#{shell}` | |
| unless $?.exitstatus == 0 | |
| STDERR.puts "Failed to run #{shell}" | |
| exit $?.exitstatus | |
| end | |
| output | |
| end | |
| def slash(a,b) | |
| return a+' / '+b | |
| end | |
| #describe_regions = capture("aws ec2 describe-regions") | |
| #describe_regions = JSON.parse(describe_regions) | |
| #regions = [] | |
| #describe_regions["Regions"].each do |region| | |
| # regions << region["RegionName"] | |
| #end | |
| regions = ['us-west-1','us-west-2'] | |
| table = Text::Table.new | |
| table.head = [ 'Account', 'Region', 'VPN ID', 'VPN Name', 'Local TEPs', 'AWS TEPs', 'Tunnel 1 Inside IPs', 'Tunnel 2 Inside IPs' ] | |
| ACCOUNTS.each do |account_name, access_key_id, secret_access_key| | |
| regions.each do |region| | |
| ENV['AWS_ACCESS_KEY_ID'] = access_key_id | |
| ENV['AWS_SECRET_ACCESS_KEY'] = secret_access_key | |
| ENV['AWS_DEFAULT_REGION'] = region | |
| vpn_connections_json = capture("aws ec2 describe-vpn-connections") | |
| vpn_connections = JSON.parse(vpn_connections_json) | |
| vpn_connections["VpnConnections"].each do |vpn_conn| | |
| next unless vpn_conn['State'] == 'available' | |
| vpn_conn_id = vpn_conn['VpnConnectionId'] | |
| name_value = nil | |
| if vpn_conn['Tags'] | |
| name_tag = vpn_conn['Tags'].select{|tag|tag['Key']=='Name'} | |
| if name_tag.length == 1 | |
| name_value = name_tag.first['Value'] | |
| end | |
| end | |
| cgw_config = vpn_conn['CustomerGatewayConfiguration'] | |
| cgw_config_doc = Nokogiri::XML(cgw_config) | |
| # Inside IPs | |
| cgw_iip_1 = cgw_config_doc.xpath('//customer_gateway/tunnel_inside_address/ip_address')[0].text | |
| cgw_iip_2 = cgw_config_doc.xpath('//customer_gateway/tunnel_inside_address/ip_address')[1].text | |
| vpngw_iip_1 = cgw_config_doc.xpath('//vpn_gateway/tunnel_inside_address/ip_address')[0].text | |
| vpngw_iip_2 = cgw_config_doc.xpath('//vpn_gateway/tunnel_inside_address/ip_address')[1].text | |
| # Outside IPs | |
| cgw_oip_1 = cgw_config_doc.xpath('//customer_gateway/tunnel_outside_address/ip_address')[0].text | |
| cgw_oip_2 = cgw_config_doc.xpath('//customer_gateway/tunnel_outside_address/ip_address')[1].text | |
| vpngw_oip_1 = cgw_config_doc.xpath('//vpn_gateway/tunnel_outside_address/ip_address')[0].text | |
| vpngw_oip_2 = cgw_config_doc.xpath('//vpn_gateway/tunnel_outside_address/ip_address')[1].text | |
| table.rows << [ account_name, region, vpn_conn_id, name_value, slash(cgw_oip_1,cgw_oip_2), slash(vpngw_oip_1,vpngw_oip_2), slash(cgw_iip_1,vpngw_iip_1), slash(cgw_iip_2,vpngw_iip_2) ] | |
| end | |
| end | |
| end | |
| puts table.to_s |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment