Find Who owns the Private IP in AWS | DevOps Junction

Updated on:

At times of troubleshooting an issue or doing a forensic on a security incident in your AWS account.  Finding who owns Private IP plays a major role.

Do you know Almost all the AWS resources like Load Balancers, RDS, EFS has their own private IP address.

So how to find out which resource owns this Private IP in AWS.

 

Most of the time the IP Address you are seeing in the VPC flow logs (or)  web server or ALB access log does not match to any EC2 instance private IP address.

So it gives a huge list of private IP addresses to look into.

One way to list all your Private IP address is to list your network interfaces  using the aws CLI

aws ec2 describe-network-interfaces

My favourite is to use awless  a wonderful CLI tool for AWS administration and reporting

you can learn more about awless here

awless list networkinterfaces -p prod

But if you want to be real quick about it and find out more detailed information about a single private IP address

you can use the following AWS CLI command with your private ip address on the filter.

aws ec2 describe-network-interfaces – filters Name=addresses.public-ip-address,Values=<private ip>

This would give a detailed result on who owns the IP address and their name etc. If it is a EC2 instance (or) Load Balancer etc.

Hope this helps.

Cheers

Sarav AK

Follow me on Linkedin My Profile
Follow DevopsJunction onFacebook orTwitter
For more practical videos and tutorials. Subscribe to our channel

Buy Me a Coffee at ko-fi.com

Signup for Exclusive "Subscriber-only" Content

 

More from Middleware Inventory

  • Ansible get ip address of current host or target

    How to get the IP address of the current or remote host in Ansible. That's the question, this article is going to address. While running a Playbook you might have had a requirement where you need to get the IP address of the connected and current remote host.  There are…

  • AWS change instance type - From Console or AWS CLI

    How to Change AWS Instance Type or EC2 instance type is more interesting and frequently asked question by many AWS Professionals. We create EC2 instances as t2, t3.micro but soon we realize that our requirements just got bigger for good and we need more CPU and RAM on our instance.…

  • AWS CLI EFS List
    AWS CLI List EFS Filesystem sort by Size

    In this post we are going to see an aws cli command to list elastic file systems sorted by Size in ascending or descending order. While am sharing all the new tricks in AWS CLI I come across. this is something I have learnt recently There is a dedicated post…

  • AWS CLI EC2 Stop and Terminate command Examples

    In AWS infrastructure, We create a lot of EC2 instances on demand and we tend to forget about the stopped instances considering that it is stopped and not being billed for. But the fact is that Even the stopped instances would cost you a couple of pennies in various forms…

  • AWS EC2 CLI List Examples - Describe instances | Devops Junction

    AWS CLI is a very great help when it comes to efficiently managing your AWS Cloud Infrastructure and your EC2 instances. While we are managing our AWS Infrastructure,  we cannot always afford to login to the AWS console all the time and it is not recommended from the security perspective…