Extra Credit: Pull all EIPs attached to ENIs
OK, so last night we pulled a dump of all the DNS entries in an AWS account. Extra credit on that post was a list of all Public IPs attached to ENIs. This takes a little more than a single line, but still easily scripted:
regions=$(aws ec2 describe-regions | jq '.Regions[].RegionName' | sed s/\"//g)
for region in $regions; do
aws ec2 describe-network-interfaces --region $region --no-paginate --query 'NetworkInterfaces[].Association.PublicIp' | jq 'sort_by(.)' | sed -E 's/\[|\]|"|,//g' >> /tmp/eips.txt;
done
Next we have to find out if any of these have A records in our domains. This is easily done with Grep:
for ip in `cat /tmp/eips.txt`; do grep $ip /tmp/*.zone; done
Easy-peasy! Note that this is only A records. You could get fancy and get the AWS assigned DNS for each IP and grep for that too, but this is outside today's task.