Geofeed for AWS (AS16509) as defined in datatracker.ietf.org/doc/html/rfc8805.
A geofeed, sometimes also called geolocation feed, is a data format laid out in RFC 8805. It is used by network operators to provide geolocation information for their IP prefixes. This enables IP address databases to be updated and improved with very little hassle on either end.
While AWS publishes information about it's IP address ranges in its ip-ranges.json file, it uses a proprietary format to do so and also lacks detailed location information.
This Geofeed generator ingests the data from the ip-ranges.json file and coverts it to an RFC8805-compliant feed.
If you enjoy this work, please consider sponsoring:
This Geofeed generator uses the publicly available data from the AWS ip-ranges.json file to map an IP prefix to a location. While AWS only provides a location name such as us-east-1 for a prefix, a custom location mapping converts this identified into an RFC8805-compliant identifier of US,US-VA,Ashburn,.
AWS includes detailed location information within the name of some AWS Regions, such as Europe (Frankfurt) for the eu-central-1 Region. Here it is very trivial to convert such a location to the RFC8805-compliant identifier of DE,DE-HE,Frankfurt,. In other cases, the AWS Region name only specifies a geographical region, such as Northern Virginia for US East (N. Virginia) as the name for the identifier us-east-1.
In these cases some additional research through openly available data is necessary to add a more accurate location. This openly available data can include AWS blog posts or AWS job postings.
Mapping of IP address ranges to locations is done by "Network Border Groups", which is a unique set of Availability Zones, Local Zones, or Wavelength Zones from where AWS advertises IP addresses. IP addresses can't move between network border groups.
Updates are triggered via Amazon SNS, when AWS makes changes to the ip-ranges.json list.