Last active
November 5, 2024 17:38
-
-
Save rams3sh/4858d5150acba5383dd697fda54dda2c to your computer and use it in GitHub Desktop.
Common AWS Related Regex (AWS)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
ARN Base Pattern :- | |
arn:<aws_parition>:<aws_service>:[<aws_region>]:<account_id>:<root | resource_type>:/<resource_name>[/<sub_resource_names>...] | |
i. <aws_partition> | |
Regex - (aws|aws-us-gov|aws-cn) | |
ii. <aws_service> - No fixed pattern | |
iii. <aws_region> - No fixed pattern | |
Most of the regions occur in combination of 2 letter followed by "-" followed by a combination of direction based word , followed by a "-" and then a digit. | |
Ref : AWS' regions are listed here https://aws.amazon.com/about-aws/global-infrastructure/regions_az | |
General Regex - (af|ap|ca|eu|me|sa|us)-(central|north|(north(?:east|west))|south|south(?:east|west)|east|west)-\d+ | |
Note: Availability Zone - Since AZ has a letter added to a region, it can be of following regex:- | |
(af|ap|ca|eu|me|sa|us)-(central|north|(north(?:east|west))|south|south(?:east|west)|east|west)-\d+[a-z]{1} | |
iv. <account_id> - Its a 12 digit number | |
Regex - \d{12} | |
v. <resource_type>, <resource_name> and <sub-resources> ... do not have a standard convention. | |
Below , I have tried capturing things that I have encountered as part of my daily operations. | |
Service Specific Regex:- | |
IAM | |
Paths have not been considered in below regex. It adds up to more complexity. | |
1. User:- | |
i. Arn | |
Ref : https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html | |
Regex : ^(?:\d{12}|(arn:(aws|aws-us-gov|aws-cn):iam::\d{12}(?:|:(?:root|user\/[0-9A-Za-z\+\.@_,-]{1,64}))))$ | |
Note: The above regex will also accomodate 12 digit account number as root can also be represented with the account number. | |
Pure User ARN (without considering account number alone) : ^(arn:(aws|aws-us-gov|aws-cn):iam::\d{12}(?:|:(?:root|user\/[0-9A-Za-z\+\.@_,-]{1,64})))$ | |
Pure User ARN(without considering root or account number): ^(arn:(aws|aws-us-gov|aws-cn):iam::\d{12}:user\/[0-9A-Za-z\+\.@_,-]{1,64})$ | |
ii. ID | |
Ref: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html | |
Regex: AIDA[A-Z0-9]{1,124} |
@swirle13 Thanks for the suggestion. I will take a look at it.
Also this file is more of just a rough txt file which I have kept for reference. You can give an extension of .txt and open in a text editor. Its not markdown.
here is an updated version with an automatic test:
import botocore, json, re
REGEXP = '(af|il|ap|ca|eu|me|sa|us|cn|us-gov|us-iso|us-isob)-(central|north|(north(?:east|west))|south|south(?:east|west)|east|west)-\d{1}'
regions = []
json_file = botocore.__file__.replace('__init__.py', 'data/endpoints.json')
for parition in json.load(open(json_file))['partitions']:
regions += list(parition['regions'].keys())
for region in regions:
print(region, 'match' if re.match(REGEXP, region) else 'ERROR')
in Jan 2024 this gives:
af-south-1 match
ap-east-1 match
ap-northeast-1 match
ap-northeast-2 match
ap-northeast-3 match
ap-south-1 match
ap-south-2 match
ap-southeast-1 match
ap-southeast-2 match
ap-southeast-3 match
ap-southeast-4 match
ca-central-1 match
eu-central-1 match
eu-central-2 match
eu-north-1 match
eu-south-1 match
eu-south-2 match
eu-west-1 match
eu-west-2 match
eu-west-3 match
il-central-1 match
me-central-1 match
me-south-1 match
sa-east-1 match
us-east-1 match
us-east-2 match
us-west-1 match
us-west-2 match
cn-north-1 match
cn-northwest-1 match
us-gov-east-1 match
us-gov-west-1 match
us-iso-east-1 match
us-iso-west-1 match
us-isob-east-1 match
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
What format is this file supposed to be? It has no file extension and looks like markdown, but it doesn't behave well with a markdown previewer.
Regions regex is missing additional regions:
cn
,il
,us-gov
,us-iso
,us-isob
e.g.
cn-north-1, cn-northwest-1
il-central-1
us-gov-east-1, us-gov-west-1
us-iso-east-1
us-isob-east-1
You can find the updated list in any SDK reference sheet, like this one: https://docs.aws.amazon.com/sdk-for-go/api/aws/endpoints/#pkg-constants