![\"\"](\"https:\/\/artem.services\/wp-content\/uploads\/2018\/11\/AWS-Logo.png\"){kind=logo}
<\/p>\n<\/p>\n
\u0420\u0430\u0437\u0440\u0435\u0448\u0438\u0442\u044c \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043d\u0430 \u0447\u0442\u0435\u043d\u0438\u0435 \u0434\u043b\u044f \u0432\u0441\u0435\u0445 \u043e\u0431\u044a\u0435\u043a\u0442\u043e\u0432 \u0432 S3<\/strong> \u043a\u043e\u0440\u0437\u0438\u043d\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f VPN<\/strong> \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435, \u0434\u043b\u044f \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f \u0441 \u043c\u0438\u0440\u0430 \u043e\u0431\u044a\u0435\u043a\u0442\u044b \u0434\u043e\u043b\u0436\u043d\u044b \u0431\u044b\u0442\u044c \u043d\u0435 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u043c\u0438. \u0412 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0441\u0435\u0440\u0432\u0438\u0441\u0430 VPN<\/strong> \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f OpenVPN<\/strong>, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0440\u0430\u0437\u0432\u0435\u0440\u043d\u0443\u0442 \u0433\u0434\u0435 \u0443\u0433\u043e\u0434\u043d\u043e, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u0440\u0430\u0437\u0440\u0435\u0448\u0430\u044e\u0449\u0438\u0435 \u043f\u0440\u0430\u0432\u0438\u043b\u043e \u0431\u0443\u0434\u0435\u043c \u0441\u0442\u0440\u043e\u0438\u0442\u044c \u043d\u0430 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 IP<\/strong> \u0430\u0434\u0440\u0435\u0441\u0430.<\/p>\n <\/p>\n \u0414\u043b\u044f \u043d\u0430\u0447\u0430\u043b\u0430 \u043d\u0443\u0436\u043d\u043e \u0443\u0437\u043d\u0430\u0442\u044c \u0441\u043f\u0438\u0441\u043e\u043a \u0441\u0435\u0442\u0435\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043e\u0442\u043d\u043e\u0441\u044f\u0442\u0441\u044f \u043a \u044d\u043d\u0434\u043f\u043e\u0438\u043d\u0442\u0430\u043c S3<\/strong> \u0441\u0435\u0440\u0432\u0438\u0441\u0430 \u0432 \u043d\u0443\u0436\u043d\u043e\u043c \u043d\u0430\u043c \u0440\u0435\u0433\u0438\u043e\u043d\u0435, \u0447\u0442\u043e\u0431\u044b \u043d\u0435 \u0437\u0430\u0432\u043e\u0440\u0430\u0447\u0438\u0432\u0430\u0442\u044c \u0432\u0435\u0441\u044c \u0442\u0440\u0430\u0444\u0444\u0438\u043a \u0447\u0435\u0440\u0435\u0437 VPN<\/strong>. \u0414\u043b\u044f \u044d\u0442\u043e \u0441\u043a\u0430\u0447\u0438\u0432\u0430\u0435\u043c \u0430\u043a\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0439 \u0441\u043f\u0438\u0441\u043e\u043a \u0441\u0435\u0442\u0435\u0439<\/a> \u0438 \u043f\u0430\u0440\u0441\u0438\u043c \u0435\u0433\u043e:<\/p>\n <\/p>\n \u0413\u0434\u0435, "eu-central-1<\/strong>" \u0440\u0435\u0433\u0438\u043e\u043d, \u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u043c \u043d\u0430\u0445\u043e\u0434\u0438\u0442\u0441\u044f \u043d\u0443\u0436\u043d\u0430\u044f S3 \u043a\u043e\u0440\u0437\u0438\u043d\u0430.<\/p><\/blockquote>\n <\/p>\n \u0412\u044b \u0434\u043e\u043b\u0436\u043d\u044b \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442 \u0432\u0438\u0434\u0430:<\/p>\n <\/p>\n \u0422\u0435\u043f\u0435\u0440\u044c \u043f\u0435\u0440\u0435\u0432\u043e\u0434\u0438\u043c \u043c\u0430\u0441\u043a\u0443 \u043f\u043e\u0434\u0441\u0435\u0442\u0438 \u0432 4-\u0445 \u0431\u0430\u0439\u0442\u043d\u044b\u0439 \u0444\u043e\u0440\u043c\u0430\u0442 \u0438 \u0434\u043e\u0431\u0430\u0432\u043b\u044f\u0435\u043c \u0432 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044e OpenVPN<\/strong> \u0441\u0435\u0440\u0432\u0435\u0440\u0430, \u043a\u0430\u043a "push<\/strong>" \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u044b:<\/p>\n <\/p>\n \u041f\u0435\u0440\u0435\u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0435\u043c \u0441\u0435\u0440\u0432\u0438\u0441 OpenVPN<\/strong> \u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u0438 \u043f\u043e\u0441\u043b\u0435 \u043f\u0435\u0440\u0435\u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f \u043c\u044b \u0434\u043e\u043b\u0436\u043d\u044b \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0441\u043f\u0438\u0441\u043e\u043a \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u044b\u0445 \u0441\u0435\u0442\u0435\u0439 \u0438 \u0442\u0440\u0430\u0444\u0444\u0438\u043a \u0431\u0443\u0434\u0435\u0442 \u0438\u0434\u0442\u0438 \u0447\u0435\u0440\u0435\u0437 VPN<\/strong> \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435.<\/p>\n <\/p>\n \u0422\u0435\u043f\u0435\u0440\u044c \u043e\u0441\u0442\u0430\u043b\u043e\u0441\u044c \u0434\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0443\u044e \u043f\u043e\u043b\u0438\u0442\u0438\u043a\u0443 \u043a S3<\/strong> \u043a\u043e\u0440\u0437\u0438\u043d\u0435:<\/p>\n <\/p>\n \u0413\u0434\u0435, "artem-services<\/strong>" — \u0438\u043c\u044f S3<\/strong> \u043a\u043e\u0440\u0437\u0438\u043d\u044b, \u0430 "1.2.3.4<\/strong>" — IP<\/strong> \u0430\u0434\u0440\u0435\u0441 OpenVPN<\/strong> \u0441\u0435\u0440\u0432\u0435\u0440\u0430.<\/p><\/blockquote>\n","protected":false},"excerpt":{"rendered":" \u0426\u0435\u043b\u044c: \u0420\u0430\u0437\u0440\u0435\u0448\u0438\u0442\u044c \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043d\u0430 \u0447\u0442\u0435\u043d\u0438\u0435 \u0434\u043b\u044f \u0432\u0441\u0435\u0445 \u043e\u0431\u044a\u0435\u043a\u0442\u043e\u0432 \u0432 S3 \u043a\u043e\u0440\u0437\u0438\u043d\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f VPN \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435, \u0434\u043b\u044f \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f \u0441 \u043c\u0438\u0440\u0430 \u043e\u0431\u044a\u0435\u043a\u0442\u044b \u0434\u043e\u043b\u0436\u043d\u044b \u0431\u044b\u0442\u044c \u043d\u0435 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u043c\u0438. \u0412 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0441\u0435\u0440\u0432\u0438\u0441\u0430 VPN \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f OpenVPN, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0440\u0430\u0437\u0432\u0435\u0440\u043d\u0443\u0442 \u0433\u0434\u0435 \u0443\u0433\u043e\u0434\u043d\u043e, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u0440\u0430\u0437\u0440\u0435\u0448\u0430\u044e\u0449\u0438\u0435 \u043f\u0440\u0430\u0432\u0438\u043b\u043e \u0431\u0443\u0434\u0435\u043c \u0441\u0442\u0440\u043e\u0438\u0442\u044c \u043d\u0430 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 IP \u0430\u0434\u0440\u0435\u0441\u0430. \u0414\u043b\u044f \u043d\u0430\u0447\u0430\u043b\u0430 \u043d\u0443\u0436\u043d\u043e \u0443\u0437\u043d\u0430\u0442\u044c \u0441\u043f\u0438\u0441\u043e\u043a \u0441\u0435\u0442\u0435\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043e\u0442\u043d\u043e\u0441\u044f\u0442\u0441\u044f … \u041f\u0440\u043e\u0434\u043e\u043b\u0436\u0438\u0442\u044c \u0447\u0438\u0442\u0430\u0442\u044c "AWS — S3: \u0420\u0430\u0437\u0440\u0435\u0448\u0438\u0442\u044c \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043e\u0431\u044a\u0435\u043a\u0442\u0430\u043c \u0447\u0435\u0440\u0435\u0437 VPN"<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[24],"tags":[25,12,35,1769],"_links":{"self":[{"href":"https:\/\/artem.services\/index.php?rest_route=\/wp\/v2\/posts\/2172"}],"collection":[{"href":"https:\/\/artem.services\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/artem.services\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/artem.services\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/artem.services\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2172"}],"version-history":[{"count":3,"href":"https:\/\/artem.services\/index.php?rest_route=\/wp\/v2\/posts\/2172\/revisions"}],"predecessor-version":[{"id":2175,"href":"https:\/\/artem.services\/index.php?rest_route=\/wp\/v2\/posts\/2172\/revisions\/2175"}],"wp:attachment":[{"href":"https:\/\/artem.services\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2172"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/artem.services\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2172"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/artem.services\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2172"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}\r\njq '.prefixes[] | select(.region=="eu-central-1") | select(.service=="S3") | .ip_prefix' < ip-ranges.json\r\n<\/pre>\n
\r\n"52.219.170.0\/23"\r\n"52.219.168.0\/24"\r\n"3.5.136.0\/22"\r\n"52.219.72.0\/22"\r\n"52.219.44.0\/22"\r\n"52.219.169.0\/24"\r\n"52.219.140.0\/24"\r\n"54.231.192.0\/20"\r\n"3.5.134.0\/23"\r\n"3.65.246.0\/28"\r\n"3.65.246.16\/28"\r\n<\/pre>\n
\r\npush "route 52.219.170.0 255.255.254.0"\r\npush "route 52.219.168.0 255.255.255.0"\r\npush "route 3.5.136.0 255.255.252.0"\r\npush "route 52.219.72.0 255.255.252.0"\r\npush "route 52.219.44.0 255.255.252.0"\r\npush "route 52.219.169.0 255.255.255.0"\r\npush "route 52.219.140.0 255.255.255.0"\r\npush "route 54.231.192.0 255.255.240.0"\r\npush "route 3.5.134.0 255.255.254.0"\r\npush "route 3.65.246.0 255.255.255.240"\r\npush "route 3.65.246.16 255.255.255.240"\r\n<\/pre>\n
\r\n{\r\n "Version": "2012-10-17",\r\n "Statement": [\r\n {\r\n "Sid": "Allow only from VPN",\r\n "Effect": "Allow",\r\n "Principal": "*",\r\n "Action": [\r\n "s3:GetObject",\r\n "s3:ListBucket"\r\n ],\r\n "Resource": [\r\n "arn:aws:s3:::artem-services",\r\n "arn:aws:s3:::artem-services\/*"\r\n ],\r\n "Condition": {\r\n "IpAddress": {\r\n "aws:SourceIp": "1.2.3.4"\r\n }\r\n }\r\n }\r\n ]\r\n}\r\n<\/pre>\n