in lambda/guardduty_to_acl_lambda.py [0:0]
def waf_update_ip_set(ip_set_name, ip_set_id, ip_set_scope, source_ips):
logger.info('log -- creating waf object')
waf = boto3.client('wafv2')
for attempt in range(API_CALL_NUM_RETRIES):
try:
response = waf.update_ip_set(
Name = ip_set_name,
Id = ip_set_id,
Scope = ip_set_scope,
LockToken = get_ip_set(ip_set_name, ip_set_id, ip_set_scope)['LockToken'],
Addresses=source_ips
)
logger.info("log -- waf_update_ip_set %s IP %s - type %s successfully..." % (ip_set_id, source_ips, ip_set_scope))
except Exception as e:
logger.error(e)
delay = math.pow(2, attempt)
logger.info("log -- waf_update_ip_set retrying in %d seconds..." % (delay))
time.sleep(delay)
else:
break
else:
logger.error("log -- waf_update_ip_set failed ALL attempts to call WAF API")