def lambda_handler()

in lib/waf-update.py [0:0]

• 20 lines of code
• 7 McCabe index (conditional complexity)

def lambda_handler(event, context):
    # Set up logging
    if len(logging.getLogger().handlers) > 0:
        logging.getLogger().setLevel(logging.ERROR)
    else:
        logging.basicConfig(level=logging.DEBUG)

    # Set the environment variable DEBUG to 'true' if you want verbose debug details in CloudWatch Logs.
    try:
        if os.environ['DEBUG'] == 'true':
            logging.getLogger().setLevel(logging.INFO)
    except KeyError:
        pass

    try:
        # If you want a different service, set the SERVICE environment variable.
        # It defaults to CLOUDFRONT. Using 'jq' and 'curl' get the list of possible
        # services like this:
        # curl -s 'https://ip-ranges.amazonaws.com/ip-ranges.json' | jq -r '.prefixes[] | .service' ip-ranges.json | sort -u
        SERVICE = os.getenv('SERVICE', "CLOUDFRONT")

        message = json.loads(event['Records'][0]['Sns']['Message'])

        # Load the ip ranges from the url
        ip_ranges = json.loads(get_ip_groups_json(message['url'], message['md5']))

        # Extract the service ranges
        # global_cf_ranges = get_ranges_for_service(ip_ranges, SERVICE, "GLOBAL")
        # region_cf_ranges = get_ranges_for_service(ip_ranges, SERVICE, "REGION")
        all_cf_ranges = get_ranges_for_service(ip_ranges, SERVICE)

        # Update the IP set
        result = update_ip_set(SERVICE, message['create-time'], all_cf_ranges)

        return result

    except Exception as e:
        logging.exception(e)
        raise e