in lib/waf-seed-ip.py [0:0]
def lambda_handler(event, context):
import logging
import boto3
import json
import cfnresponse
logging.getLogger().setLevel(logging.INFO)
resource_id = 'Seed-WAF-IPSet'
try:
logging.info('Input event: %s', event)
# Check if this is a Create and we're failing Creates
if event['RequestType'] == 'Create' and event['ResourceProperties'].get('FailCreate', False):
raise RuntimeError('Create failure requested')
if event['RequestType'] == 'Create':
client = boto3.client('lambda')
lambdaEvent = """{
"Records": [
{
"EventVersion": "1.0",
"EventSubscriptionArn": "arn:aws:sns:EXAMPLE",
"EventSource": "aws:sns",
"Sns": {
"SignatureVersion": "1",
"Timestamp": "1970-01-01T00:00:00.000Z",
"Signature": "EXAMPLE",
"SigningCertUrl": "EXAMPLE",
"MessageId": "95df01b4-ee98-5cb9-9903-4c221d41eb5e",
"Type": "Notification",
"UnsubscribeUrl": "EXAMPLE",
"TopicArn": "arn:aws:sns:EXAMPLE",
"Subject": "TestInvoke"
}
}
]
}"""
payload = json.loads(lambdaEvent)
payload['Records'][0]['Sns']['Message'] = '{\"create-time\": \"Intial Seed\", \"synctoken\": \"0123456789\", \"md5\": \"seed\", \"url\": \"https://ip-ranges.amazonaws.com/ip-ranges.json\"}'
response = client.invoke(
FunctionName=event['ResourceProperties']['LambdaARN'],
InvocationType='Event',
Payload=json.dumps(payload).encode()
)
logging.info(response)
cfnresponse.send(event, context, cfnresponse.SUCCESS, {}, resource_id)
except Exception as e:
logging.exception(e)
# cfnresponse's error message is always "see CloudWatch"
cfnresponse.send(event, context, cfnresponse.FAILED, {}, resource_id)