in templates/aws-cloudfront-waf/source/reputation_lists_parser/reputation-lists.py [0:0]
def lambda_handler(event, context):
log = logging.getLogger()
log.info('[lambda_handler] Start')
responseStatus = 'SUCCESS'
reason = None
responseData = {}
result = {
'StatusCode': '200',
'Body': {'message': 'success'}
}
log_level = str(os.getenv('LOG_LEVEL').upper())
if log_level not in ['DEBUG', 'INFO', 'WARNING', 'ERROR', 'CRITICAL']:
log_level = 'ERROR'
log.setLevel(log_level)
current_list = []
try:
scope = os.getenv('SCOPE')
ipset_name_v4 = os.getenv('IP_SET_NAME_REPUTATIONV4')
ipset_name_v6 = os.getenv('IP_SET_NAME_REPUTATIONV6')
ipset_arn_v4 = os.getenv('IP_SET_ID_REPUTATIONV4')
ipset_arn_v6 = os.getenv('IP_SET_ID_REPUTATIONV6')
URL_LIST = os.getenv('URL_LIST')
url_list = json.loads(URL_LIST)
log.info("SCOPE = %s", scope)
log.info("ipset_name_v4 = %s", ipset_name_v4)
log.info("ipset_name_v6 = %s", ipset_name_v6)
log.info("ipset_arn_v4 = %s", ipset_arn_v4)
log.info("ipset_arn_v6 = %s", ipset_arn_v6)
log.info("URLLIST = %s", url_list)
except Exception as e:
log.error(e)
raise
try:
for info in url_list:
try:
if("prefix" in info):
current_list = read_url_list(log, current_list, info["url"], info["prefix"])
else:
current_list = read_url_list(log, current_list, info["url"])
except:
log.error("URL info not valid %s", info)
current_list = sorted(current_list, key=str)
current_list = process_url_list(log, current_list)
populate_ipsets(log, scope, ipset_name_v4, ipset_name_v6, ipset_arn_v4, ipset_arn_v6, current_list)
send_anonymous_usage_data(log, scope)
except Exception as error:
log.error(str(error))
responseStatus = 'FAILED'
reason = str(error)
result = {
'statusCode': '400',
'body': {'message': reason}
}
finally:
log.info('[lambda_handler] End')
if 'ResponseURL' in event:
resourceId = event['PhysicalResourceId'] if 'PhysicalResourceId' in event else event['LogicalResourceId']
log.info("ResourceId %s", resourceId)
send_response(log, event, context, responseStatus, responseData, resourceId, reason)
return json.dumps(result)