Created
May 13, 2019 21:37
-
-
Save rms1000watt/6559e99356eb66f20a58cd04968c29bf to your computer and use it in GitHub Desktop.
Script to update WAF with a bunch of IP Addresses from file
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| if [[ ! -f ips.txt ]]; then | |
| echo "ERROR: missing file ./ips.txt" | |
| exit 1 | |
| fi | |
| if [[ ! ${1} ]]; then | |
| echo "ERROR: ip-set-id not provided as \${1}" | |
| exit 1 | |
| fi | |
| ipSetID=${1} | |
| echo "ip-set-id=$ipSetID" | |
| echo "Formatting command from ./ips.txt" | |
| echo "[" > ips.json | |
| while read -r ip; do | |
| cat << EOF >> ips.json | |
| { | |
| "Action": "INSERT", | |
| "IPSetDescriptor": | |
| { | |
| "Type": "IPV4", | |
| "Value": "${ip}/32" | |
| } | |
| } | |
| , | |
| EOF | |
| done < ips.txt | |
| sed -i '' -e '$ d' ips.json | |
| echo "]" >> ips.json | |
| jq '.' ips.json > _.json | |
| mv _.json ips.json | |
| aws waf-regional update-ip-set \ | |
| --ip-set-id "${ipSetID}" \ | |
| --updates file://ips.json \ | |
| --change-token "$(aws waf-regional get-change-token | jq '.ChangeToken' | tr -d '\"')" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment