Prerequisits
LAMBDA Functon need ACL Permissions via Role.
import json | |
import socket | |
import urllib3 | |
import boto3 | |
def lambda_handler(event, context): | |
ec2 = boto3.resource('ec2') | |
network_acl = ec2.NetworkAcl('<acl-id>') | |
domains = ["myjino.com", "myjino.ru"] | |
ips = [] | |
rule = 1 | |
for domain in domains: | |
ip = socket.gethostbyname_ex(domain) | |
ips.append(ip[2]) | |
print (ip) | |
for n in ips: | |
print(n[0]) | |
try: | |
response = network_acl.delete_entry( | |
DryRun=False, | |
Egress=True, | |
RuleNumber=rule | |
) | |
except: | |
print("No Rules Found") | |
finally: | |
print("The 'try except' is finished") | |
response = network_acl.create_entry( | |
CidrBlock= n[0]+'/32', | |
DryRun=False, | |
Egress=True, | |
IcmpTypeCode={ | |
'Code': 123, | |
'Type': 123 | |
}, | |
PortRange={ | |
'From': 123, | |
'To': 123 | |
}, | |
Protocol='-1', | |
RuleAction='deny', | |
RuleNumber=rule | |
) | |
rule = rule + 1 | |
return |