amazon-web-servicesamazon-waf

Blocking of IP addresses into aws IP-SET


I have a file with a list of IP addresses. approx 4k I want to add that IP address list to the ip set that I have created in waf. Now I can list the ip set and looking at document I see that we can update as well. But it is not mentioned if can pass whole file with IP address or it has to be done individually

Any help is much apperiated .

aws wafv2 update-ip-set --scope=REGIONAL --name=blocked-ips --id=hdfjkdnsknf-jdbjhbds-879bjbj --addresses 12.33.44.5/32


Solution

  • You can do this with the CLI. The values should be specified in a JSON list:

    aws wafv2 update-ip-set --scope=REGIONAL --name=blocked-ips --id=REDACTED --lock-token=REDACTED --addresses="[\"11.11.11.11/32\", \"12.12.12.12/32\"]"

    However, it's important to mention that this action replaces the current IP set, not adds to it. If you want to add to the IP set, you will need to fetch the current contents, construct the new JSON array, and then do an update command.

    Edit: If you want to read from a file, assuming the file is formatted in a JSON document, you can do something like this: aws wafv2 update-ip-set --scope=REGIONAL --name=blocked-ips --id=REDACTED --lock-token=REDACTED --addresses="$(cat addresses.json | jq .)"

    The AWS CLI documentation page for update-ip-set has the full details.