NodeJS Lambda区域晶圆IPSetID

Question

我是新的NodeJS，并试图改变这个由亚马逊网络服务提供的信誉列表更新的样本，但它只适用于CloudFront全球区域。

https://github.com/awslabs/aws-waf-sample/tree/master/waf-reputation-lists

我已经对CloudFormation进行了更改，以创建区域IPSetID，但是该函数在IPSetID不存在的情况下退出。我假设这是因为SDK正在查看全局而不是区域，即eu-west-1，因此我在配置中设置了区域，但仍然无法定位IPSet。

var aws = require('aws-sdk');

// configure API retries
aws.config.update({
    region:'eu-west-1',
    maxRetries: 3,
    retryDelayOptions: {
        base: 1000
    }
});
var waf = new aws.WAF();

我看到了最近的一个问题(AWS WAF update ip sets and rules specific to a region from lambda)，它显示了网址的差异，但我不知道从哪里开始更新网址？

Error getting IP sets { [WAFNonexistentItemException: The referenced item does not exist.]
          message: 'The referenced item does not exist.',
          code: 'WAFNonexistentItemException',
          statusCode: 400,
          retryable: false,
          retryDelay: 162.11187234148383 }

    Error getting ranges and/or IP sets { [WAFNonexistentItemException: The referenced item does not exist.]
          message: 'The referenced item does not exist.',
          code: 'WAFNonexistentItemException',
          statusCode: 400,
          retryable: false,
          retryDelay: 162.11187234148383 }


        {
          "errorMessage": "The referenced item does not exist.",
          "errorType": "WAFNonexistentItemException",
          "stackTrace": [
            "Request.extractError (/var/task/node_modules/aws-sdk/lib/protocol/json.js:48:27)",
            "Request.callListeners (/var/task/node_modules/aws-sdk/lib/sequential_executor.js:105:20)",
            "Request.emit (/var/task/node_modules/aws-sdk/lib/sequential_executor.js:77:10)",
            "Request.emit (/var/task/node_modules/aws-sdk/lib/request.js:682:14)",
            "Request.transition (/var/task/node_modules/aws-sdk/lib/request.js:22:10)",
            "AcceptorStateMachine.runTo (/var/task/node_modules/aws-sdk/lib/state_machine.js:14:12)",
            "/var/task/node_modules/aws-sdk/lib/state_machine.js:26:10",
            "Request.<anonymous> (/var/task/node_modules/aws-sdk/lib/request.js:38:9)",
            "Request.<anonymous> (/var/task/node_modules/aws-sdk/lib/request.js:684:12)",
            "Request.callListeners (/var/task/node_modules/aws-sdk/lib/sequential_executor.js:115:18)"
          ]
        }

Answer 1

您应该确保您拥有支持区域WAF的aws-sdk的更新版本。使用类似于以下代码的代码更改行var waf = new aws.WAF()；。

var readline = require('readline');
var aws = require('aws-sdk');
var https = require('https');
var async = require('async');

    // configure API retries
    aws.config.update({
        region:'eu-west-1',
        maxRetries: 3,
        retryDelayOptions: {
            base: 1000
        }
    });
    var waf = new aws.WAFRegional();
    var cloudwatch = new aws.CloudWatch();
    var cloudformation = new aws.CloudFormation();

我使用的版本如下所示，并使其正常工作。(来自package.json节点配置文件)

{
  "name": "reputation-lists-parser",
  "version": "1.0.0",
  "description": "",
  "main": "reputation-lists-parser.js",
  "dependencies": {
    "aws-sdk": "^2.76.0",
    "async": "^2.4.1",
    "xml2js": "^0.4.17"
  }
}

您可能需要将包含代码的整个zip文件加载到AWS Lambda中。

我使用了https://github.com/itopiacloud/aws-waf-regional-security-automations中包含的代码来帮助我实现这一点。