How to add one IP in ip-set using aws wafv2 cli?

aws-cli

In waf-regional you can actually insert an IP in existing set but how I can do the same thing in WAFv2?

When I tried to do that it replaces the whole IP-set, I just want to add one IP in existing IP-set


Solution 1:

You can't. The API was changed such that you cannot do delta change anymore.

You would need to do get-ip-set, make changes to the returned JSON model, and then call update-ip-set.

Solution 2:

After some research, I was able to do this with the existing API. Assign the values to all variables in starting of the script

# Get IP set
aws wafv2 get-ip-set --name=$NAME --scope REGIONAL --id=$ID --region $REGION > /root/IP_SET_OUTPUT

# Get token from the JSON
LOCK_TOKEN=$(jq -r '.LockToken' /root/IP_SET_OUTPUT)

# Get IP list from the JSON
arr=( $(jq -r '.IPSet.Addresses[]' /root/IP_SET_OUTPUT) )

# Add our ip to the list
arr+=( "${IP}/${BLOCK}" )

echo "${arr[@]}"

# Update IP set
aws wafv2 update-ip-set --name=$NAME --scope=REGIONAL --id=$ID --addresses "${arr[@]}" --lock-token=$LOCK_TOKEN --region=$REGION

Related

In EU4, is there any way to set my ship to auto explore with an explorer?
Is it possible to train on bosses using weapons other than the dagger?
Minecraft won't run on my son's new laptop [closed]
I want to install Steam on two different locations
How can I escape being pinned by monsters?
How to drain the well with the Song of Storms
Which god do I serve?
Is it possible to get a physical copy of Rocket League?
How can I turn a rare item into a rare magic item?
Is it possible to remove turn limits in multi-player games?
If I delete a game I downloaded, can I reinstall it later?
What's the most powerful attack in Overwatch when all possible buffs are stacked?