def invoke_lambda_function(next_url, config): """Invoke lambda function itself with next token to continually retrieve IOCs""" LOGGER.debug('This invoacation is invoked by lambda function self.') try: lambda_client = boto3.client('lambda', region_name=config['region']) lambda_client.invoke(FunctionName=config['function_name'], InvocationType='Event', Payload=json.dumps({'next_url': next_url}), Qualifier=config['qualifier']) except ClientError as err: LOGGER.error( 'Lambda client error: %s when lambda function invoke self', err) raise ThreatStreamLambdaInvokeError
def _get_api_creds(self): """Retrieve ThreatStream API credentials from Parameter Store""" try: ssm = boto3.client('ssm', self.region) response = ssm.get_parameters(Names=[self._PARAMETER_NAME], WithDecryption=True) except ClientError as err: LOGGER.error('SSM client error: %s', err) raise for cred in response['Parameters']: if cred['Name'] == self._PARAMETER_NAME: try: decoded_creds = json.loads(cred['Value']) self.api_user = decoded_creds['api_user'] self.api_key = decoded_creds['api_key'] except ValueError: LOGGER.error( 'Can not load value for parameter with ' 'name \'%s\'. The value is not valid json: ' '\'%s\'', cred['Name'], cred['Value']) raise ThreatStreamCredsError('ValueError') if not (self.api_user and self.api_key): LOGGER.error('API Creds Error') raise ThreatStreamCredsError('API Creds Error')
def _epoch_time(time_str, days=90): """Convert expiration time (in UTC) to epoch time Args: time_str (str): expiration time in string format Example: '2017-12-19T04:45:18.412Z' days (int): default expiration days which 90 days from now Returns: (int): Epoch time. If no expiration time presented, return to default value which is current time + 90 days. """ if not time_str: return int((datetime.utcnow() + timedelta(days) - datetime.utcfromtimestamp(0)).total_seconds()) try: utc_time = datetime.strptime(time_str, "%Y-%m-%dT%H:%M:%S.%fZ") return int( (utc_time - datetime.utcfromtimestamp(0)).total_seconds()) except ValueError: LOGGER.error('Cannot convert expiration date \'%s\' to epoch time', time_str) raise