Optimize waf api calls

[sankeyraut]

WAF API Call Optimization

Problem Statement

The AWS WAF Security Automations solution was experiencing throttling issues when processing large numbers of IP addresses. This was due to redundant API calls being made to the AWS WAF service, particularly in the waflibv2.py module.

Changes Made

1. Optimized the update_ip_set function in waflibv2.py to eliminate redundant get_ip_set calls after updates
2. Updated the return value to use the API response directly
3. Updated logging to use information already available in the response

Benefits

• Reduces the number of API calls to AWS WAF by approximately 50% during IP set updates
• Prevents throttling issues when processing large numbers of IP addresses
• Maintains the same functionality and behavior

Test Results

All unit tests have been run successfully, confirming that the changes do not break any existing functionality:

Component	Tests Passed	Coverage
BadBot Access Handler	3	62%
Custom Resource	32	81%
Helper	15	97%
IP Retention Handler	18	87%
Log Parser	28	89%
Reputation Lists Parser	3	75%
Timer	1	80%
Total	100	Average: 81.6%

Implementation Details

The key change was in the update_ip_set function in waflibv2.py. Previously, this function would:

1. Call update_ip_set API
2. Call get_ip_set API to retrieve the updated IP set
3. Return the result of get_ip_set

The optimized version now:

1. Calls update_ip_set API
2. Uses the response from update_ip_set directly
3. Returns the necessary information without making an additional API call

This change significantly reduces API calls while maintaining the same functionality.