AWS CLI 命令/JMESPATH 查询问题
Issue with AWS CLI commands / JMESPATH query
你们中的任何人都可以帮助我确定部分中的 CLI 命令 /JMESPATH 查询的问题 - “什么不工作?”下面
P.S。 JSON 下面给出的输出是有效的,您可以使用输出在 JMESPATH.org
上测试它的 JMESPATH 查询部分
什么有效?
1) aws ec2 describe-security-groups --query SecurityGroups[?GroupId=='sg-0a26abc0a00000000'].IpPermissions[]
2) aws ec2 describe-security-groups --query SecurityGroups[?GroupId=='sg-0a26abc0a00000000'].IpPermissions[].FromPort
3) aws ec2 describe-security-groups --query SecurityGroups[?GroupId=='sg-0a26abc0a00000000'].IpPermissions[].IpProtocol
什么不起作用?
1) aws ec2 describe-security-groups --query SecurityGroups[?GroupId=='sg-0a26abc0a00000000'].IpPermissions[?IpProtocol=='tcp'].IpProtocol
2) aws ec2 describe-security-groups --query SecurityGroups[?GroupId=='sg-0a26abc0a00000000'].IpPermissions[?FromPort=='22'].FromPort
JSON 输出
{
"SecurityGroups": [
{
"Description": "default VPC security group",
"GroupName": "default",
"IpPermissions": [
{
"IpProtocol": "-1",
"IpRanges": [],
"Ipv6Ranges": [],
"PrefixListIds": [],
"UserIdGroupPairs": [
{
"GroupId": "sg-06d7c8d3300000000",
"UserId": "400000000000"
}
]
}
],
"OwnerId": "400000000000",
"GroupId": "sg-06d7c000000000000",
"IpPermissionsEgress": [
{
"IpProtocol": "-1",
"IpRanges": [
{
"CidrIp": "0.0.0.0/0"
}
],
"Ipv6Ranges": [],
"PrefixListIds": [],
"UserIdGroupPairs": []
}
],
"VpcId": "vpc-0d26c7ba200000000"
},
{
"Description": "BastionSG",
"GroupName": "BastionSG",
"IpPermissions": [
{
"FromPort": 22,
"IpProtocol": "tcp",
"IpRanges": [
{
"CidrIp": "0.0.0.0/0"
}
],
"Ipv6Ranges": [],
"PrefixListIds": [],
"ToPort": 22,
"UserIdGroupPairs": []
}
],
"OwnerId": "400000000000",
"GroupId": "sg-0a26abc0a00000000",
"IpPermissionsEgress": [
{
"IpProtocol": "-1",
"IpRanges": [
{
"CidrIp": "0.0.0.0/0"
}
],
"Ipv6Ranges": [],
"PrefixListIds": [],
"UserIdGroupPairs": []
}
],
"VpcId": "vpc-0d26c7ba200000000"
}
]
}
Expected/Actual 结果
aws ec2 describe-security-groups --query SecurityGroups[?GroupId=='sg-0a26abc0a00000000'].IpPermissions[?IpProtocol=='tcp'].IpProtocol
结果
预期 - tcp,实际 - Returns 无结果
aws ec2 describe-security-groups --query SecurityGroups[?GroupId=='sg-0a26abc0a00000000'].IpPermissions[?FromPort=='22'].FromPort
结果
预期 - 22,实际 - Returns 无结果
SecurityGroups[?GroupId=='sg-0a26abc0a00000000'].IpPermissions[] | [?IpProtocol=='tcp'].IpProtocol | [0]
SecurityGroups[?GroupId=='sg-0a26abc0a00000000'].IpPermissions[] | [?FromPort==`22`].FromPort | [0]
或者,quoted/adjusted 对于 bash:
'SecurityGroups[?GroupId==`"sg-0a26abc0a00000000"`].IpPermissions[] | [?IpProtocol==`"tcp"`].IpProtocol | [0]'
'SecurityGroups[?GroupId==`"sg-0a26abc0a00000000`"].IpPermissions[] | [?FromPort==`22`].FromPort | [0]'
您会注意到 IpPermissions 末尾的 []
,它使列表变平。如果您不这样做(或 SecurityGroups[?GroupId=='sg-0a26abc0a00000000'][]
),过滤器将应用于列表的顶层,其中不存在 IpPermissions。
我不清楚为什么这是真的。这似乎是错误的,因为没有较早的过滤器,较晚的过滤器适用于子列表。
以下是我尝试过并得到预期数据的方法。让我知道这是否适合你。
aws ec2 describe-security-groups --query 'SecurityGroups[?GroupId==`sg-xxxxxx`].[IpPermissions[?IpProtocol==`tcp`] | [0].IpProtocol]' --output text
//tcp
aws ec2 describe-security-groups --query 'SecurityGroups[?GroupId==`sg-xxxxxx`].[IpPermissions[?FromPort==`22`] | [0].FromPort]' --output text
//22
备注 -
- 最好将您的查询括在单引号内,以便 CLI 可以正确解析整个查询。
- 您可以用反引号 (`) 填充条件。
你们中的任何人都可以帮助我确定部分中的 CLI 命令 /JMESPATH 查询的问题 - “什么不工作?”下面
P.S。 JSON 下面给出的输出是有效的,您可以使用输出在 JMESPATH.org
上测试它的 JMESPATH 查询部分什么有效?
1) aws ec2 describe-security-groups --query SecurityGroups[?GroupId=='sg-0a26abc0a00000000'].IpPermissions[]
2) aws ec2 describe-security-groups --query SecurityGroups[?GroupId=='sg-0a26abc0a00000000'].IpPermissions[].FromPort
3) aws ec2 describe-security-groups --query SecurityGroups[?GroupId=='sg-0a26abc0a00000000'].IpPermissions[].IpProtocol
什么不起作用?
1) aws ec2 describe-security-groups --query SecurityGroups[?GroupId=='sg-0a26abc0a00000000'].IpPermissions[?IpProtocol=='tcp'].IpProtocol
2) aws ec2 describe-security-groups --query SecurityGroups[?GroupId=='sg-0a26abc0a00000000'].IpPermissions[?FromPort=='22'].FromPort
JSON 输出
{
"SecurityGroups": [
{
"Description": "default VPC security group",
"GroupName": "default",
"IpPermissions": [
{
"IpProtocol": "-1",
"IpRanges": [],
"Ipv6Ranges": [],
"PrefixListIds": [],
"UserIdGroupPairs": [
{
"GroupId": "sg-06d7c8d3300000000",
"UserId": "400000000000"
}
]
}
],
"OwnerId": "400000000000",
"GroupId": "sg-06d7c000000000000",
"IpPermissionsEgress": [
{
"IpProtocol": "-1",
"IpRanges": [
{
"CidrIp": "0.0.0.0/0"
}
],
"Ipv6Ranges": [],
"PrefixListIds": [],
"UserIdGroupPairs": []
}
],
"VpcId": "vpc-0d26c7ba200000000"
},
{
"Description": "BastionSG",
"GroupName": "BastionSG",
"IpPermissions": [
{
"FromPort": 22,
"IpProtocol": "tcp",
"IpRanges": [
{
"CidrIp": "0.0.0.0/0"
}
],
"Ipv6Ranges": [],
"PrefixListIds": [],
"ToPort": 22,
"UserIdGroupPairs": []
}
],
"OwnerId": "400000000000",
"GroupId": "sg-0a26abc0a00000000",
"IpPermissionsEgress": [
{
"IpProtocol": "-1",
"IpRanges": [
{
"CidrIp": "0.0.0.0/0"
}
],
"Ipv6Ranges": [],
"PrefixListIds": [],
"UserIdGroupPairs": []
}
],
"VpcId": "vpc-0d26c7ba200000000"
}
]
}
Expected/Actual 结果
aws ec2 describe-security-groups --query SecurityGroups[?GroupId=='sg-0a26abc0a00000000'].IpPermissions[?IpProtocol=='tcp'].IpProtocol
结果
预期 - tcp,实际 - Returns 无结果
aws ec2 describe-security-groups --query SecurityGroups[?GroupId=='sg-0a26abc0a00000000'].IpPermissions[?FromPort=='22'].FromPort
结果
预期 - 22,实际 - Returns 无结果
SecurityGroups[?GroupId=='sg-0a26abc0a00000000'].IpPermissions[] | [?IpProtocol=='tcp'].IpProtocol | [0]
SecurityGroups[?GroupId=='sg-0a26abc0a00000000'].IpPermissions[] | [?FromPort==`22`].FromPort | [0]
或者,quoted/adjusted 对于 bash:
'SecurityGroups[?GroupId==`"sg-0a26abc0a00000000"`].IpPermissions[] | [?IpProtocol==`"tcp"`].IpProtocol | [0]'
'SecurityGroups[?GroupId==`"sg-0a26abc0a00000000`"].IpPermissions[] | [?FromPort==`22`].FromPort | [0]'
您会注意到 IpPermissions 末尾的 []
,它使列表变平。如果您不这样做(或 SecurityGroups[?GroupId=='sg-0a26abc0a00000000'][]
),过滤器将应用于列表的顶层,其中不存在 IpPermissions。
我不清楚为什么这是真的。这似乎是错误的,因为没有较早的过滤器,较晚的过滤器适用于子列表。
以下是我尝试过并得到预期数据的方法。让我知道这是否适合你。
aws ec2 describe-security-groups --query 'SecurityGroups[?GroupId==`sg-xxxxxx`].[IpPermissions[?IpProtocol==`tcp`] | [0].IpProtocol]' --output text
//tcp
aws ec2 describe-security-groups --query 'SecurityGroups[?GroupId==`sg-xxxxxx`].[IpPermissions[?FromPort==`22`] | [0].FromPort]' --output text
//22
备注 -
- 最好将您的查询括在单引号内,以便 CLI 可以正确解析整个查询。
- 您可以用反引号 (`) 填充条件。