AWS CLI:解析参数“--config-rule”时出错:无效 JSON:

AWS CLI: Error parsing parameter '--config-rule': Invalid JSON:

cat <<EOF > S3ProhibitPublicReadAccess.json 
{
"ConfigRuleName": "S3PublicReadProhibited",
"Description": "Checks that your S3 buckets do not allow public read access. If an S3 
bucket policy or bucket ACL allows public read access, the bucket is noncompliant.",
"Scope": { 
"ComplianceResourceTypes": [ 
 "AWS::S3::Bucket"
] 
}, 
"Source": { 
"Owner": "AWS", 
"SourceIdentifier": "S3_BUCKET_PUBLIC_READ_PROHIBITED"
} 
}
EOF
aws configservice put-config-rule --config-rule file://S3ProhibitPublicReadAccess.json

当我在配置后上传我的配置规则时,它给我下面的错误解析参数'--config-rule':无效JSON:无效的控制字符位于:第3行第87列(char 132) JSON 收到:我首先在 Windows Powershell 上尝试启动,然后去尝试 Linux 看看我是否会得到不同的结果,但仍然出现相同的错误两台机器。

错误:

Error parsing parameter '--config-rule': Invalid JSON: Invalid control character at: line 3 column 87 (char 132)
JSON received: {
"ConfigRuleName": "S3PublicReadProhibited",
"Description": "Checks that your S3 buckets do not allow public read access. If an S3
bucket policy or bucket ACL allows public read access, the bucket is noncompliant.",
"Scope": {
"ComplianceResourceTypes": [
 "AWS::S3::Bucket"
]
},
"Source": {
"Owner": "AWS",
"SourceIdentifier": "S3_BUCKET_PUBLIC_READ_PROHIBITED"
}
}

答案就在那里,这是我阅读错误消息的方式...

 Invalid JSON: Invalid control character at: line 3 column 87 (char 132)

“无效的控制字符”- 即换行符和换行符之类的字符- 即不可见的“控制”字符。

“第 3 行第 87 列”- 告诉您它认为错误在哪里(这并不总是完全准确,但通常接近错误)。在这种情况下,第 3 行第 87 列是以下行的结尾:

"Description": "Checks that your S3 buckets do not allow public read access. If an S3

"char 132" - 这是字符的 ASCII 代码(顺便说一句,它是 " 字符),这是它期望在行尾找到的内容。

所以,这是什么意思,基本上它期待一个 " 而它却找到了一个行结束控制字符。

修复方法是将描述键和值放在一行中,因此:

"Description": "Checks that your S3 buckets do not allow public read access. If an S3 bucket policy or bucket ACL allows public read access, the bucket is noncompliant.",

变为:

"Description": "Checks that your S3 buckets do not allow public read access. If an S3 bucket policy or bucket ACL allows public read access, the bucket is noncompliant.",

我使用 https://jsonlint.com/ 来快速验证 JSON,并且我能够调整它并重新验证它直到它是正确的。