I'm trying to get the arn of a target group that contains the word test or the value assigned to "value" in its name, but I can't get it, I got this error.
value=test
aws elbv2 describe-target-groups --query "TargetGroups[?starts_with(TargetGroupName, '${value}') == `true`].[TargetGroupArn]"
Bad value for --query TargetGroups[?starts_with(TargetGroupName, 'test') == ].[TargetGroupArn]: invalid token: Parse error at column 59, token "]" (RBRACKET), for expression:
"TargetGroups[?starts_with(TargetGroupName, 'test') == ].[TargetGroupArn]"
^
I am using bash on windows
Related
I run the query below and it works.
aws ec2 describe-security-groups \
--filters Name=ip-permission.from-port,Values=21 Name=ip-permission.to-Port,Values=21 \
--query 'SecurityGroups[].[Tags[?Key==`Owner`] | [0].Value, GroupId]' \
--output text
But trying to get security groups that have open traffic for all and the value of the Tag=Owner, I run this and get jmespath error.
aws ec2 describe-security-groups --filters Name=ip-permission.protocol,Values=-1 --query SecurityGroups[?IpPermissions[?IpProtocol == '-1' && contains(IpRanges[].CidrIp,'0.0.0.0/0')]].[Tags[?Key==`Owner`] | [0].Value, GroupId]' --output=text
Bad value for --query SecurityGroups[?IpPermissions[?IpProtocol == -1 && contains(IpRanges[].CidrIp,0.0.0.0/0)]].[Tags[?Key==Owner] | [0].Value, GroupId]: Bad jmespath expression: Unknown token /:""
I had to wrap the chars that threw an error in a 'quote' symbol and successfully retrieved an output afterwards:
aws rds describe-db-instances \
--query "*[].[dbidentifier,'dbidentifier.cx32323sss6ib.eu-central-1.rds.amazonaws.com','5432',admin]"
Personally I prefer Steampipe, a CLI that can query AWS resources using SQL. It can be more verbose than JMES, but is much easier to read and more flexible to query.
Here is your first query as SQL using the aws_vpc_security_group_rule table:
select
sg.tags ->> 'Owner' as owner,
sg.group_id
from
aws_vpc_security_group as sg
join aws_vpc_security_group_rule as rule on sg.group_id = rule.group_id
where
rule.type = 'ingress'
and from_port = 22
and to_port = 22;
And here is a query to find the open ports:
select
sg.tags->>'Owner',
sg.group_id
from
aws_vpc_security_group as sg
join aws_vpc_security_group_rule as rule on sg.group_id = rule.group_id
where
rule.type = 'ingress'
and rule.ip_protocol = '-1'
and rule.cidr_ip = '0.0.0.0/0'
Using jmespath and given the below json, how would I filter so only JobNames starting with "analytics" are returned?
For more context, the json was returned by the aws cli command aws glue list-jobs
{
"JobNames": [
"analytics-job1",
"analytics-job2",
"team2-job"
]
}
Tried this
JobNames[?starts_with(JobNames, `analytics`)]
but it failed with
In function starts_with(), invalid type for value: None, expected one
of: ['string'], received: "null"
Above I extracted the jmespath bit, but here is the entire aws cli command I tried and failed is this
aws glue list-jobs --query '{"as_string": to_string(JobNames[?starts_with(JobNames, `analytics`)])}'
I couldn't test it on list-jobs but the query part works on list-crawlers. Just replaced the JobNames with CrawlerNames.
aws glue list-jobs --query 'JobNames[?starts_with(#, `analytics`) == `true`]'
I am using AWS Command Line Interface (CLI) to list some AMI Images from AWS.
The Name of an Image is like:
XY_XYZ_Docker_1.13_XYZ_XXYY
When using
aws ec2 describe-images --filters 'Name=name,Values="*_Docker_1.13_*"'
it works as expected.
Now i want to use Regular Expression instead of static value for the Name-Filter.
In the AWS-Docs I read that filtering by RegEx is possible
My approach is:
1:
aws ec2 describe-images --filters 'Name=name,Values="[_]Docker[_][0-9][.][0-9]{2}[_]"'
The result is always null for this. I tried different ways of quoting the RegEx.
2:
[_]Docker[_][0-9][.][0-9]{2}[_]
(without quotes) leads to
Error parsing parameter '--filters': Expected: ',', received: 'D' for input:
Name=name,Values=[]Docker[][0-9][.][0-9]{2}[_]
3:
*[_]Docker[_][0-9][.][0-9]{2}[_]*
(with Asterisk) leads to
Error parsing parameter '--filters': Expected: ',', received: ']' for input:
Name=name,Values=[_]Docker[_][0-9][.][0-9]{2}[_]
I wasn't able to find if Jmespath or the --filters flag can support regex, so instead I just piped to Python to run through regex.
aws ec2 describe-images --filters 'Name=name,Values="*Docker*"' | \
python -c '
import json, sys, re
obj = json.load(sys.stdin)
matched_images = {"Images":[]}
for image in obj["Images"]:
if len(re.findall(r"[Dd]ocker\s?[0-9][.][0-9]{2}", image["Name"])) > 0:
matched_images["Images"].append(image)
print json.dumps(matched_images)
'
You can pipe the output (which is just a JSON string) to your next bash command if needed with a pipe character following the closing quote. Maybe this can address concerns with using grep since it returns a JSON string instead or regular text.
See the gist below.
It covers:
search ECR images sorted descending by imagePushDate
selecting the tag that meets a Regex criteria
using that to replace a key/value pair in a yaml
https://gist.github.com/pprogrammingg/69e7c85abede9822f2480e9b5e1e66fd
I'm trying to make a groovy script that list the objects on the AWS S3 that have been uploaded in the past three days. I installed the AWS CLI on the agent that the script runs on. The command I found that lists the objects by date is the following:
def cmd = "aws s3api list-objects --bucket (name of bucket) --query \"Contents[?LastModified>= '2018-10-16'].{Key: Key, LastModified: LastModified }\""
When I run this command on the agent directly from a putty session, it runs fine and lists the objects correctly. But when I try to execute the same command from the groovy script, I get the following error:
Bad value for --query "Contents[?LastModified: Bad jmespath expression: Unclosed " delimiter:
"Contents[?LastModified
^
I tried to replace the first and last quotation marks with single quotes but did not work. I tried to do the same thing with the quotation marks before contents and after LastModified but did not work as well. I tried passing Contents[?LastModified>= '2018-10-16'].{Key: Key, LastModified: LastModified } to a string variable and pass its value in the command after --query but that didn't work as well.
Please try:
Then try:
def date = new Date().format('yyyy-MM-dd')
def cmd = ['aws', 's3api', 'list-objects', '--bucket', 'Bucket-Name', '--query', "Contents[?LastModified>='${date}'].{Key: Key , LastModified: LastModified}"]
Remember to always pass the command as a list, not string.
I am trying to remove a user from AWS via a bash script.
The result I get back is:
Removing user_one from all groups.
parse error: Invalid numeric literal at line 1, column 7
The name of the group I am trying to remove the user from is: grp-cloudops
This is my code:
aws iam remove-user-from-group --user-name user_one --group-name grp-cloudops --profile=nonprod
What am I doing wrong?