无法使用jq-string ("")和数组将JSON文件解析为CSV
无法使用jq-string ("")和数组将JSON文件解析为CSV
提问于 2018-03-20 09:01:03
这是output.json:https://1drv.ms/u/s!AizscpxS0QM4hJo5SnYOHAcjng-jww
当有多个服务时,我在sts:AsumeRole.Principal.Service部件中有问题
Principal": {
"Service": [
"ssm.amazonaws.com",
"ec2.amazonaws.com"
]
}在我下面的代码中,它是.Principal.Service字段。如果只有一种服务,就没有问题
"InstanceProfileList": [
{
"InstanceProfileId": "AIPAJMMLWIVZ2IXTOC3RO",
"Roles": [
{
"AssumeRolePolicyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Action": "sts:AssumeRole",
"Effect": "Allow",
"Principal": {
"AWS": "*"
}
}
]
},
"RoleId": "AROAJPHJ4EDQG3G5ZQZT2",
"CreateDate": "2017-04-04T23:46:47Z",
"RoleName": "dev-instance-role",
"Path": "/",
"Arn": "arn:aws:iam::279052847476:role/dev-instance-role"
}
],
"CreateDate": "2017-04-04T23:46:47Z",
"InstanceProfileName": "bastionServerInstanceProfile",
"Path": "/",
"Arn": "arn:aws:iam::279052847476:instance-profile/bastionServerInstanceProfile"
}
],
"RoleName": "dev-instance-role",
"Path": "/",
"AttachedManagedPolicies": [
{
"PolicyName": "dev-instance-role-policy",
"PolicyArn": "arn:aws:iam::279052847476:policy/dev-instance-role-policy"
}
],
"RolePolicyList": [],
"Arn": "arn:aws:iam::279052847476:role/dev-instance-role"
},
{
"AssumeRolePolicyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Action": "sts:AssumeRole",
"Effect": "Allow",
"Principal": {
"Service": [
"ssm.amazonaws.com",
"ec2.amazonaws.com"
]
}
}
]
}, 如果只存在一个服务,则没有问题,但如果超过一个,则得到错误string ("") and array (["ssm.amazonaws.com) cannot be added。
如何在一行中获取Principal.Service的所有值。
我的代码:
jq -rc '.RoleDetailList
| map(select((.AssumeRolePolicyDocument.Statement | length > 0) and
(.AssumeRolePolicyDocument.Statement[].Principal.Service) or
(.AssumeRolePolicyDocument.Statement[].Principal.AWS) or
(.AssumeRolePolicyDocument.Statement[].Principal.Federated) or
(.AttachedManagedPolicies | length >0) or
(.RolePolicyList | length > 0)) )[]
| [.RoleName,
([.RolePolicyList[].PolicyName,
([.AttachedManagedPolicies[].PolicyName] | join("--"))]
| join(" ")),
(.AssumeRolePolicyDocument.Statement[]
| .Principal.Federated + "" + .Principal.Service + ""+.Principal.AWS)]
| @csv' ./output.json期望产出:
"dev-instance-role","dev-instance-role-policy","ssm.amazonaws.com--ec2.amazonaws.com--*"当前产出:
"dev-instance-role","dev-instance-role-policy","*"回答 2
Stack Overflow用户
回答已采纳
发布于 2018-03-20 09:45:15
考虑添加附加条件以检查.Principal.Service是array类型还是string类型
jq -rc '.RoleDetailList
| map(select((.AssumeRolePolicyDocument.Statement | length > 0) and
(.AssumeRolePolicyDocument.Statement[].Principal.Service) or
(.AssumeRolePolicyDocument.Statement[].Principal.AWS) or
(.AssumeRolePolicyDocument.Statement[].Principal.Federated) or
(.AttachedManagedPolicies | length >0) or
(.RolePolicyList | length > 0)) )[]
| [.RoleName,
([.RolePolicyList[].PolicyName,
([.AttachedManagedPolicies[].PolicyName] | join("--"))]
| join(" ")),
(.AssumeRolePolicyDocument.Statement[]
| .Principal.Federated + ""
+ (.Principal.Service | if type == "array" then join("--") else . end)
+ "" + .Principal.AWS)]
| @csv' ./output.json产出:
"ADFS-Administrators","Administrator-Access ","arn:aws:iam::279052847476:saml-provider/companyADFS"
"ADFS-amtest-ro","pol-amtest-ro","arn:aws:iam::279052847476:saml-provider/companyADFS"
"adfs-host-role","pol-amtest-ro","ec2.amazonaws.com"
"aws-elasticbeanstalk-ec2-role","AWSElasticBeanstalkWebTier--AWSElasticBeanstalkMulticontainerDocker--AWSElasticBeanstalkWorkerTier","ec2.amazonaws.com"
"aws-elasticbeanstalk-service-role","AWSElasticBeanstalkEnhancedHealth--AWSElasticBeanstalkService","elasticbeanstalk.amazonaws.com"
"AWSAccCorpAdmin","AdministratorAccess","arn:aws:iam::279052847476:saml-provider/LastPass"
"AWScompanyCorpAdmin","AdministratorAccess","arn:aws:iam::279052847476:saml-provider/LastPass"
"AWScompanyCorpPowerUser","PowerUserAccess","arn:aws:iam::279052847476:saml-provider/LastPass"
"AWSServiceRoleForAutoScaling","AutoScalingServiceRolePolicy","autoscaling.amazonaws.com"
"AWSServiceRoleForElasticBeanstalk","AWSElasticBeanstalkServiceRolePolicy","elasticbeanstalk.amazonaws.com"
"AWSServiceRoleForElasticLoadBalancing","AWSElasticLoadBalancingServiceRolePolicy","elasticloadbalancing.amazonaws.com"
"AWSServiceRoleForOrganizations","AWSOrganizationsServiceTrustPolicy","organizations.amazonaws.com"
"AWSServiceRoleForRDS","AmazonRDSServiceRolePolicy","rds.amazonaws.com"
"Cloudyn","ReadOnlyAccess","arn:aws:iam::432263259397:root"
"DatadogAWSIntegrationRole","DatadogAWSIntegrationPolicy","arn:aws:iam::464622532012:root"
"datadog_alert_metrics_role","AWSLambdaBasicExecutionRole-66abe1f2-cee8-4a90-a026-061b24db1b02","lambda.amazonaws.com"
"dev-instance-role","dev-instance-role-policy","*"
"ec2ssmRole","AmazonEC2RoleforSSM","ssm.amazonaws.com--ec2.amazonaws.com"
"ecsInstanceRole","AmazonEC2ContainerServiceforEC2Role","ec2.amazonaws.com"
"ecsServiceRole","AmazonEC2ContainerServiceRole","ecs.amazonaws.com"
"flowlogsRole","oneClick_flowlogsRole_1495032428381 ","vpc-flow-logs.amazonaws.com"
"companyDevShutdownEC2Instaces","oneClick_lambda_basic_execution_1516271285849 ","lambda.amazonaws.com"
"companySAMLUser","AdministratorAccess","arn:aws:iam::279052847476:saml-provider/companyAzureAD"
"irole-matlabscheduler","pol-marketdata-rw","ec2.amazonaws.com"
"jira_role","","*"
"lambda-ec2-ami-role","lambda-ec2-ami-policy","lambda.amazonaws.com"
"lambda_api_gateway_twilio_processor","AWSLambdaBasicExecutionRole-f47a6b57-b716-4740-b2c6-a02fa6480153--AWSLambdaSNSPublishPolicyExecutionRole-d31a9f16-80e7-47c9-868a-f162396cccf6","lambda.amazonaws.com"
"lambda_stop_rundeck_instance","oneClick_lambda_basic_execution_1519651160794 ","lambda.amazonaws.com"
"OneLoginAdmin","AdministratorAccess","arn:aws:iam::279052847476:saml-provider/OneLoginAdmin"
"OneLoginDev","PowerUserAccess","arn:aws:iam::279052847476:saml-provider/OneLoginDev"
"rds-host-role","","ec2.amazonaws.com"
"rds-monitoring-role","AmazonRDSEnhancedMonitoringRole","monitoring.rds.amazonaws.com"
"role-amtest-ro","pol-amtest-ro","ec2.amazonaws.com"
"role-amtest-rw","pol-amtest-rw","ec2.amazonaws.com"
"Stackdriver","ReadOnlyAccess","arn:aws:iam::314658760392:root"
"vmimport","vmimport ","vmie.amazonaws.com"
"workspaces_DefaultRole","SkyLightServiceAccess ","workspaces.amazonaws.com"Stack Overflow用户
发布于 2018-03-20 09:41:27
看起来,.Principal.Service要么是一个字符串,要么是一个字符串数组,因此您需要处理这两种情况。因此,应考虑:
def to_s: if type == "string" then . else join("--") end;您可能希望使其更通用,以使其更健壮,或者出于其他原因。
您还可能希望简化jq过滤器,使其更易于理解和维护,例如使用jq变量。还请注意
.x.a + .x.b + x.c 可以写成:
.x | (.a + .b + .c)页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/49379953
复制相关文章
相似问题
腾讯云开发者
