json 使用jq根据标签过滤AWS资源

vnzz0bqm  于 2023-10-21  发布在  其他
关注(0)|答案(3)|浏览(108)

使用命令aws resourcegroupstaggingapi get-resources --profile (profile_name)返回一个JSON对象数组,其中包含资源ARN值及其标记(另一个JSON对象数组,其中包含标记的键和值)。
下面是一个匿名的例子:

{
  "ResourceTagMappingList": [
    {
      "ResourceARN": "arn:aws:acm:eu-west-1:123456789000:certificate/XXXXX-YYYY-8888-9999-CCCCCCCCCCCCC",
      "Tags": [
        {
          "Key": "Environment",
          "Value": "BAR"
        }
      ]
    },
    {
      "ResourceARN": "arn:aws:acm:eu-west-1:123456789000:certificate/XXXXX-YYYY-8888-9999-CCCCCCCCCCCCC",
      "Tags": [
        {
          "Key": "Environment",
          "Value": "FOO"
        }
      ]
    },
    {
      "ResourceARN": "arn:aws:ec2:eu-west-1:123456789000:elastic-ip/eipalloc-112345440809463",
      "Tags": [
        {
          "Key": "Component",
          "Value": "somethingCool"
        },
        {
          "Key": "DeployID",
          "Value": "di-01"
        },
        {
          "Key": "Name",
          "Value": "eip-nat-somethingCool-di-01"
        }
      ]
    },
    {
      "ResourceARN": "arn:aws:ec2:eu-west-1:123456789000:elastic-ip/eipalloc-19853410278439394i3",
      "Tags": [
        {
          "Key": "Component",
          "Value": "somethingCool"
        },
        {
          "Key": "DeployID",
          "Value": "bla-internal-goku"
        },
        {
          "Key": "Name",
          "Value": "eip-nat-somethingCool-bla-internal-goku"
        }
      ]
    },
    {
      "ResourceARN": "arn:aws:elasticloadbalancing:eu-west-1:123456789000:targetgroup/tf-20190624192221842800000004/oisajhiuweniçqej82u23948u3",
      "Tags": [
        {
          "Key": "Component",
          "Value": "somethingCool"
        },
        {
          "Key": "DeployID",
          "Value": "env01-bla00"
        },
        {
          "Key": "Environment",
          "Value": "env01"
        },
        {
          "Key": "Estate",
          "Value": "something"
        },
        {
          "Key": "Name",
          "Value": "target-group-lala-somethingCool-env01-bla00-vsquad"
        }
      ]
    }
  ]
}

所以我想知道我是否可以使用cli tool jq来过滤基于特定标记值的对象?是否可以列出特定标记键的所有值?

g0czyy6m

g0czyy6m1#

基于特定标记值过滤对象:

aws resourcegroupstaggingapi get-resources --region REGIONCODE | jq '.ResourceTagMappingList[] | select(.Tags[0].Value == "VALUETYPE")'

列出特定标记键的所有值:

aws resourcegroupstaggingapi get-tag-values --key KEYNAME
pdsfdshx

pdsfdshx2#

您可以通过调用相同的API(但使用get-tag-values)来查询AWS帐户指定区域中指定键的所有标记值。
https://docs.aws.amazon.com/resourcegroupstagging/latest/APIReference/API_GetTagValues.html

drnojrws

drnojrws3#

aws resourcegroupstaggingapi get-resources --region "$AWS_REGION" --tag-filters Key=TAG_NAME | jq '.ResourceTagMappingList[] | select(any(.Tags[] ; .Key == "TAG_NAME" and .Value == "TAG_VALUE"))'
请注意aws resourcegroupstaggingapi命令本身中的--tag-filters Key=TAG_NAME,这样AWS就不会返回任何没有所需标记的资源。
如果你想在.Value上做部分(子串)匹配,使用这个:
aws resourcegroupstaggingapi get-resources --region "$AWS_REGION" --tag-filters Key=TAG_NAME | jq '.ResourceTagMappingList[] | select(any(.Tags[] ; .Key == "TAG_NAME" and (.Value | contains("SUBSTRING"))))'
请注意,.Value == "TAG_VALUE"已替换为(.Value | contains("SUBSTRING"))(由于运算符优先级为and,因此需要用括号将其括起来

相关问题