Skip to content

JMESPath.md

Latest commit

 

History

History
90 lines (70 loc) · 3.74 KB

JMESPath.md

File metadata and controls

90 lines (70 loc) · 3.74 KB

JMESPath Examples

JMESPath Tutorial

# If exist
aws cloudformation list-stacks --query "StackSummaries[?StackName=='lzac-AWSControlTowerExecutionRole'].StackName" --output text 

# Select specific keys from list of dict 
aws ec2 describe-subnets --query 'Subnets[].{CidrBlock: CidrBlock, SubnetId: SubnetId, VpcId: VpcId, AvailableIpAddressCount: AvailableIpAddressCount, State: State}' --filters "Name=cidr-block,Values=10.*" "Name=state,Values=available"

# Select specific keys from list of dict with multiple filters
aws ec2 describe-subnets \
  --query 'Subnets[].{AvailableIpAddressCount: AvailableIpAddressCount, CidrBlock: CidrBlock, State: State, SubnetArn: SubnetArn, SubnetId: SubnetId, VpcId: VpcId}' \
  --filters "Name=cidr-block,Values=10.*" "Name=state,Values=available" "Name=tag:Name,Values=sn-PctMgmt-AZ2" \
  | jq .

# Array Filter & Map
region=us-east-1
query="Vpcs[].{CidrBlock: CidrBlock, DhcpOptionsId: DhcpOptionsId, State: State, VpcId: VpcId, OwnerId: OwnerId, InstanceTenancy: InstanceTenancy, CidrBlockAssociationSet: CidrBlockAssociationSet, IsDefault: IsDefault, region: '$region'}"
aws ec2 describe-vpcs --query "$query"

# Text output single field
aws ec2 describe-vpcs --query "Vpcs[].[VpcId]" --output text

# Text output single field filtered
query="Regions[?RegionOptStatus!='DISABLED'].RegionName"
aws account list-regions --no-paginate --query ""$query --output text

# Text output single field filtered & loop
REGIONS=$(aws account list-regions --no-paginate --query "$query" --output text)
for region in $REGIONS; do echo "${region}:";aws ec2 describe-vpcs --region $region --output yaml; echo; done

Filter dict by Keys

# Dict Filter keys for {}
# Returns IAM Account summary for Groups, Policies, Roles & Users plus Qoata
aws iam get-account-summary | jq --sort-keys '.SummaryMap | {SummaryMap: {Groups: .Groups, GroupsQuota: .GroupsQuota, Policies: .Policies, PoliciesQuota: .PoliciesQuota, PolicyVersionsInUse: .PolicyVersionsInUse, Roles: .Roles, RolesQuota: .RolesQuota, Users: .Users,UsersQuota: .UsersQuota}}'

Filter list of dict by keys

cat data/cloud-hub-90-days-signin-2023-10-06.json | jq '.Records | {Records: map({eventTime: .eventTime, recipientAccountId: .recipientAccountId, userIdentity: .userIdentity, eventCategory: .eventCategory, eventName: .eventName, eventType: .eventType, eventSource: .eventSource, responseElements: .responseElements})}'

Filter list of dict for one key

aws directconnect describe-direct-connect-gateways | jq '.directConnectGateways | map(.directConnectGatewayId)' -r  -r | grep -E -v '\[|\]' | tr -d ',"' 

ids=$( aws directconnect describe-direct-connect-gateways | jq '.directConnectGateways | map(.directConnectGatewayId)' -r  -r | grep -E -v '\[|\]' | tr -d ',"' )

for id in $ids; do
  aws directconnect describe-direct-connect-gateways $id --output yaml
done

Filter list of dicts by keys & values

Json data mocel:
``

{
  "Accounts": [
    {
        "Id": "883654865448",
        "Arn": "arn:aws:organizations::171844140004:account/o-jmt3aajwbh/883654865448",
        "Email": "aws.gov-svc-acct-cc001-commercial@ge.com",
        "Name": "gov-svc-acct-cc001-commercial",
        "Status": "ACTIVE",
        "JoinedMethod": "CREATED",
        "JoinedTimestamp": "2023-07-05T08:43:51.166000-07:00"
        }
  ]
}

JQ query:

# Filter for Active
aws organizations list-accounts | jq '.Accounts | map(select(.Status == "ACTIVE" )) | {Accounts: map({Id: .Id, Name: .Name, Status: .Status}
)}'


aws organizations list-accounts | jq '.Accounts | {Accounts: map({Id: .Id, Name: .Name, Status: .Status})}'


# Converting to csv
aws organizations list-accounts | jq '.Accounts[] | [.Id, .Name, .Status] | @csv' -r