I'd like to improve this line:
aws_iam_role=$(aws iam get-role --role-name rl-company-admin --profile=company-bill |
jq -r '.Role.AssumeRolePolicyDocument.Statement[].Principal.AWS' |
sed "s/arn:aws:iam::123456789101:user\///g" |
grep tdunphy |
sed 's/"//g'|
sed 's/,//g')
This is the raw output of the command with no processing:
aws iam get-role --role-name rl-company-admin --profile=company-bill
{
"Role": {
"Description": "company Admin Role",
"AssumeRolePolicyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Action": "sts:AssumeRole",
"Effect": "Allow",
"Principal": {
"AWS": [
"arn:aws:iam::123456789101:user/tdunphy",
"arn:aws:iam::123456789101:user/user1",
"arn:aws:iam::123456789101:user/user2",
"arn:aws:iam::123456789101:user/user3",
]
}
}
]
},
"MaxSessionDuration": 3600,
"RoleId": "AROAJGNAT3IXV7DIWSDCK",
"CreateDate": "2018-01-18T17:35:27Z",
"RoleName": "rl-company-admin",
"Path": "/",
"Arn": "arn:aws:iam::188087670762:role/rl-company-admin"
}
}
How can I use one sed statement to process this text instead of using multiple sed statements?
It can be done in single jq command like this this avoiding invoking multiple external commands e.g. grep, sed etc:
aws iam get-role --role-name rl-company-admin --profile=company-bill |
jq --arg u 'tdunphy' -r '
.Role.AssumeRolePolicyDocument.Statement[].Principal.AWS[] |
select(. | endswith($u)) | sub("arn:aws:iam::123456789101:user/"; "")'
Output:
tdunphy
この記事はインターネットから収集されたものであり、転載の際にはソースを示してください。
侵害の場合は、連絡してください[email protected]
コメントを追加