自动检测 AWS 中未标记的资源
Automation to detect untagged resources in AWS
我正在尝试 运行 api 调用以查找没有正确标签的 AWS 资源列表并将输出放入 json 文件:
名称:“未使用”
Resolve 中的名称 = false
aws resourcegroupstaggingapi get-resources --tags-er-page 100 | jq '.ResourceTagMappingList{} | select(contains({Tags: [{Key: "Name"}, [{Key: "Name in Resolve"}]}))' > tag.json
但是,它给出了所有标签的列表以及标签“Name”和“Resolve 中的名称”。我只想用这 2 个标签及其值
过滤输出
实际结果:
{
"ResourceARN":"arn:aws:backup:$Region:$AccountId:recovery-point:xxxxxxxx",
"Tags": [
{
"Key: "Name",
"Value": "eks-efs-non-prod"
},
{
"Key": "Deptt"
"Value": "XXX"
},
{
"Key": "BusinessUnit"
"Value": "XXX"
},
{
"Key": "Name in Resolve"
"Value": "True"
},
{
"Key": "SysOwner"
"Value": "XXX"
},
{
"Key": "IT Director"
"Value": "Ankur K"
}
]
}
{
"ResourceARN":"arn:aws:backup:$Region:$AccountId:recovery-point:xxxxxxxx",
"Tags": [
{
"Key: "Name",
"Value": "Unused"
},
{
"Key": "Deptt"
"Value": "XXX"
},
{
"Key": "BusinessUnit"
"Value": "XXX"
},
{
"Key": "Name in Resolve"
"Value": "false"
},
{
"Key": "SysOwner"
"Value": "XXX"
},
{
"Key": "IT Director"
"Value": "Ankur K"
}
]
}
预期结果:
{
"ResourceARN":"arn:aws:backup:$Region:$AccountId:recovery-point:xxxxxxxx",
"Tags": [
{
"Key: "Name",
"Value": "eks-efs-non-prod"
},
{
"Key": "Name in Resolve"
"Value": "True"
}
]
}
{
"ResourceARN":"arn:aws:backup:$Region:$AccountId:recovery-point:xxxxxxxx",
"Tags": [
{
"Key: "Name",
"Value": "Unused"
},
{
"Key": "Name in Resolve"
"Value": "false"
}
]
}
JSON 样本有一些小错误,但使用它(经过更正)作为输入,相关的 jq 过滤器将是:
.Tags |= map(select(.Key | IN("Name", "Name in Resolve")))
如果您的 jq 没有 IN/1,那么您只需将其 def 复制到程序的开头即可:
def IN(s): first((s == .) // empty) // false;
我正在尝试 运行 api 调用以查找没有正确标签的 AWS 资源列表并将输出放入 json 文件:
名称:“未使用” Resolve 中的名称 = false
aws resourcegroupstaggingapi get-resources --tags-er-page 100 | jq '.ResourceTagMappingList{} | select(contains({Tags: [{Key: "Name"}, [{Key: "Name in Resolve"}]}))' > tag.json
但是,它给出了所有标签的列表以及标签“Name”和“Resolve 中的名称”。我只想用这 2 个标签及其值
过滤输出实际结果:
{
"ResourceARN":"arn:aws:backup:$Region:$AccountId:recovery-point:xxxxxxxx",
"Tags": [
{
"Key: "Name",
"Value": "eks-efs-non-prod"
},
{
"Key": "Deptt"
"Value": "XXX"
},
{
"Key": "BusinessUnit"
"Value": "XXX"
},
{
"Key": "Name in Resolve"
"Value": "True"
},
{
"Key": "SysOwner"
"Value": "XXX"
},
{
"Key": "IT Director"
"Value": "Ankur K"
}
]
}
{
"ResourceARN":"arn:aws:backup:$Region:$AccountId:recovery-point:xxxxxxxx",
"Tags": [
{
"Key: "Name",
"Value": "Unused"
},
{
"Key": "Deptt"
"Value": "XXX"
},
{
"Key": "BusinessUnit"
"Value": "XXX"
},
{
"Key": "Name in Resolve"
"Value": "false"
},
{
"Key": "SysOwner"
"Value": "XXX"
},
{
"Key": "IT Director"
"Value": "Ankur K"
}
]
}
预期结果:
{
"ResourceARN":"arn:aws:backup:$Region:$AccountId:recovery-point:xxxxxxxx",
"Tags": [
{
"Key: "Name",
"Value": "eks-efs-non-prod"
},
{
"Key": "Name in Resolve"
"Value": "True"
}
]
}
{
"ResourceARN":"arn:aws:backup:$Region:$AccountId:recovery-point:xxxxxxxx",
"Tags": [
{
"Key: "Name",
"Value": "Unused"
},
{
"Key": "Name in Resolve"
"Value": "false"
}
]
}
JSON 样本有一些小错误,但使用它(经过更正)作为输入,相关的 jq 过滤器将是:
.Tags |= map(select(.Key | IN("Name", "Name in Resolve")))
如果您的 jq 没有 IN/1,那么您只需将其 def 复制到程序的开头即可:
def IN(s): first((s == .) // empty) // false;