使用命令
aws resourcegroupstaggingapi get-resources --profile (profile_name)
返回一个包含资源 ARN 值及其标签的 JSON 对象数组(另一个包含标签键和值的 JSON 对象数组。
这是一个匿名示例:
{
"ResourceTagMappingList": [
{
"ResourceARN": "arn:aws:acm:eu-west-1:123456789000:certificate/XXXXX-YYYY-8888-9999-CCCCCCCCCCCCC",
"Tags": [
{
"Key": "Environment",
"Value": "BAR"
}
]
},
{
"ResourceARN": "arn:aws:acm:eu-west-1:123456789000:certificate/XXXXX-YYYY-8888-9999-CCCCCCCCCCCCC",
"Tags": [
{
"Key": "Environment",
"Value": "FOO"
}
]
},
{
"ResourceARN": "arn:aws:ec2:eu-west-1:123456789000:elastic-ip/eipalloc-112345440809463",
"Tags": [
{
"Key": "Component",
"Value": "somethingCool"
},
{
"Key": "DeployID",
"Value": "di-01"
},
{
"Key": "Name",
"Value": "eip-nat-somethingCool-di-01"
}
]
},
{
"ResourceARN": "arn:aws:ec2:eu-west-1:123456789000:elastic-ip/eipalloc-19853410278439394i3",
"Tags": [
{
"Key": "Component",
"Value": "somethingCool"
},
{
"Key": "DeployID",
"Value": "bla-internal-goku"
},
{
"Key": "Name",
"Value": "eip-nat-somethingCool-bla-internal-goku"
}
]
},
{
"ResourceARN": "arn:aws:elasticloadbalancing:eu-west-1:123456789000:targetgroup/tf-20190624192221842800000004/oisajhiuweniçqej82u23948u3",
"Tags": [
{
"Key": "Component",
"Value": "somethingCool"
},
{
"Key": "DeployID",
"Value": "env01-bla00"
},
{
"Key": "Environment",
"Value": "env01"
},
{
"Key": "Estate",
"Value": "something"
},
{
"Key": "Name",
"Value": "target-group-lala-somethingCool-env01-bla00-vsquad"
}
]
}
]
}
所以我想知道是否可以使用cli工具jq来根据特定标签值过滤对象?是否可以列出特定标签键的所有值?
根据特定标签值过滤对象:
aws resourcegroupstaggingapi get-resources --region REGIONCODE \
| jq '.ResourceTagMappingList[] | select(.Tags[0].Value == "VALUETYPE")'
列出特定标签键的所有值:
aws resourcegroupstaggingapi get-tag-values --key KEYNAME
您可以通过调用相同的 API,但 get-tag-values 来查询 AWS 账户指定区域中指定键的所有标签值。
https://docs.aws.amazon.com/resourcegroupstagging/latest/APIReference/API_GetTagValues.html
aws resourcegroupstaggingapi get-resources --region "$AWS_REGION" --tag-filters Key=TAG_NAME | jq '.ResourceTagMappingList[] | select(any(.Tags[] ; .Key == "TAG_NAME" and .Value == "TAG_VALUE"))'
请注意
--tag-filters Key=TAG_NAME
命令本身中的 aws resourcegroupstaggingapi
,这样 AWS 就不会返回任何没有所需标签的资源。
如果您想对
.Value
进行部分(子字符串)匹配,请使用以下命令:
aws resourcegroupstaggingapi get-resources --region "$AWS_REGION" --tag-filters Key=TAG_NAME | jq '.ResourceTagMappingList[] | select(any(.Tags[] ; .Key == "TAG_NAME" and (.Value | contains("SUBSTRING"))))'
请注意,
.Value == "TAG_VALUE"
已替换为(.Value | contains("SUBSTRING"))
(并且需要用括号括起来,因为操作符优先级and