JSON 文件:
"UserDetailList": [
{
"UserName": "ec2-provisioning",
"GroupList": [],
"CreateDate": "2017-11-07T14:20:14Z",
"UserId": "1234556",
"Path": "/",
"AttachedManagedPolicies": [
{
"PolicyName": "EC2FullAccess",
"PolicyArn": "arn:aws:iam::aws:policy/AmazonEC2FullAccess"
},
{
"PolicyName": "AmazonS3FullAccess",
"PolicyArn": "arn:aws:iam::aws:policy/AmazonS3FullAccess"
}
],
"Arn": "arn:aws:iam::1234567890:user/citrix-xendesktop-ec2-provisioning"
},
{
"UserName": "read-only-iam-permissions",
"GroupList": [],
"CreateDate": "2018-03-09T11:13:38Z",
"UserId": "AABCDEFGHG6EQ",
"Path": "/",
"AttachedManagedPolicies": [
{
"PolicyName": "IAMReadOnlyAccess",
"PolicyArn": "arn:aws:iam::aws:policy/IAMReadOnlyAccess"
}
],
"Arn": "arn:aws:iam::123456789:user/rundeck-read-only-iam-permissions"
}]
和 jq -r '.UserDetailList[] | [.UserName] | @csv' output.json > fileout2.csv
我可以得到
xendesktop-ec2-provisioning"
"rundeck-read-only-iam-permissions"
如何获取这 2 个用户的 IAM 策略,我需要在 AttachedManagedPolicies 下提取 AmazonEC2FullAccess 和 AmazonS3FullAccess …
我无法通过 Rundeck 运行 AWS CLI 命令,从终端运行一切正常,安装了 boto3,也安装了 botocore
import sys
import os
if os.environ.get('LC_CTYPE', '') == 'UTF-8':
os.environ['LC_CTYPE'] = 'en_US.UTF-8'
import awscli.clidriver
def main():
return awscli.clidriver.main()
if __name__ == '__main__':
sys.exit(main())
这是我在 Rundeck UI 上得到的
Traceback (most recent call last):
File "/bin/aws", line 19, in <module>
import awscli.clidriver
File "/usr/lib/python2.7/site-packages/awscli/clidriver.py", line 17, in <module>
import botocore.session
ImportError: No module named botocore.session