2

I trying to output in a column format three keys from 'rds'. If I start with this statement:

aws rds describe-db-instances --region us-east-1 --query 'DBInstances[*].[DBInstanceIdentifier, PubliclyAccessible, VpcSecurityGroupId]' --output text

...I get:

DBId true none

However, if I include another element to pull the security group:

aws rds describe-db-instances --region us-east-1 --query 'DBInstances[*].VpcSecurityGroups[*].[DBInstanceIdentifier, PubliclyAccessible, VpcSecurityGroupId]' --output text

...I get:

none none sg-id

I am not quite sure why my first two columns now become none and the sg-id is presented.

kenorb
  • 155,785
  • 88
  • 678
  • 743
mitechniq
  • 151
  • 1
  • 1
  • 8

1 Answers1

3

The difference is VpcSecurityGroups[*]:

'DBInstances[*].[DBInstanceIdentifier, PubliclyAccessible, VpcSecurityGroupId]'
vs
'DBInstances[*].VpcSecurityGroups[*].[DBInstanceIdentifier, PubliclyAccessible, VpcSecurityGroupId]'

In the second one, you are receiving none because DBInstanceIdentifier and PubliclyAccessible are not attributes of VpcSecurityGroups.

Here's a portion of an output to show the hierarchy:

{
    "DBInstances": [
        {
            "PubliclyAccessible": false,
            "VpcSecurityGroups": [
                {
                    "Status": "active",
                    "VpcSecurityGroupId": "sg-1203dc23"
                }
            ],
            "DBInstanceIdentifier": "mydbinstance-1"
        }
    ]
}

Try this instead:

'DBInstances[*].[DBInstanceIdentifier, PubliclyAccessible, VpcSecurityGroups[*].VpcSecurityGroupId]'

It won't look very pretty if there are multiple security groups, since it is a one-to-many relationship.

John Rotenstein
  • 241,921
  • 22
  • 380
  • 470
  • Unfortunately that removes the column structure and I am not able to 'awk' the true/false. – mitechniq Jan 10 '18 at 22:57
  • To ensure correct processing, it's better to receive output as JSON and process it either programmatically or with JQ -- this ensures you are receiving the correct data rather than relying on tabs, especially for one-to-many outputs. – John Rotenstein Jan 11 '18 at 03:13