Code:
{
"IdentityPoolId": "eu-central-1:xxxxxx-xxxx-xxxx-xxxxx-xxxxx",
"Roles": {
"authenticated": "arn:aws:iam::yyyyy:role/cognito-authenticated-users",
"unauthenticated": "arn:aws:iam::yyyyy:role/cognito-unauthenticated-users"
},
"RoleMappings": {
"cognito-idp.eu-central-1.amazonaws.com/eu-central-1_zzzzzzz:7107g4iumghehuhdvi": {
"Type": "Token",
"AmbiguousRoleResolution": "Deny"
},
"cognito-idp.eu-central-1.amazonaws.com/eu-central-1_zzzzzzz:adlka602a327mk101t": {
"Type": "Token",
"AmbiguousRoleResolution": "Deny"
}
}
}
{
"IdentityPoolId": "eu-central-1:xxxxxx-xxxx-xxxx-xxxxx-xxxxx",
"Roles": {
"authenticated": "arn:aws:iam::yyyyy:role/cognito-authenticated-users",
"unauthenticated": "arn:aws:iam::yyyyy:role/cognito-unauthenticated-users"
},
"RoleMappings": {
"cognito-idp.eu-central-1.amazonaws.com/eu-central-1_zzzzzzz:7107g4iumghehuhdvi": {
"Type": "Token",
"AmbiguousRoleResolution": "Deny"
},
"cognito-idp.eu-central-1.amazonaws.com/eu-central-1_zzzzzzz:adlka602a327mk101t": {
"Type": "Token",
"AmbiguousRoleResolution": "Deny"
}
}
}
A dotle sam dosao ovakvom komandom
aws cognito-identity get-identity-pool-roles --identity-pool-id $IDENTITY_POOL_ID |
jq -c 'del(.RoleMappings)' | jq -c '. += {"RoleMappings"}' |
jq -c ' .RoleMappings += {
"cognito-idp.eu-central-1.amazonaws.com/eu-central-1_zzzzzzz:7107g4iumghehuhdvi": {"Type": "Token", "AmbiguousRoleResolution": "Deny"},
"cognito-idp.eu-central-1.amazonaws.com/eu-central-1_zzzzzzz:adlka602a327mk101t": {"Type": "Token", "AmbiguousRoleResolution": "Deny"}}' |
jq
jq -c 'del(.RoleMappings)' | jq -c '. += {"RoleMappings"}' |
jq -c ' .RoleMappings += {
"cognito-idp.eu-central-1.amazonaws.com/eu-central-1_zzzzzzz:7107g4iumghehuhdvi": {"Type": "Token", "AmbiguousRoleResolution": "Deny"},
"cognito-idp.eu-central-1.amazonaws.com/eu-central-1_zzzzzzz:adlka602a327mk101t": {"Type": "Token", "AmbiguousRoleResolution": "Deny"}}' |
jq
znaci od ove aws-cli get-identity-pool-roles komande zelim da obrisem postojece RoleMappings i da kreiram nove. Ali zelim da "7107g4iumghehuhdvi" i "adlka602a327mk101t" ubacim iz neke druge komande. Tih stringova moze biti jedan ili vise.
To dobijam sa
$ aws cognito-idp list-user-pool-clients --user-pool-id $USER_POOL_ID | jq -r '.UserPoolClients[] | select(.ClientName | contains("AWSElasticsearch-")) | .ClientId'
7107g4iumghehuhdvi
adlka602a327mk101t
7107g4iumghehuhdvi
adlka602a327mk101t
Kako jq da provucem kroz petlju, ili kako da dodjem do onog rezultata?
Ovo je dokle sam dosao i u kom smeru sam isao, ali bezuspesno.
Pokusao sam sa for petljom da smestim ovo
Code:
"cognito-idp.eu-central-1.amazonaws.com/eu-central-1_zzzzzzz:7107g4iumghehuhdvi": {"Type": "Token", "AmbiguousRoleResolution": "Deny"},
"cognito-idp.eu-central-1.amazonaws.com/eu-central-1_zzzzzzz:adlka602a327mk101t": {"Type": "Token", "AmbiguousRoleResolution": "Deny"}
"cognito-idp.eu-central-1.amazonaws.com/eu-central-1_zzzzzzz:7107g4iumghehuhdvi": {"Type": "Token", "AmbiguousRoleResolution": "Deny"},
"cognito-idp.eu-central-1.amazonaws.com/eu-central-1_zzzzzzz:adlka602a327mk101t": {"Type": "Token", "AmbiguousRoleResolution": "Deny"}
na ovaj nacin i dobijem neki prihvatljivi rezultat
$ COGNITO_IDENTITY_PROVIDERS=`for row in $(aws cognito-idp list-user-pool-clients --user-pool-id $USER_POOL_ID | jq -r '.UserPoolClients[] | select(.ClientName | contains("AWSElasticsearch-")) | .ClientId'); do echo ""cognito-idp.eu-central-1.amazonaws.com/eu-central-1_nOXeInexn:${row}": {"Type": "Token", "AmbiguousRoleResolution": "Deny"},"; done`
$ echo $COGNITO_IDENTITY_PROVIDERS
cognito-idp.eu-central-1.amazonaws.com/eu-central-1_zzzzzzz:7107g4iumghehuhdvi: {Type: Token, AmbiguousRoleResolution: Deny},
cognito-idp.eu-central-1.amazonaws.com/eu-central-1_zzzzzzz:adlka602a327mk101t: {Type: Token, AmbiguousRoleResolution: Deny},
$ echo $COGNITO_IDENTITY_PROVIDERS
cognito-idp.eu-central-1.amazonaws.com/eu-central-1_zzzzzzz:7107g4iumghehuhdvi: {Type: Token, AmbiguousRoleResolution: Deny},
cognito-idp.eu-central-1.amazonaws.com/eu-central-1_zzzzzzz:adlka602a327mk101t: {Type: Token, AmbiguousRoleResolution: Deny},
Ali kad to ubacim u petlju, i to prosledim argument iz bash-a u jq ovako
$ aws cognito-identity get-identity-pool-roles --identity-pool-id $IDENTITY_POOL_ID | jq -c 'del(.RoleMappings)' | jq -c '. += {"RoleMappings"}' | jq -c --arg COGNITO_IDENTITY_PROVIDERS "$COGNITO_IDENTITY_PROVIDERS" ' .RoleMappings += {$COGNITO_IDENTITY_PROVIDERS}' | jq
{
"IdentityPoolId": "eu-central-1:xxxxxx-xxxx-xxxx-xxxxx-xxxxx",
"Roles": {
"authenticated": "arn:aws:iam::884799561126:role/cognito-authenticated-users",
"unauthenticated": "arn:aws:iam::884799561126:role/cognito-unauthenticated-users"
},
"RoleMappings": {
"COGNITO_IDENTITY_PROVIDERS": "cognito-idp.eu-central-1.amazonaws.com/eu-central-1_zzzzzzz:7107g4iumghehuhdvi: {Type: Token, AmbiguousRoleResolution: Deny},\ncognito-idp.eu-central-1.amazonaws.com/eu-central-1_zzzzzzz:adlka602a327mk101t: {Type: Token, AmbiguousRoleResolution: Deny},"
}
}
{
"IdentityPoolId": "eu-central-1:xxxxxx-xxxx-xxxx-xxxxx-xxxxx",
"Roles": {
"authenticated": "arn:aws:iam::884799561126:role/cognito-authenticated-users",
"unauthenticated": "arn:aws:iam::884799561126:role/cognito-unauthenticated-users"
},
"RoleMappings": {
"COGNITO_IDENTITY_PROVIDERS": "cognito-idp.eu-central-1.amazonaws.com/eu-central-1_zzzzzzz:7107g4iumghehuhdvi: {Type: Token, AmbiguousRoleResolution: Deny},\ncognito-idp.eu-central-1.amazonaws.com/eu-central-1_zzzzzzz:adlka602a327mk101t: {Type: Token, AmbiguousRoleResolution: Deny},"
}
}
a zeliim da bude onako kao na pocetku posta.