AWS CLI Query Table Output

0
votes

I am new here, please be gentle.

I am an IT Auditor (again be gentle) and I am trying to find ways to increase the efficiency of our audits for clients who use AWS. We have a test AWS environment and I am attempting to use the CLI to return a listing of Instances with their attached Security Groups.

Here is the command I am using:

aws ec2 describe-instances --query 'Reservations[].Instances[].{Instance_ID:InstanceId,SecurityGroup_Name:SecurityGroups[].GroupName,SecurityGroup_ID:SecurityGroups[].GroupId}' --output table

This gives me the information I want; however, the table format does something weird. The detail is not under the correct heading. Specifically, the SecurityGroup_Names attached to the first instance does not show up under the SecurityGroup_Name header; rather it shows up under the 2nd Instance ID header.

I'm assuming that I am fundamentally screwing something up and my results being accurate is just dumb luck. Any help is greatly appreciated. Thanks.

See pic (don't have enough rep points to show pic -you'll have to click):

https://s3.us-east-2.amazonaws.com/joey-linux-files/stuff/Inkedsg+query+table+output_LI.jpg

1
amazon-web-servicesaws-cli
I think you are probably seeing a bug in the awscli. Check that you have the latest version installed and if it's still a problem and you have GitHub credentials then you can raise an issue at github.com/aws/aws-cli. Is the tabular format what you ultimately want, or would it be better in some other format? - jarmod
I ran this against a moderately complex AWS account and the results seemed to be correct. I did not see the same problem. What does "aws --version" tell you? - jarmod
Thanks for the response. It says: aws-cli/1.14.9 Python/2.7.13 Linux/4.9.76-3.78.amzn1.x86_64 botocore/1.9.3 - Joey LoSurdo
Ran the upgrade - then executed the command again - still having the issue. I'll raise it at Github. I can really use it in any format - so, for now, I'll use JSON - however tabular would be slightly better. - Joey LoSurdo
your output is different than mine and different from what your query defines. Instance_ID and its value should be on the same line in the table. For reference, I have aws-cli/1.14.50 Python/3.6.4 Darwin/17.4.0 botocore/1.9.3 - LHWizard

1 Answers

0
votes

I find the output in yaml easier on they eyes. You could try this: aws ec2 describe-security-groups --group-ids $sg --output yaml | egrep -v "Ipv6Ranges|PrefixListIds|UserIdGroupPairs" | sed -e 's/^/ /g' (where: sg = the security group id you are interested in)