通过CLI更新AWS API Gateway资源策略的语法正确吗? [英] Correct syntax for updating AWS API Gateway resource policy via CLI?

问题描述

我正在尝试通过CLI更新API Gateway实例上的资源策略，但似乎找不到正确的JSON语法.在文档中，它说使用​​补丁操作"，据我了解，该策略需要一个JSON字符串.我尝试了缩小的JSON，转义的JSON，单引号，无引号，而且似乎没有任何作用.该文档在补丁操作的value字段中没有实际JSON的示例，因此我感到有些迷失.

我一直在尝试此命令的变体:

aws apigateway update-rest-api --rest-api-id abcde123 --patch-operations op = replace，path =/policy，value ='{"Version":"2012-10-17"，声明":[{效果":允许"，主体":"*"，操作":"execute-api:调用"，资源":"arn:aws:execute-api:region:000000000000:*}，{" Effect:" Deny，" Principal:" *，" Action:" execute-api:Invoke，" Resource:" arn:aws:execute-api:region:000000000000:*，"条件:{" StringNotEquals:{" aws:SourceVpce:[" vpce-123456789，" vpce-987654321]}}}}}''

我每次都说一个错误:

解析参数'--patch-operations'时出错:预期:'='，收到:'{'作为输入:

相关文档

关键是将JSON对象转换为字符串化的文本，我已经使用过此网站.基本上，将JSON粘贴到输入文本框中，然后将字符串化的文本复制到AWS CLI命令中.

更多信息此处.

I am attempting to update a resource policy on my API Gateway instance via the CLI and I can't seem to find the right syntax for the JSON. In the documentation it says to use "patch-operations", and from what I understand, it needs a string of JSON for the policy. I have tried minified JSON, escaped JSON, single quotes, no quotes, and nothing seems to work. The documentation doesn't have an example of actual JSON in the value field for patch-operations, so I feel kind of lost.

I have been trying variations of this command:

aws apigateway update-rest-api --rest-api-id abcde123 --patch-operations op=replace,path=/policy,value='{"Version":"2012-10-17","Statement":[{"Effect":"Allow","Principal":"*","Action":"execute-api:Invoke","Resource":"arn:aws:execute-api:region:000000000000:*"},{"Effect":"Deny","Principal":"*","Action":"execute-api:Invoke","Resource":"arn:aws:execute-api:region:000000000000:*","Condition":{"StringNotEquals":{"aws:SourceVpce":["vpce-123456789","vpce-987654321"]}}}]}'

I get an error every time saying:

Error parsing parameter '--patch-operations': Expected: '=', received: '{' for input:

Pertinent documentation here.

解决方案

The following command has been tested against my environment - ( using bash)

aws apigateway update-rest-api --rest-api-id %REST_API_ID% --patch-operations op=replace,path=/policy,value='"{\"Version
\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":\"*\",\"Action\":\"execute-api:Invoke\",\"Resource
\":\"arn:aws:execute-api:region:000000000000:*\"},{\"Effect\":\"Deny\",\"Principal\":\"*\",\"Action\":\"execute-api:Inv
oke\",\"Resource\":\"arn:aws:execute-api:region:000000000000:*\",\"Condition\":{\"StringNotEquals\":{\"aws:SourceVpce\"
:[\"vpce-123456789\",\"vpce-987654321\"]}}}]}"' --region %REGION%

The key is to convert the JSON object to text stringified, I have used this site. Basically, paste your JSON into the input text box and copy the stringified text into the AWS CLI command.

More info here.

这篇关于通过CLI更新AWS API Gateway资源策略的语法正确吗?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！