Closed oesain closed 6 years ago
Bash is stripping out some of the {
and '
characters so you'll need to quote the entire shorthand value. For example, if I just echo the command:
$ echo aws guardduty list-findings --detector-id xxxxxxxx --finding-criteria Criterion={type={Eq="UnauthorizedAccess:EC2/SSHBruteForce"},severity={Gte=1}} --debug
aws guardduty list-findings --detector-id xxxxxxxx --finding-criteria Criterion=type={Eq=UnauthorizedAccess:EC2/SSHBruteForce} Criterion=severity={Gte=1} --debug
Note how bash converts this value to Criterion=type={Eq=UnauthorizedAccess:EC2/SSHBruteForce} Criterion=severity={Gte=1}
. If I surround the value with '
then bash leaves the value unmodified:
$ echo aws guardduty list-findings --detector-id xxxxxxxx --finding-criteria 'Criterion={type={Eq="UnauthorizedAccess:EC2/SSHBruteForce"},severity={Gte=1}}' --debug
aws guardduty list-findings --detector-id xxxxxxxx --finding-criteria Criterion={type={Eq="UnauthorizedAccess:EC2/SSHBruteForce"},severity={Gte=1}} --debug
Let me know if that works for you.
This issue has been automatically closed because there has been no response to our request for more information from the original author. With only the information that is currently in the issue, we don't have enough information to take action. Please reach out if you have or find the answers we need so that we can investigate further.
When using the CLI to invoke list-findings in Guardduty the shorthand form fails to parse when more than one keyname is specified in the criterion.