search

aws / aws-cli

Universal Command Line Interface for Amazon Web Services
Other
15.53k stars 4.13k forks source link

aws guardduty list-findings ...--finding-criteria fails to parse the shorthand format when more than one key is specified #3471

Closed oesain closed 6 years ago

oesain commented 6 years ago

When using the CLI to invoke list-findings in Guardduty the shorthand form fails to parse when more than one keyname is specified in the criterion.

aws guardduty list-findings --detector-id xxxxxxxx --finding-criteria Criterion={type={Eq="UnauthorizedAccess:EC2/SSHBruteForce"},severity={Gte=1}} --debug
2018-07-26 14:54:37,246 - MainThread - awscli.clidriver - DEBUG - CLI version: aws-cli/1.15.64 Python/2.7.10 Darwin/16.7.0 botocore/1.10.63
2018-07-26 14:54:37,246 - MainThread - awscli.clidriver - DEBUG - Arguments entered to CLI: ['guardduty', 'list-findings', '--detector-id', 'xxxxxxxx', '--finding-criteria', 'Criterion=type={Eq=UnauthorizedAccess:EC2/SSHBruteForce}', 'Criterion=severity={Gte=1}', '--debug']
2018-07-26 14:54:37,246 - MainThread - botocore.hooks - DEBUG - Event session-initialized: calling handler <function add_scalar_parsers at 0x10edc67d0>
2018-07-26 14:54:37,247 - MainThread - botocore.session - DEBUG - Loading variable profile from defaults.
2018-07-26 14:54:37,247 - MainThread - botocore.hooks - DEBUG - Event session-initialized: calling handler <function register_uri_param_handler at 0x10da9c578>
2018-07-26 14:54:37,247 - MainThread - botocore.session - DEBUG - Loading variable profile from defaults.
2018-07-26 14:54:37,247 - MainThread - botocore.hooks - DEBUG - Event session-initialized: calling handler <function inject_assume_role_provider_cache at 0x10e76faa0>
2018-07-26 14:54:37,247 - MainThread - botocore.session - DEBUG - Loading variable profile from defaults.
2018-07-26 14:54:37,247 - MainThread - botocore.session - DEBUG - Loading variable credentials_file from defaults.
2018-07-26 14:54:37,247 - MainThread - botocore.session - DEBUG - Loading variable config_file from defaults.
2018-07-26 14:54:37,247 - MainThread - botocore.session - DEBUG - Loading variable profile from defaults.
2018-07-26 14:54:37,247 - MainThread - botocore.session - DEBUG - Loading variable metadata_service_timeout from defaults.
2018-07-26 14:54:37,247 - MainThread - botocore.session - DEBUG - Loading variable profile from defaults.
2018-07-26 14:54:37,248 - MainThread - botocore.session - DEBUG - Loading variable metadata_service_num_attempts from defaults.
2018-07-26 14:54:37,248 - MainThread - botocore.session - DEBUG - Loading variable profile from defaults.
2018-07-26 14:54:37,248 - MainThread - botocore.hooks - DEBUG - Event session-initialized: calling handler <function attach_history_handler at 0x10e9a7320>
2018-07-26 14:54:37,248 - MainThread - botocore.session - DEBUG - Loading variable profile from defaults.
2018-07-26 14:54:37,248 - MainThread - botocore.session - DEBUG - Loading variable profile from defaults.
2018-07-26 14:54:37,248 - MainThread - botocore.session - DEBUG - Loading variable api_versions from defaults.
2018-07-26 14:54:37,250 - MainThread - botocore.loaders - DEBUG - Loading JSON file: /usr/local/aws/lib/python2.7/site-packages/botocore/data/guardduty/2017-11-28/service-2.json
2018-07-26 14:54:37,263 - MainThread - botocore.hooks - DEBUG - Event service-data-loaded.guardduty: calling handler <function register_retries_for_service at 0x10e341f50>
2018-07-26 14:54:37,264 - MainThread - botocore.handlers - DEBUG - Registering retry handlers for service: guardduty
2018-07-26 14:54:37,265 - MainThread - botocore.hooks - DEBUG - Event building-command-table.guardduty: calling handler <function add_waiters at 0x10edce320>
2018-07-26 14:54:37,272 - MainThread - awscli.clidriver - DEBUG - OrderedDict([(u'detector-id', <awscli.arguments.CLIArgument object at 0x10f0abfd0>), (u'finding-criteria', <awscli.arguments.CLIArgument object at 0x10f0abd90>), (u'max-results', <awscli.arguments.CLIArgument object at 0x10f0b8050>), (u'next-token', <awscli.arguments.CLIArgument object at 0x10f0b8090>), (u'sort-criteria', <awscli.arguments.CLIArgument object at 0x10f0b80d0>)])
2018-07-26 14:54:37,273 - MainThread - botocore.hooks - DEBUG - Event building-argument-table.guardduty.list-findings: calling handler <function add_streaming_output_arg at 0x10edc6c80>
2018-07-26 14:54:37,273 - MainThread - botocore.hooks - DEBUG - Event building-argument-table.guardduty.list-findings: calling handler <function add_cli_input_json at 0x10e7778c0>
2018-07-26 14:54:37,273 - MainThread - botocore.hooks - DEBUG - Event building-argument-table.guardduty.list-findings: calling handler <function unify_paging_params at 0x10ea445f0>
2018-07-26 14:54:37,281 - MainThread - botocore.loaders - DEBUG - Loading JSON file: /usr/local/aws/lib/python2.7/site-packages/botocore/data/guardduty/2017-11-28/paginators-1.json
2018-07-26 14:54:37,282 - MainThread - awscli.customizations.paginate - DEBUG - Modifying paging parameters for operation: ListFindings
2018-07-26 14:54:37,282 - MainThread - botocore.hooks - DEBUG - Event building-argument-table.guardduty.list-findings: calling handler <function add_generate_skeleton at 0x10ea22ed8>
2018-07-26 14:54:37,282 - MainThread - botocore.hooks - DEBUG - Event before-building-argument-table-parser.guardduty.list-findings: calling handler <bound method CliInputJSONArgument.override_required_args of <awscli.customizations.cliinputjson.CliInputJSONArgument object at 0x10f0b8110>>
2018-07-26 14:54:37,282 - MainThread - botocore.hooks - DEBUG - Event before-building-argument-table-parser.guardduty.list-findings: calling handler <bound method GenerateCliSkeletonArgument.override_required_args of <awscli.customizations.generatecliskeleton.GenerateCliSkeletonArgument object at 0x10f0b84d0>>
usage: aws [options] <command> <subcommand> [<subcommand> ...] [parameters]
To see help text, you can run:

  aws help
  aws <command> help
  aws <command> <subcommand> help

Unknown options: Criterion=severity={Gte=1}
jamesls commented 6 years ago

Bash is stripping out some of the { and ' characters so you'll need to quote the entire shorthand value. For example, if I just echo the command:

$ echo aws guardduty list-findings --detector-id xxxxxxxx --finding-criteria Criterion={type={Eq="UnauthorizedAccess:EC2/SSHBruteForce"},severity={Gte=1}} --debug
aws guardduty list-findings --detector-id xxxxxxxx --finding-criteria Criterion=type={Eq=UnauthorizedAccess:EC2/SSHBruteForce} Criterion=severity={Gte=1} --debug

Note how bash converts this value to Criterion=type={Eq=UnauthorizedAccess:EC2/SSHBruteForce} Criterion=severity={Gte=1}. If I surround the value with ' then bash leaves the value unmodified:

$ echo aws guardduty list-findings --detector-id xxxxxxxx --finding-criteria 'Criterion={type={Eq="UnauthorizedAccess:EC2/SSHBruteForce"},severity={Gte=1}}' --debug
aws guardduty list-findings --detector-id xxxxxxxx --finding-criteria Criterion={type={Eq="UnauthorizedAccess:EC2/SSHBruteForce"},severity={Gte=1}} --debug

Let me know if that works for you.

no-response[bot] commented 6 years ago

This issue has been automatically closed because there has been no response to our request for more information from the original author. With only the information that is currently in the issue, we don't have enough information to take action. Please reach out if you have or find the answers we need so that we can investigate further.