Boto3不返回configservice中的所有describe_compliance_by_config_rule条目

时间:2018-11-29 10:43:45

标签: boto3

当我使用AWS CLI运行以下命令以查找AWS Config规则的合规性状态时,会得到预期的响应:

$ aws configservice describe-compliance-by-config-rule --config-rule-names vpc-flow-logs-enabled
{
    "ComplianceByConfigRules": [
        {
            "ConfigRuleName": "vpc-flow-logs-enabled",
            "Compliance": {
                "ComplianceType": "NON_COMPLIANT",
                "ComplianceContributorCount": {
                    "CappedCount": 2,
                    "CapExceeded": false
                }
            }
        }
    ]
}

如果我运行与Python相同的代码,则会得到botocore.errorfactory.NoSuchConfigRuleException异常:

import boto3

session = boto3.Session(profile_name='ops')
config = session.client('config',region_name='eu-west-1')
print config.describe_compliance_by_config_rule(ConfigRuleNames=['vpc-flow-logs-enabled'])

完整的例外是

Traceback (most recent call last):
  File "./test.py", line 7, in <module>
    print config.describe_compliance_by_config_rule(ConfigRuleNames=['vpc-flow-logs-enabled'])
  File "/usr/local/lib/python2.7/site-packages/botocore/client.py", line 320, in _api_call
    return self._make_api_call(operation_name, kwargs)
  File "/usr/local/lib/python2.7/site-packages/botocore/client.py", line 624, in _make_api_call
    raise error_class(parsed_response, operation_name)
botocore.errorfactory.NoSuchConfigRuleException: An error occurred (NoSuchConfigRuleException) when calling the DescribeComplianceByConfigRule operation: The ConfigRule 'vpc-flow-logs-enabled' provided in the request is invalid. Please check the configRule name.

更广泛的上下文是describe_compliance_by_config_rule()调用仅返回50条规则中的16条。这似乎不是分页器问题,因为返回输出不包含NextToken。当包裹在分页器中时,这仅返回一页。如果单独测试返回的16条规则之一,则示例Python代码将正确返回。

0 个答案:

没有答案