我有一个要迭代的AWS arn列表。
我正在尝试捕获arn是否在列表中:
user_name = 'bluethundr'
for policy_arn in policy_arn_list:
print("Policy ARN: ", policy_arn)
if policy_arn == ('pol-aws-secrets-manager-' + user_name):
policy_exists = True
print("Policy exists is true.")
但是if测试并未发现ARN已经存在的事实。这是我的输出:
Policy ARN: arn:aws:iam::849355752309:policy/pol-iam
Policy ARN: arn:aws:iam::849355752309:policy/pol-rds
Policy ARN: arn:aws:iam::849355752309:policy/pol-s3
Policy ARN: arn:aws:iam::849355752309:policy/pol-aws-secrets-manager-bluethundr
我正在寻找的ARN是:
arn:aws:iam::849355752309:policy/pol-aws-secrets-manager-bluethundr
我可以验证cli上是否存在ARN:
aws iam list-policies --scope Local --profile=jf-dev | jq -r '.Policies[].PolicyName' | grep bluethundr
pol-aws-secrets-manager-bluethundr
这是policy_arn_list的内容:
['arn:aws:iam::849355752309:policy/pol-aws-secrets-manager-user2',
'arn:aws:iam::849355752309:policy/pol-aws-secrets-manager-user4',
'arn:aws:iam::849355752309:policy/pol-aws-secrets-manager-bluethundr',
'arn:aws:iam::849355752309:policy/pol-s3',
'arn:aws:iam::849355752309:policy/pol-ec2',
'arn:aws:iam::849355752309:policy/pol-rds',
'arn:aws:iam::849355752309:policy/pol-iam',
'arn:aws:iam::849355752309:policy/pol-aws-secrets-manager-user1',
'arn:aws:iam::849355752309:policy/pol-aws-secrets-manager-user3']
我在做什么错?为什么if测试没有看到我要寻找的ARN已经在列表中?
答案 0 :(得分:1)
您可以尝试
if ('pol-aws-secrets-manager-' + user_name) in str(policy_arn):
在我看来1)policy_arn可能不是一个字符串(无法分辨),并且2)可能包含的字符更多('pol-aws-secrets-manager-'+ user_name)。如果只有这两个问题,那么我的解决方案应该可以工作。
答案 1 :(得分:1)
The ARN I am looking for is:
arn:aws:iam::849355752309:policy/pol-aws-secrets-manager-bluethundr
您的代码正在寻找pol-aws-secrets-manager-bluethundr,但是实际的ARN值在开始时就有多余的内容,并且您正在检查平等而不是子字符串匹配。
假设字符串开头的内容不重要,则可以尝试以下操作:
if policy_arn.endswith('/pol-aws-secrets-manager-' + user_name):
答案 2 :(得分:1)
在这种情况下,您可以使用str方法endswith()进行操作,如下所示。对于更复杂的模式,您可能需要使用re正则表达式模块,但这似乎并不需要处理这种简单的事情。
policy_arn_list = ['arn:aws:iam::849355752309:policy/pol-aws-secrets-manager-user2',
'arn:aws:iam::849355752309:policy/pol-aws-secrets-manager-user4',
'arn:aws:iam::849355752309:policy/pol-aws-secrets-manager-bluethundr',
'arn:aws:iam::849355752309:policy/pol-s3',
'arn:aws:iam::849355752309:policy/pol-ec2',
'arn:aws:iam::849355752309:policy/pol-rds',
'arn:aws:iam::849355752309:policy/pol-iam',
'arn:aws:iam::849355752309:policy/pol-aws-secrets-manager-user1',
'arn:aws:iam::849355752309:policy/pol-aws-secrets-manager-user3']
user_name = 'bluethundr'
search_target = 'pol-aws-secrets-manager-' + user_name
for policy_arn in policy_arn_list:
print("Policy ARN: ", policy_arn)
# if policy_arn == ('pol-aws-secrets-manager-' + user_name):
if policy_arn.endswith(search_target):
policy_exists = True
print("Policy exists is true.")
输出:
Policy ARN: arn:aws:iam::849355752309:policy/pol-aws-secrets-manager-user2
Policy ARN: arn:aws:iam::849355752309:policy/pol-aws-secrets-manager-user4
Policy ARN: arn:aws:iam::849355752309:policy/pol-aws-secrets-manager-bluethundr
Policy exists is true.
Policy ARN: arn:aws:iam::849355752309:policy/pol-s3
Policy ARN: arn:aws:iam::849355752309:policy/pol-ec2
Policy ARN: arn:aws:iam::849355752309:policy/pol-rds
Policy ARN: arn:aws:iam::849355752309:policy/pol-iam
Policy ARN: arn:aws:iam::849355752309:policy/pol-aws-secrets-manager-user1
Policy ARN: arn:aws:iam::849355752309:policy/pol-aws-secrets-manager-user3
答案 3 :(得分:0)
因为arn:aws:iam::849355752309:policy/pol-aws-secrets-manager-bluethundr不等于pol-aws-secrets-manager-bluethundr
答案 4 :(得分:0)
在policy_arn中看起来像policy_arn in policy_arn_list的地方是arn:aws:iam::849355752309:policy/
我只是在if语句中调整concat语法以确保正确的比较。
下面是修改后的代码。
user_name = 'bluethundr'
for policy_arn in policy_arn_list:
print("Policy ARN: ", policy_arn)
if policy_arn == ('arn:aws:iam::849355752309:policy/'+'pol-aws-secrets-manager-' + user_name):
policy_exists = True
print("Policy exists is true.")