I am having a bit of an issue with this command. I am trying to list out only the egress ACL rules, and just the rule number. So this is my command:
aws ec2 describe-network-acls --network-acl-ids acl-c324a5a4 --output text --query 'NetworkAcls[*].Entries[*].{RN:RuleNumber}' --filter Name=entry.rule-action,Values=allow Name=entry.egress,Values=true
The return of this is:
100
110
120
130
140
150
160
170
32767
100
110
120
130
140
150
160
170
32767
It is basically listing both egress and ingress rules. The egress and ingress rules have the same rule number. It also lists the *DENY rule (32767), I would also like to avoid that.
Can anyone help me with this command where I want to list out only egress rule numbers?
Thanks
so you want the Egress Rule Number which are allowed. You can do that using the following query:
aws ec2 describe-network-acls \
--output text \
--network-acl-ids acl-c324a5a4 \
--query 'NetworkAcls[*].Entries[?(RuleAction==`allow` && Egress==`true`)].{RN:RuleNumber}'
You can read more about Controlling Command Output from the AWS Command Line Interface