Search code examples
azureazure-clijmespath

azure jmespath query list with json

I have something like this from Azure nsg query

    [
      {
        "access": "Deny",
        ...
        ...
        "sourceAddressPrefixes": [
          "x.x.x.x",
          "y.y.y.y"
        ],
        "sourceApplicationSecurityGroups": null,
        ...
        ..
      },
    ]

I'd like to query sourceAddressPrefixes from that list, both x.x.x.x and y.y.y.y, along with other attributes.

Those are what I've tried:

  • [?direction=='Inbound'].[name,destinationAddressPrefix,sourceAddressPrefix,sourceAddressPrefixes[*],priority] this gives me the count of the list
  • [?direction=='Inbound'].[name,destinationAddressPrefix,sourceAddressPrefix,sourceAddressPrefixes[0:],priority] this still gives me the count
  • [?direction=='Inbound']. [name,destinationAddressPrefix,sourceAddressPrefix,sourceAddressPrefixes[],priority] count still
  • [?direction=='Inbound'].[name,destinationAddressPrefix,sourceAddressPrefix,sourceAddressPrefixes[0],priority] this works, but only get one value.
  • --query "[?direction=='Inbound'].sourceAddressPrefixes[]" --out tsv this works, but don't have other attributes.

I tried this in https://jmespath.org/tutorial.html and it works fine with just [?direction=='Inbound'].[access,sourceAddressPrefixes], but not in the command line, even with quotes around the query.

I am running this on Ubuntu 18.4
python-jmespath verion 0.9.3

Solution

  • There is a misunderstanding you made on the Azure CLI command. I see you want to filter the Inbound rules of the NSG and see some attributes. If you want to see all the attributes of the inbound rules:

    az network nsg rule list -g groupName--nsg-name nsgName --query "[?direction=='Inbound']"

    If you want to see some attributes of the inbound rules:

    az network nsg rule list -g groupName--nsg-name nsgName --query "[?direction=='Inbound'].[name,destinationAddressPrefix,sourceAddressPrefix,sourceAddressPrefixes,priority]"

    But for this, I suggest you use another format:

    az network nsg rule list -g charles --nsg-name azurevmNSG --query "[?direction=='Inbound'].{name:name,destinationAddressPrefix:destinationAddressPrefix,sourceAddressPrefix:sourceAddressPrefix,sourceAddressPrefixes:sourceAddressPrefixes,priority:priority}"

    This way will show you the attributes' names and values. Maybe it's more convenient to read if you add the parameter -o table.