Unable to search output of `get-bucket-policy` for AWS CLI

Question

Unable to search output of `get-bucket-policy` for AWS CLI

Opened this issue 7 years ago · 1 comments

Hello, I am trying to parse the output of get-bucket-policy on s3api which looks like this:

{
    "Policy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Sid\":\"AWSCloudTrailAclCheck20150319\",\"Effect\":\"Allow\",\"Principal\":{\"Service\":\"cloudtrail.amazonaws.com\"},\"Action\":\"s3:GetBucketAcl\",\"Resource\":\"arn:aws:s3:::anothersillys3bucketwhichcanbedeletedlater\"},{\"Sid\":\"AWSCloudTrailWrite20150319\",\"Effect\":\"Allow\",\"Principal\":{\"Service\":\"cloudtrail.amazonaws.com\"},\"Action\":\"s3:PutObject\",\"Resource\":\"arn:aws:s3:::anothersillys3bucketwhichcanbedeletedlater/AWSLogs/1234567/*\",\"Condition\":{\"StringEquals\":{\"s3:x-amz-acl\":\"bucket-owner-full-control\"}}}]}"
}

Unfortunately, the usual filters won't work. Is there a way to parse this mess of stringified JSON automatically?

I have tried
Policy.Version and Policy.\"Version\" both of which fail.

Answer 1 · 2018-09-27T12:51:36.000Z

This won't work because the value of "Policy" here is a string, not a JSON structure.
And AFAIK there isn't such a built-in function in JMESPath (to parse/eval a string to JSON).