AWK / Grep and Print All Matching Record

Question

I have this command which displays all the record from the search. But I would like to filter only the record that matches the search word.

For e.g.

for user in $(aws iam list-users |grep -i UserName|sed -e 's/.*: \"//' -e 's/\",//'); do 
    echo USER: $user; 
    echo TAGS:
    aws iam list-user-tags --user-name $user --output text | awk '{print $2,$3}'
    echo GROUPS:
    aws iam list-groups-for-user  --user-name $user --output text|awk {'print $5'};  done > users.txt

The above command displays the following results.

User: [email protected]
TAGS:
Team red
Status active
Environment: nonprod
GROUPS:
iam-nonprod
iam-prod

User: [email protected]
TAGS:
Team green
Status active
Environment: nonprod
GROUPS:
iam-nonprod
iam-prod

etc.

I would like get all the user where tag Team == red.

I tried with search string in line 4 like,

aws iam list-user-tags --user-name $user --output text | awk '/red/{print $2,$3}'

but it displays only one line

Team red

But I would like to display full record like

User: [email protected]
TAGS:
Team red
Status active
Environment: nonprod
GROUPS:
iam-nonprod
iam-prod

Could you please help how I can display all the record where tag Team == red.

You can use aws iam list-users --output text --query "Users[].UserName" to get a list of names. — jarmod, Commented Jan 23, 2023 at 14:21

steffen · Accepted Answer · 2023-01-23 14:40:39Z

4

For awk, you can use the paragraph mode. This will display all "records" that contain Team red.

awk -v RS= '/Team red/'

answered Jan 23, 2023 at 14:40

steffen

16.7k4 gold badges46 silver badges83 bronze badges

I was doing the same with awk 'BEGIN{RS="\n\n"} /Team red/{print}' file but I like yours better.
– Paul Hodges
Commented Jan 23, 2023 at 14:53
I tried both of your command but it not give the expected result. for user in $(aws iam list-users |grep -i UserName|sed -e 's/.*: \"//' -e 's/\",//'); do echo USER: $user; echo TAGS: aws iam list-user-tags --user-name $user --output text | awk -v RS= '/Team red/' echo GROUPS: aws iam list-groups-for-user --user-name $user --output text|awk {'print $5'}; done > users.txt I get all the results not just team red but also the result is missing the Tags User: [email protected] TAGS: GROUPS: iam-nonprod iam-prod
– xtonehari
Commented Jan 23, 2023 at 15:24
2

@PaulHodges FYI RS="\n\n" requires GNU awk or a couple of other variants that support multi-char RS, otherwise it'll be treated as RS="\n" per POSIX, while RS="" will work in any awk.
– Ed Morton
Commented Jan 23, 2023 at 16:39
Exactly. While it might not matter on my system, it's really not the best option in general.
– Paul Hodges
Commented Jan 23, 2023 at 16:48

Add a comment |

jarmod · Accepted Answer · 2023-01-23 16:40:56Z

1

You can solve this with various awscli commands and the use of the --query option which allows you to perform conditional client-side filtering.

Here is an example:

#!/bin/bash

USERS=$(aws iam list-users --query "Users[*].UserName" --output text)

for user in $USERS; do
    TAG=$(aws iam list-user-tags --user-name $user --query 'Tags[?(Key==`Team` && Value==`red`)]' --output text)

    if [ "$TAG" != "" ]; then
        echo "User:" $user

        echo "Tags:"
        aws iam list-user-tags --user-name $user --query 'Tags[*].[Key,Value]' --output text | tr "\t" "="

        echo "Groups:"
        aws iam list-groups-for-user --user-name $user --query "Groups[*].GroupName" --output text | tr "\t" "\n"
    fi
done

Sample output:

User: jason
Tags:
Team=red
Role=development
Groups:
dev
User: mary
Tags:
Team=red
Role=test
Groups:
qa
ut
fv

edited Jan 23, 2023 at 16:40

answered Jan 23, 2023 at 15:55

jarmod

76.6k16 gold badges126 silver badges129 bronze badges

Jarmod, Thank you very much. A new requirement. How can I include to show the policies attached to each group and then the each policy details. For e.g. the first cmd will show the policies attached to each group, list-group-policies --group-name, then 2nd cmd will show the policy details for each policy, get-group-policy --group-name --policy-name.
– xtonehari
Commented Jan 25, 2023 at 16:37

Add a comment |

steffen · Accepted Answer · 2023-01-23 20:10:31Z

0

It's super easy with AWK. First put your data in a file and this command will do whole job:

awk '/Team red/{c=4} c-->-2' < file

$ cat myfile
User: [email protected]
TAGS:
Team red
Status active
Environment: nonprod
GROUPS:
iam-nonprod
iam-prod

User: [email protected]
TAGS:
Team green
Status active
Environment: nonprod
GROUPS:
iam-nonprod
iam-prod

etc.
$ awk '/Team red/{c=4} c-->-2' < file
User: [email protected]
TAGS:
Team red
Status active
Environment: nonprod
GROUPS:
iam-nonprod
iam-prod
[brhosh@scp-3-scripting(enm2) test]$

edited Jan 23, 2023 at 20:10

steffen

16.7k4 gold badges46 silver badges83 bronze badges

answered Jan 23, 2023 at 19:14

Shahbazi

1

it is not working. I created 4 sample users with tags. Only the 4th user had tags 'Team red'. When I ran your cmd, it showed the first User email ID and then tag values of 4th user.
– xtonehari
Commented Jan 23, 2023 at 22:51

Add a comment |

Collectives™ on Stack Overflow

AWK / Grep and Print All Matching Record

3 Answers 3

Not the answer you're looking for? Browse other questions tagged
bash
amazon-web-services
awk
aws-cli
or ask your own question.

Hot Network Questions

Collectives™ on Stack Overflow

3 Answers 3

Not the answer you're looking for? Browse other questions tagged bashamazon-web-servicesawkaws-cli or ask your own question.

Related

Not the answer you're looking for? Browse other questions tagged
bash
amazon-web-services
awk
aws-cli
or ask your own question.