Skip to content

Instantly share code, notes, and snippets.

@imranity

imranity/oci-cli-query-examples.md

Created March 31, 2023 18:05
Show Gist options
  • Save imranity/5ff3285183c3b7f01457bf980f621ce1 to your computer and use it in GitHub Desktop.
Save imranity/5ff3285183c3b7f01457bf980f621ce1 to your computer and use it in GitHub Desktop.
Download ZIP
OCI CLI filter results with query
Raw
oci-cli-query-examples.md

"geting all policies in given tenancy with no freeform tags

policies=$(oci --profile BOAT-OC1 iam policy list --all -c $C --query 'data[?length("freeform-tags")==`0`].name'| jq -r "@sh" )

find number of total policies in compartment

oci --profile BOAT-OC1 iam policy list --all -c $C --query 'data.length(@)'

get list of all compartments

oci --profile BOAT-OC1 iam compartment list -c $C --compartment-id-in-subtree TRUE --all --query 'data[].id' | jq -r "@sh"
Raw
policies_example.sh
#!/usr/local/bin/bash
C="set root tenancy ocid here"
pol_count=0
# Get all policies with no tags in tenancy
echo "geting all policies in given tenancy :"
policies=$(oci --profile BOAT-OC1 iam policy list --all -c $C --query 'data[?length("freeform-tags")==`0`].name'| jq -r "@sh" )
declare -a pol_arr="($policies)"
policies_id=$(oci --profile BOAT-OC1 iam policy list --all -c $C --query 'data[?length("freeform-tags")==`0`].id'| jq -r "@sh" )
declare -a pol_id_arr="($policies_id)"
pol_count=$((`oci --profile BOAT-OC1 iam policy list --all -c $C --query 'data.length(@)'`))
echo " getting all policies in compartments and sub-compartments:"
# Get all compartments and find policies
comps=$(oci --profile BOAT-OC1 iam compartment list -c $C --compartment-id-in-subtree TRUE --all --query 'data[].id' | jq -r "@sh" | xargs )
for comp in $(echo "$comps"); do
if oci --profile BOAT-OC1 iam policy list -c $comp &> /dev/null; then
comp_name=$(oci --profile BOAT-OC1 iam compartment get -c $comp --query 'data.name')
c_pol=$(oci --profile BOAT-OC1 iam policy list -c $comp --query 'data[?length("freeform-tags")==`0`].name' 2>/dev/null | jq -r "@sh" | xargs ) || "NONE"
echo " Compartment $comp_name has policies: $c_pol"
if [ ! -z "$c_pol" ]; then
c_pol_id=$(oci --profile BOAT-OC1 iam policy list -c $comp --query 'data[?length("freeform-tags")==`0`].id' 2>/dev/null | jq -r "@sh" )
declare -a c_pol_id_arr="($c_pol_id)"
pol_id_arr+=(${c_pol_id_arr[@]})
policies_id+=" $c_pol_id"
c_pol_name=$(oci --profile BOAT-OC1 iam policy list -c $comp --query 'data[?length("freeform-tags")==`0`].name' 2>/dev/null | jq -r "@sh" )
declare -a c_pol_name_arr="($c_pol_name)"
pol_arr+=(${c_pol_name_arr[@]})
pol_count=$((`oci --profile BOAT-OC1 iam policy list -c $comp --query 'data.length(@)'`+pol_count))
fi
fi
done
echo "total policies are $pol_count"
echo "total policies with no tags: ${#pol_arr[@]}"
echo "policies with no tags are:"
printf '%s\n' "${pol_arr[@]}" | jq -R . | jq -s .
#echo "deleting the policies with no tags"
#for pol in "${policies_id}"; do
# oci --profile BOAT-OC1 iam policy --policy-id $pol
#done
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment