时间戳

首页 > 解决方案 > 在 Ansible 变量中转义双引号和大括号

ansible - 在 Ansible 变量中转义双引号和大括号

问题描述

我正在尝试使用 Ansible 的命令模块来运行以下命令:-

aws s3api put-bucket-encryption --bucket ovc-ov90test --server-side-encryption-configuration '{"Rules": [{"ApplyServerSideEncryptionByDefault": {"SSEAlgorithm": "AES256"}}]}'

自然,我想通过剧本变量传递标志值,这就是我正在使用的:

---
- name: Create s3 bucket
  hosts: localhost
  vars:
    bucket_name: ovc-ov90test
    encryption_rules: '{\"Rules\"\: [{\"ApplyServerSideEncryptionByDefault\"\: {\"SSEAlgorithm\"\: \"AES256\"}}]}'
  tasks:
    - name: Launch 
      block:
        - name: Encrypt the bucket
          command: 'aws s3api put-bucket-encryption --bucket {{ bucket_name }} --server-side-encryption-configuration {{ encryption_rules }}'

这是我的错误:

TASK [Encrypt the bucket] *******************************************************************************************************************************************************************
fatal: [localhost]: FAILED! => {"changed": true, "cmd": ["aws", "s3api", "put-bucket-encryption", "--bucket", "ovc-ov90test", "--server-side-encryption-configuration", "{\"Rules\":", "[{\"ApplyServerSideEncryptionByDefault\":", "{\"SSEAlgorithm\":", "\"AES256\"}}]}"], "delta": "0:00:00.648339", "end": "2021-02-11 11:56:49.423938", "msg": "non-zero return code", "rc": 252, "start": "2021-02-11 11:56:48.775599", "stderr": "\nusage: aws [options] <command> <subcommand> [<subcommand> ...] [parameters]\nTo see help text, you can run:\n\n  aws help\n  aws <command> help\n  aws <command> <subcommand> help\n\nUnknown options: {\"SSEAlgorithm\":, \"AES256\"}}]}, [{\"ApplyServerSideEncryptionByDefault\":", "stderr_lines": ["", "usage: aws [options] <command> <subcommand> [<subcommand> ...] [parameters]", "To see help text, you can run:", "", "  aws help", "  aws <command> help", "  aws <command> <subcommand> help", "", "Unknown options: {\"SSEAlgorithm\":, \"AES256\"}}]}, [{\"ApplyServerSideEncryptionByDefault\":"], "stdout": "", "stdout_lines": []}

PLAY RECAP **********************************************************************************************************************************************************************************
localhost                  : ok=1    changed=0    unreachable=0    failed=1    skipped=0    rescued=0    ignored=0

我还尝试了以下值encryption_values(i. 转义双引号和大括号和方括号,以及 ii. 只转义双引号和大括号),但没有一个工作:

encryption_rules: '\{\"Rules\"\: \[\{\"ApplyServerSideEncryptionByDefault\"\: \{\"SSEAlgorithm\"\: \"AES256\"\}\}\]\}'
encryption_rules: '{\"Rules\"\: \[{\"ApplyServerSideEncryptionByDefault\"\: \{\"SSEAlgorithm\"\: \"AES256\"}}\]}'

{{ encryption_rules | quote }}从变量中删除单引号后在任务内部使用encryption_rules也不起作用。我猜解决方案是转义正确字符的某种组合,但我不知道是哪个。任何帮助,将不胜感激!

PS:这在命令行上正确运行,所以 IAM 权限绝对不是问题。

标签: ansibleyamlescaping

解决方案

关键问题是(就像@tinita 在这里指出的那样)冒号后跟空格: 。我最终还使用了命令参数中的折叠标量来避免不平衡引号的麻烦。这有效-

---
- name: Create s3 bucket
  hosts: localhost
  vars:
    bucket_name: ovc-ov90test
    encryption_rules: '{\"Rules\":\ [{\"ApplyServerSideEncryptionByDefault\":\ {\"SSEAlgorithm\":\ \"AES256\"}}]}'
  tasks:
    - name: Launch 
      block:
        - name: Encrypt the bucket
          command: >
            aws s3api put-bucket-encryption --bucket ovc-ov90test --server-side-encryption-configuration {{ encryption_rules }}

推荐阅读