cat <<EOF > S3ProhibitPublicReadAccess.json
{
"ConfigRuleName": "S3PublicReadProhibited",
"Description": "Checks that your S3 buckets do not allow public read access. If an S3
bucket policy or bucket ACL allows public read access, the bucket is noncompliant.",
"Scope": {
"ComplianceResourceTypes": [
"AWS::S3::Bucket"
]
},
"Source": {
"Owner": "AWS",
"SourceIdentifier": "S3_BUCKET_PUBLIC_READ_PROHIBITED"
}
}
EOF
aws configservice put-config-rule --config-rule file://S3ProhibitPublicReadAccess.json
当我在配置后上传配置规则时,它会给我以下错误:错误分析参数"--config rule":无效的JSON:第3行第87列的无效控制字符(char 132(收到的JSON:我首先在Windows Powershell上尝试启动,但后来在Linux上尝试,看看是否会得到不同的结果,但在两台机器上仍然得到相同的错误。
错误:
Error parsing parameter '--config-rule': Invalid JSON: Invalid control character at: line 3 column 87 (char 132)
JSON received: {
"ConfigRuleName": "S3PublicReadProhibited",
"Description": "Checks that your S3 buckets do not allow public read access. If an S3
bucket policy or bucket ACL allows public read access, the bucket is noncompliant.",
"Scope": {
"ComplianceResourceTypes": [
"AWS::S3::Bucket"
]
},
"Source": {
"Owner": "AWS",
"SourceIdentifier": "S3_BUCKET_PUBLIC_READ_PROHIBITED"
}
}
答案就在那里,这就是我读取错误消息的方式。。。
Invalid JSON: Invalid control character at: line 3 column 87 (char 132)
"无效的控制字符"-即喜欢换行符和换行符的字符;控制";字符。
"第3行第87栏"-告诉你它认为错误在哪里(这并不总是完全准确的,但它通常接近错误(。在这种情况下,第3行第87列是下一行的末尾:
"描述":"检查S3存储桶是否不允许公共读取访问。如果S3
"char 132〃-这是字符的ASCII码(它的"字符btw(,这是它期望在行的末尾找到的。
那么,这一切意味着什么呢,基本上它期待着一个",却发现了一个行尾控制字符。
修复方法是将描述键和值变成一行,因此:
"描述":"检查S3存储桶是否不允许公共读取访问。如果S3bucket策略或bucket ACL允许公共读取访问,则bucket不符合&";,
变为:
"Description": "Checks that your S3 buckets do not allow public read access. If an S3 bucket policy or bucket ACL allows public read access, the bucket is noncompliant.",
我曾经https://jsonlint.com/为了快速验证JSON,我可以对其进行调整并重新验证,直到它正确为止。