cdktf: synth --hcl: Generating hcl for Wafv2 web acl is invalid

[woutervb]

Expected Behavior

Generating hcl versions of the code, should be functional identical to the json equivalent.

Actual Behavior

In the hcl version 'statement' sections have been replaced with [object Object] references, while the json version contains a dict like:

{
              "managed_rule_group_statement": {
                "name": "AWSManagedRulesCommonRuleSet",
                "rule_action_override": [
                  {
                    "action_to_use": "count",
                    "name": "NoUserAgent_HEADER"
                  },
                  {
                    "action_to_use": "count",
                    "name": "SizeRestrictions_BODY"
                  }
                ],
                "vendor_name": "AWS"
              }

Steps to Reproduce

Create a Wafv2WebAcl. object, add it to a stack, and try to render the hcl version of this.

Versions

anguage: python cdktf-cli: 0.20.4 node: v20.13.1 cdktf: 0.20.7 constructs: 10.3.0 jsii: 1.98.0 terraform: 1.5.7 arch: arm64 os: darwin 23.4.0 python: Python 3.10.14

Providers

┌───────────────┬──────────────────┬─────────┬────────────┬──────────────────────────┬─────────────────┐ │ Provider Name │ Provider Version │ CDKTF │ Constraint │ Package Name │ Package Version │ ├───────────────┼──────────────────┼─────────┼────────────┼──────────────────────────┼─────────────────┤ │ aws │ 4.67.0 │ │ ~>4.0 │ │ │ ├───────────────┼──────────────────┼─────────┼────────────┼──────────────────────────┼─────────────────┤ │ aws │ 5.49.0 │ ^0.20.0 │ │ cdktf-cdktf-provider-aws │ 19.18.0 │ └───────────────┴──────────────────┴─────────┴────────────┴──────────────────────────┴─────────────────┘

Gist

No response

Possible Solutions

No response

Workarounds

No response

Anything Else?

No response

References

No response

Help Wanted

• [ ] I'm interested in contributing a fix myself

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

[nbaju1]

Would be easier to debug if you provide an example snippet of your Python code corresponding to this.

[woutervb]

For a small stack, showing the problem, see the following code:

#!/usr/bin/env python
from constructs import Construct
from cdktf import App, TerraformStack
from cdktf_cdktf_provider_aws.provider import AwsProvider
from cdktf_cdktf_provider_aws.wafv2_web_acl import Wafv2WebAcl
from cdktf_cdktf_provider_aws.wafv2_web_acl_association import Wafv2WebAclAssociation

class MyStack(TerraformStack):
    def __init__(self, scope: Construct, id: str):
        super().__init__(scope, id)

        AwsProvider(self, "aws")

        # define resources here
        Wafv2WebAcl(
            self,
            "webacl",
            name="webacl",
            scope="REGIONAL",
            default_action={"allow": {}},
            visibility_config={
                "sampled_requests_enabled": True,
                "cloudwatch_metrics_enabled": True,
                "metric_name": "webaclmetrics",
            },
            rule=[
                {
                    "name": "rule1",
                    "priority": 1,
                    "override_action": {"none": {}},
                    "statement": {
                        "manged_rule_group_statement": {
                            "name": "AWSManagedRulesCommonRuleSet",
                            "vendor_name": "AWS",
                        },
                    },
                    "visibilityConfig": {
                        "sampledRequestsEnabled": True,
                        "cloudwatchMetricsEnabled": True,
                        "metricName": "rule1metrics",
                    },
                },
            ],
        )

app = App()
MyStack(app, "test")

app.synth()

In the cdktf synth --hcl is clearly shows a 'statement' as statement = [object Object] while in a cdktf synth it shows the expanded 'statement'