Open universam1 opened 2 weeks ago
Another example issue for AWS IAM Policy:
iampolicy.NewIamPolicy(stack, jsii.String("test"), &iampolicy.IamPolicyConfig{
Name: jsii.String("CDKtf-Golang-policy-Demo"),
Policy: jsii.String(`{
"Version": "2012-10-17",
"Statement": [{
"Action": "*",
"Resource": ["arn:aws:ec2:*:*:client-vpn-endpoint/*"],
"Effect": "Allow"
}]
}`),
Description: jsii.String("This policy is for Golang demo"),
})
renders into escaped quotes in a heredoc which is invalid:
resource "aws_iam_policy" "test" {
description = "This policy is for Golang demo"
name = "CDKtf-Golang-policy-Demo"
policy = <<EOF
{
\"Version\": \"2012-10-17\",
\"Statement\": [{
\"Action\": \"*\",
\"Resource\": [\"arn:aws:ec2:*:*:client-vpn-endpoint/*\"],
\"Effect\": \"Allow\"
}]
}
EOF
}
Note, even JSON
synth is invalid! The references are escaped with double $ signs \"$$
"vault_policy": {
"test": {
"//": {
"metadata": {
"path": "o11n:union/policyo11n.artifactory@p",
"uniqueId": "policyo11nartifactoryp"
}
},
"name": "o11n.artifactory@p",
"policy": "path \"$${vault_aws_secret_backend_role.vroleo11nartifactorypjw-cd-cicd-01.backend}/+/$${vault_aws_secret_backend_role.vroleo11nartifactorypjw-cd-cicd-01.name}\" {\n capabilities = [\"read\"]\n}\npath \"$${vault_aws_secret_backend_role.vroleo11nartifactorypjw-cd-lab-...."
},
Seeing the same problem. Looking forward for a solution. Thank you very much! 😃
Expected Behavior
For a multiline string, which is rendered into a HEREDOC for HCL output, the quotes should not be escaped. Vault policy or AWS IAM policy render invalid.
Actual Behavior
Synth renders invalid strings, that are causing errors to apply at Vault or AWS.
Steps to Reproduce
Results into:
cdktf synth -hcl
Note the escaped quotes:Versions
language Golang "version": "0.20.8" same problem with 0.21.0-pre.123
Providers
Workarounds
try to use a single line statement, like a minified json.
Anything Else?
No response
References
try the example of https://github.com/ahmadalibagheri/cdktf-go-aws-iam
Community Note