Open kg-jcaron opened 5 months ago
@kg-jcaron thanks for letting us know!
Link to docs for reference https://www.pulumi.com/registry/packages/aws-native/api-docs/iam/role/
I believe that these examples are generated from the aws-cloudformation-user-guide and we probably have logic in there to covert everything to camel case. We should probably add an exception in the case that it is a JSON field and leave the casing as is.
@corymhall Do you have a sense of whether it's a provider-specific issue (e.g. we change capitalization while reading CF examples) or a program gen issue in pu/pu? It would be nice to either fix it here, or make sure we have an appropriate upstream issue linked.
@mikhailshilkov I'm pretty sure that the logic is in the cf2pulumi
code in this repo, my hunch is that it's in this function https://github.com/pulumi/pulumi-aws-native/blob/a8c4998d32185b9e780ff51f1dfc3d323d5d2095/provider/pkg/cf2pulumi/renderer.go#L583
What happened?
The docs show the Roles being created with all values lowercased, but this results in an
MalformedPolicyDocumentException
in AWS with the error message "Unknown field statement". Making all the fields that are statically typed in pulumi lowercase, and everything else uppercase as per the cloudformation docs seems to work.Example
Example from the docs:
Capitalization scheme that aws seems to expect:
Output of
pulumi about
CLI
Version 3.116.1 Go Version go1.22.2 Go Compiler gc
Plugins KIND NAME VERSION resource aws 6.36.0 resource aws-native 0.105.0 resource cloudinit 1.4.3 language nodejs unknown
Host
OS darwin Version 14.4.1 Arch arm64
This project is written in nodejs: executable='/Users/XXXXX/.asdf/shims/node' version='v20.11.0'
Backend
Name pulumi.com Token type personal
Dependencies: NAME VERSION @pulumi/aws 6.36.0 @pulumi/aws-native 0.105.0 @pulumi/pulumi 3.116.1 @pulumi/cloudinit 1.4.3 typescript 4.9.5 @types/node 14.18.63
Additional context
No response
Contributing
Vote on this issue by adding a 👍 reaction. To contribute a fix for this issue, leave a comment (and link to your pull request, if you've opened one already).