Initial AWS Console Login Profile password contains unicode-encoded characters

[ahasna]

Description

When using the iam-user module to create IAM Users with console login profiles, the login kept failing. Upon further inspection, I noticed that the initial login password contained \u0026 which is the unicode of &. Replacing the unicode with the actual character worked (after 2 hours of debugging fun). i suspect this as something to do with terraform output -json. When using terraform output -json | jq all works fine.

• [x] ✋ I have searched the open/closed issues and my issue is not listed.

Versions

• Module version: 5.39.0

• Terraform version: Terraform v1.5.4 on darwin_arm64

• Provider version(s): provider registry.terraform.io/hashicorp/aws v5.45.0

Reproduction Code

Steps to reproduce the behavior:

1. Create an IAM user
2. Get lucky and have a & in the initial random password
3. Run terraform output -json
4. use the password from output and try to login

Expected behavior

Password is returned as is by the output.

Actual behavior

Some special carachters are unicode-encoded

Terminal Output Screenshot(s)

{
  "console_login_url": {
    "sensitive": false,
    "type": "string",
    "value": "https://myawsaccount.signin.aws.amazon.com/console"
  },
  "developers": {
    "sensitive": true,
    "type": [
      "object",
      {
        "stillrain": [
          "object",
          {
            "iam_access_key_encrypted_secret": "string",
            "iam_access_key_encrypted_ses_smtp_password_v4": "string",
            "iam_access_key_id": "string",
            "iam_access_key_key_fingerprint": "string",
            "iam_access_key_secret": "string",
            "iam_access_key_ses_smtp_password_v4": "string",
            "iam_access_key_status": "string",
            "iam_user_arn": "string",
            "iam_user_login_profile_encrypted_password": "string",
            "iam_user_login_profile_key_fingerprint": "string",
            "iam_user_login_profile_password": "string",
            "iam_user_name": "string",
            "iam_user_ssh_key_fingerprint": "string",
            "iam_user_ssh_key_ssh_public_key_id": "string",
            "iam_user_unique_id": "string",
            "keybase_password_decrypt_command": "string",
            "keybase_password_pgp_message": "string",
            "keybase_secret_key_decrypt_command": "string",
            "keybase_secret_key_pgp_message": "string",
            "keybase_ses_smtp_password_v4_decrypt_command": "string",
            "keybase_ses_smtp_password_v4_pgp_message": "string",
            "pgp_key": "string",
            "policy_arns": [
              "tuple",
              []
            ]
          }
        ]
      }
    ],
    "value": {
      "stillrain": {
        "iam_access_key_encrypted_secret": "",
        "iam_access_key_encrypted_ses_smtp_password_v4": "",
        "iam_access_key_id": "",
        "iam_access_key_key_fingerprint": "",
        "iam_access_key_secret": "",
        "iam_access_key_ses_smtp_password_v4": "",
        "iam_access_key_status": "",
        "iam_user_arn": "arn:aws:iam::12345678912:user/stillrain",
        "iam_user_login_profile_encrypted_password": null,
        "iam_user_login_profile_key_fingerprint": null,
        "iam_user_login_profile_password": "-ga$W+p)\u0026%^*l4w=AQ7xIm5$M_%MQ|_X",
        "iam_user_name": "stillrain",
        "iam_user_ssh_key_fingerprint": "",
        "iam_user_ssh_key_ssh_public_key_id": "",
        "iam_user_unique_id": "AIDA3WP2632CQBR6P7MZD",
        "keybase_password_decrypt_command": null,
        "keybase_password_pgp_message": null,
        "keybase_secret_key_decrypt_command": null,
        "keybase_secret_key_pgp_message": null,
        "keybase_ses_smtp_password_v4_decrypt_command": null,
        "keybase_ses_smtp_password_v4_pgp_message": null,
        "pgp_key": "",
        "policy_arns": []
      }
    }
  }
}

[github-actions[bot]]

This issue has been automatically marked as stale because it has been open 30 days with no activity. Remove stale label or comment or this issue will be closed in 10 days

[github-actions[bot]]

This issue was automatically closed because of stale in 10 days

[github-actions[bot]]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.