Hi there I m hoping someone can help me here I m creating a Pulumi Community #aws

Hi there, I'm hoping someone can help me here. I'...

adventurous-television-68331

12/04/2023, 5:28 PM

Hi there, I'm hoping someone can help me here. I'm creating a simple policy in C# as per examples in the docs but I'm getting a JSON error every time:- Diagnostics: awsiamPolicy (assume-role): error: 1 error occurred: * creating IAM Policy (assume-role): ValidationError: The specified value for policyDocument is invalid. It must contain only printable ASCII characters. status code: 400, request id: f4307131-e51f-4b14-b1ca-0d5b3d5b5a9b pulumipulumiStack (MainStack-nonprod): error: update failed Here's the code.

Copy code

using System.Collections.Generic;
using System.Text.Json;
using Pulumi;
using Pulumi.Aws.Iam;

internal class TestStack : ComponentResource
{
    public Output<string> PolicyArn { get; private set; }

    public TestStack() : base("my:demo:TestStack", "test-stack")
    {
        var assumeRolePolicy = new Policy("assume-role", new PolicyArgs
        {
            Name = "assume-role",
            PolicyDocument = JsonSerializer.Serialize(new Dictionary<string, object?>
            {
                ["Version"] = "2012–10–17",
                ["Statement"] = new[]
                {
                    new Dictionary<string, object?>
                    {
                        ["Action"] = new string[] { "sts:AssumeRole" },
                        ["Effect"] = "Allow",
                        ["Principal"] = new Dictionary<string, object?>
                        {
                            ["Service"] = $"<http://ec2.amazonaws.com|ec2.amazonaws.com>",
                        },
                        ["Sid"] = "EC2AssumeRole",
                    }
                },
            })

        }, new CustomResourceOptions { Parent = this });

        PolicyArn = assumeRolePolicy.Arn;
    }
}

billowy-army-68599

12/04/2023, 5:31 PM

is it this dollar sign?

Copy code

$"<http://ec2.amazonaws.com|ec2.amazonaws.com>",

adventurous-television-68331

12/04/2023, 5:52 PM

Good spot - but it's actually redundant But I just sussed it - the hyphens in the dates were not regular hyphens but some random unicode characters! I wrote the json to a file and then opened it in an editor.

billowy-army-68599

12/04/2023, 5:53 PM

I would not have spotted that, nice find!

adventurous-television-68331

12/04/2023, 5:53 PM

That's will teach me to use copilot to generate code, ahem!

adventurous-television-68331

12/04/2023, 5:54 PM

I literally spent all day on this. Jeez

2 Views

Open in Slack

Previous Next