Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bug: leading whitespace causes aws_iam_policy to incorrectly report valid JSON policies as invalid #16319

Closed
WintersMichael opened this issue Oct 12, 2017 · 6 comments
Closed

Bug: leading whitespace causes aws_iam_policy to incorrectly report valid JSON policies as invalid #16319

WintersMichael opened this issue Oct 12, 2017 · 6 comments

Comments

@WintersMichael
Copy link

Terraform Version

0.10.7, 0.9.11

Terraform Configuration Files

resource "aws_iam_policy" "nodes_sqs_policy" {
    name        = "nodes_sqs_policy"
    description = "nodes SQS"
    policy = <<EOF
    {
      "Version": "2012-10-17",
      "Statement": [
        {
          "Effect": "Allow",
          "Action": [
            "sqs:GetQueueAttributes"
          ],
          "Resource": [
            "arn:aws:sqs:us-east-1:123123123:myapp-dev-us-east-1*"
          ]
        }
      ]
    }
EOF
}

Expected Behavior

The policy was applied

Actual Behavior

1 error(s) occurred:

* aws_iam_policy.nodes_sqs_policy: "policy" contains an invalid JSON policy

Important Factoids

Removing the whitespace before the first character in the policy allows it to be applied:

data "template_file" "nodes_iam_sqs" {
    name        = "nodes_sqs_policy"
    description = "nodes SQS"
    policy = <<EOF
{
      "Version": "2012-10-17",
      "Statement": [
        {
          "Effect": "Allow",
          "Action": [
            "sqs:GetQueueAttributes"
          ],
          "Resource": [
            "arn:aws:sqs:us-east-1:123123123:myapp-dev-us-east-1*"
          ]
        }
      ]
    }
EOF
}

According to RFC 4627, "Insignificant whitespace is allowed before or after any of the six structural characters."

References

#11906 is where the JSON validation was applied.
@WintersMichael
Copy link
Author

Aaand this is in the wrong repo.

@lws-llc
Copy link

lws-llc commented Jul 10, 2018

just ran into this issue, thanks

@woodcockjosh
Copy link

lame. Can we please fix? Thanks

@WintersMichael
Copy link
Author

WintersMichael commented Jul 31, 2018
edited
Loading

The AWS provider has moved out of the main terraform repo, and this bug report has moved here: hashicorp/terraform-provider-aws#1873

@JoeyGarcia
Copy link

I had the same problem and got it fixed by removing all the spaces before the left curly brace that is immediately after the <<EOF, that curly brace should be on it's own line and position 0.

@ghost
Copy link

ghost commented Dec 11, 2019

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@ghost ghost locked and limited conversation to collaborators Dec 11, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@WintersMichael @woodcockjosh @JoeyGarcia @lws-llc