cloudformation package produces incorrect YAML line folding in long strings starting from 2.34.13 #10156
Description
Describe the bug
aws cloudformation package incorrectly serializes long YAML strings inside Fn::Sub
starting from version 2.34.13, dropping backslash escapes at line breaks and inserting
unexpected spaces into the rendered string.
Regression Issue
- Select this option if this issue appears to be a regression.
Expected Behavior
Long YAML double-quoted strings inside Fn::Sub are serialized with correct backslash
escapes at line breaks (2.34.12 output):
- "...\n {{- $queryExpr\
\ := \"\" }}\n {{- $queryExprRaw := \"\" }}\n..."
Current Behavior
Starting from 2.34.13, backslash escapes at line breaks are dropped (2.34.16 output):
- "...\n {{- $queryExpr
:= \"\" }}\n {{- $queryExprRaw := \"\" }}\n..."
In YAML double-quoted strings, a \ at end of line means "ignore the newline and leading
whitespace on the next line". Without it, the newline folds to a space, inserting unexpected
spaces into the rendered string and corrupting the content.
In our case this caused AWS Managed Prometheus to reject the Alertmanager config with invalid syntax.
Reproduction Steps
- Create
dummy-cf.yaml:
AWSTemplateFormatVersion: '2010-09-09'
Parameters:
EnvName:
Type: String
Default: test
Resources:
TestResource:
Type: AWS::SSM::Parameter
Properties:
Name: !Sub "${EnvName}-test"
Type: String
Value:
Fn::Sub:
- |
template: |
{{ define "test.message" }}
{{- $a := index .Alerts 0 -}}
{{- $envName := printf "%s" "${EnvName}" -}}
{{- $queryExprClean := "" }}
{{- $queryExprTemplated := reReplaceAll "\\]" "%5D" (
reReplaceAll "\\[" "%5B" (
reReplaceAll "=" "%3D" (
reReplaceAll "\\}" "%7D" (
reReplaceAll "\\{" "%7B" (
reReplaceAll ">" "%3E" (
reReplaceAll "<" "%3C" (
reReplaceAll " " "%20" (
reReplaceAll "\"" "%22" (
reReplaceAll "'" "%27" (
$queryExprClean
)))))))))) }}
{{- $desc := printf "%s\nEnvironment: %s\nState Change Time: %s\nNext Steps:\n- Upstream URL: %s\n- %s" $descClean $envName ($a.StartsAt.Format "Mon, 02 Jan 2006 15:04:05 MST") $grafanaUrl $formattedSteps -}}
{{ end }}
- {}- Run:
docker run --rm -v $(pwd):/workspace amazon/aws-cli:2.34.12 \
cloudformation package \
--template-file /workspace/dummy-cf.yaml \
--output-template-file /workspace/packaged-2.34.12.yml \
--s3-bucket dummy-bucket
docker run --rm -v $(pwd):/workspace amazon/aws-cli:2.34.16 \
cloudformation package \
--template-file /workspace/dummy-cf.yaml \
--output-template-file /workspace/packaged-2.34.16.yml \
--s3-bucket dummy-bucket
diff packaged-2.34.12.yml packaged-2.34.16.ymlPossible Solution
The only non-API change in 2.34.13 was upgrading the bundled Python interpreter to 3.14.3.
All other changes in 2.34.13–2.34.16 are API-level and unrelated to YAML serialization, so this upgrade is the likely cause .
Additional Information/Context
No response
CLI version used
2.34.16
Environment details (OS name and version, etc.)
Reproduced using official amazon/aws-cli Docker images on macOS