Describe the bug

Doing something like

 new BucketDeployment(this, 'EnvJsonDeployment', {
      sources: [
        // warning: this doesn't escape quotes in unresolved tokens
        Source.jsonData(CONFIG_ENV_JSON_PATH, replacementParams),
      ],
      destinationBucket: bucket,
    });

Where replacementParams contains an unresolved value, for example a secrets manager token in an SSM param, then that value will be interpolated into the JSON file without escaping quotes.

e.g. if you make a secret:

const secret = new Secret(stack, 'Secret', {
    description: app.logicalPrefixedName('app'),
    generateSecretString: {
      secretStringTemplate: JSON.stringify({      }),
      excludeCharacters: '"@/\\',  // without this it may have a " which doesn't get escaped
      generateStringKey: 'RANDOM', 
    },
  });

Then you have to put that secret value into SSM (need to use SSM as a workaround for #21503) like

SECRET: secrets.secret.secretValueFromJson('RANDOM').toString()

then the resulting S3 object will have {"SECRET": "a21"vxC@29%9!"} which is not valid JSON

Expected Behavior

Escaped JSON

Current Behavior

Resolved token in SSM is not escaped when used as a JSON value in Source.jsonData

Reproduction Steps

See above

Possible Solution

No response

Additional Information/Context

No response

CDK CLI Version

2.39.1

Framework Version

No response

Node.js Version

16

OS

macos

Language

Typescript

Language Version

No response

Other information

No response