Describe the bug

Setting sid in PolicyStatement to a non-alphanumeric string results in a successful build but unsuccessful deployment.

• https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_iam.PolicyStatement.html#sid
• https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_sid.html
  • "The Sid element supports ASCII uppercase letters (A-Z), lowercase letters (a-z), and numbers (0-9)."

Regression Issue

• Select this option if this issue appears to be a regression.

Last Known Working CDK Library Version

No response

Expected Behavior

Setting sid in PolicyStatement to a non-alphanumeric string fails CDK build with a helpful error message.

Current Behavior

Set policy statement to an invalid statement id string results in successful build.

const statement = new PolicyStatement({ sid: 'some-string' });

But when trying to deploy the statement, results in deployment failure:

Resource handler returned message: "Statement IDs (SID) must be alpha-numeric. Check that your input satisfies the regular expression [0-9A-Za-z]* (Service: Iam, Status Code: 400, 

Reproduction Steps

const statement = new PolicyStatement({ sid: 'string-with-non-alphanumeric-symbols' });

But when trying to deploy the statement, results in deployment failure:

Resource handler returned message: "Statement IDs (SID) must be alpha-numeric. Check that your input satisfies the regular expression [0-9A-Za-z]* (Service: Iam, Status Code: 400, 

Possible Solution

Test sid with the specific regex ([0-9A-Za-z]*) required in IAM docs: The Sid element supports ASCII uppercase letters (A-Z), lowercase letters (a-z), and numbers (0-9).

Additional Information/Context

No response

AWS CDK Library version (aws-cdk-lib)

aws-cdk-lib@2.140.0

AWS CDK CLI version

2.140.0

Node.js Version

v18.20.4

OS

macOS

Language

TypeScript

Language Version

~4.6.3

Other information

No response