ECS agent unable to mount a fsx window volume that contains a quotation mark in password

[timothyaws]

Summary

Using FSX for Windows as a Volume, the password cannot have a quotation(") mark in the password otherwise the agent fails when trying to mount the volume.

Description

When passing a password to join the domain that has a quotation(") mark via secret manager. The ECS agent will be unable to mount the volume and cause the task to exit code 1.

This error message is generated by the command at https://github.com/aws/amazon-ecs-agent/blob/a5f8d25f66fbf4f8839d5e7e5fcbc635a4d75c5e/agent/taskresource/fsxwindowsfileserver/fsxwindowsfileserver_windows.go#L557-L572

Expected Behavior

The agent should parse and escape any additional quotation marks in the password input before trying to mount the volume

Observed Behavior

The agent passed the password with quotation mark through resulting in the mount command failing.

Supporting Log Snippets

level=error time=2022-06-28T00:56:15Z msg="Failed to map fsxwindowsfileserver resource on the container instance error: exit status 1, out: The string is missing the terminator: '.\r\n    + CategoryInfo          : ParserError: (:) [], ParentContainsErrorRecordException\r\n    + FullyQualifiedErrorId : TerminatorExpectedAtEndOfString\r\n \r\n" module=fsxwindowsfileserver_windows.go
level=info time=2022-06-28T00:56:15Z msg="Error transitioning resource" resource="fsx_folder" failedStatus="CREATED" error="exit status 1" task="task_id"

[jterry75]

Bug understood, fix PR: #3296

[fierlion]

note: fix pending update of related PR

[YashdalfTheGray]

Hello @timothyaws, are you still impacted by this or have you found a workaround?

Unfortunately, we had concerns with the idea that we were thinking of implementing in the above PR to resolve this and we need to dive a bit deeper to build it properly.

[rawahars]

Closing this issue since the fix was released in v1.71.2.