S3 Policy Issue

[saiharsha-plivo]

I am recently working on S3 Buckets , I have seen a difference in policy type in aws-provider vs aws-s3-provider , the policy type in aws-provider is an object , whereas in s3-provider it is a string , I came across this while writing a composition for a bucket while passing the policy (patching it , it is passed as an object)

Error :

Warning ComposeResources 20s (x21 over 6m47s) defined/compositeresourcedefinition.apiextensions.crossplane.io cannot compose resources: cannot apply composed resource "": failed to create typed patch object (; s3.aws.upbound.io/v1beta1, Kind=BucketPolicy): .spec.forProvider.policy: expected string, got &value.valueUnstructured{Value:map[string]interface {}{"Statement":[]interface {}{map[string]interface {}{"Action":[]interface {}{"s3:GetObject", "s3:ListBucket"}, "Effect":"Allow", "Principal":map[string]interface {}{"AWS":"arn:aws:iam::123456789012:root"}, "Resource":[]interface {}{"", "*"}, "Sid":"AllowReadAccess"}}, "Version":"2012-10-17"}}
saiharsha@saiharsha-MacBook-Air-M1 ~ %

Versions :

aws-s3-provider : v1.17.0
aws-provider: v0.50.5

xr :
apiVersion: aws.crossplane.io/v1beta1
kind: XBucket
metadata:
name:
annotations:
crossplane.io/external-name:
spec:
provider: "aws-training"
managementPolicies: ["Observe"]
deletionPolicy: "Delete"
region: "ap-south-1"
BucketVersioning:
versioningConfiguration:
- status: "Enabled"
BucketPolicy:
policy: >
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Principal": "",
"Action": ["s3:GetObject", "s3:ListBucket"],
"Resource": [ "arn:aws:s3:::", "arn:aws:s3:::/"]
}
]
}

 composition step:
 - step: helm-templates
functionRef:
  name: function-go-templating
input:
  apiVersion: gotemplating.fn.crossplane.io/v1beta1
  kind: GoTemplate
  source: Inline
  inline:
    template: |
      {{- if and (hasKey $.observed.composite.resource.spec "BucketPolicy") (ne $.observed.composite.resource.spec.BucketPolicy.policy "") }}
      apiVersion: s3.aws.upbound.io/v1beta1
      kind: BucketPolicy
      metadata:
        name: {{ $.observed.composite.resource.metadata.name }}
        annotations:
          gotemplating.fn.crossplane.io/composition-resource-name: "{{ $.observed.composite.resource.metadata.name }}-BucketPolicy"
          {{- if and (hasKey $.observed.composite.resource.metadata "annotations") (hasKey $.observed.composite.resource.metadata.annotations "crossplane.io/external-name") }}
          crossplane.io/external-name: {{ index $.observed.composite.resource.metadata.annotations "crossplane.io/external-name" | quote }}
          {{- end }}
      spec:
        forProvider:
          bucket: {{ $.observed.composite.resource.metadata.name }}
          region: {{ $.observed.composite.resource.spec.region }}
          policy: {{ $.observed.composite.resource.spec.BucketPolicy.policy }}
        providerConfigRef:
          name: "{{ $.observed.composite.resource.spec.provider }}"
        managementPolicies:
          {{- range $.observed.composite.resource.spec.managementPolicies }}
          - "{{ . }}"
          {{- end }}
        deletionPolicy: "{{ $.observed.composite.resource.spec.deletionPolicy }}"
      {{ end }}
      
      
      xrd:
      BucketPolicy:
              type: object
              properties:
                policy:
                  type: string
                  
      Even if I am passing it as string with like below  It is taking it as an object 
        policy: "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Sid\":\"VisualEditor0\",\"Effect\":\"Allow\",\"Principal\":\"*\",\"Action\":[\"s3:GetObject\",\"s3:ListBucket\"],\"Resource\":[\"arn:aws:s3:::<bucket name>\",\"arn:aws:s3:::<bucket name>/*\"]}]}"