# Vault Dynamic Secrets Tutorial Issues

I am a Vault newcomer and a Windows user gasp. I am going through the tutorial and get stuck on the Dynamic Secrets page as the policy command doesn’t work in my Windows Powershell.


vault write aws/roles/my-role \
credential_type=iam_user \
policy_document=-<<EOF
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Stmt1426528957000",
"Effect": "Allow",
"Action": [
"ec2:*"
],
"Resource": [
"*"
]
}
]
}
EOF



I attempted to instead use an hcl policy file but apparently wasn’t formatting it correctly(I guess the supplied policy is not in hcl format either?)

Can anyone suggest a solution for this? I would also recommend this section of the tutorial be updated to use an hcl policy as that would be a more system-agnostic approach.

PowerShell doesn’t support the <<EOF notation, but rather uses its own syntax for multiline variables like this:

\$test=@'
Test
Test
'@


You should be able to modify your command to the following to get it to work (note that I haven’t tested this):

vault write aws/roles/my-role \
credential_type=iam_user \
policy_document=@”
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Stmt1426528957000",
"Effect": "Allow",
"Action": [
"ec2:*"
],
"Resource": [
"*"
]
}
]
}
“@


I also encountered this error and the above solution did not work in my case where I was using PowerShell. To solve this problem, I wrote the contents of the Json in a file and I used the path of the Json file as an argument adding an @ in front of it.

Json file :

{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Stmt1426528957000",
"Effect": "Allow",
"Action": [
"ec2:*"
],
"Resource": [
"*"
]
}
]
}


Powershell command :

vault write aws/roles/my-role credential_type=iam_user policy_document=@"C:\path\to\the\file.json"