Comment by rjzzleep

Not sure why his comment was downvoted, but I actually think his comment is accurate. HCL is pretty limited in its primitives. In my opinion cdktf's two fundamental issues are:

1. the generated HCL contains plain text passwords if you use any sort of secrets access inside of cdktf

2. because you can use any programming language for cdktf, every project will look different. But then again terragrunt and terraform also have a bunch of differences.