Last active
August 12, 2018 16:52
-
-
Save AlainODea/9f1ca329953bf763120e to your computer and use it in GitHub Desktop.
AWS IAM Policy to tag all* the things (*that exist right now)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "Version": "2012-10-17", | |
| "Statement": [ | |
| { | |
| "Effect": "Allow", | |
| "Action": [ | |
| "autoscaling:*Tags*", | |
| "codedeploy:*Tags*", | |
| "datapipeline:*Tags*", | |
| "ec2:*Tags*", | |
| "elasticache:*Tags*", | |
| "elasticloadbalance:*Tags*", | |
| "elasticmapreduce:*Tags*", | |
| "kinesis:*Tags*", | |
| "rds:*Tags*", | |
| "redshift:*Tags*", | |
| "route53:*Tags*", | |
| "route53domains:*Tags*", | |
| "s3:PutBucketTagging", | |
| "tag:*" | |
| ], | |
| "Resource": "*" | |
| } | |
| ] | |
| } |
Another closer step towards a complete policy.
Thanks for this. I must have wasted 2+ hours trying to create granular permissions to tag an AMI and its snapshot after creation. I was missing this from above: "ec2:*Tags*" (-‸ლ)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This doesn't fully work yet. S3 and ELB are not taggable with this. I'll update once I have it completed.