Do not silently fail Tag/Untag/TagOnCreate permission issue

[shih]

Issue #, if available:
Internal ticket Id: D65597030

Description of changes:

Per internal ticket, due to historical reasons, we allowed customers to continue create/update stack while creating topic or tagging/untagging resource even customer's role doesn't have permission to Tag/UntagResource. In the code, we were silently swallow the AccessDenied issue when we see such issues.
For example, in previous implementation, when customers try to create topics with tags, if they don't have TagResource in their permission, the stack creation will continue to retry create topics without tags. Then the stack execution will not fail, all resources defined in the stack will be created, just without tags.

This was not an issue before, but after SNS supports TBAC, we should let customer be aware of this issue and add permissions for their roles.

This change is not backwards compatible, but if not fix, it will raise security concerns.

The customers meet all three conditions below will be impacted:

• Using customized role to execute stack operations
• There is no TagResource/UntagResource permission in the customized role
• The topics in the stack are created with tags, or updated to add or remove tags

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.