Skip to content

AWS::IAM::User-Tags #69

New issue
New issue
Closed
Closed
AWS::IAM::User-Tags#69
Labels
security identity complianceIAM, Cognito, Secrets Manager, GuardDuty, etc.
Milestone
cov
@avatarworf

Description

@avatarworf
avatarworf
opened on Aug 1, 2019

1. Title

IAM::User supports tagging and untagging of users, and it should be supported in CloudFormation.

2. Scope of request

Allow creation, update, removal of tags on Users. CloudFormation Stacks which are tagged should also propagate tags onto IAM Users created resources.

3. Expected behavior

  • In Create, it should reference the cloudformation resourceId and stackName, just like other resources managed by CloudFormation, as well as apply Stack Tags or Resource specific Tags.
  • in Update, change the value of the tag

4. Suggest specific test cases

  • Adding tags on create of User.
  • Adding tags on update of User.
  • Removing tags on update of User.

5. Helpful Links to speed up research and evaluation

API Docs: https://docs.aws.amazon.com/IAM/latest/APIReference/API_TagUser.html

In IAM, User and Roles (See other raised issue #19 ) and can be tagged.

6. Category

  • Management (CloudTrail, Config...)
  • Security (IAM, KMS...)

7. Any additional context

Supported by boto: https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/iam.html#IAM.Client.create_user

Metadata

Metadata

Assignees

No one assigned

    Labels

    security identity complianceIAM, Cognito, Secrets Manager, GuardDuty, etc.

    Type

    No type

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions