I'm trying to create a policy following the Terraform documentation
resource "aws_iam_policy" "policy" {
name = "test_policy"
path = "/"
description = "My test policy"
policy = jsonencode({
Version = "2012-10-17"
Statement = [
{
Action = [
"ec2:Describe*",
]
Effect = "Allow"
Resource = "*"
},
]
})
}
Unfortunately, there is no description of how to include tags. I'm not able to do it such as I did with the rest of the resources, even when I can provide that manually from the AWS Management Console.
The tags setting does not seem to be working. I'm receiving an error if I try to do the same I did with an IAM role, including:
tags = {
tag-key = "tag-value"
}
Update:
This functionality was added in https://github.com/hashicorp/terraform-provider-aws/pull/18276 and released as part of v3.35.0 of the AWS provider.
You should now be able to add tags to your aws_iam_policy resources as you'd expect:
resource "aws_iam_policy" "policy" {
name = "test_policy"
path = "/"
description = "My test policy"
policy = jsonencode({
Version = "2012-10-17"
Statement = [
{
Action = [
"ec2:Describe*",
]
Effect = "Allow"
Resource = "*"
},
]
})
tags = {
tag-key = "tag-value"
}
}
Tagging customer managed IAM policies is a new feature that was introduced on 11th February 2021. Currently there's only a feature request for this functionality on the AWS provider.
Once someone has added the necessary change and it has been merged and released you should expect this to work with the syntax you provided in the question.