在 Terraform 上的 aws_iam_policy 资源中包含标签

Include tags on aws_iam_policy resource on Terraform

我正在尝试根据 Terraform documentation

创建策略 
resource "aws_iam_policy" "policy" {
  name        = "test_policy"
  path        = "/"
  description = "My test policy"

  policy = jsonencode({
    Version = "2012-10-17"
    Statement = [
      {
        Action = [
          "ec2:Describe*",
        ]
        Effect   = "Allow"
        Resource = "*"
      },
    ]
  })
}

遗憾的是,没有关于如何包含标签的说明。我无法像处理其他资源那样执行此操作,即使我可以从 AWS 管理控制台手动提供这些资源也是如此。

tags 设置似乎不起作用。如果我尝试执行与 IAM role 相同的操作,我会收到错误消息,包括:

  tags = {
    tag-key = "tag-value"
  }

更新:

此功能是在 https://github.com/hashicorp/terraform-provider-aws/pull/18276 and released as part of v3.35.0 of the AWS provider 中添加的。

您现在应该可以按预期向 aws_iam_policy 资源添加标签:

resource "aws_iam_policy" "policy" {
  name        = "test_policy"
  path        = "/"
  description = "My test policy"

  policy = jsonencode({
    Version = "2012-10-17"
    Statement = [
      {
        Action = [
          "ec2:Describe*",
        ]
        Effect   = "Allow"
        Resource = "*"
      },
    ]
  })

  tags = {
    tag-key = "tag-value"
  }
}

标记客户管理的 IAM 策略是一项新功能,introduced on 11th February 2021. Currently there's only a feature request 用于 AWS 提供商的此功能。

一旦有人添加了必要的更改并且它已被合并和发布,您应该期望它可以使用您在问题中提供的语法。

这是now available from version 3.35.0

* data-source/aws_iam_policy: Add policy_id and tags attributes (#18276)

_