- 新しい順
- 投票が多い順
- コメントが多い順
Hi Gary. The underlying issue is that CloudFormation has a tags property for S3 buckets, but it doesn't have a tags property for IoT policies. I can't find any specific discussion about tags for IoT policies, but here's a similar issue for IAM Managed Policies: https://github.com/aws-cloudformation/cloudformation-coverage-roadmap/issues/819
To add onto Greg's response, most AWS IoT resources can be tagged, but it has to happen after the resource has been created. Also note that AWS IoT Things and Certificates are resources than cannot be tagged at present.
Once a resource has been created, the TagResource API can be called to apply tags for use in IAM ABAC, cost allocation, etc. Via CDK this could be accomplished by creating a level 2 or 3 construct that takes in the Arn of created resource along with the key value pairs of the tags, then use a custom resource to make the needed API call(s).
Thanks Gavin
関連するコンテンツ
- AWS公式更新しました 1年前
- AWS公式更新しました 1年前
Hi Greg, I can tag an IoT policy using the console but I accept that the coverage isn't there. Thanks.