cloudformation-coverage-roadmap icon indicating copy to clipboard operation
cloudformation-coverage-roadmap copied to clipboard

Published 20 hours ago verified publisher icon aws-cloudformation

CloudFormation does not automatically create the automatic stack-level tags for IAM resources

Open merichea opened this issue 1 year ago • 3 comments
trafficstars

Name of the resource

Other

Resource Name

AWS::IAM:*

Issue Description

CloudFormation does not automatically create the following stack-level tags for IAM resources, as stated in this doc https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html :

  • aws:cloudformation:logical-id
  • aws:cloudformation:stack-id
  • aws:cloudformation:stack-name

Expected Behavior

IAM resources created with CloudFormation should have the following stack-level tags automatically added, according to the doc:

  • aws:cloudformation:logical-id
  • aws:cloudformation:stack-id
  • aws:cloudformation:stack-name

Observed Behavior

IAM resources created with CloudFormation only have custom Tags created by the user, and the stack-level tags are not present

Test Cases

You can test with any IAM resources (users, roles, groups...) we have the same problem. In the following test template, I tested with an IAM user. Only the custom "Cost Center" tag appears on the "ExampleUser" resource, and the following stack-level tags are not added, despite what is written in the doc:

  • aws:cloudformation:logical-id
  • aws:cloudformation:stack-id
  • aws:cloudformation:stack-name
AWSTemplateFormatVersion: 2010-09-09

Resources:

  IamUser: 

    Type: AWS::IAM::User

    Properties: 

      UserName: ExampleUser

      Tags: 

        - Key: CostCenter

          Value: CC111

Other Details

N/A

merichea avatar Mar 14 '24 17:03 merichea