auto-tag icon indicating copy to clipboard operation
auto-tag copied to clipboard

Published 20 hours ago verified publisher icon GorillaStack

Tagging instances launched from Service Catalog

Open deejanu opened this issue 8 years ago • 2 comments

Tagging works when I log in as tester user and launch EC2 instance via EC2 console. It creates tag in following format:

Key: AutoTag_Creator Value: arn:aws:iam::1234567890:user/tester

I also use CFT templates to launch EC2 instance (stack) via Service Catalog. When I log in as the same tester user or any other user and launch EC2 instance (stack) via Service Catalog the instance is always getting tagged with:

Key: AutoTag_Creator Value: arn:aws:sts::1234567890:assumed-role/LinuxUbuntuServerLaunchRole/servicecatalog

Is there a way to capture and tag authenticated user (tester) instead of assumed-role?

deejanu avatar May 12 '16 16:05 deejanu

Hi @deejanu,

Marking this as an enhancement. Don't see a way to extract this data from a single CloudTrail event, but no doubt that if we found a matching AssumeRole event, we could work this out.

Marking this as an enhancement and will get to it eventually.

Any interest in trying to implement and create a pull request?

em0ney avatar Nov 15 '16 06:11 em0ney

The matching AssumeRole event will have the same AccessKeyId as the RunInstances event that provisioned the EC2 instance.

nskitch avatar Jun 09 '17 20:06 nskitch