Pipeline: Unable to create a pipeline due to a lack of "iam:TagRole" permission.

[AlbertMingXu]

Describe the bug

When you creating a pipeline, the console may display a failed status for the pipeline. Clicking on the failure will provide the following error message:

Encountered a permissions error performing a tagging operation, please add required tag permissions. Retrying request without including tags. See https://repost.aws/knowledge-center/cloudformation-tagging-permission-error for how to resolve. Resource handler returned message: "User: arn:aws:sts::123456789012:assumed-role/clo-APICfnFlowCfnHelperServiceRole-111CLC116XCRH/clo-APICfnFlowCfnHelper-zH6Arx7iEUMY is not authorized to perform: iam:TagRole on resource: arn:aws:iam::123456789012:role/CL-SvcPipe-05044865-InitStackLogProcessorFnServiceR-9LvXu because no identity-based policy allows the iam:TagRole action (Service: Iam, Status Code: 403, Request ID: 45ea390f-2cc9-45e9-9539-5a5fea931e65)"

Expected Behavior

The status of the pipeline is shown as "Success".

Current Behavior

The status of the pipeline is shown as "Failed".

Reproduction Steps

This issue may occur in some accounts but is not necessarily encountered in all accounts.

Steps:

1. Login the console
2. Choose Log Analytics Pipelines -> AWS Service Logs / Application Logs
3. Choose Create a Pipeline
4. Enter the required parameters
5. Choose Create

Possible Solution

No response

Additional Information/Context

No response

Solution Version

v2.1.2

AWS Region. e.g., us-east-1

us-east-1

Other information

No response