- Add ec2:DescribeTags permission for VPCLatticeControllerIAMPolicy (#374)

zijun726911 · Zijun Wang · web-flow · commit d071c8576e57 · 2023-08-30T16:17:20.000-07:00
Co-authored-by: Zijun Wang &lt;zijunw@amazon.com&gt;
diff --git a/config/iam/recommended-inline-policy.json b/config/iam/recommended-inline-policy.json
@@ -7,7 +7,8 @@
                 "vpc-lattice:*",
                 "iam:CreateServiceLinkedRole",
                 "ec2:DescribeVpcs",
-                "ec2:DescribeSubnets"
+                "ec2:DescribeSubnets",
+                "ec2:DescribeTags"
             ],
             "Resource": "*"
         }
diff --git a/docs/deploy.md b/docs/deploy.md
@@ -36,7 +36,8 @@ Run through them again for a second cluster to use with the extended example sho
                    "vpc-lattice:*",
                    "iam:CreateServiceLinkedRole",
                    "ec2:DescribeVpcs",
-                   "ec2:DescribeSubnets"
+                   "ec2:DescribeSubnets",
+                   "ec2:DescribeTags"
                ],
                "Resource": "*"
            }
diff --git a/examples/recommended-inline-policy.json b/examples/recommended-inline-policy.json
@@ -7,7 +7,8 @@
                 "vpc-lattice:*",
                 "iam:CreateServiceLinkedRole",
                 "ec2:DescribeVpcs",
-                "ec2:DescribeSubnets"
+                "ec2:DescribeSubnets",
+                "ec2:DescribeTags"
             ],
             "Resource": "*"
         }
