runnerinstall/aws-ecs: Add AddTags permission to ODR IAM policy.

The AWS ECS plugin may need to add tags to an AWS ALB, and therefore needs the AddTags permission to do so.
hashicorp · Jun 21, 2023 · 2625cd7 · 2625cd7
1 parent aca518e
commit 2625cd7
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 0 deletions.
diff --git a/.changelog/4818.txt b/.changelog/4818.txt
@@ -0,0 +1,4 @@
+```release-note:bug
+runnerinstall/aws-ecs: Fix ODR policy for AWS ECS runners to enable adding tags
+to an ALB.
+```
diff --git a/internal/runnerinstall/ecs.go b/internal/runnerinstall/ecs.go
@@ -84,6 +84,7 @@ const odrRolePolicy = `{
         "ecs:DeregisterTaskDefinition",
         "ecs:RunTask",
         "ecs:StopTask",
+	"elasticloadbalancing:AddTags",
         "elasticloadbalancing:CreateListener",
         "elasticloadbalancing:CreateLoadBalancer",
         "elasticloadbalancing:CreateRule",