From 5c1ff64ed52e905f159f2c1178eceeb4ebb9ab88 Mon Sep 17 00:00:00 2001
From: Joseph Rajewski <83741749+paladin-devops@users.noreply.github.com>
Date: Wed, 21 Jun 2023 15:35:43 -0400
Subject: [PATCH] runnerinstall/aws-ecs: Add AddTags permission to ODR IAM
 policy.

The AWS ECS plugin may need to add tags to an AWS ALB, and therefore needs the AddTags permission to do so.
---
 internal/runnerinstall/ecs.go | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/internal/runnerinstall/ecs.go b/internal/runnerinstall/ecs.go
index 01f6356fd1a..7a166493b9d 100644
--- a/internal/runnerinstall/ecs.go
+++ b/internal/runnerinstall/ecs.go
@@ -84,6 +84,7 @@ const odrRolePolicy = `{
         "ecs:DeregisterTaskDefinition",
         "ecs:RunTask",
         "ecs:StopTask",
+		"elasticloadbalancing:AddTags",
         "elasticloadbalancing:CreateListener",
         "elasticloadbalancing:CreateLoadBalancer",
         "elasticloadbalancing:CreateRule",
@@ -97,7 +98,7 @@ const odrRolePolicy = `{
         "elasticloadbalancing:DescribeRules",
         "elasticloadbalancing:DescribeTargetGroups",
         "elasticloadbalancing:ModifyListener",
-	"elasticloadbalancing:DescribeTargetHealth",
+		"elasticloadbalancing:DescribeTargetHealth",
         "iam:AttachRolePolicy",
         "iam:CreateRole",
         "iam:GetRole",