From b0ff6b7f204e88a96587c95658af3f3f02a99f5a Mon Sep 17 00:00:00 2001
From: Max Brain <max.brain@ksoc.com>
Date: Wed, 24 Apr 2024 12:19:17 +0200
Subject: [PATCH] feat: Adds sts:TagSession to allowed actions of ksoc-connect
 policy document

Signed-off-by: Max Brain <max.brain@ksoc.com>
---
 main.tf | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/main.tf b/main.tf
index 1aa2c5e..49b2cfa 100644
--- a/main.tf
+++ b/main.tf
@@ -1,8 +1,11 @@
 # Policy
 data "aws_iam_policy_document" "assume_role" {
   statement {
-    effect  = "Allow"
-    actions = ["sts:AssumeRole"]
+    effect = "Allow"
+    actions = [
+      "sts:AssumeRole",
+      "sts:TagSession"
+    ]
 
     principals {
       type        = "AWS"