From eb46b422946f88d5bbcd80e691385345ed062b7b Mon Sep 17 00:00:00 2001
From: Mark Chappell <mchappel@redhat.com>
Date: Fri, 16 Jun 2023 15:31:55 +0200
Subject: [PATCH] Wildcard IAM Tagging (allow InstanceProfiles and Policies to
 be tagged)

---
 aws/policy/security-services.yaml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/aws/policy/security-services.yaml b/aws/policy/security-services.yaml
index 2da0751..d926273 100644
--- a/aws/policy/security-services.yaml
+++ b/aws/policy/security-services.yaml
@@ -65,8 +65,8 @@ Statement:
       - access-analyzer:ValidatePolicy
       - iam:GetRole
       - iam:List*
-      - iam:TagRole
-      - iam:UntagRole
+      - iam:Tag*
+      - iam:Untag*
       - kms:CreateAlias
       - kms:CreateGrant
       - kms:DeleteAlias