CODEWITHSUNDEEP
amazon-web-servicesamazon-ec2aws-lambdatags
hajji_0081
hajji_0081

Reputation: 183

Create tag with multiple values in AWS

Hello,

I'm creating a lambda function on AWS to automatically create tags on EC2 resources. The solution works fine:

ec2.create_tags(Resources=instance_ids,Tags=[{'Key':'environnement','Value':'dev'}])

My question:

Can i create a tag with limited values? like a drop down list ?

So users can only choose from this list ?

ec2.create_tags(Resources=instance_ids,Tags=[{'Key':'environnement','Value':['dev','prod','test']}])

Thanks in advance !

Upvotes: 0

Views: 3012

Answers (2)

deepanmurugan
deepanmurugan

Reputation: 2113

You can attach an IAM policy to the cloudwatch service to create tags only if the expected key/value pair matches. Sample IAM policy.

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "VisualEditor0",
            "Effect": "Allow",
            "Action": [
                "ec2:DeleteTags",
                "ec2:DescribeTags",
                "ec2:CreateTags"
            ],
            "Resource": "*",
            "Condition": {
                "StringEquals": {
                    "aws:RequestTag/Env": [
                        "Prod",
                        "Stage",
                        "Dev"
                    ]
                }
            }
        }
    ]
}

This will only allow if Env tag is being created with values Prod/Stage/Dev. You can add any number of key/value pair to the policy based on your need.

Upvotes: 1

Pubudu Jayawardana
Pubudu Jayawardana

Reputation: 2365

  1. If you are using Cloudformation, you may pre-define set of values to be selected by the user.
  2. You may also enforce tags and values using IAM Role permissions, but this will only validate the request, not prompt the user to select any tags/values. Refer: Tag based permissions

Upvotes: 0

Related Questions