bug: tag policy documentation is not in line with actual enforcement …

…options enforced by the tag policies service (#188)
schubergphilis · Aug 9, 2023 · 1e9e434 · 1e9e434
1 parent 4efb6c7
commit 1e9e434
Showing 1 changed file with 43 additions and 29 deletions.
diff --git a/modules/tag-policy-assignment/locals.tf b/modules/tag-policy-assignment/locals.tf
@@ -4,6 +4,7 @@ locals {
     "acm:*",
     "amplifyuibuilder:app/environment/components",
     "amplifyuibuilder:app/environment/themes",
+    "aoss:collection",
     "apigateway:apikeys",
     "apigateway:domainnames",
     "apigateway:restapis",
@@ -21,7 +22,8 @@ locals {
     "backup-gateway:gateway",
     "backup-gateway:hypervisor",
     "backup-gateway:vm",
-    "backup:*",
+    "backup:backup-plan",
+    "backup:backup-vault",
     "batch:job",
     "batch:job-definition",
     "batch:job-queue",
@@ -31,11 +33,18 @@ locals {
     "chime:app-instance",
     "chime:app-instance/channel",
     "chime:app-instance/user",
+    "chime:media-pipeline",
+    "chime:meeting",
+    "cleanrooms:collaboration",
+    "cleanrooms:configuredtable",
+    "cleanrooms:membership",
+    "cleanrooms:membership/configuredtableassociation",
     "cloud9:environment",
     "cloudfront:*",
     "cloudtrail:*",
     "cloudwatch:*",
     "codebuild:*",
+    "codecatalyst:connections",
     "codecommit:*",
     "codeguru-reviewer:association",
     "codepipeline:*",
@@ -51,10 +60,8 @@ locals {
     "connect:instance/queue",
     "connect:instance/routing-profile",
     "connect:instance/transfer-destination",
+    "diode-messaging:mapping",
     "directconnect:*",
-    "directconnect:dxcon",
-    "directconnect:dxlag",
-    "directconnect:dxvif",
     "dlm:policy",
     "dms:*",
     "dynamodb:*",
@@ -101,15 +108,13 @@ locals {
     "elasticbeanstalk:configurationtemplate",
     "elasticbeanstalk:platform",
     "elasticfilesystem:*",
-    "elasticfilesystem:file-system",
     "elasticloadbalancing:*",
-    "elasticloadbalancing:loadbalancer",
-    "elasticloadbalancing:targetgroup",
-    "elasticmapreduce:*",
+    "elasticmapreduce:cluster",
+    "elasticmapreduce:editor",
+    "emr-serverless:applications",
     "es:domain",
     "events:*",
     "firehose:*",
-    "firehose:deliverystream",
     "frauddetector:detector",
     "frauddetector:detector-version",
     "frauddetector:model",
@@ -137,17 +142,17 @@ locals {
     "iam:saml-provider",
     "iam:server-certificate",
     "inspector2:filter",
+    "internetmonitor:monitor",
     "iotanalytics:*",
-    "iotanalytics:channel",
-    "iotanalytics:dataset",
-    "iotanalytics:datastore",
-    "iotanalytics:pipeline",
     "iotevents:*",
     "iotfleethub:application",
+    "iotroborunner:site",
+    "iotroborunner:site/destination",
+    "iotroborunner:site/worker-fleet",
+    "iotroborunner:site/worker-fleet/worker",
     "iotsitewise:asset",
     "iotsitewise:asset-model",
     "kinesisanalytics:*",
-    "kinesisanalytics:application",
     "kms:*",
     "lambda:*",
     "logs:log-group",
@@ -159,10 +164,22 @@ locals {
     "network-firewall:firewall-policy",
     "network-firewall:stateful-rulegroup",
     "network-firewall:stateless-rulegroup",
+    "oam:link",
+    "oam:sink",
+    "omics:annotationStore",
+    "omics:referenceStore",
+    "omics:referenceStore/reference",
+    "omics:run",
+    "omics:runGroup",
+    "omics:sequenceStore",
+    "omics:sequenceStore/readSet",
+    "omics:variantStore",
+    "omics:workflow",
     "organizations:account",
     "organizations:ou",
     "organizations:policy",
     "organizations:root",
+    "pipes:pipe",
     "ram:*",
     "rbin:rule",
     "rds:cluster-endpoint",
@@ -176,19 +193,9 @@ locals {
     "rds:secgrp",
     "rds:subgrp",
     "rds:target-group",
+    "redshift-serverless:namespace",
+    "redshift-serverless:workgroup",
     "redshift:*",
-    "redshift:cluster",
-    "redshift:dbgroup",
-    "redshift:dbname",
-    "redshift:dbuser",
-    "redshift:eventsubscription",
-    "redshift:hsmclientcertificate",
-    "redshift:hsmconfiguration",
-    "redshift:parametergroup",
-    "redshift:snapshot",
-    "redshift:snapshotcopygrant",
-    "redshift:snapshotschedule",
-    "redshift:subnetgroup",
     "resource-groups:*",
     "route53:hostedzone",
     "route53resolver:*",
@@ -206,9 +213,15 @@ locals {
     "sagemaker:processing-job",
     "sagemaker:project",
     "sagemaker:training-job",
+    "scheduler:schedule-group",
     "secretsmanager:*",
-    "servicecatalog:application",
+    "servicecatalog:applications",
     "servicecatalog:attribute-groups",
+    "sms-voice:configuration-set",
+    "sms-voice:opt-out-list",
+    "sms-voice:phone-number",
+    "sms-voice:pool",
+    "sms-voice:sender-id",
     "sns:topic",
     "sqs:queue",
     "ssm-contacts:contact",
@@ -224,12 +237,13 @@ locals {
     "transfer:user",
     "transfer:workflow",
     "wellarchitected:workload",
+    "wickr:network",
     "wisdom:assistant",
     "wisdom:association",
     "wisdom:content",
-    "wisdom:knowledge",
+    "wisdom:knowledge-base",
     "wisdom:session",
     "worklink:fleet",
-    "workspaces:*",
+    "workspaces:*"
   ]
 }