This repository has been archived by the owner on Sep 17, 2024. It is now read-only.
Tagging instances launched from Service Catalog #5
Labels
Comments
|
Hi @deejanu, Marking this as an enhancement. Don't see a way to extract this data from a single CloudTrail event, but no doubt that if we found a matching AssumeRole event, we could work this out. Marking this as an enhancement and will get to it eventually. Any interest in trying to implement and create a pull request? |
|
The matching AssumeRole event will have the same AccessKeyId as the RunInstances event that provisioned the EC2 instance. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Tagging works when I log in as tester user and launch EC2 instance via EC2 console. It creates tag in following format:
Key: AutoTag_Creator
Value: arn:aws:iam::1234567890:user/tester
I also use CFT templates to launch EC2 instance (stack) via Service Catalog. When I log in as the same tester user or any other user and launch EC2 instance (stack) via Service Catalog the instance is always getting tagged with:
Key: AutoTag_Creator
Value: arn:aws:sts::1234567890:assumed-role/LinuxUbuntuServerLaunchRole/servicecatalog
Is there a way to capture and tag authenticated user (tester) instead of assumed-role?
The text was updated successfully, but these errors were encountered: