AWS CLI Add Tags to IAM User

How to add tags to an existing IAM user via AWS CLI.

aws iam tag-user \
--user-name john.doe \
--tags '{"Key": "Department", "Value": "Accounting"}'

Multiple tags.

aws iam tag-user \
--user-name john.doe \
--tags '[{"Key": "Department", "Value": "Accounting"},{"Key": "Manager", "Value": "jane.doe"}]'

Route 53 Policy to Change Records

Here’s the IAM policy you’ll need to change Route 53 DNS records. Substitute with your own hosted zone id.

{
   "Statement":[{
      "Effect":"Allow",
      "Action":["route53:ChangeResourceRecordSets"],
      "Resource":"arn:aws:route53:::hostedzone/*HOSTEDZONEID*"
      }
   ],
   "Statement":[{
      "Effect":"Allow",
      "Action":["route53:GetChange"],
      "Resource":"arn:aws:route53:::change/*"
      }
   ]
}

Add to policy to a user.

API Gateway Policy

This policy gives a user access to the API gateway.

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "apigateway-policy",
            "Effect": "Allow",
            "Action": [
                "apigateway:DELETE",
                "apigateway:PUT",
                "apigateway:PATCH",
                "apigateway:POST",
                "apigateway:GET"
            ],
            "Resource": "*"
        }
    ]
}