Add TagSession permission to Self-Assume policy

[BeyondEvil]

Is your request related to a problem? Please describe.

Currently when using the oob self-assume feature, the sts:TagSession permission is not added. It's a very common requirement when assuming roles to have that permission.

Describe the solution you'd like.

I see four possible ways forward:

• Hardcode it
• (Re)use the trusted_role_actions
• Duplicate the trusted_role_actions and create a trusted_self_role_actions (or similar, naming is hard)
• Use the alternative approach, aka. the workaround, below.

Describe alternatives you've considered.

The current workaround is to use custom_role_trust_policy and provide the trust policy in its entirety "manually".

I'm happy to provide a PR.

[BeyondEvil]

ping @bryantbiggs

[bryantbiggs]

I don't know what this means - you'll have to provide more details and why this is a valid use case

[github-actions]

This issue has been automatically marked as stale because it has been open 30 days
with no activity. Remove stale label or comment or this issue will be closed in 10 days

[github-actions]

This issue was automatically closed because of stale in 10 days