From b2f7c8326e53c1a009fec2e921940587879229fc Mon Sep 17 00:00:00 2001
From: Xavier Schildwachter <x.schildwachter@sagebase.org>
Date: Mon, 2 Sep 2024 19:59:23 -0700
Subject: [PATCH] Add *ObjectTagging perms

---
 templates/S3/synapse-external-bucket.j2 | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/templates/S3/synapse-external-bucket.j2 b/templates/S3/synapse-external-bucket.j2
index f09823c..c01671f 100644
--- a/templates/S3/synapse-external-bucket.j2
+++ b/templates/S3/synapse-external-bucket.j2
@@ -137,6 +137,7 @@ Resources:
               AWS: !Ref GrantAccess
             Action:
               - "s3:GetObject"
+              - "s3:GetObjectTagging"
               - "s3:GetObjectAcl"
               - "s3:ListMultipartUploadParts"
               - "s3:GetObjectAttributes"
@@ -150,6 +151,7 @@ Resources:
                 AWS: !Ref GrantAccess
               Action:
                 - "s3:PutObject"
+                - "s3:PutObjectTagging"
                 - "s3:PutObjectAcl"
                 - "s3:DeleteObject*"
                 - "s3:*MultipartUpload*"