I have had to do something like this to query IAM for information. I attacked my issue by shelling out and running an AWS CLI command (and passing aws_access_key, aws_secret_key and aws_region as variables)
export AWS_ACCESS_KEY_ID={{aws_access_key}}; export AWS_SECRET_ACCESS_KEY={{aws_secret_key}};/bin/aws iam list-roles --query 'Roles[*].[\"RoleName\",\"Arn\"]' --output text --region {{aws_region}}
In your case, you might do something like this in Ansible by adding two new variables: user_name and tags (YMMV as I wrote this at the browser; not sure if its syntactically correct):
- name: Set fact for user name:
set_fact:
user_name: "Some user name"
- name: set iam user tags
set_fact:
iam_user_tags:
user_tag1: "same_value"
user_tag2: "same_value"
user_tag3: "same_value"
- name: Set tags for user using AWS CLI
shell: "export AWS_ACCESS_KEY_ID={{aws_access_key}}; export AWS_SECRET_ACCESS_KEY={{aws_secret_key}};/bin/aws iam tag-user --user-name {{user_name}} --tags {{iam_user_tags}}"
Honestly, I would probably attack this with a library using python/boto3. If you have time, its pretty easy to build and run.