Title: Consider expanding collection of AWS Tags, beyond those supported by the Resource Groups Tagging API

Description:

A subset of AWS resources do not support querying tags through the Resource Groups Tagging API. Of particular note, identity data - say, a user or group, which are currently, as far as I can tell, not covered by resourcegroupstaggingapi.

Perhaps this is something Amazon is working on, and it's not worth the work. But to me, having metadata for users and groups would be pretty valuable. I suspect there may be other resources, those just stood out as "wait, these seem like really important resources, but we can't see tags in cartography?"

Relevant Links:

• Services that support the Resource Groups Tagging API. Not that this is super helpful. "Here are a mix of IAM resources, some of which you can query tags for, some of which you can't." I'm a bit new to AWS though, so, maybe this is documented more clearly somewhere.
• Your docs indicating "tag support for the supported resources, if supported by the resource groups tagging API". I'm not clear on whether this is a design decision, or simply documentation of the current implementation / limitations.

Thanks!

Your docs indicating "tag support for the supported resources, if supported by the resource groups tagging API". I'm not clear on whether this is a design decision, or simply documentation of the current implementation / limitations.

Rather than have N modules create their own logic for attaching tags, we tried to rely on the resourcegroupstaggingapi to centralize that. Thanks for bringing up that there are some resources not supported by this (ugh).

I guess in the case of IAM users and roles we'd have to do a one-off thing to match how we've implemented it with the resourcegroupstaggingapi. As long as the schema matches and as long as it uses our data model, I'd support a change and help answer questions.