Hello, I need to write an Organizations Tag Policy that carves out an exception for a particular AWS Principal - in this case an IAM role. Is this possible? It's not clear from the documentation https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_example-tag-policies.html ... simply because it doesn't mention Principals, I am thinking they aren't supported.
From my reading I do not think making an exception for a particular Principal is supported with Tag Policy
You may though be able to achieve similar with an SCP which does allow Principal exception
Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.
Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.