3回答
- 新しい順
- 投票が多い順
- コメントが多い順
0
Did you follow all of the steps:
- Enable tag policies for the organization
- Create the tag policy for the Name and Product tags (your code snippet above only shows a policy for a Product tag)
- Attach the tag policy to the Account or OU containing the account your testing in?
- Create the SCP(s) to enforce the presence of the the two required tags? -- the tag policy in step 2 only enforces the required tag value, not that the tag itself is present
- Attach the 'tag present' SCP to the Account or OU containing the account your testing in?
回答済み 2年前
0
I don't think I did 4. I did the other items already. Let me work on these and will report back. Thanks for your help.
回答済み 2年前
0
I did this although I am not 100% sure I am doing it correctly. I want the 'Product' tag to be only these values specified and if they are not, or the tag is not even added, then enforce for the instance to error out and not launch. What am I missing here?
{
"tags": {
"Product": {
"tag_key": {
"@@assign": "Product"
},
"tag_value": {
"@@assign": [
"Name1",
"Name2",
"Name3",
"Name4",
"Name5",
"Name6",
"Name7",
"Name8"
]
},
"enforced_for": {
"@@assign": [
"ec2:instance",
"ec2:volume"
]
}
}
}
}
回答済み 2年前
