2개 답변
- 최신
- 최다 투표
- 가장 많은 댓글
0
This is accomplished through two features: tag-based access control's RequestTag IAM condition key and Tag Policies.
The RequestTag condition forces services which support that IAM condition key to supply tags during resource creation (or tag mutation requests) and their Organization's Tag Policy stipulates what tags must be present on supported resources at creation time or during tag mutations.
Here's a sample RequestTags policy (it can be generalized).
답변함 4년 전
0
Tag policies define which are the correct tags that can be used. Service control policies can be used to prevent resources from being created without a tag. Ref: https://aws.amazon.com/blogs/mt/implement-aws-resource-tagging-strategy-using-aws-tag-policies-and-service-control-policies-scps/
답변함 2년 전