Hello, I need to write an Organizations Tag Policy that carves out an exception for a particular AWS Principal - in this case an IAM role. Is this possible? It's not clear from the documentation https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_example-tag-policies.html ... simply because it doesn't mention Principals, I am thinking they aren't supported.
From my reading I do not think making an exception for a particular Principal is supported with Tag Policy
You may though be able to achieve similar with an SCP which does allow Principal exception
로그인하지 않았습니다. 로그인해야 답변을 게시할 수 있습니다.
좋은 답변은 질문에 명확하게 답하고 건설적인 피드백을 제공하며 질문자의 전문적인 성장을 장려합니다.