1 Resposta
- Mais recentes
- Mais votos
- Mais comentários
0
This is the expected behaviour; Tag Policies only enforce values for tags which are present and do not enforce the presence of a tag: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_tag-policies-enforcement.html
As alternatives you could specify in the IAM policy that the tag must be specified on creation of the resource, and/or you can use AWS Config to report compliance on tag presence or not.
Conteúdo relevante
- AWS OFICIALAtualizada há 2 anos