1 Answer
- Newest
- Most votes
- Most comments
0
That condition is testing the tags of the role, since that is the resource specified in the policy and the resource the policy is attached to.
Instead of testing the tag of a certificate, test the attributes that are extracted from the cert. See: Trust policy.
I would put it in the Subject Name Alternative, DirName, CommonName. But you will need to use the CLI to generate this as the console does not have this option. See: issue-certificate.
Relevant content
- Accepted Answerasked a year ago
- asked 5 months ago
- Accepted Answerasked a year ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 years ago
Ok, thanks. In certificates, subject CN is the domain name we provide while ACM creates the certificate. My use case needs to add UUID in the certificates to differentiate between 2 devices. Where should UUID be added?