Is there a way to provide a custom error message with SCPs?

Hello!

My team has sandboxes for individuals to learn more about AWS, and to test out solutions. We have had issues with individuals not tagging their resources with important tags to identify importance, creator, etc.

While there is the ability to go into metadata and view this, we would like to have this be as efficient as possible, using tags.

So, we have looked into the solution of combining a tag policy with an SCP policy to enforce tag creation, using a condition with aws:TagRequest. The issue with this solution is the error message given if the user does not use the necessary tag:

As you can see, this does not inform the user that the issue is that a tag needs to be created, or the key-value of the needed tag. It is very vague. In this case, an individual new to AWS would more than likely go to an administrator saying that they need a permission, creating more work for the admin.

Yes, the user can use the AWS CLI to decode the error, but that assumes permissions for CLI and that the user would know the command and to look deeper. It's also not very efficient.

You can create custom errors using CloudFront in AWS, but there doesn't seem to be a way to do this in a JSON policy, which doesn't seem great with how many conditions you can use in AWS.

Does anyone know how to do this, or a better way to enforce tags? If this error message cannot be improved upon the next solution we have will be to automate tag creation with resources using CloudWatch and Lambda.

Thank you!