2 Answers
- Newest
- Most votes
- Most comments
0
This is accomplished through two features: tag-based access control's RequestTag IAM condition key and Tag Policies.
The RequestTag condition forces services which support that IAM condition key to supply tags during resource creation (or tag mutation requests) and their Organization's Tag Policy stipulates what tags must be present on supported resources at creation time or during tag mutations.
Here's a sample RequestTags policy (it can be generalized).
answered 4 years ago
0
Tag policies define which are the correct tags that can be used. Service control policies can be used to prevent resources from being created without a tag. Ref: https://aws.amazon.com/blogs/mt/implement-aws-resource-tagging-strategy-using-aws-tag-policies-and-service-control-policies-scps/
answered 2 years ago
Relevant content
- asked 2 years ago
- AWS OFFICIALUpdated 6 months ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 5 months ago
- AWS OFFICIALUpdated 2 years ago