Posted On: Mar 22, 2023
Amazon Organizations tag policies are now available in both the Amazon Web Services China (Beijing) Region, operated by Sinnet, and Amazon Web Services (Ningxia) Region, operated by NWCD. The tag policies feature is available to customers through the Amazon Web Services Console, Amazon Command Line Interface (CLI), or Amazon SDKs.
Tag policies is a new feature that allows you to define rules on how tags can be used on Amazon Web Services resources in your accounts in Amazon Organizations. You can use tag Policies to standardize tags for your Amazon Web Services resources.
With tag policies, you can ensure your developers apply consistent tags, audit tagged resources, and maintain proper resource categorization. Using tag policies, you can define and enforce tag key capitalization requirements and their allowed tag values. For example, you can define the tags CostCenter and SecurityGroup where CostCenter must be ‘123’ and SecurityGroup can be ‘red-team’ or ‘blue-team’. Standardized tags enable you to confidently leverage tags for critical use cases such as cost allocation and attribute-based access control because you can ensure your resources are tagged with the right attributes.
Tag policies is integrated with Amazon Organizations, a service for central governance and management across Amazon Web Services accounts. You can apply a tag policy to your entire organization, specific organizational units, and to individual accounts. After applying a policy, you can export a cross-account, cross-region report that helps you easily identify tags that don’t align with your policy. You can then easily aggregate, view, and share this data with resource owners to correct such noncompliant tags. Also, you can optionally specify enforcement to prevent noncompliant tag changes such as updating a tag with a value not allowed by your policy. The service endpoints for Amazon Organizations tag policies are located in the Amazon Web Services China (Ningxia) region, operated by NWCD.
Tag policies is available at no additional cost to Amazon Organizations customers. To learn more, see the technical documentation here.