Amazon S3 Access Points now support tags for Attribute-Based Access Control
Amazon S3 Access Points now supports tags for Attribute-Based Access Control (ABAC). S3 Access Points simplify managing data access to your shared datasets in S3 general purpose and directory buckets. With ABAC support, you can add tags to your access points and extend your tag-based permissions to new and existing users, roles, and access points. This helps eliminate frequent Amazon Identity and Access Management (IAM), S3 bucket or access point policy updates, simplifying how you scale access governance on your shared datasets.
To get started with tagging your S3 Access points use the Amazon Web Services Management Console, Amazon S3 REST API, Amazon CLI, or the Amazon SDK. ABAC support for access points is available in all the Amazon Web Services regions, including the Amazon Web Services China (Beijing) Region, operated by Sinnet and the Amazon Web Services China (Ningxia) Region, operated by NWCD at no additional cost. To learn more about using tags for access points, visit the S3 User Guide.