Simplify Amazon Organization Tag Policies using new wildcard statement
Amazon Organizations Tag Policies announces wildcard support for Tag Policies using ALL_SUPPORTED in the Resource element. With this, you can simplify your policy authoring experience and reduce your policy size. You can now specify that your Tag Policy applies to all supported resource types for a given Amazon Web Services service in a single line, instead of individually adding them to your policy.
Tag Policies enable you to enforce consistent tagging across your accounts with proactive compliance, governance and control. For example, you can define a policy that all EC2 instances with “Environment” tag key must use only "Prod" or "Non-Prod" values. Previously, you had to list each EC2 resource type individually in a Tag Policy, such as instances, volumes, and snapshots. With ALL_SUPPORTED wildcard, you can now apply the same rule to all supported EC2 or S3 resource types in a single line.
You can use this feature via Amazon Web Services Management Console, Amazon Command Line Interface, and Amazon Software Development Kit. This feature is available in Amazon Web Services China (Beijing) Region, operated by Sinnet and Amazon Web Services China (Ningxia) Region, operated by NWCD. To learn more, visit Tag Policies documentation.