Amazon Web Services (AWS) Service Catalog now supports Attributed Based Access Controls (ABAC), allowing customers the ability to use tags to easily manage access and permissions to AWS resources in Service Catalog. Now, Service Catalog administrators have the ability to define their AWS Identity and Access Management (IAM) policies to grant access and specify finer-grained permissions based on tags shared between AWS resource(s) and IAM users or roles. For example, based on a matching set of tags, an IAM entity (e.g., user or role) may be allowed or denied to create resources in their Service Catalog account.
View the full article