Possibly outdated: S3 Tag-Based Authorization Only for Objects
Closed this issue · 2 comments
In file AWS Services That Work with IAM there's a footnote to S3, stating that "Amazon S3 supports tag-based authorization for only object resources" (lines 52 and 57).
Is this information still current? S3 buckets allow tagging and I built a quick prototype, sucessfully confirming the ability to use tag-based authorization on S3 buckets.
Thanks for pointing this out. I have sent a ticket over to the S3 team to answer your question. Based on the information we have in the IAM documentation (provided by the S3 team), this information hasn't changed.
Hi there! Sorry for the delay. Thanks so much for your patience. The service team confirmed that they do not support tag-based authorization for buckets. There is no update required for the footnote on the page. S3 uses bucket policies to manage access. Bucket tagging can be used for things like tracking costs and organizing buckets. This can be done with the S3 API call PutBucketTagging. To learn more, see https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketTagging.html.
Thanks so much for your feedback!