aws-sso-cli icon indicating copy to clipboard operation
aws-sso-cli copied to clipboard
verified publisher icon synfinatic

Discover role and account tags

Open synfinatic opened this issue 3 years ago • 2 comments

admins can tag role and accounts:

  • iam:ListRoleTags
  • organizations:ListTagsForResource (account, OU, root)

synfinatic avatar Jan 23 '22 00:01 synfinatic

this is going to be very expensive for users with lots of accounts. Would probably need to be opt-in? Not sure how useful these tags are to users... would require admins to be organized.

synfinatic avatar Aug 02 '23 20:08 synfinatic

most users will not have access to organizations:ListTagsForResource. The iam:listRoleTags seems more useful, but very expensive.

synfinatic avatar Aug 21 '23 02:08 synfinatic