Posted On: Dec 20, 2018

AWS Elastic Beanstalk now supports additional access control with tag-based permissions. This allows you to control access based on tags using your existing AWS Identity and Access Management (IAM) policies and taking advantage of the global condition keys for RequestTag/tag-key, ResourceTag/tag-key, and TagKeys. 

Tags are simple labels consisting of a customer-defined key and an optional value that can make it easier to manage, search for, and filter resources. Although there are no inherent types of tags, they enable customers to categorize resources by purpose, owner, or other criteria. For example, you can tag Elastic Beanstalk environments based on business units and only allow access to those environments to members of that business unit. When new environments are launched with tags, the corresponding IAM permissions are automatically applied.

Previously, you could only control access to Elastic Beanstalk resources and actions based on using unique resource identifiers (ARNs), which required manual permission updates as your Elastic Beanstalk resources changed. To learn more, refer to Controlling Access to Elastic Beanstalk Resources Using Tags.

Visit the AWS global region table for a full list of AWS Regions where AWS Elastic Beanstalk is available.

For more information on AWS Elastic Beanstalk: