Posted On: Dec 23, 2020

We’ve added support for tagging and attribute-based access control (ABAC) for Service Quotas in your AWS account. You can now attach tags, or user-defined attributes, to applied quotas, enabling you to easily identify, classify, or categorize applied quotas in your AWS account. Applied quotas, or account-specific quotas, are overrides that are specific to your account and that have been granted to you in the past. Additionally, you can now leverage these tags for attribute-based access control (ABAC). ABAC is an authorization strategy that defines permissions based on tags attached to users and AWS resources. ABAC simplifies permissions management — you can author a single permission policy that you won’t need to update as new resources are added to your AWS environment. You can also improve your security posture by authoring granular permission rules based on the tags you define.

Service Quotas enables you to view and manage your AWS service quotas from a central location. You can view the AWS default quotas, your account-level or applied quotas and request for quota increases. Through its integration with AWS CloudWatch, you can also view usage against quotas and configure alarms to get notified when approaching a quota threshold. Additionally, you can set up a quota request template at an AWS Organization level to automatically request a quota increase during account creation. Service Quotas offers both a console experience and programmatic access via the AWS SDK, and is available to all AWS customers at no additional cost.

You can get started with these new features using the Service Quotas console or programmatically via the AWS SDK at no additional cost. For more information, please visit documentation on Tagging in Service Quotas.