Posted On: Jun 21, 2023
Today, AWS Purchase Order Management announces the general availability of ‘Attribute-based & Resource-based access control’ for purchase orders (POs) created in the AWS Console. This launch allows you to tag purchase orders (POs) that are created on AWS Console and control access at a resource level with IAM policies. The AWS console also offers the ability to manage resource tags.
Previously, AWS did not support resource-level access control for individual purchase orders created under the same payer account. Therefore, customers couldn’t set up permission control for specific purchase order(s) and had to provide access to all purchase orders created for a payer account. With this launch, customers can now use resource level tags to identify the required purchase orders and control access more intentionally.
This new feature is available in all commercial regions including China (Beijing, operated by Sinnet), and China (Ningxia, operated by NWCD). To learn how to create tags for attribute-based access control, please see our documentation.