With the ability to tag IAM Users (and Roles?) it would be nice to be able to be able to identify when principals belong to certain clusters and then identify when principals can access other principals outside their cluster. Good for use-cases where people use aws:PrincipalTag conditions.
With the ability to tag IAM Users (and Roles?) it would be nice to be able to be able to identify when principals belong to certain clusters and then identify when principals can access other principals outside their cluster. Good for use-cases where people use
aws:PrincipalTag
conditions.cluster
?)