Learn more about AWS Resource Groups authorization and access control

Resource Groups supports the following.

Action-based policies. For example, you can create a policy that allows users to perform ListGroups operations, but no others.
Resource-level permissions. Resource Groups supports using ARNs to specify individual resources in the policy.
Authorization based on tags. Resource Groups supports using resource tags in the condition of a policy. For example, you can create a policy that allows Resource Groups users full access to a group that you have tagged.
Temporary credentials. Users can assume a role with a policy that allows AWS Resource Groups operations.

Resource Groups doesn't support resource-based policies.

For more information about how Resource Groups and Tag Editor integrate with AWS Identity and Access Management (IAM), see the following topics in the AWS Identity and Access Management User Guide.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Granting permissions for using AWS Resource Groups and Tag Editor

AWS services that work with AWS Resource Groups