Tag - Amazon Security Token Service
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China.

Tag

You can pass custom key-value pair attributes when you assume a role or federate a user. These are called session tags. You can then use the session tags to control access to resources. For more information, see Tagging Amazon STS Sessions in the IAM User Guide.

Contents

Key

The key for a session tag.

You can pass up to 50 session tags. The plain text session tag keys can’t exceed 128 characters. For these and additional limits, see IAM and Amazon STS Character Limits in the IAM User Guide.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 128.

Pattern: [\p{L}\p{Z}\p{N}_.:/=+\-@]+

Required: Yes

Value

The value for a session tag.

You can pass up to 50 session tags. The plain text session tag values can’t exceed 256 characters. For these and additional limits, see IAM and Amazon STS Character Limits in the IAM User Guide.

Type: String

Length Constraints: Minimum length of 0. Maximum length of 256.

Pattern: [\p{L}\p{Z}\p{N}_.:/=+\-@]*

Required: Yes

See Also

For more information about using this API in one of the language-specific Amazon SDKs, see the following: