Service quotas for Resource Groups Amazon managed policies available for use with Amazon Resource Groups

Amazon Resource Groups Reference

Use the topics in this section to find reference information for various aspects of Amazon Resource Groups.

Service quotas for Resource Groups

Name	Default	Adjustable	Description
Resource groups per account	Each supported Region: 100	Yes	The maximum number of resource groups that you can create in this account. A resource group is a collection of Amazon resources that match a specific criteria.

Note

You can request changes to quotas marked as adjustable by using the Amazon Resource Groups page in the Service Quotas console.

Amazon managed policies available for use with Amazon Resource Groups

Amazon-managed IAM permission policies enable you to grant pre-configured permissions to the IAM principals, such as roles and users, in your account. Amazon managed policies are tested and adhere to best practice recommendations, so you can reliably use them in the scenarios for which they're define. As new resource types are supported as members of resource groups, and as new resource types support tagging, Amazon automatically updates these policies to support them. You don't need to do anything.

The following table lists the Amazon-managed IAM permission policies available for you to use to grant permissions to Amazon Resource Groups.

Policy name and ARN Description

Policy name and ARN	Description
AWSResourceGroupsReadOnlyAccess `arn:aws-cn:iam::aws:policy/AWSResourceGroupsReadOnlyAccess`	Grants read-only access to the Amazon Resource Groups management console. It includes permission to view the details of a resource, including the list of attached tags. This policy doesn't grant permission to make any changes to resource groups or tags.
ResourceGroupsandTagEditorReadOnlyAccess `arn:aws-cn:iam::aws:policy/ResourceGroupsandTagEditorReadOnlyAccess`	Grants read-only access to the Amazon Resource Groups management console, including the Tag Editor. It includes permission to view the details of a resource, including its tags. You can use the Tag Editor to view resources that match tag queries. This policy doesn't grant permission to make any changes to resource groups or tags.
ResourceGroupsandTagEditorFullAccess `arn:aws-cn:iam::aws:policy/ResourceGroupsandTagEditorFullAccess`	Grants full administrative access to the Amazon Resource Groups management console. It includes permissions to view, create, and modify resource groups. It also includes permissions to view, set, and modify tags for any resources that are supported by Tag Editor.

AWSResourceGroupsReadOnlyAccess

arn:aws-cn:iam::aws:policy/AWSResourceGroupsReadOnlyAccess

Grants read-only access to the Amazon Resource Groups management console. It includes permission to view the details of a resource, including the list of attached tags. This policy doesn't grant permission to make any changes to resource groups or tags.

ResourceGroupsandTagEditorReadOnlyAccess

arn:aws-cn:iam::aws:policy/ResourceGroupsandTagEditorReadOnlyAccess

Grants read-only access to the Amazon Resource Groups management console, including the Tag Editor. It includes permission to view the details of a resource, including its tags. You can use the Tag Editor to view resources that match tag queries. This policy doesn't grant permission to make any changes to resource groups or tags.

ResourceGroupsandTagEditorFullAccess

arn:aws-cn:iam::aws:policy/ResourceGroupsandTagEditorFullAccess

Grants full administrative access to the Amazon Resource Groups management console. It includes permissions to view, create, and modify resource groups. It also includes permissions to view, set, and modify tags for any resources that are supported by Tag Editor.

Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Service quotas

Document history