Amazon Resource Groups Reference
Use the topics in this section to find reference information for various aspects of Amazon Resource Groups.
Service quotas for Resource Groups
Name | Default | Adjustable | Description |
---|---|---|---|
Resource groups per account | Each supported Region: 100 |
Yes |
The maximum number of resource groups that you can create in this account. A resource group is a collection of Amazon resources that match a specific criteria. |
Note
You can request changes to quotas marked as adjustable by using the Amazon Resource Groups page in the Service Quotas console
Amazon managed policies available for use with Amazon Resource Groups
Amazon-managed IAM permission policies enable you to grant pre-configured permissions to the IAM principals, such as roles and users, in your account. Amazon managed policies are tested and adhere to best practice recommendations, so you can reliably use them in the scenarios for which they're define. As new resource types are supported as members of resource groups, and as new resource types support tagging, Amazon automatically updates these policies to support them. You don't need to do anything.
The following table lists the Amazon-managed IAM permission policies available for you to use to grant permissions to Amazon Resource Groups.
Policy name and ARN | Description |
---|---|
AWSResourceGroupsReadOnlyAccess
|
Grants read-only access to the Amazon Resource Groups management console. It includes permission to view the details of a resource, including the list of attached tags. This policy doesn't grant permission to make any changes to resource groups or tags. |
ResourceGroupsandTagEditorReadOnlyAccess
|
Grants read-only access to the Amazon Resource Groups management console, including the Tag Editor. It includes permission to view the details of a resource, including its tags. You can use the Tag Editor to view resources that match tag queries. This policy doesn't grant permission to make any changes to resource groups or tags. |
ResourceGroupsandTagEditorFullAccess
|
Grants full administrative access to the Amazon Resource Groups management console. It includes permissions to view, create, and modify resource groups. It also includes permissions to view, set, and modify tags for any resources that are supported by Tag Editor. |