Tag-based Policies

Amazon SWF supports policies based on tags. For instance, you could restrict Amazon SWF domains that include a tag with the key environment and the value production:


{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Deny",
            "Action": "swf:*",
            "Resource": "arn:aws:swf:*:123456789012:/domain/*",
            "Condition": {
                "StringEquals": {"aws:ResourceTag/environment": "production"}
            }
        }
    ]
}

This policy will Deny the access to any domain that has been tagged as environment/production.

For more information on tagging, see:

Tags
Controlling Access Using IAM Tags

Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

API Summary

Amazon VPC endpoints