Amazon S3 now supports attribute-based access control
News
This article announces that Amazon S3 now supports attribute-based access control (ABAC) for general purpose buckets, enabling tag-based permission management.
- ABAC automatically evaluates tag-based conditions in IAM policies before granting access
- Eliminates frequent IAM and bucket policy updates as organizations grow
- Grant access by adding or modifying tags on buckets instead of updating policies
- Enable ABAC using S3 PutBucketAbac API and manage tags via TagResource/UntagResource APIs
- Require specific tags at bucket creation to enforce consistent tagging standards
- Available in all AWS Regions at no additional cost
- Accessible via AWS Management Console, S3 REST API, AWS CLI, SDK, and CloudFormation
S3 ABAC simplifies access governance at scale by leveraging bucket tags for automatic permission management.
The AWS News Feed is currently looking for gold sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.
Related articles
Nov 21
2025
2025
Introducing attribute-based access control for Amazon S3 general purpose buckets
Aug 1
2025
2025
Amazon S3 Access Points now support tags for Attribute-Based Access Control
Sep 3
2024
2024
Amazon DynamoDB announces support for Attribute-Based Access Control
Nov 18
2024
2024
Amazon DynamoDB announces general availability of attribute-based access control
The AWS News Feed is currently looking for silver sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.