Attribute-Based Access Control (ABAC) for the AWS Key Management Service

Today, the AWS Key Management Service (KMS) is announcing availability for attribute-based access control (ABAC) to allow the use of tags and aliases in policy conditions for IAM policies and AWS KMS key policies. Attribute-based access control is an authorization strategy that defines permissions based on tags which can be attached to users and AWS resources. KMS additionally supports the use of key aliases in policy conditions.

Source:: Amazon AWS