We’ve added support for tagging and attribute-based access control (ABAC) for Service Quotas in your AWS account. You can now attach tags, or user-defined attributes, to applied quotas, enabling you to easily identify, classify, or categorize applied quotas in your AWS account. Applied quotas, or account-specific quotas, are overrides that are specific to your account and that have been granted to you in the past. Additionally, you can now leverage these tags for attribute-based access control (ABAC). ABAC is an authorization strategy that defines permissions based on tags attached to users and AWS resources. ABAC simplifies permissions management — you can author a single permission policy that you won’t need to update as new resources are added to your AWS environment. You can also improve your security posture by authoring granular permission rules based on the tags you define.
Source:: Amazon AWS