IAM : AWS services not supported and tagging support

I often get the question of which services do not support IAM?  Some services and features do not support IAM and must use the AWS root account credentials:

• Vulnerability Scanning Coordination Form
• AWS Workspaces
• Visibility of all Data Pipelines
• Specific account management pages, such as account profile, AWS account security credentials, payment methods and management of consolidated billing 
• AWS DevPay 
• CloudFront keypair creation

A full list of supported services is here:
http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_SpecificProducts.html

This page also provides a great list of IAM resource level permissions support, tagging, and STS.

Tagging Oracle Database Instances

Instance tagging is a great way to manage and monitor instances.  It is also the way to do departmental billing and now with EC2 IAM resource level permissions a method to control the actions users and groups can perform on EC2 instances (more here: http://aws.amazon.com/about-aws/whats-new/2013/07/08/announcing-resource-permissions-for-amazon-ec2-and-amazon-rds/)

Placing tags on EC2 instances is this easy:
aws ec2 create-tags --resources i-f0ef69c6 --tags "Key=Cost Center,Value=AWS"
aws ec2 create-tags --resources i-f0ef69c6 --tags "Key=tier,Value=database"
aws ec2 create-tags --resources i-f0ef69c6 --tags "Key=environment,Value=test"
aws ec2 create-tags --resources i-f0ef69c6 --tags "Key=email,Value=thomas.laszewski@gmail.com"

To view all instances (and the value) with the cost center tag issue the following command:

aws ec2 describe-tags --filters "Name=key,Values=Cost Center"

Most monitoring and billing tools (CloudHealth, Cloudcheckr etc) use tagging to manage, monitor, and report costs and usage.