Default Tags in the Terraform AWS Provider
The Terraform AWS Provider now offers users the ability to define default tags at the provider level, simplifying tag management.
The HashiCorp Terraform AWS Provider contains over 700 resources to standardize your AWS infrastructure for configuration in accordance with best practices. One of the most common requests we’ve heard is for the ability to define default tags at the provider level of your Terraform configuration. We’re pleased to announce that as of v3.38.0 of the Terraform AWS provider, you are able to define default tags for all resources except Auto Scaling Groups.
»Using Default Tags
You can set default tags in the provider block of your Terraform configuration. Any tags set here will also be inherited by dependent Terraform modules. Setting default tags at the provider level will not supersede tags set on individual resources as resource tags take precedence.
In order to configure default tags you will need:
- Terraform 0.12 or later
- Terraform AWS Provider v3.38.0 or later
provider "aws" {
default_tags {
tags = {
Environment = "Test"
Owner = "TFProviders"
Project = "Test"
}
}
}
resource "aws_vpc" "example" {
cidr_block = "10.1.0.0/16"
tags = {
Name = "my-vpc-resource"
}
}
resource "aws_subnet" "example" {
cidr_block = "10.1.1.0/24"
vpc_id = aws_vpc.test.id
tags = {
Name = "my-subnet-resource"
}
}
»Default Tags for Auto Scaling Groups
Due to the dynamic nature of Auto Scaling Groups, they behave differently than other AWS resources. In order to set default tags for AWS Auto Scaling Groups, we recommend a standard workaround: Set locals with the default tag and then merge that into the Auto Scaling group.
variable "default_tags" {
default = {
Environment = "Test"
Owner = "TFProviders"
Project = "Test"
}
description = "Default Tags for Auto Scaling Group"
type = map(string)
}
resource “aws_autoscaling_group” "example" {
# ... other configuration ...
# This configuration combines some "default" tags with optionally provided additional tags
tags = merge(
var.default_tags,
{
Name = "MyASG"
},
)
}
»Summary
Default Tags are an easy way to standardize your Terraform Configuration in accordance with AWS’s recommended best practices. Additionally, simplifying tag management throughout your configuration allows for more readable infrastructure as code.
To learn more about the Terraform AWS provider visit the provider documentation on the Terraform Registry. For more information on this feature consult the Terraform AWS Provider Tagging Guide and the Default Tags feature documentation.
To report bugs and request enhancements for this feature, open an issue on the Terraform AWS Provider repository on GitHub. We would love to hear your feedback.
Sign up for the latest HashiCorp news
More blog posts like this one
Scalable, secure infrastructure code the right way: Use a private module registry
How do you ensure standard security, compliance, and reliability best practices are followed across your organization when provisioning infrastructure? A private module registry is the first step.
Vault Enterprise 1.20: SCEP, usage reporting, cloud secret imports
Vault 1.20 adds smarter, streamlined security workflows with encryption updates and UX improvements. The Terraform Vault provider adds ephemeral values.
Automating workload identity for Vault and Nomad with Terraform
Learn how to use HashiCorp Vault and workload identities in your Nomad-orchestrated applications.