Default Tags in the Terraform AWS Provider
The Terraform AWS Provider now offers users the ability to define default tags at the provider level, simplifying tag management.
The HashiCorp Terraform AWS Provider contains over 700 resources to standardize your AWS infrastructure for configuration in accordance with best practices. One of the most common requests we’ve heard is for the ability to define default tags at the provider level of your Terraform configuration. We’re pleased to announce that as of v3.38.0 of the Terraform AWS provider, you are able to define default tags for all resources except Auto Scaling Groups.
»Using Default Tags
You can set default tags in the provider block of your Terraform configuration. Any tags set here will also be inherited by dependent Terraform modules. Setting default tags at the provider level will not supersede tags set on individual resources as resource tags take precedence.
In order to configure default tags you will need:
- Terraform 0.12 or later
- Terraform AWS Provider v3.38.0 or later
provider "aws" {
default_tags {
tags = {
Environment = "Test"
Owner = "TFProviders"
Project = "Test"
}
}
}
resource "aws_vpc" "example" {
cidr_block = "10.1.0.0/16"
tags = {
Name = "my-vpc-resource"
}
}
resource "aws_subnet" "example" {
cidr_block = "10.1.1.0/24"
vpc_id = aws_vpc.test.id
tags = {
Name = "my-subnet-resource"
}
}
»Default Tags for Auto Scaling Groups
Due to the dynamic nature of Auto Scaling Groups, they behave differently than other AWS resources. In order to set default tags for AWS Auto Scaling Groups, we recommend a standard workaround: Set locals with the default tag and then merge that into the Auto Scaling group.
variable "default_tags" {
default = {
Environment = "Test"
Owner = "TFProviders"
Project = "Test"
}
description = "Default Tags for Auto Scaling Group"
type = map(string)
}
resource “aws_autoscaling_group” "example" {
# ... other configuration ...
# This configuration combines some "default" tags with optionally provided additional tags
tags = merge(
var.default_tags,
{
Name = "MyASG"
},
)
}
»Summary
Default Tags are an easy way to standardize your Terraform Configuration in accordance with AWS’s recommended best practices. Additionally, simplifying tag management throughout your configuration allows for more readable infrastructure as code.
To learn more about the Terraform AWS provider visit the provider documentation on the Terraform Registry. For more information on this feature consult the Terraform AWS Provider Tagging Guide and the Default Tags feature documentation.
To report bugs and request enhancements for this feature, open an issue on the Terraform AWS Provider repository on GitHub. We would love to hear your feedback.
Sign up for the latest HashiCorp news
More blog posts like this one
Terraform ephemeral resources, Waypoint actions, and more at HashiDays 2025
HashiCorp Terraform, Waypoint, and Nomad continue to simplify hybrid cloud infrastructure with new capabilities that help secure infrastructure before deployment and effectively manage it over time.
Terraform migrate 1.1 adds VCS workspace support and enhanced GitOps
Terraform migrate 1.1 adds support for VCS workspaces, expanded Git capabilities, and greater control through both the CLI.
Terraform adds new pre-written Sentinel policies for AWS Foundational Security Best Practices
HashiCorp and AWS introduced a new pre-written policy library to help organizations meet AWS’s Foundational Best Security Practices (FSBP).