Default Tags in the Terraform AWS Provider
The Terraform AWS Provider now offers users the ability to define default tags at the provider level, simplifying tag management.
The HashiCorp Terraform AWS Provider contains over 700 resources to standardize your AWS infrastructure for configuration in accordance with best practices. One of the most common requests we’ve heard is for the ability to define default tags at the provider level of your Terraform configuration. We’re pleased to announce that as of v3.38.0 of the Terraform AWS provider, you are able to define default tags for all resources except Auto Scaling Groups.
»Using Default Tags
You can set default tags in the provider block of your Terraform configuration. Any tags set here will also be inherited by dependent Terraform modules. Setting default tags at the provider level will not supersede tags set on individual resources as resource tags take precedence.
In order to configure default tags you will need:
- Terraform 0.12 or later
- Terraform AWS Provider v3.38.0 or later
provider "aws" {
default_tags {
tags = {
Environment = "Test"
Owner = "TFProviders"
Project = "Test"
}
}
}
resource "aws_vpc" "example" {
cidr_block = "10.1.0.0/16"
tags = {
Name = "my-vpc-resource"
}
}
resource "aws_subnet" "example" {
cidr_block = "10.1.1.0/24"
vpc_id = aws_vpc.test.id
tags = {
Name = "my-subnet-resource"
}
}
»Default Tags for Auto Scaling Groups
Due to the dynamic nature of Auto Scaling Groups, they behave differently than other AWS resources. In order to set default tags for AWS Auto Scaling Groups, we recommend a standard workaround: Set locals with the default tag and then merge that into the Auto Scaling group.
variable "default_tags" {
default = {
Environment = "Test"
Owner = "TFProviders"
Project = "Test"
}
description = "Default Tags for Auto Scaling Group"
type = map(string)
}
resource “aws_autoscaling_group” "example" {
# ... other configuration ...
# This configuration combines some "default" tags with optionally provided additional tags
tags = merge(
var.default_tags,
{
Name = "MyASG"
},
)
}
»Summary
Default Tags are an easy way to standardize your Terraform Configuration in accordance with AWS’s recommended best practices. Additionally, simplifying tag management throughout your configuration allows for more readable infrastructure as code.
To learn more about the Terraform AWS provider visit the provider documentation on the Terraform Registry. For more information on this feature consult the Terraform AWS Provider Tagging Guide and the Default Tags feature documentation.
To report bugs and request enhancements for this feature, open an issue on the Terraform AWS Provider repository on GitHub. We would love to hear your feedback.
Sign up for the latest HashiCorp news
More blog posts like this one
Build secure, AI-driven workflows with Terraform and Vault MCP servers
At AWS Summit New York, HashiCorp introduced new capabilities that bring Terraform, Vault, and Vault Radar into the age of AI agents — advancing secure, automated infrastructure through composable, agentic systems.
Terraform without writing code: How to build self-service with no-code modules
Terraform no-code modules are an advanced infrastructure as code best practice that helps everyone in the org use standard, approved modules, even if you don’t know Terraform.
Helvetia’s journey building an enterprise serverless product with Terraform
What started as a basic compliance challenge for one team at Helvetia Insurance evolved into a comprehensive enterprise solution for running self-managed installations like a cloud service, using Terraform to manage a serverless architecture.