[ aws ]
This guide describes the API operations for the resource groups tagging.
A tag is a label that you assign to an AWS resource. A tag consists of a key and a value, both of which you define. For example, if you have two Amazon EC2 instances, you might assign both a tag key of “Stack.” But the value of “Stack” might be “Testing” for one and “Production” for the other.
Tagging can help you organize your resources and enables you to simplify resource management, access management and cost allocation.
You can use the resource groups tagging API operations to complete the following tasks:
Tag and untag supported resources located in the specified Region for the AWS account.
Use tag-based filters to search for resources located in the specified Region for the AWS account.
List all existing tag keys in the specified Region for the AWS account.
List all existing values for the specified key in the specified Region for the AWS account.
To use resource groups tagging API operations, you must add the following permissions to your IAM policy:
tag:GetResources
tag:TagResources
tag:UntagResources
tag:GetTagKeys
tag:GetTagValues
You’ll also need permissions to access the resources of individual services so that you can tag and untag those resources.
For more information on IAM policies, see Managing IAM Policies in the IAM User Guide .
You can use the Resource Groups Tagging API to tag resources for the following AWS services.
Alexa for Business (a4b)
API Gateway
Amazon AppStream
AWS AppSync
AWS App Mesh
Amazon Athena
Amazon Aurora
AWS Backup
AWS Certificate Manager
AWS Certificate Manager Private CA
Amazon Cloud Directory
AWS CloudFormation
Amazon CloudFront
AWS CloudHSM
AWS CloudTrail
Amazon CloudWatch (alarms only)
Amazon CloudWatch Events
Amazon CloudWatch Logs
AWS CodeBuild
AWS CodeCommit
AWS CodePipeline
AWS CodeStar
Amazon Cognito Identity
Amazon Cognito User Pools
Amazon Comprehend
AWS Config
AWS Data Exchange
AWS Data Pipeline
AWS Database Migration Service
AWS DataSync
AWS Device Farm
AWS Direct Connect
AWS Directory Service
Amazon DynamoDB
Amazon EBS
Amazon EC2
Amazon ECR
Amazon ECS
Amazon EKS
AWS Elastic Beanstalk
Amazon Elastic File System
Elastic Load Balancing
Amazon ElastiCache
Amazon Elasticsearch Service
AWS Elemental MediaLive
AWS Elemental MediaPackage
AWS Elemental MediaTailor
Amazon EMR
Amazon FSx
Amazon S3 Glacier
AWS Glue
Amazon GuardDuty
Amazon Inspector
AWS IoT Analytics
AWS IoT Core
AWS IoT Device Defender
AWS IoT Device Management
AWS IoT Events
AWS IoT Greengrass
AWS IoT 1-Click
AWS IoT Things Graph
AWS Key Management Service
Amazon Kinesis
Amazon Kinesis Data Analytics
Amazon Kinesis Data Firehose
AWS Lambda
AWS License Manager
Amazon Machine Learning
Amazon MQ
Amazon MSK
Amazon Neptune
AWS OpsWorks
AWS Organizations
Amazon Quantum Ledger Database (QLDB)
Amazon RDS
Amazon Redshift
AWS Resource Access Manager
AWS Resource Groups
AWS RoboMaker
Amazon Route 53
Amazon Route 53 Resolver
Amazon S3 (buckets only)
Amazon SageMaker
AWS Secrets Manager
AWS Security Hub
AWS Service Catalog
Amazon Simple Email Service (SES)
Amazon Simple Notification Service (SNS)
Amazon Simple Queue Service (SQS)
Amazon Simple Workflow Service
AWS Step Functions
AWS Storage Gateway
AWS Systems Manager
AWS Transfer for SFTP
AWS WAF Regional
Amazon VPC
Amazon WorkSpaces