[ aws ]
This guide describes the API operations for the resource groups tagging.
A tag is a label that you assign to an AWS resource. A tag consists of a key and a value, both of which you define. For example, if you have two Amazon EC2 instances, you might assign both a tag key of “Stack.” But the value of “Stack” might be “Testing” for one and “Production” for the other.
Do not store personally identifiable information (PII) or other confidential or sensitive information in tags. We use tags to provide you with billing and administration services. Tags are not intended to be used for private or sensitive data.
Tagging can help you organize your resources and enables you to simplify resource management, access management and cost allocation.
You can use the resource groups tagging API operations to complete the following tasks:
Tag and untag supported resources located in the specified Region for the AWS account.
Use tag-based filters to search for resources located in the specified Region for the AWS account.
List all existing tag keys in the specified Region for the AWS account.
List all existing values for the specified key in the specified Region for the AWS account.
To use resource groups tagging API operations, you must add the following permissions to your IAM policy:
You’ll also need permissions to access the resources of individual services so that you can tag and untag those resources.
For more information on IAM policies, see Managing IAM Policies in the IAM User Guide .
Services that support the Resource Groups Tagging API *
You can use the Resource Groups Tagging API to tag resources for the following AWS services.