Standardizing Cloud Resource Tagging with terraform-null-tags

April 21, 2025 Johannes Girard 3 min read
DevOps Terraform IaC Cloud

Introduction

In multi-cloud environments, maintaining consistent resource tagging can be challenging. Tags are essential for resource organization, cost allocation, access control, and automation workflows. The terraform-null-tags module addresses this challenge by providing a cloud-agnostic solution for standardizing tags across all your infrastructure resources.

Why Resource Tagging Matters

Proper resource tagging offers numerous benefits:

  • Resource Organization: Easily identify and categorize resources by project, environment, team, or application
  • Cost Allocation: Track and attribute costs to specific business units, projects, or environments
  • Security & Compliance: Enforce security policies and compliance requirements based on resource tags
  • Automation: Build workflows that target resources based on tag values
  • Inventory Management: Create comprehensive resource inventories across multiple cloud providers

Without a consistent tagging strategy, organizations often face challenges with cost attribution, resource governance, and operational visibility.

Introducing terraform-null-tags

The terraform-null-tags module provides a standardized approach to managing tags for cloud resources. Key features include:

  • Cloud-agnostic: Works across AWS, Azure, GCP, and other providers that support resource tagging
  • Consistent schema: Implements a well-versioned tagging schema that’s easy to understand and maintain
  • Resource origin tracking: Enables understanding of where and how resources were created
  • Extensible: Supports custom tags while maintaining standardized core tags

Goals of the Module

  • Create a well-versioned tagging schema
  • Standardize tags across different resources and cloud providers
  • Define an easy-to-understand and maintain tagging schema
  • Enable resource origin tracking

Usage Examples

Basic Usage with GitHub

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12

module "tags" {
  source        = "CloudAtScale/tags/null"
  version       = "1.1.0"
  git_project_url = var.git_project_url
  team          = "MyAwesomeTeam"
  environment   = "MyAwesomeEnvironment"
  project_name  = "MyAwesomeProject"
  extra_tags    = {
    "extra_tag_1" = "extra_tag_1_value"
    "extra_tag_2" = "extra_tag_2_value"
  }
}

For GitHub Actions, use:

1
2

env:
  TF_VAR_git_project_url: ${{ github.repository }}

AWS Provider Integration

1
2
3
4
5
6

provider "aws" {
  region = "us-west-2"
  default_tags {
    tags = module.tags.all_tags
  }
}

Note: Most AWS resources support 50 tags per resource, but some resources like AWS S3 Objects support only 10 tags. Check the AWS documentation for resource-specific limits.

GitLab Integration

When using GitLab, specify the VCS provider:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14

module "tags" {
  source          = "CloudAtScale/tags/null"
  version         = "1.1.0"
  vcs_provider    = "gitlab"
  git_project_url = var.git_project_url
  gitlab_project_id = var.gitlab_project_id
  team            = "MyAwesomeTeam"
  environment     = "MyAwesomeEnvironment"
  project_name    = "MyAwesomeProject"
  extra_tags      = {
    "extra_tag_1" = "extra_tag_1_value"
    "extra_tag_2" = "extra_tag_2_value"
  }
}

For GitLab CI, use:

1
2
3

variables:
  TF_VAR_git_project_url: $CI_PROJECT_URL
  TF_VAR_gitlab_project_id: $CI_PROJECT_ID

Module Outputs

All tags are returned in a map that can be used with various cloud providers:

1
2
3
4
5
6
7
8

{
  "ProjectName": "MyAwesomeProject",
  "Owner:Team": "MyAwesomeTeam",
  "Environment": "MyAwesomeEnvironment",
  "extra_tag_1": "extra_tag_1_value",
  "extra_tag_2": "extra_tag_2_value",
  "Compliance:TaggingSchemaVersion": "1.0.0"
}

Required Inputs

NameDescriptionTypeRequired
environmentEnvironment namestringyes
git_project_urlGit project urlstringyes
project_nameProject namestringyes
teamTeam namestringyes

Optional Inputs

NameDescriptionTypeDefaultRequired
delimiterDelimiter between prefix and keystring“:”no
extra_tagsExtra tags to addmap(string){}no
gitlab_project_idGitLab project IDnumbernullno
vcs_providerVCS providerstring“github”no

Implementing a Tagging Strategy

When implementing a tagging strategy with this module, consider:

  1. Standardize tag keys: Use consistent naming conventions for tag keys
  2. Document tag usage: Create documentation explaining the purpose and expected values for each tag
  3. Automate enforcement: Use CI/CD pipelines to validate tag compliance
  4. Review regularly: Periodically review your tagging strategy to ensure it meets evolving needs

Conclusion

The terraform-null-tags module provides a simple yet powerful solution for implementing a consistent tagging strategy across multiple cloud providers. By standardizing your approach to resource tagging, you can improve resource management, cost allocation, and operational visibility in your cloud environments.

We encourage you to try the module in your Terraform projects and contribute to its development on GitHub.

Share this post:

Twitter

LinkedIn

Facebook

Johannes Girard

Johannes Girard

Technical Writer

DevOps specialists focused on automating cloud deployments and optimizing infrastructure as code processes.

Related Posts

Why Release Automation Matter?

Feb 24, 2025

1. Introduction Release automation is a software engineering process that …

Table of Contents

Tags

DevOps Terraform IaC Cloud

Recent Posts

Why Release Automation Matter?

Feb 24, 2025