Dynamic Tags

Dynamic Tags allow TagOps to automatically capture and apply metadata about the resource's context and creation as tags. Unlike constant tags, where the value is fixed, dynamic tags derive their values at runtime.

Supported Dynamic Tags

TagOps supports several built-in dynamic tags:

  • createdBy: The IAM principal (user or role) that created the resource. This is crucial for identifying resource ownership.
  • creationDate: The timestamp when the resource was created. Useful for lifecycle management and identifying aging resources.
  • region: The AWS region where the resource resides.
  • accountId: The AWS Account ID where the resource is located.

How It Works

Dynamic tags work through event-based discovery. When TagOps receives a CloudTrail event for a resource creation or modification, it extracts the relevant metadata directly from the event:

  • The createdBy tag is populated from the IAM principal (user or role) that initiated the action in the CloudTrail event
  • The creationDate tag is set from the event timestamp
  • The region and accountId tags are derived from the event's context

TagOps then automatically updates the resource tags with this metadata, ensuring that dynamic tag values are captured accurately at the time of resource creation or modification.

Use Cases

  • Ownership Tracking: Automatically tag every resource with Owner = ${createdBy} to ensure you always know who is responsible for a resource.
  • Aging & Cleanup: Use the creationDate tag to identify resources that have been running longer than expected (e.g., temporary development instances).
  • Cost Allocation: Combine dynamic tags with cost allocation tags to break down costs by creator or account.