CloudFormation - Applying tags to other AWS resources

2
votes

I'm trying to understand the behavior of CloudFormation with respect to applying tags to the resources it creates.

As per their documentation - https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html

In addition to any tags you define, AWS CloudFormation automatically creates the following stack-level tags with the prefix aws::

aws:cloudformation:logical-id
aws:cloudformation:stack-id
aws:cloudformation:stack-name

I created a DynamoDB table from CloudFormation and I visited the DynamoDB console and selected the tags tab and couldn't find any specific tag being added. I also did not find the aws:cloudformation:logical:id tag being added.

I then tried to create a S3 bucket using CloudFormation. That seems to work and I was able to visit the S3 console and find the aws:cloudformation:logical-id tag for the S3 bucket.

Is this some kind of inconsistency? Is there any specific documentation I can follow to find the list of AWS resources to which CloudFormation applies the tags prefixed with aws: as mentioned in the documentation?

Any help would be appreciated. Thanks!

2
amazon-web-servicesamazon-cloudformation
I noticed the tags are not coming for ECS related resource as well.sayboras

2 Answers

1
votes

I've had to recently contact AWS Enterprise support about this

Commonly requested services that aren't receiving tags from cloud formation include

  • DynamoDB
  • Elasticache
  • IAM resources
  • ECS clusters
  • Cloudfront distributions
  • Glue jobs
  • SQS
  • Firehose Delivery stream

There is an internal feature request open, however their suggested action was to just manually tag the resources.

0
votes
  • Do you have any other resource besides DynamoDB in the same CFT? If yes, is that resource getting tagged by CF?
  • If you do not have any other resource, you may add an EC2 instance resource to validate if this is a resource specific issue or a template wide issue.
  • From what you posted, it seems that the stack creation is successful. Though it sounds silly, you may try once with the CLI - aws cloudformation create-stack --stack-name Name-of-your-stack --template-body file://your_template.json --tags Key=Name,Value=Your_Tag_Value --profile default --region region --capabilities CAPABILITY_NAMED_IAM
  • You can skip --capabilities CAPABILITY_NAMED_IAM if you do not have IAM resources in your CFT.
  • I have never experienced any issues tagging through CF, may want to check these sample templates.