Service Resource Tag List
A comprehensive overview of resources that aid in the discovery and remediation of tagging across all cloud providers.
Please refer to the tables listed below to get an overview of which resources are supported as part of inventory discovery and remediation via the Tag Governance feature in the platform.
Note:
Tag remediation is not available for all resources, which is why some are not listed here.
AWS
| Service Name | Resource Category | Resource Type | Resource |
|---|---|---|---|
| AWS | Compute | EC2 | Key Pairs |
| AWS | Storage | EBS | Volumes |
| AWS | Compute | EC2 | Instances |
| AWS | Storage | EBS | Snapshots |
| AWS | Compute | EC2 | Security_Groups |
| AWS | Compute | EC2 | Elastic IPs |
| AWS | Compute | EC2 | Own_Private_Images |
| AWS | Compute | EC2 | Shared Private Images |
| AWS | Network | VPC | Network_Interfaces |
| AWS | Network | VPC | Subnets |
| AWS | Network | VPC | VPC |
| AWS | Network | VPC | Route_Tables |
| AWS | Network | VPC | Internet_Gateways |
| AWS | Network | VPC | Egress_Only_Internet_Gateways |
| AWS | Network | VPC | DHCP_Options |
| AWS | Network | VPC | Vpc_Endpoints |
| AWS | Network | VPC | Vpc_Endpoint_Services |
| AWS | Network | VPC | Nat_Gateways |
| AWS | Network | VPC | Vpc_Peering_Connections |
| AWS | Network | VPC | Network_Acls |
| AWS | Network | VPN | Customer_Gateways |
| AWS | Network | VPN | VPN_Gateways |
| AWS | Network | VPN | Site-to-Site_VPN_Connections |
| AWS | Network | VPN | Client_VPN_Endpoints |
| AWS | Network | VPC | Transit_Gateways |
| AWS | Network | VPC | Transit_Gateway_Route_Tables |
| AWS | Network | Traffic_Mirroring | Mirror_Sessions |
| AWS | Network | Traffic_Mirroring | Mirror_Target |
| AWS | Network | VPC | Transit_Gateway_Attachments |
| AWS | Storage | S3 | Buckets |
| AWS | Machine_Learning | Amazon_Bedrock | Bedrock_Model_Customization_Jobs |
| AWS | Machine_Learning | Amazon_Bedrock | Bedrock_Custom_Models |
| AWS | Container | ECS | Cluster |
| AWS | Container | ECS | Cluster_Task |
| AWS | Container | ECS | Cluster_Service |
| AWS | Container | ECS | Container_Instances |
| AWS | Identity | IAM | IAM_LocalManagedPolicy |
| AWS | Identity | IAM | IAM_Users |
| AWS | Identity | IAM | IAM_Roles |
| AWS | Compute | EC2 | Load_Balancers |
| AWS | Compute | EC2 | Classic_Load_Balancers |
| AWS | Compute | EC2 | Reserved_Instances |
| AWS | Application_Integration | SNS | Topics |
| AWS | Compute | Lambda | Functions |
| AWS | Compute | EC2 | Spot_Fleet_Requests |
| AWS | Compute | EC2 | Spot_Instance_Requests |
| AWS | Databases | RDS | Databases |
| AWS | Databases | RDS | DB_Snapshots |
| AWS | Databases | RDS | Reserved_DBInstances |
| AWS | Databases | RDS | Subnet_Groups |
| AWS | Databases | RDS | Parameter_Groups |
| AWS | Databases | RDS | Option_Groups |
| AWS | Databases | RDS | DB_SecurityGroups |
| AWS | Databases | RDS | DBClusterSnapshot |
| AWS | Databases | RDS | DB_Cluster |
| AWS | Databases | Neptune | Neptune_DB_Cluster |
| AWS | Databases | Neptune | DBParameterGroup |
| AWS | Databases | Neptune | DBClusterParameterGroup |
| AWS | Databases | Neptune | DBSubnetGroup |
| AWS | Databases | Neptune | DBInstance |
| AWS | Databases | Neptune | DBClusterSnapshot |
| AWS | Databases | Amazon_DocumentDB | DocumentDB_Cluster |
| AWS | Databases | Amazon_DocumentDB | DocumentDB_ClusterSnapshot |
| AWS | Databases | Amazon_DocumentDB | DocumentDB_SubnetGroup |
| AWS | Databases | Amazon_DocumentDB | DocumentDB_ClusterParameterGroup |
| AWS | Databases | Amazon_DocumentDB | DocumentDB_EventSubscription |
| AWS | Content_Delivery | CloudFront | Web_Distributions |
| AWS | Content_Delivery | CloudFront | Streaming_Distributions |
| AWS | Network | Route53 | Hosted_Zones |
| AWS | Network | Route53 | Health_Checks |
| AWS | Databases | ElastiCache | Cache_SecurityGroups |
| AWS | Databases | ElastiCache | Cache_ParameterGroups |
| AWS | Databases | ElastiCache | Cache_SubnetGroups |
| AWS | Databases | ElastiCache | Cache_Clusters |
| AWS | Databases | ElastiCache | Reserved_CacheNodes |
| AWS | Databases | ElastiCache | CacheCluster_Snapshots |
| AWS | Databases | Redshift | Redshift_Clusters |
| AWS | Databases | Redshift | Redshift_Cluster_Snapshots |
| AWS | Databases | Redshift | Cluster_SubnetGroups |
| AWS | Databases | Redshift | Cluster_SecurityGroups |
| AWS | Databases | Redshift | Redshift_Usage_Limits |
| AWS | Compute | Lightsail | Lightsail_Instances |
| AWS | Compute | Lightsail | Lightsail_Databases |
| AWS | Compute | Lightsail | Lightsail_DatabaseSnapshots |
| AWS | Compute | Lightsail | Lightsail_StaticIps |
| AWS | Compute | Lightsail | Lightsail_Storages |
| AWS | Compute | Lightsail | Lightsail_InstanceSnapshots |
| AWS | Compute | Lightsail | Lightsail_LoadBalancers |
| AWS | Compute | Lightsail | Lightsail_DiskSnapshots |
| AWS | Compute | Lightsail | Lightsail_Domains |
| AWS | Governance | AWS_Config | AWS:EC2:FlowLog |
| AWS | Governance | AWS_Config | AWS:Redshift:ClusterParameterGroup |
| AWS | Governance | AWS_Config | AWS:Redshift:EventSubscription |
| AWS | Governance | AWS_Config | AWS:WAF:RateBasedRule |
| AWS | Governance | AWS_Config | AWS:WAFRegional:RateBasedRule |
| AWS | Governance | AWS_Config | AWS:WAFRegional:Rule |
| AWS | Governance | AWS_Config | AWS:WAFRegional:RuleGroup |
| AWS | Governance | AWS_Config | AWS:CodePipeline:Pipeline |
| AWS | Governance | AWS_Config | AWS:ServiceCatalog:CloudFormationProduct |
| AWS | Governance | AWS_Organizations | Accounts |
| AWS | Governance | Cloudwatch | Alarm_Configurations |
| AWS | End_User_Computing | Workspaces | Workspaces |
| AWS | End_User_Computing | Workspaces | Directories |
| AWS | End_User_Computing | Workspaces | Custom_Bundles |
| AWS | End_User_Computing | Workspaces | Images |
| AWS | End_User_Computing | AppStream | Stack |
| AWS | End_User_Computing | AppStream | Fleet |
| AWS | Identity | Directory | Directories |
| AWS | Network | AWS_Direct_Connect | Connection |
| AWS | Network | AWS_Direct_Connect | Virtual_Interface |
| AWS | Network | AWS_Direct_Connect | Virtual_Gateways |
| AWS | Storage | EFS | File_systems |
| AWS | Compute | Elastic_Beanstalk | Environment |
| AWS | Compute | Elastic_Beanstalk | Application |
| AWS | Databases | DynamoDB | Table |
| AWS | Compute | EKS | Kubernetes_Cluster |
| AWS | Compute | EKS | NodeGroups |
| AWS | Governance | AutoScaling | AutoScaling_Groups |
| AWS | Network | APIGateway | ApiGateway_RestApi |
| AWS | Analytics | Kinesis | Stream |
| AWS | Security_Compliance | Key_Management_Service | Key |
| AWS | Security_Compliance | Secrets_Manager | Secret |
| AWS | Governance | CloudTrail | Trail |
| AWS | Governance | Systems_Manager | Parameter |
| AWS | Governance | Systems_Manager | Document |
| AWS | Governance | Cloudformation | Stack |
| AWS | Security_Compliance | WAF | WebACL |
| AWS | Security_Compliance | WAF | RuleGroups |
| AWS | Security_Compliance | WAF | RegexPatterns |
| AWS | Security_Compliance | WAF | IPSets |
| AWS | Governance | Service_Catalog | Portfolio |
| AWS | Migration | Transfer_Family | Servers |
| AWS | Security_Compliance | Cognito | UserPool |
| AWS | Security_Compliance | Cognito | IdentityPool |
| AWS | Analytics | Athena | WorkGroup |
| AWS | Developer_Tools | CodeBuild | Project |
| AWS | Analytics | EMR | Clusters |
| AWS | Storage | AWS_Backup | BackupVault |
| AWS | Databases | Amazon_QLDB | Ledger |
| AWS | Application_Integration | Amazon_MQ | Broker |
| AWS | Machine_Learning | Amazon_SageMaker | NotebookInstance |
| AWS | Machine_Learning | Amazon_SageMaker | Training_Jobs |
| AWS | Machine_Learning | Amazon_SageMaker | Endpoint |
| AWS | Machine_Learning | Amazon_SageMaker | Pipelines |
| AWS | Machine_Learning | Amazon_SageMaker | Domain |
| AWS | Machine_Learning | Amazon_SageMaker | HyperParameter_Tuning_Job |
| AWS | Machine_Learning | Amazon_SageMaker | Model |
| AWS | Machine_Learning | Amazon_SageMaker | Endpoint_Config |
| AWS | Machine_Learning | Amazon_SageMaker | Transform_Job |
| AWS | Machine_Learning | Amazon_SageMaker | Image |
| AWS | Machine_Learning | Amazon_SageMaker | Algorithm |
| AWS | Machine_Learning | Amazon_SageMaker | Cluster |
| AWS | Machine_Learning | Amazon_SageMaker | Compilation_Job |
| AWS | Machine_Learning | Amazon_SageMaker | Project |
| AWS | Application_Integration | Step_Functions | Activity |
| AWS | Application_Integration | Step_Functions | StateMachine |
| AWS | Analytics | AWS_Glue | Crawler |
| AWS | Analytics | AWS_Glue | Job |
| AWS | Analytics | AWS_AppSync | AppSync_API |
| AWS | Machine_Learning | Amazon_Lex | Bots |
| AWS | Analytics | Data_Pipeline | Pipeline |
| AWS | Analytics | MSK | Kafka_Cluster |
| AWS | Compute | Batch | ComputeEnvironment |
| AWS | Compute | Batch | JobQueue |
| AWS | Compute | Batch | JobDefinition |
| AWS | Governance | Cloudwatch | Synthetic-Canaries |
| AWS | Compute | ECR_private_repository | Repository_private |
| AWS | Databases | DMS | ReplicationTasks |
| AWS | Databases | DMS | ReplicationSubnetGroups |
| AWS | Databases | DMS | ReplicationInstances |
| AWS | Databases | DMS | EventSubscriptions |
| AWS | Databases | DMS | Certificates |
| AWS | Databases | DMS | Endpoints |
| AWS | Developer_Tools | AWS_XRay | Groups |
| AWS | Developer_Tools | AWS_XRay | Sampling_Rules |
| AWS | Security_Compliance | GuardDuty | Detector |
| AWS | Security_Compliance | Certificate_Manager | Certificate |
| AWS | Storage | Fsx | FileSystem |
| AWS | Storage | Fsx | Backups |
| AWS | Developer_Tools | CodeArtifact | Domains |
| AWS | Storage | Storage_Gateway | Gateway |
| AWS | Network | Route53_Resolver | Resolver_Outbound_Endpoint |
| AWS | Network | Route53_Resolver | Resolver_Inbound_Endpoint |
| AWS | Network | Route53_Resolver | Resolver_Endpoint_Rule |
| AWS | Compute | EC2 | Host |
| AWS | Governance | Cloudwatch | LogStream |
| AWS | Security_Compliance | Certificate_Manager | Private_Certificate_Authority |
| AWS | Management_Tools | Resource_Groups | Saved_Resource_Groups |
| AWS | Customer_Engagement | SES | Configuration_Set |
| AWS | Machine_Learning | Amazon_Bedrock | Bedrock_Agents |
| AWS | Machine_Learning | Amazon_Bedrock | Bedrock_Knowledge_Bases |
Azure
| Service Name | Resource Category | Resource Type | Resource |
|---|---|---|---|
| Azure | Compute | Images | Images |
| Azure | Compute | Virtual_Machines | Virtual_Machine_Scale_Sets |
| Azure | Compute | Virtual_Machines | Virtual_Machines |
| Azure | Compute | Virtual_Machines | Virtual_Machines_Extensions |
| Azure | Compute | Others | Availability_Sets |
| Azure | Web | App_Services | Web_Apps |
| Azure | Web | App_Services | Appservice_Plan |
| Azure | Container | Container_Registry | Replication |
| Azure | Container | Container_Instances | Container_Groups |
| Azure | Container | Azure_Kubernetes_Service | Cluster |
| Azure | Container | Azure_Kubernetes_Service | Agent_Pools |
| Azure | Network | Virtual_Networks | DDoS_Protection_Plan |
| Azure | Network | Virtual_Networks | Nat_Gateways |
| Azure | Databases | Servers | PGSQL |
| Azure | Databases | Servers | Elastic_Pools |
| Azure | Databases | Databases | MS-SQL_DB |
| Azure | Storage | Accounts | Storage_Accounts |
| Azure | Compute | Resource_Group | Resource_Groups |
| Azure | Integration | API_Management | Service_List |
| Azure | Analytics | Data_Factory | Factories |
| Azure | Network | Express_Route | Express_Route_Circuits |
| Azure | Integration | Logic_Apps | Workflows |
| Azure | Integration | Logic_Apps | Integration_Account |
| Azure | Databases | Cosmos_DB | Database_Accounts |
| Azure | IoT | Stream_Analytics | Jobs |
| Azure | Network | Virtual_WAN | Virtual_WAN |
| Azure | Security | Key_Vault | Vaults |
| Azure | Network | Firewall | Azure_Firewall |
| Azure | Network | Front_Door | Front_Doors |
| Azure | Web | CDN | Profiles |
| Azure | Web | CDN | Profile_Endpoints |
| Azure | Databases | Azure_Cache_Redis | Redis |
| Azure | Databases | Azure_Cache_Redis | Redis_Enterprise |
| Azure | Management_Tools | Automation | Automation_Account |
| Azure | Management_Tools | Automation | Runbook |
| Azure | Analytics | Event_Hubs | Event_Hub_Namespaces |
| Azure | Integration | Service_bus | Service_Bus_Namespaces |
| Azure | Analytics | Azure_Synapse_Analytics | Azure_Synapse_Analytics |
| Azure | Analytics | Azure_Synapse_Analytics | Azure_Synapse_SQL_Pools |
| Azure | Databases | Azure_SQL_Managed_Instance | SQL_Managed_Instances |
| Azure | Databases | Azure_SQL_Managed_Instance | SQL_Managed_Instances_DB |
| Azure | IoT | Event_Grid | Topics |
| Azure | Analytics | Azure_Databricks | Databricks_Workspaces |
| Azure | Databases | Azure_Database_Migration_Service | Azure_Database_Migration_Service |
| Azure | AI_Machine_Learning | Azure_Machine_Learning | Workspaces |
| Azure | AI_Machine_Learning | Azure_Machine_Learning | Endpoints |
| Azure | AI_Machine_Learning | Azure_Machine_Learning | Deployments |
| Azure | AI_Machine_Learning | Azure_AI_Services | Azure_OpenAI |
| Azure | MachineLearning | Bot_Services | Bot_Services |
| Azure | IoT | IoT_Hub | IoT_Hub |
| Azure | Network | Azure_Private_Link | Private_Endpoint |
| Azure | Network | Network_Watcher | Watcher |
| Azure | Compute | Virtual_Machines | Azure_Arc_Virtual_Machines |
| Azure | Management_Tools | Azure_Monitor | Alerts_Config |
| Azure | Analytics | Log_Analytics_Workspaces | Workspaces |
| Azure | Management_Tools | Azure_Monitor | Workbooks |
| Azure | Network | Public_IP | Public_IP_Prefixes |
| Azure | Compute | Restore_Point | Restore_Point_Collection |
| Azure | Databases | Servers | MariaDB |
| Azure | Management_Tools | Desktop_Virtualization | HostPools |
| Azure | Management_Tools | Desktop_Virtualization | Application_Groups |
| Azure | Network | DNS_Forwarding_Rulesets | DNS_Forwarding_Rulesets |
| Azure | Network | DNS_Resolvers | DNS_Resolvers |
| Azure | Network | DNS_Resolvers | Resolver_Inbound_Endpoints |
| Azure | Network | DNS_Resolvers | Resolver_Outbound_Endpoints |
| Azure | Network | Private_DNS_Zones | Private_DNS_Zones |
| Azure | Network | Private_DNS_Zones | Private_DNS_Zone_Network_Links |
| Azure | Network | DNS_Zones | DNS_Zones |
| Azure | Storage | File_Storage | NetApp |
| Azure | Storage | File_Storage | Capacity_Pools |
| Azure | Databases | Servers | PGSQL_Flexi_Servers |
| Azure | Databases | Servers | MySQL_Flexi_Servers |
| Azure | Analytics | Analysis_Services | Analysis_Services_Servers |
| Azure | Network | Virtual_Networks | Bastion_Hosts |
GCP
| Service Name | Resource Category | Resource Type | Resource |
|---|---|---|---|
| GCP | Compute | Compute_Engine | VM_Instances |
| GCP | Compute | Compute_Engine | Disks |
| GCP | Compute | Compute_Engine | Images |
| GCP | Compute | Compute_Engine | Snapshots |
| GCP | Storage | Bucket | Buckets |
| GCP | Networking | VPC | External_Vpn_Gateways |
| GCP | Networking | VPC | Global_Addresses |
| GCP | Compute | App_Engine | Services |
| GCP | Databases | Bigtable | Bigtable_Instances |
| GCP | Databases | Spanner | Spanner_Instances |
| GCP | Databases | SQL | SQL_Instances |
| GCP | Storage | FileStore | FileStore_Instances |
| GCP | Storage | FileStore | FileStore_Enterprise_Instances |
| GCP | Compute | Compute_Engine | Cloud_Function_List |
| GCP | Compute | Compute_Engine | Address |
| GCP | Compute | Compute_Engine | Cloud_Run_Services |
| GCP | Big_Data | Composer | Environments |
| GCP | Databases | Memory_Store | Redis |
| GCP | Big_Data | Pub_Sub | Subscriptions |
| GCP | Compute | Kubernetes_Engine | Clusters |
| GCP | Big_Data | Big_Query | Datasets |
| GCP | Big_Data | Big_Query | Tables |
| GCP | Databases | Memory_Store | Memcached |
| GCP | Storage | Storage_Disks | Regional_Disks |
| GCP | Security_Compliance | Key_Management_Service | Crypto_Keys |
| GCP | Big_Data | Dataproc | Metastore_Service |
| GCP | Big_Data | Data_Fusion | Data_Fusion_Instances |
| GCP | Security | Certificate_Authority_Service | CA_Pools |
| GCP | Security | Certificate_Authority_Service | Certificate_Authority |
| GCP | Security | Certificate_Authority_Service | Certificate_Templates |
| GCP | CI_CD | Artifact_Registry | Repositories |
| GCP | Tools | Deployment_Manager | Deployments |
| GCP | Analytics | Healthcare | Healthcare_Consent_Data_Stores |
| GCP | Analytics | Healthcare | Healthcare_Dicom_Data_Stores |
| GCP | Analytics | Healthcare | Healthcare_Fhir_Data_Stores |
| GCP | Analytics | Healthcare | Healthcare_Hl7V2_Data_Stores |
OCI
| Service Name | Resource Category | Resource Type | Resource |
|---|---|---|---|
| OCI | Compute | Compute | Instances |
| OCI | Compute | Compute | Dedicated_VM_Host |
| OCI | Compute | Compute | Instance_Configuration |
| OCI | Compute | Compute | Instance_Pools |
| OCI | Compute | Compute | Images |
| OCI | Developer_Services | Containers | Container_Repository |
| OCI | Analytics_AI | Data_Lake | Data_Flow |
| OCI | Networking | DNS_Management | Zones |
| OCI | Networking | DNS_Management | Private_Zones |
| OCI | Developer_Services | Functions | Applications |
| OCI | Identity_Security | Identity | Users |
| OCI | Identity_Security | Identity | Groups |
| OCI | Identity_Security | Identity | Policies |
| OCI | Identity_Security | Identity | Domains |
| OCI | Networking | Load_Balancers | Load_Balancer |
| OCI | Networking | Virtual_Cloud_Networks | VCN |
| OCI | Networking | Customer_Connectivity | Dynamic_Routing_Gateway |
| OCI | Networking | Virtual_Cloud_Networks | Internet_Gateway |
| OCI | Networking | Virtual_Cloud_Networks | LocalPeeringGateways |
| OCI | Networking | Virtual_Cloud_Networks | Security_Lists |
| OCI | Networking | Virtual_Cloud_Networks | NetworkSecurityGroups |
| OCI | Networking | Customer_Connectivity | Fast_Connect |
| OCI | Networking | Ip_Management | Reserved_Publics_IPs |
| OCI | Networking | Virtual_Cloud_Networks | Subnets |
| OCI | Networking | Virtual_Cloud_Networks | Nat_Gateways |
| OCI | Oracle_DataBase | BareMetal_VM_Exadata | ExaData_infrastructure |
| OCI | Oracle_DataBase | BareMetal_VM_Exadata | ExaData_VM_Clusters |
| OCI | Storage | File_Storage | File_Systems |
| OCI | Storage | File_Storage | Mount_Targets |
| OCI | Storage | Block_Storage | Block_Volumes |
| OCI | Storage | Block_Storage | Block_VolumeBackups |
| OCI | Identity_Security | Web_Application_Firewall | Waf_Policy |
| OCI | Databases | MySQL | DB_Systems |
| OCI | Databases | MySQL | Backups |
| OCI | Identity_Security | Web_Application_Firewall | Firewall |
| OCI | Storage | Object_Storage | Buckets |
| OCI | Observability_and_Management | Logging | Log_Groups |
| OCI | Observability_and_Management | Logging | Unified_Agent_Configurations |
| OCI | Observability_and_Management | Logging | Service_Connectors |
| OCI | Identity_Security | Web_Application_Firewall | Waf_Policies |
| OCI | Identity_Security | Web_Application_Firewall | Network_Address_List |
| OCI | Analytics_AI | Data_Science | Data_Science_Private_Endpoints |
| OCI | Databases | Autonomous_Databases | Autonomous_Database |
| OCI | Migration_and_Disaster_Recovery | Disaster_recovery | DR_Protection_Groups |
| OCI | Identity_Security | Key_Secret_Management | Vaults |
| OCI | Identity_Security | Key_Secret_Management | Private_Endpoints |
Updated 5 months ago