tag_values

Type map(list(string))
Default null
Module tagging-policy

Allowed values for specific tag keys. Define constraints for tags that have a limited set of valid options (e.g., Environment = ["dev", "staging", "prod"]).

Value Constraints

Define allowed values for specific tag keys to enforce consistency and prevent typos or unauthorized values. This creates validation rules that can be used with AWS Organizations tag policies.

Common Constrained Tags

Tag KeyAllowed Values
Environmentdev, staging, prod
DataClassificationpublic, internal, confidential, restricted
CostCenterCompany-specific codes

Best Practices

  • Define allowed values for tags with limited valid options
  • Use lowercase values for consistency
  • Keep the value list manageable and well-documented
  • Coordinate with AWS Organizations tag policies

Example

module "tags" {
  source  = "registry.patterneddesigns.ca/standardnat/tagging-policy/aws"
  version = "1.1.0"

  required_tags = ["Environment", "DataClassification"]

  tag_values = {
    Environment = [
      "dev",
      "staging",
      "prod"
    ]
    DataClassification = [
      "public",
      "internal",
      "confidential",
      "restricted"
    ]
  }
}

Validation Rules

The module generates validation rules based on tag value constraints that can be exported and applied using AWS Organizations tag policies or custom validation tools.

Full Module Example

module "tagging_policy" {
  source  = "registry.patterneddesigns.ca/standardnat/tagging-policy/aws"
  version = "0.1.0"

  # tag_values
  tag_values = "..."

  # Other required inputs
}
Other Inputs
required_tags default_tags enforce_lowercase additional_tags