Tags
Last modified on March 24, 2023
Tags are a form of metadata that can be applied to specific entities in StrongDM. Each Tag is a key and optional value pair.
StrongDM entities that support Tags:
Tag Details
- Maximum key length: 128 UTF-8 characters
- Maximum value length: 256 UTF-8 characters
- Maximum 50 tags per entity
- Allowed characters: letters, numbers, and spaces representable in UTF-8, and the following characters:
+ - = . _ : / @ - Case-sensitive:
team=StrongDMis different fromteam=strongdm - An entity can only have one value of a key at a time (If you have two tags
env=prodandenv=devyou can only assign one of them to a resource).
Tag Management
This article primarily focuses on Tag management through the CLI, but you can refer to the API docs for more info about managing tags via the API, and you can manually add and remove tags to and from resources in the Admin UI as well.
Reading Tags
When using list with the CLI, the right-most column will show current tags, if any, in a comma-separated list.
sdm admin servers list -e
Server ID <columns removed for clarity> Tags
rs-7bb96dd41d9ac70b <columns removed for clarity> auth=ssh-cert
rs-299c6d443f322956 <columns removed for clarity> creator=john,docs=true,env=support
-e to show extended information, like Tags.Creating Tags
You can add or update Tags with the flag --tags.
sdm admin users update --email user1@test.com --tags 'loc=US'
When adding multiple Tags, use a comma-separated list.
sdm admin datasources update postgres --id rs-0835300a78ea36a0 --tags 'region=west,env=production,os=linux'
To add a Tag without a value, leave the value out of the command.
sdm admin servers update rdp --id rs-299c6d443f322956 --tags 'region=,env=,os='
Updating Tags
In this example, we will use list to search for a specific User with a Filter, then run an update command to modify the loc Tag.
sdm admin users list --filter 'email:alice.glick@strongdm.com'
User ID First Name Last Name Email Tags
a-707fe3f43c34e1dc Alice Glick alice.glick@strongdm.com loc=US
We will use the same --tags flag we used to add the Tag, but this time we will supply a new value to the loc key.
sdm admin users update --email 'alice.glick@strongdm.com' --tags 'loc=EU'
Now we see the Tag with the new value.
sdm admin users list --filter 'email:alice.glick@strongdm.com'
User ID First Name Last Name Email Tags
a-707fe3f43c34e1dc Alice Glick alice.glick@strongdm.com loc=EU
Deleting Tags
Let’s start with a User that has 3 tags.
sdm admin users list --filter 'email:alice.glick@strongdm.com'
User ID First Name Last Name Email Tags
a-707fe3f43c34e1dc Alice Glick alice.glick@strongdm.com env=prod,loc=EU,team=docs
To remove a single Tag we will supply the --delete-tags flag, passing in the key of the Tag we wish to remove.
sdm admin users update --email alice.glick@strongdm.com --delete-tags 'loc'
To remove multiple Tags we will add the keys additional keys in a comma-separated format. Any keys that do not exist will simply be ignored.
sdm admin users update --email alice.glick@strongdm.com --delete-tags 'loc,env,team'
Lastly, to delete all Tags at once use the flag --delete-all-tags.
sdm admin users update --email alice.glick@strongdm.com --delete-all-tags
Chaining Commands
You can also combine these operations. For example, to delete all Tags and replace them with new tags:
sdm admin users update --email alice.glick@strongdm.com --delete-all-tags --tags 'a=1,b=2'