In this section, you learn how to attach, detach, and list tags on Datastream resources, such as private connectivity configurations, connection profiles, and streams. For an overview of tags on Datastream, see Access control with tags.
A tag is a key-value pair that can be attached to an organization, folder, or project. You can use tags to allow or deny policies conditionally based on whether a resource has a specific tag.
For example, you might want to specify production, test, and development environments for resources in your resource hierarchy. To do this, you would create a key for your tag that describes the tag that you're creating. For this example, you could create a key with the name
After creating the key, you can create the different values that the key can have. For this example, after you create the tag key named
env, you would specify that there are three potential environments, and create a value for each:
In addition to attaching, detaching, and listing tags on Datastream resources, you can use the API or
gcloud to perform the following actions to manage tags:
- Create a tag
- View a key for a tag
- Add values to the tag key
- Retrieve tag values
- Update tags
- List tag keys
- List tag values
- Delete tags
For more information on how to perform these actions through the API or
gcloud, see Creating and managing tags.
Before you begin
Tags are managed through the Resource Manager. You need the following Datastream identity and access management (IAM) permissions to view and set tags on Datastream resources:
Attach tags to Datastream resources
After you've created and defined a tag using Resource Manager, you can attach the tag directly to your Datastream resource.
- The tag value is
815471563813is the organization ID.
environmentis the tag key.
developmentis the tag value.
- Your project name is
- Your stream name is
- Your instance is in
gcloud command attaches the tag to a resource, in this case,
gcloud alpha resource-manager tags bindings create \ --tag-value=815471563813/environment/development \ --parent=//datastream.googleapis.com/projects/my-project/streams/my-stream \ --location=us-central1
Detach tags from Datastream resources
gcloud command detaches the tag from
gcloud alpha resource-manager tags bindings delete \ --tag-value=815471563813/environment/development \ --parent=//datastream.googleapis.com/projects/my-project/streams/my-stream \ --location=us-central1
List tags on Datastream resources
gcloud command lists all tags directly attached to
except tags that
my-stream has inherited:
gcloud alpha resource-manager tags bindings list \ --parent=//datastream.googleapis.com/projects/my-project/streams/my-stream \ --location=us-central1
- For an overview of tags on Datastream, see Access control with tags.
- For more detailed instructions about tags, see Attach tags to resources.