Autoscaling groups did not supply tags to launch configurations
Description
This rule detects whether autoscaling groups supply tags to their launch configurations. Tags provide several benefits: they enable tag-based access control through conditions in your IAM policies, they aid in identifying and organizing AWS resources, and they allow for resource-level permissions in your Amazon EC2 Auto Scaling identity-based policies. By tagging resources, you can apply the same tag across different AWS services to indicate related resources, and gain fine-grained control over which resources users can manage.
Code Example
go
resource "aws_autoscaling_group" "example" {
...
+ tags = concat(
[
{
"key" = "interpolation1"
"value" = "value3"
"propagate_at_launch" = true
},
...
]
)
}Remediation
Terraform
- Resource: aws_autoscaling_group
- Arguments: launch_configuration, tags
To mitigate this issue, ensure that the `aws_autoscaling_group` resource includes the `tag` or `tags` attribute with appropriate key-value pairs.
Rule Details
| Field | Value |
|---|---|
| ID | IAC-0202 |
| Severity | LOW |
| IaC Type | Terraform |
| Frameworks | Terraform, TerraformPlan |
| Checkov ID | CKV_AWS_153 |