- 필수 기능
- 앱 내
- 서비스 관리
- 인프라스트럭처
- 애플리케이션 성능
- 디지털 경험
- 소프트웨어 제공
- 보안
- 로그 관리
- 관리
- 인프라스트럭처
- ci
- containers
- csm
- ndm
- otel_guides
- overview
- slos
- synthetics
- tests
- 워크플로
You can use resource tags to create filters that include or exclude resources from being evaluated by Cloud Security Management (CSM). The filters must be specified as a comma-separated list of key:value
pairs.
Notes:
Format | Value |
---|---|
Allowlist | key:value |
Blocklist | !key:value |
Single character wildcard | ? |
Multiple characters wildcard | * |
The allowlist enables you to specify tags that must be applied to a resource in order for CSM to evaluate it. Allowlist tags are evaluated as OR statements. In other words, at least one of the allowlist tags must be present in order for a resource to be evaluated. In contrast, blocklisted tags are evaluated as AND statements and take precedence over allowlist tags.
Examples:
!env:staging
excludes resources that have the env:staging
tag.datadog:monitored, env:prod*
collects metrics for resources that have at least one of these tags.!env:staging, !testing
excludes resources that have both the env:staging
and testing
tags.datadog:monitored !region:us-east1
collects metrics for resources that have the datadog:monitored
tag, so long as the resource does not have the region:us-east1
tag applied to it.key:value
pairs for the tags you want to allowlist or blocklist.key:value
pairs for the tags you want to allowlist or blocklist.key:value
pairs for the tags you want to allowlist or blocklist.Additional helpful documentation, links, and articles: