For AI agents: A markdown version of this page is available at https://docs.datadoghq.com/security/code_security/iac_security/iac_rules/terraform/gcp/team_label_not_present.md.
A documentation index is available at /llms.txt.
To ensure accountability and efficient resource management, every cloud resource should include a team label identifying ownership. Without this label, as shown in the example below, resources may lack clear ownership, making it difficult to track responsibility for maintenance, cost allocation, or incident response:
resource "google_bigtable_instance" "example" {
name = "my-instance"
}
Properly labeling resources with a team tag, as in the following example, improves governance and accountability:
labels = {
team = "DevOps"
}
Neglecting this can lead to orphaned resources, wasted spend, and slower incident resolution due to unclear points of contact.
Compliant Code Examples
# ✅ "team" label is not a valid attribute for this resource type
resource"google_container_cluster""good_example"{name="marcellus-wallace"location="us-central1-a"initial_node_count=3monitoring_service="monitoring.googleapis.com"timeouts{create="30m"update="40m"}}
resource"google_compute_instance""good_example"{name="good-instance"machine_type="e2-medium"zone="us-central1-a"boot_disk{initialize_params{image="debian-cloud/debian-10"}}network_interface{network="default"}labels={Team="DevOps" # ✅ "Team" tag is present
environment="prod"}}
resource"google_compute_instance""good_example"{name="good-instance"machine_type="e2-medium"zone="us-central1-a"boot_disk{initialize_params{image="debian-cloud/debian-10"}}network_interface{network="default"}labels={team="DevOps" # ✅ "team" tag is present
environment="prod"}}
