Vanta supports reading tags (called labels in GCP) from our various cloud provider integrations to populate different attributes of cloud resources, such as owner, description, user data, and scope. While these attributes can be set manually on the Inventory page or Connections page for scoping, these fields are not persistent and will disappear once the integration is disconnected. For this reason, we recommend using tags, as they are persistent and more scalable.
- View available tags by going to the Inventory page and selecting the View bulk tag button next to the search bar
- You should then see a list of available tags appear in the center of the screen. There are tabs for each cloud provider with examples of how to use each tag:
You can click the (i) to see additional information on what the expected value is for the specific tag:
We will provide the exact tag details below for your reference:
- This is the email address of the owner of the instance, and it should be set to the email address of a user that exists in Vanta. An owner will not be assigned if there is no user in Vanta with the email specified.
- This tag being present on a resource marks it as non-production. Having the value set to true will also mark a resource as non-production
- Vanta will mark the resource as out of scope once the tag is applied. Only apply this tag for non-production resources.
- This tag allows administrators to set a description for the instance or add any other descriptive information.
- Vanta does not read the value of this tag anymore. We only check if it exists.
- This tag allows administrators to define whether or not a resource contains user data (True/0) or if they do not contain user data (False/1).
- This tag allows administrators to define whether or not a resource contains electronic Protected Health Information (ePHI). It can be set to either (True/0) or if they do not contain ephi data (False/1).
- This tag is only available for customers who are using HIPAA standard
- This tag allows administrators to describe the type of user data the instance contains
- Administrators can add this tag to mark a resource as out of scope for their audit. If this tag is added, the administrator will need to set a reason for why it's not relevant to their audit.
Currently, Vanta does not support tags for Heroku resources.