Amazon Data Firehose was previously known as Amazon Kinesis Data Firehose
Tagging Your Firehose streams in Amazon Data Firehose
You can assign your own metadata to Firehose streams that you create in Amazon Data Firehose in the form of tags. A tag is a key-value pair that you define for a stream. Using tags is a simple yet powerful way to manage AWS resources and organize data, including billing data.
Topics
Tag Basics
You can use the Amazon Data Firehose API to complete the following tasks:
-
Add tags to a Firehose stream.
-
List the tags for your Firehose streams.
-
Remove tags from a Firehose stream.
You can use tags to categorize your Firehose streams. For example, you can categorize Firehose streams by purpose, owner, or environment. Because you define the key and value for each tag, you can create a custom set of categories to meet your specific needs. For example, you might define a set of tags that helps you track Firehose streams by owner and associated application.
The following are several examples of tags:
-
Project:Project name -
Owner:Name -
Purpose: Load testing -
Application:Application name -
Environment: Production
If you specify tags in the CreateDeliveryStream action, Amazon Data Firehose
performs an additional authorization on the
firehose:TagDeliveryStream action to verify if users have
permissions to create tags. If you do not provide this permission, requests to
create new Firehose delivery streams with IAM resource tags will fail with an
AccessDeniedException such as following.
AccessDeniedException User: arn:aws:sts::x:assumed-role/x/x is not authorized to perform: firehose:TagDeliveryStream on resource: arn:aws:firehose:us-east-1:x:deliverystream/x with an explicit deny in an identity-based policy.
The following example demonstrates a policy that allows users to create a delivery stream and apply tags.
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": "firehose:CreateDeliveryStream", "Resource": "*", } }, { "Effect": "Allow", "Action": "firehose:TagDeliveryStream", "Resource": "*", } } ] }
Tracking Costs Using Tagging
You can use tags to categorize and track your AWS costs. When you apply tags to your AWS resources, including Firehose streams, your AWS cost allocation report includes usage and costs aggregated by tags. You can organize your costs across multiple services by applying tags that represent business categories (such as cost centers, application names, or owners). For more information, see Use Cost Allocation Tags for Custom Billing Reports in the AWS Billing User Guide.
Tag Restrictions
The following restrictions apply to tags in Amazon Data Firehose.
Basic restrictions
-
The maximum number of tags per resource (stream) is 50.
-
Tag keys and values are case-sensitive.
-
You can't change or edit tags for a deleted stream.
Tag key restrictions
-
Each tag key must be unique. If you add a tag with a key that's already in use, your new tag overwrites the existing key-value pair.
-
You can't start a tag key with
aws:because this prefix is reserved for use by AWS. AWS creates tags that begin with this prefix on your behalf, but you can't edit or delete them. -
Tag keys must be between 1 and 128 Unicode characters in length.
-
Tag keys must consist of the following characters: Unicode letters, digits, white space, and the following special characters:
_ . / = + - @.
Tag value restrictions
-
Tag values must be between 0 and 255 Unicode characters in length.
-
Tag values can be blank. Otherwise, they must consist of the following characters: Unicode letters, digits, white space, and any of the following special characters:
_ . / = + - @.
Tagging Firehose streams Using the Amazon Data Firehose API
You can specify tags when you invoke CreateDeliveryStream to create a new Firehose stream. For existing delivery streams, you can add, list, and remove tags using the following three operations:
