Ensure Transit gateway have a name tag

In order to control your VPC environment, all the components should have a meaningful name

Risk Level: Low
Cloud Entity: AWS Transit Gateway
CloudGuard Rule ID: D9.AWS.OPE.14
Covered by Spectral: Yes
Category: Networking & Content Delivery


TransitGateway should have tags contain [key like '%Name%']


From Portal
Perform the following to set a Name tag to your Transit Gateways:

  1. Open the Amazon VPC console at https://console.aws.amazon.com/vpc/.
  2. On the navigation pane, choose Transit Gateways.
  3. Choose the transit gateway for which to add or edit tags.
  4. Choose the Tags tab in the lower part of the page.
  5. Choose Manage tags.
  6. Choose Add new tag.
  7. Enter a Key and Value for the tag.
  8. Choose Save.

From TF

resource "aws_ec2_tag" "example" {
	resource_id = "Transit_gateway_id"
	key         = "Name"
	value       = "tag_value"

From Command Line

aws ec2 create-tags --resources transit_gateway_ID --tags tag_name


  1. https://docs.aws.amazon.com/vpc/latest/tgw/what-is-transit-gateway.html
  2. https://docs.aws.amazon.com/vpc/latest/tgw/tgw-transit-gateways.html
  3. https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-tags.html
  4. https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ec2_tag

AWS Transit Gateway

AWS Transit Gateway connects VPCs and on-premises networks through a central hub. This simplifies your network and puts an end to complex peering relationships. It acts as a cloud router ��� each new connection is only mad

Compliance Frameworks

  • AWS CloudGuard Best Practices
  • AWS CloudGuard SOC2 based on AICPA TSC 2017
  • AWS HITRUST v11.0.0
  • AWS ITSG-33
  • AWS NIST 800-53 Rev 5
  • CloudGuard AWS All Rules Ruleset