How do I pull my EC2 tags without using the AWS integration ?

In order to pull AWS tags for an EC2 instance through the datadog agent follow these steps:

  1. Create a IAM role for the instance using this documentation
  2. For the policy section, specify the following permissions:  "ec2:Describe*", "ec2:Get*"
  3. In datadog.conf set collect_ec2_tags: true
  4. Optional: add the security-groups tag by enabling this option
  5. Restart the agent

Note:  This option will will not set tags like availability_zone, region, or instance_type, which are only available by pulling in the EC2 host through the AWS integration. This will only pull in the custom tags that have been set on the EC2 host under the "Tags" tab in your AWS console.


Have more questions? Submit a request


  • 0
    Sarah Zaporta

    Occasionally, the tags will get thrown into [trace-ignore], instead of [Main].

     Customer has come up with this fix to put everything back in its place:
    sudo sed -i '1 a collect_ec2_tags: yes\nrole: <your-role-goes-here>\n' /etc/dd-agent/datadog.conf

    Edited by Sarah Zaporta
Please sign in to leave a comment.
Powered by Zendesk