docs: add Resource Tagging product docs and changelog#30238
Draft
wevans997-dev wants to merge 9 commits intoproductionfrom
Draft
docs: add Resource Tagging product docs and changelog#30238wevans997-dev wants to merge 9 commits intoproductionfrom
wevans997-dev wants to merge 9 commits intoproductionfrom
Conversation
Contributor
|
This pull request requires reviews from CODEOWNERS as it changes files that match the following patterns:
|
Contributor
jhutchings1
reviewed
Apr 23, 2026
| @@ -0,0 +1,41 @@ | |||
| --- | |||
| title: Resource Tagging enters public beta | |||
| description: Attach key-value metadata to Cloudflare resources for organization, access control, and cost attribution -- available now via API on all plans. | |||
Contributor
There was a problem hiding this comment.
We don't support all those capabilities yet. Are you ready to talk about them here?
jhutchings1
reviewed
Apr 23, 2026
| date: 2026-04-23 | ||
| --- | ||
|
|
||
| Resource Tagging is now available in public beta across all Cloudflare plans. You can attach custom key-value metadata to your Cloudflare resources -- Workers scripts, zones, custom hostnames, Access application policies, and more -- giving you a consistent way to organize, query, and manage infrastructure at any scale. |
Contributor
There was a problem hiding this comment.
Any language in the changelog about how this is rolling out over a few days?
jhutchings1
reviewed
Apr 23, 2026
|
|
||
| Resource Tagging is now available in public beta across all Cloudflare plans. You can attach custom key-value metadata to your Cloudflare resources -- Workers scripts, zones, custom hostnames, Access application policies, and more -- giving you a consistent way to organize, query, and manage infrastructure at any scale. | ||
|
|
||
| ### Why tags matter |
Contributor
There was a problem hiding this comment.
Section feels a little marketing-speak for the changelog? I'd dial it back.
jhutchings1
reviewed
Apr 23, 2026
|
|
||
| ### What's included | ||
|
|
||
| - **7 supported resource types** -- `account`, `workers_script`, `workers_script_version`, `zone`, `managed_client_certificates`, `custom_hostnames`, and `access_application_policy`, with more on the way. |
Contributor
There was a problem hiding this comment.
I thought we were going out with support for anything?
jhutchings1
reviewed
Apr 23, 2026
| - **7 supported resource types** -- `account`, `workers_script`, `workers_script_version`, `zone`, `managed_client_certificates`, `custom_hostnames`, and `access_application_policy`, with more on the way. | ||
| - **Powerful filtering** -- Query tagged resources using AND/OR logic, negation, and key-only matching. Combine up to 20 filters per query with up to 10 OR values per filter to build precise resource views. | ||
| - **Account and zone-level endpoints** -- Full CRUD operations across both scopes, so you can tag account-wide resources and zone-specific resources with the same consistent API. | ||
| - **Account Owned Tokens (AOTs)** -- Tagging uses account-level tokens that persist independently of individual users. When someone leaves your team or rotates credentials, your tagging automation keeps running. AOTs are provisioned on your behalf with the correct permissions out of the box. |
Contributor
There was a problem hiding this comment.
I don't know if this will make sense to folks.
jhutchings1
reviewed
Apr 23, 2026
|
|
||
| ### API-first by design | ||
|
|
||
| The API is the primary interface for Resource Tagging and the recommended path for all workflows -- whether you're scripting one-off tag assignments, building CI/CD pipelines, or integrating tagging into your infrastructure-as-code toolchain. |
Contributor
There was a problem hiding this comment.
Mention Terraform support?
jhutchings1
reviewed
Apr 23, 2026
|
|
||
| ```bash | ||
| # All resources with an "environment" tag (any value) | ||
| curl -X GET "https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/tags/resources?tag=environment" \ |
Contributor
There was a problem hiding this comment.
Is there a cf CLI invocation?
jhutchings1
reviewed
Apr 23, 2026
| description: Query tagged resources using the tag filtering syntax. | ||
| --- | ||
|
|
||
| The `GET /accounts/{account_id}/tags/resources` endpoint supports tag filtering via the `tag` query parameter. Multiple `tag` parameters combine with **AND** logic. |
Contributor
There was a problem hiding this comment.
A lot of these concepts are auto-documented in the API docs. Do you want to link to those?
jhutchings1
reviewed
Apr 23, 2026
| description: Create, update, and delete tags on Cloudflare resources. | ||
| --- | ||
|
|
||
| All tag operations use the Tagging API. Authentication requires an [Account Owned Token (AOT)](/fundamentals/api/get-started/account-owned-tokens/) or user API token with appropriate [permissions](/resource-tagging/reference/api/#authentication). |
Contributor
There was a problem hiding this comment.
Suggested change
| All tag operations use the Tagging API. Authentication requires an [Account Owned Token (AOT)](/fundamentals/api/get-started/account-owned-tokens/) or user API token with appropriate [permissions](/resource-tagging/reference/api/#authentication). | |
| All tag operations use the Tagging API. Authentication requires an [account API token](/fundamentals/api/get-started/account-owned-tokens/) or user API token with appropriate [permissions](/resource-tagging/reference/api/#authentication). |
jhutchings1
reviewed
Apr 23, 2026
| @@ -0,0 +1,117 @@ | |||
| --- | |||
| title: API reference | |||
Contributor
There was a problem hiding this comment.
The API reference content is auto-generated out of the OpenAPI specs. I think we can delete this page.
jhutchings1
reviewed
Apr 23, 2026
|
|
||
| ## Prerequisites | ||
|
|
||
| - **Super Admin access** -- At least one user with the Super Administrator, Workers Admin, or Tag Admin role. These roles can create, update, and delete tags. |
Contributor
There was a problem hiding this comment.
Suggested change
| - **Super Admin access** -- At least one user with the Super Administrator, Workers Admin, or Tag Admin role. These roles can create, update, and delete tags. | |
| - **Appropriate access** -- At least one user with the Super Administrator, Workers Admin, or Tag Admin role. These roles can create, update, and delete tags. |
jhutchings1
requested changes
Apr 23, 2026
Contributor
jhutchings1
left a comment
jhutchings1
left a comment
There was a problem hiding this comment.
@wevans997-dev Left a bunch of comments for you. Can you have a look?
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Adds initial public developer documentation for the Resource Tagging product (private beta), registered under the Core platform group.
Draft for preview build review -- content may contain internal references that need scrubbing before merge.