Enforce consistent, secure tagging across data and AI assets with Governed Tags in Unity Catalog (Public Preview)
Streamline discovery, compliance, and cost attribution
Summary
- Governed Tags makes it easier to discover trusted datasets, meet governance and compliance requirements, and track costs accurately.
- Account-level tag policies in Unity Catalog keep metadata consistent across all catalogs and workspaces.
- Admins can define allowed values, control who can apply them, and enforce consistent usage across all data and AI assets.
Today, we are excited to announce Governed Tags in Public Preview across all regions on AWS, Azure, and Google Cloud!
Tags in Unity Catalog (UC) are widely used for discovery, cost tracking, and access management — but as adoption grows, inconsistent tagging can create problems. One team tags a dataset “finance,” another uses “fin,” and suddenly, searches, audits, and governance policies are incomplete. This makes compliance harder, weakens security enforcement, and complicates cost attribution.
Governed Tags solve this by introducing account-level tag policies where account admins and data stewards can define who can use a tag, what values are allowed, and where the tag can be applied. These tags can be applied to UC objects such as tables, views, volumes, catalogs, schemas, and columns, with support for workspace-level objects like dashboards and notebooks coming soon. They work across every workspace in an account, ensuring consistent metadata for discovery, security, and cost reporting at scale.
In this blog, we cover core use cases, how they work with existing tags, and what’s next.
When to use Governed Tags
Tags are most valuable when they solve everyday problems for teams. Governed Tags make tagging more reliable and consistent, which opens up practical benefits across discovery, governance, and cost management. Here are three common ways organizations can use them:
Discovery
Consistent tagging makes data easier to find. With Governed Tags, a user searching for “marketing” will see every marketing dataset across the metastore, without missing assets labeled “mktg.” Teams can still use free-form tags for ad hoc organization, like marking a dataset “ML_ready.” In the future, Governed Tags will also support certifications and deprecations so users can quickly identify trusted or outdated data.
Governance and compliance
Governed Tags simplify classification and audits for scalable governance across your entire Databricks account and workspaces. With Data Classification enabled, sensitive columns are automatically tagged, scaling discovery and compliance of sensitive data. Combined with Attribute-Based Access Control (ABAC), policies, this ensures that sensitive data (such as PII) is only accessible to the right users across your data platform.
Cost attribution and optimization
Tags can also track usage and costs. For example, tagging datasets with “costcenter: finance” makes it easy to attribute storage and query spend to the finance team. This visibility supports accurate chargebacks and better budgeting. In upcoming releases, Governed Tags will integrate with serverless budget policies to further streamline cost control.
How Governed Tags work with existing UC tag assignments
Governed Tags do not remove or overwrite existing UC tag assignments. When a privileged user creates a Governed Tag, all existing tag assignments automatically become governed and are linked to the new tag policy. In the UI, Governed Tags appear in blue with a lock icon to show they are protected.
For example, suppose someone tagged a dataset with “costcenter: fin” instead of the approved value “costcenter: finance”. After you enable Governed Tags, that old incorrect tag (fin) won’t be removed automatically. It stays in place, so nothing breaks for teams already using it. But from that point forward, nobody can add fin again. The only allowed value is finance.
We recommend that teams roll out Governed Tags gradually to ensure they can identify all existing tags and the appropriate allowed values. Read more about tagging best practices here!
Getting started with Governed Tags and what’s next
Governed Tags are available today in Public Preview across all supported regions on AWS, Azure, and GCP.
- Get started: Go to the Unity Catalog admin experience and create a Governed Tag. See our demo video for a quick overview.
- Docs: Read the Governed Tags documentation (AWS, Azure, Google Cloud) for setup details.
- Roadmap: Upcoming releases will expand Governed Tags to more asset types, including workspace-scoped assets, and integrate with features like serverless budget policies.
- Check out our Data + AI Summit session: See ABAC, Governed Tags, Data Classification and more in our on-demand session covering data governance at scale
To get started with Unity Catalog, follow the guides for AWS, Azure, and GCP.
