---
title: "Import Labels/Tags in SAFE"
slug: "import-azure-tags-and-gcp-labels-in-safe"
updated: 2025-12-08T17:41:36Z
published: 2025-12-08T17:41:36Z
canonical: "docs.safe.security/import-azure-tags-and-gcp-labels-in-safe"
---

> ## Documentation Index
> Fetch the complete documentation index at: https://docs.safe.security/llms.txt
> Use this file to discover all available pages before exploring further.

# Import Labels/Tags in SAFE

## About this document

---

This document explains how to import Labels or Tags in SAFE.

1. [Microsoft Azure Tags](/safe-4/docs/import-azure-tags-and-gcp-labels-in-safe#import-tags-from-azure-subscriptions-into-safe)
2. [Google Cloud Platform (GCP)](/safe-4/docs/import-azure-tags-and-gcp-labels-in-safe#import-labels-from-google-cloud-platform-gcp-into-safe)
3. [Wiz](/safe-4/docs/import-azure-tags-and-gcp-labels-in-safe#import-tags-from-wiz-into-safe)
4. [Crowdstrike Falcon](/safe-4/docs/import-azure-tags-and-gcp-labels-in-safe#import-tags-from-crowdstrike-falcon-into-safe)
5. [CrowdStrike Falcon Exposure Management](/safe-4/docs/import-azure-tags-and-gcp-labels-in-safe#import-tags-from-crowdstrike-falcon-exposure-management-into-safe)
6. [Tenable Vulnerability Management](/safe-4/docs/import-azure-tags-and-gcp-labels-in-safe#import-tags-from-tenable-vulnerability-management-into-safe)
7. [SentinelOne](/safe-4/docs/import-azure-tags-and-gcp-labels-in-safe#import-tags-from-sentinelone-via-customfield)
8. [Claroty xDome](/safe-4/docs/import-azure-tags-and-gcp-labels-in-safe#import-tags-from-claroty-xdome-into-safe)

## Introduction

Tags are the metadata elements that you apply to the cloud resources. They are the key-value pairs that help you identify resources based on settings relevant to your organization. SAFE users can automatically import the Tags. This helps users create multi-cloud asset groups based on tags and labels, enabling them to manage cyber risk for those groups.

## Import Tags from AWS into SAFE

1. Make sure that AWS integration is configured under Integrations. Refer to the [AWS](/safe-4/docs/aws-via-electric-eye) Integration Guide.

2. Create custom fields for technology corresponding to the tag keys you want to import into SAFE. You can create the custom fields from the Settings > Custom Fields.

3. In the next AWS sync, the system will automatically update the custom field values. Alternatively, you can manually trigger a sync by navigating to Integrations > AWS.

> [!WARNING]
> Notes
> 
> - The system imports only those tags from AWS for which the corresponding custom fields are present in SAFE.
> - On every subsequent scan, the system updates the custom field values automatically.

## Import Tags from Azure Subscriptions into SAFE

1. Make sure that Azure integration is configured under Safe Hooks. Refer to the [Azure Integration Guide](/safe-4/docs/azure).
2. Create custom fields for technology corresponding to the Azure tag keys you want to import into SAFE. You can create the custom fields from the**Settings > Custom Fields.**
3. In the next Azure sync, the system will automatically update the custom field values. Alternatively, you can manually trigger a sync by navigating to SAFE Hooks > Azure.

Notes

- The system imports only those tags from Azure for which the corresponding custom fields are present in SAFE.
- On every subsequent scan, the system automatically updates the custom field values.

## Import Labels from Google Cloud Platform (GCP) into SAFE

1. Make sure that GCP integration is configured under Safe Hooks. Refer to the [GCP Integration Guide](/safe-4/docs/google-cloud-platform).
2. Create custom fields for technology corresponding to the Azure tag keys you want to import into SAFE. You can create the custom fields from the**Settings > Custom Fields**.
3. In the next GCP sync, the system will update the custom field values automatically. Alternatively, you can manually trigger a sync using the SAFE API. Refer to the [GCP Integration Guide](/safe-4/docs/google-cloud-platform).

Notes

- The system imports only those labels from GCP for which the corresponding custom fields are present in SAFE.
- On every subsequent scan, the system updates the custom field values automatically.

## Import Tags from Wiz into SAFE

1. Make sure that Wiz integration is configured under Integrations. Refer to the [Wiz](https://docs.safe.security/docs/wizio) Integration Guide.

2. Create custom fields for technology corresponding to the tag keys you want to import into SAFE. You can create the custom fields from the Settings > Custom Fields. Refer to [Custom Fields](/safe-4/docs/custom-fields-1).

3. In the next Wiz sync, the system will automatically update the custom field values. Alternatively, you can manually trigger a sync by navigating to Integrations > Wiz.

> [!WARNING]
> Notes
> 
> - The system imports only those tags from Wiz for which the corresponding custom fields are present in SAFE.
> - On every subsequent scan, the system updates the custom field values automatically.

## Import Tags from CrowdStrike Falcon into SAFE

SAFE now supports pulling tags from CrowdStrike. To pull tags, follow the steps below:

1. To view/filter the pulled tags, follow the steps below:

The custom field is case-sensitive. The custom field's name must be exactly this `cs-falcon-tags`for the tags to be pulled in. The CrowdStrike tags will be populated in the created custom field.

### 

## Import Tags from CrowdStrike Falcon Exposure Management into SAFE

SAFE now supports pulling tags from CrowdStrike Falcon Exposure Management. To pull tags, follow the steps below:

  1. Log in to SAFE.
  2. Navigate to Settings > Custom Fields.
  3. Click on the Add Custom Field button.
  4. Enter the Name cs-exposure-mgmt-tags. Keep the Custom Field Type field as Any and the Multi-Valued field as Yes.
  5. Click on the Add button.

![](https://cdn.document360.io/23dc20b8-a989-48c0-8653-f1d3e4abc734/Images/Documentation/image-20240701-064619.png)

To view/filter the pulled tags, follow the steps below:

  1. Log in to **SAFE**.
  2. Navigate to **Technology**
  3. Add column **Custom Field: cs-exposure-mgmt-tags** to view the pulled tags against the asset.
  4. Filtering on the pulled tags is also supported.

![](https://cdn.document360.io/23dc20b8-a989-48c0-8653-f1d3e4abc734/Images/Documentation/image-20240701-065214.png)

The custom field is case-sensitive. The custom field's name must be exactly this `cs-exposure-mgmt-tags`for the tags to be pulled in. The CrowdStrike tags will be populated in the created custom field.
  1. Log in to SAFE.
  2. Navigate to Settings > Custom Fields.
  3. Click on the Add Custom Field button.
  4. Enter the Name cs-falcon-tags. Keep the Custom Field Type field as Any and the Multi-Valued field as Yes.
  5. Click on the Add button.

![](https://cdn.document360.io/23dc20b8-a989-48c0-8653-f1d3e4abc734/Images/Documentation/image-20240624-121451.png)
  1. Log in to SAFE.
  2. Navigate to Technology
  3. Add column Custom Field: cs-falcon-tags to view the pulled tags against the asset.
  4. Filtering on the pulled tags is also supported.

![](https://cdn.document360.io/23dc20b8-a989-48c0-8653-f1d3e4abc734/Images/Documentation/image-20240624-122222.png)

## Import Tags from Tenable Vulnerability Management into SAFE

1. Ensure that Tenable Vulnerability Management is configured under **Safe Hooks**.
2. Create Custom Fields in SAFE that correspond to the tag keys (category) in Tenable Vulnerability Management that you wish to import. To set up these custom fields, go to **Settings**> **Custom Fields**.
3. The system will automatically update the custom field values during the next sync with Tenable Vulnerability Management. If you prefer, you can manually trigger a sync by going to **SAFE Hooks** > **Tenable Vulnerability Managemen**t.

> [!NOTE]
> Info
> 
> - The system will only import tags from Tenable Vulnerability Management if the corresponding custom fields are already set up in SAFE.
> - After each subsequent scan, the custom field values will be automatically updated.

## Import Tags from SentinelOne via Custom field

SAFE can bring in tags from SentinelOne. Since SentinelOne uses key-value tags, you can import these tags into SAFE using a Custom Field.

- To do this, go to **Settings** > **Custom Field** and create a new custom field. Make sure the name of this custom field matches exactly with the key of the tag in SentinelOne.![](https://cdn.document360.io/23dc20b8-a989-48c0-8653-f1d3e4abc734/Images/Documentation/image(384).png)
- When the next sync with SentinelOne happens, the values for your custom field will be updated. You can also start a manual sync by going to **Integrations** > **SentinelOne** > **Configure**.

## Import Tags from Claroty xDome into SAFE

1. Make sure that [Claroty xDome](/safe-4/docs/claroty-xdome) is configured under integrations
2. Create custom fields matching the Claroty xDome tag keys (claroty-site-name, claroty-device-type, claroty-subcategory, claroty-category in Claroty xDome) in SAFE. You can create the custom fields from the Settings > Custom Fields. Refer to [Custom Fields](/safe-4/docs/custom-fields-1).
3. In the next Claroty xDome sync, the system will automatically update the custom field values. Alternatively, you can manually trigger a sync by navigating to Integrations > Claroty xDome.

![](https://cdn.document360.io/23dc20b8-a989-48c0-8653-f1d3e4abc734/Images/Documentation/Claroty.png)

> [!WARNING]
> Notes
> 
> 1. The system imports only those tags from Claroty xDome for which the corresponding custom fields are present in SAFE.
> 2. On every subsequent scan, the system automatically updates the custom field values.