In Google Cloud, we have a project with a few resources that we build/destroy frequently. After provisioning the resources, we add network tags to them. Right now we do this manually but ideally we would like to create network tags on our project and have the resources inherit these tags.
I tried this out by adding network tags at the project level and then provisioned a few resources in the project. But the network tags did not get applied to the newly created resources in the project.
Based on the documentation, inheritance is allow from folder to subfolder but I dont see any mention about project. https://cloud.google.com/resource-manager/docs/tags/tags-overview#inheritance
Does anyone know if this can be achieved in Google Cloud ?
I guess that you might have confused the Tags from Network Tags. They are different entities/resources in GCP. Please reference the Comparison of Tags and network tags. tl;dr Tags can be used to manage and group GCP resources for purposes such as IAM condition, billing and Firewall policies.
I assume that your interest is in applying firewall policies to group of Compute instances in a project. Under that context, we can refer the tag as secure tags. It is sort of an evolution of the network tags that allows you to assign logical names to VMs and define your firewall rules in logical groups. Also keep in mind, Secure tag only applies to Firewall Policies which is different from VPC Firewall Rules (a superset).
You can achieve the Tag inheritance for compute resources (see other Tag supported GCP resources):
For use with network firewall