In this era of infrastructure-as-a-code, managing resources on cloud needs programmatic controls. The ease of cloud deployment and provisioning makes it easy to create cloud sprawls that can become unmanageable. In such dynamic environments, ‘Governance’ needs to be automated and AWS provides tagging feature to enable the same.
So what all can you really govern using tags?
Tags are flexible to use and there can be many use cases. Here are some of the important use cases:
- Cost allocation and chargeback: Tags make it possible to map customers or cost centers to cloud resources and make it easy to create chargeback reports
- Scheduling auto start / stops to save costs: Tags help in identifying environments and specifying developer work hours, thus allowing customers to automate the start/stop of servers when not in use and in turn helps in saving costs
- Managing Backups — By adding tags with Backup policy, it is possible to automate the overall backup process without any dependency on a cloud admin
- Role-based Permissions — Tags allow automating IAM rules and policies. You can explore more info on IAM policies, here
- Resource Groups — To create visibility of logical groups of resources, tags can be used to define the same. E.g. application clusters, environments, data layers, compliance tracking, etc
- Paging critical alerts — Tagging resource owners allow paging to specific groups/ users in case of predefined alerts
Based on the multiple use cases we’ve worked on for our customers, we recommend the following tagging categories:
Business Tags: Business Unit; Cost Center; Project; End Customer; Owner Contact
Compliance Tags: Scope (PCI, HIPAA etc); Data Confidentiality; Encryption
Technical Tags: Application Name/ID; Application Tier; Cluster; Environment; Version; Tech Stack
Function Tags: Backup; Start-Stop; Monitoring; Support Contact
AWS Tagging is a discipline to be followed.
Without proper AWS tagging strategies in place, it is very challenging as well as time-consuming to manage your cloud, leading to several problems ranging from operational issues to unexpected cloud spend. To achieve optimization on AWS cloud, designing a tagging strategy is paramount.
Download the free guide on “AWS Tagging Strategies”, which will guide users to implement the best tagging practices to achieve complete cost optimization on AWS Cloud.
Get Your Free Copy Here: AWS Cost Saving with Smart Tagging — Free Guide 2017
Meanwhile, here are a few tagging features that allow great flexibility in planning and executing tags:
- Upto 10 Tags are allowed per resource
- Each tag is a Key: Value pair
- Tags are account specific
- Tag keys and values are case sensitive
- Tags are unique per resource
- Tags Values can have multiple information concatenated with delimiters
- Tags cannot begin with “aws:” as a prefix
Some best practice examples of Tagging are shown below:
While tagging enables significant control through automated cloud governance, given its criticality, it’s also important to govern the tagging process as well. AWS Cloudformation and service catalog based provisioning, as well as strong configuration management best practices can ensure that all resources are tagged consistently and accurately as per the standards.
And once tagging is done, you can setup cloud governance easily by using our product Botmetric (www.botmetric.com) to simplify automation and cloud management. Do check it out and make your cloud management easy!
We hope this article helps you in achieving cloud governance on AWS through Tagging. So go ahead, leverage the power of tagging and enjoy automated governance and control over your cloud deployments.
This Article was originally published by Anindo Sengupta, CDO, Minjar Cloud Solutions.
