Tagging decisions are reversible, giving you the flexibility to edit or change as needed in the future. Conditionally required tags are only mandatory under certain circumstances (for example, if an application processes sensitive data, you may require a tag to identify the corresponding data classification, such as Personally Identifiable Information or Protected Health Information). Tags can be required, conditionally required, or optional. While AWS does not charge a fee for the use of tags, there may be indirect costs (for example, the labor needed to assign and maintain correct tag values for each relevant AWS resource). If you intend to use tags for specific use cases, as illustrated by the examples in the introduction, you will need to rely on the consistent use of tags and tag values.Ĭonsider tags from a cost/benefit perspective when deciding on a list of required tags. It’s important to employ a consistent approach in tagging your AWS resources. Tag stakeholders in an organization typically include IT Finance, Information Security, application owners, cloud automation teams, middleware and database administration teams, and process owners for functions such as patching, backup/restore, monitoring, job scheduling, and disaster recovery. This can enable automated compliance checks to ensure that proper access controls are in place, patch compliance is up to date, and so on. Tags can be assigned to identify resources that require heightened security risk management practices, for example, Amazon EC2 instances hosting applications that process sensitive or confidential data. Tags can be used to integrate support for AWS resources into day-to-day operations including IT Service Management (ITSM) processes such as Incident Management.ĪWS Identity and Access Management (IAM) policies support tag-based conditions, enabling customers to constrain permissions based on specific tags and their values. Tags can be used to opt into or out of automated tasks, or to identify specific versions of resources to archive, update, or delete. Resource or service-specific tags are often used to filter resources during infrastructure automation activities. Typically, customers use business tags such as cost center, business unit, or project to associate AWS costs with traditional financial reporting dimensions within their organization. Resource Groups tool allows customers to create a custom console that organizes and consolidates AWS resources based on one or more tags or portions of tags.ĪWS Cost Explorer and Cost and Usage Report support the ability to break down AWS costs by tag. Each tag is a simple label consisting of a customer-defined key and an optional value that can make it easier to manage, search for, and filter resources.įollowing are some sample use cases for using tags. See reference section below for sources.Īmazon Web Services allows customers to assign metadata to their AWS resources in the form of tags. These are some notes on AWS Tagging Best Practices.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |