How to tag your resources on AWS / GCP / Azure?

Techniques for tagging resources on AWS, GCP and Azure

WELL-TAGGED:
METHODS OF TAG IMPLEMENTATION AND GOVERNANCE

Sometimes overlooked, tags take time to set up, but become an effective tool for Cloud infrastructure management.

Here, we share with you the practices for tagging your resources and we talk about the tagging methods of AWS, GCP and AZURE. 

Table of contents

Techniques for tagging your resources

Cloud platforms follow very specific and independent conventions and policies. By confronting the different tagging practices, we realised that we could imagine a framework that would work on all platforms.  

There is no single strategy that works for all organisations, but there are techniques that can be adapted to your situation.  

Don't jump into tagging head first! Clutter can quickly build up in your infrastructure, and the tag could lose its usefulness. 

Build your tag strategy first:

Strategy for tagging your cloud resources

Naming your tags

Regardless of the cloud platform, it is essential to develop a consistent and long-lasting tag naming convention. Think about evolving it to adapt it to the current situation of your activity. But don't change your naming strategy along the way, or else it will be a superhuman effort!

The choice of script is yours, but suppliers limit you by imposing certain rules and conventions.

Naming your tags according to cloud providers

TABLE OF INDIVIDUAL TAG NAMING CONVENTIONS

Standardise your tags

Important for its organisation, it is necessary to apply default tags covering all MultiCloud environments.

We recommend the ones proposed by AWS, which we think are the most relevant:

1) Technical tag

Informs about the assets distributed in a cloud infrastructure:

2) Company tag

Sets the context and ownership:

Name and environment

Department code

Asset function

ID / user name

Version number

Project name

3) Safety / compliance tag

Sensitive and confidential data that comply with regulations:

4) Operational tag

Indication of the instructions to be applied to the resources : 

HDS / HIPAA certification

Critical resources

Sensitive data

Stopping or starting times

Encrypted data

Data to be encrypted

Date of deletion of resources

Automate your tags

As resources increase, tags become more challenging to manage and update. To facilitate the long-term maintenance of tags, the last but not least strategy is automation. Automation is used to deploy tag environments and save time in its governance. It is implemented by tools and scripts like JSON or YAML.

This is a huge topic and we have dedicated a whole article to this practice.

Here are some tips:

  • Tagging by resource groups
  • Use resource tagging APIs to manage the tagging of many resources
  • Periodically update the consistency and convention of tags
  • Check the conformity of existing resources / correct anomalies / remove non-essential resources
  • All the details and techniques on tag automation, right here
Tools for tagging FinOps resources on AWS, GCP and Azure

TABLE OF TOOLS FOR AUTOMATING TAGS IN AWS, GCP AND AZURE

Vendor-specific tagging solutions

Starting from a common base and a similar vision: to allow a good distribution of costs, the suppliers have created tools specific to their platform to guide the user in the search and update of his tags.

AWS

Tools for tagging on AWS

TABLE OF TOOLS FOR TAGGING AT AWS

By providing numerous cost management services, AWS allows you to manage (in blue) and analyse (in green) your tags by groups with specific tools for each category. In our opinion, it is the platform that offers the most comprehensive tools for FinOps tag governance. Amazon has taken the decision to respond to the needs of tag management or exploitation by implementing specific tools for each use.

The tagging strategy must be adapted to the size of the company.

To begin with, it is preferable to be satisfied with tools such as Cost Explorer, Cost Categories or Cost Allocation which will meet a minimal use of tag management and exploitation. The interest of these three tools will be to provide you with a macro vision of the business costs of your tags with a quick and efficient FinOps, without going into details.  

  • Cost Explorerto view the costs and filter the tags.
  • Cost Allocation and Cost Categories for large organisations, to business-specific FinOps.

Once the FinOps requirement is more advanced, you will need to go into more detail in the analysis:

  • Cost and Usage Report (CUR) provides a more comprehensive analysis of the details of the tags, availability, filtersand the ability to group very specific tags.
  • Tag Tamer is the most successful tool recently released. Dedicated to the tag, it gathers all the complete and indispensable services of management and analysis of FinOps tags. Point of vigilanceIt is not a free tool and is complex to use.

DIAGRAM OF THE TAG TAMER OPERATION AT AWS

GCP

Tools for tagging on GCP

TABLE OF TOOLS FOR GOOD TAGGING AT GCP

At GCP, the operation is different from AWS.

  • Data Catalog will be used to manage metadata and allocate it to resources.

Atag is nothing more than a metadata, comparable to information for SEO. Here Google offers us its SEO tool for managing tags in the GCP infrastructure.

  • BigQuery will be useful if you are already an expert in data. Connect it to Data Catalog to add tags to the necessary environments.
  • Google Billing is the essential tool for visualise the tags in the dashboard, and then generate data to exploit them.

AZURE

TABLE OF TOOLS FOR TAGGING IN AZURE

The platform platform offers highly specialised toolstools for resource management:

  • Azure Resource Manager (ARM) to implement your tags to resources and receive rules for applying the tags.
  • Azure Policy allows to grant access to resources and help manage the consistency oftags against the established convention.
  • Cost Management is the essential downstream tool for exploiting your tags in terms of data analysis and visualisation.

According to our experience and the feedback of our users, here are the three Cloud providers that provide the best tools for tagging resources. To date, AWS is the most complete platform in this area. Keep in mind that tagging resources should be proportional to the size of the infrastructure and your cloud spend governance priorities.

The management of tags is a complex subject which is becoming more and more important with the move to the MultiCloud! 

Lota.cloud is an all-in-one FinOps platform that allows you to govern your MultiCloud expenses through tags. You can use them in your reporting, budgets, alerts and optimisation actions. The platform also helps you to maintain a high level of quality.

This is a start in terms of organising and using tags. One thing is certain, you can trust us!

Leave a comment

Test Lota.cloud for free for 30 days