AWS tagging use cases.
Resources
Management
Tagging helps AWS users effectively identify, filter, and manage their resources. The need for strategic and appropriate tagging often becomes painfully obvious as the number of resources being used Increases. Best practice (and the least pain incurred) would be to implement strong tagging policies from the onset of deployment. Good tagging practices becomes especially useful when organizations deploy multiple resources using automated processes such as CloudFormation or Terraform.
Security risk
Management
Tags can be leveraged to monitor resources that require an additional level of security. Many organizations run cloud workflows containing confidential and sensitive information that needs constant and stringent protection. Tagging such sensitive resources provides the necessary visibility to monitor key workflows and deployments.
Cost Management
Cost management is arguably the most important use case when it comes to tagging resources on AWS.
- Easily filter resource groups and prepare cost allocation reports broken down based on the selected tags
- Easily access cost allocation reports using tags associated with specific technical or business attributes such as “production” or “sales”
With resources being accurately identified by tag, companies can gain a comprehensive understanding of their cloud costs, pinpoint resources that are either redundant or aren’t being used, and identify potential opportunities to save money.
Tagging is often used for automation. Resources that are grouped using unique tags can easily be identified and used in collective automation activities.
Examples :
- Automating the termination of temp dev resources at the end of the day
- Automating the movement of business workflows from one stage to another stage using s3 file tags
- Automating data backup, archiving & disaster recovery (DR) using cadence tags that set the frequency of these tasks
Users can leverage tags to establish access control protocols. AWS IAM (Identity and Access Management) policies enable owners to define their own conditions and restrict user access using tags.
Examples :
- Using VPN Client tagged groups
- Tagging EC2 instances to restrict access to a specific resource
