| « PreviousNext » | |
   | Did this page help you? Yes | No | Tell us about it... |
Tagging Your Amazon EC2 Resources
To help you manage your instances, images, and other Amazon Elastic Compute Cloud (Amazon EC2) resources, you can assign your own metadata to each resource in the form of tags. This topic describes tags and shows you how to create them.
Topics
Tag Basics
Tags enable you to categorize your AWS resources in different ways, for example, by purpose, owner, or environment. Each tag consists of a key and a value, both of which you define. For example, you could define a set of tags for your account's Amazon EC2 instances that helps you track each instance's owner and stack level. We recommend that you devise a set of tag keys that meets your needs for each resource type. Using a consistent set of tag keys makes it easier for you to manage your resources. You can search and filter the resources based on the tags you add.
The following diagram illustrates how tagging works. In this example, you've assigned
two tags to each of your instances, one called Owner and another called
Stack. Each of the tags also has an associated value.
Tags don't have any semantic meaning to Amazon EC2 and are interpreted strictly as a string of characters. Also, tags are not automatically assigned to your resources.
You can work with tags using the AWS Management Console, the Amazon EC2 command line interface (CLI), and the Amazon EC2 API.
You can assign tags only to resources that already exist. When you use the Amazon EC2 console, you can access a list of tags to add to an instance, which will be applied immediately after the instance is created. If you add a tag that has the same key as an existing tag on that resource, the new value overwrites the old value. You can edit tag keys and values, and you can remove tags from a resource at any time. You can set a tag's value to the empty string, but you can't set a tag's value to null.
If you're using AWS Identity and Access Management (IAM), you can control which users in your AWS account have permission to create, edit, or delete tags. For more information about IAM, see Controlling Access to Amazon EC2 Resources.
Tag Restrictions
The following basic restrictions apply to tags:
Maximum number of tags per resource—10
Maximum key length—128 Unicode characters
Maximum value length—256 Unicode characters
Tag keys and values are case sensitive.
Do not use the
aws:prefix in your tag names or values because it is reserved for AWS use. You can't edit or delete tag names or values with this prefix.
You can't terminate, stop, or delete a resource based solely
on its tags; you must specify the resource identifier.
For example, to delete snapshots that you tagged with a tag key called
DeleteMe, you must first get a list of those snapshots using
DescribeSnapshots with a filter that specifies the tag.
Then you use DeleteSnapshots with the resource identifiers of the
snapshots (for example, snap-1a2b3c4d). You can't call
DeleteSnapshots with a filter that specified the tag. For
more information about using filters when listing your
resources, see Listing and Filtering Your Resources.
You can tag public or shared resources, but the tags you assign are available only to your AWS account and not to the other accounts sharing the resource.
You can't tag all resources, and some you can only tag using API actions or the command line. The following table lists all Amazon EC2 resources and the tagging restrictions that apply to them, if any. Resources with tagging restrictions of None can be tagged with API actions, the CLI, and the console.
| Resource | Tagging support | Tagging restrictions |
|---|---|---|
|
AMI |
Yes |
None |
|
Bundle Task |
No | |
|
Customer Gateway |
Yes |
None |
|
DHCP Option |
Yes |
None |
|
EBS Volume |
Yes |
None |
|
Elastic IP |
No | |
|
Instance |
Yes |
None |
|
Internet Gateway |
Yes |
None |
|
Key Pair |
No | |
|
Load Balancer |
No | |
|
Network ACL |
Yes |
None |
|
Network Interface |
Yes |
None |
|
Placement Group |
No | |
|
Reserved Instance |
Yes |
None |
|
Reserved Instance Listing |
Yes |
None |
| Route Table |
Yes |
None |
|
Spot Instance Request |
Yes |
Tag with CLI and API only |
|
Security Group - EC2 Classic |
Yes |
None |
|
Security Group - VPC |
Yes |
None |
|
Snapshot |
Yes |
None |
|
Subnet |
Yes |
None |
|
Virtual Private Gateway |
Yes |
None |
|
VPC |
Yes |
None |
|
VPN Connection |
Yes |
None |
For more information about tagging using the AWS console, see Using the AWS Management Console. For more information about tagging using API actions, see Using the API. For more information about tagging using the command line, see Using the Command Line Interface.
Tagging Your Resources for Billing
You can use tags to organize your AWS bill to reflect your own cost structure. To do this, sign up to get your AWS account bill with tag key values included. Then, to see the cost of your combined resources, you can organize your billing information based on resources that have the same tag key values. For example, you can tag several resources with a specific application name, and then organize your billing information to see the total cost of that application across several services. For more information, see Cost Allocation and Tagging in About AWS Account Billing.
Using the AWS Management Console
Using the Amazon EC2 console, you can see which tags are in use across all of your Amazon EC2 resources in the same region. You can view tags by resource and by resource type, and you can also view how many items of each resource type are associated with a specified tag. You can also use the Amazon EC2 console to apply or remove tags from one or more resources at a time.
Topics
Displaying Tags
You can display tags in two different ways in the Amazon EC2 console. You can display the tags for an individual resource or for all resources.
To display tags for individual resources
When you select a resource-specific page in the Amazon EC2 console, it displays a list of those resources. For example, if you select Instances from the navigation pane, the console displays a list of Amazon EC2 instances. When you select a resource from one of these lists (e.g., an instance), if the resource supports tags, you can view and manage its tags. Depending on which resource page you're on, you can view the tags either in the Tags tab on the details pane, or by clicking Go to Details Page (the magnifying glass). The following image shows the Tags tab for an instance with two tags: Name = DNS Server and Purpose = Network Management.
You can add a column to the resource list that displays all values for tags with the same key. This column enables you to sort and filter the resource list by the tag. There are two ways to add a new column to the resource list to display your tags.
On the Tags tab, click Show Column for the tag.
Click the Show/Hide Columns gear-shaped icon, and in the Show/Hide Columns dialog box, select the tag key under Your Tag Keys, and then click Apply.
To display tags for all resources
You can display tags across all resources by selecting Tags from the navigation pane in the Amazon EC2 console. The following image shows the Tags pane, which lists all tags in use by resource type.
Adding and Deleting Tags on an Individual Resource
You can manage tags for an individual resource directly from the resource's page. If you are managing an AMI's tags, the procedures are different from that of other resources. All procedures are explained below.
To add a tag to an individual resource
Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/.
From the navigation bar, select the region that meets your needs. This choice is important because some Amazon EC2 resources can be shared between regions, while others can't. For more information, see Resource Locations.
In the navigation pane, click a resource type (for example, Instances).
Select the resource from the resource list.
Select the Tags tab in the details pane.
Click the Add/Edit Tags button.
In the Tag EC2 Instance dialog box, specify the key and value for each tag, and then click Save Tags. Notice that the dialog box automatically suggests
Nameas the key for the first tag; however, you can enter a different key.
To add a tag to an AMI
From the navigation bar, select the region that meets your needs. This choice is important because some Amazon EC2 resources can be shared between regions, while others can't. For more information, see Resource Locations.
In the navigation pane, click AMIs.
In the row of the AMI you want to add the tag to, click the Go to Details Page button (the magnifying glass).
Expand the Tags area, and click Create Tag.
Specify the key and value for the tag, and then click the Save checkmark icon. To add more tags, click Create Tag and repeat this step.
To delete a tag from an individual resource
Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/.
From the navigation bar, select the region that meets your needs. This choice is important because some Amazon EC2 resources can be shared between regions, while others can't. For more information, see Resource Locations.
In the navigation pane, click a resource type (for example, Instances).
Select the resource from the resource list.
Select the Tags tab in the details pane.
Click Remove Tag in the Actions column for the tag.
To delete a tag from an AMI
From the navigation bar, select the region that meets your needs. This choice is important because some Amazon EC2 resources can be shared between regions, while others can't. For more information, see Resource Locations.
In the navigation pane, click AMIs.
In the row of the AMI you want remove the tag from, click the Go to Details Page button (the magnifying glass).
Expand the Tags area, and click the Delete button for the tag.
Adding and Deleting Tags to a Group of Resources
To add a tag to a group of resources
Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/.
From the navigation bar, select the region that meets your needs. This choice is important because some Amazon EC2 resources can be shared between regions, while others can't. For more information, see Resource Locations.
In the navigation pane, click Tags.
At the top of the content pane, click Manage Tags.
From the Filter drop-down list, select the type of resource (for example, instances) that you want to add tags to.
In the resources list, select the check box next to each resource that you want to add tags to.
In the Key and Value boxes under Add Tag, type the tag key and values you want, and then click Add Tag.
Note
If you add a new tag with the same tag key as an existing tag, the new tag overwrites the existing tag.
To remove a tag from a group of resources
Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/.
From the navigation bar, select the region that meets your needs. This choice is important because some Amazon EC2 resources can be shared between regions, while others can't. For more information, see Resource Locations.
In the navigation pane, click Tags.
At the top of the content pane, click Manage Tags.
To view the tags in use, click the Show/Hide Columns gear-shaped icon, and in the Show/Hide Columns dialog box, select the tag keys you want to view, and then click Close.
From the Filter drop-down list, select the type of resource (for example., instances) that you want to remove tags from.
In the resource list, select the check box next to each resource that you want to remove tags from.
Under Remove Tag, click in the Key box to select a key, or type its name, and then click Remove Tag.
Adding a Tag When You Launch an Instance
To add a tag using the Classic Wizard
Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/.
From the navigation bar, select the region for the instance. This choice is important because some Amazon EC2 resources can be shared between regions, while others can't. Select the region that meets your needs. For more information, see Resource Locations.
Click the Launch Instance button on the EC2 dashboard. On the Create a New Instance page, select Classic Wizard, and then click Continue.
On the CHOOSE AN AMI page, the Quick Start tab displays a list of basic configurations called Amazon Machine Images (AMI). Choose the AMI that you want to use and click its Select button. For more information about selecting an AMI, see Finding a Suitable AMI.
Follow the directions in the wizard for the initial INSTANCE DETAILS pages.
When prompted, specify the key and value for each tag, and then click Continue. Notice that the wizard automatically suggests
Nameas the key for the first tag; however, you can enter a different key.
On the CREATE A KEY PAIR page, you can choose from any existing key pairs that you've created, or follow the wizard directions to create a new key pair, and then click Continue.
On the Configure Firewall page, you can choose from any existing security group that you own, or follow the wizard directions to create a new security group, and then click Continue.
Review your settings. When you're satisfied with your selections, click Launch.
To add a tag using the Quick Launch Wizard
Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/.
From the navigation bar, select the region that meets your needs. This choice is important because some Amazon EC2 resources can be shared between regions, while others can't. For more information, see Resource Locations.
Click the Launch Instance button from the dashboard. On the Create a New Instance page, select Quick Launch Wizard, and then click Continue.
Specify a name for your instance, choose a key pair, select an AMI, and then click Continue.
Click Edit details and select Modify Tags.
Specify the key and value for each tag, and then click Save details.
Review your settings. When you're satisfied with your selections, click Launch.
Filtering a List of Resources by Tag
You can filter your list of resources based on one or more tag keys and tag values. Note this is currently not possible on the AMIs resource page.
To filter a list of resources by tag
Display a column for the tag as follows:
Select one of the resources.
Select the Tags tab in the details pane,.
Locate the tag in the list and click Show Column.
Click the filter icon in the top right corner of the column for the tag to display the filter list.
Select the tag values, and then click Apply Filter to filter the results list.
Using the Command Line Interface
Use the following CLI commands to add, update, list, and delete the tags for your resources. The documentation for each command provides examples.
| Description | Command |
|---|---|
|
Adds or overwrites one or more tags for the specified resource or resources. | |
|
Deletes the specified tags from the specified resource or resources. | |
|
Describes one or more tags for your resources. |
In the following sections, you can learn how to use the CLI to list tags, or list resources and filter the results based on tags.
Topics
Adding Tags
The following example adds the same two tags to an AMI and an instance.
For the first tag, the key is webserver and there is no value.
For the other tag, the key is stack and the value is Production.
PROMPT>ec2-create-tags ami-1a2b3c4d i-6f5d4e3a --tag webserver --tag stack=ProductionTAG ami-1a2b3c4d image webserver TAG ami-1a2b3c4d image stack Production TAG i-6f5d4e3a image webserver TAG i-6f5d4e3a image stack Production
Listing Tags
You can list your tags and filter the results in different ways, as shown in the following examples.
This example describes all your tags.
PROMPT> ec2-describe-tags
TAG ami-1a2b3c4d image webserver
TAG ami-1a2b3c4d image stack Production
TAG i-5f4e3d2a instance webserver
TAG i-5f4e3d2a instance stack Production
TAG i-12345678 instance database_server
TAG i-12345678 instance stack TestThis example describes the tags for your resource with ID ami-1a2b3c4d.
PROMPT> ec2-describe-tags --filter "resource-id=ami-1a2b3c4d"
TAG ami-1a2b3c4d image webserver
TAG ami-1a2b3c4d image stack ProductionThis example describes the tags for all your instances.
PROMPT> ec2-describe-tags --filter "resource-type=instance"
TAG i-5f4e3d2a instance webserver
TAG i-5f4e3d2a instance stack Production
TAG i-12345678 instance database_server
TAG i-12345678 instance stack TestThis example describes the tags for all your instances that have a tag with the key webserver.
PROMPT> ec2-describe-tags --filter "resource-type=instance" --filter "key=webserver"
TAG i-5f4e3d2a instance webserverThis example describes the tags for all your instances that have a tag with the key stack and a value of either Test or Production.
PROMPT> ec2-describe-tags --filter "resource-type=instance" --filter "key=stack" --filter "value=Test" --filter "value=Production"
TAG i-5f4e3d2a instance stack Production
TAG i-12345678 instance stack TestThis example describes the tags for all your instances that have a tag with the key Purpose and no value.
PROMPT> ec2-describe-tags --filter "resource-type=instance" --filter "key=Purpose" --filter "value="Changing Tag Values
The following example changes the value of the
stack tag for one of your AMIs from
Production to Test using
the ec2-create-tags command.
PROMPT>ec2-create-tags ami-1a2b3c4d --tag stack=TestTAG ami-1a2b3c4d image stack Test
Deleting Tags
The following example deletes the tags that you originally assigned to the AMI and instance.
PROMPT> ec2-delete-tags ami-1a2b3c4d i-6f5d4e3a --tag webserver --tag stackNotice that you didn't need to specify a value.
If you specify a value, the tag is deleted only if its value matches the
one you specified. If you specify an empty string as the value, the tag is deleted
only if the tag's value is an empty string. The following example specifies an empty
string as the value for the tag to delete (notice the equal sign after Owner).
PROMPT> ec2-delete-tags snap-1a2b3c4d --tag Owner=Filtering the List of Resources by Tags
You can describe your resources and filter the results based on the tags.
For example, suppose that you've added the tags with the following keys to all your Amazon Elastic Block Store
(Amazon EBS) volumes: an Owner
key and a Purpose key. You have a series of teams (TeamA, TeamB, TeamC,
and so on), and each team owns a series of volumes. You can get tag descriptions and
filter the results by volume.
PROMPT> ec2-describe-tags --filter resource-type=volumeAlternatively, you can get volume descriptions and filter the results by tag. The filter name
you use is tag:. To
get a list of just the volumes belonging to either TeamA or TeamB that contain log
data, use ec2-describe-volumes with a filter based
on the tags of interest. You can use a wildcard to find the volumes that have a tag with
the keyPurpose key that have a value that contains Log.
PROMPT> ec2-describe-volumes --filter tag:Owner=TeamA --filter tag:Owner=TeamB --filter tag:Purpose=*Log*Using the API
Use the following API actions to add, update, list, and delete the tags for your resources. The documentation for each API action provides examples.
| Description | API Action |
|---|---|
|
Adds or overwrites one or more tags for the specified resource or resources. | |
|
Deletes the specified tags from the specified resource or resources. | |
|
Describes one or more tags for your resources. |
In the following sections, you learn how you can use the API to list tags, or list resources and filter the results based on tags.
Filtering a List of Tags by Resource
You can describe your tags and filter the results based on the resource type. For example,
suppose that you've added tags with the following keys to all your Amazon Elastic Block Store (Amazon EBS)
volumes: an Owner key and a Purpose key. You have a series
of teams (TeamA, TeamB, TeamC, and so on), and each team owns a series of volumes.
The following query gets a list of all tags and filters the results to include only
those assigned to a volume.
https://ec2.amazonaws.com/?Action=DescribeTags &Filter.1.Name=resource-type &Filter.1.Value=volume &AuthParams
The response includes 18 tags covering 9 volumes.
<DescribeTagsResponse xmlns="http://ec2.amazonaws.com/doc/2013-02-01/">
<requestId>7a62c49f-347e-4fc4-9331-6e8eEXAMPLE</requestId>
<tagSet>
<item>
<resourceId>vol-abcd1234</resourceId>
<resourceType>volume</resourceType>
<key>Owner</key>
<value>TeamA</value>
</item>
<item>
<resourceId>vol-abcd1234</resourceId>
<resourceType>volume</resourceType>
<key>Purpose</key>
<value>Project1</value>
</item>
<item>
<resourceId>vol-efba9876</resourceId>
<resourceType>volume</resourceType>
<key>Owner</key>
<value>TeamA</value>
</item>
<item>
<resourceId>vol-efba9876</resourceId>
<resourceType>volume</resourceType>
<key>Purpose</key>
<value>Project2</value>
</item>
<item>
<resourceId>vol-4562dabf</resourceId>
<resourceType>volume</resourceType>
<key>Owner</key>
<value>TeamA</value>
</item>
<item>
<resourceId>vol-4562dabf</resourceId>
<resourceType>volume</resourceType>
<key>Purpose</key>
<value>RawLogData</value>
</item>
<item>
<resourceId>vol-2a3d4b5f</resourceId>
<resourceType>volume</resourceType>
<key>Owner</key>
<value>TeamB</value>
</item>
<item>
<resourceId>vol-2a3d4b5f</resourceId>
<resourceType>volume</resourceType>
<key>Purpose</key>
<value>Project1</value>
</item>
<item>
<resourceId>vol-9f8g7d6c</resourceId>
<resourceType>volume</resourceType>
<key>Owner</key>
<value>TeamB</value>
</item>
<item>
<resourceId>vol-9f8g7d6c</resourceId>
<resourceType>volume</resourceType>
<key>Purpose</key>
<value>Project2</value>
</item>
<item>
<resourceId>vol-3b3a4c4d</resourceId>
<resourceType>volume</resourceType>
<key>Owner</key>
<value>TeamB</value>
</item>
<item>
<resourceId>vol-3b3a4c4d</resourceId>
<resourceType>volume</resourceType>
<key>Purpose</key>
<value>Logs</value>
</item>
<item>
<resourceId>vol-1234abcd</resourceId>
<resourceType>volume</resourceType>
<key>Owner</key>
<value>TeamC</value>
</item>
<item>
<resourceId>vol-1234abcd</resourceId>
<resourceType>volume</resourceType>
<key>Purpose</key>
<value>Project1</value>
</item>
<item>
<resourceId>vol-7f7g7d7a</resourceId>
<resourceType>volume</resourceType>
<key>Owner</key>
<value>TeamC</value>
</item>
<item>
<resourceId>vol-7f7g7d7a</resourceId>
<resourceType>volume</resourceType>
<key>Purpose</key>
<value>Project2</value>
</item>
<item>
<resourceId>vol-4a4b4c4d</resourceId>
<resourceType>volume</resourceType>
<key>Owner</key>
<value>TeamC</value>
</item>
<item>
<resourceId>vol-4a4b4c4d</resourceId>
<resourceType>volume</resourceType>
<key>Purpose</key>
<value>Logs</value>
</item>
</tagSet>
</DescribeTagsResponse>Filtering a List of Resources by Tag
You can describe all your resources of a particular resource type and filter the results
based on their tags. For example, suppose that you've added tags with the following
keys to all your Amazon EBS volumes: an Owner key and a
Purpose key. You have a series of teams (TeamA, TeamB, TeamC, and
so on), and each team owns a series of volumes. The following Query gets a list of
all volumes and filters the results to include only those volumes with specified
tags (volumes belonging to either TeamA or TeamB that contain log data.) You use a
wildcard to find the volumes that have a tag with the Purpose key that
have a value that contains Log.
https://ec2.amazonaws.com/?Action=DescribeVolumes &Filter.1.Name=tag:Owner &Filter.1.Value.1=TeamA &Filter.1.Value.2=TeamB &Filter.2.Name=tag:Purpose &Filter.2.Value.1=*Log* &AuthParams
Because of the filtering, the response includes only two of the volumes that were in the preceding list of tagged volumes. The volume's tags are included in the response.
<DescribeVolumesResponse xmlns="http://ec2.amazonaws.com/doc/2013-02-01/">
<requestId>7a62c49f-347e-4fc4-9331-6e8eEXAMPLE</requestId>
<volumeSet>
<item>
<volumeId>vol-4562dabf</volumeId>
<size>5</size>
<snapshotId/>
<availabilityZone>us-east-1b</availabilityZone>
<status>available</status>
<createTime>2010-02-22T22:50:43+0000</createTime>
<attachmentSet/>
<tagSet>
<item>
<key>Owner</key>
<value>TeamA</key>
</item>
<item>
<key>Purpose</key>
<value>RawLogData</key>
</item>
</tagSet>
</item>
<item>
<volumeId>vol-3b3a4c4d</volumeId>
<size>12</size>
<snapshotId/>
<availabilityZone>us-east-1b</availabilityZone>
<status>available</status>
<createTime>2010-05-01T13:09:27+0000</createTime>
<attachmentSet/>
<tagSet>
<item>
<key>Owner</key>
<value>TeamB</key>
</item>
<item>
<key>Purpose</key>
<value>Logs</key>
</item>
</tagSet>
</item>
</volumeSet>
</DescribeVolumesResponse>
