Best Practices for Tagging AWS Resources - Best Practices for Tagging AWS Resources
Are you Well-Architected? Introduction

Best Practices for Tagging AWS Resources

Publication date: March 30, 2023 (Document revisions)

Amazon Web Services (AWS) allows you to assign metadata to many of your AWS resources in the form of tags. Each tag is a simple label consisting of a key and an optional value to store information about the resource or data retained on that resource. This whitepaper focuses on tagging use cases, strategies, techniques, and tools that can help you to categorize resources by purpose, team, environment, or other criteria relevant to your business. Implementing a consistent tagging strategy can make it easier to filter and search for resources, monitor cost and usage, and manage your AWS environment.

This paper builds on the practices and guidance provided in the Organizing Your AWS Environment Using Multiple Accounts whitepaper. It is recommended that you read that whitepaper before this one. AWS recommends that you establish your cloud foundation in a holistic way. For additional information, refer to Establishing your Cloud Foundation on AWS.

Are you Well-Architected?

The AWS Well-Architected Framework helps you understand the pros and cons of the decisions you make when building systems in the cloud. The six pillars of the Framework allow you to learn architectural best practices for designing and operating reliable, secure, efficient, cost-effective, and sustainable systems. Using the AWS Well-Architected Tool, available at no charge in the AWS Management Console, you can review your workloads against these best practices by answering a set of questions for each pillar.

For more expert guidance and best practices for your cloud architecture—reference architecture deployments, diagrams, and whitepapers—refer to the AWS Architecture Center.

Introduction

AWS makes it easy to deploy your workloads in AWS by creating resources, such as Amazon EC2 instances, Amazon EBS volumes, security groups, and AWS Lambda functions. You can also scale and grow the fleet of AWS resources that hosts your applications, stores your data, and expands your AWS infrastructure over time. As your AWS usage grows to many resource types spanning multiple applications, you will need a mechanism to track which resources are assigned to which application. Use this mechanism to support your operational activities, such as cost monitoring, incident management, patching, backup, and access control.

In on-premises environments, this knowledge is often captured in knowledge management systems, document management systems, and on internal wiki pages. With a configuration management database (CMDB), you can store and manage the relevant detailed metadata using standard change control processes. This approach provides governance, but requires additional effort to develop and maintain. You can take a structured approach to the naming of resources, but a resource name can only hold a limited amount of information.

Picture showing the decomposition of the name of a resource into its parts.

Structured approach to resource naming

For example, EC2 instances have a predefined tag called Name that provides similar functionality and allows you to name workloads as they are moved to AWS.

In 2010, AWS launched resource tags to provide a flexible and scalable mechanism for attaching metadata to your resources. This whitepaper guides you through the process of developing and implementing a robust tagging strategy across your AWS environment. This guidance will help you ensure tagging consistency and coverage that supports your decision-making and operational activities