Establishing Governance with Tagging – Ensuring Cost Optimization – SAP-C02 Study Guide

Establishing Governance with Tagging

Organizing resources in a meaningful way helps IT teams understand cost spending and overall usage patterns of even the most complex workloads, and this organization of resources can be achieved by leveraging a simple concept called tags. This section covers tagging in depth, as well as discussing some essential best practices and strategies to keep in mind when it comes to tagging resources in your own AWS cloud.

So, what are tags? Tags are key-value pairs of metadata that help identify resources in your AWS account. Each tag’s key is a unique identifier and each key can have only one value associated with it. You can create tags and assign them to almost all AWS resources that you create throughout your AWS accounts, including IAM users, roles, EC2 instances, RDS databases, S3 buckets, and so on and so forth. The most important tagging feature that AWS provides specifically for cost management is AWS cost allocation tags.

A cost allocation tag is an AWS feature that helps monitor your resource usage and costs granularly. Once the tags are activated in the AWS Billing console, you can use them to categorize, organize, and track resources as per their usage and expenditure. There are two types of cost allocation tags:

  • AWS-generated: As the name suggests, these tags are created and propagated by AWS for supported resources for cost-tracking purposes. Resources are tagged with the createdBy key automatically, and its corresponding value is one of the following attributes: account-ID, access-key, user-name, or role.

The following are some examples of this:

key = aws:createdBy

value = 1234567890:dummyUser

Or

key = aws:createdBy

value = AKIAUITOFQDN5EXAMPLE:dummyIamRole

  • User-defined: These tags are created, applied, and managed by individual users, or in most cases, by a centralized FinOps team. These tags can be used to categorize or organize resources as per an organization’s needs, such as the following:

key = EnvironmentName

value = Production

Or

key = Department

value = DEV01

Before you learn further about cost allocation tags, quickly review the few simple steps required to enable these tags using the AWS Management Console.

Activating Cost Allocation Tags

In order to activate the AWS-generated cost allocation tags, you need to do the following:

  1. Sign in to the AWS Management Console and launch the Billing console by visiting the following link: https://packt.link/5jZdj.
  2. From the navigation pane on the left, select the Cost allocation tags option.
  3. From the AWS-generated cost allocation tags tab, filter and select the aws:createdBy tag, as shown in the following screenshot.

Figure 4.1: AWS-generated cost allocation tag enablement

  • Select the Activate option to complete the process. Note that it will take approximately 24 hours for the tag to activate.

The same process can be followed to enable and activate a user-defined cost allocation tag as well:

  1. Simply log in to the AWS Billing console as before and select the Cost allocation tags option from the navigation pane on the left.
  2. Next, select the appropriate tag from the User-defined cost allocation tags tab and, once again, click on the Activate option to enable the tag in the cost allocation/billing reports.

Note

Once the tags are activated, they are propagated only to newly created AWS resources that were spawned after the tags were enabled.