A solid tagging policy is instrumental in organizing your environment, driving accountability, and optimizing costs in your public cloud and private cloud environments. Implementing this strategy can be a pain, but I’m here to help by showing you the benefits of tagging and where to start. Continue reading to find out more.
Benefits of Tagging
Here you’ll find the benefits of having tags in your cloud environment.
- Ability to quickly identify all the resources associated with a particular application, person, project, or any other tag you add to it.
Using tagging allows you to run CLI commands, access rest APIs, or use the portals to search for specific resources based on their tag values.
- Ability to quickly identify costs to tags
Before implementation, your cost reports may look like this. Looking at this chart, you have no idea what is driving your costs.
After implementation, your reports will start looking like this. You’ll see your backend is the biggest portion of your cost, and then you can look in deeper and see how you can bring down these costs.
If you ever plan to pull the cost data into PowerBI, this will also be useful as you’ll be able to create detailed dashboards with multi-dimensions and tag groupings that’ll give you even more information. If you’re interested in setting up the AWS Cost and Usage report in PowerBI, read my post here Using the AWS Cost and Usage Report in PowerBI to Analyze Costs: Part 1.
- You’ll be able to drive accountability in the organization.
When you don’t know what the resource is being used for, you don’t know who to contact. Once you know what the resource is being used for, you can start driving accountability by associating the resource to an owner and providing cost optimization recommendations.
Where to start?
1. Define mandatory tags
You’ll need to define what tags you want. Think about how you’ll want to categorize resources, what information you’ll need to improve cost visibility, and other data that your teams will find useful. I recommend you consult your various teams before implementing this, as the first tagging exercise may be necessary but will be time-consuming. The following tags are a good starting point to help you achieve your goals.
|Application||This tag identifies resources that are associated with a particular application.|
|Environment||This helps distinguish resources by the environment they support, such as Production, Development, Quality Assurance, etc.|
|Project||This helps identify which project drove the resource to be created.|
|Owner||Use this tag to identify who is responsible for this resource. You’ll usually use this for the technical owner of the resource, and it is recommended to have a separate tag for a business owner if needed.|
|Role||When you need to identify which role or tier the resource is used for.|
|Cost Center||This tag is optional and is only recommended to be used when you’re charging back your cloud costs. Having this in place will allow you to quickly generate a consumption report with the exact dollar amount to charge back.|
|Business Unit||This tag is beneficial in large organizations with multiple business units having applications in the cloud. For example, you might a financial application hosted in the cloud that’ll be marked as finance for the business unit, or you have a consumer application that will be marked for the consumer unit.|
2. Implement billing tags
Now that you’ve defined your tags, the next steps are to start putting this in action.
For Azure, I recommend tagging at the resource group level and then adding a policy for the resources in the resource group to inherit the resource group tags. This will substantially reduce the amount of time and potential errors that may occur with this manual exercise. If you would like to do this via PowerShell, CLI, GUI, or Resource Management API, the Microsoft documents can help Use tags to organize your Azure resources and management hierarchy.
For AWS, you can bulk update tags via the AWS portal’s tag editor function. You can find a good blog post from AWS here that explains just that Resource Groups and Tagging for AWS.
For Private Cloud, you’ll need to figure out if your private cloud platforms support tagging. If using VMWare, you’ll be able to use the vSphere Tags & Attributes or vRealize Operations Manager tagging functionality to do this. If using OpenStack, you can follow the OpenStack Resource tags page to accomplish this. OpenStack supports both CLI and REST API.
3. Enforce Quality of Tagging
Without enforcement of these rules, you’ll come across poor tagging quality and lots of manual effort to generate accurate reports. The best ways to enforce tagging quality is through Policies, hard enforcement, and use Infrastructure as Code through Cloud Formation, Azure Resource Manager templates, or other third-party solutions such as Terraform, Ansible, and Chef.