Ensure that user-defined tags (metadata) are being used for labeling, collecting and organizing resources available within your AWS environment. Cloud Conformity recommends the following tagging schema to help you identify and manage your resources:
This rule can help you with the following compliance standards:
This rule can help you work with the AWS Well-Architected Framework
This rule resolution is part of the Cloud Conformity Security & Compliance tool for AWS
As your AWS environment is becoming more and more complex, it requires better management strategies. Using a tagging schema will help you to gain more visibility over your account resources and organize them more efficiently. You can use tags for different scenarios such as tracking resources owners and their stack level, identify which resources are incurring the highest AWS costs and filter available resources based on particular deployment stage.
Note: this guide will use EC2 instances as resources for tagging in order to demonstrate how to implement a tagging schema like the one listed above. However, you can use the same steps to search and/or assign tags for other AWS resources types as well such as ELBs, Auto-Scaling Groups, CloudFormation stacks, etc.
To determine if your EC2 instances are using tags (metadata), perform the following (to simplify the process we will use AWS Tag Editor):
Case A: to assign tags to your instances without using AWS Tag Editor, perform the following:
Case B: to assign tags to your EC2 instances using AWS Tag Editor, perform the following: