Ensure that user-defined tags (metadata) are being used for labeling, collecting and organizing resources available within your AWS environment. Cloud Conformity recommends the following tagging schema to help you identify and manage your resources:
- Name: used to identify individual resources.
- Role: used to describe the function of a specific resource (e.g. web tier, database tier).
- Environment: used to distinguish between different stages (e.g. development, production).
- Owner: used to identify the person responsible for the resource.
This rule can help you with the following compliance standards:
- NIST 800-53 (Rev. 4)
This rule can help you work with the AWS Well-Architected Framework
This rule resolution is part of the Cloud Conformity Security & Compliance tool for AWS
As your AWS environment is becoming more and more complex, it requires better management strategies. Using a tagging schema will help you to gain more visibility over your account resources and organize them more efficiently. You can use tags for different scenarios such as tracking resources owners and their stack level, identify which resources are incurring the highest AWS costs and filter available resources based on particular deployment stage.
Note: this guide will use EC2 instances as resources for tagging in order to demonstrate how to implement a tagging schema like the one listed above. However, you can use the same steps to search and/or assign tags for other AWS resources types as well such as ELBs, Auto-Scaling Groups, CloudFormation stacks, etc.
To determine if your EC2 instances are using tags (metadata), perform the following (to simplify the process we will use AWS Tag Editor):
Remediation / Resolution
Case A: to assign tags to your instances without using AWS Tag Editor, perform the following:
Case B: to assign tags to your EC2 instances using AWS Tag Editor, perform the following:
Unlock the Remediation Steps
Gain free unlimited access
to our full Knowledge Base
Over 750 rules & best practices
Get started for FREE
You are auditing:
Risk level: Low