Tagging AWS resources
Tags
You can assign metadata to your AWS resources in the form of tags. Each tag is a label consisting of a user-defined key and value. Tags can help you manage, identify, organize, search for, and filter resources. You can create tags to categorize resources by purpose, owner, environment, or other criteria.
Best practices
As you create a tagging strategy for AWS resources, follow best practices:
-
Do not store personally identifiable information (PII) or other confidential or sensitive information in tags.
-
Use a standardized, case-sensitive format for tags, and apply it consistently across all resource types.
-
Consider tag guidelines that support multiple purposes, like managing resource access control, cost tracking, automation, and organization.
-
Use automated tools to help manage resource tags. AWS Resource Groups and the Resource Groups Tagging API enable programmatic control of tags, making it easier to automatically manage, search, and filter tags and resources.
-
Use too many tags rather than too few tags.
-
Remember that it is easy to change tags to accommodate changing business requirements, but consider the consequences of future changes. For example, changing access control tags means you must also update the policies that reference those tags and control access to your resources.
Tagging categories
Companies that are most effective in their use of tags typically create business-relevant tag groupings to organize their resources along technical, business, and security dimensions. Companies that use automated processes to manage their infrastructure also include additional, automation-specific tags.
Technical Tags | Tags for Automation | Business Tags | Security Tags |
---|---|---|---|
|
|
|
|