blog
13 January 2022
Introduction
Cloud tagging is an essential part of the process that enables Cloud / FinOps teams manage the relationships that cloud resources have to the underlying business need, ownership, cost and accountability. Therefore, it’s always best to define those best practices early on and limit change in tagging policy as much as possible.
Whether you’re in the planning stages or further down the line and have already begun to migrate workloads to the Cloud, here are Certero’s top-10 tips to help you refine best practices and avoid potential headaches in future.
1. Audit Your Tags Regularly
With the ease at which cloud resources can be deployed, environments can sprawl out of control – especially if you are struggling with poor visibility of your resources. As tags can be removed at any point it is best to audit your tags regularly rather than checking them once and moving on. Manually auditing each and every tag can be an overwhelming manual task and therefore we advise that you look to invest in a Cloud Management solution such as Certero for Cloud, which will allow you to create tagging policies and automate laborious and complex processes, such as continually scanning your estate to identify any non-conforming resources.
2. Stay Alert
With new cloud resources being regularly created, it is best to invest in a solution that can make you aware of non-conforming resources as quickly as possible to resolve any issues. If tags that inform the security team are missing for a prolonged period of time and go unnoticed for example, you could be opening the company up to a potential security breach. You should look to deploy a solution that will not only discover non-compliant resources but also proactively alert you. A good way to do this is through daily email notifications or intelligent dashboard views within your Cloud optimization solution.
3. Ensure Accountability
No organization is perfect and untagged, non-confirming resources are going to occasionally happen. When they do arise, it is important to alert the users who have created them and find out what happened. It could be a simple human error or it could be a new member of staff who isn’t aware of the companies cloud policies. If this is the case you can them educate them, and make them aware of the companies’ cloud policies and reasons as to why tagging is important.
4. Periodically Review Tags
No organization is perfect and untagged, non-confirming resources are going to occasionally happen. When they do arise, it is important to alert the users who have created them and find out what happened. It could be a simple human error or it could be a new member of staff who isn’t aware of the companies cloud policies. If this is the case you can them educate them, and make them aware of the companies’ cloud policies and reasons as to why tagging is important.
5. Terminate Non-Conforming Resources
Larger companies often chose to terminate non-conforming resources, which as you can imagine quickly adjusts user behavior. You should decide whether this approach is appropriate for your organization.
6. Education
It is important to keep up-to-date on the changes in cloud tags. Tagging rules and recommendations change over time. For example, Azure previously only allowed a maximum of 15 tags per cloud resource. Ensure that your team have the time and resources to be able to keep up with these landscape changes and best practices.
7. Ensure your Policies Work for People and Platforms
Your tagging policies must work for each and every stakeholder to ensure buy-in, so be aware of global differences, multi-cloud limitations etc. This can be done by ensuring all key stakeholders are involved in the cloud policy creation and ensure you are aware of the limitations of each of the cloud platforms.
Here are examples of the differences in policy of three major Cloud providers at the time of writing (August 2021). We would recommend ensuring that your understanding of these dynamics is kept up to date.
|
AWS |
Azure |
Google (GCP) |
Tags per resource |
50 |
50 |
64 |
Length of key |
127 |
512 |
63 |
Length of value |
256 |
256 |
63 |
Case sensitive |
Yes (keys and values) |
No |
Lowercase only |
Allowed characters |
Letters, spaces, numbers, and + – = . _ : / @ |
Alphanumeric |
Lowercase letters, numeric characters, underscores, and dashes. International characters are allowed. |
8. Enforce Standardization
It is important to use a standard naming convention whether that’s for dates, times, countries, capitalization or usernames. Your standardization should be outlined within your cloud policy. The best way to monitor whether there is any non-conformance is through a cloud management solution which can monitor cloud governance and highlight discrepancies automatically.
9. Start Early
Tags are not retroactive, you can only report on a tag from the date which the tag was added so the sooner you start to add these in, the better. So, if you are currently putting off your cloud tagging, it may be time to start planning. We suggest that you start with a small number of core tags and get these implemented throughout your estate and then go back and add more later.
10. Future-Proof Your Tags
You cloud tagging strategy should be future proof, if today you are only using Azure but you have a plan to use Google Cloud in the future then you need to consider this when building your tags. Each platform has its own tagging standards and limitations for example tags within google cloud must be in lower case so be aware of your future platforms when creating your tags or you could end up with a fragmented tagging approach.
Related Articles
7 Challenges of Managing the Cloud
Managing cloud resources as business assets is still relatively new for many. That is – managing these resources not just in terms of provisioning or migrating workloads to them, but controlling cloud costs to the business with meaning. These costs need to be understood, justified and controlled with unprecedented accountability across business functions, representing the business need for which these new premium resources are consumed.
What To Consider When Moving to the Cloud
Managing cloud resources as business assets is still relatively new for many. That is – managing these resources not just in terms of provisioning or migrating workloads to them, but controlling cloud costs to the business with meaning. These costs need to be understood, justified and controlled with unprecedented accountability across business functions, representing the business need for which these new premium resources are consumed.
Public, Private & Hybrid Cloud Explained
Managing cloud resources as business assets is still relatively new for many. That is – managing these resources not just in terms of provisioning or migrating workloads to them, but controlling cloud costs to the business with meaning. These costs need to be understood, justified and controlled with unprecedented accountability across business functions, representing the business need for which these new premium resources are consumed.
How Vitado can help
Vitado offer helpful cloud management services and a unified technology platform to provide the full visibility and proactive alerting to gaps in processes and standards as outlined above. To find out more about the Vitado solution, to arrange a demo or to speak to your local Vitado team about any of our services, simply contact us today.
Find out more:
Vitado Guide to FinOps Blog#2: How to Gain Sponsorship and Implement a New Structure
Complete Guide to Cloud Tagging– Download the e-book
Contact Vitado – Vitado has a global team of experts in managing IT costs, so if you want to begin solving your technology challenges, our unique technology and services are here to help.
Stay Up to Date With The Latest News & Updates
Get Control
Its time to take control of your Cloud estate. Vitado can help you gain visibility, ensure governance, control and manage costs.
Follow Us
Want to keep up to date with the latest in cloud? Check out our social media profiles