Resource Tags - Green-Biome-Institute/AWS GitHub Wiki
AWS Keys
Before we go further, I want to make a note for any administrators reading.. this is really important! Good tagging of resources is going to give you the best oversight over what your students are doing and how they are allocating resources. It is very easy to do, but if students do not tag their resources, it will make the process of understanding your costs much more difficult.
AWS resources all have the ability to be "tagged." Tagging is a type of resource metadata, which just means it is information that describes other information, in this case, it describes the resource you are giving information about. For example, we will create metadata that describes what our EC2 instances are doing, who made them, how much they cost while running, etc.
Why is this useful? There are two main reasons.
First, tagging on our resources allows us to monitor those resources' usage. This is incredibly important for managing expenses on AWS, because any resource activated and running for longer than it has to be means extra money being paid (which inherently that means less money for you to do cool things with!). Not only does it allow for administrators to pinpoint where costs are accruing, it also allows them to set up budgets and possibly create backstops for resources (meaning if they hit some amount of money, they are terminated).
Second, by personally creating these tags yourself every time you start a new resource, it will (hopefully) remind you of what resource(s) you are creating, the purpose for creating it, and how much it is estimated to cost the university/GBI.
While you should tag any resource you end up using, the main ones for us will be: EC2 instances (and their attached EBS volume storage) and S3 buckets (or Glacier if we go that route).
The general rule of thumb for the best practices when tagging are:
- Don't store any personal or sensitive information in the metadata.
- Use the same notation each time (caps sensitive).
- Double check you have used the correct tag information.
Now, to the actual process of tagging information.
Tags consist of two elements:
- Tag key. The tag key is the same across all users, examples are "userid", "project", "cost", or "resourcesize". As you can tell, these are more generic, i.e. they label a group of metadata, within which there is more specific information.
- Tag value. This is that "specific information" above. Tag values will describe the given tag key for that resources exact purpose or identity. For example, for the tag key "userid" above, maybe we have 3 students with the respective User IDs: 001, 002, and 003. When the first student creates a new EC2 instance, they would create a new tag with the tag key "userid", then add its tag value "001".
This example will build metadata that says this EC2 instance being built has the a tag set [userid : 001], which is saved behind the scenes to the EC2 instance. Now administrators will be able to identify who built the EC2 instance as well as how much it has cost / is projected to cost.
During the creation of any resource, part of the procedure is the creation of tags. To see more about tagging a specific resource, go to that resource's github page here on the AWS wiki. We are still deciding exactly which tags students will create.