The why, what and how of tagging resources in your AWS serverless application

AWSDevOpsDaily Email

If you’re building serverless applications in a large organisation where multiple teams are involved in their ongoing development and support, you may find yourself needing to answer questions such as:

  • Who owns this resource? What application does it belong to?
  • Who should we call when the application is broken?
  • Who should pay for this resource? Which applications are driving our costs?
  • Do access controls secure this resource appropriately?
  • How much risk does our Cloud deployment have? Where is that risk concentrated?
  • Which security improvements reduce our risk the most?

If so, then you should considering implementing resource tagging. Tagging involves applying one or more key-value tags to the resources deployed within your AWS accounts.

Stephen Kuenzli from k9 Security has just released this excellent guide to tagging cloud deployments. He describes the organisational challenges that drive the need to categorise cloud resources, as well as laying out a list of recommended tags to apply in order to answer all of the above questions.

So if Stephen’s guide covers the why and what of tagging your cloud resources, Jeremy Daly also has a recent article on how you can apply tags to your serverless resources, specifically Lambda functions. Both the Serverless Framework and SAM generally make this pretty easy to do, but there are certain gotchas to be aware of, as certain resource types make it more difficult to apply tags.

Here are the links to the 2 guides again:

— Paul

Originally published .

Other articles you might enjoy:

Free Email Course

How to transition your team to a serverless-first mindset

In this 5-day email course, you’ll learn:

  • Lesson 1: Why serverless is inevitable
  • Lesson 2: How to identify a candidate project for your first serverless application
  • Lesson 3: How to compose the building blocks that AWS provides
  • Lesson 4: Common mistakes to avoid when building your first serverless application
  • Lesson 5: How to break ground on your first serverless project

    Serverless Testing Workshop

    Testing is one of the hardest challenges for developers building with serverless on AWS. Event-driven async flows and inadequate local environments make it difficult to write effective tests while maintaining a fast feedback loop.

    In this 4-week online workshop, you’ll learn:

    • Patterns for writing tests for commonly used AWS services
    • What you should and what you shouldn’t write tests for
    • How and when to deploy unit, integration and end-to-end tests
    • How to manage test configuration and maximise test reusability throughout your pipeline
    • Workflow optimisation techniques

    Plus with the weekly group sessions, you get personal feedback on your testing questions.

    The next workshop starts on November 2, 2020. Sign up by October 28, 2020 to get a 25% discount.

    Learn more...