Tagging and Naming Strategy for FinOps.
One of the most iconic scenes in Hollywood history is from The Crucible [IMDB]. John Proctor (Daniel Day-Lewis) is asked to sign a false confession admitting to his use of witchcraft. He agrees but does not want to sign his name on the confession.
Tell them I confessed myself, say Proctor broke his knees and wept like a woman, say what you will, but my name cannot…
When forced to explain why by the Judge administering his punishment, Proctor screams,
Because it is my name! Because I cannot have another in my life. Because I am not worth the dust on the feet of them that hang! How may I live without my name? I have given you my soul, leave me my name!
Shivers run down the spine when witnessing this scene and the acting.
FinOps and 'The Crucible'? What's the connection, again?
Nothing in particular but it felt right to evoke the strong sentiments witnessed during this scene to emphasize the importance of having some identification label (aka tags) applied to our cloud resources, especially if we are trying to be successful with FinOps.
Why are names, tags and naming conventions important in FinOps?
Cambridge Dictionary defines convention as
a usual or accepted way of behaving, especially in social situations, often following an old way of thinking or a custom in one particular society.
Naming conventions are, therefore, text-based patterns used for annotating resources. A naming convention ensures consistency and standardization of tags applied across cloud resources, making it easier to inventory and manage each resource’s life cycle.
If memory serves one right, the first time tagging was being used extensively (and effectively) was with FaceBook. Tags add metadata to cloud resources and this metadata becomes extremely useful when determining who spent what and when.
Core benefits of tagging include:
- Cost allocation to the right team. If the tag above had 'rule' instead of UI, arguably the EC2 instance would have belonged to the middleware team.
- Inventorying of all resources being consumed across an organization and per team.
- Adding details to a resource's metadata that would not be possible to add otherwise.
- Marking specific resources subject to special company or security policies, such as resources that need to be compliant with GDPR standards.
Tagging Strategy.
Because it is easy to implement, tagging can get out of hand. Too many tags add more noise than convenience and therefore it's important to start with creating a 'Fit-For-Purpose' tagging strategy and as FinOps becomes a known area of concern, iteratively (and only if necessary) enhance the tags composition.
Mandatory Tags
| Tag Type | Possible Values |
| Environment | Dev or UAT or Prod etc. |
| Resource | Short forms for resources e.g. EC2, EKS, VPC etc |
| System | Acronyms or short forms of product or service |
| Asset Id | Should match name of asset in a CMDB. |
| Business Priority | Indicator of importance to the business. |
Nice-to-have Tags
| Tag Type | Possible Values |
| Owner of resource | Name of the person who will/is using the resource. |
| Sub-type of resource | EC2 xx-large, EKS_Control, Egress-Only etc. |
I write to remember and if in the process, I can help someone learn about Containers, Orchestration (Docker Compose, Kubernetes), GitOps, DevSecOps, VR/AR, Architecture, and Data Management, that is just icing on the cake.