Tagging Cloud Resources with Komiser

Why Tagging

As cloud infrastructure becomes more complex, teams often have difficulty managing the large number of resources that are constantly changing, expanding, and evolving. Resources can be shared between multiple teams and created in different regions and cloud providers, making it difficult for teams to keep track of their resources.

Effective tagging can help with this by providing visibility into the specific resources being used, who is using them, and the purpose for which they were created. Tagging also provides an effective means of allocating expenses to the correct cost centers.

In this post, we will showcase how to develop an efficient tagging strategy using Komiser, an open-source cloud-agnostic resource manager. However, before discussing the management of tags, we need to first list all the resources of our cloud infrastructure. Fortunately, with the help of Komiser, you can easily create a list of your cloud assets in just a matter of seconds.

Learn more about the importance of tagging.

In the upcoming section, we will focus on using Komiser with AWS, but the workflow can be applied to all the other cloud providers that Komiser supports.

Resources Discovery

With Komiser, you can connect multiple cloud accounts, and build your cloud inventory in seconds. In the example below, we’ve connected an AWS production and sandbox accounts:

Connecting multiple AWS accounts with config.toml

Once the cloud accounts have been integrated with Komiser and the correct set of permissions has been given, Komiser will begin syncing your AWS cloud accounts cost data and resource metadata as shown in the logs below:

Komiser fetches resources across all regions

From there, you can access the Komiser dashboard by pointing your favorite browser to port 3000. Komiser comes with a resource inventory feature where you can have an active resource inventory of all your cloud resources along with relevant information such as source account, region, cost, and the tags that are applied to it.

Below is an example of what the inventory page looks like after connecting the AWS accounts:

Inventory with active resources

With the resources list automatically generated, we can now begin managing tags from a single centralized dashboard.

Use cases

The Inventory feature enables users to filter their resources using built-in fields and metadata, such as tags, resource names, cloud providers, services, etc. By combining these filters with tags, we highlight through common use cases, how powerful and effective they can be.

1 - Identifying Untagged Resources

Infrastructure as Code (IaC) tools like Terraform and CloudFormation have made it easier to create new resources in the cloud, but this can also lead to forgetting to enforce tagging policies at creation time. Keeping track of resources being created and used in an AWS account can be difficult, but with the right tools, it doesn't have to be.

With Komiser, you can search for non-tagged AWS resources by using the “All tags” field combined with the "which are empty" operator.

You should be presented with a list of AWS resources in all regions that need to be tagged as seen below.

Identifying untagged resources

As seen in the results above, there are 535 resources across our multi-AWS accounts infrastructure, with a total cost of $475. To identify resources that are driving costs and are not tagged, we can filter the results by selecting the "Cost" field from the "Filter by" dropdown and using the "is greater than" operator. In the value field, type 0 to list all resources that have a cost greater than 0$.

Identifying resources driving AWS costs

After filtering the results, we found 69 resources across 3 regions that needed to be tagged. To further evaluate these resources, we can also check if they are running in a sandbox environment, as they may not be critical for production usage and can be deleted or stopped during non-business hours.

Filtering resources by environment

With resources being accurately identified by tags, you can gain a comprehensive understanding of your cloud costs, pinpoint resources that are either redundant or aren’t being used, and identify potential opportunities to save money.

2 - Grouping Resources by Teams

By using filters and tags, you can group and organize your cloud resources based on projects, environments, departments, or teams, which in turn can increase the visibility and transparency of cloud usage and help in allocating expenses to the appropriate cost centers.

In the following example, you can see resources created at any given time and the people who are using them (e.g: Author=mlabouardy), and make them accountable for cost optimization (Enabling and maintaining a cost-conscious culture. At every level)

Filtering resources by the owner

Another option is to list cloud resources created by each team. For example, resources created by the frontend developers can be listed by filtering resources where the "Team" tag equals "Frontend".

Filtering resources by team or project

Optionally, you could create custom views for your teams with a filtered list of their cloud resources. For example, you can create a view that holds resources associated with your frontend team and another view for the backend team.

Grouping resources by teams

This provides a convenient way to have an instant monitoring dashboard for your teams created directly from Komiser and transfer the incentive of cost reduction down to the individual team member level so that your teams can feel incentivized to make a difference.

3 - Bulk Tagging Resources

You can use bulk actions to add tags to multiple resources at a time, or quickly navigate to the resources in the appropriate service console to take actions (e.g. deleting under-utilized resources).

In the example below, we’ve selected resources from different cloud accounts (Sandbox and Production) and regions.

Bulk tags management

By clicking on the "Bulk manage tags" action, a side panel will appear, where you can add multiple key-value pairs. Once finished, the tags will be added to the selected resources, allowing you to quickly identify and filter resources that need extra monitoring.

Adding tags to multiple resources

Bulk tags can be used to monitor resources that require extra security measures. Many organizations have cloud workflows that involve confidential and sensitive information that needs to be constantly and strictly protected. By tagging these sensitive resources, it provides the necessary visibility to keep track of important deployments and identify dormant and unknown resources.

By implementing a tagging strategy that incorporates open-source tools like Komiser, organizations can significantly enhance productivity (avoid context switch between cloud providers’ consoles), optimize their cloud costs, and better manage their deployed cloud resources.

Regardless if you are a Developer, DevOps, or Cloud engineer. Dealing with the cloud can be tough at times, especially on your own. If you are using Tailwarden or Komiser and want to share your thoughts doubts and insights with other cloud practitioners feel free to join our Tailwarden discord server. Where you will find tips, community calls, and much more.