This topic introduces the best practices for tag design in ECS. Tags can be used to manage, categorize, and search for resources.
Scenarios
Tags can be used to categorize and manage resources by group. The resources include personnel, finance, and cloud product resources. Tags are applicable in the following common scenarios:
- Management of application publishing procedures
- Resource tracking and tag-based group search and resource management
- Tag- and group-based automated O&M using Alibaba Cloud services such as Operation Orchestration Service, Resource Orchestration Service, Auto Scaling, and Cloud Assistant
- Tag-based cost and cost allocation management
- Resource- or role-based access control
Principles
You must implement the best tagging practices based on the following principles:
Mutual exclusivity
Mutual exclusivity is implemented to ensure that multiple tags cannot be assigned
to the same resource attribute. For example, if you have used tag key key="owner" to represent the owner attribute, you cannot use other tag keys such as own, belonger, or owner to represent this attribute again.
Collective exhaustion
Collective exhaustion means that when planning resources, you must plan tags at the same time and prioritize the tag keys. All resources must be bound with the planned tag keys and their corresponding key values.
- Each tag key-value pair must be named in a standard format.
- Collective exhaustion is a prerequisite for future tag-based access control, cost tracking, automated O&M, and group search.
Limited values
Limited values are implemented to remove excess tag key values and retain only core tag key values.
This principle simplifies procedures such as resource management, access control, automated O&M, and cost allocation. You can also use tags and automation tools under this principle to manage resources. ECS allows you to control tags through API operations in SDKs, to make it easy to automatically manage, retrieve, and filter resources.
Considering ramifications of future changes
During the planning stage, you must consider the impact of adding or deleting tag key values to have the flexibility to modify tags.
When you modify tags, the tag-based access control, automated O&M, and related billing reports may be changed. For corporate or personal business, the best practice is to create business-related tag groups to manage resources in technical, business, and security dimensions. When using automated O&M tools to manage resources and services, you can add automation-specific tags to aid in the automation efforts.
Simplified design
Simplified design is implemented to simplify the use of tag keys by creating tag keys with fixed dimensions during the tag planning stage. This principle can reduce operation errors caused by too many tag keys.
- You can create business-related tag groups to manage resources in technical, business, and security dimensions.
- When using automated O&M tools to manage resources and services, you can add automation-specific tags.
Example of designing tag keys
The following table lists the tag naming examples with common dimensions. We recommend that you use lowercase letters to name tags.
| Dimension | Tag key | Tag value |
|---|---|---|
| Organization |
|
Organization-specific names |
| Business |
|
Business-specific names |
| Role |
|
|
| Purpose |
|
Specific purposes |
| Project |
|
Project-related values |
| Business departments (to implement cost allocation and business tracking) |
|
Department-related values |
| Owner from the financial dimension (to identify the resource owner) | owner | Names or emails |
| Customers from the financial dimension (to identify the clients that a particular group of resources serves) | Custom values or true values | Customer names |
| Projects from the financial dimension (to determine the resource-supported projects) | project | Project names |
| Orders from the financial dimension | order | Order category IDs |