Resource Tagging Strategy and How to Streamline the FinOps Process

Resource Tagging Strategy and How to Streamline the FinOps Process

This is part of Solutions Review’s Premium Content Series, a collection of contributed columns written by industry experts in maturing software categories. In this submission, CoreStack Field CTO Venkatesh Perumal offers guidance on developing a resource tagging strategy, along with ways to streamline FinOps.

SR Premium ContentAs enterprises embrace the ‘digital first’ strategy, clearly, cloud technology is a forerunner and here to stay. In this article, we will be exploring Tagging as one of the approaches that enterprises can implement to streamline a FinOps strategy.

According to Gartner Research, 40 percent of all enterprise workloads will be deployed in cloud infrastructure and platform services (CIPS) by 2023, up from only 20 percent in 2020. Enterprises embrace the cloud to reduce IT costs and optimize IT investments. However, a complete contrast to the expectations, the IT spend could rapidly spiral out of control in the early stages of cloud adoption.

The reason is the lack of an adaptive governance strategy that includes cloud cost management or FinOps. The key enablers in creating a successful FinOps strategy is accurate visibility into cloud resources, budget controls, and charge-back mechanism through automation.

An efficient approach to enable visibility into resources and cost monitoring through automation is implementing a consistent and effective ‘Resource Tagging’ strategy.

So, what are Tags?

Cloud tags are metadata labels that are a combination of user-defined keys and values.

Applying tags to cloud resources helps enterprises easily manage, identify, organize, search and filter through information by group or value. Tags can help categorize resources by purpose, owner, environment, or other criteria, which ultimately helps with visibility, accountability, allocation, cost reporting, compliance, and more.

Tagging cloud resources is a keystone to your cloud governance initiatives. It is important to organize cloud assets according to enterprise needs – organization structure, financial accounting practices, and application needs. For example, the resources can be tagged by Environment, Department, Application Name, Cost Center, etc.

How Tagging Impacts Cloud

Tagging helps in numerous ways in following consistent and standard practices pertaining to resource deployment, management, and reporting. An effective cloud cost governance relies on good tag hygiene that would support critical governance initiatives for cost reporting, cost optimization, charge-back security, and compliance. A disciplined and well-designed tag hygiene will help in numerous ways, such as:

  • Easily discover every cloud resource on-demand
  • Establish ownership of the resource for an effective charge-back mechanism both for maintenance and billing
  • Understand which environment the cloud resource belongs to – production, development, staging, or QA. You can then apply policies based on these tags. For example, turn off all development resources on a weekend
  • Facilitate financial accounting process with different billing codes (for different kinds of cloud spend) mapped to the tags

Why Your Multi-Cloud Environment Needs a Tagging Strategy

Enterprises are adopting a multi-cloud strategy for various reasons, such as: picking the best-of-breed cloud services, mitigating risks, and avoiding vendor lock-in. With a well-defined multi-cloud strategy, enterprises can take advantage of pricing competition between cloud providers to drive cost efficiencies. A good multi-cloud strategy can also help you find the right-sized cloud service for your needs.

However, multi-cloud provides opportunities as well as challenges for enterprise customers in terms of cost. A high availability architecture across cloud providers will incur high bandwidth costs, negating some of the cost advantages of multi-cloud.

Another factor that has been a challenge for enterprise IT is cloud sprawl. With cloud consumption spanning multiple services, the problem is magnified in multi-cloud. As cloud services sprawl, it becomes critical to shut down unused services to ensure cost efficiencies.

So, here are the reasons why do you need a ‘Tagging’ strategy in multi-cloud:

Gain Complete Cost Visibility

As enterprises navigate this multi-cloud journey, lack of visibility is emerging as a big challenge. This is severely impacting their ability to innovate while staying secure, compliant, and cost-effective. With multiple resources deployed in different regions, zones, etc., in a multi-cloud setting, the need to organize and have standardized resource groups is imminent. One needs to have a visibility of the group of resources allocated to a particular environment, application, or team. Lack of or sub-optimal visibility results in cost leakages that could go undetected, resulting in significant losses. IT needs complete visibility and a better alerting mechanism to contain cloud service sprawl and cost efficiencies. Implementing a consistent ‘Tagging’ mechanism enables enterprises to gain visibility into the cloud spend and thus address arrest sprawling as it occurs.

Enable Efficient Cost Monitoring

In a multi-cloud scenario, each cloud provider has its own monitoring tools. Even though they are comprehensive enough to support various services offered by the cloud providers, it doesn’t work across cloud providers. Similarly, first-generation cloud management tools offer limited features to handle multi-service and multi-cloud landscape. Their monitoring tools are very primitive to meet the needs of today’s cloud observability challenges. A well-defined tagging mechanism through a single window of monitoring costs enables higher efficiency.

Provide Accurate Cost Reporting and Analytics

When it comes to cost reporting, enterprises struggle to associate costs with technical or security dimensions, such as specific applications, environments, or compliance programs. Enterprise can use predictive analytics to analyze the usage patterns of cloud resources and, consequently, predict costs across cloud accounts, tags, regions, and user groups. They can also gain critical recommendations on optimizing cloud resources, thus avoiding cost leakages.

Utilize Intelligent Automation

Automation is very crucial to ensure high availability and resiliency in the cloud. All enterprises now use scripts to run various automation templates. Still, the challenge comes in when you need to deploy such scripts across a specific set of resources allocated to a particular group.

In the above scenarios, the recommended approach is to implement a consistent set of global tags to efficiently gather actionable data insights by assigning useful information to any resource within your cloud infrastructure.

What are the key features and best practices of a robust multi-cloud tagging Policy

A disciplined tagging policy is the cornerstone of robust cloud governance. A well-crafted policy for resource tagging and automated tag hygiene will bolster governance for visibility, accountability, cloud cost reporting and optimization, and seamless operations.

Global Policy

A centralized IT team will own the process and will consistently define a global tagging policy by taking in feedback from key stakeholders.

The real benefit of tagging can be realized only when it is enforced globally across all teams. Even the slightest deviation will defeat the purpose. For successful results, it is critical to get the buy-in of key stakeholders. If not tagged as per the defined guidelines, resources can be inadvertently terminated, or escalation notifications sent to managers.

Consistent reporting

A consistent tag reporting needs to be set up to monitor the global tags by a group.

After implementing the tagging policy, a daily/weekly should be set up for monitoring global tags. These reports show the current state and track improvements in tag coverage, making the benefits measurable.

Automated Alerts

Create daily automated alerts for missing tags.

Any resources that are missing tags need to be reported daily through automated alerts. This visibility is essential for effective tag management and resource consistency.

Automated Process

Focus on automating the tagging processes.

Once a tagging strategy has been implemented and standardized, the tagging process should be automated. Use scripts to generate alerts on missing or untagged resources and enforce the correct usage of tags. To standardize tags, automated scripts can be used to correct tag names as per the pre-defined standards.

All the three hyperscalers – AWS, Azure, and Google Cloud – recommend some best practices. Some tagging best practices recommended by AWS are:

• Do not store personally identifiable information (PII) or other confidential or sensitive information in tags.

Use a standardized, case-sensitive format for tags, and apply it consistently across all resource types.

Consider tag guidelines that support multiple purposes, like managing resource access control, cost tracking, automation, and organization.

• Use automated tools to help manage resource tags.

• Use too many tags rather than too few tags.

• Remember that it is easy to change tags to accommodate changing business requirements but consider the consequences of future changes.

Click here to learn more.

Some best practices from Azure are as follows:

• Not all resource types support tags. To determine if you can apply a tag to a resource type, see Tag support for Azure resources.

• Each resource, resource group, and subscription can have a maximum of 50 tag name/value pairs.

• The tag name is limited to 512 characters, and the tag value is limited to 256 characters.

• Tags can’t be applied to classic resources such as Cloud Services.

• Tag names can’t contain these characters: <, >, %, &, \, ?, /

Click here to learn more.

Google Cloud Platform recommends the following:

• A tag can be no longer than 63 characters

• A tag can only contain lowercase letters, numeric characters, and dashes

• A tag must start and end with either a number or a lowercase character

Click here to learn more.

Tags can be based on various types depending on the tagging strategy. It’s seen that business-relevant tag groupings are very effective since they help organize resources along business, technical, and security dimensions. Additionally, automation-specific tags can add more value as well.

An effective Tagging strategy can help an enterprise gain visibility and insights into the cloud consumption, costs, and resources that ultimately empower FinOps. A meticulous and disciplined approach to tagging is vital to robust cloud governance. A tagging standard, along

with automation for maintaining sound tag hygiene, will help you attain critical cloud governance guardrails for resource consistency, cloud cost optimization & reporting, and smooth operations.

Learn more about the recommendations from the hyperscalers and how CoreStack enables tagging governance for your multi-cloud infrastructure in this white-paper.

Latest posts by Venkatesh Perumal (see all)