compliancy,

Resource Tagging in Azure

Sven Malvik Sven Malvik Connect Aug 08, 2020 · 3 mins read
Resource Tagging in Azure

Moving services from on-premise to Azure cloud requires effort, technical knowledge, and some experience to make a business secure, compliant, and efficient. This post will discuss why tagging of resources plays an important role to achieve these goals and how you can do this.

Click-Ops is Costly, Insecure, and it Puts Your Business at Risk

Many developers like myself working for the first time in Azure, love how easy it is to get started, and to see results almost immediately. The Azure Portal simplifies this process of learning about the many different Azure services. We click a few buttons and vóila - resources are deployed. At some point, we create resources for the real world like the official test and production environment. Did we everything well and can continue with new tasks? What happens with the resources that we played with?

With Click-Ops, we can’t consistently re-create the same resources in different environments as we will make mistakes at some point and re-create the resources again and again. Do we delete the resources that we don’t need anymore? Maybe not always.

I think this is ok. We are humans and we love to perform and rush to the next task. Still, it’s costly and we need to handle this somehow.

My experience is that Click-Ops leads over time to Azure resources that nobody knows about, hence can or cannot be deleted. We don’t know without analyzing them. This is a problem, since analyzing eventually hundreds of resources is almost impossible if your business can’t tolerate downtime which might happen when you delete resources that you thought were not in use anymore. Analyzing them first is important but impossible at some point.

The thing is that these arguments against Click-Ops are just the tip of the iceberg. Being able to consistently create resources requires code. With infrastructure as code, we can do more. We can tag our resources. I mean we could do this before, but good enough tagging can be time consuming.

Tagging as Part of Infrastructure as Code Will Make Your Business More Stable

As we get more experienced in Azure, we put more resource deployments into code. That code will contain tagging of resources. Tagging makes it possible to simplify resources associations, show costs per team, identify mission critical resources, classifies resources, and may make your business compliant. You may even save money because you set a tag saying that a given resource is just temporary.

Resource naming and tagging decision guide descibes these arguments in more detail. My experience says that these following tags are important: owner, confidentiality, and temporary.

  • owner: Tells you whom to contact in case you have any questions.
  • confidentiality: Tells how to treat this resource. It may contain personal data that can’t be shared.
  • temporary: Tells about if this resource can be deleted soon.

Conclusion

Tag every resource at least with the owner tag. I struggled with many resources because I didn’t even know whom to talk to. Analyzing a resource may only tell you half of the story. Knowing who is the owner of a resource will put you in a position of having control over all the resources at any time.

Join Newsletter
Get the latest updates right in your inbox. I never spam!
Sven Malvik
Written by Sven Malvik

Latest Stories

8 Actions to Cut Infrastructure Costs in 2021

8 Actions to Cut Infrastructure Costs in 2021 is the result of a research I did. I wanted to know more about the impact of the pandemic f...

Jan 10, 2021

Event-Driven Infrastructure with App Configuration

Azure App Configuration is great for externalizing application configurations. But what if an application is our infrastructure? How coul...

Sep 12, 2020

My Azure Week 34

This blog post is about my reflections on various topics around Azure, and what I have learned and worked on over the past week.

Aug 22, 2020

Infrastructure as Code (IaC) in Azure

Infrastructure as code (IaC) is a hot topic, also at Vipps. This video is the recording of an internal event where development teams tell...

Oct 17, 2020

Serving Website Images from Azure CDN with SSL

In this post I will show you step by step how to serve images on a website from Azure CDN with SSL enabled. My blog has a couple of Azure...

Apr 25, 2020

AZ-304 Self-Study Guide for Becoming an Azure Solution Architect Expert

Microsoft updated it’s role based exam for AZ-301. It’s now called AZ-304 and launched last year. This certification is a great proof for...

Feb 01, 2021

Backup and Restore in Azure API Management

As infrastructure gets more complex, more parts will eventually break. This is even more true as we make frequently changes. Sometimes we...

May 02, 2020

Azure Naming Convention Best Practices

Structure helps us to be in control. That is very true also in Azure. Especially in larger organizations where many cloud engineers creat...

Feb 02, 2021

Understanding Policies in Azure API Management

Policies are the heart of Azure API Management. They let us change the behavior of our APIs in a very flexible manner. Before I dive in t...

Apr 18, 2020

Logging in Azure API Management

This post is a complete step-by-step guide on how to send logs from Azure API Management to Azure Event Hub with PowerShell. We start by ...

Apr 11, 2020

Using App Configuration in Azure DevOps

Application deployments dependent often on environment specific data like the name of a resource group, location or flags for certain use...

Aug 01, 2020

Latest Stories

8 Actions to Cut Infrastructure Costs in 2021

8 Actions to Cut Infrastructure Costs in 2021

8 Actions to Cut Infrastructure Costs in 2021 is the result of a research I did. I wanted to know more about the impact of the pandemic f...

Jan 10, 2021

Event-Driven Infrastructure with App Configuration

Event-Driven Infrastructure with App Configuration

Azure App Configuration is great for externalizing application configurations. But what if an application is our infrastructure? How coul...

Sep 12, 2020

My Azure Week 34

This blog post is about my reflections on various topics around Azure, and what I have learned and worked on over the past week.

Aug 22, 2020

Infrastructure as Code (IaC) in Azure

Infrastructure as Code (IaC) in Azure

Infrastructure as code (IaC) is a hot topic, also at Vipps. This video is the recording of an internal event where development teams tell...

Oct 17, 2020

Serving Website Images from Azure CDN with SSL

Serving Website Images from Azure CDN with SSL

In this post I will show you step by step how to serve images on a website from Azure CDN with SSL enabled. My blog has a couple of Azure...

Apr 25, 2020

AZ-304 Self-Study Guide for Becoming an Azure Solution Architect Expert

AZ-304 Self-Study Guide for Becoming an Azure Solution Architect Expert

Microsoft updated it’s role based exam for AZ-301. It’s now called AZ-304 and launched last year. This certification is a great proof for...

Feb 01, 2021

Backup and Restore in Azure API Management

Backup and Restore in Azure API Management

As infrastructure gets more complex, more parts will eventually break. This is even more true as we make frequently changes. Sometimes we...

May 02, 2020

Azure Naming Convention Best Practices

Azure Naming Convention Best Practices

Structure helps us to be in control. That is very true also in Azure. Especially in larger organizations where many cloud engineers creat...

Feb 02, 2021

Understanding Policies in Azure API Management

Understanding Policies in Azure API Management

Policies are the heart of Azure API Management. They let us change the behavior of our APIs in a very flexible manner. Before I dive in t...

Apr 18, 2020

Logging in Azure API Management

Logging in Azure API Management

This post is a complete step-by-step guide on how to send logs from Azure API Management to Azure Event Hub with PowerShell. We start by ...

Apr 11, 2020

Using App Configuration in Azure DevOps

Using App Configuration in Azure DevOps

Application deployments dependent often on environment specific data like the name of a resource group, location or flags for certain use...

Aug 01, 2020