Ensure EC2 Instances Have Tags

Policy ID: BC_AWS_GENERAL_1

Ensure EC2 Instances Have Tags

Description

Tags enable you to categorize your AWS resources in different ways, for example, by purpose, owner, or environment. This is useful when you have many resources of the same type—you can quickly identify a specific resource based on the tags that you've assigned to it.

All AWS assets should have at minimum these four mandatory tags: Application, XXX, YYY and ZZZ. Assets without these mandatory tags will be marked as non-compliant.

An example of the tag value pairs: Tag name: Application Example value: Rebellion.

Fix - Runtime

Guidelines

To remediate this issue add the mandatory tags to the assets following the Cloud Asset Tagging guidelines.

CLI Command

The following command adds the tag Stack=production to the specified image, or overwrites an existing tag for the AMI where the tag key is Stack. If the command succeeds, no output is returned.

aws ec2 create-tags \
    --resources ami-78a54011 \
    --tags Key=Stack,Value=production

Fix - Buildtime

Terraform

  • Resource: aws_ec2_tag
  • Arguments:
    key - (Required) The tag name.
    value - (Required) The value of the tag.
resource "aws_ec2_tag" "example" {
  resource_id = aws_vpn_connection.example.transit_gateway_attachment_id
  key         = "Name"
  value       = "Hello World"
}

Updated 2 months ago


Ensure EC2 Instances Have Tags


Policy ID: BC_AWS_GENERAL_1

Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.