ANNOUCEMENT Announcing self-paced Karpenter Lab series - START NOW

AWS Remediation Knowledge Base > Operations and Fault Tolerance

Missing Tags for EBS Resources

Reduce your AWS costs by 50% on auto-pilot.
  • Risk-free commitment
  • Management Automatically pause idle resources
  • Automatically automatize your EKS cost
    • Book a Demo › |
    Share
    • Risk level: Low
    • Rule ID: EBS-006

    Ensure that user-defined tags (metadata) are being used for labelling, collecting and organising EBS resources available within your AWS environment. nClouds recommends that your resources must have some user-defined tags (and not just the default Key and Value) to follow best practices. We highly recommend the following tagging schema to help you identify and manage your resources:

    • Name: used to identify individual resources.
    • Role: used to describe the function of a specific resource (e.g. web tier, database tier).
    • Environment: used to distinguish between different stages (e.g. development, production).
    • Owner: used to identify the person / team responsible for the resource.

    This rule can help you with the following compliance standards:

    • APRA
    • MAS

    Naming (tagging) your AWS EBS volumes logically and consistently has several advantages such as providing additional information about the volume location and usage, promoting consistency within the selected environment, distinguishing fast similar resources from one another, avoiding naming collisions, improving clarity in cases of potential ambiguity and enhancing the aesthetic and professional appearance.

    Audit

    To verify the naming conventions used for tagging your EBS volumes, perform the following:

    • Using AWS Console

    1. Sign in to the AWS Management Console.

    2. Navigate to AWS Resource Groups at https://console.aws.amazon.com/resource-groups/home?region=us-east-1

    3. In the navigation panel, under Tagging , Click on Tag Editor.

    4. Select the Region as us-east-1 and Resource Type as AWS::EC2::Volume .

    5. Click on Search Resources .
     
    6. Open the Preferences Section.

    7. Make sure Tags is ON . Click on Confirm .

    8. Review the Search Results , the Tags column shows the number of tags available on the resource.

    9. Sort the column in ascending order by clicking on Tags column name to display resources with no tags on the top.

    • Using AWS CLI

    1. Run describe-volumes command (OSX/Linux/UNIX) to determine if there are any EBS volumes available in the selected region that has no tags specified.

    aws ec2 describe-volumes \\
--region us-east-1 \\
--query 'Volumes[?!not_null(Tags[])]'

     
    2. The output will display a list of volumes in the region which doesn;t have any tag associated with them.

    [
    {
        "Attachments": [],
        "AvailabilityZone": "us-east-1d",
        "CreateTime": "2019-12-13T04:20:57.505000+00:00",
        "Encrypted": false,
        "Size": 50,
        "SnapshotId": "snap-0415d8298c7099b66",
        "State": "available",
        "VolumeId": "vol-06d24eb6b77f09e70",
        "Iops": 150,
        "VolumeType": "gp2",
        "MultiAttachEnabled": false
    },
    {
        "Attachments": [],
        "AvailabilityZone": "us-east-1d",
        "CreateTime": "2020-02-07T08:29:07.029000+00:00",
        "Encrypted": false,
        "Size": 80,
        "SnapshotId": "snap-0415d8298c7099b66",
        "State": "available",
        "VolumeId": "vol-012e179cf459c730e",
        "Iops": 240,
        "VolumeType": "gp2",
        "MultiAttachEnabled": false
    },
    {
        "Attachments": [
            {
                "AttachTime": "2021-04-15T22:01:24+00:00",
                "Device": "/dev/xvda",
                "InstanceId": "i-0995783a9e535fd86",
                "State": "attached",
                "VolumeId": "vol-01e1d59e08f040446",
                "DeleteOnTermination": true
            }
        ],
        "AvailabilityZone": "us-east-1d",
        "CreateTime": "2021-04-15T22:01:24.519000+00:00",
        "Encrypted": false,
        "Size": 20,
        "SnapshotId": "snap-0508df10d84c3c47f",
        "State": "in-use",
        "VolumeId": "vol-01e1d59e08f040446",
        "Iops": 100,
        "VolumeType": "gp2",
        "MultiAttachEnabled": false
    },
		...
    {
        "Attachments": [
            {
                "AttachTime": "2020-08-07T09:38:59+00:00",
                "Device": "/dev/sda1",
                "InstanceId": "i-0c8fe81d677bd8e89",
                "State": "attached",
                "VolumeId": "vol-083ae7331c8133200",
                "DeleteOnTermination": true
            }
        ],
        "AvailabilityZone": "us-east-1f",
        "CreateTime": "2020-08-07T09:38:59.657000+00:00",
        "Encrypted": false,
        "Size": 8,
        "SnapshotId": "snap-0f945217d0601a348",
        "State": "in-use",
        "VolumeId": "vol-083ae7331c8133200",
        "Iops": 100,
        "VolumeType": "gp2",
        "MultiAttachEnabled": false
    },
]

    Remediation / Resolution

    To shutdown/terminate any AWS EC2 instances that are currently running in idle mode, perform the following commands:

    • Using AWS Console

    1. Login to the AWS Management Console.
     
    2. Navigate to EC2 dashboard at https://console.aws.amazon.com/ec2/
     
    3. In the navigation panel, under Elastic Block Store, click Volumes.
     
    4. Select your EBS volume that you want to examine. (Refer to Audit Section to find volume Ids with no tags)
     
    5. Select the Tags tab from the bottom panel.
     
    6. Click on Add/Edit Tags and then click on Create Tags
     
    7. Add the required tags:

    Key: Name, Value: <Desired Name for the volume>

    Key: Role, Value: <Desired Role for the volume>

    Key: Environment, Value: <Desired Environment for the volume>

    Key : Owner , Value: <Desired Owner for the volume>
     
    8. Repeat the steps 4 – 7 for other such volumes in the region.
     
    9. Change the AWS region from the navigation bar to fix volumes in another region.

    • Using AWS CLI

    1. Run describe-volumes command (OSX/Linux/UNIX) to determine if there are any EBS volumes available in the selected region that has no tags specified.

    aws ec2 describe-volumes \\
--region us-east-1 \\
--query 'Volumes[?!not_null(Tags[])]'

     
    2. The output will display a list of volumes in the region which doesn;t have any tag associated with them.

    [
    {
        "Attachments": [],
        "AvailabilityZone": "us-east-1d",
        "CreateTime": "2019-12-13T04:20:57.505000+00:00",
        "Encrypted": false,
        "Size": 50,
        "SnapshotId": "snap-0415d8298c7099b66",
        "State": "available",
        **"VolumeId": "vol-06d24eb6b77f09e70",**
        "Iops": 150,
        "VolumeType": "gp2",
        "MultiAttachEnabled": false
    },
    {
        "Attachments": [],
        "AvailabilityZone": "us-east-1d",
        "CreateTime": "2020-02-07T08:29:07.029000+00:00",
        "Encrypted": false,
        "Size": 80,
        "SnapshotId": "snap-0415d8298c7099b66",
        "State": "available",
        "VolumeId": "vol-012e179cf459c730e",
        "Iops": 240,
        "VolumeType": "gp2",
        "MultiAttachEnabled": false
    },
    {
        "Attachments": [
            {
                "AttachTime": "2021-04-15T22:01:24+00:00",
                "Device": "/dev/xvda",
                "InstanceId": "i-0995783a9e535fd86",
                "State": "attached",
                "VolumeId": "vol-01e1d59e08f040446",
                "DeleteOnTermination": true
            }
        ],
        "AvailabilityZone": "us-east-1d",
        "CreateTime": "2021-04-15T22:01:24.519000+00:00",
        "Encrypted": false,
        "Size": 20,
        "SnapshotId": "snap-0508df10d84c3c47f",
        "State": "in-use",
        "VolumeId": "vol-01e1d59e08f040446",
        "Iops": 100,
        "VolumeType": "gp2",
        "MultiAttachEnabled": false
    },
		...
    {
        "Attachments": [
            {
                "AttachTime": "2020-08-07T09:38:59+00:00",
                "Device": "/dev/sda1",
                "InstanceId": "i-0c8fe81d677bd8e89",
                "State": "attached",
                "VolumeId": "vol-083ae7331c8133200",
                "DeleteOnTermination": true
            }
        ],
        "AvailabilityZone": "us-east-1f",
        "CreateTime": "2020-08-07T09:38:59.657000+00:00",
        "Encrypted": false,
        "Size": 8,
        "SnapshotId": "snap-0f945217d0601a348",
        "State": "in-use",
        "VolumeId": "vol-083ae7331c8133200",
        "Iops": 100,
        "VolumeType": "gp2",
        "MultiAttachEnabled": false
    },
]

     
    3. Grab the VolumeId from the output above and run create-tag command to apply tags to the EBS Volume:

    aws ec2 create-tags \\
	--region us-east-1 \\
	--resources vol-083ae7331c8133200 \\
	--tags Key=Name,Value=k8s-volume Key=Role,Value=WebServer Key=Environment,Value=Production Key=Owner,Value=DevOps

     
    4. Repeat steps no. 1 – 3 to retag other EBS volumes that require a valid naming convention, available in the current region.
     
    5. Repeat steps no. 1 – 4 to implement the entire process for other AWS regions.

    Still Need Help?

    Come see why we are the #1 cloud management platform and why companies like Uber, Dickey’s BBQ Pit and Norwegian Cruise Line trust nOps to manage their cloud.
    Get Started
    Schedule Demo
    Contact Us

    nOps is an AI-powered FinOps platform that makes it easy manage and optimize your cloud usage, commitments, and spend.

    Products

    Solutions

    Resources

    Company

    Documentation

    Solutions

    Platform

    Resources

    Documentation

    Company

    The Best Tools By Category

    Cloud Cost Guides

    Karpenter

    Commitment Management

    © nOps 2024. All Rights Reserved.

    Linkedin-in Youtube Facebook Instagram