I am trying to tag 1000+ aws resources in various regions. For new resources to be created, I have implemented Tagging Policy(SCP's). But for existing resources, what approach shall I follow?
I have come up with following approach:
Use AWS Resource Explorer Service to find all untagged resources in all regions.
A python script to tag all resources associated with a specific service. (NOTE: I had worked on a script long time ago to find resources associated with instances and align tags to them(if tags not present)) Reference: TagResourcesAssociatedWithEC2Instance
The above script can be leveraged and can be used with other resources (RDS, Route53, ECS .,etc.)
Problem with the above approach is that it would take a considerable amount of time to identify all the resources associated to each other logically.
Is there any faster way to segregate all resources based on tag "Environment" or "Owner" and also tag all the resources with a predefined set of tags?
I have tried following:
Python scripts to identify untagged resources, associate tags to resources aligned with each service. List all resources in account -> check for tags. But problem was that I couldn't find the interdependant relation only base on ARN.
Since you mentioned you are using Terraform to deploy your resources, then in your Terraform code, you need to specify a default_tags setting in the AWS
provider
block. After adding that, you simply need to runterraform apply
again and Terraform will add those default tags to every AWS resource managed by Terraform.