EBS Volume Tagging

Before reading

EBS: Elastic Block Storage

EC2: Elastic Cloud Compute

Goal

Untagged resources on AWS can become problematic when managing a big environment. Having a proper strategy for tag naming resources would help in many scenarios, for example troubleshooting, pricing, cleaning.

Depending on the tagging policies implemented (if any), there can be many left untagged volumes. Over time, these could pile up to a messy and unmanageable number, which would then be confusing and time consuming.

Therefore, the purpose of this function would be to assign a name tag to those untagged volumes in order to provide more detail overview of the resources in the environment.

Architecture

Architecture including services like CloudTrail, EventBridge and Lambda

The first part of the automation is to use CloudTrail to capture only events that are AttachVolume.

The second part is to configure a rule in EventBridge which will invoke a Lambda function based on the API from CloudTrail.

This Lambda function is written in Python 3.9 with Boto3.

The function will then take instanceId and volumeId that are passed through the parameters from the event. With these two variables, it will do the right mapping to assign the name tag to the EBS volumes.

Set Up

You can read more about setting up CloudTrail with EventBridge in my other post. This is going to be particularly useful specially for the first part of the automation where a Lambda function would have to put a rule with a Lambda target in EventBridge.

Logic

Now that the events are configured to invoke the Lambda function, we still need to put the logic in place in order for EBS to be tagged with the EC2 names.

For this, there are 3 simple steps to be done:

1. ) Describe the EC2 instance
2. ) Pull name tags from EC2
3. ) Create tag for the EBS volumes

Describe EC2 instance

The first step is to do is to pull the name tag from the EC2 instance. This would be a good strategy to map which EBS volumes belong to EC2 instances.

The event carries certain parameters that would be useful in the development of the function. The two most important are the instanceId and the volumeId. So in this step we store these in variables so that we can use them in a later stage.

Code part 2: describing the EC2 instance name based on event

Pull Name Tag from EC2

Second step would be to pull the tags that correspond to the Name of the EC2 instance that was described in the first step. The purpose is use this name tag to assign it to the EBS volume.

The first statement is supposed to catch any exceptions to check whether the EC2 instance does have any tags.

The second if statement will select only the Key tags that are with ‘Name’, since this is the only tag key we are interested. Obviously this can also be changed depending on your requirements.

Code part 3: pulling the EC2 name tags and using it as parameter

Create tag for EBS Volumes

The final step would be to create the tag for the volumes with create_tag method. It takes in the ID of the volume and the value of the name tag from the EC2 instance.

Code part 4: assigning name tags to the EBS volumes

Full code can be found in the reference.

Let me know if I can help in anything!

Go Build 🔥

Reference

aws_devops/storage/block/ebs-tagging at master · edreinoso/aws_devops