When looking into customer Azure platforms I often see a distinct lack of understanding surrounding naming conventions and tagging. I have seen platforms with incomprehensibly named resource groups (RG001) and inconsistently assigned tags on resources.
It is very important that companies understand how naming conventions and tagging work to provide Cloud Governance, and how important it is to start as you mean to go on.
This is something that I feel too many people put far too little emphasis on. If you do not define a clear naming convention from the start you open the doors to poorly named resources in the future.
Microsoft themselves have a pretty good document detailing the standard Azure naming conventions. So, let’s start by having a look at this.
In this document Microsoft talk about this topic as a “Naming and tagging strategy” which is exactly what it is.
As a business you need to plan and strategize exactly how your Azure environment is going to look. And a large focus of this should be the naming and tagging of resources.
Let us first dive into the idea of naming conventions.
Microsoft state that
An effective naming convention assembles resource names by using important resource information as parts of the resource’s name.
When we look at this statement, we can take away the point that the resource name should ideally reflect the resource itself.
There are a number of defining information that can be used when naming a resource. Such information as the below examples:
|Subscription||mpn, ea, payg|
|Department (Business Unit)||hr, it, sales|
|Environment Type||prod, dev, test|
|App or Service||wvd, sql, ad, web|
One piece of information that I would not use is Company name.
I see people use this and realistically unless you are running multiple companies under one account this seems overkill. However companies often use Subscription as this may be useful to separate services.
We should then look to prefix the above information with an abbreviation of the resource itself to create the relevant name.
Microsoft have a number of recommended prefixes for the various resource types such as below:
|Public IP Address||pip-|
From the above information we are able to create consistent and easy to understand names for resource as the below examples:
The above examples follow the process of:
<Resource type><App or Service>-<Environment Type>-<Region>-<numbering>
Be aware that some resource cannot only have lowercase letter or numbers (such as storage accounts)
Now we have looked into naming conventions, lets have a look into the idea of Tagging and why it is important.
Tags are able to be placed on any Azure resource. There is a hard limit of 15 tags per resource to be aware of.
Tags allow you to add required metadata to resources to enable you to easily identify resources. This allows companies to filter cost analysis and other reports by specific tags.
Imagine being able to quickly and easily work out the spend by department or service? Tags to the rescue!
Adding tags is a simple process, but much like naming convention some thought needs to be placed into the exact tags you as a company will use. Every company will have differing view on what tags are required.
Tags can be added at resource creation or later if required. They can be created both through the Azure portal and via PowerShell/CLI
A few examples of useful tags are below:
|Application Name||Name of the app or service that this resource makes up|
|Owner||Owner of the resource, app, or service|
|Requester Name||User that requested this resource creation|
|Environment||Type of environment, such as prod, dev, staging etc|
|End Data||Date for reource end of life|
|Department (Business Unit)||Department responsible for this resource, service, or app|
Obviously, you may have many other tags you wish to use and you can add whatever you need. The only advise would be to ensure you are consistent with these tags.
An example of a tagged resource group is below:
It is very important to understand however that tags are NOT inherited by sub-resources. Each resource MUST be tagged.
For instance, in the below example a Storage Account has been created inside the Resource Group, and as you can see has no tags assigned.
So, lets fix this by adding the required tags. Under the Tags option in the resource menu.
Now fill in the relevant tags as per your required tags list. Then Save
Now we can see the Tags are showing as we would expect.
Of course, you can configure Azure Policies to enforce both naming convention and also default tagging but this is a little more complicated.
I will aim to look at this in more depth in another blog as this is a quite interesting idea and can help companies from having any incorrectly named resources.