5.1 Ensure all resources are correctly tagged

Information

Tags enable customers to categorize AWS resources in different ways, for example, by purpose, owner, or environment.

Each tag consists of a key and an optional value, both of which customer's define.

You should define a set of tags for the following items to help you track each instance's owner and operating environment, cost center, and other items.

* Amazon EC2 instances
* ELB
* EBS Volumes

* S3 Buckets


A resource may have up to 10 tags associated with key ">Key=tier, Value=app
* Key=environment, Value=production

* Key=costcenter, Value=sales

Tagging creates a unique set of identifiers which can be applied to AWS resources such as EC2.

Tagging enables the following:

* detailed billing analysis
* access management through AWS IAM policies
* asset management through AWS Config Rules
* AWS Inspector assessment groups

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Tag all your 3 tier Web Application resources based on their tier membership (Web, App, Data), and your organizational requirements.

See Also

https://workbench.cisecurity.org/files/260