Resource tagging has already been a thing for EC2 and EBS in the previous years. AWS has already raised available tags to up to 50, and even included the option to edit a tag and create resource groups.
Now, AWS has announced another improvement–these four new features for tagging EC2 Instances and EBS volumes:
- Tag on creation – you may now specify tags as you create a resource, whether EC2 instances or EBS volumes. You may even set separate tags for every volume and instance. You can read more about tags here.
- Enforce tag usage – By creating IAM usage policies you can enforce the use of certain tags on EC2 and EBS resources.
- Resource Level permissions – CreateTags, DeleteTags, RunInstances, and CreateVolume now support resource-level permissions. This way, users have more control over tag keys and values as well as users and groups that can tag on creation.
- Enforced Volume Encryption – Given that RunInstances and CreateVolume now have resource-level permissions, you may now create IAM policies dictating the use of encryption for new EBS boot or data volumes.
These features are now available for all regions except China (Beijing) and GovCloud (US). More support for EC2 resource types will be announced soon, so watch out for it.
If you would like to avail of AWS compute services, contact our AWS experts at PolarSeven today.