At CAW, we develop many apps. We like to follow common best practices across all the apps we develop. This playbook describes an opinionated scaffolding that jump-starts projects. This came about due to many commonalities between several of our projects. This document will cover AWS Resource Naming conventions, Tagging standards for AWS resources, and implementation & enforcement approaches from a governance point of view. A standard naming convention aims to identify the ownership/identity of the resources easily. The tags' objectives are multifold, i.e., from attaching relevant metadata to the AWS services to using mandatory Tags such as Cost Allocations Tags in AWS Cost Explorer, AWS CUR, etc., to filter resources based on clients/projects, etc.

Note the best practices are just recommendations and not unbreakable rules. Context is the King; So always tweak the below recommendations as applicable to your product.

AWS Resources Naming Conventions:

Each resource created in AWS or any other cloud environment should follow the below naming convention.

<Mandatory Attributes>-<Optional Attributes>

Note: Resources created and managed by AWS or Kubernetes might NOT be able to follow the naming convention. Eg: autoscaling groups created by Managed group and EBS created by Kubernetes are a few such examples.

Mandatory Attributes in the Naming Convention:

Attribute	Possible Values	Mandatory
Parent Org. Name	CAW, hBits, Flipspaces, etc.	YES
Cloud Provider	AWS, GCP, AZURE	YES
Region	aps1, aps2, usw1, usw2	YES
Client/Customer Name	hBits, Flipspaces, etc.	NO
Environment	Prod, UAT, Stage, Dev	YES
Resource Type	S3, EKS, ECS, RDS, etc.	YES
Team / Project Name	Team Name, Project Name, etc.	YES
Name Prefix	Resource Name	YES
Name Suffix / Optional Attribute	Resource, Service, Role Name, Purpose, or any other attribute.	NO / Optional

Optional Attributes in the Naming Convention:

The optional attributes are applied based on the requirement and resource type provisioned.

Attribute	Possible Value
Service Name	Any string
Role Name	Master, Slave, Replica, Snapshot, etc.
Accessibility	Public, Private
Any other attribute	Any string

Examples :

Let’s assume the organization name is acme, the project name is example, and the resource name is rsc.
ECS
- acme-aws-aps1-prod-ecs-example-rsc-testing (Denotes a testing instance)
- acme-aws-aps1-prod-ecs-examplelanding_pages
- acme-aws-aps1-hbitsprod-ecs-examplebackend (Denotes Caw account ílhosting acme infra)
- acme-aws-aps1-prod-ecs-hbitsv2-strapi
RDS
- acme-aws-aps1-stage-rds-example-RdsName-01-replica (Denotes role is replica)
- acme-aws-aps1-prod-rds-examplemaster
- acme-aws-aps1-prod-rds-examplersc-master
ACCOUNT NAME
- acme-aws-aps1-prod-example
S3:
- acme-aws-usw2-prod-s3-example-rds_logs-private (Denotes bucket is private)
KINESIS:
- acme-aws-aps1-traceable-uat-kinesis-<Team Or Project>-metrics-<optional Name suffix> (Denotes traceable as client of Caw)

Attribute Standards: