AWS cloud resource naming
Generic Naming Guidelines
An important aspect of every environment is the standards applied for naming all the different resources, especially for dynamic environments like the Cloud. The naming conventions define standards for every type of resource in the environment, from Cloud services to Virtual Machines.
The naming conventions are based on the following guidelines:
-
Any name must be unique:
Any name must be unique and traceable within the Client landscape and subscription for objects of the same type. For example, although technically possible, it is not allowed to have two VM’s with the same name in two different VPC’s.
-
Use of characters:
Names must start with a letter or number and can contain only letters, numbers and dashes.
-
Writing the name:
All names are in lower case.
-
No use of spaces:
Spaces are to be avoided where possible.
-
Name lifespan:
A name shouldn’t be changed! If the object get’s a new function or is being used for a different BU it either keeps the name or it has to be added with a secondary tag with the correct name.
-
Names do not contain a function:
It’s not allowed to use a function in a name. This can cause confusion and makes it easy to do assumptions. For example: “databaseserver1” should not be allowed.
-
Names must support the automation tooling:
To deploy and manage the environments, automation tools must be used, all name created must be supported by the tool, APIs.
-
Costs Tags:
To track the costs on detailed level, cost tags needs to be added and activated. These tags can represent business categories (such as cost centers, application names, or owners) to organize costs across business units like mail/parcel/cbs.
Accounts
| Format: |
< customer >-< department name >-< organizational unit/ product >-< nonprod/prod > |
| Example: |
sogeti-lifeservices-assurance-nonprod |
CF Stacks
| Format: |
< customer >-< category >-< application name >-< environment > |
| Example: |
sogeti-app-conwo-dev |
< category >: is the category the cloud resource group belongs to. There are three categories for cloud resource groups:
- platform: : this category indicates that the resources in the resource group are platform components.
- core: :core means that the azure resource in this resource group belong to the environment core components, multiple other resource groups have a dependency on these resources. For example active directory.
- app: :the app category indicates that the resources are application components.
VPC
| Format: |
< AccountID >-vpc-< customer name>-< department> - < environment>-< Regioncode> |
| Example: |
110000034345-vpc-sogeti-finance-dev-use1 |
VPC Subnet (Public)
| Format: |
pub-sub-< TierType >-< Department >-< AvailabilityZone > |
| Example: |
pub-sub-f-finance-use1a |
VPC Subnet (Private)
| Format: |
pvt-sub-< TierType >-< Department >-< AvailabilityZone > |
| Example: |
pvt-sub-f-finance-use1a |
Extra Description for public and private subnet
< tier >:
- f=Frontend
- b=Backend
- d=Data
< Availability Zone >: Availability Zones (AZs) are isolated locations in a Data Centre from which cloud services originate and operate. Multiple AZs are interconnected in a Region. An AZ is represented by a Region code followed by a letter identifier; for example, use1a.
Security Group (VPC Peering)
| Format: |
< customer >-< zone / application name >-< resource type src >-< resource type dst >-< environment >-sg |
| Example: |
sogeti-applicationX-vpc_name_src-vpc_name_dst-dev-sg |
Peering Connection
| Format: |
< customer >-< pcx >-< resource VPC name src >-< resource VPC name dst >-< environment >-sg |
| Example: |
sogeti-pcx-vpc_name_src-vpc_name_dst-dev-sg |
Route Table
| Format: |
< Environment>-< RegionName >-< CustomerName >-PublicRouteTable |
| Example: |
dev-use1-sogeti-PublicRouteTable |
Internet Gateway
| Format: |
< Environment>-< RegionName >-< CustomerName >-igw |
| Example: |
dev-use1-sogeti-igw |
Security Group
| Format: |
< customer >-< zone / application name >-< resource type >-< environment >-sg |
| Example: |
sogeti-lifeservices-alb-dev-sg |
Elastic IP Name (EIP)
| Format: |
< customer >-eip-< application / service name >-< environment > |
| Example: |
sogeti-eip-conwo-dev |
Application Load balancer (ALB)
| Format: |
< customer >-< application / service name >-< region >-< environment >-alb |
| Example: |
sogeti-lifeservices-use1-dev-alb |
Classic Load balancer (CLB)
| Format: |
< customer >-< application / service name >-< region >-< environment >-clb |
| Example: |
sogeti-lifeservices-use1-dev-clb |
Network Load balancer (NLB)
| Format: |
< customer >-< application / service name >-< region >-< environment >-nlb |
| Example: |
sogeti-lifeservices-use1-dev-nlb |
S3 Bucket (S3)
| Format: |
< project name >-s3-< application name >-< region name>-< storage tier >-< env > |
| Example: |
cloudboost-s3-conwo-use1-s3s-dev |
< storage tier > :
- s3s=S3 Standard
- s3ia=S3 Infrequent Access
- s3rr=S3 Reduced Redundancy
- s3g=Glacier
Elastic Cloud compute (ec2)
| Format: |
< zone >-< project name >-< application name >-< environment >-< sequence number > |
| Example: |
use1a-cloudboost-conwo-dev-1 |
Extra description:
< zone >: the logical zone in which the VNET resides.
- M=Management
- P=Public Edge
- E=External
- I=Internal
Network interfaces (NIC)
| Format: |
< customer >-nic-< VM name > |
| Example: |
sogeti-nic-e-conwo-dev-1 |
Operating System Disk (OS Disk)
| Format: |
osdisk-< VM name > |
| Example: |
osdisk-e-conwo-dev-1 |
Data disk
| Format: |
datadisk-< sequence number >-< VM name > |
| Example: |
datadisk-1-e-conwo-dev-1 |
EC2 Container Service (ECS)
| Format: |
< customer >-ecs-< application name >-< environment >-< sequence number > |
| Example: |
sogeti-ecs-conwo-dev-1 |
Lambda Functions
| Format: |
< customer >-< application name >-< function name >-< region >-< environment >-lmbd |
| Example: |
sogeti-conwo-getconwodetails-use1-dev-lmbd |
Use only letters, numbers, hyphens, or underscores with no spaces.Function name must contain only letters, numbers, hyphens, or underscores. Maximum length is 64 characters.
Relational Database Services (RDS)
| Format: |
< customer >-< application name >-< db name >-< db type >-< region >-< environment >-rds |
| Example: |
sogeti-conwo-conwodb-sqlserver-use1-dev-rds |
Name should be between 1 to 60 alphanumeric characters or hyphens. First character must be a letter. Can’t contain two consecutive hyphens. Can’t end with a hyphen.
Elastic Beanstalk
| Format: |
< customer >-< application name >-< type >-< region >-< environment >-ebstk |
| Example: |
sogeti-conwo-web-use1-dev-ebstk |
Beanstalk name should be upto 100 Unicode characters, not including forward slash (/).
Simple Queue Services
| Format: |
< customer >-< application name >-< queue name >-< region >-< environment >-sqs |
| Example: |
sogeti-conwo-qname-use1-dev-sqs |
A queue name is case-sensitive and can have up to 80 characters. A FIFO queue must end with the .fifo suffix. The following are accepted: alphanumeric characters, hyphens (-), and underscores (_).
ElastiCache - Redis Cache
| Format: |
< customer >-< application name >-< cachename >-< region >-< environment >-elrdc |
| Example: |
sogeti-conwo-conworeccache-use1-dev-elrdc |
A name must contain between 1 and 40 alphanumeric characters or hyphens, should start with a letter, and cannot end with a hyphen or contain two consecutive hyphens
ElastiCache - MemCache
| Format: |
< customer >-< application name >-< cachename >-< region >-< environment >-elmmc> |
| Example: |
sogeti-conwo-conworeccache-use1-dev-elmmc |
A name must contain between 1 and 50 alphanumeric characters or hyphens, should start with a letter, and cannot end with a hyphen or contain two consecutive hyphens
Backup Plan
| Format: |
< customer >-< application name >-< region >-< environment >-bkp |
| Example: |
sogeti-conwo-use1-dev-bkp |
Backup plan name is case sensitive. Must contain from 1 to 63 alphanumeric characters or hyphens.
Backup Rule
| Format: |
< customer >-< application name >-< region >-< environment >-bkprl-< sequence number > |
| Example: |
sogeti-conwo-use1-dev-bkprl-1 |
Backup rule name is case sensitive. Must contain from 1 to 63 alphanumeric characters or hyphens.
Backup Vault
| Format: |
< customer >-< application name >-< region >-< environment >-bv-< sequence number > |
| Example: |
sogeti-conwo-use1-dev-bv-1 |
Backup vault name is case sensitive. Must contain from 2 to 50 alphanumeric characters or hyphens.
Direct Connect
| Format: |
< customer >-< application name >-< region >-< environment >-dcn-< sequence number > |
| Example: |
sogeti-conwo-use1-dev-dcn-1 |
Name must contain no more than 100 characters. Valid characters are a-z, 0-9, and – (hyphen)
Elastic Block Storage (EBS)
| Format: |
< customer >-< application name >-< ec2name >-< region >-< environment >-ebs |
| Example: |
sogeti-conwo-ec2name-use1-dev-ebs |
Name is given in form of tag for volumes to be created
Elastic File System (EFS)
| Format: |
< customer >-< application name >-< filesystem name >-< region >-< environment >-efs |
| Example: |
sogeti-conwo-filesharename-use1-dev-efs |
In EFS,name is given in form of a tag
Amazon Redshift
| Format: |
< customer >-< application name >-< region >-< environment >-redsh-< sequence number > |
| Example: |
sogeti-conwo-use1-dev-redsh-1 |
The identifier must be from 1 to 63 characters. Valid characters are a-z (lowercase only) and - (hyphen).
Simple Notification Service (SNS)
| Format: |
< customer >-< application name >-< name >-< region >-< environment >-sns |
| Example: |
sogeti-conwo-orderdelivery-use1-dev-sns |
Maximum 256 characters. Can include alphanumeric characters, hyphens (-) and underscores (_).
Name is given as topic name.
Region Codes
| Region |
Code |
|
Region |
Code |
| US East (Ohio) |
use2 |
|
Canada Central |
cac1 |
| US East (N. Virginia) |
use1 |
|
China (Beijing) |
cnn1 |
| US West (N. California) |
usw1 |
|
China (Ningxia) |
cnnw1 |
| US West (Oregon) |
usw2 |
|
EU (Frankfurt) |
euc1 |
| Asia Pacific (Tokyo) |
apne1 |
|
EU (Ireland) |
euw1 |
| Asia Pacific (Seoul) |
apne2 |
|
EU (London) |
euw2 |
| Asia Pacific (Osaka-Local) |
apne3 |
|
EU (Paris) |
euw3 |
| Asia Pacific (Mumbai) |
aps1 |
|
EU (Stockholm) |
eun1 |
| Asia Pacific (Singapore) |
apse1 |
|
Middle East (Bahrain) |
mes1 |
| Asia Pacific (Sydney) |
apse2 |
|
South America (Sao Paulo) |
sae1 |
| Asia Pacific (Hong Kong) |
ape1 |
|
|
|
Environment
These are the environment tags used either individually or along with another tag.
| Environment |
Code |
|
Environment |
Code |
| Sandbox |
sdb |
|
Production |
prod |
| Development |
dev |
|
Non-Production |
nonprod |
| Testing |
test |
|
User Acceptance Test |
uat |
| Shared Services Acceptance |
ssa |
|
Shared Services Production |
ssp |
| Automation |
aut |
|
System Integration Testing |
sit |
Resource Type
| AWS resource name |
Abbreviation |
| AWS resource name |
Abbreviation |
| Cloudformation Stack |
cfs |
| Cloudformation |
cfn |
| Public Subnet |
pub-sub |
| Private Subnet |
pvt-sub |
| Route Table |
PublicRouteTable |
| Internet Gateway |
igw |
| Elastic Beanstalk |
ebstk |
| API Apps |
api |
| AWS Simple Notification Service |
sns |
| Virtual Private Cloud |
vpc |
| AWS Simple Queue Service |
sqs |
| S3 |
s3 |
| Route53 |
r53 |
| Relational Database |
rds |
| SQL Database |
sqldb |
| Virtual Machine |
ec2 |
| Elastic Load Balancer |
elb |
| Application Load Balancer |
alb |
| Network Load Balancer |
nlb |
| Security Group |
sg |
| Network Interface |
nic |
| Elastic IP |
eip |
| EC2 Container Service |
ecs |
| Lambda Functions |
lmdb |
| ElastiCache- Redis Cache |
elrdc |
| ElastiCache- MemCache |
elmmc |
| Backup Plan |
bkp |
| Backup Rule |
bkpr |
| Backup Vault |
bv |
| Direct Connect |
dcn |
| Elastic Block Storage |
ebs |
| Elastic File System |
efs |
| Amazon Redshift |
redsh |
| Simple Notification Service |
sns |
Tagging
These tags are typically mandatory and conjoint for all the AWS resources.
Example-
| Tag name |
Value |
Purpose |
| resource-owner |
The email address of the user or team who is responsible for the resource |
Email distribution list of the team responsible for the resource |
| environment-type |
Values |
This is a standardized representation of the SDLC environment. Not all projects will use all environment types, and some projects will have multiple environments that map to the same environment type |
| Name |
Name of the resource |
chaitanya.a.kumar@capgemini.com will add naming convention reference link here |
| department |
Values |
This will help in identifying which department or BU the resource is a part of. There may be values other than these |
Environment-Type values
- PRODUCTION
- PRE-PRODUCTION
- QUALITY-ASSURANCE
- INTEGRATION-TESTING
- DEVELOPMENT
- LAB
Department values
- ACCOUNTS
- HR
- PRODUCTION
- MARKETING
- INFRASTRUCTURES
These tags are recommended based on the project.
Example-
| Tag name |
Value |
Purpose |
| financial-identifier/cost-center-identfier |
Financial identifier to support cost allocation. The value of this field should be set to the approved cost center |
This should be used to differentiate features within a product that belong to different budgets |
| project-name |
Project name |
This optional tag may be used to group microservices into projects, within the same asset |
| service-name |
Microservice or resource name |
This tag is typically used to identify a microservice, it can also be used to identify other resources. <p>Examples:
service-name: “tool-web-cluster”
service-name: “data-etl -service”</p> |
| encryption |
Yes/No |
This tag is used to identify whether the storage service has encryption enabled or not |
These tags are not mandatory.
Example-
| Tag name |
Value |
Purpose |
| client-id |
Client identifier |
This optional tag supports hosted deployments of the same application for different clients |
| environment-name |
Environment name |
This tag allows products to indicate the environment name, if different from the environment type.
Examples: Values |
| budget-driver/cost-center |
Budget name |
The budget the resource should be charged against, if different from the cost center ID. This is used to help finance understand the correct cost allocation, when necessary |
| expiration |
Indicates when the resource should be deleted |
This tag is reserved for future use |
| patch-order |
Logical patch order for application |
This tag is used in to indicate which order EC2 instances should be patched by application team |
| version |
Current version of the application |
This tag will show the latest version of the application running on the resources like EC2, Lambda, etc |
| tenancy |
Values |
This tag can be used to show the tenancy of an EC2 instance |
| purchasing option |
Values |
This tag can be used to show whether an instance is on-demand or reserved |
Environment-Name Examples
| environment-type |
environment-name |
| DEVELOPMENT |
DEV |
| TESTING |
TEST |
| QUALITY- ASSURANCE |
QA |
| PRE-PRODUCTION |
PRE-PROD |
| PRODUCTION |
PROD |
Tenancy values
- SHARED
- RESERVED
- DEDICATED
Purchasing Option values