TAGs
An object or landscape can be seen with different perspectives, just associate will be not enough to clarify or build an understanding. Just a quick recap of essential characteristics of cloud computing NIST:
- Self-service
- Broad network access
- Elasticity
- Measured service
Essential attributes that the majority of Cloud Providers can offer. However how we can explore and manage in a consistent form over time? The simplicity to create and forgot a service at beginning can be a very common“initial practice”
Initially a deployment can at least as minimum requirement deploys their service using and mark using “tags” to minimum specify minimum and distinct vectors:
Security needs to be embedded a traversal not only digging audit logs later and use active models. Changes on exposure data in transit must be
monitored. The security vector can be used to define tag values to proper describe and build the foundation to improve security mechanism using native cloud service capabilities to simplify a proper implementation:
- Exposition – Classify in terms of exposition like, public services, partner services, business to business.
- Impact – Classification confidentiality of the data that this service can expose, like: personal information identification, finance information, and confidentiality.
- Compliance – Classify if this service can add fines to operation in terms of data exposure, or other regulatory compliance risk exposure.
- Inspection – Last inspection date that systems performed patch revision or security process to verify possible vulnerabilities.
Management must trend to leverage the use of more and more new technologies like automation platforms that can be simplified to trigger
actions based on TAG values.
- Schedule – Define schedule actions, like stop, start provision actions to deliver appropriate service to the user when they require.
- Life Cycle – For cloud services only running and stopped are not enough. Actions like scale out | UP, are important in application perspective to be also mapped.
- De-provision – Target date to start a deprovision of the resource. Normally start a workflow that will inform, stop, require an action to avoid unattempts deletions.
Enterprises can adopt different model of governance to better control ownership. Is very relevant define who that service belongs, and what finance aggregation like projects or departments.
- Project/CostCenter – This specific case the usage of a special TAG takes place that will aggregate all usage costs when are applied against cloud services provide for example a total cost per project.
- OwnerShip – Information about what group belongs the service. This can drive notifications, avoid disruptions of relevant services if they are corrected TAG.
- Running – Active model of the service like:
- Production service: active 24 hours per day 31 days per month
- Development service: active 8 hours per day 20 days per month
- Quality service: active 10 hours per day 10 days per month
- Security Inspection: active 24hours per day 3 days per month
This mechanism drives to deliver information regarding identification and environment. Normally can be adopted to also be used in automated mechanism like if any resource is created in a compartment automatically applies fixed values.
- Version – Version of release update of the service that the application has.
- Environment – Tray information like production, development, quality assurance.
- ID – Identification code for the application
- Pool – Create pools of resources this will support the correct understanding what is the current services used to a specific service capability like ecommerce-httpd.
- Application – A group of pools that provide services for this application or service like ecommerce: ecommerce-httpd, ecommerce-app_servers and ecommerce-db