search

washingtonpost / aws-tagger

AWS bulk tagging tool
MIT License
118 stars 76 forks source link

readme

aws-tagger

Tagging AWS resources is hard because each resource type has a different API which is slightly different. The AWS bulk tagging tool eliminates these differences so that you can simplify specify the resource ID and the tags and it takes care of the rest. Any tags that already exist on the resource will not be removed, but the values will be updated if the tag key already exists. Tags are case sensitive.

Install

pip install aws-tagger

Usage

Tag individual resource with a single tag

aws-tagger --resource i-07a9d0e5 --tag "App:Foobar"

Tag multiple resources with multiple tags

aws-tagger --resource i-07a9d0e5 --resource i-0456e3a9 --tag "App:Foobar" --tag "Team:My Team"

Tag multiple resources from a CSV file

AWS Tagger can also take input from a CSV file. The column names of the CSV file are the tag keys and the colume values are the tag values. The resource id must be in a column called Id. To switch between regions, you can add a Region column with the standard AWS regions names like us-east-1. If the Region column is missing it assumes that the region is the same as the AWS credentials.

echo 'Id,Region,App' > my-resources.csv
echo 'i-11111111,us-east-1,Foobar' >> my-resources.csv
echo 'i-22222222,us-east-1,Foobar' >> my-resources.csv

aws-tagger --csv my-resources.csv

AWS Resource Support

AWS Tagger supports the following AWS resource types.

EC2 instances

Any EC2 volumes that are attached to the instance will be automatically tagged.

aws-tagger --resource i-07a9d0e5 --tag "App:Foobar"

S3 buckets

aws-tagger --resource my-bucket --tag "App:Foobar"

RDS instances

aws-tagger --resource arn:aws:rds:us-east-1:111111111:db:my-db --tag "App:Foobar"

EFS files systems

aws-tagger --resource arn:aws:elasticfilesystem:us-east-1:1111111111:file-system/fs-1111111 --tag "App:Foobar"

Elastic Load Balancers

aws-tagger --resource arn:aws:elasticloadbalancing:us-east-1:11111111111:loadbalancer/my-elb --tag "App:Foobar"

Application Load Balancers

aws-tagger --resource arn:aws:elasticloadbalancing:us-east-1:11111111111:loadbalancer/app/nile-content-api-syd-44c45100/f02ac6f33df89ba8 --tag "App:Foobar"

Elasticache clusters

aws-tagger --resource arn:aws:elasticache:us-east-1:111111111:cluster:my-cluster --tag "App:Foobar"

Elasticsearch clusters

aws-tagger --resource arn:aws:es:us-east-1:111111111:domain/my-domain --tag "App:Foobar"

Kinesis streams

aws-tagger --resource arn:aws:kinesis:us-east-1:111111111:stream/my-stream --tag "App:Foobar"

Cloudfront distributions

aws-tagger --resource arn:aws:cloudfront::1111111111:distribution/E1111111111111 --tag "App:Foobar"

AWS credentials

AWS Tagger uses the standard AWS credential configuration options.

Environment variables

export AWS_REGION="us-east-1"
export AWS_ACCESS_KEY_ID="aka..."
export AWS_SECRET_ACCESS_KEY="123..."
aws-tagger --resource i-07a9d0e5 --tag "App:Foobar"

IAM Roles

AWS Tagger also supports cross-account role assumption. You will still need to configure the initial AWS credentials using one of the methods above, but the role will be used to call the actuall AWS API.


aws-tagger --role arn:aws:iam::11111111111:role/MyRole --resource i-07a9d0e5 --tag "App:Foobar"