Amazon AWS

Naming conventions

A naming convention is an established set of rules needed when choosing the name of an AWS resource.

Having a logically and consistently naming convention has several advantages such as providing additional information about the resource location and usage, promoting consistency within the selected environment, distinguishing fast similar resources from one another, improving clarity in cases of potential ambiguity and classifying them accurately for easy management and billing purposes.

Resources name matrix

Networking & Content Delivery

VPC

Resource Scheme Example

Resource	Scheme	Example
VPC	`{prj}-{env}-{region}-vpc`	`vdig-live-ew1-vpc`
VPC (named)	`{prj}-{env}-{region}-vpc-{name}`	`vdig-live-ew1-vpc-ek8`
DHCP Options Set	`{prj}-{env}-{region}-dopt`	`vdig-live-ew1-dopt`
Internet Gateway	`{prj}-{env}-{region}-igw`	`vdig-live-ew1-igw`
Elastic IP	`{prj}-{env}-{region}-eip-{name}`	`vdig-live-ew1-eip-nat-0`
NAT Gateway	`{prj}-{env}-{region}-nat-{name}`	`vdig-live-ew1-nat-1`
Transit Gateway	`{prj}-{env}-{region}-tgw-{name}`	`vdig-live-ew1-tgw-shared`
Transit Gateway - Route Table	`{prj}-{env}-{region}-tgw-rtb-{name}`	`vdig-live-ew1-tgw-rtb-shared`
Transit Gateway - VPN Attachment	`{prj}-{env}-{region}-cgw-{name}`	`vdig-live-ew1-cgw-shared`
CloudFront	`{prj}-{env}-{region}-cdn-{name}`	`vdig-live-ew1-cdn-grafana`
API Gateway	`{prj}-{env}-{region}-apigw-{name}`	`vdig-live-ew1-apigw-grafana`

VPC

{prj}-{env}-{region}-vpc

vdig-live-ew1-vpc

VPC (named)

{prj}-{env}-{region}-vpc-{name}

vdig-live-ew1-vpc-ek8

DHCP Options Set

{prj}-{env}-{region}-dopt

vdig-live-ew1-dopt

Internet Gateway

{prj}-{env}-{region}-igw

vdig-live-ew1-igw

Elastic IP

{prj}-{env}-{region}-eip-{name}

vdig-live-ew1-eip-nat-0

NAT Gateway

{prj}-{env}-{region}-nat-{name}

vdig-live-ew1-nat-1

Transit Gateway

{prj}-{env}-{region}-tgw-{name}

vdig-live-ew1-tgw-shared

Transit Gateway - Route Table

{prj}-{env}-{region}-tgw-rtb-{name}

vdig-live-ew1-tgw-rtb-shared

Transit Gateway - VPN Attachment

{prj}-{env}-{region}-cgw-{name}

vdig-live-ew1-cgw-shared

CloudFront

{prj}-{env}-{region}-cdn-{name}

vdig-live-ew1-cdn-grafana

API Gateway

{prj}-{env}-{region}-apigw-{name}

vdig-live-ew1-apigw-grafana

Subnets

Resource Scheme Example

Resource	Scheme	Example
Public	`{prj}-{env}-{region}-snet-{type}-{az?}`	`vdig-live-ew1-snet-pub-1a`
Private	`{prj}-{env}-{region}-snet-{type}-{az?}`	`vdig-live-ew1-snet-prv-1b`
Intra	`{prj}-{env}-{region}-snet-{type}-{az?}`	`vdig-live-ew1-snet-int-1c`

Public

{prj}-{env}-{region}-snet-{type}-{az?}

vdig-live-ew1-snet-pub-1a

Private

{prj}-{env}-{region}-snet-{type}-{az?}

vdig-live-ew1-snet-prv-1b

Intra

{prj}-{env}-{region}-snet-{type}-{az?}

vdig-live-ew1-snet-int-1c

Route Tables

Resource Scheme Example

Resource	Scheme	Example
Public	`{prj}-{env}-{region}-rtb-{type}`	`vdig-live-ew1-rtb-pub`
Private	`{prj}-{env}-{region}-rtb-{type}`	`vdig-live-ew1-rtb-prv`
Intra	`{prj}-{env}-{region}-rtb-{type}`	`vdig-live-ew1-rtb-int`

Public

{prj}-{env}-{region}-rtb-{type}

vdig-live-ew1-rtb-pub

Private

{prj}-{env}-{region}-rtb-{type}

vdig-live-ew1-rtb-prv

Intra

{prj}-{env}-{region}-rtb-{type}

vdig-live-ew1-rtb-int

Network ACLs

Resource Scheme Example

Resource	Scheme	Example
Public	`{prj}-{env}-{region}-acl-{type}`	`vdig-live-ew1-acl-pub`
Private	`{prj}-{env}-{region}-acl-{type}`	`vdig-live-ew1-acl-prv`
Intra	`{prj}-{env}-{region}-acl-{type}`	`vdig-live-ew1-acl-int`

Public

{prj}-{env}-{region}-acl-{type}

vdig-live-ew1-acl-pub

Private

{prj}-{env}-{region}-acl-{type}

vdig-live-ew1-acl-prv

Intra

{prj}-{env}-{region}-acl-{type}

vdig-live-ew1-acl-int

Compute

Resource Scheme Example

Resource	Scheme	Example
EC2 Instance	`{prj}-{env}-{region}-ec2-{name}`	`vdig-live-ew1-ec2-gitlab`
AutoScaling Group	`{prj}-{env}-{region}-asg-{name}`	`vdig-live-ew1-asg-gitlab-runners`
Security Group	`{prj}-{env}-{region}-sg-{name}`	`vdig-live-ew1-sg-gitlab-alb`
Application Load Balancer	`{prj}-{env}-{region}-alb-{name}`	`vdig-live-ew1-alb-grafana`
Network Load Balancer	`{prj}-{env}-{region}-nlb-{name}`	`vdig-live-ew1-nlb-grafana`
Target Group	`{prj}-{env}-{region}-tg-{name}`	`vdig-live-ew1-tg-grafana`
Elastic Container Service	`{prj}-{env}-{region}-ecs-{name}`	`vdig-live-ew1-ecs-grafana`
Lambda	`{prj}-{env}-{region}-lmbd-{name}`	`vdig-live-ew1-lmbd-grafana`
Launch Template	`{prj}-{env}-{region}-lt-{name}`	`vdig-live-ew1-lt-grafana`
Key Pair	`{prj}-{env}-{region}-key-pair-{name}`	`vdig-live-ew1-key-pair-grafana`

EC2 Instance

{prj}-{env}-{region}-ec2-{name}

vdig-live-ew1-ec2-gitlab

AutoScaling Group

{prj}-{env}-{region}-asg-{name}

vdig-live-ew1-asg-gitlab-runners

Security Group

{prj}-{env}-{region}-sg-{name}

vdig-live-ew1-sg-gitlab-alb

Application Load Balancer

{prj}-{env}-{region}-alb-{name}

vdig-live-ew1-alb-grafana

Network Load Balancer

{prj}-{env}-{region}-nlb-{name}

vdig-live-ew1-nlb-grafana

Target Group

{prj}-{env}-{region}-tg-{name}

vdig-live-ew1-tg-grafana

Elastic Container Service

{prj}-{env}-{region}-ecs-{name}

vdig-live-ew1-ecs-grafana

Lambda

{prj}-{env}-{region}-lmbd-{name}

vdig-live-ew1-lmbd-grafana

Launch Template

{prj}-{env}-{region}-lt-{name}

vdig-live-ew1-lt-grafana

Key Pair

{prj}-{env}-{region}-key-pair-{name}

vdig-live-ew1-key-pair-grafana

Database

Resource Scheme Example

Resource	Scheme	Example
ElastiCache	`{prj}-{env}-{region}-ec-{name}`	`vdig-live-ew1-ec-grafana`
RDS	`{prj}-{env}-{region}-rds-{name}`	`vdig-live-ew1-rds-grafana`
DynamoDB	`{prj}-{env}-{region}-ddb-{name}`	`vdig-live-ew1-ddb-grafana`
DocumentDB	`{prj}-{env}-{region}-docdb-{name}`	`vdig-live-ew1-docdb-grafana`
MongoDB Atlas	`{prj}-{env}-{region}-atlas-{name}`	`vdig-live-ew1-atlas-grafana`

ElastiCache

{prj}-{env}-{region}-ec-{name}

vdig-live-ew1-ec-grafana

RDS

{prj}-{env}-{region}-rds-{name}

vdig-live-ew1-rds-grafana

DynamoDB

{prj}-{env}-{region}-ddb-{name}

vdig-live-ew1-ddb-grafana

DocumentDB

{prj}-{env}-{region}-docdb-{name}

vdig-live-ew1-docdb-grafana

MongoDB Atlas

{prj}-{env}-{region}-atlas-{name}

vdig-live-ew1-atlas-grafana

Management & Governance

Resource Scheme Example

Resource	Scheme	Example
CloudWatch	`{prj}-{env}-{region}-cwl-{name}`	`vdig-live-ew1-cwl-service-optraces`
Application AutoScaling
Application AutoScaling - Policy	`{prj}-{env}-{region}-appasg-plcy-{name}`	`vdig-live-ew1-appasg-plcy-max-cpu-grafana`
Application AutoScaling - Scheduled	`{prj}-{env}-{region}-appasg-schd-{name}`	`vdig-live-ew1-appasg-schd-stop-grafana`
CloudFormation	`{prj}-{env}-{region}-cfn-{name}`	`vdig-live-ew1-cfn-grafana`
SSM Parameter Store	`{prj}-{env}-{region}-ssm-{name}`	`vdig-live-ew1-ssm-grafana-rds`

CloudWatch

{prj}-{env}-{region}-cwl-{name}

vdig-live-ew1-cwl-service-optraces

Application AutoScaling

Application AutoScaling - Policy

{prj}-{env}-{region}-appasg-plcy-{name}

vdig-live-ew1-appasg-plcy-max-cpu-grafana

Application AutoScaling - Scheduled

{prj}-{env}-{region}-appasg-schd-{name}

vdig-live-ew1-appasg-schd-stop-grafana

CloudFormation

{prj}-{env}-{region}-cfn-{name}

vdig-live-ew1-cfn-grafana

SSM Parameter Store

{prj}-{env}-{region}-ssm-{name}

vdig-live-ew1-ssm-grafana-rds

Security, Identity, & Compliance

Resource Scheme Example

Resource	Scheme	Example
IAM Instance Profile	`{prj}-{env}-insp-{name}`	`vdig-live-insp-gitlab`
IAM Role	`{prj}-{env}-role-{name}`	`vdig-live-role-gitlab-runners`
IAM Policy	`{prj}-{env}-plcy-{name}`	`vdig-live-plcy-gitlab-alb`
AWS KMS key	`{prj}-{env}-{region}-kms-{name}`	`vdig-live-ew1-kms-rds-encryption`

IAM Instance Profile

{prj}-{env}-insp-{name}

vdig-live-insp-gitlab

IAM Role

{prj}-{env}-role-{name}

vdig-live-role-gitlab-runners

IAM Policy

{prj}-{env}-plcy-{name}

vdig-live-plcy-gitlab-alb

AWS KMS key

{prj}-{env}-{region}-kms-{name}

vdig-live-ew1-kms-rds-encryption

Storage

Resource Scheme Example

Resource	Scheme	Example
EFS	`{prj}-{env}-{region}-efs-{name}`	`vdig-live-ew1-efs-gitlab`
S3 Bucket	`{prj}-{env}-{region}-s3-{name}`	`vdig-live-ew1-s3-service-alb-logs`
AWS Backup
AWS Backup - Plan Rule	`{prj}-{env}-{region}-bckp-plan-rule-{name}`	`vdig-live-ew1-bckp-plan-rule-grafana-efs`
AWS Backup - Vault	`{prj}-{env}-{region}-bckp-vault-{name}`	`vdig-live-ew1-bckp-vault-grafana-efs`
AWS Backup - Selection	`{prj}-{env}-{region}-bckp-selection-{name}`	`vdig-live-ew1-bckp-selection-grafana-efs`

EFS

{prj}-{env}-{region}-efs-{name}

vdig-live-ew1-efs-gitlab

S3 Bucket

{prj}-{env}-{region}-s3-{name}

vdig-live-ew1-s3-service-alb-logs

AWS Backup

AWS Backup - Plan Rule

{prj}-{env}-{region}-bckp-plan-rule-{name}

vdig-live-ew1-bckp-plan-rule-grafana-efs

AWS Backup - Vault

{prj}-{env}-{region}-bckp-vault-{name}

vdig-live-ew1-bckp-vault-grafana-efs

AWS Backup - Selection

{prj}-{env}-{region}-bckp-selection-{name}

vdig-live-ew1-bckp-selection-grafana-efs

Tagging strategy

Tagging is an effective tool to help manage AWS resources at increasing scale, providing the ability to identify, classify and locate resources for management and billing purposes.

This is a WIP