In Oracle Cloud Infrastructure you have two options to tag your resources, defined tags which are setup by your administrator or free form tags which can be applied by any user who has access to a resource.
So why should you tag resources?
In my opinion when you start your OCI project this is definitely a concept which you shouldn’t overlook! Even though you can separate your resources in different compartments everyone should setup set of pre-defined tags which are applied to resources.
With this you can list and organize resources lot easier and perhaps also later on do tag-based billing? It’s an easy step to overlook and definitely not the most attractive one so that’s why I wanted to highlight this in a post.
I’d even go as far as saying having a tag strategy is critical for your cloud operations in the long run.
With free form tagging you just select your resource and enter a key value pair what you want to apply.
Free form tags give a lot of freedom and you can just use them as you like but it’s better to start using defined tags as then you can standardize tagging used within the compartment.
As written earlier these are predefined tags what you can assign to specific compartment so users who have access resources under that compartment can tag them.
Defined tags you find under Menu => Governance => Tag Namespaces
First you need to select your compartment and then click the Create Namespace Definition. I will create namespace resource-tags under my OracleEBS compartment.
After creating the namespace definition you can add the actual tags into it. I’ve added two tags to my namespace. Tags for owner and environment.
Now the tags are ready to be used. If I create an instance in Oracle-EBS compartment I can choose the tag namespace I created and then define the tags for owner and environment.
The problem I see is that even though I have a tag namespace with multiple tags I can’t force that they are used. If we have defined five tags what should be used within a namespace, user can still choose only one tag and leave rest of them blank.
That’s why its good to use Terraform to create your instances. You can have module ready for instance creation and in the Terraform template you have tags defined in the variables file.
I wrote a simple module which creates the namespace and also tags for the namespace from the list. That way you can create as many tags per namespace you want and the module will loop it through. The module looks like this:
variable "tenancy_ocid" {} variable "compartment_ocid" {} variable "tag_namespace_description" {} variable "tag_namespace_name" {} variable "is_retired" {} variable "tag_names" {type = "list"} variable "tag_description" {type = "list"} resource "oci_identity_tag_namespace" "CreateTagNamespace" { compartment_id = "${var.compartment_ocid}" description = "${var.tag_namespace_description}" name = "${var.tag_namespace_name}" is_retired = "${var.is_retired}" } resource "oci_identity_tag" "CreateTag" { count = "${length(var.tag_names)}" description = "${var.tag_description[count.index]}" name = "${var.tag_names[count.index]}" tag_namespace_id = "${oci_identity_tag_namespace.CreateTagNamespace.id}" is_retired = false }
Only thing to highlight are two variables coming in as a list and then using the count under resource to loop variables through. I had four tags in my variables.tf which then got created within this single module. Quite handy!
Next if I want to use tags in the instance creation I will just add variable as per documentation:
defined_tags = {"Operations.CostCenter"= "42"}
To pass this as a variable you should have it defined in your variables.tf as a map:
variable "project-tag" { type="map" default = {project-tags.costcenter = "42"}
And in the module which creates instance I take the variable as map also and then use the defined_tags to assign it:
... variable "project_tag" {type = "map"}
resource "oci_core_instance" "CreateInstance" { count = "${var.server_count}" availability_domain = "${var.instance_availability_domain}" compartment_id = "${var.compartment_ocid}" image = "${var.image_id}" shape = "${var.instance_shape}" defined_tags = "${var.project_tag}"
When I now create instances through Terraform I can see the defined tag I assigned is applied.
And if there is need to apply more defined tags you can easily pass them in the map which you define in variables.tf.
Like I wrote earlier you can’t force tags. This would be good so there wouldn’t exist resources without tags you want to use. However using Terraform gives you a better control to manage what variables are requires when you create a resource.
Remember you can’t delete a namespace, you can only retire a namespace including tags so it’s not used anymore.
Also once you have created tags you can then filter resources based on the tag.
At the moment you can only add tags and filter your resources based on tag but hopefully in the long run you can also use them for cost distribution. Having compartments available gives you already flexibility on IAM so you can easily control access with them and don’t need tags for that.
I highly recommend that you take tags into use right from the start as you will need them to group your resources and perhaps you get some advantages in the future as well if you have proper tag setup!
Last time I showed how to provision Autonomous Database Serverless (ADB-S) on Google Cloud. This…
I bet few years back folks didn't expect that by 2024 we would be able…
This will NOT be a technical walkthrough on Oracle Database@Azure but rather my opinions and…
Recently OCI announced small but VERY useful service, IP Address Insights. Why this matters? I've…