启动 EC2 实例时的强制性标记 [英] Mandatory tagging when launching EC2 instance

查看:21
本文介绍了启动 EC2 实例时的强制性标记的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

在 AWS 中,有没有办法强制 IAM 用户标记他/她即将启动的实例?值是多少并不重要.我想确保它被正确标记,以便可以正确识别长时间运行的实例并通知所有者.目前标记是可选的.

In AWS, is there a way to force an IAM user to tag the instance he/she is about to launch? It doesn't matter what the value is. I want to make sure it is correctly tagged so that long running instances can be properly identified and the owner notified. Currently tagging is optional.

我目前所做的是使用 CloudTrail 并通过其 IAM 用户识别实例.我不喜欢它,因为定期运行脚本是一项额外的工作,而 CloudTrail 只有 7 天的数据.如果 AWS 具有所有者的实例属性,那就太好了.

What I do currently is to use CloudTrail and identify the instances with their IAM users. I do not like it because it is an extra work to run the script periodically and CloudTrail has only 7 days worth of data. It would be nice if AWS has an instance attribute for owner.

在我们的案例中,使用密钥对来识别所有者不是一个可行的解决方案.以前有人遇到过这个问题吗?您是如何解决的?

Using keypairs to identify the owners is not a viable solution in our case. Anyone faced this problem before and how did you tackle it?

推荐答案

我使用 AWS Lambda 解决了这个问题.当 CloudTrail 在 S3 中创建一个对象时,它会触发一个导致 Lambda 函数执行的事件.然后,Lambda 函数解析 S3 对象并创建标签.有大约 2 分钟的延迟,但解决方案完美无缺.

I resolved this by using AWS Lambda. When CloudTrail creates an object in S3, it triggers an event that cause a Lambda function to execute. The Lambda function then parses the S3 object and creates the tag. There is a lag of ~2 mins but the solution works perfectly.

这篇关于启动 EC2 实例时的强制性标记的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆