How to auto tag your account?
This feature help you tagging your account for cluster, non cluster resource and IAM user.
Update all the users in account with permanent tags: [user_data_csv=read/write]
we create a simple way to read all user into csv, update tags in the csv by columns,delete the tags by specific keys and run podman to update it in IAM.read - generates csv file with all the users and tags of users. [ manually update the list ]
update - Updates the tags of users in IAM
delete - Delete the specific tags in IAM user
# policy=tag_iam_user
sudo podman run --rm --name cloud-governance -e policy=tag_iam_user -e AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID -e AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY -e user_tag_operation=read/update/delete -e remove_tags="['Environment', 'Test']" -e username=test_username -e file_name=tag_user.csv -e log_level=INFO -v /home/user/tag_user.csv:/tmp/tag_user.csv --privileged quay.io/ebattat/cloud-governance
Update all the resources Cluster/Non-Cluster by create user tags.
It will update all the non tags resource per region [Limit: only if the resource was created in the last 90 days].mandatory_tags: it adds the tags to the resource.
tag_operation: read/update/delete to perform the operation
# policy=tag_resources
sudo podman run --rm --name cloud-governance -e policy=tag_resources -e AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID -e AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY -e AWS_DEFAULT_REGION=us-east-2 -e tag_operation=read/update/delete -e mandatory_tags="{'Owner': 'Name','Email': 'name@redhat.com','Purpose': 'test'}" -e log_level=INFO -v /etc/localtime:/etc/localtime quay.io/ebattat/cloud-governance
Update all the non-cluster resources by create user tags and mandatory tags It will update all the non tags of non-cluster resource per region [Limit: only if the resource was created in the last 90 days].
mandatory_tags: it adds the tags of the resource if it doesn’t have any data on user.
# policy=tag_non_cluster
sudo podman run --rm --name cloud-governance -e policy=tag_non_cluster -e AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID -e AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY -e AWS_DEFAULT_REGION=us-east-2 -e dtag_operation=read/delete/update -e mandatory_tags="{'Owner': 'Name','Email': 'name@redhat.com','Purpose': 'test'}" -e log_level=INFO -v /etc/localtime:/etc/localtime quay.io/ebattat/cloud-governance