Document Lifecycle Status

TEMPLATE DRAFT IN REVIEW BASELINE

Purpose

To facilitate the deployment and management of AWS resources it is recommended to have clear naming convention that reflect your organization.

Decision

Choose a method to naming the different AWS Resources

AWS IAM Naming Matrix

Purpose

Naming Convention

Example

Federated Roles

AA-saml-BB

projectname_subprojectname-saml-administrator
sandbox_username-saml-administrator
phd_username-saml-administrator

Non-Federated Roles

AA-role-BB

projectname_subprojectname-role-breakglass
sandbox_username-role-breakglass
phd_username-role-breakglass

Users

AA-user-BB

projectname_subprojectname-user-breakglass
sandbox_username-user-breakglass
phd_username-user-breakglass

Refer to 1-3 - Decision - AWS Accounts Naming Convention

Refer to Decision - Human IAM Roles and Policies Design

Refer to Decision - IAM Users Credentials Management Design


AA (Namespace):

  • projectname_subprojectname
  • sandbox_username
  • project type
    • bth_username
    • mth_username
    • phd_username

BB (Purpose):

  • administrator = Perform administration tasks including IAM
  • readonly = Perform monitoring tasks
  • breakglass = Emergency access in case SAML is down

AWS Network Naming Matrix

Purpose

Naming Convention

Example

Security Groups

AA-sg-BB-CC

projectname_subprojectname-sg-remote-linux
sandbox_username-sg-remote-linux
phd_username-user-sg-remote-linux

Network Access Control Lists (NACLs)

AA-nacl-BB-CC

projectname_subprojectname-nacl-publicsubnet
sandbox_username-nacl-publicsubnet
phd_username-nacl-publicsubnet

Refer to 1-3 - Decision - AWS Accounts Naming Convention

Refer to Decision - Security Groups and NACLs Design


AA (Namespace):

  • projectname_subprojectname
  • sandbox_username
  • project type
    • bth_username
    • mth_username
    • phd_username

BB (Function):

  • remote
  • isolated
  • common


Optional:

CC (Semantic):

  • linux
  • windows
  • instance

AWS General Naming Matrix

Purpose

Naming Convention

Example

EC2 InstancesAA-ec2-BB-CC

projectname_subprojectname-ec2-Application-Details
sandbox_username-ec2-Application-Details
phd_username-ec2-Application-Details

Elastic Load Balancers (ELBs)

AA-elb-BB-CC

projectname_subprojectname-ec2-Application-Details
sandbox_username-ec2-Application-Details
phd_username-ec2-Application-Details

Databases

AA-db-BB-CC

projectname_subprojectname-db-Application-Details
sandbox_username-db-Application-Details
phd_username-db-Application-Details

Refer to 1-3 - Decision - AWS Accounts Naming Convention


AA (Namespace):

  • projectname_subprojectname
  • sandbox_username
  • project type
    • bth_username
    • mth_username
    • phd_username

BB (Application):

  • ApplicationA
  • ApplicationB
  • ApplicationC


Optional:

CC (Details):

  • Public
  • Private
  • Testing


  • Keine Stichwörter