You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 3 Next »


Introduction

This document provide information about using a AWS Shared VPC offering once its has been provisioned to your Cornell AWS account.

Best Practices

  • Use Security Groups applied to resources deployed in the Shared VPC to restrict ingress to those resources, even by traffic from the local VPC and subnets. You don't want to be affected by something dumb another team does when they are using the Shared VPC.
  • When deploying replicas of a specific resource, be sure to spread them out across multiple subnets (and thus multiple AZs).
  • Be especially careful about configuring resources that automatically scale up (e.g., EC2 Auto Scaling Groups).
  • If you are managing Elastic Network Interfaces directly, be sure to delete them once they are no longer needed.
  • Don't change the tags that "come with" the shared resources. But, feel free to add additional tags as you see fit. See Tagging below for more information.

What You'll See

Tagging

The resources shared in the context of the Shared VPC offerings are extensively tagged in order to provide helpful information to users. This tagging is maintained by a process that regularly resets the tag values if they are changed.

Except for the "Name" tag, all other tags used by the Shared VPC offerings are prefixed by "cit:". Any tags that you add will remain unchanged.

General Tags Added to Most Shared Resources

Tag KeyTag ValueDescription
NamevariesAcross the Shared VPC offerings, resource names are constructed to be clear and have uniform structure.
cit:contact-email

cit:description

cit:documentation-url

cit:deployment

cit:namegenerally duplicates the value of the "Name" tag

VPC



References

  • No labels