Welcome to episode 3 of CoreStack's NextGen Cloud Governance podcast – CloudBrew. In this episode, CoreStack's Director of Product Marketing, Martin Bakal, talks about Tagging 2.0, detailing the power of a comprehensive tagging strategy and the steps and tools to streamline tagging for robust cloud governance in a multi-cloud environment.
Discover how our NextGen Cloud Governance platform brings together FinOps, SecOps, and CloudOps solutions so you can Cloud with Confidence.
Listen to Full Episode
Chris: Hey Marty, thanks for joining me. Let's talk about tagging governance. This is a fun topic. This was something I personally have a lot of passion in for myself. Before we get started, let's talk about what is tagging governance?
Marty: Sure, tagging governance really is the next step in the evolution of tagging. There's been a natural evolution from cloud management to add in cloud governance and a lot of other processes involved in that. And tagging has been very useful to go after our basic group of assets. But it really does need to evolve.
Chris: Yeah, it definitely does. And maybe you could forward the listeners explain why you think it needs to evolve, what, what needs to be done there.
Marty: We need to manage tags and not just the end assets. The tags themselves are pretty good, but after a while you need to find ways to actually group them together and everything. And this is all because of multi cloud and scale. As we start dealing up systems, they get bigger, a lot of different things happen. As things scale up, visions and companies all use the cloud that there's a problem there. We just can't have a simple list anymore, that no longer works.
Chris: Couldn't have said it better myself and I think that we really need to get into this and as you're getting into tagging, you know what additional reasons does your implementation have to evolve in there?
Marty: Well, a lot of companies, these large companies need to enforce companies' standards. And report across different divisions. So, they want to enforce a basic standard and then they have different things across divisions. A lot of basic tags wind up with duplicates and confusion. They're making reporting cumbersome making grouping them in certain ways cumbersome. When we start thinking about multi cloud, the same tags are have different meanings, things like that. And so, it's not only and it's not only that but it's also tags can't be managed by one cloud vendor, multi clouds and conformity organization standards.
Chris: Right? And we do see a lot of. That link, I know one of the most complex things in my past is trying to manage all these different cloud services and sometimes there's legitimate reasons that we have multiple tags. They may have environment on one or ENV and another. You know, that's just kind of the nature of the beast as we go through this evolution I think. But the funny thing about all this is that this is nothing new. This really reminds me, you know what, I know your past in my past software development like how do you view that? Do you do you agree?
Marty: I agree. I agree completely. I think that I watched the movement from functional programming to OO programming and everyone's talking about why we are going to object oriented programming, right. It was because of larger scale projects and managing of different resources and wanting to be able to actually control them in some way where we had privacy and different elements, and you could sort of expose only the pieces you needed. The same types of problems exist here. You want to have that control and manage things in a certain way as you scale out and make larger systems. And by the way if you look at it, we start talking about even object-oriented programming. That's actually part of cloud native configurations, right. We all talk about that. So, it's already heavily used in the cloud object-oriented programming. So, this is a natural evolution in that way.
Chris: Yeah. And I actually say it goes well beyond the cloud. In fact, what we're seeing you know that use the word evolution again even in databases in development whether it's a cloud or if it's local, everything is seems to be going in this same direction and sharing the same common infrastructure problems we've always faced. The irony is that we're starting to bring them all together and say, hey, we've already learned this in the past. You know. We've learned about tagging. Tagging's not new. It's been in products for years. You know, we're just getting into this whole idea of on our cloud services as we start to have all these different resources, we need to better govern them and then and manage that within that, how do you see tagging governance work in general?
Marty: Well, I mean, yes, I agree. Following through on that same concept of what we did and what we do in software. Current tagging doesn't really include baselining that, you know, ways to set things up for versioning. Things like that. We need that because we need to be to see this version here versus that version here. What happens? What changes occur? It also has to be available for all different types of resource types. Right now, it's the cloud vendors say these resource types are the ones that get tagging. These ones don't. And I understand that they have reasons that certain ones are really important for them to do that based upon the tooling they have. But we need it for all to in order to really group things, make everything work together. But another interesting concept is inheritance. We want to override the base sets. Maybe that the organization has allowed divisions then to make changes and adjustments as needed, but still say that it's based on that same type. So, you can report on everything in that basic type, or you report on the specific elements inside of different groups. And it's not just reporting, it's grouping, making changes to things. Everything you do with tags, you want to have all that, those types of elements and those things all link back to sort of concepts and software, baselining, versioning, inheritance, all these types of abilities. And then we want to build a group across the clouds. And again, that's a big thing because right now as you mentioned earlier environment versus ENVN you might wanna group those in in a base one that's a certain type and then have them both filter off if needed in certain ways. So, it has to be stored outside the specific cloud vendor.
Chris: Yeah. And you know just to not worry those that are looking at this and trying to figure out hey how do I get started into this and we'll talk about that in a few moments, but you know it's ok to have duplication. That’s the thing. We don't have to, especially as we get started, both ENVN environment exclusivity you only use one and then migrate. We're gonna go through a period where you're probably going to have both, and you couldn’t see that over the long run, you know, we don't know yet. But the idea is to have these available for things like you mentioned it like reporting, right? That's one big area and financial reporting and FinOps. I know takes a lot of advantage of the tagging mechanisms that are out there, and I think it's you know again it's something we can apply across the board for easier management in the long run as we get into it. But we do have to start with that key tagging governance. Are there any other thoughts that you have regarding that governance and tagging governance?
Marty: Yeah. And you mentioned a minute, but ENVN and environment. That could be because each cloud vendor is using that and you're building it into the native cloud tools, right? So, we really need to have one. But what we need maybe is, is one pop on which then has those. So, so we can report or group them all together in all different cloud vendors, but you can still use those tools the same way you always do and not have to go change everything. Because you change it in one place. So it has to be more than one account on a hyperscaler. Tt has to be multiple hyperscalers. The data from the tag still needs to sink back to the cloud vendors though, because if you make a change in a variable, let's say on a given one that has now synced back but also stay in your information. That's a lot to do and we have to really talk about the native cloud tooling sometimes leverages them. So that's very important to think about that and you know you still have to comply with that basic format of hyperscalers. This is all about working with stuff that already exists. While building on top of that something really more powerful that works really well.
Chris: Right! Again, I couldn't agree more, and it was interesting. I was having a conversation with some folks yesterday about tagging you know exciting life. I love talking about this stuff. It's you know and again we were paralleling to our past lives and what we've done with things and it is again I'm going to go back to that evolution side that you mentioned right. It's we've been through these challenges in the past and we've found these best practices and tagging and tagging governance is just one of those in that. And you know, if you think about it, when you're looking at the hyperscalers, you may only use one, you may use just an AWS or Azure GCP, doesn't matter. You know you're going to get started on one and you're probably going to have more than one later on, even if you stayed with one single hyper scaler, you know it's important to take these considerations now because you're most definitely going to have multiple accounts for one way or another in the evolution of your own company and your own, you know, careers and everything you're doing you're going to have to consider, well, how do we get started on this? And starting it earlier does help. But then you know, and we'll talk about this in a future podcast as well. I'd love to dive into this for the audience, get some feedback from anybody there and feel free to share your comments with us. But you know, how did you get started into tagging governance and what did you do? And right now this is a rhetorical question, but we want to explore that and how to get started because I talked to a lot of people and you know, they're scared to get started. It's overwhelming when you first look at it. But as you start to get into it, you realize. Well, I'm making a difference. It's going to, you know, have a long-lasting effect as we move forward. Now with all of that said, what I do want to see from you is, you know, what do you see people doing wrong when they get into it? Maybe we can avoid some people making those wrong initial steps on it as they get started.
Marty: What we see a lot is duplicating similar tags across accounts. We discussed earlier that sometimes it's OK if it came from hyperscale in certain ways and things like that, but many of them have duplicates, the exact same tag across different ones. The reason why is because you have a list of hundreds of them. You go scrolling through, you don't see one that makes sense to you at 1st until you create a new one and then all of a sudden you realize, ohh, that already exists and now you have to figure out how to clean it up. So that's a big problem people run into, quite frankly. It's just all the duplication. Everyone talks about that as being a big problem.
Chris: I would agree, and I think yeah, feeding on to that a little more too is that, you know. Everyone likes to think, oh, how would I start it today and get started and that would be a perfect world if we could. But we all know that almost every time. We're gonna get into this. It's going to be you know retrofitting and going back and I like to call tagging out there and how it's been implemented a bit of the Wild West still. There's a lot of different practices and I think that's where you know my recommendation to folks and where you not to go wrong is to build a best practice off of the experience of others. And those of us that have done this many times can share some really good tips, I think, which is something you know the folks here at CoreStack. I know do very well as well. You know as they get started again and now folks are thinking OK, yeah, you've convinced me, now I gotta get into some tagging governance. What might be the immediate first steps you suggest for somebody?
Marty: I think of it is building a standards list of tags and values to used across your system. What are the names you want? What are those base ones that you need? Because from there you can start then grouping other ones. You can even delete some if it makes sense to you can start cleaning it up. If you don't have that basic list of tags, kind of groupings of tags and things like that, you sort of miss out on undoing it because everything's reinventing the wheel.
Chris: Right. So, create your standards first. I like that. I'll add my first tip is to you know also consider what your end product is. What is it the reason you want to get into tagging? Why are we going on that effort and now you start to take that list that you're suggesting. You start and build that standardized list. You implement that across with reason and you'll see where you're going with it. So, I wanna keep this short and this one again. I want to get into more details in a future podcast as well get into some best practices of actually implementing tagging and tagging governance. But I think the key takeaways that I got from you today is that tagging does need to evolve. You know, this is not new. This is something we faced in the software industry and IT for many years. It's just catching up and now working its way into the hyperscalers and our cloud management systems. Versioning and scaling it is a key component. And then going back to what we've done with that scaling in the past, let's learn from the past. Let that ease us into those transitions. So, thank you again for your time on this today. Marty and I look forward to speaking with you soon.
Marty: Thank you for inviting me. Happy to do it again sometime.