6

I'm new to AWS IAM and I was wondering if there is a best practice for naming groups for development and deployment. I search on the internet for some article that recommends a best practices but couldn't find one. One naming strategy and example names are:

project_name.role

For example:

my_new_project.deployer <-- for users that want to deploy

my_new_project.app <-- it will contain policies regarded to the app (if it has to communicate with other services, etc)

Any other suggestion for naming groups?

Community
  • 1
  • 1
Malvrok
  • 369
  • 4
  • 16

1 Answers1

9

AWS provides a tagging best practices guide which discusses the naming for tags and resources.

For resources, it recommends a dot notation:

  1. account-name prefix: for example, production, development
  2. resource-name: free-form field for the logical name of the resource
  3. type suffix: for example, subnet, sg, role, policy, kms-key

And gives the following examples:

  1. prod.ec2-s3-access.role
  2. dr.ec2-s3-access.role
jarmod
  • 71,565
  • 16
  • 115
  • 122