StratoCloud

LEARN MORE

Gaining Single/Multi-Cloud Visibility with Cloud-Agnostic Labeling in Strato-Cloud.io 

StratoCloud Team
Gaining Single/Multi-Cloud Visibility with Cloud-Agnostic Labeling in Strato-Cloud.io 

Cloud Agnostic Labeling 

In today’s multi-cloud era, organizations often manage a multitude of cloud environments across AWS, Azure, GCP and other public or private clouds. The isolated container for managing resources and billing is called an account in AWS, a project in GCP and a subscription in Azure. In this blog, we will use a generic term cloud environment or environment to describe these entities.  The number of environments may range from a handful to a very large number in the thousands in a company. Keeping track of these environments—understanding where they exist, who owns them, and how they’re configured for access, security, cost management and governance—quickly becomes a complex challenge. That’s where Strato-Cloud.io comes in, providing a unified API to view and manage one or more cloud environments from a single platform. 

A powerful feature of Strato-Cloud.io is cloud-agnostic labeling (or tagging). In this blog post, we’ll explore how the Label API works within Strato-Cloud.io, how one can use it to gain visibility across multiple cloud providers, and how to leverage the API to integrate these labels into one’s workflows. 

What are Cloud-Agnostic Labels? 

Labels (sometimes known as tags) are key-value pairs that add contextual metadata to cloud environments. Traditional labeling solutions are often vendor-specific – AWS, Azure, and GCP each have their own approach to labeling. Most often, one needs to login to a specific cloud environment to view environment-specific labels. Strato-Cloud.io unifies these labels into a single object model, allowing one to: 

  • Assign custom data to one’s cloud environments, regardless of provider. 
  • Search and filter environments using these labels. 
  • Standardize how teams apply business context (e.g., cost center, department, environment) across AWS, Azure, and GCP. 

With a consistent labeling strategy, one will be able to generate meaningful reports, optimize costs, manage security issues, and easily navigate the organization’s cloud footprint. Different personas in an organization can use the label information to identify the details they need to quickly get the information about the cloud environment. 

The Strato-Cloud.io API Specification 

Strato-Cloud.io is an API first solution with functionality documented in an OpenAPI 3.x specification. This spec outlines the endpoints available for managing connectors, versions, environments, namespaces and labels. For labeling, the following API is used. 

/environments/{id}/labels 

This endpoint allows one to set all labels for the given environment in a single operation, ensuring consistency across the organization’s cloud inventory. 

The Environment Object 

The API spec for label looks as follows: 

"labels": { 

"additionalProperties": { 

"oneOf": [ 

{ 

"type": "string" 

}, 

{ 

"type": "number" 

}, 

{ 

"type": "boolean" 

} 

] 

}, 

"description": "Cloud agnostic labels", 

"type": "object" 

},

This means each label’s value can be a string, number, or boolean, making it extremely flexible. Labels can capture everything from a simple department name to a flag indicating whether a particular environment is for production or testing. 

The PUT /environments/{id}/labels API 

The specification for the PUT /environments/{id}/labels endpoint: 

"/environments/{id}/labels": { 

"put": { 

"description": "Sets all Labels for Environment with the identifier {id}", 

"operationId": "seteLabels", 

"parameters": [ 

{ 

"description": "The identifier of the Environment", 

"in": "path", 

"name": "id", 

"required": true, 

"schema": { 

"type": "string" 

} 

} 

], 

"requestBody": { 

"content": { 

"application/json": { 

"schema": { 

"type": "object" 

} 

} 

}, 

"description": "New Environment Labels" 

}, 

"responses": { 

"204": { 

"description": "successful operation" 

}, 

"404": { 

"$ref": "#/components/responses/NotFound" 

}, 

"500": { 

"$ref": "#/components/responses/ServerError" 

} 

}, 

"summary": "Set Environment Labels", 

"tags": [ 

"environments" 

] 

} 

}

How It Works 

  1. Path parameter {id} indicates which environment one wants to label. 
  1. Request Body is a JSON object containing key-value pairs, where the keys are label names and values are (string | number | boolean). 
  1. On success, the endpoint returns 204 No Content, signaling that labels were set. 

Practical Example: Adding Labels to an Environment 

Suppose you have an AWS account with ID 123456789012 representing a sandbox account. Here are the sample labels for this account: 

  1. account_type = “sandbox” (string) 
  1. cost_center = 123 (number) 
  1. protected = true (boolean) 
  1. EngineeringOwner = “dev@examplecompany.com” (string) 
  1. Engineeringmanager = “mgr@examplecompany.com” (string) 
  1. FinOpsOwner = “finops@examplecompany.com” (string) 

One can PUT a JSON object like this: 


 “account_type”: “sandbox”, 
 “cost_center”: 123, 
 “protected”: true, 

 “EngineeringOwner” = “dev@examplecompany.com“, 

 “EngineeringManager” = “mgr@examplecompany.com”, 

“FinOpsOwner” = “finops@examplecompany.com”, 

 

to the endpoint: 

PUT /environments/123456789012/labels 
Content-Type: application/json 
 

After a successful 204 response, the cloud environment 123456789012 will reflect the correct labels. One can then run queries to find all “sandbox” environments or cost_center=123 across AWS, GCP, and Azure in one go, using Strato-Cloud.io’s unified API. 

Why Cloud-Agnostic Labeling Matters 

  1. Centralized Visibility 

Instead of logging into each cloud console to see how environments are labeled, you manage them all from Strato-Cloud.io. This allows different persona to get the information they need without specifically logging into the cloud environment. This saves time and prevents inconsistencies. It is also possible to use automation to get the needed information plugging into enterprise workflows. 

  1. Consistent Governance 

Many compliance and security frameworks (e.g., SOC 2, PCI-DSS, ISO 27001) require an audit of cloud environments and their ownership. By applying consistent labels, it’s easier to demonstrate compliance during an audit. 

  1. Incident Response 

Security incidents and resource replacement events can be quickly dealt with by contacting the correct owner of an account, subscription or project. 

  1. Improved Cost Management 

Labels let you track cost at a department, project, or cost-center level across multiple clouds, revealing opportunities for optimization. 

  1. Streamlined Automation 

Infrastructure as Code (IaC) pipelines can integrate with the Strato-Cloud.io Label API, automatically labeling new environments as they are provisioned—ensuring no environment goes unlabeled or untracked. 

Handling Labels at Scale 

When an organization manages hundreds or thousands of cloud environments, using a consistent labeling strategy becomes crucial. Here are some recommended best practices: 

  • Define a Labeling Standard 

Decide on a fixed set of label keys (e.g., owner, cost_center, account_type) to be applied across all cloud environments. 

  • Automate Labeling 

Incorporate labeling into the organization’s cloud provisioning process or CI/CD pipelines. Tools like Terraform, Ansible, or custom scripts can call the Strato-Cloud.io API to label new cloud environments automatically. 

  • Monitor and Enforce 

Use the Strato-Cloud.io GET endpoints (GET /environments) to regularly review unlabeled or improperly labeled environments. It is common for some of the values of the labels to change (e.g:, an employee leaving the firm or cost center changes). The updates to the values can be enforced via policy – if an environment lacks critical labels or if the label values have changed, alert can be generated, or provisioning can be blocked until labels are set. It is best practice to update the labels proactively where possible.  

Integrating Label Management into Your Workflows 

Strato-Cloud.io’s API first approach allows different customizations to be implemented besides what is presented in the UI to fit the needs of an organization. Some examples are noted below. 

  1. Cost Allocation Dashboards 

Pull environment label data (via GET /environments or GET /environments/{id}) into a BI tool (e.g., Power BI, Tableau) to create multi-cloud cost allocation dashboards. 

  1. Event-Driven Automation 

Trigger label updates on certain events. For example, if a cloud environment is flagged by a security tool, automatically add a label security_incident=true. This helps relevant teams quickly identify and remediate the affected environment. 

Summary 

Strato-Cloud.io’s cloud-agnostic labeling feature bridges the gap between different cloud providers’ tagging systems, providing a single interface to manage and discover cloud environments. By using the /environments/{id}/labels APIs and designing a robust labeling strategy, an organization can achieve unparalleled visibility and governance across an organization’s multi-cloud footprint. 

Whether one is a small startup managing a few cloud environments or an enterprise juggling thousands of environments across AWS, Azure, and GCP, consistent labeling is a game-changer. It simplifies your auditing process, allows quick response to security issues by contacting the right people, enables better cost management, and gives the organization the power to scale its cloud footprint without losing control. 

StratoCloud Team Avatar
StratoCloud Team