How-To

Use PowerShell to Tag Amazon EC2 Instances

If you need to tag several instances (think bulk!), the filtering capabilities of PowerShell can make the process a lot easier.

• By Brien Posey
• 04/23/2019

Although you can tag an Amazon Elastic Compute Cloud (EC2) instance through the Amazon Web Services (AWS) console, PowerShell is often a better tool for bulk operations. As such, I wanted to show you some techniques for applying tags to EC2 instances using the AWS PowerShell interface.

There are three main steps involved in the basic tagging process. The first step is to create a tag object. As you may recall, a tag is made up of a key/value pair. A tag object is a PowerShell recognizable object that includes a key and a value as attributes. This object is usually mapped to a variable as a way of making it easier to work with the object.

So for the sake of demonstration, let's pretend that I want to associate an Owner tag with an EC2 instance. Therefore, I'll create a tag object with a key named Owner. I'll use my own name for the value (Brien). I'll map the new object to a variable called $OwnerTag, but you can of course use any variable name that you want. Here's what the code looks like:

$OwnerTag = New-Object Amazon.EC2.Model.Tag
$OwnerTag.Key = "Owner"
$OwnerTag.Value = "Brien"

So in this sample block of code, the first command actually creates the new object. The second line creates the object's key attribute and sets the name of the key to Owner. The third line creates the object's value attribute and sets the value to Brien.

The second step in the process is to identify the identity of the EC2 instance that you want to tag. The easiest way to do this is to use the instance's instance ID. You can get the instance ID from the EC2 console, as shown in Figure 1. You can of course retrieve the instance ID through PowerShell, and there's also a way that you can work with multiple instances simultaneously, but those are other topics for another day.

Once you've retrieved an instance ID, you'll probably want to map it to a variable. Here's an example of what that process might look like:

$InstanceID = "i-03ab08f10a4d27368"

The third step in the process is to actually apply the new tag to the VM instance. AWS has created a PowerShell cmdlet named New-EC2Tag that exists specifically for this purpose. As is the case with most PowerShell cmdlets, there are a large number of parameters that you can use with the New-EC2Tag cmdlet. If you want to make things easy, however, there are really only two parameters that you'll need to supply. These include the EC2 instance's identity and the tag. Remember, we've already mapped both of these to variables, so all we have to do now is to reference these variables. Here ' what the command looks like:

New-EC2Tag -Resource $InstanceID -Tag $OwnerTag

As you can see, I've appended the Resource parameter to the New-EC2 cmdlet, and used the $InstanceID variable to supply the Instance ID. It's possible to provide the Instance ID as a text expression, and not even worry about creating a variable. As I mentioned earlier, however, in the real world you'll likely be retrieving this value from PowerShell, and possibly even working with multiple EC2 instances. In those types of situations you'll pretty much have to use a variable, so I wanted to go ahead and use a variable in my example even though it's possible to get by without it.

The other thing that I did was to supply the -Tag parameter and then reference the tag object that I created, which I mapped to the $OwnerTag variable. Figure 2 shows what happens when I enter these instructions into PowerShell.

As you can see in Figure 2, PowerShell doesn't provide any sort of feedback when you enter these commands. However, once refreshed, the EC2 console shows the recently added tags (Figure 3).

If you only need to tag a single instance, then it's a lot less work to simply use the EC2 console instead of delving into PowerShell. If you need to tag several instances, however, then PowerShell's filtering capabilities can make the process a lot easier than it would be if you had to manually figure out which instances to tag.