選取您的 Cookie 偏好設定

我們使用提供自身網站和服務所需的基本 Cookie 和類似工具。我們使用效能 Cookie 收集匿名統計資料,以便了解客戶如何使用我們的網站並進行改進。基本 Cookie 無法停用,但可以按一下「自訂」或「拒絕」以拒絕效能 Cookie。

如果您同意,AWS 與經核准的第三方也會使用 Cookie 提供實用的網站功能、記住您的偏好設定,並顯示相關內容,包括相關廣告。若要接受或拒絕所有非必要 Cookie,請按一下「接受」或「拒絕」。若要進行更詳細的選擇,請按一下「自訂」。

偏好設定
聯絡我們
意見回饋
AWS Documentation
建立 AWS 帳戶

Tagging resources in HealthOmics

PDF
RSS
焦點模式
Tagging resources in HealthOmics - AWS HealthOmics
Important noticeTagging HealthOmics resourcesSequence store read set tags
此頁面尚未翻譯為您的語言。 請求翻譯
Topics

Important notice

HealthOmics protects customer data under the AWS Shared Responsibility Model policies. This means that all customer data is encrypted both in transition and at-rest. However, not all customer-inputed names for resources such as data stores or job-based operations are encrypted. They should never contain Personally Identifiable Information or Protected Health Information. For more information, see Security in AWS HealthOmics.

Tagging HealthOmics resources

You can assign metadata to your AWS resources using tags. Each tag is a label consisting of a user-defined key and value. Tags can help you manage, identify, organize, search for, and filter resources.

This topic describes commonly used tagging categories and strategies to help you implement a consistent and effective tagging strategy. The following sections assume basic knowledge of AWS resources, tagging, detailed billing, and AWS Identity and Access Management.

Each tag has two parts:

  • A tag key (for example, CostCenter, Environment, or Project). Tag keys are case sensitive.

  • A tag value (for example, 111122223333 or Production). Like tag keys, tag values are case sensitive.

You can use tags to categorize resources by purpose, owner, environment, or other criteria. For more information, see AWS Tagging Strategies.

You can add, change, or remove tags for a resource from the resource’s service console, service API, or the AWS CLI.

To enable tagging, make sure TagResources is authorized. You can authorize TagResources by attaching an IAM policy like the following example. 

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": "omics:Create*",
            "Resource": "*"
        },
        {
            "Effect": "Allow",
            "Action": "omics:Start*",
            "Resource": "*"
        },
        {
            "Effect": "Allow",
            "Action": "omics:Tag*",
            "Resource": "*"
        },
        {
            "Effect": "Allow",
            "Action": "omics:Untag*",
            "Resource": "*"
        },
        {
            "Effect": "Allow",
            "Action": "omics:List*",
            "Resource": "*"
        }
    ]
}

Best practices

As you create a tagging strategy for AWS resources, follow best practices:

  • Do not store Personally Identifiable Information (PII), Protected Health Information(PHI) or other sensitive information in tags.

  • Use a standardized, case-sensitive format for tags, and apply it consistently across all resource types.

  • Consider tag guidelines that support multiple purposes, like managing resource access control, cost tracking, automation, and organization.

  • Use automated tools to help manage resource tags. AWS Resource Groups and the Resource Groups Tagging API enable programmatic control of tags, making it possible to automatically manage, search, and filter tags and resources.

  • Tagging is more effective when you use more tags.

  • Tags can be edited or modified as user needs change. However to update access control tags, you must also update the policies that reference those tags to control access to your resources.

Tagging requirements

Tags have the following requirements:

  • Keys can't be prefixed with aws:.

  • Keys must be unique per tag set.

  • A key must be between 1 and 128 allowed characters.

  • A value must be between 0 and 256 allowed characters.

  • Values don't need to be unique per tag set.

  • Allowed characters for keys and values are Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @.

  • Keys and values are case sensitive.

Sequence store read set tags

For sequence stores, tags created on the read set sit at the read set resource level. Read sets also contain objects under them that can be accessed, searched, and restricted using S3 APIs. By default, the sample ID (omics:sampleId) and subject ID (omics:subjectId) are added to the object.

Additionally, up to five tags can be synchronized between the read set and the objects under it. The configuration for which tags to sync is a store level configuration set during store creation or update using the propogatedSetLevelTags parameter.

If there is data already in the store, updating the keys may take time. During this update, HealthOmics changes the store status to Updating. On completion, HealthOmics sets the store status to Active. While the tags are propagating, permissions relying on the tags may not be enforced. Permissions will be enforced after the tag propagation is completed.

When tags are set or updated on the read set, the system decides whether to update the objects for that read set, based on the store configuration.

下一個主題:

Adding a tag

上一個主題:

Resource sharing

需要協助?

在本頁面

隱私權網站條款Cookie 偏好設定
© 2025, Amazon Web Services, Inc.或其附屬公司。保留所有權利。