Skip to main content

Triage All taggable AWS Resources should have all requried tags TAG_POLICY_NONCOMPLIANT

  1. Configure All taggable AWS Resources should have all requried tags
  2. Use Case for All taggable AWS Resources should have all requried tags
  3. Triage Guides by Violation Type
    1. Triage All taggable AWS Resources should have all requried tags TAG_POLICY_NONCOMPLIANT

Triage Guide for TAG_POLICY_NONCOMPLIANT Violation

Understand

Why should I care about fixing this issue?

Tags are crucial for resource management, cost allocation, and ensuring compliance with organizational policies.

Validate

How am I sure that this alert is true and accurate?

The data source for this policy is the AWS Resource Groups Tagging API. You can manually retrieve the tags for a resource using the tag:GetResources action.

How do I retrieve it manually?

Use the AWS CLI or AWS Management Console to check the tags of the resource.

Does this policy scan on a schedule or is it Reactive?

This policy is reactive and checks resources when they are created or modified.

Triage

What is the impact if it is unfixed?

  • Cost Management: Inaccurate cost allocation and tracking.
  • Compliance: Non-compliance with organizational tagging standards.
  • Resource Management: Difficulty in managing and organizing resources.

Does this problem get worse over time if it is unaddressed?

Yes, as more resources without the required tags can accumulate, leading to greater management and compliance issues.

Can remediation cause outages or downtime to any other running service?

No, adding tags to resources does not cause outages or downtime.

Act

What do I do to fix this alarm?

Add the required pyrae:OwnerTag to the non-compliant resources using the AWS CLI, SDK, or Management Console.

Reflect

What should I do if this alarm wasn't a good use of time?

  • Adjust thresholds: Modify the policy to check for additional tags or change the required tags.
  • Disable policy: If the policy is not necessary, it can be disabled.