Skip to main content

Use Case for All taggable AWS Resources should have all requried tags

  1. Configure All taggable AWS Resources should have all requried tags
  2. Use Case for All taggable AWS Resources should have all requried tags
  3. Triage Guides by Violation Type
    1. Triage All taggable AWS Resources should have all requried tags TAG_POLICY_NONCOMPLIANT

AWS Resource Tag Compliance Policy

Overview

This policy ensures that AWS resources have the necessary tags, specifically the pyrae:OwnerTag. Tagging resources is crucial for resource management, cost allocation, and compliance.

Pros and Cons

Pros

  • Cost Management: Helps track resource usage and allocate costs correctly.
  • Compliance: Ensures resources meet tagging standards for better governance.
  • Resource Management: Facilitates better organization and management of resources.

Cons

  • Overhead: Enforcing tagging policies may require additional management effort.
  • Complexity: Managing tags across a large number of resources can become complex.

How the Policy Works

This policy checks if the specified AWS resources have the pyrae:OwnerTag. If the tag is missing, the policy will generate a violation. This helps maintain compliance and manage resources effectively.

Variables

  • ownerTag (default: pyrae:OwnerTag): The tag key that needs to be present on the resource.

Violation Types

  • TAG_POLICY_NONCOMPLIANT: Indicates that the resource is missing the required tag.

Policy Execution

The policy runs reactively, checking the specified resources for compliance with the tagging policy when the underlying resource is changed. If any resources are found non-compliant, a violation is generated.