Select your cookie preferences

We use essential cookies and similar tools that are necessary to provide our site and services. We use performance cookies to collect anonymous statistics, so we can understand how customers use our site and make improvements. Essential cookies cannot be deactivated, but you can choose “Customize” or “Decline” to decline performance cookies.

If you agree, AWS and approved third parties will also use cookies to provide useful site features, remember your preferences, and display relevant content, including relevant advertising. To accept or decline all non-essential cookies, choose “Accept” or “Decline.” To make more detailed choices, choose “Customize.”

FAQ - AWS Prescriptive Guidance

FAQ

This section provides answers to commonly raised questions about tagging resources on AWS.

How do I define tags categories for my resources?

Companies that are most effective in their use of tags typically create business-relevant tag groupings to organize their resources along technical, business, and security dimensions. Companies that use automated processes to manage their infrastructure also include additional, automation-specific tags.

Can I see information about cost and usage even without tags?

It’s possible to visualize cost and usage information in AWS Cost Explorer, but you will not have filters to see more granular information of cost and billing from AWS services. For example, you won’t be able to filter by application, business unit, cost center, environment, project, or product.

How can tags be enforced?

There are two types of enforcement:

  • Proactive – Using AWS Organizations service control policies (SCPs) or AWS CloudFormation

  • Reactive – Using automatic tagging solutions or tag policies

Who can create a new tag value?

It’s important to define who will create and apply the tags in your company, during the creation of the tagging dictionary. Usually, application and operational tags are created by the Engineering or Architecture team. Business and financial tags are usually created by the FinOps team, and security tags are created by the Security team.

How can I measure success?

There are KPIs in the Measure, enforce, and evolve section of this guide that you can use to identify whether the tags are helping you to allocate costs or whether the tagging strategy needs to be adjusted.

PrivacySite termsCookie preferences
© 2025, Amazon Web Services, Inc. or its affiliates. All rights reserved.