Building a cost allocation strategy - Best Practices for Tagging AWS Resources

Building a cost allocation strategy

Defining and implementing a cost allocation model

Create account and cost structure for the resources being deployed in AWS. Establish the relationship between costs from AWS spend, how those costs were incurred, and who or what incurred those costs. Common cost structures are based on AWS Organizations, AWS accounts, environments, and entities within your organizations, such as a line of business or workload. Cost structures can be based on multiple attributes to permit the examination of costs in different ways or at different levels of granularity such as rolling up the costs of individual workloads to the line of business they serve.

When choosing a cost structure that aligns with the desired outcomes, evaluate the cost allocation mechanisms on the ease of implementation versus desired accuracy. This might include considerations in regards to accountability, tooling availability, and cultural changes. Three popular cost allocation models that AWS customers usually start from are:

  • Account-based — This model requires the least amount of effort and provides high accuracy for showbacks and chargebacks, and is suitable for organizations that have a defined account structure (and is consistent with the recommendations of the Organizing Your AWS Environment Using Multiple Accounts whitepaper). This provides clear cost visibility on a per-account basis. For cost visibility and allocation, you can use AWS Cost Explorer, Cost and Usage Reports, as well as AWS Budgets for cost monitoring and tracking. These tools provide filtering and grouping options by AWS accounts. From a cost allocation perspective, this model doesn’t have to rely on accurate tagging of individual resources.

  • Business Unit or Team-based — Cost allocatable to teams, business units, or organizations within an enterprise. This model requires a moderate amount of effort, provides high accuracy for showbacks and chargebacks, and is suitable for organizations that have a defined account structure (typically using AWS Organizations), with separation between various teams, applications, and workload types. This provides clear cost visibility across teams and applications, and as additional benefit reduces the risk of hitting AWS service quotas within a single AWS account. For example, each team may have five accounts (prod, staging, test, dev, sandbox), and no two teams and applications will share the same account. With such structure AWS Cost Categories will then provide the functionality to group accounts or other tags (“meta-tagging”) into categories, which can be tracked in the tools mentioned in the previous example. It’s important to note that AWS Organizations allows tagging of accounts and organizational units (OUs), however these tags will not be applicable for cost allocation and billing reporting (that is, you cannot group or filter your cost in AWS Cost Explorer by OU). AWS Cost Categories should be used for this purpose.

  • Tag-based — This model requires more effort compared to the previous two and will provide high accuracy for showbacks and chargebacks depending on the requirements and end goal. While we strongly recommend that you adopt the practices outlined in Organizing Your AWS Environment Using Multiple Accounts whitepaper, realistically customers often find themselves with mixed and complex account structures that take time to migrate away from. Implementing a rigorous and effective tagging strategy is the key in this scenario, followed by activating relevant tags for cost allocation in the Billing and Cost Management console (in AWS Organizations, tags can be activated for cost allocation only from the Management Payer account). After tags are activated for cost allocation, then tools for cost visibility and allocation that were mentioned in the previous methods can be used for showbacks and chargebacks. Note that cost allocation tags are not retrospective, and will only appear in billing reporting and cost tracking tools after they were activated for cost allocation.

To summarize, if you need to track costs by business unit, you can use AWS Cost Categories to group linked accounts within AWS Organization accordingly and view this grouping in billing reports. When you create separate accounts for production and non-production environments, you can also filter the costs related to environments in tools such as AWS Cost Explorer, or track those costs using AWS Budgets. Finally, if your use case requires more granular cost tracking, for example, by individual workloads or applications, you can tag resources within those accounts accordingly, activate those tag keys for cost allocation on the management account, and then filter that cost by tag keys in the billing reporting tools.

Establishing cost reporting and monitoring processes

Start with identifying the types of costs that are important for internal stakeholders (for example, daily spend, cost by account, cost by X, amortized costs). By doing so, you can mitigate budgetary risks associated with unexpected or anomalous spend faster than waiting for the finalized AWS invoice. Tags provide the attribution that enables these reporting scenarios. Insights gained from reporting can inform your actions to mitigate the impact from anomalous and unexpected spend on financial budgets. When there is an unexpected surge in costs, it's important to evaluate if there has been an unexpected surge in the value delivered so that you can determine if and what action is required.

When developing a tagging strategy to support cost allocation, keep in mind the following elements:

  • AWS Organizations - Cost allocation within multiple accounts can be performed by account, groups of accounts, or group of tags created for resources on those accounts. Tags created for resources residing in individual accounts in AWS Organizations can be used for cost allocation only from the management account.

  • AWS Account - Cost allocation within one AWS account can be performed by additional dimensions such as services or regions. It’s possible to further tag resources within an account and work with the groups of such resource tags.

  • Cost Allocation Tags - Both user-created tags and AWS generated tags can be activated for cost allocation, if necessary. Enabling tags for cost allocation in the billing console (of the management account in AWS Organizations) helps with showbacks and chargebacks.

  • Cost Categories - AWS Cost Categories allow grouping accounts and grouping tags (“meta-tagging”) within an AWS Organization, which further provides capability to analyze the cost related to these categories through tools such as AWS Cost Explorer, AWS Budgets and AWS Cost and Usage Report.

Performing showback and chargeback for business units, teams, or organizations within the enterprise

Attribute costs using your cost allocation process supported by your cost structure and cost allocation tags. Tags can be used to provide showback to teams that are not directly responsible to pay for costs but are responsible for having incurred those costs. This approach provides awareness of their contribution to spend and how those costs are incurred. Perform chargeback to the teams that are directly responsible for costs to recover the expense of the resources they have consumed, and to provide them with awareness of those costs and how they were incurred.

Measuring and circulating efficiency or value KPIs

Agree on a set of unit cost or KPI metrics to measure the impact of your cloud financial management investments. This exercise creates a common language across technology and business stakeholders, and tells an efficiency-based story, rather than a story focused solely on absolute, aggregate spend. For additional information check this blog that talks how unit metrics can help create alignment between business functions.

Allocating unallocatable spend

Depending on the organization’s accounting practices, different charge types might require different treatment. Identify the resources or cost categories that cannot be tagged. Depending on the services used and those planned to be used, agree on the mechanisms on how to treat and measure such unallocatable spend. For example, check the list of resources that are supported by AWS Resource Groups and Tag Editor in the AWS Resource Groups and Tags User Guide.

A common example of cost category that cannot be tagged is some fees for commitment-based discounts such as Reserved Instances (RI) and Savings Plans (SP). While subscription fees and unused SP and RI fees cannot be tagged in advance of appearing in billing reporting tools, you can track how RI and SP discounts apply to accounts, resources and their tags in AWS Organizations after the fact. For example, in AWS Cost Explorer it’s possible to look at the amortized cost, group that spend by the relevant tag keys and apply filters relevant to your use case. In AWS Cost and Usage Report (CUR), you can filter out lines that correspond to usage covered by RI and SP discounts (read more in the use cases section of the CUR documentation) and select the columns that are only relevant to you. Each tag key activated for cost allocation will be presented in its own separate column at the end of the CUR report, similarly to how it's presented in other legacy billing reports, such as monthly cost allocation report. For additional reference, check the AWS Well-Architected Labs for examples of gaining cost and usage insights from CUR data.


In addition to AWS tools available to assist with showbacks and chargebacks, there is a range of other AWS created and third-party solutions that can help monitor the cost of tagged resources, and measure the effectiveness of the tagging strategy. Depending on both the requirements and the end objective of the organization, one could either invest time and resources into building customized solutions or purchase tools provided by one of the AWS Cloud Management Tools Competency Partners. If you decide to create your own single source of truth cost allocation tool with controlled parameters relevant for the business, AWS Cost and Usage Report (CUR) provides most detailed cost and usage data and enables creation of customized optimization dashboards, allowing filtering and grouping by accounts, services, cost categories, cost allocation tags, and multiple other dimensions. Among CUR-based solutions developed by AWS that can be used as one of these tools, check Cloud Intelligence Dashboards on the AWS Well-Architected Labs website.