AWS launches Tag Policies
Tag Policies is a new feature that allows you to define rules on how tags can be used on AWS resources in your accounts in AWS Organizations. You can use Tag Policies to easily adopt a standardized approach for tagging AWS resources.
With Tag Policies, you have a simple way to ensure your developers apply consistent tags, audit tagged resources, and maintain proper resource categorization. Using Tag Policies, you can define tag keys, including how they should be capitalized, and their allowed values. For example, you can define the tags CostCenter and SecurityGroup where CostCenter must be ‘123’ and SecurityGroup can be ‘red-team’ or ‘blue-team’. Standardized tags enable you to confidently leverage tags for critical use cases such as cost allocation and attribute-based access control because you can ensure your resources are tagged with the right attributes.
Tag Policies is integrated with AWS Organizations, a service for central governance and management across AWS accounts. You can apply a tag policy to your entire organization, specific organizational units and to individual accounts. After applying a policy, you can export a cross-account, cross-region report that helps you easily identify tags that don’t align with your policy. You can then easily aggregate, view, and share this data with resource owners to correct such noncompliant tags. Also, you can optionally specify enforcement to prevent noncompliant tag changes such as updating a tag with a value not allowed by your policy.
Tag Policies is generally available at no additional charge in the following AWS Regions: US East (N. Virginia), US East (Ohio), US West (N. California), US West (Oregon), Asia Pacific (Hong Kong), Asia Pacific (Mumbai), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), Asia Pacific (Osaka), Canada (Central), EU (Frankfurt), EU (Ireland), EU (London), EU (Paris), EU (Stockholm), Middle East (Bahrain), and South America (São Paulo).
To learn more, review the Tag Policies blog. To get started, see Tag Policies in the AWS Organizations Developer Guide.