Cloud Cost Allocation with Tags: The Complete Tagging Strategy for AWS, Azure and GCP
Why Tagging Strategy Matters
Without proper tagging, you know how much you're spending on cloud — but not who is spending it or why. Effective cost allocation tagging enables FinOps, chargeback, and informed optimisation decisions.
Recommended Tag Schema
| Tag Key | Example Values | Required? | Purpose |
|---|---|---|---|
| Environment | production, staging, dev, test, sandbox | Mandatory | Separate prod from non-prod spend |
| Team | platform, payments, data, frontend, ml | Mandatory | Chargeback to teams |
| Project | checkout-v2, reporting-dashboard, auth-service | Mandatory | Project-level cost tracking |
| CostCentre | CC-1001, CC-2045, CC-SHARED | Mandatory | Finance system integration |
| Owner | platform-lead@company.com | Recommended | Contact for orphaned resource cleanup |
| ManagedBy | terraform, manual, ansible | Recommended | Infrastructure lifecycle management |
| AutoShutdown | true, false | Recommended (non-prod) | Enable scheduled shutdown automation |
Enforcing Mandatory Tags
AWS — Service Control Policies
Use AWS Organizations SCP to prevent resource creation without required tags:
{
"Condition": {
"Null": {
"aws:RequestedRegion": "false",
"aws:TagKeys/Environment": "true"
}
}
}Azure — Azure Policy
Apply a "Require tag on resources" policy at Management Group scope. Non-compliant resources are flagged and can be prevented from creation. Azure's "inherit tag from resource group" policy automatically tags child resources.
GCP — Organization Policy
Use Organization Policies to require labels on resource creation. GCP's label inheritance means projects can automatically apply default labels to all resources.
Cost Allocation Reporting
| Provider | Tool | Features |
|---|---|---|
| AWS | Cost Explorer + Cost Categories | Tag-based cost grouping, custom cost categories |
| Azure | Cost Management + Billing | Tag filtering, export to storage account |
| GCP | BigQuery Billing Export | Most flexible — SQL queries on your billing data |
Handling Shared/Untaggable Resources
Some costs can't be tagged: data transfer, Route53 queries, support plans. Handle these with:
- Define a "Shared" cost centre for unallocable spend
- Distribute shared costs proportionally by team's direct spend ratio
- Exclude infrastructure-level costs from team chargeback and manage centrally
Terraform Tag Automation
Add default tags to all resources via Terraform's provider default_tags:
provider "aws" {
default_tags {
tags = {
Environment = var.environment
Team = var.team
ManagedBy = "terraform"
Project = var.project
}
}
}Implement tagging enforcement via policy on day one — it's exponentially harder to retrofit tags to a large existing environment than to require them from the start. Every untagged resource is cost intelligence you'll never recover.
Ready to Calculate Your Cloud Costs?
Use TCOIQ's free comparison tool or build a full inventory across all 5 clouds.