Implementing tagging policies
We’ve already seen how tagging helps you know your AWS inventory better and report on it to see cost and usage. Once you’ve defined your tagging strategy, you can improve the level of resource and cost visibility by applying tagging policies to SCPs across your organization. You can write your own JSON as SCP policies and apply them to OUs. But you can also create and apply tag policies within AWS Organizations in the AWS Management Console.
Tag policies are related to service control policies in that they can help you standardize actions across an OU, but tag policies specifically govern how and what to tag. You will need to attach a tag policy at the OU or account level through AWS Organizations. If applied at the Organization root, then all accounts within that Organization will be subject to the policy.
Let’s assume you wanted to apply a tagging policy to ensure that EC2 instances are tagged with an owner
tag. This allows...