Close this search box.

FinOps – Tags / Labels / Resource Groups Management – B​usiness Cost Analysis

FinOps – Tags / Labels / Resource Groups Management – B​usiness Cost Analysis

FinOps is a cloud operating model that aims to align technology, business and finance professionals to extract maximum value from the cloud for the business through changes in systems, best practices and culture.

In this article we highlight some of these best practices and features, which we have found to be very valuable to our customers.

FINOPS - Business Cost Analysis

1. Objective

Tagging technical components has several uses. The first is documentation since the tag is metadata. From a FinOps perspective, the tag is used to create classifications and perform business-sense showback and chargeback. This document describes the best strategies and precautions that should be taken within your technical architecture with FinOps objectives, as well as how to best use Cloud8 to achieve this objective.

2. Tags and Use

2.1. Definition

Tag is a metadata composed of a pair of values: “Name” and “Value”. Ex: Name -> “department”.

2.2. Names for Business Use

Suggested names for classification: “cost center”, “customer”, “product”, “department”, “environment”, “service”, “application”, “team”, “responsible”, “company”, etc.

2.3. Tips and some precautions

  • use only lowercase letters. In addition to standardizing, Google Cloud only accepts lowercase letters in labels. Lowercase Tags/Labels can be compared and cross-referenced in MultiCloud environments;
  • use only ASCII characters. Do not use accents, spaces, commas, etc. Special characters make readability difficult and can easily get out of control and out of pattern;
  • Do not use very generic Tags such as ‘Name’ or ‘Name’ as they do not add value and contain a lot of data. Cloud8 is able to display the individual cost of components without having to use tags;

2.4. Process

Have a clear business process that defines how to create and use tags.

Define a set of tags (3 is a good number) and place all tags on all components. Placing all tags avoids handling exceptions and avoids documenting which components have tag A, B or C. If it doesn’t make business sense, leave the value as ‘unused’ or ‘undefined’. It is important to define how to tag new components. If you use provisioning frameworks such as Terraform, Cloudformation, Ansible and others, it is possible to define tags when creating components within the scripts. Don’t forget to configure automatic processes like Auto Scaling that will also create servers and disks. Backups must propagate the tags (Cloud8 supports it without the need to configure anything) and so on.

2.5. Tags in Cloud Providers

2.6. Limitations

  • Tags do not propagate retroactively. The day that marks the tags is the start of counting. The ideal is to insert them immediately when creating the components and review them before starting the next accounting period (example: before the month turns);
  • Different spellings such as a simple space are considered different groupings – hence we recommend using lowercase and ASCII.
  • Not all components support tags. Consult the provider to learn more. Note: Cloud8 has a feature to map what is not tagged (Untag) – later.

3. Reports / Alerts / Budgets

Through Cloud8, in the application it is possible to see the costs divided by tag / label / resource group.

  • Click on “Cost Analytics” and select the reports icon in the top right menu.
  • Select the nodes in the hierarchical file on the right and if you want to create a budget for a tag with a Name / Value such as “team”:”technology”, click on “Save budget” in this menu.


  • select multiple nodes and choose to receive a grouped or individual report/alert/budget;
  • set cost alerts – if it exceeds a certain amount
  • set estimate alerts – if you continue at the consumption rate, this value will be exceeded at the end of the month
  • define up to 3 values ​​to track
  • define an integration with SNS to notify in addition to email (e.g. SMS, Slack, Bots, etc.)

4. Anomalies

Another important process is monitoring anomalies. Understand what varies more and less and why. Cloud8 has an application called “Anomalies” within the cost analysis. When contextualizing the analysis for “Tags” (businesses), “Anomalies” brings the data from the tags.

5. Untagged

As important as having tags on everything (whatever is possible) is knowing what is not tagged. Cloud8 has features to discover what doesn’t have tags.

5.1. Untagged Online Report

  • In the “Costs – Analytics” application;
  • Select the “All – Untagged” tab;
  • Select the set of tags you want to investigate and click “Filter”.

Cloud8 will bring the results grouped into two:

  • Products/services that do not support tags. Note that these are generic services such as ‘Support’, non-consumed services such as reserved instances, sending emails and technical services (CloudTrail, requests for IDs that do not exist in S3, Dynamo, etc.). Here we bring the total for the month.
  • To apportion it, you can apply a rule of three with weights and divide it between areas or assume that this cost is an IT cost.
  • Products / services that support tags, but do not have the chosen tags. We only bring the costs of the last few hours. The idea is once you get the tags right and run this report the next day, the adjusted component should not appear in this list.

5.2. Untagged scheduled report

If you want to automatically receive components that do not have tags, you can create a scheduled report.

Go to Scheduler and in the “Components” list, select “Reports”. Create an event for the provider in question and choose the set of tags you want to monitor as well as the reception frequency. We suggest, for example, scheduling a report every Monday afternoon that will contain a CSV of the components without the tags.

6. Tags with compliance

To ensure that all components have the tags and are following standards, we also provide some rules within the “Best Practices”.

You have all the flexibility to define different groups with rules and how you want to receive notification:

  • channels: email, slack
  • frequency: immediate, daily, weekly, monthly

Important: the use of Untagged and Compliance goes beyond FINOPS. It allows process failures to be identified.

  • Are components being created manually? (i.e. they appeared without tags or with wrong tags)
  • Did some automatic process ‘forget’ the tags and need to be fixed?

Doubts? Comments?

Share if you liked


Leave a Reply

Your email address will not be published. Required fields are marked *