AWS Organization Tags

Organization tags are custom attribute labels that you can assign to AWS resources, such as accounts, roots, or organizational units (OUs), within your AWS Organizations.

AWS recommends using AWS Organization Tags to track cost data. However, to correlate these tags with AWS billing data, you often need Amazon Athena and Amazon Quicksight. DoiT allows you to get all these tags incorporated into billing data seamlessly, without extra configuration.

See also

• Tagging AWS Organization resources.

Benefits

Using AWS Organization Tags allows you to:

• Follow the best practices set by AWS for resource management, access management, and cost allocation.

• Better manage your AWS costs across all your AWS Organizations.

• Track all the AWS resources within your AWS Organizations, regardless of the account they belong to.

• Use the default tags of your AWS Organizations across resources.

Example scenario

In our example, each DoiT Consulting team has a dedicated AWS Organization. Within this Organization, each team member has an Organizational Unit (OU) under their name, where they create short-lived AWS accounts for various consulting deliverables.

To track the costs per team member, they use AWS Organization Tags and use them in Cloud Analytics reports, which allows team managers to review their team consumption, and ensures that all of their team members are within the budget. In addition, if they add AWS accounts to their OUs, these AWS Organization Tags get automatically propagated to all resources within them, without needing additional configuration.

Required permissions

• AWS permissions: You need the following permissions in your doitintl_cmp IAM role: organizations:ListTagsForResource and organizations:ListParents.

• DoiT permissions: You need the Cloud Analytics permission on your DoiT account.

Use AWS Organization Tags

Once you have the required permissions in your AWS account, AWS Organization Tags automatically propagate into DoiT's Cloud Analytics reports, attributions, and attribution groups.

To use AWS Organization Tags in your Cloud Analytics report:

1. Sign in to the DoiT console, select Analytics from the top navigation bar, and then select Reports.

2. Select Create new report or open an existing one, and do one of the following:

   • To add AWS Organization Tags in your report, select the plus icon (+) next to Dimensions.

   • To filter your metrics by AWS Organization Tags, select the plus icon (+) next to Filter by.

   • To group your metrics by AWS Organization Tags, select the plus icon (+) next to Group by.

3. Select Organization Tags, and select all the AWS Organization Tags you need.

   

4. Select Run report.

The example report below is grouped by the playground-member AWS Organization Tag and the Service dimension.