The most common FinOps mistake I see: over-engineered tagging strategy.
A Series B SaaS team spent 3 months designing a 47-field tag taxonomy. Environment. Service. Owner. Business unit. Cost center. Data classification. Compliance zone. Criticality. Expiry. PII flag. Migration source. CI pipeline ID.
Then they realized: they can't enforce it. Their Terraform had 80 modules. Half the resources were provisioned before the taxonomy existed. The rollout plan estimated 6 months. They gave up at month 4.
Meanwhile, their actual cost-allocation report was still "Sum by service: EC2=34%, RDS=22%, Datadog=18%, Others=26%."
The 47-field schema added zero business value.
The 80/20 version actually works:
Only 5 tags. Enforced via SCP. Enforced via CI-gate. Enforced via IaC policy:
- team — which team owns this resource (finance + on-call = one owner)
- service — the product/feature it serves
- env — prod/staging/dev
- cost_center — for finance rollup
- expiry — auto-delete date for non-prod, blank for prod
Five tags. Mandatory. Blocked resource creation if missing. Auto-flagged if violated.
This 5-tag schema covers 95% of FinOps reporting you'll ever need:
→ Cost per team
→ Cost per service
→ Prod vs non-prod
→ Allocation by business unit
→ Orphan detection (expired resources still running)
The other 42 tags the fancy vendors recommend? Build them only when you have a concrete question they answer. Never preemptively.
Tag strategy maturity curve:
→ Week 1: enforce 3 tags. Rest is aspirational.
→ Month 3: 5 tags enforced. Alert on missing.
→ Month 6: allocation reports actually reconcile with service ownership.
→ Year 1: CFO trusts the numbers, no manual reconciliation.
Start here. Not with a 47-field schema.
If your team's tagging RFC is longer than 3 pages, repost. Shorter = more shippable.
Top comments (0)