aws-tagging-auditor
Audit AWS resource tagging compliance and identify unallocatable spend for FinOps teams
Install via CLI (Recommended)
clawhub install openclaw/skills/skills/anmolnagpal/tagging-auditorWhat This Skill Does
The AWS Tagging & Cost Allocation Auditor is a specialized governance tool designed to bring clarity and control to your cloud financial operations (FinOps). Many organizations struggle with 'cloud sprawl'—where infrastructure costs balloon due to lack of visibility. This skill acts as an expert consultant that parses your exported AWS billing and resource data to audit tagging compliance. It identifies exactly which resources are contributing to unallocatable spend, ranks them by cost impact, and generates actionable remediation plans including precise AWS CLI commands to fix tagging gaps.
Installation
To integrate this skill into your environment, run the following command via your terminal or management interface:
clawhub install openclaw/skills/skills/anmolnagpal/tagging-auditor
Use Cases
- Monthly FinOps Audits: Regularly process Cost Explorer exports to ensure new resources follow the organization's tag schema (e.g., env, team, project, owner).
- Cost Allocation Cleanup: Pinpoint resources that lack specific cost allocation tags, preventing them from appearing in billing reports.
- Compliance Enforcement: Generate standardized AWS Config rules and Service Control Policies (SCPs) to proactively block the creation of non-compliant resources.
- Data Normalization: Detect inconsistent naming conventions (e.g., 'Production' vs 'prod') that skew financial reporting.
Example Prompts
- "I've uploaded my Cost Explorer CSV export. Please calculate the current tagging compliance score and identify the top 5 services that are driving the most untagged spend."
- "Here is my
all-tagged-resources.jsonfile. Based on a required schema of 'team', 'env', and 'owner', generate a bash script to tag the missing resources for me." - "Our tagging strategy is inconsistent. Can you provide an SCP snippet that denies the creation of any EC2 instances or RDS databases if they don't have the 'project' tag attached?"
Tips & Limitations
- Data Privacy: This skill never requests your AWS credentials. It is strictly instruction-based; you provide the data, and it analyzes it. Always scrub sensitive identifiers from logs before sharing.
- Depth of Analysis: The accuracy of the analysis is directly proportional to the data provided. Providing both resource metadata and cost usage data yields the most accurate dollar-value impact analysis.
- Configuration: Always ensure your active cost allocation tags are toggled 'On' in the AWS Billing console, as this skill cannot retroactively enable features in your account.
Metadata
Not sure this is the right skill?
Describe what you want to build — we'll match you to the best skill from 16,000+ options.
Find the right skillPaste this into your clawhub.json to enable this plugin.
{
"plugins": {
"official-anmolnagpal-tagging-auditor": {
"enabled": true,
"auto_update": true
}
}
}Tags(AI)
Related Skills
aws-compliance-analyzer
Map AWS environment against CIS, SOC 2, HIPAA, or PCI-DSS controls with prioritized remediation
aws-terraform-security-reviewer
Review Terraform plans and HCL files for AWS security misconfigurations before deployment
azure-storage-exposure-auditor
Identify publicly accessible Azure Storage accounts and misconfigured blob containers
aws-cloudtrail-threat-detector
Analyze AWS CloudTrail logs for suspicious patterns, unauthorized changes, and MITRE ATT&CK indicators
gcp-bigquery-optimizer
Analyze BigQuery query patterns and storage to dramatically reduce the