This is a work in progress initial draft of the tagging standards for AWS, based on https://github.com/LBHackney-IT/aws-tags-lbh and https://docs.google.com/document/d/1iWsgVYWXAbZQZDYP4PJ-Gv74rFRQUSdDC_XHHSiliXk/edit?pli=1&tab=t.0.

Why this PR?

We need to keep track of the resources we're running in AWS to meet our security obligations:

1. We need to know which team is responsible for each resource so we know who to talk to if there are suspected vulnerabilities or security incidents.
2. We need to be able to generate aggregate reports to help teams know what they need to do, for example producing a list of RDS databases each team needs to upgrade or do some reporting of.
3. We need to know what resources are used for, i.e. which application or system they're part of, in order to manage decommissioning old infrastructure, managing cost, and responding to cyber security incidents.

All of this is currently tricky. We use tagging inconsistently across the estate, so some things can be reported on easier than others.

This PR introduces a baseline standard that consolidates the rules around tagging, but that introduces a new problem: what are the specific steps a developer needs to take for a system to be consistent with our approach?

This PR addresses both of those issues, following the Diataxis approach to technical documentation authoring.

Changes

This change adds:

1. A new section named "Technical Standards". The intention is to only include "standards" here with "must", "should", "must not", and "could" language.
2. A tagging standard as a proof of concept.
3. A tagging "how to" guide to complement the requirements.

ℹ️ The screenshots below show roughly how the pages will look. Please see the Files Changed section in the PR for the actual text of the pages, as these won't be updated as the PR progresses.

Other areas of the site include content which could be a requirement or standard, however they're interspersed with other types of content and many are not current (or at least, not followed). This is an attempt to start archiving the old, irrelevant content and documenting the current standards we work to.

This first commit is very much a work in progress, for comments and iteration.

Things to do if this PR is merged:

1. Remove tags we're no longer using from https://github.com/LBHackney-IT/aws-tags-lbh:
   • AutomationTool: The tool used for Infrastructure as Code, e.g. Terraform or Serverless Framework.
   • Phase
   • Stack
   • Patch Group
   • Project
   • OOOShutdown (has been superceded)
   • Team (replaced by TeamEmail)
2. Update https://github.com/LBHackney-IT/aws-tags-lbh to match the new tags
   • Add OOHShutdown and WeekendShutdown tags
3. Update tooling to use OOHShutdown and WeekendShutdown and deprecate ooh_shutdown and weekend_shutdown
4. Update any other docs about tagging that reference things that have changed 🕵️ .