Updated AWS tagging

source/manuals/aws-tagging.html.md.erb

@@ -1,7 +1,7 @@
 ---
 title: Tagging AWS resources
 last_reviewed_on: 2022-09-16
-review_in: 6 months
+review_in: 12 months
 ---
 
 # <%= current_page.data.title %>
@@ -36,22 +36,33 @@ Currently, we do not enforce tags.
 
 In future, we may wish to consider mechanisms such as alerting on untagged resources, or automatically deleting untagged resources.
 
-## Tags used in GOV.UK Sign In
-
-GOV.UK Sign In is using the following tags:
-
 ### Mandatory
 
- - `Product`: should be `GOV.UK Sign In`
- - `System`: the name of the software system, for example `Authentication` or `Identity proofing and verification core`. Avoid abbreviations.
+ - `Directorate`: for example `GOV.UK` or `DSP`
+ - `System`: the name of the software system (for example `Authentication` or `Identity proofing and verification core`. Avoid abbreviations)
+ - `Service`: used to describe the function of a particular resource (for example: `account management`, `session storage`, `front end`)
  - `Environment`: should be one of `production`, `staging`, `integration`, or `development`.
  - `Owner`: an email address for an owner for the resource. For dev environments, this will be an individual email address; elsewhere it will be a group address.
 
 ### Optional
 
- - `Service`: used to describe the function of a particular resource (for example: account management, session storage, front end)
- - `Name`: a name for this particular resource. This should be unique within a deployment (terraform deployment, cloudformation stack, etc)
  - `Source`: the URL(s) for any source code repositories related to this resource, separated by spaces
+ - `Exposure` : should specify the level of exposure the resource has to determine its attack surface area. (for example `internal` or `external`)
+ - `Data Classification` : should specify the highest data classification level the resource handles. This will help internal security teams to know what level of controls to apply and help focus on the resources with greatest level of risk.
+ - `Cost Centre` : helps the organisation's accounting or financial management system to track and allocate expenses or costs to specific departments, teams, projects, or functions
+
+## Kubernetes Tags
+
+The following tags are currently being used on the GOV.UK EKS cluster.
+
+|Tag|Example|Description|
+|---|---|---|
+|app.kubernetes.io/name: |{{ $fullName }}-upload-assets|Application component name|
+|app.kubernetes.io/instance: |{{ .Release.Name }}|Release Name|
+|app.kubernetes.io/version: |{{ .Chart.AppVersion &#124; quote }}|The current chart version|
+|app.kubernetes.io/component: |app|The component within the application; eg, app/worker|
+|app.kubernetes.io/managed-by: |{{ .Release.Service }}|Tool managing operation of the application, normally Helm/Terraform|
+|app: |{{ $fullName }}-upload-assets|Application component name|
 
 ## References