Great write up. Working with the DBR can be painful when trying to track down funky costs like EMR and bandwidth consumed by EMR jobs. My company investigated at extending terraform to do some kind of tag check when applying however we decided it would be difficult to maintain this plugin and integrate with future versions of terraform. Now I have about 5 different lambda(* x accounts) jobs that tags things & leveraging cloud custodian for event based tag management.<p>As I've been looking for a vendor that could take over tag management for me and roll this out to new taggable features(lambda), I'm fnding no one in the industry has extensive tag automation. When I talk to vendors, they think I'm using tagging for organization, while it's really for cost management/reporting. Very strange. I wish AWS had a better tagging tool set than what they currently offer.