# Cost & Tagging Requirements

Phase: deployment
Enforcement: informational

## COST-001: Resource Tagging

All cloud resources (AWS, GCP, Azure) MUST include the following tags:
- `team` — owning team name
- `service` — service identifier
- `environment` — dev/staging/prod
- `cost-center` — finance cost center code

**Rule:** Infrastructure-as-code (Terraform, CloudFormation, Pulumi) must include these tags on every resource that supports tagging.

**Test:** Parse IaC files, verify tag block contains all four required keys.

## COST-002: No Open-Ended Auto-Scaling

Auto-scaling configurations MUST define a `maxReplicas` / `maxCapacity` ceiling.

**Rule:** Unbounded scaling is a cost incident waiting to happen. Every autoscaler must have an explicit maximum.

**Test:** Parse HPA/scaling configs, verify `maxReplicas` is set and is not unreasonably high (>50 requires justification).

## COST-003: Storage Lifecycle

All S3 buckets / GCS buckets / Blob containers MUST have a lifecycle policy defined.

**Rule:** No indefinite storage retention. Every bucket must transition to cheaper tiers or expire objects after a defined period.

**Test:** Check IaC for lifecycle configuration on storage resources.