BlueArch.io
TM v0.11.3 · brew installInstall
Flagship product · lifecycle governanceFor SREs & solution architects

Stop being
your own
cloud janitor.

Tag Manager turns AWS tags into a workflow engine. Apply and audit tags across accounts, then attach business processes — TTL, ownership, approval, archival — directly to them. The custodial work that used to eat your sprints just runs itself.

Install Tag Manager See it in action
Runs in your account · Terraform / CDK / CLI · Slack · PagerDuty · JIRA hooks
~/infra · tagmworkflow: ttl · dry-run
$ tagm workflow run ttl --dry-run
Loaded workflow ttl.v3.yaml · matching 4,612 resources…
Stage 1 · Discover
4,612 resources scanned · 218 missing ttl tag
Stage 2 · Notify
94 owners pinged · 3 escalations to @platform-team
Stage 3 · Archive
142 idle resources → snapshot + tombstone · saves $8.4k / mo
Stage 4 · Delete
26 confirmed for delete · awaiting approval in #cloud-cleanup
Projected monthly$8,420 saved · 0 engineer-hours
How it works

Built for terminal speed and board-level context.

The CLI workflow, dashboard evidence, and governance data stay aligned so every recommendation has an owner and a next step.

01

Lifecycle ownership

TTL, owner, environment, service, and exception tags become workflow triggers.

React route · clean URL
02

Cost cleanup

Find idle, orphaned, oversized, or expired resources before they become spend drift.

React route · clean URL
03

CLI plus web

Platform teams can enforce policies from terminal workflows and review evidence in the dashboard.

React route · clean URL
94%
Resources with known owner after rollout
12% of AWS bill
Recoverable unmanaged spend
0
Manual cleanup spreadsheets required
48 hr
Default review window before expiration
Install

Start from your terminal.

brew install bluearchio/tap/tag-manager-cli
Shared runtime. The formula depends on bluearch-core, matching BlueArch CLI and Governance Hub installs.Same setup path. Setup, account context, templates, and deployed infrastructure flow through core APIs.Local first. Tag, lifecycle, FinOps, and workflow automation run through your local Tag Manager shell.
01

Install Tag Manager

brew install bluearchio/tap/tag-manager-cli

Homebrew installs the tag-manager binary and the compatible bluearch-core runtime dependency.

02

Start BlueArch Core

bluearch-core start --daemon

Core runs on 127.0.0.1:8094 and launches the installed BlueArch product dashboards from one local runtime.

FAQ

Common questions.

Do we need perfect tags first?+
No. Tag Manager is built to discover gaps, propose owners, and create the policy trail.
Can it run read-only?+
Yes. Discovery can run read-only, then write workflows can be enabled only where your team approves them.
Can it pair with BlueArch CLI?+
Yes. Tag Manager handles lifecycle governance while BlueArch CLI prioritizes risk and operations.

Want help wiring this into your AWS operating model?

Book a short review and we will map the first workflow from scan to action.

Book a review Pair with BlueArch CLI