Field | Description | Example |
Tag Key | A policy key in a tag policy, which is the basis for subsequent configurations. Multiple tag keys can be set for each tag policy. | - |
Specify valid values | It enables specifying valid values for tag keys. | - |
| Original value: You can specify multiple fixed values. Wildcard writing (with only one * sign) is also supported. | Original value: Technical Department and Finance Department Original value with wildcard: Technical Department, R&D Group |
| Dynamic value: After it is checked, if the policy is bound to sub-user A, then Sub-user A needs to select the corresponding tag value when binding the tag key to a resource, provided that the sub-user needs to be bound to a tag key of the same name.
For example: If Sub-user A has been bound to the tag FirstLevelDepartment: TechnicalDepartment in Cloud Access Management (CAM), checking Dynamic value means that when Sub-user A binds the tag to a resource, the tag value must be TechnicalDepartment whenever the tag key is FirstLevelDepartment. If auto correction is enabled and the sub-user makes a mistaken choice, the system will automatically correct it. | - |
Product | The resource type of the product specified for a tag key. You can choose all products or specific resource types. | - |
Task | It enables specifying features that need to be enabled for the current tag key of the policy. If checked, it will take effect when a sub-user creates resources and edits resource tags. | - |
| Detection: It is enabled by default. | - |
| Auto correction: After it is enabled, if a user binds the same tag key within a specified resource range but the value is incorrect, the system will automatically correct the tag value. | The tag key is FirstLevelDepartment and the original value is TechnicalDepartment. After auto correction is enabled, the sub-user's binding the tag FirstLevelDepartment: A will trigger auto correction. For a case, see Auto Correction Feature Example. |
| Auto assignment: After it is enabled, the tag editor will assist users in completing tag assignment when they create resources or edit resource tags. Tag Key, which will be populated when resources are created or resource tags are edited. Tag Value, which will be populated only when a resource is created for a single or dynamic value and will not be populated if multiple values are specified. However, when resource tags are edited, it will not be populated and must be assigned by the sub-user. The above process is just a reminder and will not affect the creation of resources or the binding of other tags. | 1. Set FirstLevelDepartment , SecondaryDepartment , and Owner in the policy. The 3 keys will be automatically displayed when a user edits tags.2. Specify the value of the tag key FirstLevelDepartment as TechnicalDepartment , and check Auto assignment and Tag Value. FirstLevelDepartment: TechnicalDepartment will be automatically displayed when a user creates a resource, and the tag will be bound after resource creation.For a case, see Auto Assignment Feature Example. |
| Forcible execution: After enabled, it will support intercepting tag binding during a user's editing of an existing resource's tag if the key value does not comply with the rule. However, it will not affect resources created without tags, nor will it affect other tag keys during the editing of resource tags. | Specify the value of the tag key FirstLevelDepartment as TechnicalDepartment , and check Forcible execution. When a user edits a resource's tag, if FirstLevelDepartment (tag key) is selected but another value (tag value) is selected, the operation will fail with a reminder that the action does not comply with valid policy rules.For a case, see Forcible Execution Feature Example. |
{"tags": {"Department": {"tag_key": {"@@assign": "FirstLevelDepartment"},"tag_value": {"@@assign": ["TechnicalDepartment"]},"resource_type_scope": {"@@assign": ["*"]},"correction": {"@@assign": "on"}}}}
FirstLevelDepartment
, with the specified tag value being TechnicalDepartment
. When a user creates a tag, the system will automatically verify whether the tag value associated with the tag key is TechnicalDepartment
**. If the user selects a wrong tag value, the system will automatically correct it.FirstLevelDepartment
is **MarketingDepartment
, the system automatically performs the correction feature according to the policy and corrects the tag value to TechnicalDepartment
**.{"tags": {"FirstLevelDepartment": {"tag_key": {"@@assign": "FirstLevelDepartment"},"tag_value": {"@@assign": ["TechnicalDepartment"]},"resource_type_scope": {"@@assign": ["*"]},"correction": {"@@assign": "on"},"auto_assign": {"@@assign": "on"},"auto_assign_value": {"@@assign": "on"}},"SecondaryDepartment": {"tag_key": {"@@assign": "SecondaryDepartment"},"tag_value": {"@@assign": ["FrontEndTeam"]},"resource_type_scope": {"@@assign": ["*"]},"correction": {"@@assign": "on"},"auto_assign": {"@@assign": "on"},"auto_assign_value": {"@@assign": "on"}},"Owner": {"tag_key": {"@@assign": "Owner"},"resource_type_scope": {"@@assign": ["*"]},"tag_value_dynamic": {"@@assign": "on"},"auto_assign": {"@@assign": "on"},"auto_assign_value": {"@@assign": "on"}}}}
FirstLevelDepartment
, SecondaryDepartment
, and Owner
in the policy. The 3 tag keys will be automatically displayed when a user creates services and binds tags.FirstLevelDepartment
, SecondaryDepartment
, and Owner
**, the system will automatically populate the tag keys, and the tag values need to be selected by the user. {"tags": {"FirstLevelDepartment": {"tag_key": {"@@assign": "FirstLevelDepartment"},"tag_value": {"@@assign": ["TechnicalDepartment"]},"resource_type_scope": {"@@assign": ["*"]},"correction": {"@@assign": "on"},"auto_assign": {"@@assign": "on"},"enforced_for": {"@@assign": ["*"]},"auto_assign_value": {"@@assign": "on"}}}}
FirstLevelDepartment
to TechnicalDepartment
and check Forcible execution. When a user edits a resource's tag, if FirstLevelDepartment
(tag key) is selected but another value
(tag value) is selected, the operation will fail with a reminder that the action does not comply with valid policy rules.
Was this page helpful?