Skip to main content

Tag Helper

Resource tags in public clouds are used to classify and identify resources (such as virtual machines, storage buckets, etc.) in the cloud environment. They are typically used for cost tracking, resource management, billing attribution, automated operations, and security monitoring. Proper use of cloud resource tags can help enterprises effectively organize resources, accurately calculate costs, and optimize resource allocation.

However, poor management of labeling policies can lead to resource confusion, cost opacity, and hinder the enforcement of automated policies. Erroneous or inconsistent labeling can cause inaccurate cost analysis, prevent correct expense allocation, lead to budget overruns, and increase operational and compliance risks.

SavingsNow Tag Governance is a policy-driven tool designed specifically for cloud resource management, dedicated to helping users ensure tag compliance in the cloud. The system provides basic tag policies and rules to help you govern cloud tags. You can create a basic tag library, formulate tag governance policies, and then detect non-compliant resource tags based on these policies. Finally, you can optimize tag compliance in your cloud through continuous improvements.

SavingsNow Tag Governance is more than a tool; it is a strategic investment for companies seeking to maximize cost effectiveness and fine-grained management in the cloud. It allows enterprises to establish a standardized tag governance framework by creating a unified tag library. Based on these tag libraries and governance policies, enterprises can automatically identify and correct non-compliant resource tags, thus establishing a continuous governance and optimization cycle.

Tag libraries

The tag library is a set of customized tags that users create and maintain according to the enterprise's resource tag specifications, building a benchmark tag library for the entire organization.

Ideally, the tags configured for a real resource should match the baseline tag library as closely as possible. In daily operations, the tag library can be continuously maintained as needed to ensure its accuracy and integrity. The tag library provides a range of operations such as creating, editing, deleting, viewing, and searching tags.

Additionally, two viewing modes, list and grid, are provided. Users can switch between them by clicking the corresponding icon in the top right corner of the list according to their personal preferences.

Add tags

  • Click "Management monitoring" in the left menu, select "Tag Governance", select "Tag Library" Tab in the page, and enter the tag library page.
  • Click the "Create Tag" button in the top right corner. A Tag Configuration window will pop up on top of the current list page.

  • Enter the tag key and tag value as required; You can click the "Add tag key value" button to add multiple tag key value pairs at once.

Note 1: The TAB key can be up to 128 characters long and cannot begin with the full spelling of the cloud vendor or an acronym such as aliyun, acs, aws, gcp, etc., nor can it contain 'http://' or 'https://'

Remark 2: Tag values can include multiple allowed values, with one value per line and a maximum of 100 values. This tag key allows only the specified values. You can use only one wildcard '*' for a tag value. The tag value can be up to 128 characters long and cannot begin with the full spelling of the cloud vendor or an acronym such as aliyun, acs, aws, gcp, etc. It also cannot contain 'http://' or 'https://'.

  • Click the "Confirm" button to finish adding. The results can be viewed on the list display page.

Edit tags

  • Select the Tag you want to edit and click the "Edit" button to open the edit window.
  • During edit operations, the user can only modify the tag value, while the tag key cannot be edited.

  • To add a new tag value, enter a new string in the text field corresponding to the tag value and click the "Add" button. To remove one or more historical tag values, select any of the tag value labels below the text field and click the "Delete" icon.
  • Click the "Confirm" button to complete the modification, and the results can be viewed in the list display page.

Remove tags

  • Select the tag you want to delete and click the "Delete" button to display the deletion confirmation box.

  • Click the "OK" button to remove the current tag (including the tag key-value pairs in that tag).
  • The list page will automatically refresh, allowing you to check whether the tag was successfully removed.

Search for tags

  • At the top of the TAB library page, a search box is provided.
  • The user can enter a string of any length, and the system will match the string to the exact tag key in the tag library.
  • If the match is successful, the corresponding tag is automatically displayed; If the match fails, the list is empty.
  • If the search condition is cleared, all tags in the tag library are automatically displayed.

Tag Policy

A tag policy is a defined set of rules and guidelines that are key to ensuring that an organization can leverage tagging to support cloud resource management, cost tracking, security, and compliance. By implementing tagging policies, organizations can ensure the correct classification of resources and enable effective monitoring and management of resources.

A tag policy includes policy name/description, label key, monitoring scope, policy status, and enable time.

In the current module, the functions of viewing, creating, editing, searching, deleting, deactivating and enabling label policies are provided.

Create a tag policy

  • Click the "Create Tag Policy" button at the top right of the page to enter the create page.

  • Policy name: Required. This is the name given to this label policy.

  • Policy description: Optional. Used to further explain information such as the intent or purpose of the current strategy.

  • Tag configuration: Select a tag from the tag library that you want to match. After determining the label key, select the corresponding label value (multiple options available).

  • Detection range: Three ranges are provided, namely, all resources, designated cloud account/cloud provider project and designated cloud service. Among them,

    • All resources refer to all resources included in the billing data of the current tenant.

    • Designated cloud account/cloud vendor project, for a cloud vendor under the cloud account (optional, but required)

    • Specify cloud services, that is, select one or some cloud services under a cloud vendor, in which case the user can further limit the cloud account (not required).

  • Click the "Confirm" button to complete the creation; After the page refreshes, you can see if the policy was created successfully.

Edit tag policy

Note: The tag policy currently allows edits only if it is "not enabled".

  • Select a tag policy that is not currently enabled and click the "Edit" button to open the edit page.

Users can modify the policy name, description, label configuration and detection scope according to their needs, and the operation steps and methods are consistent with the creation process.

  • Click the "Confirm" button to finish editing; After the page refreshes, you can see if the policy was updated successfully.

Remove Tag Policy

Note: Tagging policies can only be deleted when they are in the "Disabled" state.

  • Select a label policy that is not enabled, click the "Delete" button, and a delete confirmation window will pop up.

  • Click the "Confirm" button to remove the current tag policy; After the page refreshes, you can see if the policy was removed successfully.

Detection results

The detection results page displays relevant information based on the compliance check of resources against tagging policies.

The detection content consists of two parts, the upper part is the statistical data from the latest detection, and the lower part shows the results of different strategies after detection.

Detection statistics

Users can view a series of detection metric data, including:

  • Total number of resources
  • Number of resources with location status
  • Number of resources without tags
  • Number of covered resources
  • Number of non-compliant resources
  • Number of compliant resources These metrics are displayed in a comparative chart, illustrating the current compliance versus non-compliance status of resources

Detection Result list

The detection results can be organized in two ways: by resource and by policy. Users can choose and view according to their needs.

  • By resource dimension: Lists all resources that are checked according to the policy and are "non-compliant" and can be optimized by the user.

  • By Policy Dimension: Displays the list of resources whose status is "non-compliant" as checked by different policies. A resource may hit more than one policy.

  • Search: The list content supports quick filtering according to six conditions: cloud provider, cloud account, cloud provider project, resource type, region, and label strategy.

Note: Conditional retrieval by label policy is supported only in the list of check results by policy.

  • Download: Click the "Download" button at the top right of the list to download an XLS file of the current detection results for local viewing and analysis.

  • Subscribe: The result of the policy execution of interest is sent as an XLS attachment to the subscriber (i.e., the mailbox of the user who subscribed). The steps are as follows:

    • Click the "Subscribe" button to open the subscribe page.

    • Turn on the "Subscribe" switch and set the subscription configuration.

    • Set "Send Frequency": Select "daily," "weekly," or "monthly," and specify the send time.

    • Choose the policies you want to subscribe to from the list. The search function is supported.

    • Click the "Confirm" button to complete the subscription.