Tag Policies form

  • Rversion finale: Australia
  • Mis à jour 12 mars 2026
  • 4 minutes de lecture

    • You use the Tag Policy form to configure tag compliance and health policies that are used in tag audits runs on discovered cloud resources or CIs.

    Tableau 1. Tag Policies form
    Field Description
    Name Unique and descriptive name for the policy.
    Short Description A short summary that describes the policy.
    Policy Type Policy type selection for the tag compliance and health audit.
    • Tag Count Policy: Check for a specific count of tags for CIs.
    • Tag Key Policy: Check for tags with specific values (string expressions).
    • Tag Key & Value Policy: Check for key-value pair and value strings.
    • Tag Category Policy: Check for tags with a specific category.
      Important :
      You must work in a leaf domain to use the Tag Category Policy.

    Based on your selection, you will specify additional values.
    Expected Tag Count

    This field appears only when the Tag Count Policy policy type is selected.

    CIs with fewer tags than the specified number are considered as failed or non-compliant. CIs that meet the value are considered certified against this policy.

    For example, if you specify 4, the policy checks whether the CIs have at least four tags specified.
    Expected Tag Keys

    This field appears only when the Tag Key Policy policy type is selected.

    Policy that checks discovered CIs for the tags specified in the Expected Tag Keys field.

    Specify multiple tags or string expressions in a comma-separated list.

    For example, if you specify prod,finance,cost center the policy checks whether the CIs have all the specified tags. CIs that have all the specified tags as certified or fully compliant. If CIs are missing any of the listed tags, they’re considered failed or non-compliant.
    Tag Key & Value Checks Execute this policy to check discovered CIs for the tag key and values specified in the Tag Keys & Value Checks field.

    You can specify multiple tag key & value pairs or specify a script to check for a collection of values.

    For example, you can specify user in the Key field, and admin in the Value field.
    Remarque :

    The Script field appears only when Tag Key & Value Policy is selected in the Policy Type field. Use the Script field to specify multiple values to return a string set.

    Example code

    // The script should
        return a string set to tagValues variable.

         // the code sets the
        tagValues array with name of the CI

        // by this the check will
        be done for the tag to match the CI’s name
  
        tagValues =  [ci.name.toString()];
    Active Option to activate or deactivate the run schedule.
    Run on cloud events Option to enable real-time audit runs when cloud events occur.
    Remarque :
    Ensure that you have configured auto-updating the CMDB with cloud events for the relevant cloud provider.
    Save cert audit result Option to save the certification audit findings and incorporate tag audit outcomes in a CI's health calculations.
    Remarque :
    This option can be activated if there is a business need to incorporate tag audit outcomes in CI health calculations.
    Run Frequency at which the tag audit runs.
    • Daily
    • Monthly
    • Weekly
    • Periodically
    • Once
    • On Demand
      Remarque :

      To run an audit immediately after configuring the policy, select the On Demand option.

    • Business Calendar: Entry Start
    • Business Calendar: Entry End
    Next scheduled run date Date and time on which the tag audit is next scheduled to run.

    This field appears only for scheduled runs and not for on-demand runs.
    Filters Condition statements with a series of contextually generated fields. Use lookup lists to build conditions and filter the CIs eligible for audit.

    Dynamic conditions and filters you specify to fetch the desired tags based on service accounts and associated datacenters.
    Table Displays the Configuration Item [cmdb_ci] table to which filters are applied.
    Policy Criteria Other policy criteria that you can configure using dynamically populated reference lookup lists. The Configuration Item [cmdb_ci] table populates the data for this lookup list.

    For more information, see the Reference lookup.
    Tag Filter Filter CIs further based on Key, Keywords, and Value that you specify. Use the condition builder to customize a filter.
    Task Assignment Option to assign follow-on tasks to users or user groups.
    Create Tasks Option to create follow-on tasks.
    Remarque :
    If there is an existing task mapped to a CI and tag policy, the sn_itom_tag.allow_new_cert_follow_on_task system property determines whether to create a new task or update an existing one when there is a compliance failure:
    • To update the existing task with the compliance failure details but not create a new task, set the property to false (default)
    • To create a new task, set the property to true.
    Group

    This field appears only when you select the Create Tasks check box.

    Assignment group to which to assign the task. Use lookup lists to select a group.
    User Specific user from the assignment group to whom you want to assign the task. Use lookup lists to select a user.

    This field appears only when you select the Create Tasks check box.