Tag Governance

Overview

Users with cloud accounts often use metadata to manage various resources. Resources can be managed in the CoreStack application with the help of tags. Tags are added to metadata in key-value pair format. The tag keys and tag values are defined by users. It’s important to standardize tag keys and tag values for organizing resources. A group of these standardized tags is known as baseline tags.

Some of the advantages of using tags are operation support, cost allocation, security, access control, resource consistency, and accountability. Tag Governance is important to ensure that any tags defined in your baseline are applied properly to cloud resources.

Applying Tags to a Resource

To apply a tag to resource, there are three steps that need to be followed:

1. Add baseline for a scope.
2. Select the tag and add value.
3. Review tags.

Adding Baseline

The first step in Tag Governance is to define the baseline for a scope. The baseline is group of standard tags that can be applied to resources within a scope.

To add a baseline, perform the following steps :

1. In the CoreStack application, click Resource > Tag Governance > Baseline > Create Baseline.
2. In the Name box, type the name of the baseline tag and in the Description box, type the baseline tag description.
3. In the Baseline Scope field, click to select one option among Organization Scope, Tenant Scope, and Cloud Account Scope.
   • If you select Organization Scope, then nothing else needs to be selected.
   • If you select Tenant Scope , then in the Tenant list, select the appropriate checkboxes.
   • If you select Cloud Account Scope, then in the Tenant and Cloud Account lists, select the appropriate checkboxes.
4. To inherit tags from other baselines, click to move the slider to right.
5. Click Next.

📘

Note:

• On the Baselines tab, the list of baselines can be viewed.
• For a particular baseline, in the Actions list, a user can select one option from Edit, View More, and Delete and take appropriate action.

Selecting Tag and Adding Values

After a baseline scope is defined for tags, the next step is to select tags and set their values.
There are four sources of tags:

1. Available Tag

2. CS Baseline Tag

3. Custom Tag

4. Inherited Tag

The Available Tags are the tags that are already applied to the resources. CS Baseline Tags are baseline tags recommended by CoreStack. Custom Tags are additional tags that can be added by a user. Inherited Tags are tags that are part of the baseline if there is a baseline defined at higher level. Inherited tags are applied by default and a user cannot select or change these tags.

Perform the following steps to apply tags to resources for the scope defined above:

1. In the Tags tab, in the Add Tags list, click to select one of the following:
   • Add Custom Tag
   • Add Existing Tag
   • Add CS Baseline Tags

2. If the user selects Add Custom Tag, then in the New Tag dialog box, in the Set Key box, type the key. Then select one of the following options to add a value, then click Save.
   • Select the Allowed Values option. In the Values box, type a value and click OK. Alternatively, select an existing value.
   • Select the Condition option and type the appropriate values in the following boxes:
     • Start With
     • End With
     • Contains
   • Select the Regular Expression option. In the Regular Expression box, type the required expression.

📘

Note:

Click the pencil icon to edit an existing value and click the search icon to search for a tag.

3. If the user selects Add Existing Tag, then the Add Existing Tag dialog box displays. Select the appropriate values in the following fields then click Submit.
   • In the Tag Key list, click to select an appropriate option.
   • In the Tag Values list, click to select an appropriate option.

4. If the user selects Add CS Baseline Tags, then select the appropriate boxes and click Submit.

5. Click Save new version.

All the keys selected in this procedure are now part of the baseline tags.

Reviewing Tags

On the Tag Governance screen, users can view two tabs: the Baselines tab and the Tag Posture tab. The Baselines tab shows the available baselines. That is, the list of baselines created, when it was last updated, whether it is active or not, etc.

Tag Posture

The Tag Posture tab displays the details about tag coverage, resource coverage, and their respective counts. A user can click Generate Posture to generate or update tag posture. A user needs to refer to this screen to find out about gaps in tag coverage and resource coverage. After the gaps are identified, the user must add the missing tag keys or values to improve coverage. This screen also shows the percentage of tag coverage and resource coverage.

Perform the following steps to view coverage details:

1. On the Tag Governance screen, click the Tag Posture tab.
   A user can view Tag Coverage & Count as well as Resource Coverage & Count, and they can also view account-specific Tag Coverage and Resource Coverage.
2. In the drop-down list on the right side of the screen, click to select one option from Organization View, Tenant View, and Cloud Account View.
3. For a particular cloud account, click the icon below Actions or click View More and then click the icon below Actions.

Users can then view the following details:

• The Tag View tab shows Tag Keys, Resources Missing Tag Key, Resources Invalid Tag Value, and tag percentage.
  • Tag Key: This column shows the tag keys defined for a baseline.
  • Resources Missing Tag Key: This column lists the number of resources that have missing tag keys.
  • Resources Invalid Tag Value: This column lists the number of resources that have incorrect tag values.
  • Coverage: This shows the coverage percentage.
• The Resource View tab shows Resource Coverage, Missing Tag Keys, and Invalid Tag Values.
  • This tab displays details in tabular format and users can click View Coverage to see the coverage details.

4. In the Tag View tab, select a tag key and click Improve Coverage. The Tag Remediation screen displays.

The resource name, resource type, coverage status, and key values for a baseline are displayed.

Alternatively, on the Resource View tab, a user can select a resource and click View Coverage to view the coverage details. On the Resource Remediation screen, if the Improve Coverage button is active, then users can add a value for the tag and improve the coverage.

5. On the Tag Remediation screen, click Improve Coverage corresponding to a resource.

📘

Note:

If the Improve Coverage button is disabled or grayed out, then no action can be taken.

• Users can click the Resource Name check box to select all the listed resources and then click Improve Selected Coverage to improve coverage. The resources for which Improve Coverage button is greyed out are not considered for improving coverage.

• Users can also select check boxes corresponding to particular resources for which coverage needs to be improved and then click Improve Selected Coverage.

6. To take remediation steps, in the Update Tag Value dialog box, in the Select Tag Value list, select an appropriate value as per baseline, and click Apply.

7. On the Tag Remediation screen, click Next. In the Review tab, review the values that are added in the previous steps. If any tag value needs to be changed, then click Modify Value and make the change.
8. Click Finish.

After the key values are updated for a tag, the status Synced appears below the resource name (on the Tag Remediation screen). This means that the tag has been synced with the could provider and the coverage status will change to Complete. This will increase the coverage percentage.

If Not Synced appears below the resource name, then this means that the tag has issues to sync with the could provider and the status Missing Key shows for that resource. The user should take remediation steps to add a valid key value and increase the coverage.

9. Repeat the above steps to fill valid tag keys and tag values.

After the key values are added successfully, the coverage percentage increases and can be viewed on the Tag Posture, Tag View, and Resource View tabs.

📘

Note:

Refer to this link to view the list of resources that allows remediation of tags.