Evaluates whether a tag of a resource that belongs to a supported resource type matches the specified regular expression for tags in key-value pairs. If so, the evaluation result is Compliant. You can specify a regular expression for tag keys.
Scenarios
Tags are commonly used for permission isolation, bill splitting, and automated O&M. This rule uses regular expressions to validate tag key-value pairs and is designed for organizations that enforce standardized tag formats.
Risk level
Default risk level: high.
You can change the risk level based on your business requirements when you apply this rule.
Compliance evaluation logic
-
If a tag of a resource that belongs to a supported resource type matches the specified regular expression for tags in key-value pairs, the evaluation result is Compliant.
-
If a tag of a resource that belongs to a supported resource type does not match the specified regular expression for tags in key-value pairs, the evaluation result is Non-compliant.
Rule details
|
Item |
Description |
|
Rule name |
matched-tag |
|
Rule ID |
|
|
Tag |
Tag |
|
Automatic remediation |
Support for ACS-TAG-TagResources |
|
Trigger type |
Configuration change |
|
Supported resource type |
|
|
Input parameter |
tagKeyRegex |
Non-compliance remediation
Make sure that the resource tags match the specified regular expression. For more information, see Add a custom tag.