Newbie ManageIQ Tagging Question

Hello, I am new to using ManageIQ, and I am trying to wrap my head around the tagging structure. I am trying to create different groups that have access to different resources. During my testing, it appears that you can only assign tags from one category, otherwise the tags are inclusive? Meaning, I have an AWS, AWS Dev, and AWS Prod tag in the Environment category. I also have a Production Network and Development Network tab in the Network Locations category. If I assign the AWS tag to the Cloud Provider, that works fine. However, in order for the network subnets and such to be visible to the user for provisioning, the resource needs to have both the Development Network tag and the AWS tag applied to it.

The same thing applies to the Cloud Providers, if I have tags from Environment and Network Location enabled for that group, tags from both groups need to be applied to the Cloud Provider in order for the user to see it. Is this by design? Am I thinking about this the wrong way? My understanding was that the tagging would be more of an OR, where the tagged resource would appear for the user. If not, it seems very restrictive and I’m not sure how to configure groups to allow for restricted views (This user can only request instances in the dev environment, etc). Using self-service UI isn’t an option since it doesn’t support SAML, and creating a service catalog seems a little restrictive if the user needs something more customized. Could anybody shed some light on this for me, or point me in the direction on documentation that can help? Thanks!

Hey @slee

I think most of the information about tags is explained in This article.
I hope this helps.

Thank you, this answers my question perfectly!