Skip to main content
All CollectionsRisk and Inventory Management6 | Inventory and Access ManagementCloud Assets
Bulk tagging cloud assets
Bulk tagging cloud assets
Fabiola Munguia avatar
Written by Fabiola Munguia
Updated over a week ago

Secfix supports reading tags (also called labels in GCP) from your cloud integrations to automatically populate important information about your cloud assets in the Secfix Inventory. This process, known as bulk cloud tagging, saves time, reduces manual effort, and ensures continuous accuracy.

Why use bulk cloud tagging?

Manually entering details for each cloud asset can be tedious and error-prone. Using tags:

  • Automates the population of key attributes.

  • Keeps your asset data continuously updated.

  • Ensures consistency across large environments.

  • Helps manage temporary or short-lived assets without cluttering your inventory.

How does bulk tagging work in Secfix?

Secfix continuously reads tag data from your cloud provider accounts (AWS, Azure, GCP). These tags populate fields in your Secfix Inventory such as:

  • Owner

  • Description

  • Scope

  • User data classification (PII or ePHI presence)

If a tag is updated or removed in your cloud account, Secfix will reflect those changes automatically after it syncs with your Cloud Provider.

List of supported tags

You can view the full list of supported Secfix tags and their definitions in this article: List of supported cloud tags.

Navigate to πŸ‘‰ AWS Tagging | Azure Tagging | GCP Tagging

Important tag behaviors

  • SecfixNonProd: Setting this tag to true will mark the asset as non-production and hide it from the Inventory.

  • SecfixNoAlert: If this tag has any non-empty value, the asset will be hidden from the Inventory.

  • SecfixOwner: An owner will not be assigned if there is no user in Secfix with the email specified.

How to set cloud tags (per provider)

AWS

  1. Navigate to your AWS Console.

  2. Go to EC2 > Instances (or other relevant resource).

  3. Select the asset and choose Manage Tags.

  4. Add key-value pairs using the supported Secfix tag keys.

Azure

  1. Navigate to the Azure portal.

  2. Select your resource and click Tags.

  3. Add the appropriate tag keys and values.

GCP

  1. Go to the Google Cloud Console.

  2. Under Resource Manager, select your asset.

  3. Click Edit Labels and add the correct key-value pairs.

Best practices for cloud tagging

  • Standardize tag names and formats across all accounts.

  • Document tag usage guidelines for your team.

  • Review and audit tags periodically.

  • Use tags for temporary assets (like autoscaling instances) to prevent clutter.

Example use case

The EC2 instance tagged with SecfixOwner: [email protected] will automatically assign Joe as the owner in Secfix if that email is linked to an active user.

If a user with this email is found in Secfix, it will be matched to this Cloud Assets as an Owner.

Related Articles
🏷️ List of supported cloud tags
Documenting Assets on Secfix Inventory
How to connect your cloud provider to Secfix
Manually managing cloud assets in Secfix
Troubleshooting empty tags on cloud inventory
Did this answer your question?