Cloud Discovery policy - Governance action - Scoped profile missing

Hi everyone, 

I wanted to create a Cloud Discovery policy that automatically tags as unsanctioned some applications but only for a scoped profiles.

When tagging cloud applications manually, it's possible to scope it to a profile:

However, this option doesn't exist in the governance actions section:

Are there any other way to create policies that can tag but only for a device group/scoped profile?

Cheers,