Azure Policy Deny :if one of the tag not present in the resource group name

I've created an Azure Policy, i wanted to deny the resource group creation if user doesn't specify tag with key "Env" or "use"

But when i create the resource group with Env tag it blocks me, it only allows me when i add both the tag which is env and use.

As per my understanding "anyof" in azure policy is used as "OR" but my code isn't behaving the same wa

{
  "if": {
    "allOf": [
      {
        "field": "type",
        "equals": "Microsoft.Resources/subscriptions/resourceGroups"
      },
      {
        "anyof": [
          {
            "field": "tags.Env",
            "exists": false
          },
          {
            "field": "tags.use",
            "exists": false
          }
        ]
      }
    ]
  },
  "then": {
    "effect": "deny"
  }
}

Based on the Chris's suggestion I've worked on the tag name and values but it is giving me an error in the policy and it is not taking the "NOT"

{
  "mode": "all",
  "policyRule": {
    "if": {
      "allOf": [
        {
          "field": "type",
          "equals": "Microsoft.Resources/subscriptions/resourceGroups"
        },
        {
          "not":{
        {
          "field": "tags.Env",
          "equals" : "Prod"
        },
        {
          "field": "tags.OS",
          "equals" : "windows"
        }
                  }
        }
      ]
    },
    "then": {
      "effect": "deny"
    }
  },
  "parameters": {}
}