updated tags variable

Khuzaima-Shakeel · Khuzaima-Shakeel · commit 8a158072ea54 · 2025-03-25T01:29:08.000+05:30
diff --git a/ibm_catalog.json b/ibm_catalog.json
@@ -299,9 +299,8 @@
               "key": "default_routing_table_name"
             },
             {
-              "key": "resource_tags",
+              "key": "vpc_instance_resource_tags",
               "custom_config": {
-                "type": "array",
                 "grouping": "deployment",
                 "original_grouping": "deployment",
                 "config_constraints": {
@@ -310,9 +309,8 @@
               }
             },
             {
-              "key": "access_tags",
+              "key": "vpc_instance_access_tags",
               "custom_config": {
-                "type": "array",
                 "grouping": "deployment",
                 "original_grouping": "deployment",
                 "config_constraints": {
diff --git a/solutions/fully-configurable/README.md b/solutions/fully-configurable/README.md
@@ -61,7 +61,6 @@ This solution supports provisioning and configuring the following infrastructure
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
-| <a name="input_access_tags"></a> [access\_tags](#input\_access\_tags) | A list of access tags to apply to the VPC resources created by this solution. For more information, see https://cloud.ibm.com/docs/account?topic=account-access-tags-tutorial. | `list(string)` | `[]` | no |
 | <a name="input_add_bucket_name_suffix"></a> [add\_bucket\_name\_suffix](#input\_add\_bucket\_name\_suffix) | Add a randomly generated suffix that is 4 characters in length, to the name of the newly provisioned Cloud Object Storage bucket. Do not use this suffix if you are passing the existing Cloud Object Storage bucket. To manage the name of the Cloud Object Storage bucket manually, use the `flow_logs_cos_bucket_name` variables. | `bool` | `true` | no |
 | <a name="input_address_prefixes"></a> [address\_prefixes](#input\_address\_prefixes) | The IP range that will be defined for the VPC for a certain location. Use only with manual address prefixes. [Learn more](https://github.com/terraform-ibm-modules/terraform-ibm-landing-zone-vpc/blob/main/solutions/fully-configurable/DA-types.md#address-prefixes-). | <pre>object({<br/>    zone-1 = optional(list(string))<br/>    zone-2 = optional(list(string))<br/>    zone-3 = optional(list(string))<br/>  })</pre> | <pre>{<br/>  "zone-1": null,<br/>  "zone-2": null,<br/>  "zone-3": null<br/>}</pre> | no |
 | <a name="input_clean_default_security_group_acl"></a> [clean\_default\_security\_group\_acl](#input\_clean\_default\_security\_group\_acl) | Remove all rules from the default VPC security group and VPC ACL (less permissive) | `bool` | `true` | no |
@@ -94,12 +93,13 @@ This solution supports provisioning and configuring the following infrastructure
 | <a name="input_prefix"></a> [prefix](#input\_prefix) | Prefix to add to all the resources created by this solution. To not use any prefix value, you can set this value to `null` or an empty string. | `string` | n/a | yes |
 | <a name="input_provider_visibility"></a> [provider\_visibility](#input\_provider\_visibility) | Set the visibility value for the IBM terraform provider. Supported values are `public`, `private`, `public-and-private`. [Learn more](https://registry.terraform.io/providers/IBM-Cloud/ibm/latest/docs/guides/custom-service-endpoints). | `string` | `"private"` | no |
 | <a name="input_region"></a> [region](#input\_region) | Region to deploy the VPC. | `string` | `"us-south"` | no |
-| <a name="input_resource_tags"></a> [resource\_tags](#input\_resource\_tags) | List of tags for the resources created by this solution. | `list(string)` | `[]` | no |
 | <a name="input_routes"></a> [routes](#input\_routes) | Allows you to specify the next hop for packets based on their destination address. [Learn more](https://github.com/terraform-ibm-modules/terraform-ibm-landing-zone-vpc/blob/main/solutions/fully-configurable/DA-types.md#routes-). | <pre>list(<br/>    object({<br/>      name                          = string<br/>      route_direct_link_ingress     = optional(bool)<br/>      route_transit_gateway_ingress = optional(bool)<br/>      route_vpc_zone_ingress        = optional(bool)<br/>      routes = optional(<br/>        list(<br/>          object({<br/>            action      = optional(string)<br/>            zone        = number<br/>            destination = string<br/>            next_hop    = string<br/>          })<br/>      ))<br/>    })<br/>  )</pre> | `[]` | no |
 | <a name="input_security_group_rules"></a> [security\_group\_rules](#input\_security\_group\_rules) | A list of security group rules to be added to the default vpc security group (default empty). [Learn more](https://github.com/terraform-ibm-modules/terraform-ibm-landing-zone-vpc/blob/main/solutions/fully-configurable/DA-types.md#security-group-rules-). | <pre>list(<br/>    object({<br/>      name      = string<br/>      direction = string<br/>      remote    = optional(string)<br/>      tcp = optional(<br/>        object({<br/>          port_max = optional(number)<br/>          port_min = optional(number)<br/>        })<br/>      )<br/>      udp = optional(<br/>        object({<br/>          port_max = optional(number)<br/>          port_min = optional(number)<br/>        })<br/>      )<br/>      icmp = optional(<br/>        object({<br/>          type = optional(number)<br/>          code = optional(number)<br/>        })<br/>      )<br/>    })<br/>  )</pre> | `[]` | no |
 | <a name="input_skip_cos_kms_iam_auth_policy"></a> [skip\_cos\_kms\_iam\_auth\_policy](#input\_skip\_cos\_kms\_iam\_auth\_policy) | To skip creating an IAM authorization policy that allows Cloud Object Storage(COS) to access KMS key. | `bool` | `false` | no |
 | <a name="input_skip_vpc_cos_iam_auth_policy"></a> [skip\_vpc\_cos\_iam\_auth\_policy](#input\_skip\_vpc\_cos\_iam\_auth\_policy) | To skip creating an IAM authorization policy that allows the VPC to access the Cloud Object Storage, set this variable to `true`. Required only if `enable_vpc_flow_logs` is set to true. | `bool` | `false` | no |
 | <a name="input_subnets"></a> [subnets](#input\_subnets) | List of subnets for the vpc. For each item in each array, a subnet will be created. Items can be either CIDR blocks or total ipv4 addressess. Public gateways will be enabled only in zones where a gateway has been created. [Learn more](https://github.com/terraform-ibm-modules/terraform-ibm-landing-zone-vpc/blob/main/solutions/fully-configurable/DA-types.md#subnets-). | <pre>object({<br/>    zone-1 = list(object({<br/>      name           = string<br/>      cidr           = string<br/>      public_gateway = optional(bool)<br/>      acl_name       = string<br/>      no_addr_prefix = optional(bool, false) # do not automatically add address prefix for subnet, overrides other conditions if set to true<br/>      subnet_tags    = optional(list(string), [])<br/>    }))<br/>    zone-2 = optional(list(object({<br/>      name           = string<br/>      cidr           = string<br/>      public_gateway = optional(bool)<br/>      acl_name       = string<br/>      no_addr_prefix = optional(bool, false) # do not automatically add address prefix for subnet, overrides other conditions if set to true<br/>      subnet_tags    = optional(list(string), [])<br/>    })))<br/>    zone-3 = optional(list(object({<br/>      name           = string<br/>      cidr           = string<br/>      public_gateway = optional(bool)<br/>      acl_name       = string<br/>      no_addr_prefix = optional(bool, false) # do not automatically add address prefix for subnet, overrides other conditions if set to true<br/>      subnet_tags    = optional(list(string), [])<br/>    })))<br/>  })</pre> | <pre>{<br/>  "zone-1": [<br/>    {<br/>      "acl_name": "vpc-acl",<br/>      "cidr": "10.10.10.0/24",<br/>      "name": "subnet-a",<br/>      "no_addr_prefix": false,<br/>      "public_gateway": true<br/>    }<br/>  ]<br/>}</pre> | no |
+| <a name="input_vpc_instance_access_tags"></a> [vpc\_instance\_access\_tags](#input\_vpc\_instance\_access\_tags) | The list of access tags to add to the VPC instance. | `list(string)` | `[]` | no |
+| <a name="input_vpc_instance_resource_tags"></a> [vpc\_instance\_resource\_tags](#input\_vpc\_instance\_resource\_tags) | The list of tags to add to the VPC instance. | `list(string)` | `[]` | no |
 | <a name="input_vpc_name"></a> [vpc\_name](#input\_vpc\_name) | Name of the VPC. If a prefix input variable is specified, the prefix is added to the name in the `<prefix>-<name>` format. | `string` | `"vpc"` | no |
 | <a name="input_vpe_gateway_cloud_service_by_crn"></a> [vpe\_gateway\_cloud\_service\_by\_crn](#input\_vpe\_gateway\_cloud\_service\_by\_crn) | The list of cloud service CRNs used to create endpoint gateways. Use this list to identify services that are not supported by service name in the `cloud_services` variable. For a list of supported services, see [VPE-enabled services](https://cloud.ibm.com/docs/vpc?topic=vpc-vpe-supported-services). If `service_name` is not specified, the CRN is used to find the name. If `vpe_name` is not specified in the list, VPE names are created in the format `<prefix>-<vpc_name>-<service_name>`. [Learn more](https://github.com/terraform-ibm-modules/terraform-ibm-landing-zone-vpc/blob/main/solutions/fully-configurable/DA-types.md#vpe-gateway-cloud-service-by-crn-). | <pre>set(<br/>    object({<br/>      crn                          = string<br/>      vpe_name                     = optional(string) # Full control on the VPE name. If not specified, the VPE name will be computed based on prefix, vpc name and service name.<br/>      service_name                 = optional(string) # Name of the service used to compute the name of the VPE. If not specified, the service name will be obtained from the crn.<br/>      allow_dns_resolution_binding = optional(bool, true)<br/>    })<br/>  )</pre> | `[]` | no |
 | <a name="input_vpe_gateway_cloud_services"></a> [vpe\_gateway\_cloud\_services](#input\_vpe\_gateway\_cloud\_services) | The list of cloud services used to create endpoint gateways. If `vpe_name` is not specified in the list, VPE names are created in the format `<prefix>-<vpc_name>-<service_name>`. [Learn more](https://github.com/terraform-ibm-modules/terraform-ibm-landing-zone-vpc/blob/main/solutions/fully-configurable/DA-types.md#vpe-gateway-cloud-services-). | <pre>set(object({<br/>    service_name                 = string<br/>    vpe_name                     = optional(string), # Full control on the VPE name. If not specified, the VPE name will be computed based on prefix, vpc name and service name.<br/>    allow_dns_resolution_binding = optional(bool, false)<br/>  }))</pre> | `[]` | no |
diff --git a/solutions/fully-configurable/catalogValidationValues.json.template b/solutions/fully-configurable/catalogValidationValues.json.template
@@ -1,7 +1,7 @@
 {
   "ibmcloud_api_key": $VALIDATION_APIKEY,
   "region": "us-south",
-  "resource_tags": $TAGS,
+  "vpc_instance_resource_tags": $TAGS,
   "existing_resource_group_name": "geretain-test-resources",
   "prefix": $PREFIX,
   "enable_vpc_flow_logs": true,
diff --git a/solutions/fully-configurable/main.tf b/solutions/fully-configurable/main.tf
@@ -35,7 +35,7 @@ locals {
 
   # configuration for the flow logs bucket
   bucket_config = [{
-    access_tags                   = var.access_tags
+    access_tags                   = var.vpc_instance_access_tags
     bucket_name                   = local.bucket_name
     add_bucket_name_suffix        = var.add_bucket_name_suffix
     kms_encryption_enabled        = var.kms_encryption_enabled_bucket
@@ -188,8 +188,8 @@ module "vpc" {
   create_vpc                             = true
   name                                   = var.vpc_name
   prefix                                 = local.prefix != "" ? trimspace(var.prefix) : null
-  tags                                   = var.resource_tags
-  access_tags                            = var.access_tags
+  tags                                   = var.vpc_instance_resource_tags
+  access_tags                            = var.vpc_instance_access_tags
   subnets                                = var.subnets
   default_network_acl_name               = var.default_network_acl_name
   default_security_group_name            = var.default_security_group_name
diff --git a/solutions/fully-configurable/variables.tf b/solutions/fully-configurable/variables.tf
@@ -53,23 +53,16 @@ variable "region" {
   type        = string
 }
 
-variable "resource_tags" {
-  description = "List of tags for the resources created by this solution."
+variable "vpc_instance_resource_tags" {
   type        = list(string)
+  description = "The list of tags to add to the VPC instance."
   default     = []
 }
 
-variable "access_tags" {
+variable "vpc_instance_access_tags" {
   type        = list(string)
-  description = "A list of access tags to apply to the VPC resources created by this solution. For more information, see https://cloud.ibm.com/docs/account?topic=account-access-tags-tutorial."
+  description = "The list of access tags to add to the VPC instance."
   default     = []
-
-  validation {
-    condition = alltrue([
-      for tag in var.access_tags : can(regex("[\\w\\-_\\.]+:[\\w\\-_\\.]+", tag)) && length(tag) <= 128
-    ])
-    error_message = "Tags must match the regular expression \"[\\w\\-_\\.]+:[\\w\\-_\\.]+\". For more information, see https://cloud.ibm.com/docs/account?topic=account-tag&interface=ui#limits."
-  }
 }
 
 ##############################################################################
diff --git a/tests/pr_test.go b/tests/pr_test.go
@@ -239,8 +239,8 @@ func TestFullyConfigurable(t *testing.T) {
 		{Name: "ibmcloud_api_key", Value: options.RequiredEnvironmentVars["TF_VAR_ibmcloud_api_key"], DataType: "string", Secure: true},
 		{Name: "existing_resource_group_name", Value: resourceGroup, DataType: "string"},
 		{Name: "region", Value: options.Region, DataType: "string"},
-		{Name: "resource_tags", Value: options.Tags, DataType: "list(string)"},
-		{Name: "access_tags", Value: permanentResources["accessTags"], DataType: "list(string)"},
+		{Name: "vpc_instance_resource_tags", Value: options.Tags, DataType: "list(string)"},
+		{Name: "vpc_instance_access_tags", Value: permanentResources["accessTags"], DataType: "list(string)"},
 		{Name: "prefix", Value: options.Prefix, DataType: "string"},
 	}
 
@@ -283,8 +283,8 @@ func TestRunUpgradeFullyConfigurable(t *testing.T) {
 		{Name: "ibmcloud_api_key", Value: options.RequiredEnvironmentVars["TF_VAR_ibmcloud_api_key"], DataType: "string", Secure: true},
 		{Name: "existing_resource_group_name", Value: resourceGroup, DataType: "string"},
 		{Name: "region", Value: options.Region, DataType: "string"},
-		{Name: "resource_tags", Value: options.Tags, DataType: "list(string)"},
-		{Name: "access_tags", Value: permanentResources["accessTags"], DataType: "list(string)"},
+		{Name: "vpc_instance_resource_tags", Value: options.Tags, DataType: "list(string)"},
+		{Name: "vpc_instance_access_tags", Value: permanentResources["accessTags"], DataType: "list(string)"},
 		{Name: "prefix", Value: options.Prefix, DataType: "string"},
 	}
 

Original file line number	Diff line number	Diff line change
`@@ -1,7 +1,7 @@`
`1`	`1`	`{`
`2`	`2`	`"ibmcloud_api_key": $VALIDATION_APIKEY,`
`3`	`3`	`"region": "us-south",`
`4`		`- "resource_tags": $TAGS,`
	`4`	`+ "vpc_instance_resource_tags": $TAGS,`
`5`	`5`	`"existing_resource_group_name": "geretain-test-resources",`
`6`	`6`	`"prefix": $PREFIX,`
`7`	`7`	`"enable_vpc_flow_logs": true,`