Subnet - access management support - updated check for user tags(defa…

…ult) to add schematicstags Subnet - access management support Updated - condition check for schematics tags, was removed earlier
IBM-Cloud · Aug 2, 2021 · b2f9497 · b2f9497
1 parent 6633c2a
commit b2f9497
Show file tree

Hide file tree

Showing 5 changed files with 92 additions and 14 deletions.
diff --git a/ibm/data_source_ibm_is_subnet.go b/ibm/data_source_ibm_is_subnet.go
@@ -55,6 +55,14 @@ func dataSourceIBMISSubnet() *schema.Resource {
 				Description: "List of tags",
 			},
 
+			isSubnetAccessTags: {
+				Type:        schema.TypeSet,
+				Computed:    true,
+				Elem:        &schema.Schema{Type: schema.TypeString},
+				Set:         resourceIBMVPCHash,
+				Description: "List of access tags",
+			},
+
 			isSubnetCRN: {
 				Type:        schema.TypeString,
 				Computed:    true,
@@ -160,7 +168,6 @@ func subnetGetByNameOrID(d *schema.ResourceData, meta interface{}) error {
 		return err
 	}
 	var subnet *vpcv1.Subnet
-
 	if v, ok := d.GetOk("identifier"); ok {
 		id := v.(string)
 		getSubnetOptions := &vpcv1.GetSubnetOptions{
@@ -225,12 +232,21 @@ func subnetGetByNameOrID(d *schema.ResourceData, meta interface{}) error {
 	if err != nil {
 		return err
 	}
-	tags, err := GetTagsUsingCRN(meta, *subnet.CRN)
+
+	tags, err := GetGlobalTagsUsingCRN(meta, *subnet.CRN, "", isUserTagType)
 	if err != nil {
 		log.Printf(
 			"An error occured during reading of subnet (%s) tags : %s", d.Id(), err)
 	}
+
+	accesstags, err := GetGlobalTagsUsingCRN(meta, *subnet.CRN, "", isAccessTagType)
+	if err != nil {
+		log.Printf(
+			"Error on get of resource subnet (%s) access tags: %s", d.Id(), err)
+	}
+
 	d.Set(isSubnetTags, tags)
+	d.Set(isSubnetAccessTags, accesstags)
 	d.Set(isSubnetCRN, *subnet.CRN)
 	d.Set(ResourceControllerURL, controller+"/vpc-ext/network/subnets")
 	d.Set(ResourceName, *subnet.Name)

diff --git a/ibm/resource_ibm_is_subnet.go b/ibm/resource_ibm_is_subnet.go
@@ -40,6 +40,9 @@ const (
 	isSubnetDeleted          = "done"
 	isSubnetRoutingTableID   = "routing_table"
 	isSubnetInUse            = "resources_attached"
+	isSubnetAccessTags       = "access_tags"
+	isUserTagType            = "user"
+	isAccessTagType          = "access"
 )
 
 func resourceIBMISSubnet() *schema.Resource {
@@ -113,6 +116,15 @@ func resourceIBMISSubnet() *schema.Resource {
 				Description: "List of tags",
 			},
 
+			isSubnetAccessTags: {
+				Type:        schema.TypeSet,
+				Optional:    true,
+				Computed:    true,
+				Elem:        &schema.Schema{Type: schema.TypeString, ValidateFunc: InvokeValidator("ibm_is_subnet", "accesstag")},
+				Set:         resourceIBMVPCHash,
+				Description: "List of access management tags",
+			},
+
 			isSubnetCRN: {
 				Type:        schema.TypeString,
 				Computed:    true,
@@ -231,6 +243,16 @@ func resourceIBMISSubnetValidator() *ResourceValidator {
 			MinValueLength:             1,
 			MaxValueLength:             128})
 
+	validateSchema = append(validateSchema,
+		ValidateSchema{
+			Identifier:                 "accesstag",
+			ValidateFunctionIdentifier: ValidateRegexpLen,
+			Type:                       TypeString,
+			Optional:                   true,
+			Regexp:                     `^([ ]*[A-Za-z0-9:_.-]+[ ]*)+$`,
+			MinValueLength:             1,
+			MaxValueLength:             128})
+
 	ibmISSubnetResourceValidator := ResourceValidator{ResourceName: "ibm_is_subnet", Schema: validateSchema}
 	return &ibmISSubnetResourceValidator
 }
@@ -287,6 +309,7 @@ func resourceIBMISSubnetCreate(d *schema.ResourceData, meta interface{}) error {
 }
 
 func subnetCreate(d *schema.ResourceData, meta interface{}, name, vpc, zone, ipv4cidr, acl, gw, rtID string, ipv4addrcount64 int64) error {
+
 	sess, err := vpcClient(meta)
 	if err != nil {
 		return err
@@ -337,7 +360,7 @@ func subnetCreate(d *schema.ResourceData, meta interface{}, name, vpc, zone, ipv
 	subnet, response, err := sess.CreateSubnet(createSubnetOptions)
 	if err != nil {
 		log.Printf("[DEBUG] Subnet err %s\n%s", err, response)
-		return fmt.Errorf("Error while creating Subnet %s\n%s", err, response)
+		return fmt.Errorf("Error while creating Subnet %s\n%v", err, response)
 	}
 	d.SetId(*subnet.ID)
 	log.Printf("[INFO] Subnet : %s", *subnet.ID)
@@ -348,12 +371,22 @@ func subnetCreate(d *schema.ResourceData, meta interface{}, name, vpc, zone, ipv
 	v := os.Getenv("IC_ENV_TAGS")
 	if _, ok := d.GetOk(isSubnetTags); ok || v != "" {
 		oldList, newList := d.GetChange(isSubnetTags)
-		err = UpdateTagsUsingCRN(oldList, newList, meta, *subnet.CRN)
+		err = UpdateGlobalTagsUsingCRN(oldList, newList, meta, *subnet.CRN, "", isUserTagType)
 		if err != nil {
 			log.Printf(
 				"Error on create of resource subnet (%s) tags: %s", d.Id(), err)
 		}
 	}
+
+	if _, ok := d.GetOk(isSubnetAccessTags); ok {
+		oldList, newList := d.GetChange(isSubnetAccessTags)
+		err = UpdateGlobalTagsUsingCRN(oldList, newList, meta, *subnet.CRN, "", isAccessTagType)
+		if err != nil {
+			log.Printf(
+				"Error on create of resource subnet (%s) access tags: %s", d.Id(), err)
+		}
+	}
+
 	return nil
 }
 
@@ -443,12 +476,21 @@ func subnetGet(d *schema.ResourceData, meta interface{}, id string) error {
 	if err != nil {
 		return err
 	}
-	tags, err := GetTagsUsingCRN(meta, *subnet.CRN)
+
+	tags, err := GetGlobalTagsUsingCRN(meta, *subnet.CRN, "", isUserTagType)
 	if err != nil {
 		log.Printf(
 			"Error on get of resource subnet (%s) tags: %s", d.Id(), err)
 	}
+
+	accesstags, err := GetGlobalTagsUsingCRN(meta, *subnet.CRN, "", isAccessTagType)
+	if err != nil {
+		log.Printf(
+			"Error on get of resource subnet (%s) access tags: %s", d.Id(), err)
+	}
+
 	d.Set(isSubnetTags, tags)
+	d.Set(isSubnetAccessTags, accesstags)
 	d.Set(isSubnetCRN, *subnet.CRN)
 	d.Set(ResourceControllerURL, controller+"/vpc-ext/network/subnets")
 	d.Set(ResourceName, *subnet.Name)
@@ -463,14 +505,25 @@ func subnetGet(d *schema.ResourceData, meta interface{}, id string) error {
 
 func resourceIBMISSubnetUpdate(d *schema.ResourceData, meta interface{}) error {
 	id := d.Id()
+
 	if d.HasChange(isSubnetTags) {
 		oldList, newList := d.GetChange(isSubnetTags)
-		err := UpdateTagsUsingCRN(oldList, newList, meta, d.Get(isSubnetCRN).(string))
+		err := UpdateGlobalTagsUsingCRN(oldList, newList, meta, d.Get(isSubnetCRN).(string), "", isUserTagType)
 		if err != nil {
 			log.Printf(
 				"Error on update of resource subnet (%s) tags: %s", d.Id(), err)
 		}
 	}
+
+	if d.HasChange(isSubnetAccessTags) {
+		oldList, newList := d.GetChange(isSubnetAccessTags)
+		err := UpdateGlobalTagsUsingCRN(oldList, newList, meta, d.Get(isSubnetCRN).(string), "", isAccessTagType)
+		if err != nil {
+			log.Printf(
+				"Error on update of resource subnet (%s) access tags: %s", d.Id(), err)
+		}
+	}
+
 	err := subnetUpdate(d, meta, id)
 	if err != nil {
 		return err

diff --git a/ibm/structures.go b/ibm/structures.go
@@ -1833,17 +1833,24 @@ func UpdateGlobalTagsUsingCRN(oldList, newList interface{}, meta interface{}, re
 		remove[i] = fmt.Sprint(v)
 	}
 
-	schematicTags := os.Getenv("IC_ENV_TAGS")
-	var envTags []string
-	if schematicTags != "" {
-		envTags = strings.Split(schematicTags, ",")
-		add = append(add, envTags...)
+	if strings.TrimSpace(tagType) == "" || tagType == "user" {
+		schematicTags := os.Getenv("IC_ENV_TAGS")
+		var envTags []string
+		if schematicTags != "" {
+			envTags = strings.Split(schematicTags, ",")
+			add = append(add, envTags...)
+		}
 	}
 
 	if len(remove) > 0 {
-		detachTagOptions := &globaltaggingv1.DetachTagOptions{
-			Resources: resources,
-			TagNames:  remove,
+		detachTagOptions := &globaltaggingv1.DetachTagOptions{}
+		detachTagOptions.Resources = resources
+		detachTagOptions.TagNames = remove
+		if len(tagType) > 0 {
+			detachTagOptions.TagType = ptrToString(tagType)
+			if tagType == service {
+				detachTagOptions.AccountID = ptrToString(acctID)
+			}
 		}
 
 		_, resp, err := gtClient.DetachTag(detachTagOptions)

diff --git a/website/docs/d/is_subnet.html.markdown b/website/docs/d/is_subnet.html.markdown
@@ -59,6 +59,7 @@ Review the argument references that you can specify for your data source.
 ## Attribute reference
 In addition to all argument reference list, you can access the following attribute references after your data source is created. 
 
+- `access_tags`  - (String) Access management tags associated for the instance.
 - `available_ipv4_address_count` - (Integer) The total number of available IPv4 addresses.
 - `crn` - (String) The CRN of subnet.
 - `ipv4_cidr_block` -  (String) The IPv4 range of the subnet.

diff --git a/website/docs/r/is_subnet.html.markdown b/website/docs/r/is_subnet.html.markdown
@@ -50,6 +50,7 @@ The `ibm_is_subnet` resource provides the following [Timeouts](https://www.terra
 ## Argument reference
 Review the argument references that you can specify for your resource. 
 
+- `access_tags`  - (Optional, List of Strings) A list of access management tags to attach to the subnet. **Note** For more information, about creating access tags, see [working with tags](https://cloud.ibm.com/docs/account?topic=account-tag).
 - `ipv4_cidr_block` - (Optional, Forces new resource, String) The IPv4 range of the subnet.
 - `ip_version` - (Optional, Forces new resource, String) The IP Version. The default is `ipv4`.
 - `name` - (Required, String) The name of the subnet.