IBM-Cloud · hkantare · Nov 4, 2024 · Oct 21, 2024 · Oct 23, 2024 · Oct 29, 2024
diff --git a/ibm/service/vpc/data_source_ibm_is_vpc_default_routing_table.go b/ibm/service/vpc/data_source_ibm_is_vpc_default_routing_table.go
@@ -6,6 +6,7 @@ package vpc
 import (
 	"log"
 
+	"github.com/IBM-Cloud/terraform-provider-ibm/ibm/flex"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
 )
 
@@ -29,6 +30,10 @@ const (
 	isDefaultRTResourceGroupHref        = "href"
 	isDefaultRTResourceGroupId          = "id"
 	isDefaultRTResourceGroupName        = "name"
+	isDefaultRTTags                     = "tags"
+	isDefaultRTAccessTags               = "access_tags"
+	isDefaultRTAccessTagType            = "access"
+	isDefaultRTUserTagType              = "user"
 )
 
 func DataSourceIBMISVPCDefaultRoutingTable() *schema.Resource {
@@ -162,6 +167,19 @@ func DataSourceIBMISVPCDefaultRoutingTable() *schema.Resource {
 					},
 				},
 			},
+			isDefaultRTTags: {
+				Type:     schema.TypeSet,
+				Computed: true,
+				Elem:     &schema.Schema{Type: schema.TypeString},
+				Set:      flex.ResourceIBMVPCHash,
+			},
+			isDefaultRTAccessTags: {
+				Type:        schema.TypeSet,
+				Computed:    true,
+				Elem:        &schema.Schema{Type: schema.TypeString},
+				Set:         flex.ResourceIBMVPCHash,
+				Description: "List of access tags",
+			},
 		},
 	}
 }
@@ -224,5 +242,19 @@ func dataSourceIBMISVPCDefaultRoutingTableGet(d *schema.ResourceData, meta inter
 	d.Set(isDefaultRTResourceGroup, resourceGroupList)
 	d.Set(isDefaultRTVpcID, vpcID)
 	d.SetId(*result.ID)
+
+	tags, err := flex.GetGlobalTagsUsingCRN(meta, *result.CRN, "", isDefaultRTUserTagType)
+	if err != nil {
+		log.Printf(
+			"An error occured during reading of default routing table (%s) tags : %s", d.Id(), err)
+	}
+	d.Set(isDefaultRTTags, tags)
+
+	accesstags, err := flex.GetGlobalTagsUsingCRN(meta, *result.CRN, "", isDefaultRTAccessTagType)
+	if err != nil {
+		log.Printf(
+			"An error occured during reading of default routing table (%s) access tags: %s", d.Id(), err)
+	}
+	d.Set(isDefaultRTAccessTags, accesstags)
 	return nil
 }
diff --git a/ibm/service/vpc/data_source_ibm_is_vpc_routing_table.go b/ibm/service/vpc/data_source_ibm_is_vpc_routing_table.go
@@ -222,6 +222,19 @@ func DataSourceIBMIBMIsVPCRoutingTable() *schema.Resource {
 					},
 				},
 			},
+			rtTags: {
+				Type:     schema.TypeSet,
+				Computed: true,
+				Elem:     &schema.Schema{Type: schema.TypeString},
+				Set:      flex.ResourceIBMVPCHash,
+			},
+			rtAccessTags: {
+				Type:        schema.TypeSet,
+				Computed:    true,
+				Elem:        &schema.Schema{Type: schema.TypeString},
+				Set:         flex.ResourceIBMVPCHash,
+				Description: "List of access tags",
+			},
 		},
 	}
 }
@@ -381,6 +394,20 @@ func dataSourceIBMIBMIsVPCRoutingTableRead(context context.Context, d *schema.Re
 		return diag.FromErr(fmt.Errorf("[ERROR] Error setting resource group %s", err))
 	}
 
+	tags, err := flex.GetGlobalTagsUsingCRN(meta, *routingTable.CRN, "", rtUserTagType)
+	if err != nil {
+		log.Printf(
+			"An error occured during reading of routing table (%s) tags : %s", d.Id(), err)
+	}
+	d.Set(rtTags, tags)
+
+	accesstags, err := flex.GetGlobalTagsUsingCRN(meta, *routingTable.CRN, "", rtAccessTagType)
+	if err != nil {
+		log.Printf(
+			"An error occured during reading of routing table (%s) access tags: %s", d.Id(), err)
+	}
+	d.Set(rtAccessTags, accesstags)
+
 	return nil
 }
 

diff --git a/ibm/service/vpc/data_source_ibm_is_vpc_routing_tables.go b/ibm/service/vpc/data_source_ibm_is_vpc_routing_tables.go
@@ -198,6 +198,21 @@ func DataSourceIBMISVPCRoutingTables() *schema.Resource {
 								},
 							},
 						},
+
+						rtTags: {
+							Type:     schema.TypeSet,
+							Computed: true,
+							Elem:     &schema.Schema{Type: schema.TypeString},
+							Set:      flex.ResourceIBMVPCHash,
+						},
+
+						rtAccessTags: {
+							Type:        schema.TypeSet,
+							Computed:    true,
+							Elem:        &schema.Schema{Type: schema.TypeString},
+							Set:         flex.ResourceIBMVPCHash,
+							Description: "List of access tags",
+						},
 					},
 				},
 			},
@@ -319,6 +334,20 @@ func dataSourceIBMISVPCRoutingTablesList(d *schema.ResourceData, meta interface{
 		}
 		rtable[rtResourceGroup] = resourceGroupList
 
+		tags, err := flex.GetGlobalTagsUsingCRN(meta, *routingTable.CRN, "", rtUserTagType)
+		if err != nil {
+			log.Printf(
+				"An error occured during reading of routing table (%s) tags : %s", d.Id(), err)
+		}
+		rtable[rtTags] = tags
+
+		accesstags, err := flex.GetGlobalTagsUsingCRN(meta, *routingTable.CRN, "", rtAccessTagType)
+		if err != nil {
+			log.Printf(
+				"An error occured during reading of routing table (%s) access tags: %s", d.Id(), err)
+		}
+		rtable[rtAccessTags] = accesstags
+
 		vpcRoutingTables = append(vpcRoutingTables, rtable)
 	}
 

diff --git a/ibm/service/vpc/resource_ibm_is_vpc_routing_table.go b/ibm/service/vpc/resource_ibm_is_vpc_routing_table.go
@@ -4,14 +4,18 @@
 package vpc
 
 import (
+	"context"
 	"fmt"
 	"log"
+	"os"
 	"strings"
 	"time"
 
+	"github.com/IBM-Cloud/terraform-provider-ibm/ibm/flex"
 	"github.com/IBM-Cloud/terraform-provider-ibm/ibm/validate"
 	"github.com/IBM/go-sdk-core/v5/core"
 	"github.com/IBM/vpc-go-sdk/vpcv1"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/customdiff"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
 )
 
@@ -38,6 +42,10 @@ const (
 	rtResourceGroupHref          = "href"
 	rtResourceGroupId            = "id"
 	rtResourceGroupName          = "name"
+	rtAccessTags                 = "access_tags"
+	rtAccessTagType              = "access"
+	rtTags                       = "tags"
+	rtUserTagType                = "user"
 )
 
 func ResourceIBMISVPCRoutingTable() *schema.Resource {
@@ -54,6 +62,12 @@ func ResourceIBMISVPCRoutingTable() *schema.Resource {
 			Update: schema.DefaultTimeout(10 * time.Minute),
 			Delete: schema.DefaultTimeout(10 * time.Minute),
 		},
+		CustomizeDiff: customdiff.All(
+			customdiff.Sequence(
+				func(_ context.Context, diff *schema.ResourceDiff, v interface{}) error {
+					return flex.ResourceValidateAccessTags(diff, v)
+				}),
+		),
 		Schema: map[string]*schema.Schema{
 			rtVpcID: {
 				Type:        schema.TypeString,
@@ -190,6 +204,23 @@ func ResourceIBMISVPCRoutingTable() *schema.Resource {
 					},
 				},
 			},
+			rtTags: {
+				Type:        schema.TypeSet,
+				Optional:    true,
+				Computed:    true,
+				Elem:        &schema.Schema{Type: schema.TypeString, ValidateFunc: validate.InvokeValidator("ibm_is_vpc_routing_table", "tags")},
+				Set:         flex.ResourceIBMVPCHash,
+				Description: "List of tags",
+			},
+
+			rtAccessTags: {
+				Type:        schema.TypeSet,
+				Optional:    true,
+				Computed:    true,
+				Elem:        &schema.Schema{Type: schema.TypeString, ValidateFunc: validate.InvokeValidator("ibm_is_vpc_routing_table", "accesstag")},
+				Set:         flex.ResourceIBMVPCHash,
+				Description: "List of access management tags",
+			},
 		},
 	}
 }
@@ -209,6 +240,26 @@ func ResourceIBMISVPCRoutingTableValidator() *validate.ResourceValidator {
 			MinValueLength:             1,
 			MaxValueLength:             63})
 
+	validateSchema = append(validateSchema, validate.ValidateSchema{
+		Identifier:                 "accesstag",
+		ValidateFunctionIdentifier: validate.ValidateRegexpLen,
+		Type:                       validate.TypeString,
+		Optional:                   true,
+		Regexp:                     `^([A-Za-z0-9_.-]|[A-Za-z0-9_.-][A-Za-z0-9_ .-]*[A-Za-z0-9_.-]):([A-Za-z0-9_.-]|[A-Za-z0-9_.-][A-Za-z0-9_ .-]*[A-Za-z0-9_.-])$`,
+		MinValueLength:             1,
+		MaxValueLength:             128,
+	})
+
+	validateSchema = append(validateSchema,
+		validate.ValidateSchema{
+			Identifier:                 "tags",
+			ValidateFunctionIdentifier: validate.ValidateRegexpLen,
+			Type:                       validate.TypeString,
+			Optional:                   true,
+			Regexp:                     `^[A-Za-z0-9:_ .-]+$`,
+			MinValueLength:             1,
+			MaxValueLength:             128})
+
 	validateSchema = append(validateSchema,
 		validate.ValidateSchema{
 			Identifier:                 rtAction,
@@ -280,6 +331,25 @@ func resourceIBMISVPCRoutingTableCreate(d *schema.ResourceData, meta interface{}
 
 	d.SetId(fmt.Sprintf("%s/%s", vpcID, *routeTable.ID))
 
+	v := os.Getenv("IC_ENV_TAGS")
+	if _, ok := d.GetOk(rtTags); ok || v != "" {
+		oldList, newList := d.GetChange(rtTags)
+		err = flex.UpdateGlobalTagsUsingCRN(oldList, newList, meta, *routeTable.CRN, "", rtUserTagType)
+		if err != nil {
+			log.Printf(
+				"Error on create of resource routing table (%s) tags: %s", d.Id(), err)
+		}
+	}
+
+	if _, ok := d.GetOk(rtAccessTags); ok {
+		oldList, newList := d.GetChange(rtAccessTags)
+		err = flex.UpdateGlobalTagsUsingCRN(oldList, newList, meta, *routeTable.CRN, "", rtAccessTags)
+		if err != nil {
+			log.Printf(
+				"Error on create of resource routing table (%s) access tags: %s", d.Id(), err)
+		}
+	}
+
 	return resourceIBMISVPCRoutingTableRead(d, meta)
 }
 
@@ -348,6 +418,20 @@ func resourceIBMISVPCRoutingTableRead(d *schema.ResourceData, meta interface{})
 	}
 	d.Set(rtResourceGroup, resourceGroupList)
 
+	tags, err := flex.GetGlobalTagsUsingCRN(meta, *routeTable.CRN, "", rtUserTagType)
+	if err != nil {
+		log.Printf(
+			"Error on get of resource routing table (%s) tags: %s", d.Id(), err)
+	}
+	d.Set(rtTags, tags)
+
+	accesstags, err := flex.GetGlobalTagsUsingCRN(meta, *routeTable.CRN, "", rtAccessTagType)
+	if err != nil {
+		log.Printf(
+			"Error on get of resource routing table (%s) access tags: %s", d.Id(), err)
+	}
+	d.Set(rtAccessTags, accesstags)
+
 	return nil
 }
 
@@ -375,9 +459,30 @@ func resourceIBMISVPCRoutingTableUpdate(d *schema.ResourceData, meta interface{}
 	//Etag
 	idSett := strings.Split(d.Id(), "/")
 	getVpcRoutingTableOptions := sess.NewGetVPCRoutingTableOptions(idSett[0], idSett[1])
-	_, respGet, err := sess.GetVPCRoutingTable(getVpcRoutingTableOptions)
+	routingTableGet, respGet, err := sess.GetVPCRoutingTable(getVpcRoutingTableOptions)
+	if err != nil {
+		return fmt.Errorf("Error getting routing table : %s\n%s", err, respGet)
+	}
 	eTag := respGet.Headers.Get("ETag")
 
+	if d.HasChange(rtAccessTags) {
+		oldList, newList := d.GetChange(rtAccessTags)
+		err = flex.UpdateGlobalTagsUsingCRN(oldList, newList, meta, *routingTableGet.CRN, "", rtAccessTagType)
+		if err != nil {
+			log.Printf(
+				"Error on update of resource routing table (%s) access tags: %s", d.Id(), err)
+		}
+	}
+
+	if d.HasChange(rtTags) {
+		oldList, newList := d.GetChange(rtTags)
+		err = flex.UpdateGlobalTagsUsingCRN(oldList, newList, meta, *routingTableGet.CRN, "", rtUserTagType)
+		if err != nil {
+			log.Printf(
+				"Error on update of resource routing table (%s) tags: %s", d.Id(), err)
+		}
+	}
+
 	idSet := strings.Split(d.Id(), "/")
 	updateVpcRoutingTableOptions := new(vpcv1.UpdateVPCRoutingTableOptions)
 	updateVpcRoutingTableOptions.VPCID = &idSet[0]

diff --git a/website/docs/d/is_vpc_default_routing_table.html.markdown b/website/docs/d/is_vpc_default_routing_table.html.markdown
@@ -40,6 +40,7 @@ Review the argument references that you can specify for your data source.
 ## Attribute reference
 In addition to the argument reference list, you can access the following attribute references after your data source is created. 
 
+- `access_tags`  - (List) Access management tags associated for the default routing table.
 - `created_at` - (Timestamp)  The date and time that the default routing table was created.
 - `crn` -  (String) The crn for this default routing table.
 - `default_routing_table` - (String) The unique identifier for this routing table.
@@ -63,3 +64,4 @@ In addition to the argument reference list, you can access the following attribu
   Nested scheme for `subnets`:
 	- `id` - (String) The unique ID of the subnet.
 	- `name` - (String) The name of the subnet.
+- `tags` - (List) Tags associated with the default routing table.  
diff --git a/website/docs/d/is_vpc_routing_table.html.markdown b/website/docs/d/is_vpc_routing_table.html.markdown
@@ -49,6 +49,7 @@ Review the argument reference that you can specify for your data source.
 
 In addition to all argument references listed, you can access the following attribute references after your data source is created.
 
+- `access_tags`  - (List) Access management tags associated for the routing table.
 - `accept_routes_from` - (List) The filters specifying the resources that may create routes in this routing table.At present, only the `resource_type` filter is permitted, and only the `vpn_gateway` value is supported, but filter support is expected to expand in the future.
 	Nested scheme for **accept_routes_from**:
 	- `resource_type` - (String) The resource type.
@@ -66,6 +67,12 @@ In addition to all argument references listed, you can access the following attr
   - Constraints: Allowable values are: `deleting`, `failed`, `pending`, `stable`, `suspended`, `updating`, `waiting`.
 - `name` - (String) The user-defined name for this routing table.
 - `resource_type` - (String) The resource type.
+- `resource_group` - (List) The resource group for this routing table. 
+
+	Nested scheme for `resource_group`:
+    - `href` - (String) The URL for this resource group.
+    - `id` - (String) The unique identifier for this resource group.
+    - `name` - (String) The name for this resource group.
 - `route_direct_link_ingress` - (Boolean) Indicates whether this routing table is used to route traffic that originates from [Direct Link](https://cloud.ibm.com/docs/dl/) to this VPC.Incoming traffic will be routed according to the routing table with one exception: routes with an `action` of `deliver` are treated as `drop` unless the `next_hop` is an IP address within the VPC's address prefix ranges. Therefore, if an incoming packet matches a route with a `next_hop` of an internet-bound IP address or a VPN gateway connection, the packet will be dropped.
 - `route_internet_ingress` - (Boolean) Indicates whether this routing table is used to route traffic that originates from the internet.Incoming traffic will be routed according to the routing table with two exceptions:- Traffic destined for IP addresses associated with public gateways will not be  subject to routes in this routing table.- Routes with an action of deliver are treated as drop unless the `next_hop` is an  IP address bound to a network interface on a subnet in the route's `zone`.  Therefore, if an incoming packet matches a route with a `next_hop` of an  internet-bound IP address or a VPN gateway connection, the packet will be dropped.
 - `route_transit_gateway_ingress` - (Boolean) Indicates whether this routing table is used to route traffic that originates from from [Transit Gateway](https://cloud.ibm.com/cloud/transit-gateway/) to this VPC.Incoming traffic will be routed according to the routing table with one exception: routes with an `action` of `deliver` are treated as `drop` unless the `next_hop` is an IP address within the VPC's address prefix ranges. Therefore, if an incoming packet matches a route with a `next_hop` of an internet-bound IP address or a VPN gateway connection, the packet will be dropped.
@@ -86,4 +93,5 @@ In addition to all argument references listed, you can access the following attr
 		- `more_info` - (String) Link to documentation about deleted resources.
 	- `href` - (String) The URL for this subnet.
 	- `id` - (String) The unique identifier for this subnet.
-	- `name` - (String) The user-defined name for this subnet.
+	- `name` - (String) The user-defined name for this subnet.
+- `tags` - (List) Tags associated with the routing table.	
diff --git a/website/docs/d/is_vpc_routing_tables.html.markdown b/website/docs/d/is_vpc_routing_tables.html.markdown
@@ -45,6 +45,7 @@ In addition to the argument reference list, you can access the following attribu
 - `routing_tables` (List) List of all the routing tables in a VPC.
 
   Nested scheme for `routing_tables`:
+    - `access_tags`  - (List) Access management tags associated for the routing table.
 	- `accept_routes_from` - (List) The filters specifying the resources that may create routes in this routing table.At present, only the `resource_type` filter is permitted, and only the `vpn_gateway` value is supported, but filter support is expected to expand in the future.
 		Nested scheme for **accept_routes_from**:
 		- `resource_type` - (String) The resource type.		
@@ -60,6 +61,11 @@ In addition to the argument reference list, you can access the following attribu
 	- `lifecycle_state` - (String) The lifecycle state of the routing table.
 	- `name` - (String) The name for the default routing tables.
 	- `resource_type` - (String) The type of resource referenced.
+	- `resource_group` - (List) The resource group for this routing table.
+		Nested scheme for `resource_group`:
+		- `href` - (String) The URL for this resource group.
+		- `id` - (String) The unique identifier for this resource group.
+		- `name` - (String) The name for this resource group.
 	- `route_table` - (String) The unique ID for the routing table.
 	- `route_direct_link_ingress` - (String) Indicates if the routing table is used to route traffic that originates from Direct Link to the VPC.
 	- `route_internet_ingress` - (Boolean) Indicates whether this routing table is used to route traffic that originates from the internet.
@@ -73,3 +79,4 @@ In addition to the argument reference list, you can access the following attribu
 		Nested scheme for `subnets`:
 		- `id` - (String) The unique ID of the subnet.
 		- `name` - (String) The user-defined name of the subnet.
+	- `tags` - (List) Tags associated with the routing table.