Global tags overrides first level network tags

[bruno-chavez]

Describe the bug Global tags defined in global-config.yaml override tags defined in network-config.yaml, looks like it affects all resources defined at the first level, meaning that nested resources have properly defined tags. Only tested on prefix lists, transit gateways, central networking services, vpcs and customer gateways .

Not sure if feature or bug since the documentation does not mention anything regarding this interaction, but is definitely an issue for me since I loose control on how can I tag my networking resources.

To Reproduce

1. Define global tags in global-config.yaml:

   tags:
   - key: test1
   value: a
   - key: test2
   value: b

2. Define tags in any resource inside network-config.yaml, in this example transit gateway and transit gateway route tables:

   transitGateways:
   - name: twg-test
   account: test
   region: us-east-1
   routeTables:
     - name: test-table
       tags:     <- works fine
         - key: test1
           value: c
         - key: test2
           value: d
   asn: 65500
   dnsSupport: enable
   vpnEcmpSupport: enable
   defaultRouteTableAssociation: disable
   defaultRouteTablePropagation: disable
   autoAcceptSharingAttachments: enable
   tags:          <- doesn't work
       - key: test1
          value: c
       - key: test2
          value: d

3. Deploy

Expected behavior Tags defined in network-config.yaml should either override global defaults completely or don't at all.

Please complete the following information about the solution:

• [x] Version: v1.5.1
• [x] Region: us-east-1
• [ ] Was the solution modified from the version published on this repository?
• [ ] If the answer to the previous question was yes, are the changes available on GitHub?
• [x] Have you checked your service quotas for the services this solution uses? Yes
• [x] Were there any errors in the CloudWatch Logs? No

Screenshots Additional context

[bo1984]

Hi Bruno! Thank you for utilizing the Landing Zone Accelerator on AWS solution. I'm attempting to replicate this issue on my end. I will provide further updates. Please let me know if you have any questions or concerns in the meantime.

[bo1984]

Hi Bruno! Thank you for your patience. Looking deeper into our code, when it comes to applying global tags, we have exceptions in place for Transit Gateway Route Tables, which can be viewed here. We have this exception in place as adding tags to the TGW Route Table resources is a destructive change compared to other constructs that are natively supported by the accelerator.

Please let me know if you have any other questions or concerns.

[bruno-chavez]

Hi, just to be clear then global tags overriding network tags is a feature not a bug right? Not ideal IMO, but thanks for verifying the behaviour.

[bo1984]

That is correct, this functionality is intended.