Add default tags to terraform providers across the modernisation platform

ministryofjustice / modernisation-platform

A place for the core work of the Modernisation Platform • This repository is defined and managed in Terraform

https://user-guide.modernisation-platform.service.justice.gov.uk

MIT License

680 stars 290 forks source link

Add default tags to terraform providers across the modernisation platform #1519

Open davidkelliott opened 2 years ago

davidkelliott commented 2 years ago

User Story

As part of keeping track of our infrastructure we can add default tags to AWS providers, this will mean that at if people forget to add tags that at least we can have a few basic tags such as this resource was created in terraform.

Value

Helps to keep track of our infrastructure

Questions / Assumptions

Definition of done

[ ] default tags added to core repos
[ ] default tags added to member repos

Reference

How to write good user stories

davidkelliott commented 1 year ago

https://www.hashicorp.com/blog/default-tags-in-the-terraform-aws-provider

SteveLinden commented 1 year ago

Spotted a couple of other tidy up issues related to tags that may be needed too. Will look are removing quotes from around the tag name and replacing https://github.com/ministryofjustice/modernisation-platform with https://github.com/ministryofjustice/modernisation-platform-environments

davidkelliott commented 1 year ago

https://support.hashicorp.com/hc/en-us/articles/4406026108435-Known-issues-with-default-tags-in-the-Terraform-AWS-Provider

davidkelliott commented 1 year ago

Not fit for purpose now, parking.

dms1981 commented 1 year ago

https://github.com/hashicorp/terraform-provider-aws/issues/29842

According to Hashicorp, enhancements to how default tags are supported are due in the next major release of the Terraform AWS provider

dms1981 commented 7 months ago

This looks relatively straightforward to do now: https://www.hashicorp.com/blog/terraform-aws-provider-5-0-adds-updates-to-default-tags

From a skim, it's as simple as defining the default tags that we already do within a local to the providers.tf provider block like so:

provider "aws" {
  default_tags {
    tags = {
      environment = "Dev"
      department  = "WebEng"
      application = "HashiCafe website"
      cost_center = "8675309"
    }
  }
}

Further to this, from skimming the docs the use of input variables is also supported here, so this should be as simple as lifting-and-shifting from local.tags to a default_tags block, and tidying up code in the repository.

dms1981 commented 5 months ago

I spent a little time investigating this in example and found that we'd also need to support this in modules we use. When we apply it to locally-created resources we can see the tags reflected in the tags_all value when a plan is run. However, this isn't always the case with modules. I saw that with the modernisation-platform-terraform-ecs-cluster, removing the tags {} variable didn't result in the default tags being applied.

The light touch approach with this story would be to simply add the default_tags {} block to the provider statements and reference the local tags inside it.

github-actions[bot] commented 2 months ago

This issue is stale because it has been open 90 days with no activity.