From df2a793b17e51774c26f3bae9c2f0878ea85e3aa Mon Sep 17 00:00:00 2001
From: badra001 <donald.e.badrak.ii@census.gov>
Date: Thu, 9 May 2024 11:02:35 -0400
Subject: [PATCH] * 2.9.17 -- 2024-05-09   - tag-shared-vpc-resources     -
 remap Name tag of subnet if the AZ ID is different in the source vs the taget

---
 CHANGELOG.md                                  |  4 ++++
 tag-shared-vpc-resources/README.md            |  8 +++++++-
 tag-shared-vpc-resources/availabilty_zones.tf |  1 +
 tag-shared-vpc-resources/az.tf                |  3 +++
 tag-shared-vpc-resources/tag-subnets.tf       | 16 +++++++++++++++-
 5 files changed, 30 insertions(+), 2 deletions(-)
 create mode 120000 tag-shared-vpc-resources/availabilty_zones.tf
 create mode 100644 tag-shared-vpc-resources/az.tf

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 422d342..4f74d64 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -387,3 +387,7 @@
 * 2.9.16 -- 2024-05-08
   - tag-shared-vpc-resources
     - fix nacl tagging
+
+* 2.9.17 -- 2024-05-09
+  - tag-shared-vpc-resources
+    - remap Name tag of subnet if the AZ ID is different in the source vs the taget
diff --git a/tag-shared-vpc-resources/README.md b/tag-shared-vpc-resources/README.md
index bb5792f..e61069f 100644
--- a/tag-shared-vpc-resources/README.md
+++ b/tag-shared-vpc-resources/README.md
@@ -401,6 +401,8 @@ No modules.
 | [null_resource.setup_directory](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource |
 | [aws_arn.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/arn) | data source |
 | [aws_arn.network_account](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/arn) | data source |
+| [aws_availability_zone.zone](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/availability_zone) | data source |
+| [aws_availability_zones.zones](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/availability_zones) | data source |
 | [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |
 | [aws_caller_identity.network_account](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |
 | [aws_ec2_transit_gateway.transit_gateway](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ec2_transit_gateway) | data source |
@@ -441,5 +443,9 @@ No modules.
 
 ## Outputs
 
-No outputs.
+| Name | Description |
+|------|-------------|
+| <a name="output_availability_zone_ids"></a> [availability\_zone\_ids](#output\_availability\_zone\_ids) | VPC Availability zone id list (3) |
+| <a name="output_availability_zone_names"></a> [availability\_zone\_names](#output\_availability\_zone\_names) | VPC Availability zone name list (3) |
+| <a name="output_availability_zone_suffixes"></a> [availability\_zone\_suffixes](#output\_availability\_zone\_suffixes) | VPC Availability zone suffix list (3) |
 <!-- END_TF_DOCS -->
\ No newline at end of file
diff --git a/tag-shared-vpc-resources/availabilty_zones.tf b/tag-shared-vpc-resources/availabilty_zones.tf
new file mode 120000
index 0000000..00a240c
--- /dev/null
+++ b/tag-shared-vpc-resources/availabilty_zones.tf
@@ -0,0 +1 @@
+../common/availabilty_zones.tf
\ No newline at end of file
diff --git a/tag-shared-vpc-resources/az.tf b/tag-shared-vpc-resources/az.tf
new file mode 100644
index 0000000..92e6bbe
--- /dev/null
+++ b/tag-shared-vpc-resources/az.tf
@@ -0,0 +1,3 @@
+locals {
+  az_id_map = zipmap(data.aws_availability_zones.zones.zone_ids, data.aws_availability_zones.zones.names)
+}
diff --git a/tag-shared-vpc-resources/tag-subnets.tf b/tag-shared-vpc-resources/tag-subnets.tf
index afa96d8..c316649 100644
--- a/tag-shared-vpc-resources/tag-subnets.tf
+++ b/tag-shared-vpc-resources/tag-subnets.tf
@@ -24,10 +24,24 @@ data "aws_subnet" "subnet" {
 ##   value = data.aws_subnet.subnet
 ## }
 
+# the remap of the Name tag is needed because not always, is the AZ the same
+#  https://docs.aws.amazon.com/prescriptive-guidance/latest/patterns/use-consistent-availability-zones-in-vpcs-across-different-aws-accounts.html#:~:text=If%20you%20create%20VPCs%20in,to%20the%20same%20AZ%20ID.
+# we have the problem where id az1 is 1b in one account and it is 1a in another. This will remap them
+
 locals {
   _subnet_enabled  = var.tag_enabled_subnets
   subnets_tags     = { for k, v in data.aws_subnet.subnet : k => merge(v.tags, { "boc:vpc:owner_id" = v.owner_id }) }
   subnets_tags_map = flatten([for k, v in local.subnets_tags : [for tk, tv in v : { label = format("%v__%v", k, tk), subnet_id = k, key = tk, value = tv }]])
+
+  subnets_tag_remap = { for k, v in data.aws_subnet.subnet : k => {
+    source_az_name  = v.availability_zone
+    source_az_id    = v.availability_zone_id
+    source_tag_name = v.tags.Name
+    target_az_name  = local.az_id_map[v.availability_zone_id]
+    target_az_id    = v.availability_zone_id
+    target_tag_name = replace(v.tags.Name, v.availability_zone, local.az_id_map[v.availability_zone_id])
+    remap           = v.availability_zone != local.az_id_map[v.availability_zone_id]
+  } }
 }
 
 resource "aws_ec2_tag" "subnets" {
@@ -35,5 +49,5 @@ resource "aws_ec2_tag" "subnets" {
 
   resource_id = each.value.subnet_id
   key         = each.value.key
-  value       = each.value.value
+  value       = each.value.key == "Name" ? local.subnets_tag_remap[each.value.subnet_id].target_tag_name : each.value.value
 }