From ec5c7a6a4903e66b4e5aa67f6ea03ccc3ae3b363 Mon Sep 17 00:00:00 2001
From: Max <xamrennerb@gmail.com>
Date: Mon, 11 Jan 2021 14:47:56 +0100
Subject: [PATCH] add common tag ManagedBy: terraform (#73)

---
 .../cloudsdk_cicd/alb_ingress_controller.tf     |  1 +
 .../cloudsdk_lb_shared_resources.tf             |  3 ++-
 .../wifi-289708231103/cloudsdk_cicd/efs.tf      | 17 ++++++-----------
 .../wifi-289708231103/cloudsdk_cicd/eks.tf      | 11 +++++++----
 .../instance_candelatech_test_results.tf        |  7 ++++---
 .../cloudsdk_cicd/instance_ctf.tf               |  7 ++++---
 .../wifi-289708231103/cloudsdk_cicd/main.tf     |  3 ++-
 terraform/wifi-289708231103/cloudsdk_cicd/sg.tf |  4 ++--
 .../wifi-289708231103/cloudsdk_cicd/users.tf    |  1 +
 .../wifi-289708231103/cloudsdk_cicd/vpc.tf      |  2 ++
 .../cloudsdk_qa/alb_ingress_controller.tf       |  1 +
 .../cloudsdk_qa/cloudsdk_lb_shared_resources.tf |  2 +-
 terraform/wifi-289708231103/cloudsdk_qa/efs.tf  | 14 ++------------
 terraform/wifi-289708231103/cloudsdk_qa/eks.tf  | 11 +++++++----
 terraform/wifi-289708231103/cloudsdk_qa/vpc.tf  |  2 ++
 terraform/wifi-289708231103/dns/main.tf         | 13 ++++++++++---
 .../wifi-289708231103/tf_remote_state/main.tf   |  7 +++++++
 .../wifi-289708231103/tip-wifi-vpn/alerts.tf    |  7 +++++++
 .../wifi-289708231103/tip-wifi-vpn/main.tf      |  8 +++++++-
 .../tip-wifi-vpn/perfecto-vpn.tf                |  9 ++-------
 .../tip-wifi-vpn/transit_gateway.tf             |  4 +---
 terraform/wifi-289708231103/tip-wifi-vpn/vpn.tf |  9 ++-------
 22 files changed, 80 insertions(+), 63 deletions(-)

diff --git a/terraform/wifi-289708231103/cloudsdk_cicd/alb_ingress_controller.tf b/terraform/wifi-289708231103/cloudsdk_cicd/alb_ingress_controller.tf
index 346c296..1c64621 100644
--- a/terraform/wifi-289708231103/cloudsdk_cicd/alb_ingress_controller.tf
+++ b/terraform/wifi-289708231103/cloudsdk_cicd/alb_ingress_controller.tf
@@ -6,6 +6,7 @@ module "alb_ingress_iam_role" {
     aws_iam_policy.alb_ingress_iam_policy.arn,
   ]
   create_role = true
+  tags        = local.common_tags
 }
 
 resource "aws_iam_policy" "alb_ingress_iam_policy" {
diff --git a/terraform/wifi-289708231103/cloudsdk_cicd/cloudsdk_lb_shared_resources.tf b/terraform/wifi-289708231103/cloudsdk_cicd/cloudsdk_lb_shared_resources.tf
index a6e4557..2b1af6d 100644
--- a/terraform/wifi-289708231103/cloudsdk_cicd/cloudsdk_lb_shared_resources.tf
+++ b/terraform/wifi-289708231103/cloudsdk_cicd/cloudsdk_lb_shared_resources.tf
@@ -36,7 +36,7 @@ resource "aws_s3_bucket" "alb_logs" {
     }
   }
 
-  tags = local.tags
+  tags = local.common_tags
 
   lifecycle {
     prevent_destroy = true
@@ -83,6 +83,7 @@ resource "aws_acm_certificate" "cloudsdk" {
     format("*.%s.%s", var.deployment, var.base_domain)
   ]
   validation_method = "DNS"
+  tags              = local.common_tags
 
   lifecycle {
     create_before_destroy = true
diff --git a/terraform/wifi-289708231103/cloudsdk_cicd/efs.tf b/terraform/wifi-289708231103/cloudsdk_cicd/efs.tf
index 545f2e3..a198384 100644
--- a/terraform/wifi-289708231103/cloudsdk_cicd/efs.tf
+++ b/terraform/wifi-289708231103/cloudsdk_cicd/efs.tf
@@ -3,11 +3,9 @@ resource "aws_security_group" "efs" {
   description = "${var.org}-${var.project}-${var.env}-efs"
   vpc_id      = module.vpc_main.vpc_id
 
-  tags = {
-    Name        = "${var.org}-${var.project}-${var.env}"
-    Project     = var.project
-    Environment = var.env
-  }
+  tags = merge({
+    Name = "${var.org}-${var.project}-${var.env}"
+  }, local.common_tags)
 }
 
 resource "aws_security_group_rule" "efs_ingress" {
@@ -21,12 +19,9 @@ resource "aws_security_group_rule" "efs_ingress" {
 
 resource "aws_efs_file_system" "default" {
   creation_token = "${var.org}-${var.project}-${var.env}-default"
-
-  tags = {
-    Name        = "${var.org}-${var.project}-${var.env}-default"
-    Project     = var.project
-    Environment = var.env
-  }
+  tags = merge({
+    Name = "${var.org}-${var.project}-${var.env}"
+  }, local.common_tags)
 }
 
 resource "aws_efs_mount_target" "default" {
diff --git a/terraform/wifi-289708231103/cloudsdk_cicd/eks.tf b/terraform/wifi-289708231103/cloudsdk_cicd/eks.tf
index c49fb1a..b8b2ca9 100644
--- a/terraform/wifi-289708231103/cloudsdk_cicd/eks.tf
+++ b/terraform/wifi-289708231103/cloudsdk_cicd/eks.tf
@@ -24,7 +24,7 @@ module "eks" {
   cluster_name = local.cluster_name
   subnets      = module.vpc_main.private_subnets
   vpc_id       = module.vpc_main.vpc_id
-  tags         = merge({ "Name" = local.cluster_name }, local.tags)
+  tags         = merge({ "Name" = local.cluster_name }, local.common_tags)
 
   workers_group_defaults = {
     ami_type           = "AL2_x86_64"
@@ -83,9 +83,10 @@ locals {
   public_subnets_merged       = join(" ", module.vpc_main.public_subnets)
   private_subnets_merged      = join(" ", module.vpc_main.private_subnets)
   cluster_name                = "${var.org}-${var.project}-${var.env}"
-  tags = {
-    "Env"     = var.env
-    "Project" = var.project
+  common_tags = {
+    "Env"       = var.env
+    "Project"   = var.project
+    "ManagedBy" = "terraform"
   }
   user_roles = [
     {
@@ -124,6 +125,7 @@ module "external_dns_cluster_role" {
   provider_url     = local.oidc_provider_url
   role_policy_arns = [aws_iam_policy.external_dns.arn]
   create_role      = true
+  tags             = local.common_tags
 }
 
 resource "aws_iam_policy" "external_dns" {
@@ -182,6 +184,7 @@ module "cluster_autoscaler_cluster_role" {
   provider_url     = local.oidc_provider_url
   role_policy_arns = [aws_iam_policy.cluster_autoscaler.arn]
   create_role      = true
+  tags             = local.common_tags
 }
 
 resource "aws_iam_policy" "cluster_autoscaler" {
diff --git a/terraform/wifi-289708231103/cloudsdk_cicd/instance_candelatech_test_results.tf b/terraform/wifi-289708231103/cloudsdk_cicd/instance_candelatech_test_results.tf
index 87e0e9d..57bc7a2 100644
--- a/terraform/wifi-289708231103/cloudsdk_cicd/instance_candelatech_test_results.tf
+++ b/terraform/wifi-289708231103/cloudsdk_cicd/instance_candelatech_test_results.tf
@@ -33,16 +33,17 @@ resource "aws_instance" "wlan_candelatech_test_results" {
     delete_on_termination = true
   }
 
-  tags = {
+  tags = merge({
     "Name" : "${var.org}-${var.project}-${var.env} CandelaTech Test Results"
-  }
+  }, local.common_tags)
 }
 
 resource "aws_eip" "wlan_candelatech_test_results" {
   vpc      = true
   instance = aws_instance.wlan_candelatech_test_results.id
+  tags     = local.common_tags
 }
 
 output "wlan_candelatech_test_results_instance" {
   value = aws_eip.wlan_candelatech_test_results.public_ip
-}
\ No newline at end of file
+}
diff --git a/terraform/wifi-289708231103/cloudsdk_cicd/instance_ctf.tf b/terraform/wifi-289708231103/cloudsdk_cicd/instance_ctf.tf
index bab7e16..b2b20c4 100644
--- a/terraform/wifi-289708231103/cloudsdk_cicd/instance_ctf.tf
+++ b/terraform/wifi-289708231103/cloudsdk_cicd/instance_ctf.tf
@@ -34,16 +34,17 @@ resource "aws_instance" "wlan_ctf" {
     delete_on_termination = true
   }
 
-  tags = {
+  tags = merge({
     "Name" : "${var.org}-${var.project}-${var.env}-CTF"
-  }
+  }, local.common_tags)
 }
 
 resource "aws_eip" "wlan_ctf" {
   vpc      = true
   instance = aws_instance.wlan_ctf.id
+  tags     = local.common_tags
 }
 
 output "wlan_ctf_instance" {
   value = aws_eip.wlan_ctf.public_ip
-}
\ No newline at end of file
+}
diff --git a/terraform/wifi-289708231103/cloudsdk_cicd/main.tf b/terraform/wifi-289708231103/cloudsdk_cicd/main.tf
index d2fd1d2..744c5f3 100644
--- a/terraform/wifi-289708231103/cloudsdk_cicd/main.tf
+++ b/terraform/wifi-289708231103/cloudsdk_cicd/main.tf
@@ -18,6 +18,7 @@ terraform {
 resource "aws_key_pair" "wlan" {
   key_name   = "wlan"
   public_key = var.ssh_key
+  tags       = local.common_tags
 }
 
-data "aws_caller_identity" "current" {}
\ No newline at end of file
+data "aws_caller_identity" "current" {}
diff --git a/terraform/wifi-289708231103/cloudsdk_cicd/sg.tf b/terraform/wifi-289708231103/cloudsdk_cicd/sg.tf
index 1d5cb89..c09d870 100644
--- a/terraform/wifi-289708231103/cloudsdk_cicd/sg.tf
+++ b/terraform/wifi-289708231103/cloudsdk_cicd/sg.tf
@@ -1,7 +1,7 @@
 resource "aws_security_group" "wlan" {
   name_prefix = "wlan-tmp-"
   vpc_id      = module.vpc_main.vpc_id
-  tags        = { "Name" : "${var.env} instance" }
+  tags        = merge({ "Name" : "${var.env} instance" }, local.common_tags)
 }
 
 resource "aws_security_group_rule" "wlan_ingress_ssh" {
@@ -41,4 +41,4 @@ resource "aws_security_group_rule" "wlan_egress_all" {
   security_group_id = aws_security_group.wlan.id
   type              = "egress"
   cidr_blocks       = ["0.0.0.0/0"]
-}
\ No newline at end of file
+}
diff --git a/terraform/wifi-289708231103/cloudsdk_cicd/users.tf b/terraform/wifi-289708231103/cloudsdk_cicd/users.tf
index 96a5b92..f7114f3 100644
--- a/terraform/wifi-289708231103/cloudsdk_cicd/users.tf
+++ b/terraform/wifi-289708231103/cloudsdk_cicd/users.tf
@@ -1,6 +1,7 @@
 resource "aws_iam_user" "gh-actions-user" {
   name = "gh-actions-user"
   path = "/"
+  tags = local.common_tags
 }
 
 resource "aws_iam_user_policy" "lb_ro" {
diff --git a/terraform/wifi-289708231103/cloudsdk_cicd/vpc.tf b/terraform/wifi-289708231103/cloudsdk_cicd/vpc.tf
index ed99c2a..781cd9b 100644
--- a/terraform/wifi-289708231103/cloudsdk_cicd/vpc.tf
+++ b/terraform/wifi-289708231103/cloudsdk_cicd/vpc.tf
@@ -18,4 +18,6 @@ module "vpc_main" {
     "kubernetes.io/cluster/${local.cluster_name}" = "shared"
     "kubernetes.io/role/internal-elb"             = "1"
   }
+
+  tags = local.common_tags
 }
diff --git a/terraform/wifi-289708231103/cloudsdk_qa/alb_ingress_controller.tf b/terraform/wifi-289708231103/cloudsdk_qa/alb_ingress_controller.tf
index 346c296..1c64621 100644
--- a/terraform/wifi-289708231103/cloudsdk_qa/alb_ingress_controller.tf
+++ b/terraform/wifi-289708231103/cloudsdk_qa/alb_ingress_controller.tf
@@ -6,6 +6,7 @@ module "alb_ingress_iam_role" {
     aws_iam_policy.alb_ingress_iam_policy.arn,
   ]
   create_role = true
+  tags        = local.common_tags
 }
 
 resource "aws_iam_policy" "alb_ingress_iam_policy" {
diff --git a/terraform/wifi-289708231103/cloudsdk_qa/cloudsdk_lb_shared_resources.tf b/terraform/wifi-289708231103/cloudsdk_qa/cloudsdk_lb_shared_resources.tf
index 61a8613..4ed6dd2 100644
--- a/terraform/wifi-289708231103/cloudsdk_qa/cloudsdk_lb_shared_resources.tf
+++ b/terraform/wifi-289708231103/cloudsdk_qa/cloudsdk_lb_shared_resources.tf
@@ -36,7 +36,7 @@ resource "aws_s3_bucket" "alb_logs" {
     }
   }
 
-  tags = local.tags
+  tags = local.common_tags
 
   lifecycle {
     prevent_destroy = true
diff --git a/terraform/wifi-289708231103/cloudsdk_qa/efs.tf b/terraform/wifi-289708231103/cloudsdk_qa/efs.tf
index 545f2e3..2bd774b 100644
--- a/terraform/wifi-289708231103/cloudsdk_qa/efs.tf
+++ b/terraform/wifi-289708231103/cloudsdk_qa/efs.tf
@@ -2,12 +2,7 @@ resource "aws_security_group" "efs" {
   name        = "${var.org}-${var.project}-${var.env}-efs"
   description = "${var.org}-${var.project}-${var.env}-efs"
   vpc_id      = module.vpc_main.vpc_id
-
-  tags = {
-    Name        = "${var.org}-${var.project}-${var.env}"
-    Project     = var.project
-    Environment = var.env
-  }
+  tags        = merge({ Name = "${var.org}-${var.project}-${var.env}" }, local.common_tags)
 }
 
 resource "aws_security_group_rule" "efs_ingress" {
@@ -21,12 +16,7 @@ resource "aws_security_group_rule" "efs_ingress" {
 
 resource "aws_efs_file_system" "default" {
   creation_token = "${var.org}-${var.project}-${var.env}-default"
-
-  tags = {
-    Name        = "${var.org}-${var.project}-${var.env}-default"
-    Project     = var.project
-    Environment = var.env
-  }
+  tags           = merge({ Name = "${var.org}-${var.project}-${var.env}" }, local.common_tags)
 }
 
 resource "aws_efs_mount_target" "default" {
diff --git a/terraform/wifi-289708231103/cloudsdk_qa/eks.tf b/terraform/wifi-289708231103/cloudsdk_qa/eks.tf
index e6e316c..e40cc6e 100644
--- a/terraform/wifi-289708231103/cloudsdk_qa/eks.tf
+++ b/terraform/wifi-289708231103/cloudsdk_qa/eks.tf
@@ -24,7 +24,7 @@ module "eks" {
   cluster_name = local.cluster_name
   subnets      = module.vpc_main.private_subnets
   vpc_id       = module.vpc_main.vpc_id
-  tags         = merge({ "Name" = local.cluster_name }, local.tags)
+  tags         = merge({ "Name" = local.cluster_name }, local.common_tags)
 
   workers_group_defaults = {
     ami_type           = "AL2_x86_64"
@@ -82,9 +82,10 @@ locals {
   public_subnets_merged       = join(" ", module.vpc_main.public_subnets)
   private_subnets_merged      = join(" ", module.vpc_main.private_subnets)
   cluster_name                = "${var.org}-${var.project}-${var.env}"
-  tags = {
-    "Env"     = var.env
-    "Project" = var.project
+  common_tags = {
+    "Env"       = var.env
+    "Project"   = var.project
+    "ManagedBy" = "terraform"
   }
   admin_roles = [for role in var.eks_admin_roles : {
     rolearn  = "arn:aws:iam::${data.aws_caller_identity.current.account_id}:role/${role}"
@@ -116,6 +117,7 @@ module "external_dns_cluster_role" {
   provider_url     = local.oidc_provider_url
   role_policy_arns = [aws_iam_policy.external_dns.arn]
   create_role      = true
+  tags             = local.common_tags
 }
 
 resource "aws_iam_policy" "external_dns" {
@@ -174,6 +176,7 @@ module "cluster_autoscaler_cluster_role" {
   provider_url     = local.oidc_provider_url
   role_policy_arns = [aws_iam_policy.cluster_autoscaler.arn]
   create_role      = true
+  tags             = local.common_tags
 }
 
 resource "aws_iam_policy" "cluster_autoscaler" {
diff --git a/terraform/wifi-289708231103/cloudsdk_qa/vpc.tf b/terraform/wifi-289708231103/cloudsdk_qa/vpc.tf
index ed99c2a..781cd9b 100644
--- a/terraform/wifi-289708231103/cloudsdk_qa/vpc.tf
+++ b/terraform/wifi-289708231103/cloudsdk_qa/vpc.tf
@@ -18,4 +18,6 @@ module "vpc_main" {
     "kubernetes.io/cluster/${local.cluster_name}" = "shared"
     "kubernetes.io/role/internal-elb"             = "1"
   }
+
+  tags = local.common_tags
 }
diff --git a/terraform/wifi-289708231103/dns/main.tf b/terraform/wifi-289708231103/dns/main.tf
index eadac7c..d079818 100644
--- a/terraform/wifi-289708231103/dns/main.tf
+++ b/terraform/wifi-289708231103/dns/main.tf
@@ -21,8 +21,15 @@ terraform {
   }
 }
 
+locals {
+  common_tags = {
+    "ManagedBy" = "terraform"
+  }
+}
+
 resource "aws_route53_zone" "main" {
   name = var.main_zone_name
+  tags = local.common_tags
 }
 
 module "acm" {
@@ -38,10 +45,10 @@ module "acm" {
     "*.${var.main_zone_name}"
   ]
 
-  tags = {
+  tags = merge({
     eks      = true
     cloudsdk = true
-  }
+  }, local.common_tags)
 }
 
 output "zone_id" {
@@ -50,4 +57,4 @@ output "zone_id" {
 
 output "certificate_arn" {
   value = module.acm.this_acm_certificate_arn
-}
\ No newline at end of file
+}
diff --git a/terraform/wifi-289708231103/tf_remote_state/main.tf b/terraform/wifi-289708231103/tf_remote_state/main.tf
index 7649d09..dcf2732 100644
--- a/terraform/wifi-289708231103/tf_remote_state/main.tf
+++ b/terraform/wifi-289708231103/tf_remote_state/main.tf
@@ -3,12 +3,19 @@ provider "aws" {
   region  = var.aws_region
 }
 
+locals {
+  common_tags = {
+    "ManagedBy" = "terraform"
+  }
+}
+
 module "terraform_state_backend" {
   source         = "git::https://github.com/cloudposse/terraform-aws-tfstate-backend.git?ref=0.18.0"
   region         = "us-east-1"
   name           = "terraform"
   s3_bucket_name = "tip-wifi-tfstate"
   attributes     = ["state"]
+  tags           = local.common_tags
 }
 
 output "remote_state_config" {
diff --git a/terraform/wifi-289708231103/tip-wifi-vpn/alerts.tf b/terraform/wifi-289708231103/tip-wifi-vpn/alerts.tf
index a3b8d41..a152f96 100644
--- a/terraform/wifi-289708231103/tip-wifi-vpn/alerts.tf
+++ b/terraform/wifi-289708231103/tip-wifi-vpn/alerts.tf
@@ -14,6 +14,7 @@ resource "aws_cloudwatch_metric_alarm" "vpn_state" {
   alarm_description = "VPN Tunnel State"
   alarm_actions     = [aws_sns_topic.vpn_cloudwatch_alarms.arn]
   ok_actions        = [aws_sns_topic.vpn_cloudwatch_alarms.arn]
+  tags              = local.common_tags
 }
 
 resource "aws_cloudwatch_metric_alarm" "vpn_outgoing_data" {
@@ -33,6 +34,7 @@ resource "aws_cloudwatch_metric_alarm" "vpn_outgoing_data" {
   alarm_description = "VPN Outgoing Data"
   alarm_actions     = [aws_sns_topic.vpn_cloudwatch_alarms.arn]
   ok_actions        = [aws_sns_topic.vpn_cloudwatch_alarms.arn]
+  tags              = local.common_tags
 }
 
 resource "aws_cloudwatch_metric_alarm" "tgw_incoming" {
@@ -50,6 +52,7 @@ resource "aws_cloudwatch_metric_alarm" "tgw_incoming" {
   alarm_description = "Transit Gateway Incoming Data"
   alarm_actions     = [aws_sns_topic.vpn_cloudwatch_alarms.arn]
   ok_actions        = [aws_sns_topic.vpn_cloudwatch_alarms.arn]
+  tags              = local.common_tags
 }
 
 resource "aws_cloudwatch_metric_alarm" "tgw_outgoing_data" {
@@ -67,6 +70,7 @@ resource "aws_cloudwatch_metric_alarm" "tgw_outgoing_data" {
   alarm_description = "Transit Gateway Outgoing Data"
   alarm_actions     = [aws_sns_topic.vpn_cloudwatch_alarms.arn]
   ok_actions        = [aws_sns_topic.vpn_cloudwatch_alarms.arn]
+  tags              = local.common_tags
 }
 
 resource "aws_cloudwatch_metric_alarm" "tgw_packet_drops" {
@@ -77,6 +81,7 @@ resource "aws_cloudwatch_metric_alarm" "tgw_packet_drops" {
   alarm_description   = "Transit Gateway Packet Drops"
   alarm_actions       = [aws_sns_topic.vpn_cloudwatch_alarms.arn]
   ok_actions          = [aws_sns_topic.vpn_cloudwatch_alarms.arn]
+  tags                = local.common_tags
 
   metric_query {
     id          = "total_drops"
@@ -114,10 +119,12 @@ resource "aws_cloudwatch_metric_alarm" "tgw_packet_drops" {
 
 resource "aws_sns_topic" "vpn_cloudwatch_alarms" {
   name = "vpn_cloudwatch_alarms"
+  tags = local.common_tags
 }
 
 resource "aws_cloudformation_stack" "atlassian_cloud_backup_email_notification" {
   name          = "atlassian-cloud-backup"
+  tags          = local.common_tags
   template_body = <<EOT
 AWSTemplateFormatVersion: 2010-09-09
 Resources:
diff --git a/terraform/wifi-289708231103/tip-wifi-vpn/main.tf b/terraform/wifi-289708231103/tip-wifi-vpn/main.tf
index bfc4f5f..50cc41a 100644
--- a/terraform/wifi-289708231103/tip-wifi-vpn/main.tf
+++ b/terraform/wifi-289708231103/tip-wifi-vpn/main.tf
@@ -25,4 +25,10 @@ data "terraform_remote_state" "wlan_main" {
     dynamodb_table = "terraform-state-lock"
     encrypt        = true
   }
-}
\ No newline at end of file
+}
+
+locals {
+  common_tags = {
+    "ManagedBy" = "terraform"
+  }
+}
diff --git a/terraform/wifi-289708231103/tip-wifi-vpn/perfecto-vpn.tf b/terraform/wifi-289708231103/tip-wifi-vpn/perfecto-vpn.tf
index db6c1a0..63d5f2e 100644
--- a/terraform/wifi-289708231103/tip-wifi-vpn/perfecto-vpn.tf
+++ b/terraform/wifi-289708231103/tip-wifi-vpn/perfecto-vpn.tf
@@ -2,10 +2,7 @@ resource "aws_customer_gateway" "tunnel_perfecto" {
   bgp_asn    = 65000
   ip_address = "23.21.201.213"
   type       = "ipsec.1"
-
-  tags = {
-    Name = "tunnel-perfecto"
-  }
+  tags       = merge({ Name = "tunnel-perfecto" }, local.common_tags)
 }
 
 resource "aws_vpn_connection" "tunnel-perfecto" {
@@ -13,9 +10,7 @@ resource "aws_vpn_connection" "tunnel-perfecto" {
   transit_gateway_id  = module.tgw_main.this_ec2_transit_gateway_id
   type                = "ipsec.1"
   static_routes_only  = true
-  tags = {
-    Name = "tunnel-perfecto"
-  }
+  tags                = merge({ Name = "tunnel-perfecto" }, local.common_tags)
 }
 
 resource "aws_ec2_transit_gateway_route" "tunnel-perfecto" {
diff --git a/terraform/wifi-289708231103/tip-wifi-vpn/transit_gateway.tf b/terraform/wifi-289708231103/tip-wifi-vpn/transit_gateway.tf
index 6089643..8160375 100644
--- a/terraform/wifi-289708231103/tip-wifi-vpn/transit_gateway.tf
+++ b/terraform/wifi-289708231103/tip-wifi-vpn/transit_gateway.tf
@@ -13,9 +13,7 @@ module "tgw_main" {
     }
   }
 
-  tags = {
-    Name = "tip-wifi-nrg"
-  }
+  tags = merge({ Name = "tip-wifi-nrg" }, local.common_tags)
 }
 
 resource "aws_route" "private" {
diff --git a/terraform/wifi-289708231103/tip-wifi-vpn/vpn.tf b/terraform/wifi-289708231103/tip-wifi-vpn/vpn.tf
index a3f84ac..eff0aa5 100644
--- a/terraform/wifi-289708231103/tip-wifi-vpn/vpn.tf
+++ b/terraform/wifi-289708231103/tip-wifi-vpn/vpn.tf
@@ -2,10 +2,7 @@ resource "aws_customer_gateway" "tunnel_tip_wifi_nrg" {
   bgp_asn    = 65000
   ip_address = var.nrg_vpn_endpoint_ip
   type       = "ipsec.1"
-
-  tags = {
-    Name = "tip-wifi-nrg"
-  }
+  tags       = merge({ Name = "tip-wifi-nrg" }, local.common_tags)
 }
 
 resource "aws_vpn_connection" "tunnel_tip_wifi_nrg" {
@@ -13,7 +10,5 @@ resource "aws_vpn_connection" "tunnel_tip_wifi_nrg" {
   transit_gateway_id  = module.tgw_main.this_ec2_transit_gateway_id
   type                = "ipsec.1"
   static_routes_only  = true
-  tags = {
-    Name = "tunnel-tip-wifi-nrg"
-  }
+  tags                = merge({ Name = "tip-wifi-nrg" }, local.common_tags)
 }