Namespace collision error creating clusters with same name, unique env

[rhenning]

Hello. Not sure if we've run into a bug here or are simply misunderstanding the intended use of the env variable. My expectation was that two clusters with the same name but unique envs would successfully be created as discrete logical entities, though that didn't work out as expected. I can see an easy PR to fix the issue reported by interpolating${var.env} into not only the cache cluster name (as the code is written today) but also in the names of the other module-managed resources, where it is missing. Note that such a "fix" could be a breaking change for folks already using this module when upgrading as some of their existing resources may be destroyed due to name/ID changes. I haven't yet run down the implications of the proposed fix. Thoughts? Thanks!

Tag:

v1.2.0

Steps to Reproduce:

• Create a cluster with name=helloworld, env=dev
• Create a cluster with name=helloworld, env=prod

Expected Behavior:

Both clusters are created

Observed Behavior:

Creation of env=prod cluster fails with the following error:

Error: Error applying plan:

3 error(s) occurred:

* module.redis.aws_elasticache_subnet_group.redis_subnet_group: 1 error(s) occurred:

* aws_elasticache_subnet_group.redis_subnet_group: Error creating CacheSubnetGroup: CacheSubnetGroupAlreadyExists: Cache subnet group tf-redis-helloworld-aae-e-1 already exists.
	status code: 400, request id: d1a54ff8-218c-11e8-9169-43a82c63ebcc
* module.redis.aws_elasticache_parameter_group.redis_parameter_group: 1 error(s) occurred:

* aws_elasticache_parameter_group.redis_parameter_group: Error creating Cache Parameter Group: CacheParameterGroupAlreadyExists: Parameter group tf-redis-helloworld-aae-e-1 already exists
	status code: 400, request id: d1ad1807-218c-11e8-a11d-6b63902e2caf
* module.redis.aws_security_group.redis_security_group: 1 error(s) occurred:

* aws_security_group.redis_security_group: Error creating Security Group: InvalidGroup.Duplicate: The security group 'tf-sg-ec-helloworld-aae-e-1' already exists for VPC 'vpc-290bf84f'
	status code: 400, request id: a24717c1-df3b-42b5-916f-d32cd9a8c876

For reference, here's my test code, where the TF workspace (${terraform.env}) is being manipulated to drive the module's env setting.

/* omitted vars & data sources */

module "redis" {
  source          = "github.com/terraform-community-modules/tf_aws_elasticache_redis?ref=v1.2.0"
  allowed_cidr    = "${var.allowed_cidrs}"
  env             = "${terraform.env}"
  name            = "${var.cluster_name}"
  redis_clusters  = "${var.cache_node_count}"
  redis_failover  = "true"
  redis_node_type = "${var.cache_node_type}"
  redis_version   = "${var.redis_version}"
  subnets         = "${data.aws_subnet_ids.selected.ids}"
  vpc_id          = "${data.aws_vpc.selected.id}"
}

[antonbabenko]

Thank you for the report. It happens because security group is being created without using var.env here, but it is used here. Pull request is welcome.

[rhenning]

Thanks for taking a look @antonbabenko! Here is the proposed fix in PR #12 with its implications documented.