terraform-community-modules / tf_aws_elasticache_redis Goto Github PK

Error running plan: 1 error(s) occurred:

* module.redis.aws_security_group_rule.redis_ingress: aws_security_group_rule.redis_ingress: value of 'count' cannot be computed

While attempting to use the option allowed_security_groups

  source         = "github.com/terraform-community-modules/tf_aws_elasticache_redis?ref=1.0.1"
  env            = "${var.env}"
  name           = "${var.project}"
  redis_clusters = "2"
  redis_failover = "true"
  subnets        = "${var.data_subnet_list}"
  vpc_id         = "${var.vpc_id}"
  allowed_security_groups = ["${aws_security_group.instance.id}"]
}

I understand the issue here as the instance security group has not yet been created it can't be counted. Seems to be understood see hashicorp/terraform#10857

This only failed for me when i destroyed and attempted to rebuild my stack from scratch. Previous as my instance already had been built it was not an issue.

I'm unsure of what exactly the solution to this is.

Anytime I make a change to terraform configuration and/or attempt to apply changes multiple times after an initial application of the configuration I get errors.

Steps to Reproduce:

1. Define a module in terraform such as:
   module "redis" { source = "github.com/terraform-community-modules/tf_aws_elasticache_redis?ref=v1.3.1" env = "${var.environment}" name = "${var.cluster_name}-${var.environment}-redis" redis_clusters = "2" redis_failover = "true" redis_version = "4.0.10" subnets = "${module.vpc.database_subnets}" vpc_id = "${module.vpc.vpc_id}" }
2. Apply the module with terraform apply
3. Apply the module again with terraform apply

Expected Results:
No changes are made in step 3 and a success is returned.

Actual Results:
The following failure occurs.
`Error: Error refreshing state: 3 error(s) occurred:

• module.redis.aws_security_group.redis_security_group: 1 error(s) occurred:

• module.redis.aws_security_group.redis_security_group: At column 76, line 1: map "data.aws_vpc.vpc.tags" does not have homogenous types. found TypeString and then TypeMap in:

${format("%.255s", "tf-sg-ec-${var.name}-${var.env}-${data.aws_vpc.vpc.tags["Name"]}")}

• module.redis.aws_elasticache_subnet_group.redis_subnet_group: 1 error(s) occurred:

• module.redis.aws_elasticache_subnet_group.redis_subnet_group: At column 98, line 1: map "data.aws_vpc.vpc.tags" does not have homogenous types. found TypeMap and then TypeString in:

${replace(format("%.255s", lower(replace("tf-redis-${var.name}-${var.env}-${data.aws_vpc.vpc.tags["Name"]}", "_", "-"))), "/\s/", "-")}

• module.redis.aws_elasticache_parameter_group.redis_parameter_group: 1 error(s) occurred:

• module.redis.aws_elasticache_parameter_group.redis_parameter_group: At column 98, line 1: map "data.aws_vpc.vpc.tags" does not have homogenous types. found TypeMap and then TypeString in:

${replace(format("%.255s", lower(replace("tf-redis-${var.name}-${var.env}-${data.aws_vpc.vpc.tags["Name"]}", "_", "-"))), "/\s/", "-")}`

As long, as there exists a tf_aws_sg [1] module; there is no reason to maintain security_groups.tf separately. Security groups should be rewritten and we should use sg module.

It looks like v1.3.0 actually forces the addition and deletion of a number of resources if you are running an older version, this would be good to call out, and maybe create a v2.0.0 release at that change point. Probably shouldn't remove the v1.3.0/v1.3.1 release as folks might be using them, but I wanted to call it out as a gotcha to someone already using this module and looking to bump up to a newer version safely.

https://github.com/terraform-community-modules/tf_aws_elasticache_redis/releases/tag/v1.3.0

Hey folks,

Updating our Redis (AWS ElasticCache) using a pipeline with terraform 11.11 we saw a conflict where the redis_parameter_group had the same salt word in different pipelines execution. The fix 2cf697a looked like good.

So we did a test with your approach in 2cf697a:

resource "random_id" "salt" {
  byte_length = 8
}
output test_random {
  value = "${random_id.salt.hex}"
}

And after applying it we saw:

./terraform apply
random_id.salt: Refreshing state... [id=dOmiq650dIs]
Apply complete! Resources: 0 added, 0 changed, 0 destroyed.
Outputs:
test_random = 74e9a2abae74748b
code/Playground/terraform-locals
▶ ./terraform apply
random_id.salt: Refreshing state... [id=dOmiq650dIs]
Apply complete! Resources: 0 added, 0 changed, 0 destroyed.
Outputs:
test_random = 74e9a2abae74748b
code/Playground/terraform-locals
▶ ./terraform apply
random_id.salt: Refreshing state... [id=dOmiq650dIs]
Apply complete! Resources: 0 added, 0 changed, 0 destroyed.
Outputs:
test_random = 74e9a2abae74748b

As you can see.. .the salt is always the same and the conflict/problem looks like not solved.

Following the documentation https://www.terraform.io/docs/providers/random/r/id.html#keepers
we saw keepers might solve this problem. Using our same example, it would be something like this:

resource "random_id" "salt" {
  keepers = {
    date = "${timestamp()}"
  }
  byte_length = 8
}

and it worked! And we made the same test with terraform 12 and this case is exactly the same.

This said, my question is: am I missing anything here? was your fix working? how was it tested?

Thanks!!!

Terraform v0.12.2

• provider.aws v2.15.0
• provider.random v2.1.2

 Error: Unsupported argument

  on ../../modules/tf_aws_elasticache_redis/main.tf line 34, in resource "aws_elasticache_parameter_group" "redis_parameter_group":
  34:   parameter = "${var.redis_parameters}"

An argument named "parameter" is not expected here. Did you mean to define a
block of type "parameter"?

Possible to add in tags support as parameter for us to pass in?

Hi all,

Currently when a VPC name contains a point, aws_elasticache_parameter_group"."redis_parameter_group" and aws_elasticache_subnet_group.redis_subnet_group cannot be created.
Their names are composed from VPC name.

Error: Error creating Cache Parameter Group: InvalidParameterValue: The parameter CacheParameterGroupName is not a valid identifier. 
Identifiers must begin with a letter; must contain only ASCII letters, digits, and hyphens; and must not end with a hyphen or contain two consecutive hyphens.
        status code: 400, request id: 10a7b254-9796-43f0-9cb8-31fd4c43db2d



Error: Error creating CacheSubnetGroup: InvalidParameterValue: The parameter CacheSubnetGroupName is not a valid identifier. 
Identifiers must begin with a letter; must contain only ASCII letters, digits, and hyphens; and must not end with a hyphen or contain two consecutive hyphens.
        status code: 400, request id: 45b5aec9-683f-4059-9820-32ade87a6d6e

Best Regards,

Problem Description

If the input vpc_id variable refers to a VPC that does not have a Name tag, terraform plan and terraform apply fail like this:

Error: Error refreshing state: 3 error(s) occurred:

* module.redis.aws_elasticache_parameter_group.redis_parameter_group: 1 error(s) occurred:

* module.redis.aws_elasticache_parameter_group.redis_parameter_group: At column 98, line 1: map "data.aws_vpc.vpc.tags" does not have any elements so cannot determine type. in:

${replace(format("%.255s", lower(replace("tf-redis-${var.name}-${var.env}-${data.aws_vpc.vpc.tags["Name"]}", "_", "-"))), "/\\s/", "-")}
* module.redis.aws_elasticache_subnet_group.redis_subnet_group: 1 error(s) occurred:

* module.redis.aws_elasticache_subnet_group.redis_subnet_group: At column 98, line 1: map "data.aws_vpc.vpc.tags" does not have any elements so cannot determine type. in:

${replace(format("%.255s", lower(replace("tf-redis-${var.name}-${var.env}-${data.aws_vpc.vpc.tags["Name"]}", "_", "-"))), "/\\s/", "-")}
* module.redis.aws_security_group.redis_security_group: 1 error(s) occurred:

* module.redis.aws_security_group.redis_security_group: At column 56, line 1: map "data.aws_vpc.vpc.tags" does not have any elements so cannot determine type. in:

tf-sg-ec-${var.name}-${var.env}-${data.aws_vpc.vpc.tags["Name"]}

Proposed Solution

Add a local variable, local.vpc_name, and set the value of it using coalesce so that it uses the Name tag of the VPC if it exists, or a hardcoded string like redis-vpc otherwise.

Since the module is not published in the Terraform repos, but on GitHub it cannot be sourced using the keyword source together with the keyword version.

For example,

source  = "github.com/terraform-community-modules/tf_aws_elasticache_redis.git"
version = "~> 2.0"

does not work and should be changed to

source  = "github.com/terraform-community-modules/tf_aws_elasticache_redis.git?ref=v2.2.0"

The readme should be fixed accordingly

Hello. Not sure if we've run into a bug here or are simply misunderstanding the intended use of the env variable. My expectation was that two clusters with the same name but unique envs would successfully be created as discrete logical entities, though that didn't work out as expected. I can see an easy PR to fix the issue reported by interpolating${var.env} into not only the cache cluster name (as the code is written today) but also in the names of the other module-managed resources, where it is missing. Note that such a "fix" could be a breaking change for folks already using this module when upgrading as some of their existing resources may be destroyed due to name/ID changes. I haven't yet run down the implications of the proposed fix. Thoughts? Thanks!

Tag:

v1.2.0

Steps to Reproduce:

• Create a cluster with name=helloworld, env=dev
• Create a cluster with name=helloworld, env=prod

Expected Behavior:

Both clusters are created

Observed Behavior:

Creation of env=prod cluster fails with the following error:

Error: Error applying plan:

3 error(s) occurred:

* module.redis.aws_elasticache_subnet_group.redis_subnet_group: 1 error(s) occurred:

* aws_elasticache_subnet_group.redis_subnet_group: Error creating CacheSubnetGroup: CacheSubnetGroupAlreadyExists: Cache subnet group tf-redis-helloworld-aae-e-1 already exists.
	status code: 400, request id: d1a54ff8-218c-11e8-9169-43a82c63ebcc
* module.redis.aws_elasticache_parameter_group.redis_parameter_group: 1 error(s) occurred:

* aws_elasticache_parameter_group.redis_parameter_group: Error creating Cache Parameter Group: CacheParameterGroupAlreadyExists: Parameter group tf-redis-helloworld-aae-e-1 already exists
	status code: 400, request id: d1ad1807-218c-11e8-a11d-6b63902e2caf
* module.redis.aws_security_group.redis_security_group: 1 error(s) occurred:

* aws_security_group.redis_security_group: Error creating Security Group: InvalidGroup.Duplicate: The security group 'tf-sg-ec-helloworld-aae-e-1' already exists for VPC 'vpc-290bf84f'
	status code: 400, request id: a24717c1-df3b-42b5-916f-d32cd9a8c876

For reference, here's my test code, where the TF workspace (${terraform.env}) is being manipulated to drive the module's env setting.

/* omitted vars & data sources */

module "redis" {
  source          = "github.com/terraform-community-modules/tf_aws_elasticache_redis?ref=v1.2.0"
  allowed_cidr    = "${var.allowed_cidrs}"
  env             = "${terraform.env}"
  name            = "${var.cluster_name}"
  redis_clusters  = "${var.cache_node_count}"
  redis_failover  = "true"
  redis_node_type = "${var.cache_node_type}"
  redis_version   = "${var.redis_version}"
  subnets         = "${data.aws_subnet_ids.selected.ids}"
  vpc_id          = "${data.aws_vpc.selected.id}"
}

I received the following errors while trying to use this module:

* aws_elasticache_subnet_group.redis_subnet_group: Error creating CacheSubnetGroup: InvalidParameterValue: The parameter CacheSubnetGroupName is not a valid identifier. Identifiers must begin with a letter; must contain only ASCII letters, digits, and hyphens; and must not end with a hyphen or contain two consecutive hyphens.
	status code: 400, request id: d6037af0-3e99-11e7-9aa8-573aaeaa8fe0
* module.redis.aws_elasticache_parameter_group.redis_parameter_group: 1 error(s) occurred:

* aws_elasticache_parameter_group.redis_parameter_group: Error creating Cache Parameter Group: InvalidParameterValue: The parameter CacheParameterGroupName is not a valid identifier. Identifiers must begin with a letter; must contain only ASCII letters, digits, and hyphens; and must not end with a hyphen or contain two consecutive hyphens.
	status code: 400, request id: d60464d2-3e99-11e7-b077-5967719aeab4

I believe the issue relates to the use of the vpc.tags["Name"] in main.tf on line 20 and 26. It's not clear that from the Readme that this needs to be set and in my case the Name tag on my VPC contains a space, hence the error. Simply removing -${data.aws_vpc.vpc.tags["Name"]} fixes the issue for me, perhaps I'm missing the need to add this addition information to these 2 groups