cjcjameson/gist:b430e1b7fc4a196538831a5d40eb7567

## gistfile1.txt
Truncated for privacy

...

An execution plan has been generated and is shown below.
2018/12/11 16:25:38 [DEBUG] command: asking for input: "Do you want to perform these actions?"
Resource actions are indicated with the following symbols:
-/+ destroy and then create replacement

Terraform will perform the following actions:

-/+ aws_security_group.sg-elsrc (new resource required)
      id:                                    "sg-0fec0a8972ef2ede6" => <computed> (forces new resource)
      arn:                                   "arn:aws:ec2:us-west-2:622895713312:security-group/sg-0fec0a8972ef2ede6" => <computed>
      description:                           "Elasticsearch from NLP" => "Managed by Terraform" (forces new resource)
      name:                                  "nlp-dev-poc-sg-elsrc" => "nlp-dev-poc-sg-elsrc"

...

Plan: 1 to add, 0 to change, 1 to destroy.

Do you want to perform these actions?
  Terraform will perform the actions described above.
  Only 'yes' will be accepted to approve.

  Enter a value: yes

2018/12/11 16:25:45 [INFO] terraform: building graph: GraphTypeApply
    "false" => "false"

...

2018/12/11 16:25:45 [TRACE] Graph after step *terraform.AttachStateTransformer:

aws_security_group.sg-elsrc - *terraform.NodeApplyableResource
aws_security_group.sg-elsrc (destroy) - *terraform.NodeDestroyResource
2018/12/11 16:25:45 [DEBUG] resource aws_security_group.sg-elsrc (destroy) using provider provider.aws
2018/12/11 16:25:45 [DEBUG] Attaching resource state to "aws_security_group.sg-elsrc": &terraform.ResourceState{Type:"aws_security_group", Dependencies:[]string{"data.aws_subnet.it_vpc_subnet", "data.terraform_remote_state.vpc"}, Primary:(*terraform.InstanceState)(0xc0000b6410), Deposed:[]*terraform.InstanceState{}, Provider:"provider.aws", mu:sync.Mutex{state:0, sema:0x0}}
2018/12/11 16:25:45 [DEBUG] Attaching resource state to "aws_security_group.sg-elsrc (destroy)": &terraform.ResourceState{Type:"aws_security_group", Dependencies:[]string{"data.aws_subnet.it_vpc_subnet", "data.terraform_remote_state.vpc"}, Primary:(*terraform.InstanceState)(0xc0000b6410), Deposed:[]*terraform.InstanceState{}, Provider:"provider.aws", mu:sync.Mutex{state:0, sema:0x0}}
2018/12/11 16:25:45 [TRACE] ProviderConfigTransformer: Starting for path: []
2018/12/11 16:25:45 [TRACE] Attach provider request: []string{} aws
2018/12/11 16:25:45 [TRACE] Attaching provider config: *config.ProviderConfig{Name:"aws", Alias:"", Version:"~> 1.51", RawConfig:(*config.RawConfig)(0xc0003f2620)}
2018/12/11 16:25:45 [TRACE] Graph after step *terraform.ProviderConfigTransformer:

aws_security_group.sg-elsrc - *terraform.NodeAbstractResource
aws_security_group.sg-elsrc (destroy) - *terraform.NodeDestroyResource
provider.aws - *terraform.NodeApplyableProvider
2018/12/11 16:25:45 [TRACE] Graph after step *terraform.MissingProviderTransformer:

aws_security_group.sg-elsrc - *terraform.NodeAbstractResource
aws_security_group.sg-elsrc (destroy) - *terraform.NodeDestroyResource
provider.aws - *terraform.NodeApplyableProvider
2018/12/11 16:25:45 [DEBUG] resource aws_security_group.sg-elsrc using provider provider.aws
2018/12/11 16:25:45 [DEBUG] resource aws_security_group.sg-elsrc (destroy) using provider provider.aws
2018/12/11 16:25:45 [TRACE] Graph after step *terraform.ProviderTransformer:

aws_security_group.sg-elsrc - *terraform.NodeAbstractResource
  provider.aws - *terraform.NodeApplyableProvider
aws_security_group.sg-elsrc (destroy) - *terraform.NodeDestroyResource
  provider.aws - *terraform.NodeApplyableProvider
provider.aws - *terraform.NodeApplyableProvider
2018/12/11 16:25:45 [TRACE] Graph after step *terraform.PruneProviderTransformer:

aws_security_group.sg-elsrc - *terraform.NodeAbstractResource
  provider.aws - *terraform.NodeApplyableProvider
aws_security_group.sg-elsrc (destroy) - *terraform.NodeDestroyResource
2018/12/11 16:25:45 [DEBUG] Attaching resource state to "aws_iam_service_linked_role.iam_to_es": &terraform.ResourceState{Type:"aws_iam_service_linked_role", Dependencies:[]string{}, Primary:(*terraform.InstanceState)(0xc0000b63c0), Deposed:[]*terraform.InstanceState{}, Provider:"provider.aws", mu:sync.Mutex{state:0, sema:0x0}}
2018/12/11 16:25:45 [DEBUG] Attaching resource state to "aws_security_group.sg-elsrc": &terraform.ResourceState{Type:"aws_security_group", Dependencies:[]string{"data.aws_subnet.it_vpc_subnet", "data.terraform_remote_state.vpc"}, Primary:(*terraform.InstanceState)(0xc0000b6410), Deposed:[]*terraform.InstanceState{}, Provider:"provider.aws", mu:sync.Mutex{state:0, sema:0x0}}
2018/12/11 16:25:45 [DEBUG] Attaching resource state to "data.terraform_remote_state.vpc": &terraform.ResourceState{Type:"terraform_remote_state", Dependencies:[]string{}, Primary:(*terraform.InstanceState)(0xc0000b6370), Deposed:[]*terraform.InstanceState{}, Provider:"provider.terraform", mu:sync.Mutex{state:0, sema:0x0}}
2018/12/11 16:25:45 [DEBUG] Attaching resource state to "data.aws_subnet.it_vpc_subnet": &terraform.ResourceState{Type:"aws_subnet", Dependencies:[]string{"data.terraform_remote_state.vpc"}, Primary:(*terraform.InstanceState)(0xc0000b6460), Deposed:[]*terraform.InstanceState{}, Provider:"provider.aws", mu:sync.Mutex{state:0, sema:0x0}}
2018/12/11 16:25:45 [TRACE] Graph after step *terraform.AttachStateTransformer:

aws_iam_service_linked_role.iam_to_es - *terraform.NodeAbstractResource
aws_security_group.sg-elsrc - *terraform.NodeAbstractResource
data.aws_subnet.it_vpc_subnet - *terraform.NodeAbstractResource
data.terraform_remote_state.vpc - *terraform.NodeAbstractResource
2018/12/11 16:25:45 [DEBUG] ReferenceTransformer: "aws_iam_service_linked_role.iam_to_es" references: []
2018/12/11 16:25:45 [DEBUG] ReferenceTransformer: "aws_security_group.sg-elsrc" references: [data.aws_subnet.it_vpc_subnet data.terraform_remote_state.vpc]
2018/12/11 16:25:45 [DEBUG] ReferenceTransformer: "data.terraform_remote_state.vpc" references: []
2018/12/11 16:25:45 [DEBUG] ReferenceTransformer: "data.aws_subnet.it_vpc_subnet" references: [data.terraform_remote_state.vpc]
2018/12/11 16:25:45 [DEBUG] ReferenceTransformer: "aws_security_group.sg-elsrc (destroy)" references: []
2018/12/11 16:25:45 [DEBUG] ReferenceTransformer: "aws_security_group.sg-elsrc" references: []
2018/12/11 16:25:45 [DEBUG] ReferenceTransformer: "provider.aws" references: []
2018/12/11 16:25:45 [DEBUG] ReferenceTransformer: "var.size_aws_elasticsearch" references: []
2018/12/11 16:25:45 [DEBUG] Starting graph walk: walkApply

...

aws_security_group.sg-elsrc: Creating...
2018/12/11 16:25:46 [DEBUG] apply: aws_security_group.sg-elsrc: executing Apply
  arn:                                   "" => "<computed>"
  description:                           "" => "Managed by Terraform"

...

2018-12-11T16:25:46.262-0800 [DEBUG] plugin.terraform-provider-aws_v1.51.0_x4: Action=CreateSecurityGroup&GroupDescription=Managed+by+Terraform&GroupName=nlp-dev-poc-sg-elsrc&Version=2016-11-15&VpcId=vpc-018add86ee1a79b43

...

2018/12/11 16:25:46 [ERROR] root: eval: *terraform.EvalApplyPost, err: 1 error(s) occurred:

* aws_security_group.sg-elsrc: Error creating Security Group: InvalidGroup.Duplicate: The security group 'nlp-dev-poc-sg-elsrc' already exists for VPC 'vpc-018add86ee1a79b43'
	status code: 400, request id: 668b8296-becf-4204-b5da-6297b6d72c31
2018/12/11 16:25:46 [ERROR] root: eval: *terraform.EvalSequence, err: 1 error(s) occurred:

* aws_security_group.sg-elsrc: Error creating Security Group: InvalidGroup.Duplicate: The security group 'nlp-dev-poc-sg-elsrc' already exists for VPC 'vpc-018add86ee1a79b43'
	status code: 400, request id: 668b8296-becf-4204-b5da-6297b6d72c31
2018/12/11 16:25:46 [TRACE] [walkApply] Exiting eval tree: aws_security_group.sg-elsrc

...

2018/12/11 16:25:47 [DEBUG] plugin: waiting for all plugin processes to complete...
Error: Error applying plan:

1 error(s) occurred:

* aws_security_group.sg-elsrc: 1 error(s) occurred:

* aws_security_group.sg-elsrc: Error creating Security Group: InvalidGroup.Duplicate: The security group 'nlp-dev-poc-sg-elsrc' already exists for VPC 'vpc-018add86ee1a79b43'
	status code: 400, request id: 668b8296-becf-4204-b5da-6297b6d72c31

Terraform does not automatically rollback in the face of errors.
	Truncated for privacy

	...

	An execution plan has been generated and is shown below.
	2018/12/11 16:25:38 [DEBUG] command: asking for input: "Do you want to perform these actions?"
	Resource actions are indicated with the following symbols:
	-/+ destroy and then create replacement

	Terraform will perform the following actions:

	-/+ aws_security_group.sg-elsrc (new resource required)
	id: "sg-0fec0a8972ef2ede6" => <computed> (forces new resource)
	arn: "arn:aws:ec2:us-west-2:622895713312:security-group/sg-0fec0a8972ef2ede6" => <computed>
	description: "Elasticsearch from NLP" => "Managed by Terraform" (forces new resource)
	name: "nlp-dev-poc-sg-elsrc" => "nlp-dev-poc-sg-elsrc"

	...

	Plan: 1 to add, 0 to change, 1 to destroy.

	Do you want to perform these actions?
	Terraform will perform the actions described above.
	Only 'yes' will be accepted to approve.

	Enter a value: yes

	2018/12/11 16:25:45 [INFO] terraform: building graph: GraphTypeApply
	"false" => "false"

	...

	2018/12/11 16:25:45 [TRACE] Graph after step *terraform.AttachStateTransformer:

	aws_security_group.sg-elsrc - *terraform.NodeApplyableResource
	aws_security_group.sg-elsrc (destroy) - *terraform.NodeDestroyResource
	2018/12/11 16:25:45 [DEBUG] resource aws_security_group.sg-elsrc (destroy) using provider provider.aws
	2018/12/11 16:25:45 [DEBUG] Attaching resource state to "aws_security_group.sg-elsrc": &terraform.ResourceState{Type:"aws_security_group", Dependencies:[]string{"data.aws_subnet.it_vpc_subnet", "data.terraform_remote_state.vpc"}, Primary:(terraform.InstanceState)(0xc0000b6410), Deposed:[]terraform.InstanceState{}, Provider:"provider.aws", mu:sync.Mutex{state:0, sema:0x0}}
	2018/12/11 16:25:45 [DEBUG] Attaching resource state to "aws_security_group.sg-elsrc (destroy)": &terraform.ResourceState{Type:"aws_security_group", Dependencies:[]string{"data.aws_subnet.it_vpc_subnet", "data.terraform_remote_state.vpc"}, Primary:(terraform.InstanceState)(0xc0000b6410), Deposed:[]terraform.InstanceState{}, Provider:"provider.aws", mu:sync.Mutex{state:0, sema:0x0}}
	2018/12/11 16:25:45 [TRACE] ProviderConfigTransformer: Starting for path: []
	2018/12/11 16:25:45 [TRACE] Attach provider request: []string{} aws
	2018/12/11 16:25:45 [TRACE] Attaching provider config: config.ProviderConfig{Name:"aws", Alias:"", Version:"~> 1.51", RawConfig:(config.RawConfig)(0xc0003f2620)}
	2018/12/11 16:25:45 [TRACE] Graph after step *terraform.ProviderConfigTransformer:

	aws_security_group.sg-elsrc - *terraform.NodeAbstractResource
	aws_security_group.sg-elsrc (destroy) - *terraform.NodeDestroyResource
	provider.aws - *terraform.NodeApplyableProvider
	2018/12/11 16:25:45 [TRACE] Graph after step *terraform.MissingProviderTransformer:

	aws_security_group.sg-elsrc - *terraform.NodeAbstractResource
	aws_security_group.sg-elsrc (destroy) - *terraform.NodeDestroyResource
	provider.aws - *terraform.NodeApplyableProvider
	2018/12/11 16:25:45 [DEBUG] resource aws_security_group.sg-elsrc using provider provider.aws
	2018/12/11 16:25:45 [DEBUG] resource aws_security_group.sg-elsrc (destroy) using provider provider.aws
	2018/12/11 16:25:45 [TRACE] Graph after step *terraform.ProviderTransformer:

	aws_security_group.sg-elsrc - *terraform.NodeAbstractResource
	provider.aws - *terraform.NodeApplyableProvider
	aws_security_group.sg-elsrc (destroy) - *terraform.NodeDestroyResource
	provider.aws - *terraform.NodeApplyableProvider
	provider.aws - *terraform.NodeApplyableProvider
	2018/12/11 16:25:45 [TRACE] Graph after step *terraform.PruneProviderTransformer:

	aws_security_group.sg-elsrc - *terraform.NodeAbstractResource
	provider.aws - *terraform.NodeApplyableProvider
	aws_security_group.sg-elsrc (destroy) - *terraform.NodeDestroyResource
	2018/12/11 16:25:45 [DEBUG] Attaching resource state to "aws_iam_service_linked_role.iam_to_es": &terraform.ResourceState{Type:"aws_iam_service_linked_role", Dependencies:[]string{}, Primary:(terraform.InstanceState)(0xc0000b63c0), Deposed:[]terraform.InstanceState{}, Provider:"provider.aws", mu:sync.Mutex{state:0, sema:0x0}}
	2018/12/11 16:25:45 [DEBUG] Attaching resource state to "aws_security_group.sg-elsrc": &terraform.ResourceState{Type:"aws_security_group", Dependencies:[]string{"data.aws_subnet.it_vpc_subnet", "data.terraform_remote_state.vpc"}, Primary:(terraform.InstanceState)(0xc0000b6410), Deposed:[]terraform.InstanceState{}, Provider:"provider.aws", mu:sync.Mutex{state:0, sema:0x0}}
	2018/12/11 16:25:45 [DEBUG] Attaching resource state to "data.terraform_remote_state.vpc": &terraform.ResourceState{Type:"terraform_remote_state", Dependencies:[]string{}, Primary:(terraform.InstanceState)(0xc0000b6370), Deposed:[]terraform.InstanceState{}, Provider:"provider.terraform", mu:sync.Mutex{state:0, sema:0x0}}
	2018/12/11 16:25:45 [DEBUG] Attaching resource state to "data.aws_subnet.it_vpc_subnet": &terraform.ResourceState{Type:"aws_subnet", Dependencies:[]string{"data.terraform_remote_state.vpc"}, Primary:(terraform.InstanceState)(0xc0000b6460), Deposed:[]terraform.InstanceState{}, Provider:"provider.aws", mu:sync.Mutex{state:0, sema:0x0}}
	2018/12/11 16:25:45 [TRACE] Graph after step *terraform.AttachStateTransformer:

	aws_iam_service_linked_role.iam_to_es - *terraform.NodeAbstractResource
	aws_security_group.sg-elsrc - *terraform.NodeAbstractResource
	data.aws_subnet.it_vpc_subnet - *terraform.NodeAbstractResource
	data.terraform_remote_state.vpc - *terraform.NodeAbstractResource
	2018/12/11 16:25:45 [DEBUG] ReferenceTransformer: "aws_iam_service_linked_role.iam_to_es" references: []
	2018/12/11 16:25:45 [DEBUG] ReferenceTransformer: "aws_security_group.sg-elsrc" references: [data.aws_subnet.it_vpc_subnet data.terraform_remote_state.vpc]
	2018/12/11 16:25:45 [DEBUG] ReferenceTransformer: "data.terraform_remote_state.vpc" references: []
	2018/12/11 16:25:45 [DEBUG] ReferenceTransformer: "data.aws_subnet.it_vpc_subnet" references: [data.terraform_remote_state.vpc]
	2018/12/11 16:25:45 [DEBUG] ReferenceTransformer: "aws_security_group.sg-elsrc (destroy)" references: []
	2018/12/11 16:25:45 [DEBUG] ReferenceTransformer: "aws_security_group.sg-elsrc" references: []
	2018/12/11 16:25:45 [DEBUG] ReferenceTransformer: "provider.aws" references: []
	2018/12/11 16:25:45 [DEBUG] ReferenceTransformer: "var.size_aws_elasticsearch" references: []
	2018/12/11 16:25:45 [DEBUG] Starting graph walk: walkApply

	...

	aws_security_group.sg-elsrc: Creating...
	2018/12/11 16:25:46 [DEBUG] apply: aws_security_group.sg-elsrc: executing Apply
	arn: "" => "<computed>"
	description: "" => "Managed by Terraform"

	...

	2018-12-11T16:25:46.262-0800 [DEBUG] plugin.terraform-provider-aws_v1.51.0_x4: Action=CreateSecurityGroup&GroupDescription=Managed+by+Terraform&GroupName=nlp-dev-poc-sg-elsrc&Version=2016-11-15&VpcId=vpc-018add86ee1a79b43

	...

	2018/12/11 16:25:46 [ERROR] root: eval: *terraform.EvalApplyPost, err: 1 error(s) occurred:

	* aws_security_group.sg-elsrc: Error creating Security Group: InvalidGroup.Duplicate: The security group 'nlp-dev-poc-sg-elsrc' already exists for VPC 'vpc-018add86ee1a79b43'
	status code: 400, request id: 668b8296-becf-4204-b5da-6297b6d72c31
	2018/12/11 16:25:46 [ERROR] root: eval: *terraform.EvalSequence, err: 1 error(s) occurred:

	* aws_security_group.sg-elsrc: Error creating Security Group: InvalidGroup.Duplicate: The security group 'nlp-dev-poc-sg-elsrc' already exists for VPC 'vpc-018add86ee1a79b43'
	status code: 400, request id: 668b8296-becf-4204-b5da-6297b6d72c31
	2018/12/11 16:25:46 [TRACE] [walkApply] Exiting eval tree: aws_security_group.sg-elsrc

	...

	2018/12/11 16:25:47 [DEBUG] plugin: waiting for all plugin processes to complete...
	Error: Error applying plan:

	1 error(s) occurred:

	* aws_security_group.sg-elsrc: 1 error(s) occurred:

	* aws_security_group.sg-elsrc: Error creating Security Group: InvalidGroup.Duplicate: The security group 'nlp-dev-poc-sg-elsrc' already exists for VPC 'vpc-018add86ee1a79b43'
	status code: 400, request id: 668b8296-becf-4204-b5da-6297b6d72c31

	Terraform does not automatically rollback in the face of errors.