Duplicate declaration from create_resources, from query_facts

Hi all! I tried to make flexibly and abruptly but have received an array of problems. What i do? I use puppetdb, puppetlabs-firewall, and create_resource for permission of access to any services. My code: define profile::firewall::fgrant ( $fqdn = undef, $ipaddress = undef, $ipaddress_eth0 = undef, $ipaddress_eth1 = undef, $port = undef, $num = undef, $comment = undef, $proto = 'tcp', ) { if $ipaddress != undef { $real_ip = $ipaddress } if $ipaddress_eth0 != undef { $real_ip = $ipaddress_eth0 } if $ipaddress_eth1 != undef { $real_ip = $ipaddress_eth1 } firewall { "$num allow $title-$port to $comment": dport => $port, proto => $proto, source => "$real_ip", action => accept, } } This code i use for create firewall access. ipaddress, ipaddress_eth0 and ipaddress_eth1 need because i have many different virtual hostnigs providers - they have various schemes of a name private ip and public ip. What ip is i set from variable when get JSON: $lv_webs = query_facts("fqdn~\"$prj$env$instance-w.*\"", [ 'fqdn', $network_local ]) $network_local i define from variable "datacentr" in hiera and this work good. and at least how i define all this. Example how i create access all webs and all admins nodes (of specific project and environment and instance) for database to service sphinx (database::sphinx): $defaults = { 'num' => '230', 'comment' => 'sphinx', 'port' => '9312', } $lv_webs = query_facts("fqdn~\"$prj$env$instance-w.*\"", [ 'fqdn', $network_local ]) create_resources ( profile::firewall::fgrant, $lv_webs, $defaults ) $lv_admins = query_facts("fqdn~\"$prj$env$instance-a.*\"", [ 'fqdn', $network_local ]) create_resources ( profile::firewall::fgrant, $lv_admins, $defaults ) This work just great But if i need add access more than one service (with this method) i get Error : Duplicate declaration... $defaults = { 'num' => '240', 'comment' => 'memcached', 'port' => '11211', } $lv_webs = query_facts("fqdn~\"$prj$env$instance-w.*\"", [ 'fqdn', $network_local ]) create_resources ( profile::firewall::fgrant, $lv_webs, $defaults ) Because query_facts return array with same title. Duplicate declaration: Profile::Firewall::Fgrant[lcctest-w2] is already declared; First of all I think modify/concat title (from query_facts in variable $lv_webs) with port or "service name" and after call create_resources, but i dont know how this do in puppet =(. Thnx for any advise.