providers/aws: Retry deleting IAM Server Cert on dependency violation

[catsby]

This PR does some things. I would normally separate them, but the two issues it resolves (Fixes #3412 and Fixes #3275, Fixes #3301) ended up being kind of coupled so they get fixed in one swoop.

• retry deleting a server cert if it throws an error about being in use with an ELB (that we likely just deleted)
• retry creating the ELB if it fails regarding an IAM cert that doesn't exist (that we likely just created)
• includes test for ELB+IAM SSL cert bug dependency violation

[phinze]

LGTM

[johnhamelink]

@catsby has this made it into a release yet?

[catsby]

@johnhamelink yes, it was released in v0.6.7. Are you hitting something similar?

[aldarund]

@catsby im hitting similar. I want to change cert for ELB but fail with error.

• aws_iam_server_certificate.rent_cert: [WARN] Conflict deleting server certificate: Certificate: ASCAIN22VALXE7QYJO6OY is currently in use by arn:aws:elasticloadbalancing:us-east-1:133662108267:loadbalancer/rentapp-service-elb. Please remove it first before deleting it from IAM., retrying
  Isnt this PR supposed to fix this?

[aldarund]

@catsby even more. terraform when i first get this error created a new launch conf and didnt deleted old one, so it ended up being two ec2 launch conf ( i use create_before_destroy + name generate like describedc in docs)

[catsby]

The refresh logic here is for when the cert isn't found during the ELB creation, the error you post is regarding the cert itself.

Looks like aws_iam_server_certificate needs to have an auto generated name option for use with create_before_destroy

[catsby]

I opened #4689 for the name generation

[ghost]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.