Merge pull request hashicorp#3901 from terraform-providers/b-aws_lb_l…

…istener-update-certificatenotfound resource/aws_lb_listener: Retry CertificateNotFound errors on update for IAM eventual consistency
omeid · Mar 26, 2018 · dd604ed · dd604ed
2 parents 47a7b8b + 6c67b85
commit dd604ed
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 15 deletions.
diff --git a/aws/resource_aws_lb_listener.go b/aws/resource_aws_lb_listener.go
@@ -8,7 +8,6 @@ import (
 	"time"
 
 	"github.com/aws/aws-sdk-go/aws"
-	"github.com/aws/aws-sdk-go/aws/awserr"
 	"github.com/aws/aws-sdk-go/service/elbv2"
 	"github.com/hashicorp/errwrap"
 	"github.com/hashicorp/terraform/helper/resource"
@@ -127,16 +126,12 @@ func resourceAwsLbListenerCreate(d *schema.ResourceData, meta interface{}) error
 		var err error
 		log.Printf("[DEBUG] Creating LB listener for ARN: %s", d.Get("load_balancer_arn").(string))
 		resp, err = elbconn.CreateListener(params)
-		if awsErr, ok := err.(awserr.Error); ok {
-			if awsErr.Code() == "CertificateNotFound" {
-				log.Printf("[WARN] Got an error while trying to create LB listener for ARN: %s: %s", lbArn, err)
+		if err != nil {
+			if isAWSErr(err, elbv2.ErrCodeCertificateNotFoundException, "") {
 				return resource.RetryableError(err)
 			}
-		}
-		if err != nil {
 			return resource.NonRetryableError(err)
 		}
-
 		return nil
 	})
 
@@ -160,7 +155,7 @@ func resourceAwsLbListenerRead(d *schema.ResourceData, meta interface{}) error {
 		ListenerArns: []*string{aws.String(d.Id())},
 	})
 	if err != nil {
-		if isListenerNotFound(err) {
+		if isAWSErr(err, elbv2.ErrCodeListenerNotFoundException, "") {
 			log.Printf("[WARN] DescribeListeners - removing %s from state", d.Id())
 			d.SetId("")
 			return nil
@@ -232,7 +227,16 @@ func resourceAwsLbListenerUpdate(d *schema.ResourceData, meta interface{}) error
 		}
 	}
 
-	_, err := elbconn.ModifyListener(params)
+	err := resource.Retry(5*time.Minute, func() *resource.RetryError {
+		_, err := elbconn.ModifyListener(params)
+		if err != nil {
+			if isAWSErr(err, elbv2.ErrCodeCertificateNotFoundException, "") {
+				return resource.RetryableError(err)
+			}
+			return resource.NonRetryableError(err)
+		}
+		return nil
+	})
 	if err != nil {
 		return errwrap.Wrapf("Error modifying LB Listener: {{err}}", err)
 	}
@@ -253,11 +257,6 @@ func resourceAwsLbListenerDelete(d *schema.ResourceData, meta interface{}) error
 	return nil
 }
 
-func isListenerNotFound(err error) bool {
-	elberr, ok := err.(awserr.Error)
-	return ok && elberr.Code() == "ListenerNotFound"
-}
-
 func validateLbListenerActionType() schema.SchemaValidateFunc {
 	return validation.StringInSlice([]string{
 		elbv2.ActionTypeEnumForward,

diff --git a/aws/resource_aws_lb_listener_test.go b/aws/resource_aws_lb_listener_test.go
@@ -152,7 +152,7 @@ func testAccCheckAWSLBListenerDestroy(s *terraform.State) error {
 		}
 
 		// Verify the error
-		if isListenerNotFound(err) {
+		if isAWSErr(err, elbv2.ErrCodeListenerNotFoundException, "") {
 			return nil
 		} else {
 			return errwrap.Wrapf("Unexpected error checking LB Listener destroyed: {{err}}", err)