aws_lb_listener_certificate throws error parsing ELBv2 Listener Certificate ID if iam cert name contains "_" #17639
Description
Terraform Version
Terraform v0.13.5
Affected Resource(s)
- aws_lb_listener_certificate throws
Terraform Configuration Files
resource aws_lb_listener_certificate alb {
listener_arn = aws_lb_listener.alb.arn
certificate_arn = var.extra_lb_cert_arn
} Note that the extra_lb_cert_arn is an iam cert arn something like arn:aws:iam::221108671772:server-certificate/<example.domain.com>_Sep2019
Terraform Plan Error Output
Error: error parsing ELBv2 Listener Certificate ID (arn:aws:elasticloadbalancing:us-east-1:221108671772:listener/app///_arn:aws:iam::221108671772:server-certificate/<example.domain.com>_Sep2019): unexpected format for ID ("arn:aws:elasticloadbalancing:us-east-1:221108671772:listener/app///_arn:aws:iam::221108671772:server-certificate/<example.domain.com>_Sep2019"), expected listener-arn_certificate-arn
Expected Behavior
Terraform plan Success
Actual Behavior
- With aws release 3.27.0 terraform plan succeed
- With aws release 3.28.0 terraform plan throws about error
References
I believe the breaking change is introduced in this pull request: #16474
The ListenerCertificateParseID function expects the id has two parts split by _. But in the case where _ exists in the name of the cert, it fails this parse check.