Merge pull request #2871 from hashicorp/b-aws-server-sert-fixes

provider/aws: Fix issue with IAM Server Certificates and Chains

builtin/providers/aws/resource_aws_iam_server_certificate.go

@@ -4,6 +4,7 @@ import (
 	"crypto/sha1"
 	"encoding/hex"
 	"fmt"
+	"log"
 	"strings"
 
 	"github.com/aws/aws-sdk-go/aws"
@@ -34,8 +35,9 @@ func resourceAwsIAMServerCertificate() *schema.Resource {
 			},
 
 			"path": &schema.Schema{
-				Type:     schema.TypeBool,
+				Type:     schema.TypeString,
 				Optional: true,
+				Default:  "/",
 				ForceNew: true,
 			},
 
@@ -74,10 +76,11 @@ func resourceAwsIAMServerCertificateCreate(d *schema.ResourceData, meta interfac
 		createOpts.CertificateChain = aws.String(v.(string))
 	}
 
-	if v, ok := d.GetOk("Path"); ok {
+	if v, ok := d.GetOk("path"); ok {
 		createOpts.Path = aws.String(v.(string))
 	}
 
+	log.Printf("[DEBUG] Creating IAM Server Certificate with opts: %s", createOpts)
 	resp, err := conn.UploadServerCertificate(createOpts)
 	if err != nil {
 		if awsErr, ok := err.(awserr.Error); ok {
@@ -107,7 +110,12 @@ func resourceAwsIAMServerCertificateRead(d *schema.ResourceData, meta interface{
 	// these values should always be present, and have a default if not set in
 	// configuration, and so safe to reference with nil checks
 	d.Set("certificate_body", normalizeCert(resp.ServerCertificate.CertificateBody))
-	d.Set("certificate_chain", normalizeCert(resp.ServerCertificate.CertificateChain))
+
+	c := normalizeCert(resp.ServerCertificate.CertificateChain)
+	if c != "" {
+		d.Set("certificate_chain", c)
+	}
+
 	d.Set("path", resp.ServerCertificate.ServerCertificateMetadata.Path)
 	d.Set("arn", resp.ServerCertificate.ServerCertificateMetadata.ARN)
 
@@ -132,9 +140,10 @@ func resourceAwsIAMServerCertificateDelete(d *schema.ResourceData, meta interfac
 }
 
 func normalizeCert(cert interface{}) string {
-	if cert == nil {
+	if cert == nil || cert == (*string)(nil) {
 		return ""
 	}
+
 	switch cert.(type) {
 	case string:
 		hash := sha1.Sum([]byte(strings.TrimSpace(cert.(string))))