From ed070f29a13646784e1d76fad66f4c5ff679c2aa Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?David=20Gonz=C3=A1lez?= <david.gonzalez@jobandtalent.com>
Date: Tue, 10 Oct 2017 13:18:32 +0200
Subject: [PATCH] Improve efficiency by only using most_recent when there are
 several certs

---
 aws/data_source_aws_acm_certificate.go | 53 +++++++++++++-------------
 1 file changed, 26 insertions(+), 27 deletions(-)

diff --git a/aws/data_source_aws_acm_certificate.go b/aws/data_source_aws_acm_certificate.go
index 66709ddc0e6..0b2b367e692 100644
--- a/aws/data_source_aws_acm_certificate.go
+++ b/aws/data_source_aws_acm_certificate.go
@@ -117,41 +117,40 @@ func dataSourceAwsAcmCertificateRead(d *schema.ResourceData, meta interface{}) e
 		return fmt.Errorf("No certificate for domain %q found in this region.", target)
 	}
 
-	// Get most recent sorting by notBefore date. Notice that createdAt field is only valid
-	// for ACM issued certificated but not for imported ones so in a mixed scenario only
-	// fields extracted from the certificate are valid. I cannot find a scenario where the
-	// most recent certificate is not the one with a most recent `NotBefore` field.
-	_, ok = d.GetOk("most_recent")
-	if ok {
-		mr := arns[0]
-		if mr.notBefore == nil {
-			description, err := describeCertificate(mr, conn)
-			if err != nil {
-				return errwrap.Wrapf("Error describing certificates: {{err}}", err)
-			}
-
-			mr.notBefore = description.Certificate.NotBefore
-		}
-		for _, arn := range arns[1:] {
-			if arn.notBefore == nil {
-				description, err := describeCertificate(arn, conn)
+	if len(arns) > 1 {
+		// Get most recent sorting by notBefore date. Notice that createdAt field is only valid
+		// for ACM issued certificates but not for imported ones so in a mixed scenario only
+		// fields extracted from the certificate are valid.
+		_, ok = d.GetOk("most_recent")
+		if ok {
+			mr := arns[0]
+			if mr.notBefore == nil {
+				description, err := describeCertificate(mr, conn)
 				if err != nil {
 					return errwrap.Wrapf("Error describing certificates: {{err}}", err)
 				}
 
-				arn.notBefore = description.Certificate.NotBefore
+				mr.notBefore = description.Certificate.NotBefore
 			}
+			for _, arn := range arns[1:] {
+				if arn.notBefore == nil {
+					description, err := describeCertificate(arn, conn)
+					if err != nil {
+						return errwrap.Wrapf("Error describing certificates: {{err}}", err)
+					}
+
+					arn.notBefore = description.Certificate.NotBefore
+				}
 
-			if arn.notBefore.After(*mr.notBefore) {
-				mr = arn
+				if arn.notBefore.After(*mr.notBefore) {
+					mr = arn
+				}
 			}
-		}
 
-		arns = []*arnData{mr}
-	}
-
-	if len(arns) > 1 {
-		return fmt.Errorf("Multiple certificates for domain %q found in this region.", target)
+			arns = []*arnData{mr}
+		} else {
+			return fmt.Errorf("Multiple certificates for domain %q found in this region.", target)
+		}
 	}
 
 	d.SetId(time.Now().UTC().String())