pass AWS::NoValue to SubjectAlternativeNames if no alternate domains …

…were provided to the stack
caktus · Sep 27, 2017 · 73f2a0d · 73f2a0d
1 parent 9a96873
commit 73f2a0d
Show file tree

Hide file tree

Showing 3 changed files with 14 additions and 14 deletions.
diff --git a/stack/assets.py b/stack/assets.py
@@ -1,6 +1,6 @@
 import os
 
-from troposphere import Equals, GetAtt, If, Join, Output, Ref, Split, iam
+from troposphere import GetAtt, If, Join, Output, Ref, Split, iam
 from troposphere.cloudfront import (
     DefaultCacheBehavior,
     Distribution,
@@ -19,16 +19,9 @@
 )
 
 from .common import arn_prefix
-from .domain import domain_name, domain_name_alternates
+from .domain import domain_name, domain_name_alternates, no_alt_domains
 from .template import template
 
-no_alt_domains_condition = "NoAlternateDomains"
-template.add_condition(
-    no_alt_domains_condition,
-    # Equals() only supports strings, so convert domain_name_alternates to one first
-    Equals(Join("", domain_name_alternates), ""),
-)
-
 common_bucket_conf = dict(
     VersioningConfiguration=VersioningConfiguration(
         Status="Enabled"
@@ -39,7 +32,7 @@
             AllowedOrigins=Split(";", Join("", [
                 "https://", domain_name,
                 If(
-                    no_alt_domains_condition,
+                    no_alt_domains,
                     # if we don't have any alternate domains, return an empty string
                     "",
                     # otherwise, return the ';https://' that will be needed by the first domain

diff --git a/stack/certificates.py b/stack/certificates.py
@@ -1,14 +1,14 @@
-from troposphere import Ref
+from troposphere import If, Ref
 from troposphere.certificatemanager import Certificate, DomainValidationOption
 
-from .domain import domain_name, domain_name_alternates
+from .domain import domain_name, domain_name_alternates, no_alt_domains
 from .template import template
 
 application = Ref(template.add_resource(
     Certificate(
         'Certificate',
         DomainName=domain_name,
-        SubjectAlternativeNames=domain_name_alternates,
+        SubjectAlternativeNames=If(no_alt_domains, Ref("AWS::NoValue"), domain_name_alternates),
         DomainValidationOptions=[
             DomainValidationOption(
                 DomainName=domain_name,

diff --git a/stack/domain.py b/stack/domain.py
@@ -1,4 +1,4 @@
-from troposphere import Parameter, Ref
+from troposphere import Equals, Join, Parameter, Ref
 
 from .template import template
 
@@ -14,3 +14,10 @@
                 "the Subject Alternative Name extension of the SSL certificate.",
     Type="CommaDelimitedList",
 )))
+
+no_alt_domains = "NoAlternateDomains"
+template.add_condition(
+    no_alt_domains,
+    # Equals() only supports strings, so convert domain_name_alternates to one first
+    Equals(Join("", domain_name_alternates), ""),
+)