Merge pull request #68 from tyrauber/feature/acm_certificate_arn

Mosnar · web-flow · commit a79fb7220e0a · 2021-03-16T09:49:01.000-04:00
Adds ACM_CERTIFICATE_ARN configuration variable
diff --git a/docs/configuration.md b/docs/configuration.md
@@ -35,12 +35,14 @@ stages:
       <<: *defaults.environment
       SECURITY_KEY: ''
       CUSTOM_DOMAIN: ''
+      ACM_CERTIFICATE_ARN: ''
   prod:
     <<: *defaults
     environment:
       <<: *defaults.environment
       SECURITY_KEY: 'random-string-here'
       CUSTOM_DOMAIN: 'img.mydomain.com'
+      ACM_CERTIFICATE_ARN: ''
 ```
 
 ## Environment Settings
@@ -50,6 +52,7 @@ The majority of the application and environment specific settings are configured
  |Setting|Default|
  |-|-|
  |[CUSTOM_DOMAIN](#custom_domain)|*empty*|
+ |[ACM_CERTIFICATE_ARN])(#acm_certificate_arn)|*empty*]
  |[DEFAULT_CACHE_CONTROL](#default_cache_control)|*empty*|
  |[DEFAULT_COMPRESS_QUALITY](#default_compress_quality)|75|
  |[DEFAULT_QUALITY](#default_quality)|75|
@@ -82,6 +85,12 @@ During deployment, you'll need to go into your Amazon ACM console and verify the
 
 </Note>
 
+### `ACM_CERTIFICATE_ARN`
+- type: `string`
+- DEFAULT: *empty*
+
+Use an existing ACM Certificate, by supplying the ACM Certificate Arn.
+
 ### `DEFAULT_CACHE_CONTROL`
 
 - Type: `string`
diff --git a/serverless.yml b/serverless.yml
@@ -32,7 +32,11 @@ layers:
 
 resources:
   Conditions:
-    CreateCertificate: !Not [ !Equals [ "${self:custom.settings.environment.CUSTOM_DOMAIN, ''}", "" ] ]
+    CustomDomain: !Not [!Equals ["${self:custom.settings.environment.CUSTOM_DOMAIN, ''}", ""]]
+    ArnCertificate: !Not [!Equals ["${self:custom.settings.environment.ACM_CERTIFICATE_ARN, ''}", ""]]
+    CreateCertificate: !And
+      - !Not [!Equals ["${self:custom.settings.environment.CUSTOM_DOMAIN, ''}", ""]]
+      - !Equals ["${self:custom.settings.environment.ACM_CERTIFICATE_ARN, ''}", ""]
   Resources:
     CloudFrontDistribution:
       Type: AWS::CloudFront::Distribution
@@ -62,23 +66,25 @@ resources:
                 OriginProtocolPolicy: https-only
           Aliases:
             Fn::If:
-              - CreateCertificate
-              - - '${self:custom.settings.environment.CUSTOM_DOMAIN, self:custom.empty}'
-              - Ref: AWS::NoValue
+            - CustomDomain
+            - - '${self:custom.settings.environment.CUSTOM_DOMAIN, self:custom.empty}'
+            - Ref: AWS::NoValue
           ViewerCertificate:
             Fn::If:
               - CreateCertificate
-              - AcmCertificateArn:
-                  Ref: Certificate
+              - AcmCertificateArn: !If
+                - ArnCertificate
+                - self:custom.settings.environment.ACM_CERTIFICATE_ARN
+                - Ref: Certificate
                 SslSupportMethod: 'sni-only'
                 MinimumProtocolVersion: 'TLSv1'
               - Ref: AWS::NoValue
     Certificate:
       Type: AWS::CertificateManager::Certificate
       Condition: CreateCertificate
       Properties:
-        DomainName: '${self:custom.settings.environment.CUSTOM_DOMAIN}'
         ValidationMethod: DNS
+        DomainName: '${self:custom.settings.environment.CUSTOM_DOMAIN}'
   Outputs:
     CloudFrontDistributionOutput:
       Value:
diff --git a/settings.example.yml b/settings.example.yml
@@ -20,10 +20,12 @@ stages:
       SOURCE_BUCKET: 'my-bucket/prefix/path'
       SECURITY_KEY: ''
       CUSTOM_DOMAIN: ''
+      ACM_CERTIFICATE_ARN: ''
   prod:
     <<: *defaults
     environment:
       <<: *defaults.environment
       SOURCE_BUCKET: 'random-string-here'
       SECURITY_KEY: ''
       CUSTOM_DOMAIN: 'my.domain.com'
+      ACM_CERTIFICATE_ARN: ''
