Merge pull request #13 from keithduncan/fix-vpc-template-parameter

keithduncan · web-flow · commit 9143f661d649 · 2020-04-21T14:45:48.000+10:00
Provide a default value for SourceVpcIDs
diff --git a/service/template.yaml b/service/template.yaml
@@ -18,7 +18,12 @@ Parameters:
     Description: Comma separated list of AWS AccountIds whose IAM entities should be allowed to access the API Gateway.
   SourceVpcIds:
     Type: CommaDelimitedList
-    Description: Comma separated list of AWS VPC IDs whose occupants should be allowed to access the API Gateway, only applicable when EndpointConfiguration is PRIVATE.
+    Description: Optional - Comma separated list of AWS VPC IDs whose occupants should be allowed to access the API Gateway, only applicable when EndpointConfiguration is PRIVATE.
+    Default: ''
+
+Conditions:
+  AccountRestriction: !Not [ !Equals [ !Join [ ',', !Ref AccountIds ] , '' ] ]
+  VpcRestriction: !Not [ !Equals [ !Join [ ',', !Ref SourceVpcIds ] , '' ] ]
 
 Metadata:
   AWS::CloudFormation::Interface:
@@ -60,8 +65,8 @@ Globals:
       DefaultAuthorizer: AWS_IAM
       InvokeRole: NONE
       ResourcePolicy:
-        AwsAccountWhitelist: !Ref AccountIds
-        SourceVpcWhitelist: !Ref SourceVpcIds
+        AwsAccountWhitelist: !If [ AccountRestriction, !Ref AccountIds, !Ref AWS::NoValue ]
+        SourceVpcWhitelist: !If [ VpcRestriction, !Ref SourceVpcIds, !Ref AWS::NoValue ]
     EndpointConfiguration: !Ref EndpointConfiguration
 
 Resources:
