From b2ff87fac8f794d0590be989839b2c673ed5b69a Mon Sep 17 00:00:00 2001 From: John Tyner Date: Mon, 21 Jun 2021 15:52:54 -0400 Subject: [PATCH] fix parameter checking for domain name/hosted id zone the parameter checking is such that when no hosted id zone is present, the stack will fail when the domain name is also not present. the same is true in the reverse direction: when no domain name is specified, the stack fails if no hosted id zone is present. this change fixes the checks such that the assertions only come into play when the initial field *is* present. for example, if the hosted id zone *is* present, then the domain name must also be present. similarly, when the domain name is present, the hosted id zone must also be. --- templates/quickstart-hashicorp-vault-master.template | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/templates/quickstart-hashicorp-vault-master.template b/templates/quickstart-hashicorp-vault-master.template index 70dbc2b..6ddadee 100644 --- a/templates/quickstart-hashicorp-vault-master.template +++ b/templates/quickstart-hashicorp-vault-master.template @@ -484,13 +484,13 @@ Outputs: Rules: DomainNamePresentWithHostedID: RuleCondition: - !Equals [ !Ref HostedZoneID, '' ] + !Not [!Equals [ !Ref HostedZoneID, '' ]] Assertions: - Assert: !Not [!Equals [!Ref DomainName, '']] AssertDescription: "Please specify a 'Domain Name' if you specify 'Route 53 Hosted Zone ID'" HostedIDPresentWithDomainName: RuleCondition: - !Equals [ !Ref DomainName, '' ] + !Not [!Equals [ !Ref DomainName, '' ]] Assertions: - Assert: !Not [!Equals [!Ref HostedZoneID, '']] AssertDescription: "Please specify a 'Route 53 Hosted Zone ID' if you specify 'Domain Name'" @@ -507,4 +507,4 @@ Rules: - !Not [!Equals [!Ref HostedZoneID, '']] - !Not [!Equals [!Ref ACMSSLCertificateArn, '']] - !Not [!Equals [!Ref DomainName, '']] - AssertDescription: "Using an SSL certificate is enforced. A CertificateArn or a HostedZoneID and Domain Name must be provided." \ No newline at end of file + AssertDescription: "Using an SSL certificate is enforced. A CertificateArn or a HostedZoneID and Domain Name must be provided."