diff --git a/cloudformation/minimal-template.yml b/cloudformation/minimal-template.yml deleted file mode 100644 index 649d447d..00000000 --- a/cloudformation/minimal-template.yml +++ /dev/null @@ -1,97 +0,0 @@ -AWSTemplateFormatVersion: '2010-09-09' -Transform: 'AWS::Serverless-2016-10-31' -Description: Minimal template for Fingerprint Pro Lambda@Edge function for CloudFront integration -Parameters: - SecretName: - AllowedPattern: ^([a-zA-Z0-9\/_+=.@\-])+$ - Description: AWS Secret Name - Type: String - SecretRegion: - AllowedPattern: ^([a-z0-9\-])+$ - Description: AWS Region where secret is stored - Type: String - -Resources: - FpIntLambdaFunctionExecutionRole: - Type: AWS::IAM::Role - Metadata: - SamResourceId: FpIntLambdaFunctionExecutionRole - Properties: - RoleName: !Join ['-', ['fingerprint-pro-lambda-role', !Select [4, !Split ['-', !Select [2, !Split ['/', !Ref AWS::StackId]]]]]] - AssumeRolePolicyDocument: - Version: '2012-10-17' - Statement: - - Effect: Allow - Action: sts:AssumeRole - Principal: - Service: - - lambda.amazonaws.com - - edgelambda.amazonaws.com - Policies: - - PolicyName: LambdaExecutionPolicy - PolicyDocument: - Version: '2012-10-17' - Statement: - - Effect: Allow - Action: - - logs:CreateLogGroup - - logs:CreateLogStream - - logs:PutLogEvents - Resource: arn:aws:logs:*:*:* - - PolicyName: AWSSecretAccess - PolicyDocument: - Version: '2012-10-17' - Statement: - - Effect: Allow - Action: - - secretsmanager:GetSecretValue - Resource: - Fn::Sub: arn:aws:secretsmanager:${SecretRegion}:${AWS::AccountId}:secret:${SecretName}-?????? - ManagedPolicyArns: - - arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole - - FingerprintProCloudfrontLambda: - Type: AWS::Serverless::Function - Properties: - FunctionName: !Join ['-', ['fingerprint-pro-cloudfront-lambda', !Select [4, !Split ['-', !Select [2, !Split ['/', !Ref AWS::StackId]]]]]] - Handler: fingerprintjs-pro-cloudfront-lambda-function.handler - Runtime: nodejs16.x - CodeUri: s3://fingerprint-pro-cloudfront-integration-lambda-function/release/lambda_latest.zip - MemorySize: 128 - Timeout: 3 - Role: !GetAtt FpIntLambdaFunctionExecutionRole.Arn - - FingerprintProCDNCachePolicy: - Type: AWS::CloudFront::CachePolicy - Properties: - CachePolicyConfig: - Name: !Join [ '-', ['FingerprintProCDNCachePolicy', !Select [4, !Split ['-', !Select [2, !Split ['/', !Ref AWS::StackId]]]]]] - MinTTL: 0 - MaxTTL: 180 - DefaultTTL: 180 - ParametersInCacheKeyAndForwardedToOrigin: - CookiesConfig: - CookieBehavior: none - HeadersConfig: - HeaderBehavior: none - QueryStringsConfig: - QueryStringBehavior: whitelist - QueryStrings: - - version - - loaderVersion - EnableAcceptEncodingBrotli: true - EnableAcceptEncodingGzip: true - -Outputs: - LambdaFunctionName: - Description: Fingerprint Pro Lambda function name - Value: - Ref: FingerprintProCloudfrontLambda - Export: - Name: !Join ['-', ['fingerprint-pro-cloudfront-lambda', !Select [4, !Split ['-', !Select [2, !Split ['/', !Ref AWS::StackId]]]]]] - CachePolicyName: - Description: Cache policy name - Value: - Ref: FingerprintProCDNCachePolicy - Export: - Name: !Join [ '-', ['FingerprintProCDNCachePolicy', !Select [4, !Split ['-', !Select [2, !Split ['/', !Ref AWS::StackId]]]]]] diff --git a/cloudformation/template.cloudfront.yml b/cloudformation/template.cloudfront.yml deleted file mode 100644 index 64e00224..00000000 --- a/cloudformation/template.cloudfront.yml +++ /dev/null @@ -1,205 +0,0 @@ -# This is a sample CloudFormation templates that creates the following resources -# -# * Lambda@Edge function for Fingerprint CloudFront integration. -# -# * CloudFront's Cache policy for getting Fingerprint agent. -# -# * AWS Secret with settings for the integration. -# Secret name and values should be specified in template parameters. -# Refer to the step 3 in the integration guide for that https://dev.fingerprint.com/docs/cloudfront-proxy-integration#step-3---create-a-new-secret-in-the-aws-secrets-manager -# -# * CloudFront Distribution with configured origin and default cache behavior associated with the Fingerprint Lambda@Edge function. -# Note that in the template we have a default cache behavior only (Resources -> CloudFrontDistribution -> Properties -> DistributionConfig -> DefaultCacheBehavior), -# but a real world website with Fingerprint integration enabled has at least two cache behaviors. -# For example: -# 1. default cache behavior (default path pattern '*') that associated with the main web services -# 2. cache behavior for Fingerprint integration. Path pattern must be the following: -# Let's FPHS_BEHAVIOR_PATH=our-path-123 -# Path pattern is our-path-123/* -# The same for the template is -# PathPattern: !Join ['', ['/', !Ref FpjsBehaviorPath, '/*']] -# -# NOTE: CloudFormation deployment must be called from us-east-1 region - -AWSTemplateFormatVersion: '2010-09-09' -Transform: - - 'AWS::Serverless-2016-10-31' - - AWS::LanguageExtensions -Description: Fingerprint Pro Lambda@Edge function for CloudFront integration -Parameters: - SecretName: - AllowedPattern: ^([a-zA-Z0-9\/_+=.@\-])+$ - Description: AWS Secret Name - Type: String - # Refer to the step 3 in the integration guide for these 4 parameters - # https://dev.fingerprint.com/docs/cloudfront-proxy-integration#step-3---create-a-new-secret-in-the-aws-secrets-manager - FpjsBehaviorPath: - AllowedPattern: ^([a-zA-Z0-9\-])+$ - Description: FPJS_BEHAVIOR_PATH value - Type: String - FpjsGetResultPath: - AllowedPattern: ^([a-zA-Z0-9\-])+$ - Description: FPJS_GET_RESULT_PATH value - Type: String - FpjsAgentDownloadPath: - AllowedPattern: ^([a-zA-Z0-9\-])+$ - Description: FPJS_AGENT_DOWNLOAD_PATH value - Type: String - FpjsPreSharedSecret: - AllowedPattern: ^([a-zA-Z0-9\-])+$ - Description: FPJS_PRE_SHARED_SECRET value - Type: String - - -Resources: - FpIntLambdaFunctionExecutionRole: - Type: AWS::IAM::Role - Metadata: - SamResourceId: FpIntLambdaFunctionExecutionRole - Properties: - RoleName: !Join ['-', ['fingerprint-pro-lambda-role', !Select [4, !Split ['-', !Select [2, !Split ['/', !Ref AWS::StackId]]]]]] - AssumeRolePolicyDocument: - Version: '2012-10-17' - Statement: - - Effect: Allow - Action: sts:AssumeRole - Principal: - Service: - - lambda.amazonaws.com - - edgelambda.amazonaws.com - Policies: - - PolicyName: LambdaExecutionPolicy - PolicyDocument: - Version: '2012-10-17' - Statement: - - Effect: Allow - Action: - - logs:CreateLogGroup - - logs:CreateLogStream - - logs:PutLogEvents - Resource: arn:aws:logs:*:*:* - - PolicyName: AWSSecretAccess - PolicyDocument: - Version: '2012-10-17' - Statement: - - Effect: Allow - Action: - - secretsmanager:GetSecretValue - Resource: !Join [':', ['arn:aws:secretsmanager', !Ref AWS::Region, !Ref AWS::AccountId, 'secret', !Join ['-', [!Ref SecretName, '??????']]]] - ManagedPolicyArns: - - arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole - - FingerprintProCloudfrontLambda: - Type: AWS::Serverless::Function - Properties: - FunctionName: !Join ['-', ['fingerprint-pro-cloudfront-lambda', !Select [4, !Split ['-', !Select [2, !Split ['/', !Ref AWS::StackId]]]]]] - Handler: fingerprintjs-pro-cloudfront-lambda-function.handler - Runtime: nodejs16.x - CodeUri: s3://fingerprint-pro-cloudfront-integration-lambda-function/release/lambda_latest.zip - MemorySize: 128 - Timeout: 3 - Role: !GetAtt FpIntLambdaFunctionExecutionRole.Arn - - FingerprintProCloudfrontLambdaVersion: - Type: AWS::Lambda::Version - Properties: - FunctionName: !Ref FingerprintProCloudfrontLambda - Description: v1 - - FingerprintProCDNCachePolicy: - Type: AWS::CloudFront::CachePolicy - Properties: - CachePolicyConfig: - Name: !Join [ '-', ['FingerprintProCDNCachePolicy', !Select [4, !Split ['-', !Select [2, !Split ['/', !Ref AWS::StackId]]]]]] - MinTTL: 0 - MaxTTL: 180 - DefaultTTL: 180 - ParametersInCacheKeyAndForwardedToOrigin: - CookiesConfig: - CookieBehavior: none - HeadersConfig: - HeaderBehavior: none - QueryStringsConfig: - QueryStringBehavior: whitelist - QueryStrings: - - version - - loaderVersion - EnableAcceptEncodingBrotli: true - EnableAcceptEncodingGzip: true - - FingerprintIntegrationSettingsSecret: - Type: AWS::SecretsManager::Secret - Properties: - Description: AWS Secret with a custom Fingerprint integration settings - Name: !Ref SecretName - SecretString: - Fn::ToJsonString: - fpjs_behavior_path: !Ref FpjsBehaviorPath - fpjs_get_result_path: !Ref FpjsGetResultPath - fpjs_agent_download_path: !Ref FpjsAgentDownloadPath - fpjs_pre_shared_secret: !Ref FpjsPreSharedSecret - - CloudFrontDistribution: - Type: AWS::CloudFront::Distribution - Properties: - DistributionConfig: - DefaultCacheBehavior: - AllowedMethods: - - HEAD - - GET - - POST - - PUT - - PATCH - - DELETE - - OPTIONS - CachePolicyId: !Ref FingerprintProCDNCachePolicy - Compress: true - LambdaFunctionAssociations: - - EventType: origin-request - IncludeBody: true - LambdaFunctionARN: !Ref FingerprintProCloudfrontLambdaVersion - OriginRequestPolicyId: 216adef6-5c7f-47e4-b989-5492eafa07d3 # Default AllViewer policy - SmoothStreaming: false - TargetOriginId: fpcdn.io - ViewerProtocolPolicy: https-only - Enabled: true - Origins: - - Id: fpcdn.io - DomainName: fpcdn.io - OriginCustomHeaders: - - HeaderName: FPJS_SECRET_REGION - HeaderValue: !Ref AWS::Region - - HeaderName: FPJS_SECRET_NAME - HeaderValue: !Ref SecretName - # Enabled debug logging in Lambda@Edge function. Should be disabled in production env - - HeaderName: FPJS_DEBUG - HeaderValue: true - CustomOriginConfig: - HTTPPort: 80 - HTTPSPort: 443 - OriginKeepaliveTimeout: 5 - OriginProtocolPolicy: https-only - OriginReadTimeout: 30 - PriceClass: PriceClass_100 - -Outputs: - LambdaFunctionName: - Description: Fingerprint Pro Lambda function name - Value: - Ref: FingerprintProCloudfrontLambda - Export: - Name: !Join ['-', ['fingerprint-pro-cloudfront-lambda', !Select [4, !Split ['-', !Select [2, !Split ['/', !Ref AWS::StackId]]]]]] - CachePolicyName: - Description: Cache policy name - Value: - Ref: FingerprintProCDNCachePolicy - Export: - Name: !Join [ '-', ['FingerprintProCDNCachePolicy', !Select [4, !Split ['-', !Select [2, !Split ['/', !Ref AWS::StackId]]]]]] - CloudFrontDistribution: - Description: CloudFront distribution - Value: - Ref: CloudFrontDistribution - FingerprintIntegrationSettingsSecret: - Description: AWS Secret with Fingerprint settings - Value: - Ref: FingerprintIntegrationSettingsSecret \ No newline at end of file diff --git a/cloudformation/template.yml b/cloudformation/template.yml index 4aaceb83..31318aba 100644 --- a/cloudformation/template.yml +++ b/cloudformation/template.yml @@ -1,5 +1,7 @@ AWSTemplateFormatVersion: '2010-09-09' -Transform: 'AWS::Serverless-2016-10-31' +Transform: + - AWS::Serverless-2016-10-31 + - AWS::LanguageExtensions Description: Fingerprint Pro Lambda@Edge function for CloudFront integration Parameters: SecretName: @@ -11,16 +13,55 @@ Parameters: Description: AWS Region where secret is stored Type: String DistributionId: - AllowedPattern: ^([A-Z0-9])+$ - Description: CloudFront distribution ID + Description: CloudFront distribution ID. Leave it empty to create a new distribution + Default: "" + Type: String + # Refer to the step 3 in the integration guide for these 4 parameters + # https://dev.fingerprint.com/docs/cloudfront-proxy-integration#step-3---create-a-new-secret-in-the-aws-secrets-manager + FpjsBehaviorPath: + AllowedPattern: ^([a-zA-Z0-9\-])+$ + Description: FPJS_BEHAVIOR_PATH value + Type: String + FpjsGetResultPath: + AllowedPattern: ^([a-zA-Z0-9\-])+$ + Description: FPJS_GET_RESULT_PATH value + Type: String + FpjsAgentDownloadPath: + AllowedPattern: ^([a-zA-Z0-9\-])+$ + Description: FPJS_AGENT_DOWNLOAD_PATH value + Type: String + FpjsPreSharedSecret: + AllowedPattern: ^([a-zA-Z0-9\-])+$ + Description: FPJS_PRE_SHARED_SECRET value Type: String +Conditions: + CreateCloudFrontDistribution: + !Equals [!Ref DistributionId, ""] + Resources: + ## Lambda@Edge function for Fingerprint Pro integration + + FingerprintIntegrationSettingsSecret: + Type: AWS::SecretsManager::Secret + Properties: + Description: AWS Secret with a custom Fingerprint integration settings + Name: !Ref SecretName + SecretString: + Fn::ToJsonString: + fpjs_behavior_path: !Ref FpjsBehaviorPath + fpjs_get_result_path: !Ref FpjsGetResultPath + fpjs_agent_download_path: !Ref FpjsAgentDownloadPath + fpjs_pre_shared_secret: !Ref FpjsPreSharedSecret + FpIntLambdaFunctionExecutionRole: Type: AWS::IAM::Role + DependsOn: + - FingerprintIntegrationSettingsSecret Metadata: SamResourceId: FpIntLambdaFunctionExecutionRole Properties: + Description: Lambda@Edge function execution role RoleName: !Join ['-', ['fingerprint-pro-lambda-role', !Select [4, !Split ['-', !Select [2, !Split ['/', !Ref AWS::StackId]]]]]] AssumeRolePolicyDocument: Version: '2012-10-17' @@ -54,11 +95,103 @@ Resources: ManagedPolicyArns: - arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole + FingerprintProCloudfrontLambda: + Type: AWS::Serverless::Function + DependsOn: + - FpIntLambdaFunctionExecutionRole + Properties: + Description: Lambda@Edge function definition + FunctionName: !Join ['-', ['fingerprint-pro-cloudfront-lambda', !Select [4, !Split ['-', !Select [2, !Split ['/', !Ref AWS::StackId]]]]]] + Handler: fingerprintjs-pro-cloudfront-lambda-function.handler + Runtime: nodejs16.x + CodeUri: s3://fingerprint-pro-cloudfront-integration-lambda-function/release/lambda_latest.zip + MemorySize: 128 + Timeout: 3 + Role: !GetAtt FpIntLambdaFunctionExecutionRole.Arn + + FingerprintProCloudfrontLambdaVersion: + Type: AWS::Lambda::Version + DependsOn: + - FingerprintProCloudfrontLambda + Properties: + FunctionName: !Ref FingerprintProCloudfrontLambda + Description: Lambda@Edge function's version reference (v1) + + ## CloudFront distribution and related settings + + FingerprintProCDNCachePolicy: + Type: AWS::CloudFront::CachePolicy + Properties: + CachePolicyConfig: + Name: !Join [ '-', ['FingerprintProCDNCachePolicy', !Select [4, !Split ['-', !Select [2, !Split ['/', !Ref AWS::StackId]]]]]] + MinTTL: 0 + MaxTTL: 180 + DefaultTTL: 180 + ParametersInCacheKeyAndForwardedToOrigin: + CookiesConfig: + CookieBehavior: none + HeadersConfig: + HeaderBehavior: none + QueryStringsConfig: + QueryStringBehavior: whitelist + QueryStrings: + - version + - loaderVersion + EnableAcceptEncodingBrotli: true + EnableAcceptEncodingGzip: true + + CloudFrontDistribution: + Type: AWS::CloudFront::Distribution + Condition: CreateCloudFrontDistribution + Properties: + DistributionConfig: + DefaultCacheBehavior: + AllowedMethods: + - HEAD + - GET + - POST + - PUT + - PATCH + - DELETE + - OPTIONS + CachePolicyId: !Ref FingerprintProCDNCachePolicy + Compress: true + LambdaFunctionAssociations: + - EventType: origin-request + IncludeBody: true + LambdaFunctionARN: !Ref FingerprintProCloudfrontLambdaVersion + OriginRequestPolicyId: 216adef6-5c7f-47e4-b989-5492eafa07d3 # Default AllViewer policy + SmoothStreaming: false + TargetOriginId: fpcdn.io + ViewerProtocolPolicy: https-only + Enabled: true + Origins: + - Id: fpcdn.io + DomainName: fpcdn.io + OriginCustomHeaders: + - HeaderName: FPJS_SECRET_REGION + HeaderValue: !Ref AWS::Region + - HeaderName: FPJS_SECRET_NAME + HeaderValue: !Ref SecretName + # Enabled debug logging in Lambda@Edge function. Should be disabled in production env + - HeaderName: FPJS_DEBUG + HeaderValue: true + CustomOriginConfig: + HTTPPort: 80 + HTTPSPort: 443 + OriginKeepaliveTimeout: 5 + OriginProtocolPolicy: https-only + OriginReadTimeout: 30 + PriceClass: PriceClass_100 + + ## Management Lambda function (responsible for switching CloudFront distribution to the new Fingerprint Pro Lambda@Edge version) + FpMgmtLambdaFunctionExecutionRole: Type: AWS::IAM::Role Metadata: SamResourceId: FpMgmtLambdaFunctionExecutionRole Properties: + Description: Management Lambda execution role RoleName: !Join ['-', ['fingerprint-pro-lambda-mgmt-role', !Select [4, !Split ['-', !Select [2, !Split ['/', !Ref AWS::StackId]]]]]] AssumeRolePolicyDocument: Version: '2012-10-17' @@ -111,7 +244,7 @@ Resources: - cloudfront:UpdateDistribution - cloudfront:GetDistributionConfig - cloudfront:CreateInvalidation - Resource: !Sub arn:aws:cloudfront::${AWS::AccountId}:distribution/${DistributionId} + Resource: !Join ['', [!Sub 'arn:aws:cloudfront::${AWS::AccountId}:distribution/', !If [CreateCloudFrontDistribution, !Ref CloudFrontDistribution, !Ref DistributionId]]] - PolicyName: CodePipelinePublishingResults PolicyDocument: Version: '2012-10-17' @@ -124,11 +257,26 @@ Resources: ManagedPolicyArns: - arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole + FingerprintProMgmtLambda: + Type: AWS::Serverless::Function + DependsOn: FpMgmtLambdaFunctionExecutionRole + Properties: + FunctionName: !Join ['-', ['fingerprint-pro-mgmt-lambda', !Select [4, !Split ['-', !Select [2, !Split ['/', !Ref AWS::StackId]]]]]] + Handler: fingerprintjs-pro-cloudfront-mgmt-lambda-function.handler + Runtime: nodejs18.x + CodeUri: s3://fingerprint-pro-cloudfront-integration-lambda-function/release/mgmt_lambda_latest.zip + MemorySize: 128 + Timeout: 120 + Role: !GetAtt FpMgmtLambdaFunctionExecutionRole.Arn + + # Automatic updates infrastructure + FpCodePipelineExecutionRole: Type: AWS::IAM::Role Metadata: SamResourceId: FpCodePipelineExecutionRole Properties: + Description: CodePipeline execution role RoleName: !Join ['-', ['fingerprint-pro-codepipeline-role', !Select [4, !Split ['-', !Select [2, !Split ['/', !Ref AWS::StackId]]]]]] AssumeRolePolicyDocument: Version: '2012-10-17' @@ -284,49 +432,6 @@ Resources: - 'fingerprint-pro-cloudfront-lambda-' - !Select [4, !Split ['-', !Select [2, !Split ['/', !Ref AWS::StackId]]]] - FingerprintProCloudfrontLambda: - Type: AWS::Serverless::Function - Properties: - FunctionName: !Join ['-', ['fingerprint-pro-cloudfront-lambda', !Select [4, !Split ['-', !Select [2, !Split ['/', !Ref AWS::StackId]]]]]] - Handler: fingerprintjs-pro-cloudfront-lambda-function.handler - Runtime: nodejs16.x - CodeUri: s3://fingerprint-pro-cloudfront-integration-lambda-function/release/lambda_latest.zip - MemorySize: 128 - Timeout: 3 - Role: !GetAtt FpIntLambdaFunctionExecutionRole.Arn - - FingerprintProMgmtLambda: - Type: AWS::Serverless::Function - Properties: - FunctionName: !Join ['-', ['fingerprint-pro-mgmt-lambda', !Select [4, !Split ['-', !Select [2, !Split ['/', !Ref AWS::StackId]]]]]] - Handler: fingerprintjs-pro-cloudfront-mgmt-lambda-function.handler - Runtime: nodejs18.x - CodeUri: s3://fingerprint-pro-cloudfront-integration-lambda-function/release/mgmt_lambda_latest.zip - MemorySize: 128 - Timeout: 120 - Role: !GetAtt FpMgmtLambdaFunctionExecutionRole.Arn - - FingerprintProCDNCachePolicy: - Type: AWS::CloudFront::CachePolicy - Properties: - CachePolicyConfig: - Name: !Join [ '-', ['FingerprintProCDNCachePolicy', !Select [4, !Split ['-', !Select [2, !Split ['/', !Ref AWS::StackId]]]]]] - MinTTL: 0 - MaxTTL: 180 - DefaultTTL: 180 - ParametersInCacheKeyAndForwardedToOrigin: - CookiesConfig: - CookieBehavior: none - HeadersConfig: - HeaderBehavior: none - QueryStringsConfig: - QueryStringBehavior: whitelist - QueryStrings: - - version - - loaderVersion - EnableAcceptEncodingBrotli: true - EnableAcceptEncodingGzip: true - FpCodePipelineArtifactStorage: Type: AWS::S3::Bucket Properties: @@ -334,6 +439,11 @@ Resources: LambdaUpdateCodeBuild: Type: AWS::CodeBuild::Project + DependsOn: + - CodeBuildServiceRole + - FpCodePipelineArtifactStorage + - FingerprintProCloudfrontLambda + - FingerprintProMgmtLambda Properties: Name: !Join ['-', ['LambdaUpdateCodeBuild', !Select [4, !Split ['-', !Select [2, !Split ['/', !Ref AWS::StackId]]]]]] ServiceRole: !GetAtt CodeBuildServiceRole.Arn @@ -369,6 +479,8 @@ Resources: Pipeline: Type: AWS::CodePipeline::Pipeline + DependsOn: + - LambdaUpdateCodeBuild Properties: ArtifactStore: Type: S3 @@ -430,7 +542,9 @@ Resources: !Join - '' - - '{"CF_DISTR_ID": ' - - !Sub '"${DistributionId}"' + - !Sub + - '"${CFDistributionId}"' + - CFDistributionId: !If [CreateCloudFrontDistribution, !Ref CloudFrontDistribution, !Ref DistributionId] - ', ' - '"LAMBDA_NAME": "' - !Join ['-', ['fingerprint-pro-cloudfront-lambda', !Select [4, !Split ['-', !Select [2, !Split ['/', !Ref AWS::StackId]]]]]] @@ -448,3 +562,15 @@ Outputs: Ref: FingerprintProCDNCachePolicy Export: Name: !Join [ '-', ['FingerprintProCDNCachePolicy', !Select [4, !Split ['-', !Select [2, !Split ['/', !Ref AWS::StackId]]]]]] + CloudFrontDistributionId: + Description: CloudFront distribution Id used in the integration settings + Value: + Fn::If: [CreateCloudFrontDistribution, !Ref CloudFrontDistribution, !Ref DistributionId] + Export: + Name: !Join ['-', ['fingerprint-pro-cloudfront-distribution', !Select [4, !Split ['-', !Select [2, !Split ['/', !Ref AWS::StackId]]]]]] + IsCloudFrontDistributionCreatedByDeployment: + Description: Indicate if the CloudFront distribution with attached Lambda function was created by deployment or not (depends on initial parameters) + Value: + Fn::If: [CreateCloudFrontDistribution, "true", "false"] + Export: + Name: !Join ['-', ['is-cloudfront-distribution-created-by-deployment', !Select [4, !Split ['-', !Select [2, !Split ['/', !Ref AWS::StackId]]]]]]