[Infrastructure] Specify PermissionsBoundaryPolicy and IAMRoleAndPolicyPrefix in PCAPI only if not empty.

gmarciani · gmarciani · commit 162a10138615 · 2023-12-13T15:34:03.000+01:00
Also fix the parameter used in PCAPI: PermissionsBoundaryPolicyPCAPI rather than PermissionsBoundaryPolicy.
diff --git a/infrastructure/parallelcluster-ui.yaml b/infrastructure/parallelcluster-ui.yaml
@@ -142,6 +142,8 @@ Conditions:
       - !Equals ['5', !Select [ 1, !Split ['.', !Ref Version] ] ]
   InGovCloud: !Equals ['us-gov-west-1', !Ref "AWS::Region"]
   UsePermissionBoundary: !Not [!Equals [!Ref PermissionsBoundaryPolicy, '']]
+  UsePermissionBoundaryPCAPI: !Not [!Equals [!Ref PermissionsBoundaryPolicyPCAPI, '']]
+  UseIAMRoleAndPolicyPrefix: !Not [!Equals [!Ref IAMRoleAndPolicyPrefix, '']]
 
 Mappings:
   ParallelClusterUI:
@@ -172,8 +174,8 @@ Resources:
     Type: AWS::CloudFormation::Stack
     Properties:
       Parameters:
-        PermissionsBoundaryPolicy: !Ref PermissionsBoundaryPolicy
-        IAMRoleAndPolicyPrefix: !Ref IAMRoleAndPolicyPrefix
+        PermissionsBoundaryPolicy: !If [ UsePermissionBoundaryPCAPI, !Ref PermissionsBoundaryPolicyPCAPI, !Ref AWS::NoValue ]
+        IAMRoleAndPolicyPrefix: !If [ UseIAMRoleAndPolicyPrefix, !Ref IAMRoleAndPolicyPrefix, !Ref AWS::NoValue ]
         ApiDefinitionS3Uri: !Sub s3://${AWS::Region}-aws-parallelcluster/parallelcluster/${Version}/api/ParallelCluster.openapi.yaml
         CreateApiUserRole: False
         EnableIamAdminAccess: True
