CNAME and SSL removed on Update

[Lunteer]

We updated to the latest version for the Cache-Control fix (Thanks), #107. Our issue is on CloudFront it removed the CNAME and SSL certificate. We fixed the issue by re-adding it (so no major deal) but wanted to know if there is a way to preventing this in the future?

Thanks again for this amazing template!!

[beomseoklee]

Thanks for reaching out to us @Lunteer
Did you use your own CNAME and SSL certificate on CloudFront distribution? I just want to make sure I'm with you. Previously, which version did you use?

[Lunteer]

We used our own CNAME and a SSL certificate generated by AWS. We were up-to-date on the latest version of the template. When we updated the template it simply removed the CNAME and SSL certificate in the setting of the Cloudfront distribution. This made fixing the issue simple (re-add the CNAME and ssl). It should be the settings are not adjusted on update. Hope this help. Get Outlook for Android<https://aka.ms/ghei36>

…

________________________________ From: Beomseok Lee <[email protected]> Sent: Tuesday, February 11, 2020 5:57:32 PM To: awslabs/serverless-image-handler <[email protected]> Cc: Kalman Labovitz <[email protected]>; Mention <[email protected]> Subject: Re: [awslabs/serverless-image-handler] CNAME and SSL removed on Update (#185) Thanks for reaching out to us @Lunteer<https://github.com/Lunteer> Did you use your own CNAME and SSL certificate on CloudFront distribution? I just want to make sure I'm with you. Previously, which version did you use? — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub<#185>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/AIPKGJ7MSVKPK6YTOZMXU2DRCLDGZANCNFSM4KTALECQ>.

[beomseoklee]

Thanks for your detail, @Lunteer
Due to support WebP automatically, we've added "Accept" header at ForwardedValues of Amazon CloudFront distribution, and it causes the update of the distribution.

I have successfully reproduced your issue. Like you said, you can add more configurations before updating so that you don't lose your CNAME and SSL setting on your distribution.

        "ImageHandlerDistribution": {
            "Type": "AWS::CloudFront::Distribution",
            "Properties": {
                "DistributionConfig": {
                    "Aliases": [
                        "YOUR_CNAME_ALIAS"
                    ],
                    "ViewerCertificate": {
                        "AcmCertificateArn": "YOUR_CERTIFICATE_ARN",
                        "MinimumProtocolVersion": "TLSv1.2_2018",
                        "SslSupportMethod": "sni-only"
                    },

As we don't originally support the alternative domain names (CNAMEs) on the Amazon CloudFront distribution for this solution, it could happen for the next update as well, so please keep in your mind that you might need to add more settings on the AWS CloudFormation template.

I hope this would be helpful for you.

[Lunteer]

Thanks so much for testing, confirmation, code solution and overall clarity of the issue. You are awesome!!