From d08da27f7125d477efaa22005e2929136c2bae99 Mon Sep 17 00:00:00 2001 From: Paris Kasidiaris Date: Thu, 24 Oct 2024 19:10:07 +0300 Subject: [PATCH 1/4] feat (aws/ses): dynamic route53 records and output --- aws/ses/locals.tf | 33 +++++++++++++++++++++++++++++++++ aws/ses/outputs.tf | 5 +++++ aws/ses/route53.tf | 45 +++++++++------------------------------------ 3 files changed, 47 insertions(+), 36 deletions(-) diff --git a/aws/ses/locals.tf b/aws/ses/locals.tf index fe650ae..d912ccf 100644 --- a/aws/ses/locals.tf +++ b/aws/ses/locals.tf @@ -4,4 +4,37 @@ locals { Project = var.project Domain = var.domain } + validation_dns_records_ses_identity = [ + { + name = "_amazonses.${var.ses_domain}" + type = "TXT" + value = aws_ses_domain_identity.domain.verification_token + priority = null + } + ] + validation_dns_records_dkim = [ + for i in range(length(aws_ses_domain_dkim.example.dkim_tokens)) : { + name = "${aws_ses_domain_dkim.example.dkim_tokens[i]}._domainkey.${var.ses_domain}" + type = "CNAME" + value = "${aws_ses_domain_dkim.example.dkim_tokens[i]}.dkim.amazonses.com" + priority = null + } + ] + validation_dns_records_mailfrom_mx = (var.mail_from_domain == null ? [] : [ + { + name = var.mail_from_domain + type = "MX" + value = "feedback-smtp.${var.region}.amazonaws.com" + priority = 10, + } + ]) + validation_dns_records_mailfrom_txt = (var.mail_from_domain == null ? [] : [ + { + name = var.mail_from_domain + type = "TXT" + value = "v=spf1 include:amazonses.com ~all" + priority = null + } + ]) + validation_dns_records = concat(local.validation_dns_records_ses_identity, local.validation_dns_records_dkim, local.validation_dns_records_mailfrom_mx, local.validation_dns_records_mailfrom_txt) } diff --git a/aws/ses/outputs.tf b/aws/ses/outputs.tf index 6ae74e4..7ec469a 100644 --- a/aws/ses/outputs.tf +++ b/aws/ses/outputs.tf @@ -7,3 +7,8 @@ output "policy_arn" { description = "ARN of the SES domain identity policy" value = aws_iam_policy.main.arn } + +output "validation_dns_records" { + description = "DNS records to validate SES" + value = local.validation_dns_records +} diff --git a/aws/ses/route53.tf b/aws/ses/route53.tf index 278d5d7..115e3eb 100644 --- a/aws/ses/route53.tf +++ b/aws/ses/route53.tf @@ -1,37 +1,10 @@ -resource "aws_route53_record" "domain_amazonses_verification_record" { - count = var.route53_zone != null ? 1 : 0 - zone_id = var.route53_zone - name = "_amazonses.${var.ses_domain}" - type = "TXT" - ttl = "3600" - records = [aws_ses_domain_identity.domain.verification_token] -} - -resource "aws_route53_record" "domain_amazonses_dkim_record" { - count = var.route53_zone != null ? 3 : 0 - zone_id = var.route53_zone - name = "${element(aws_ses_domain_dkim.dkim.dkim_tokens, count.index)}._domainkey.${var.ses_domain}" - type = "CNAME" - ttl = "3600" - records = ["${element(aws_ses_domain_dkim.dkim.dkim_tokens, count.index)}.dkim.amazonses.com"] -} - -resource "aws_route53_record" "domain_amazonses_feedback_mx_record" { - count = (var.route53_zone != null && var.mail_from_domain != null) ? 1 : 0 - - zone_id = var.route53_zone - name = var.mail_from_domain - type = "MX" - records = ["10 feedback-smtp.${var.region}.amazonaws.com"] - ttl = 60 -} - -resource "aws_route53_record" "domain_amazonses_feedback_txt_record" { - count = (var.route53_zone != null && var.mail_from_domain != null) ? 1 : 0 - - zone_id = var.route53_zone - name = var.mail_from_domain - type = "TXT" - records = ["v=spf1 include:amazonses.com ~all"] - ttl = 60 +resource "aws_route53_record" "ses_validation_record" { + count = var.route53_zone != null ? length(local.validation_dns_records) : 0 + zone_id = var.route53_zone + name = validation_dns_records_mailfrom_txt[count.index].name + type = validation_dns_records_mailfrom_txt[count.index].type + records = [ + (validation_dns_records_mailfrom_txt[count.index].type == "MX") ? + "${validation_dns_records_mailfrom_txt[count.index].priority} ${validation_dns_records_mailfrom_txt[count.index].value}" : validation_dns_records_mailfrom_txt[count.index].value + ] } From 9646cf1d2063d8cc336d4f734bb6aff3aab68b5c Mon Sep 17 00:00:00 2001 From: Paris Kasidiaris Date: Thu, 24 Oct 2024 19:20:58 +0300 Subject: [PATCH 2/4] fix: typo --- aws/ses/locals.tf | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/aws/ses/locals.tf b/aws/ses/locals.tf index d912ccf..49e536c 100644 --- a/aws/ses/locals.tf +++ b/aws/ses/locals.tf @@ -13,10 +13,10 @@ locals { } ] validation_dns_records_dkim = [ - for i in range(length(aws_ses_domain_dkim.example.dkim_tokens)) : { - name = "${aws_ses_domain_dkim.example.dkim_tokens[i]}._domainkey.${var.ses_domain}" + for i in range(length(aws_ses_domain_dkim.dkim.dkim_tokens)) : { + name = "${aws_ses_domain_dkim.dkim.dkim_tokens[i]}._domainkey.${var.ses_domain}" type = "CNAME" - value = "${aws_ses_domain_dkim.example.dkim_tokens[i]}.dkim.amazonses.com" + value = "${aws_ses_domain_dkim.dkim.dkim_tokens[i]}.dkim.amazonses.com" priority = null } ] From 4c0e87a9dc5835ed814176a788ae89118c4bb231 Mon Sep 17 00:00:00 2001 From: Paris Kasidiaris Date: Thu, 24 Oct 2024 19:24:06 +0300 Subject: [PATCH 3/4] fix: local references --- aws/ses/route53.tf | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/aws/ses/route53.tf b/aws/ses/route53.tf index 115e3eb..02113b0 100644 --- a/aws/ses/route53.tf +++ b/aws/ses/route53.tf @@ -1,10 +1,10 @@ resource "aws_route53_record" "ses_validation_record" { count = var.route53_zone != null ? length(local.validation_dns_records) : 0 zone_id = var.route53_zone - name = validation_dns_records_mailfrom_txt[count.index].name - type = validation_dns_records_mailfrom_txt[count.index].type + name = local.validation_dns_records_mailfrom_txt[count.index].name + type = local.validation_dns_records_mailfrom_txt[count.index].type records = [ - (validation_dns_records_mailfrom_txt[count.index].type == "MX") ? - "${validation_dns_records_mailfrom_txt[count.index].priority} ${validation_dns_records_mailfrom_txt[count.index].value}" : validation_dns_records_mailfrom_txt[count.index].value + (local.validation_dns_records_mailfrom_txt[count.index].type == "MX") ? + "${local.validation_dns_records_mailfrom_txt[count.index].priority} ${local.validation_dns_records_mailfrom_txt[count.index].value}" : local.validation_dns_records_mailfrom_txt[count.index].value ] } From 26ff4d0d59e2b250cee807b6beacb6a3bc73bb5d Mon Sep 17 00:00:00 2001 From: Paris Kasidiaris Date: Thu, 24 Oct 2024 19:26:48 +0300 Subject: [PATCH 4/4] fix: reference --- aws/ses/route53.tf | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/aws/ses/route53.tf b/aws/ses/route53.tf index 02113b0..9c55a99 100644 --- a/aws/ses/route53.tf +++ b/aws/ses/route53.tf @@ -1,10 +1,11 @@ resource "aws_route53_record" "ses_validation_record" { count = var.route53_zone != null ? length(local.validation_dns_records) : 0 zone_id = var.route53_zone - name = local.validation_dns_records_mailfrom_txt[count.index].name - type = local.validation_dns_records_mailfrom_txt[count.index].type + name = local.validation_dns_records[count.index].name + type = local.validation_dns_records[count.index].type records = [ - (local.validation_dns_records_mailfrom_txt[count.index].type == "MX") ? - "${local.validation_dns_records_mailfrom_txt[count.index].priority} ${local.validation_dns_records_mailfrom_txt[count.index].value}" : local.validation_dns_records_mailfrom_txt[count.index].value + (local.validation_dns_records[count.index].type == "MX") ? + "${local.validation_dns_records[count.index].priority} ${local.validation_dns_records[count.index].value}" : + local.validation_dns_records[count.index].value ] }