-
-
Notifications
You must be signed in to change notification settings - Fork 41
/
ses.tf
61 lines (48 loc) · 1.7 KB
/
ses.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
////////////////////////////////////////////////////[ AMAZON SIMPLE EMAIL SERVICE ]///////////////////////////////////////
# # ---------------------------------------------------------------------------------------------------------------------#
# Create SES user credentials, Configuration Set to stream SES metrics to CloudWatch
# # ---------------------------------------------------------------------------------------------------------------------#
resource "aws_iam_user" "ses_smtp_user" {
name = "${local.project}-ses-smtp-user"
}
resource "aws_ses_email_identity" "ses_email_identity" {
email = "${var.app["admin_email"]}"
}
resource "aws_iam_user_policy" "ses_smtp_user_policy" {
name = "${local.project}-ses-smtp-user-policy"
user = aws_iam_user.ses_smtp_user.name
policy = jsonencode({
Version : "2012-10-17",
Statement : [
{
Effect : "Allow",
Action : [
"ses:SendEmail",
"ses:SendRawEmail"
],
Resource : "*"
}
]
})
}
resource "aws_iam_access_key" "ses_smtp_user_access_key" {
user = aws_iam_user.ses_smtp_user.name
}
resource "aws_ses_configuration_set" "this" {
name = "${local.project}-ses-events"
reputation_metrics_enabled = true
delivery_options {
tls_policy = "Require"
}
}
resource "aws_ses_event_destination" "cloudwatch" {
name = "${local.project}-ses-event-destination-cloudwatch"
configuration_set_name = aws_ses_configuration_set.this.name
enabled = true
matching_types = ["bounce", "send", "complaint", "delivery"]
cloudwatch_destination {
default_value = "default"
dimension_name = "dimension"
value_source = "emailHeader"
}
}