Terraform module for managing AWS SES and S3 to receive email and put in S3 bucket. This does not currently do any of the DNS setup.
- S3 bucket
- Bucket policy
- Lifecycle for cleanup
- SES domain
- 1 rule set
- Multiple rules to send mail to S3
module "ses_to_s3" {
source = "notablehealth/ses-to-s3/aws"
# Recommend pinning every module to a specific version
# version = "x.x.x"
name_s3 = var.name_s3
namespace = var.namespace
stage = var.stage
s3_prefix = var.s3_prefix
ses_domain = var.ses_domain
}| Name | Version |
|---|---|
| terraform | >= 1.3.7 |
| aws | >= 4.53.0 |
| Name | Version |
|---|---|
| aws | 4.53.0 |
| Name | Source | Version |
|---|---|---|
| label_s3 | cloudposse/label/null | 0.25.0 |
| label_ses | cloudposse/label/null | 0.25.0 |
| s3_bucket | cloudposse/s3-bucket/aws | 3.0.0 |
| ses | cloudposse/ses/aws | 0.25.0 |
| Name | Type |
|---|---|
| aws_ses_active_receipt_rule_set.s3 | resource |
| aws_ses_receipt_rule.s3 | resource |
| aws_ses_receipt_rule_set.s3 | resource |
| aws_caller_identity.current | data source |
| aws_route53_zone.self | data source |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| name_s3 | S3 bucket name (functional name ONLY) | string |
n/a | yes |
| namespace | Namespace of resources | string |
n/a | yes |
| s3_expiration | Expire current S3 objects in days | number |
14 |
no |
| s3_expiration_noncurrent_days | Expire noncurrent S3 objects in days | number |
1 |
no |
| s3_expiration_noncurrent_versions | Expire noncurrent S3 objects versions (Versions to keep) | number |
1 |
no |
| ses_domain | SES domain | string |
n/a | yes |
| ses_rule_set_name | SES Rule set andm and S3 prefix | string |
n/a | yes |
| ses_rules | SES receipt rules | map(object({ |
n/a | yes |
| stage | Deployment stage of resources | string |
n/a | yes |
| Name | Description |
|---|---|
| s3_bucket_arn | S3 Bucket ARN |
| s3_bucket_domain_name | FQDN of S3 bucket |
| s3_bucket_id | S3 Bucket Name (aka ID) |
| s3_bucket_region | S3 Bucket region |
| ses_dkim_tokens | A list of DKIM Tokens which, when added to the DNS Domain as CNAME records, allows for receivers to verify that emails were indeed authorized by the domain owner. |
| ses_domain_identity_arn | The ARN of the SES domain identity |
| ses_domain_identity_verification_token | A code which when added to the domain as a TXT record will signal to SES that the owner of the domain has authorised SES to act on their behalf. The domain identity will be in state 'verification pending' until this is done. |
| ses_group_name | The IAM group name |
| ses_rules_recipients | SES receipt rules |
| ses_rules_s3_action | SES receipt rules |
| ses_spf_record | The SPF record for the domain. This is a TXT record that should be added to the domain's DNS settings to allow SES to send emails on behalf of the domain. |
| ses_user_arn | SMTP user ARN |
| ses_user_name | SMTP user name |