provider/aws: Implement aws_ses_domain_identity (#13098)
* provider/aws: New resource: aws_ses_domain_identity Provide a resource to manage domain identities in SES. Exports the verification_code attribute which can be used to add the TXT record to the domain to complete the domain verification. * provider/aws: Acceptance tests for aws_ses_domain_identity * Resource aws_ses_domain_identity: Documentation update Provide documentation for the new resource type.
This commit is contained in:
parent
173bf10e7b
commit
0c4c578552
|
@ -386,6 +386,7 @@ func Provider() terraform.ResourceProvider {
|
|||
"aws_route_table": resourceAwsRouteTable(),
|
||||
"aws_route_table_association": resourceAwsRouteTableAssociation(),
|
||||
"aws_ses_active_receipt_rule_set": resourceAwsSesActiveReceiptRuleSet(),
|
||||
"aws_ses_domain_identity": resourceAwsSesDomainIdentity(),
|
||||
"aws_ses_receipt_filter": resourceAwsSesReceiptFilter(),
|
||||
"aws_ses_receipt_rule": resourceAwsSesReceiptRule(),
|
||||
"aws_ses_receipt_rule_set": resourceAwsSesReceiptRuleSet(),
|
||||
|
|
|
@ -0,0 +1,99 @@
|
|||
package aws
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"log"
|
||||
|
||||
"github.com/aws/aws-sdk-go/aws"
|
||||
"github.com/aws/aws-sdk-go/service/ses"
|
||||
"github.com/hashicorp/terraform/helper/schema"
|
||||
)
|
||||
|
||||
func resourceAwsSesDomainIdentity() *schema.Resource {
|
||||
return &schema.Resource{
|
||||
Create: resourceAwsSesDomainIdentityCreate,
|
||||
Read: resourceAwsSesDomainIdentityRead,
|
||||
Delete: resourceAwsSesDomainIdentityDelete,
|
||||
Importer: &schema.ResourceImporter{
|
||||
State: schema.ImportStatePassthrough,
|
||||
},
|
||||
|
||||
Schema: map[string]*schema.Schema{
|
||||
"domain": &schema.Schema{
|
||||
Type: schema.TypeString,
|
||||
Required: true,
|
||||
ForceNew: true,
|
||||
},
|
||||
|
||||
"verification_token": &schema.Schema{
|
||||
Type: schema.TypeString,
|
||||
Computed: true,
|
||||
},
|
||||
},
|
||||
}
|
||||
}
|
||||
|
||||
func resourceAwsSesDomainIdentityCreate(d *schema.ResourceData, meta interface{}) error {
|
||||
conn := meta.(*AWSClient).sesConn
|
||||
|
||||
domainName := d.Get("domain").(string)
|
||||
|
||||
createOpts := &ses.VerifyDomainIdentityInput{
|
||||
Domain: aws.String(domainName),
|
||||
}
|
||||
|
||||
_, err := conn.VerifyDomainIdentity(createOpts)
|
||||
if err != nil {
|
||||
return fmt.Errorf("Error requesting SES domain identity verification: %s", err)
|
||||
}
|
||||
|
||||
d.SetId(domainName)
|
||||
|
||||
return resourceAwsSesDomainIdentityRead(d, meta)
|
||||
}
|
||||
|
||||
func resourceAwsSesDomainIdentityRead(d *schema.ResourceData, meta interface{}) error {
|
||||
conn := meta.(*AWSClient).sesConn
|
||||
|
||||
domainName := d.Id()
|
||||
d.Set("domain", domainName)
|
||||
|
||||
readOpts := &ses.GetIdentityVerificationAttributesInput{
|
||||
Identities: []*string{
|
||||
aws.String(domainName),
|
||||
},
|
||||
}
|
||||
|
||||
response, err := conn.GetIdentityVerificationAttributes(readOpts)
|
||||
if err != nil {
|
||||
log.Printf("[WARN] Error fetching identity verification attributes for %s: %s", d.Id(), err)
|
||||
return err
|
||||
}
|
||||
|
||||
verificationAttrs, ok := response.VerificationAttributes[domainName]
|
||||
if !ok {
|
||||
log.Printf("[WARN] Domain not listed in response when fetching verification attributes for %s", d.Id())
|
||||
d.SetId("")
|
||||
return nil
|
||||
}
|
||||
|
||||
d.Set("verification_token", verificationAttrs.VerificationToken)
|
||||
return nil
|
||||
}
|
||||
|
||||
func resourceAwsSesDomainIdentityDelete(d *schema.ResourceData, meta interface{}) error {
|
||||
conn := meta.(*AWSClient).sesConn
|
||||
|
||||
domainName := d.Get("domain").(string)
|
||||
|
||||
deleteOpts := &ses.DeleteIdentityInput{
|
||||
Identity: aws.String(domainName),
|
||||
}
|
||||
|
||||
_, err := conn.DeleteIdentity(deleteOpts)
|
||||
if err != nil {
|
||||
return fmt.Errorf("Error deleting SES domain identity: %s", err)
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
|
@ -0,0 +1,100 @@
|
|||
package aws
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"testing"
|
||||
|
||||
"github.com/aws/aws-sdk-go/aws"
|
||||
"github.com/aws/aws-sdk-go/service/ses"
|
||||
"github.com/hashicorp/terraform/helper/acctest"
|
||||
"github.com/hashicorp/terraform/helper/resource"
|
||||
"github.com/hashicorp/terraform/terraform"
|
||||
)
|
||||
|
||||
func TestAccAwsSESDomainIdentity_basic(t *testing.T) {
|
||||
resource.Test(t, resource.TestCase{
|
||||
PreCheck: func() {
|
||||
testAccPreCheck(t)
|
||||
},
|
||||
Providers: testAccProviders,
|
||||
CheckDestroy: testAccCheckAwsSESDomainIdentityDestroy,
|
||||
Steps: []resource.TestStep{
|
||||
resource.TestStep{
|
||||
Config: fmt.Sprintf(
|
||||
testAccAwsSESDomainIdentityConfig,
|
||||
acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum),
|
||||
),
|
||||
Check: resource.ComposeTestCheckFunc(
|
||||
testAccCheckAwsSESDomainIdentityExists("aws_ses_domain_identity.test"),
|
||||
),
|
||||
},
|
||||
},
|
||||
})
|
||||
}
|
||||
|
||||
func testAccCheckAwsSESDomainIdentityDestroy(s *terraform.State) error {
|
||||
conn := testAccProvider.Meta().(*AWSClient).sesConn
|
||||
|
||||
for _, rs := range s.RootModule().Resources {
|
||||
if rs.Type != "aws_ses_domain_identity" {
|
||||
continue
|
||||
}
|
||||
|
||||
domain := rs.Primary.ID
|
||||
params := &ses.GetIdentityVerificationAttributesInput{
|
||||
Identities: []*string{
|
||||
aws.String(domain),
|
||||
},
|
||||
}
|
||||
|
||||
response, err := conn.GetIdentityVerificationAttributes(params)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
if response.VerificationAttributes[domain] != nil {
|
||||
return fmt.Errorf("SES Domain Identity %s still exists. Failing!", domain)
|
||||
}
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func testAccCheckAwsSESDomainIdentityExists(n string) resource.TestCheckFunc {
|
||||
return func(s *terraform.State) error {
|
||||
rs, ok := s.RootModule().Resources[n]
|
||||
if !ok {
|
||||
return fmt.Errorf("SES Domain Identity not found: %s", n)
|
||||
}
|
||||
|
||||
if rs.Primary.ID == "" {
|
||||
return fmt.Errorf("SES Domain Identity name not set")
|
||||
}
|
||||
|
||||
domain := rs.Primary.ID
|
||||
conn := testAccProvider.Meta().(*AWSClient).sesConn
|
||||
|
||||
params := &ses.GetIdentityVerificationAttributesInput{
|
||||
Identities: []*string{
|
||||
aws.String(domain),
|
||||
},
|
||||
}
|
||||
|
||||
response, err := conn.GetIdentityVerificationAttributes(params)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
if response.VerificationAttributes[domain] == nil {
|
||||
return fmt.Errorf("SES Domain Identity %s not found in AWS", domain)
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
||||
const testAccAwsSESDomainIdentityConfig = `
|
||||
resource "aws_ses_domain_identity" "test" {
|
||||
domain = "%s.terraformtesting.com"
|
||||
}
|
||||
`
|
|
@ -92,6 +92,7 @@ To make a resource importable, please see the
|
|||
* aws_route_table
|
||||
* aws_s3_bucket
|
||||
* aws_security_group
|
||||
* aws_ses_domain_identity
|
||||
* aws_ses_receipt_filter
|
||||
* aws_ses_receipt_rule_set
|
||||
* aws_simpledb_domain
|
||||
|
|
|
@ -0,0 +1,46 @@
|
|||
---
|
||||
layout: "aws"
|
||||
page_title: "AWS: ses_domain_identity"
|
||||
sidebar_current: "docs-aws-resource-ses-domain-identity"
|
||||
description: |-
|
||||
Provides an SES domain identity resource
|
||||
---
|
||||
|
||||
# aws\_ses\_domain_identity
|
||||
|
||||
Provides an SES domain identity resource
|
||||
|
||||
## Argument Reference
|
||||
|
||||
The following arguments are supported:
|
||||
|
||||
* `domain` - (Required) The domain name to assign to SES
|
||||
|
||||
## Attributes Reference
|
||||
|
||||
The following attributes are exported:
|
||||
|
||||
* `verification_token` - A code which when added to the domain as a TXT record
|
||||
will signal to SES that the owner of the domain has authorised SES to act on
|
||||
their behalf. The domain identity will be in state "verification pending"
|
||||
until this is done. See below for an example of how this might be achieved
|
||||
when the domain is hosted in Route 53 and managed by Terraform. Find out
|
||||
more about verifying domains in Amazon SES in the [AWS SES
|
||||
docs](http://docs.aws.amazon.com/ses/latest/DeveloperGuide/verify-domains.html).
|
||||
|
||||
## Example Usage
|
||||
|
||||
```
|
||||
resource "aws_ses_domain_identity" "example" {
|
||||
domain = "example.com"
|
||||
}
|
||||
|
||||
resource "aws_route53_record" "example_amazonses_verification_record" {
|
||||
zone_id = "ABCDEFGHIJ123"
|
||||
name = "_amazonses.example.com"
|
||||
type = "TXT"
|
||||
ttl = "600"
|
||||
records = ["${aws_ses_domain_identity.example.verification_token}"]
|
||||
}
|
||||
```
|
||||
|
|
@ -1127,6 +1127,10 @@
|
|||
<a href="/docs/providers/aws/r/ses_active_receipt_rule_set.html">aws_ses_active_receipt_rule_set</a>
|
||||
</li>
|
||||
|
||||
<li<%= sidebar_current("docs-aws-resource-ses-domain-identity") %>>
|
||||
<a href="/docs/providers/aws/r/ses_domain_identity.html">aws_ses_domain_identity</a>
|
||||
</li>
|
||||
|
||||
<li<%= sidebar_current("docs-aws-resource-ses-receipt-filter") %>>
|
||||
<a href="/docs/providers/aws/r/ses_receipt_filter.html">aws_ses_receipt_filter</a>
|
||||
</li>
|
||||
|
|
Loading…
Reference in New Issue