[AWS][Terraform]SESの設定を自動化してみた

[AWS][Terraform]Cloudfrontを自動化してみた

出ましたterraformの自動化してみたシリーズ！！😋
前回(上記)はなんと2017/08/26とかあれから1年経ってる！(ひさしぶりか!)
また毎度のようにterraformのドキュメントが分かりづらいので、
今回はSESをterraformで実装してみました。

■aws_ses_domain_identity

https://www.terraform.io/docs/providers/aws/r/ses_domain_identity.html

とりあえず適当にadachin.comでメール受信できればOK!

■aws_ses.tf

provider "aws" {
  access_key = "${var.aws_access_key}"
  secret_key = "${var.aws_secret_key}"
  alias      = "us-east-1"
  region     = "us-east-1"
}

resource "aws_ses_domain_identity" "adachin-ses" {
  provider = "aws.us-east-1"
  domain   = "adachin.com"
}

resource "aws_route53_record" "adachin-ses-verification-record" {
  provider = "aws.us-east-1"
  zone_id  = "${aws_route53_zone.adachin-com.id}"
  name     = "_amazonses.${aws_ses_domain_identity.adachin-ses.id}"
  type     = "TXT"
  ttl      = "600"
  records  = ["${aws_ses_domain_identity.adachin-ses.verification_token}"]
}

resource "aws_ses_domain_identity_verification" "adachin-ses-identify-verification" {
  provider = "aws.us-east-1"
  domain   = "${aws_ses_domain_identity.adachin-ses.id}"

  depends_on = ["aws_route53_record.adachin-ses-verification-record"]
}

resource "aws_ses_domain_dkim" "adachin-domain-dkim" {
  provider = "aws.us-east-1"
  domain   = "${aws_ses_domain_identity.adachin-ses.domain}"
}

resource "aws_route53_record" "adachin-ses-amazonses-verification-record" {
  provider = "aws.us-east-1"
  count    = 3
  zone_id  = "${aws_route53_zone.adachin-com.id}"
  name     = "${element(aws_ses_domain_dkim.adachin-domain-dkim.dkim_tokens, count.index)}._domainkey.adachin.com"
  type     = "CNAME"
  ttl      = "600"
  records  = ["${element(aws_ses_domain_dkim.adachin-domain-dkim.dkim_tokens, count.index)}.dkim.amazonses.com"]
}

provider "aws" {

access_key = "${var.aws_access_key}"

secret_key = "${var.aws_secret_key}"

alias = "us-east-1"

region = "us-east-1"

}

resource "aws_ses_domain_identity" "adachin-ses" {

provider = "aws.us-east-1"

domain = "adachin.com"

}

resource "aws_route53_record" "adachin-ses-verification-record" {

provider = "aws.us-east-1"

zone_id = "${aws_route53_zone.adachin-com.id}"

name = "_amazonses.${aws_ses_domain_identity.adachin-ses.id}"

type = "TXT"

ttl = "600"

records = ["${aws_ses_domain_identity.adachin-ses.verification_token}"]

}

resource "aws_ses_domain_identity_verification" "adachin-ses-identify-verification" {

provider = "aws.us-east-1"

domain = "${aws_ses_domain_identity.adachin-ses.id}"

depends_on = ["aws_route53_record.adachin-ses-verification-record"]

}

resource "aws_ses_domain_dkim" "adachin-domain-dkim" {

provider = "aws.us-east-1"

domain = "${aws_ses_domain_identity.adachin-ses.domain}"

}

resource "aws_route53_record" "adachin-ses-amazonses-verification-record" {

provider = "aws.us-east-1"

count = 3

zone_id = "${aws_route53_zone.adachin-com.id}"

name = "${element(aws_ses_domain_dkim.adachin-domain-dkim.dkim_tokens, count.index)}._domainkey.adachin.com"

type = "CNAME"

ttl = "600"

records = ["${element(aws_ses_domain_dkim.adachin-domain-dkim.dkim_tokens, count.index)}.dkim.amazonses.com"]

}

とりあえずレコード(TXT,CNAME)とDKIMの設定を自動化しています。
SESはTokyoリージョンが使えないのでproviderでus-east-1を指定しています。

■Route53

resource "aws_route53_zone" "adachin-com" {
  name = "adachin.com"
}

resource "aws_route53_record" "mx-record-primary" {
  zone_id = "${aws_route53_zone.adachin-com.id}"
  name    = "adachin.com"
  type    = "MX"
  ttl     = "60"
  records = ["10 xxxxxxxxxxxsv.jp"]
}

resource "aws_route53_zone" "adachin-com" {

name = "adachin.com"

}

resource "aws_route53_record" "mx-record-primary" {

zone_id = "${aws_route53_zone.adachin-com.id}"

name = "adachin.com"

type = "MX"

ttl = "60"

records = ["10 xxxxxxxxxxxsv.jp"]

}

Route53では転送設定でメールが受信できるようMXレコードを追記します。

$ terraform apply！！！！！

terraformによりレコードが追加されてます！！👍
メールも受信できてました！！！

■まとめ

terraformやっぱ神！！😎

Pocket

[AWS][Terraform]SESの設定を自動化してみた

投稿者: あだちん投稿日: 2018/10/232018/10/23

■aws_ses_domain_identity

■aws_ses.tf

■Route53

$ terraform apply！！！！！

■まとめ

あだちん

コメントを残すコメントをキャンセル

AWS

[AWS][Python]CloudWatch LogsをLambdaで定期的にS3へエキスポートする

AWS

[Bastion server]Google Authenticatorによる2段階認証とSSH鍵認証を踏み台サーバで実装する

Ansible

[AWS][ansible]Amazon Linux2にEPEL/remiでPHPをインストールするのにハマったお話

[AWS][Terraform]SESの設定を自動化してみた

投稿者: あだちん 投稿日: 2018/10/232018/10/23

■aws_ses_domain_identity

■aws_ses.tf

■Route53

$ terraform apply！！！！！

■まとめ

関連記事

あだちん

コメントを残す コメントをキャンセル

関連記事

AWS

[AWS][Python]CloudWatch LogsをLambdaで定期的にS3へエキスポートする

AWS

[Bastion server]Google Authenticatorによる2段階認証とSSH鍵認証を踏み台サーバで実装する

Ansible

[AWS][ansible]Amazon Linux2にEPEL/remiでPHPをインストールするのにハマったお話

投稿者: あだちん投稿日: 2018/10/232018/10/23

コメントを残すコメントをキャンセル