66 lines
1.8 KiB
HCL
66 lines
1.8 KiB
HCL
# These are our DNS records that will need to be added to our Krystal account
|
|
|
|
# TXT record
|
|
output "verification_record" {
|
|
description = "TXT record required to verify the domain with SES"
|
|
value = {
|
|
name = "_amazonses.${aws_ses_domain_identity.this.domain}"
|
|
type = "TXT"
|
|
value = aws_ses_domain_identity.this.verification_token
|
|
}
|
|
}
|
|
|
|
# DKIM CNAME records
|
|
output "dkim_records" {
|
|
description = "CNAME records required to enable DKIM for SES"
|
|
value = [
|
|
for dkim in aws_ses_domain_dkim.this.dkim_tokens : {
|
|
name = "${dkim}._domainkey.${aws_ses_domain_identity.this.domain}"
|
|
type = "CNAME"
|
|
value = "${dkim}.dkim.amazonses.com"
|
|
}
|
|
]
|
|
}
|
|
|
|
# SMTP credentials - send them to secrets manager
|
|
output "ses_smtp_secret_arn" {
|
|
description = "ARN of the SES SMTP credentials stored in Secrets Manager"
|
|
value = aws_secretsmanager_secret.ses_smtp.arn
|
|
}
|
|
|
|
output "smtp_password" {
|
|
value = aws_iam_access_key.ses_user.ses_smtp_password_v4
|
|
sensitive = true
|
|
description = "SMTP password for SES"
|
|
}
|
|
|
|
output "dns_records" {
|
|
description = "All DNS records required for SES verification and recommended deliverability"
|
|
value = concat(
|
|
[
|
|
{
|
|
name = "_amazonses.${aws_ses_domain_identity.this.domain}"
|
|
type = "TXT"
|
|
value = aws_ses_domain_identity.this.verification_token
|
|
},
|
|
{
|
|
name = var.domain_name
|
|
type = "TXT"
|
|
value = "v=spf1 include:amazonses.com -all"
|
|
},
|
|
{
|
|
name = "_dmarc.${var.domain_name}"
|
|
type = "TXT"
|
|
value = "v=DMARC1; p=quarantine; rua=mailto:postmaster@${var.domain_name}"
|
|
}
|
|
],
|
|
[
|
|
for dkim in aws_ses_domain_dkim.this.dkim_tokens : {
|
|
name = "${dkim}._domainkey.${aws_ses_domain_identity.this.domain}"
|
|
type = "CNAME"
|
|
value = "${dkim}.dkim.amazonses.com"
|
|
}
|
|
]
|
|
)
|
|
}
|
|
|