mooyoul / aws-cdk-ses-domain-identity Goto Github PK
View Code? Open in Web Editor NEWConstructs for provisioning and referencing domain identities which can be used in SES RuleSets and Actions Construct.
License: MIT License
Constructs for provisioning and referencing domain identities which can be used in SES RuleSets and Actions Construct.
License: MIT License
Hi,
I think the DnsValidatedDomainIdentity
class is missing a property for getting the ARN of the created resource, e.g. something like the following:
const sesDomain = new DnsValidatedDomainIdentity(this, `example-domain`, {...});
sesDomain.dnsValidatedDomainIdentityArn #=> arn:aws:ses:eu-central-1:0000000000000:identity/example.com
I like to use this ARN within an iam.PolicyStatement
as a resource to limit the action ses:SendRawEmail
to only the domain I just created.
It can be created manually as only the domain needs to be added, however it would be easier to have this automatism.
There is an error with this repository's Renovate configuration that needs to be fixed. As a precaution, Renovate will stop PRs until it is resolved.
Error type: Cannot find preset's package (@prescott)
So I've got a bit of weird use case where we split inbound/outbound email domains and as such I already have a defined TXT record that should only be appended with the SES supplied value as opposed to being created completely fresh. For now I'm stuck doing this manually due to time constraints but if I get some free time I'll see about extending this for that scenario. Very needed project, can't wait to see this functionality more fleshed out in time.
This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.
These updates are pending. To force PRs open, click the checkbox below.
.github/workflows/main.yml
actions/checkout v4
actions/setup-node v4
lambda-packages/dns-validated-domain-identity-handler/package.json
@prescott/tslint-preset 1.0.1
@types/aws-lambda 8.10.138
@types/jest 29.5.12
@types/nock 11.1.0
@types/node ^20.11.0
@types/sinon 17.0.3
aws-sdk 2.1623.0
jest 29.7.0
nock 13.5.4
sinon 18.0.0
ts-jest 29.1.2
ts-node 10.9.2
tslint 6.1.3
typescript ^5.3.3
package.json
@prescott/commitlint-preset 1.0.9
@prescott/semantic-release-config 1.0.17
@prescott/tslint-preset 1.0.1
@types/jest 29.5.12
@types/node ^20.11.0
aws-cdk-lib 2.142.1
constructs 10.3.0
husky 9.0.11
jest 29.7.0
semantic-release 23.1.1
ts-jest 29.1.2
ts-node 10.9.2
tslint 6.1.3
typescript ^5.3.3
aws-cdk-lib ^2.0.0
constructs ^10.0.0
CDK v2 is the current stable version and requires some minor changes (making use of the new 'constructs' package in particular).
For some reason when using this construct I found myself with my stack in a UPDATE_ROLLBACK_FAILED
state with the DomainIdentityIdentityRequestorResource3CDC595E
having a status of UPDATE_FAILED
with message
Received response status [FAILED] from custom resource.
Message returned:
Invalid request: Expected exactly one of [AliasTarget, all of [TTL, and ResourceRecords], or TrafficPolicyInstanceId], but found none in Change with [Action=DELETE, Name=[random-name].[domain], Type=CNAME, SetIdentifier=null] (RequestId: d6163589-02ac-4729-9d97-895553e364c6)
It looks like maybe the API call has changed and Record.action
needs to be updated?
Hey there,
after waiting for the DKIM verification for quite some time, the Lambdas times out.
After that, CloudFormation tries calling the Lambda again, the Lambda tries settings entries it has already set and fails.
I'm not quite sure how to best approach this (changing the logic of the DKIM Verification, or updating the Lambda to respect entries created in the previous run), however if you've decided on how you'd fix this, I'm happy to open a Pull Request.
As you are probably aware, AWS SDK v2 is not included in the latest Node runtimes. From what I see, the lambda code is still using the v2 version instead of v3, and the custom resource fails to run with the following error:
{
"errorType": "Runtime.ImportModuleError",
"errorMessage": "Error: Cannot find module 'aws-sdk/clients/route53'\nRequire stack:\n- /var/task/verifier.js\n- /var/task/handlers/create.js\n- /var/task/handlers/index.js\n- /var/task/index.js\n- /var/runtime/index.mjs",
"stack": [
"Runtime.ImportModuleError: Error: Cannot find module 'aws-sdk/clients/route53'",
"Require stack:",
"- /var/task/verifier.js",
"- /var/task/handlers/create.js",
"- /var/task/handlers/index.js",
"- /var/task/index.js",
"- /var/runtime/index.mjs",
" at _loadUserApp (file:///var/runtime/index.mjs:1087:17)",
" at async UserFunction.js.module.exports.load (file:///var/runtime/index.mjs:1119:21)",
" at async start (file:///var/runtime/index.mjs:1282:23)",
" at async file:///var/runtime/index.mjs:1288:1"
]
}
As there currently is no way to deploy the construct in the current state, I think a short-term fix would be to provide a 2.1.1 release with Node 16 runtime (as it's still supported until June). A longer-term and simple option would be to bundle the v2 SDK. Finally, the harder option would be a complete upgrade.
I'll see if I can get a PR started for the upgrade.
I am validating the same domain (my.domain.com
) in multiple regions. However, each region tries to create a TXT record for _amazonses.my.domain.com
. The first stack completes successfully, then the second stack (in another region) fails with the following message:
Received response status [FAILED] from custom resource. Message returned: [Tried to create resource record set [name='_amazonses.my.domain.com.', type='TXT'] but it already exists]
AWS docs say to create a multi-value TXT record (here).
I would be happy to submit a PR to handle the situation when a TXT record already exists, adding another value to the record. Let me know if this would be alright.
When deleting the stack, the construct needs to delete its records
The specified hosted zone contains non-required resource record sets and so cannot be deleted. (Service: Route53, Status Code: 400, Request ID: bcd48189-1ac3-4ea3-8976-a264ff567e44, Extended Request ID: null)
Node14 has reached EOL and AWS lambda will stop supporting this runtime on Feb 8, 2024
See: https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html#runtime-support-policy
After this date, lambda functions using NodeJS 14 cannot be created, and shortly after that, functions cannot be updated. We need to bump the version used in this package to NodeJS 18
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.