LoginSignup
22
14

More than 3 years have passed since last update.

@okb_m

terraformでSESを設定する

Last updated at Posted at 2018-10-20

terraformでSESを設定するやり方があんまりなかったので、書き残しておきます。

追記

https://aws.amazon.com/jp/blogs/news/amazon-ses-tokyo/
東京リージョンでSESできたみたいです

前提

  • EC2などアプリ自体は東京(ap-northeast-1)で動かす
  • SESは東京にはないので、別リージョンで動かす
    • 今回はオレゴン(us-west-2)で動かした

環境は以下の通りです

$ terraform -v
Terraform v0.11.8
+ provider.aws v1.29.0

terraformの変数設定

variables.tf
variable "access_key" {}
variable "secret_key" {}
variable "region" {
  default = "ap-northeast-1"
}
variable "aws_web_domain" {}
variable "ssh_key_name" {}
variable "ssh_public_key_path" {}
variable "ssh_private_key_path" {}
terraform.tfvars
access_key = "xxx"
secret_key = "xxx"
region = "ap-northeast-1"
aws_web_domain = "xxx"
ssh_key_name = "xxx"
ssh_public_key_path = "~/.ssh/xxx.pub"
ssh_private_key_path = "~/.ssh/xxx"
main.tf
terraform {
  required_version = "= 0.11.8"
}

provider "aws" {
  access_key = "${var.access_key}"
  secret_key = "${var.secret_key}"
  region     = "${var.region}"
}

# sesはtokyoにはないので、別リージョンを用意
provider "aws" {
  alias  = "west"
  region = "us-west-2"
}

resource "aws_key_pair" "auth" {
  key_name   = "${var.ssh_key_name}"
  public_key = "${file(var.ssh_public_key_path)}"
}
route53.tf
resource "aws_route53_zone" "primary" {
  name = "${var.aws_web_domain}"
}
ses.tf
resource "aws_ses_domain_identity" "ses" {
  domain = "${var.aws_web_domain}"
  provider = "aws.west" # providerを指定して別リージョンにする
}

resource "aws_route53_record" "ses_record" {
  zone_id = "${aws_route53_zone.primary.zone_id}"
  name    = "_amazonses.${aws_route53_zone.primary.name}"
  type    = "TXT"
  ttl     = "600"
  records = ["${aws_ses_domain_identity.ses.verification_token}"]
}

resource "aws_ses_domain_dkim" "dkim" {
  domain = "${var.aws_web_domain}"
  provider = "aws.west"
}

resource "aws_route53_record" "dkim_record" {
  count   = 3
  zone_id = "${aws_route53_zone.primary.zone_id}"
  name    = "${element(aws_ses_domain_dkim.dkim.dkim_tokens, count.index)}._domainkey.${aws_route53_zone.primary.name}"
  type    = "CNAME"
  ttl     = "600"
  records = ["${element(aws_ses_domain_dkim.dkim.dkim_tokens, count.index)}.dkim.amazonses.com"]
}

以上。

あとは Amazon SES サンドボックス外への移動 - Amazon Simple Email Service からサンドボックスを解除する

22
14
0

Register as a new user and use Qiita more conveniently

  1. You get articles that match your needs
  2. You can efficiently read back useful information
  3. You can use dark theme
What you can do with signing up
Sign upLogin
22
14