Amazon Simple Email Service (SES)with Terraform

Allows businesses and developers to send emails at scale. It’s used for sending transactional emails (like order confirmations), marketing emails (like newsletters), and handling incoming emails.

SES is cost-effective, scalable, and integrates with other AWS services, offering high deliverability and robust email analytics.

Key components :

1. Identities

• Domain Identities: Domains that you have verified with SES, allowing you to send emails from any address in that domain.
• Email Address Identities: Individual email addresses that are verified with SES, allowing you to send emails from that specific address.
• Verification: Before you can send emails from a domain or email address, you must verify it to prove ownership. This process involves either adding a DNS record (for domains) or clicking a link in a verification email (for email addresses).

2. Configuration Sets

• Configuration sets are groups of rules that you can apply to the emails you send. They help you manage and track your email sending activities.
• Usage: Configuration sets allow you to specify how SES should handle your emails, including tracking open rates, click rates, and bounces, as well as specifying event destinations like Amazon CloudWatch or Amazon Kinesis Data Firehose for detailed analytics.

3. Dedicated IPs

• Dedicated IPs are IP addresses that are exclusively used by your SES account for sending emails, rather than being shared with other users.
• Benefits: Using dedicated IPs can improve your email deliverability, especially if you send large volumes of email regularly. It allows you to build and maintain your own sending reputation, independent of other users.

4. Email Templates

• Email templates are pre-defined content structures that you can use to standardize and automate your email campaigns.
• Components: They consist of a subject, HTML body, and text body, which can include placeholders for dynamic content. These templates help ensure consistency across your emails and can be used in conjunction with the SES API or the AWS SDK to send personalized emails at scale.

5. Suppression List

• A suppression list is a list of email addresses that you don’t want to send emails to, either because they’ve previously unsubscribed, marked your emails as spam, or bounced.
• Purpose: It helps maintain a clean sending list by preventing emails from being sent to invalid or unresponsive addresses, which can improve deliverability and sender reputation.

6. Cross-Account Notifications

• Cross-account notifications allow SES to send notifications (such as bounce, complaint, or delivery notifications) to SNS topics that belong to a different AWS account.
• Usage: This feature is useful in scenarios where different teams or departments manage different aspects of email sending and monitoring, allowing them to receive notifications in their respective accounts.

7. Email Receiving

• AWS SES can not only send emails but also receive them. You can set up rules to handle incoming emails and route them to an S3 bucket, trigger a Lambda function, or publish them to an SNS topic.
• Use Cases: Email receiving can be used for processing incoming support tickets, managing newsletters, handling automated replies, and more.

#configuration setting 

resource "aws_ses_configuration_set" "config_set" {

  name = var.configuration_set_name #"config_set"
  reputation_metrics_enabled = var.reputation_metrics_enabled # Amazon CloudWatch metric. The default value is false
  sending_enabled = var.sending_enabled # email sending is enabled or disabled for the configuration set. The default value is true.
  
  delivery_options {
    tls_policy = "Require"  #If the value is Optional, messages can be delivered in plain text if a TLS connection can't be established. 
  }

  tracking_options {
    custom_redirect_domain = var.custom_redirect_domain #   "sub.example.com"
  }

}

#Domain identity

resource "aws_ses_domain_identity" "domain_identity" {
  domain = var.domain_name
}

#dkim identity -  DomainKeys Identified Mail

resource "aws_ses_domain_dkim" "dkim_identity" {
  domain = aws_ses_domain_identity.domain_identity.domain
}

#route53

resource "aws_route53_record" "amazonses_dkim_record" {
  count = var.dkim_record_count
  zone_id = var.dkim_record_zone_id
  name = "${aws_ses_domain_dkim.dkim_identity.dkim_tokens[count.index]}._domainkey"
  type = var.dkim_record_type
  ttl = var.dkim_record_ttl
  records = ["${aws_ses_domain_dkim.dkim_identity.dkim_tokens[count.index]}.dkim.amazonses.com"]
}

#domain_identity_verification

resource "aws_ses_domain_identity_verification" "domain_identity_verification" {
  domain = aws_ses_domain_identity.domain_identity.id

  depends_on = [aws_route53_record.amazonses_dkim_record]
}

output.tf

output "ses_configuration_set_name" {
  description = "The name of the SES configuration set"
  value       = aws_ses_configuration_set.config_set.name
}

output "ses_domain_identity_arn" {
  description = "The ARN of the SES domain identity"
  value       = aws_ses_domain_identity.domain_identity.arn
}

output "dkim_tokens" {
  description = "The DKIM tokens for the domain"
  value       = aws_ses_domain_dkim.dkim_identity.dkim_tokens
}

output "route53_dkim_records" {
  description = "The DKIM CNAME records created in Route 53"
  value       = [for record in aws_route53_record.amazonses_dkim_record : record.fqdn]
}

output "domain_verification_status" {
  description = "The status of the SES domain identity verification"
  value       = aws_ses_domain_identity_verification.domain_identity_verification.id
}

variable.tf

variable "configuration_set_name" {
  type = string
}

variable "reputation_metrics_enabled" {
  type    = bool
  default = false
}

variable "sending_enabled" {
  type    = bool
  default = true
}

variable "custom_redirect_domain" {
  type = string
}

variable "domain_name" {
  type = string
}

variable "dkim_record_count" {
  type = number
}

variable "dkim_record_zone_id" {
  type = string
}

variable "dkim_record_type" {
  type = string
}

variable "dkim_record_ttl" {
  type = number
}

If you found this guide helpful then do click on 👏 the button.

Follow for more Learning like this 😊

If there’s a specific topic you’re curious about, feel free to drop a personal note or comment. I’m here to help you explore whatever interests you!

Thanks for spending your valuable time learning to enhance your knowledge!