Ses domain identity - Githubissues

sntxrr commented 2 years ago

fulfilling the prereq listed in https://technotrampoline.com/articles/configuring-spf-dkim-and-dmarc-for-aws-ses-with-terraform/

github-actions[bot] commented 2 years ago

Terraform Format and Style 🖌``

Terraform Initialization ⚙️`success`

Terraform Plan 📖`success`

Terraform Validation 🤖`success`

Show Plan

``` terraform data.aws_vpc.vpc: Reading... data.aws_vpc.vpc: Read complete after 2s [id=vpc-231ecb46] Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: + create Terraform will perform the following actions: # aws_db_instance.osem will be created + resource "aws_db_instance" "osem" { + address = (known after apply) + allocated_storage = 30 + apply_immediately = (known after apply) + arn = (known after apply) + auto_minor_version_upgrade = true + availability_zone = (known after apply) + backup_retention_period = 7 + backup_window = (known after apply) + ca_cert_identifier = (known after apply) + character_set_name = (known after apply) + copy_tags_to_snapshot = false + db_subnet_group_name = "osem" + delete_automated_backups = true + endpoint = (known after apply) + engine = "mariadb" + engine_version = "10.6.7" + engine_version_actual = (known after apply) + hosted_zone_id = (known after apply) + id = (known after apply) + identifier = (known after apply) + identifier_prefix = (known after apply) + instance_class = "db.m5.large" + kms_key_id = (known after apply) + latest_restorable_time = (known after apply) + license_model = (known after apply) + maintenance_window = (known after apply) + max_allocated_storage = 100 + monitoring_interval = 0 + monitoring_role_arn = (known after apply) + multi_az = (known after apply) + name = "osem" + nchar_character_set_name = (known after apply) + option_group_name = (known after apply) + parameter_group_name = "default.mariadb10.6" + password = (sensitive value) + performance_insights_enabled = false + performance_insights_kms_key_id = (known after apply) + performance_insights_retention_period = (known after apply) + port = (known after apply) + publicly_accessible = false + replicas = (known after apply) + resource_id = (known after apply) + skip_final_snapshot = true + snapshot_identifier = (known after apply) + status = (known after apply) + storage_encrypted = true + storage_type = (known after apply) + tags_all = (known after apply) + timezone = (known after apply) + username = "osem" + vpc_security_group_ids = (known after apply) } # aws_db_subnet_group.osem will be created + resource "aws_db_subnet_group" "osem" { + arn = (known after apply) + description = "Managed by Terraform" + id = (known after apply) + name = "osem" + name_prefix = (known after apply) + subnet_ids = [ + "subnet-5a826503", + "subnet-8b7adbee", + "subnet-d507c0a2", ] + tags_all = (known after apply) } # aws_route53_record.seagl_amazonses_verification_record will be created + resource "aws_route53_record" "seagl_amazonses_verification_record" { + allow_overwrite = (known after apply) + fqdn = (known after apply) + id = (known after apply) + name = "_amazonses.seagl.org" + records = (known after apply) + ttl = 600 + type = "TXT" + zone_id = "Z0173878287JIU5M4KB8R" } # aws_s3_bucket.state will be created + resource "aws_s3_bucket" "state" { + acceleration_status = (known after apply) + acl = "private" + arn = (known after apply) + bucket = "seagl-terraform" + bucket_domain_name = (known after apply) + bucket_regional_domain_name = (known after apply) + force_destroy = false + hosted_zone_id = (known after apply) + id = (known after apply) + object_lock_enabled = (known after apply) + region = (known after apply) + request_payer = (known after apply) + tags_all = (known after apply) + website_domain = (known after apply) + website_endpoint = (known after apply) + object_lock_configuration { + object_lock_enabled = (known after apply) + rule { + default_retention { + days = (known after apply) + mode = (known after apply) + years = (known after apply) } } } + versioning { + enabled = (known after apply) + mfa_delete = (known after apply) } } # aws_s3_bucket_acl.state will be created + resource "aws_s3_bucket_acl" "state" { + acl = "private" + bucket = (known after apply) + id = (known after apply) + access_control_policy { + grant { + permission = (known after apply) + grantee { + display_name = (known after apply) + email_address = (known after apply) + id = (known after apply) + type = (known after apply) + uri = (known after apply) } } + owner { + display_name = (known after apply) + id = (known after apply) } } } # aws_s3_bucket_public_access_block.state will be created + resource "aws_s3_bucket_public_access_block" "state" { + block_public_acls = true + block_public_policy = true + bucket = (known after apply) + id = (known after apply) + ignore_public_acls = true + restrict_public_buckets = true } # aws_s3_bucket_versioning.state will be created + resource "aws_s3_bucket_versioning" "state" { + bucket = (known after apply) + id = (known after apply) + versioning_configuration { + mfa_delete = (known after apply) + status = "Enabled" } } # aws_secretsmanager_secret.osem-db-pass will be created + resource "aws_secretsmanager_secret" "osem-db-pass" { + arn = (known after apply) + force_overwrite_replica_secret = false + id = (known after apply) + name = "db-pass-osem" + name_prefix = (known after apply) + policy = (known after apply) + recovery_window_in_days = 30 + rotation_enabled = (known after apply) + rotation_lambda_arn = (known after apply) + tags_all = (known after apply) + replica { + kms_key_id = (known after apply) + last_accessed_date = (known after apply) + region = (known after apply) + status = (known after apply) + status_message = (known after apply) } + rotation_rules { + automatically_after_days = (known after apply) } } # aws_secretsmanager_secret_version.osem-db-pass-val will be created + resource "aws_secretsmanager_secret_version" "osem-db-pass-val" { + arn = (known after apply) + id = (known after apply) + secret_id = (known after apply) + secret_string = (sensitive value) + version_id = (known after apply) + version_stages = (known after apply) } # aws_security_group.osem_rds_security_group will be created + resource "aws_security_group" "osem_rds_security_group" { + arn = (known after apply) + description = "Private SG for OSEM RDS" + egress = (known after apply) + id = (known after apply) + ingress = (known after apply) + name = "osem-private-sg" + name_prefix = (known after apply) + owner_id = (known after apply) + revoke_rules_on_delete = false + tags = { + "ManagedBy" = "terraform" + "Name" = "osem--private-sg" + "Role" = "private" } + tags_all = { + "ManagedBy" = "terraform" + "Name" = "osem--private-sg" + "Role" = "private" } + vpc_id = "vpc-231ecb46" } # aws_security_group_rule.private_in will be created + resource "aws_security_group_rule" "private_in" { + cidr_blocks = [ + "172.31.0.0/16", ] + from_port = 3306 + id = (known after apply) + protocol = "-1" + security_group_id = (known after apply) + self = false + source_security_group_id = (known after apply) + to_port = 3306 + type = "ingress" } # aws_security_group_rule.private_out will be created + resource "aws_security_group_rule" "private_out" { + cidr_blocks = [ + "0.0.0.0/0", ] + from_port = 0 + id = (known after apply) + protocol = "-1" + security_group_id = (known after apply) + self = false + source_security_group_id = (known after apply) + to_port = 0 + type = "egress" } # aws_ses_domain_identity.seagl will be created + resource "aws_ses_domain_identity" "seagl" { + arn = (known after apply) + domain = "seagl.org" + id = (known after apply) + verification_token = (known after apply) } # random_password.osem_db_master_pass will be created + resource "random_password" "osem_db_master_pass" { + bcrypt_hash = (sensitive value) + id = (known after apply) + keepers = { + "pass_version" = "1" } + length = 40 + lower = true + min_lower = 0 + min_numeric = 0 + min_special = 5 + min_upper = 0 + number = true + override_special = "!#$%^&*()-_=+[]{}<>:?" + result = (sensitive value) + special = true + upper = true } Plan: 14 to add, 0 to change, 0 to destroy. ───────────────────────────────────────────────────────────────────────────── Note: You didn't use the -out option to save this plan, so Terraform can't guarantee to take exactly these actions if you run "terraform apply" now. ```

Pushed by: @sntxrr, Action: pull_request

github-actions[bot] commented 2 years ago

Terraform Format and Style 🖌``

Terraform Initialization ⚙️`success`

Terraform Plan 📖`success`

Terraform Validation 🤖`success`

Show Plan

``` terraform data.aws_vpc.vpc: Reading... data.aws_vpc.vpc: Read complete after 2s [id=vpc-231ecb46] Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: + create Terraform will perform the following actions: # aws_db_instance.osem will be created + resource "aws_db_instance" "osem" { + address = (known after apply) + allocated_storage = 30 + apply_immediately = (known after apply) + arn = (known after apply) + auto_minor_version_upgrade = true + availability_zone = (known after apply) + backup_retention_period = 7 + backup_window = (known after apply) + ca_cert_identifier = (known after apply) + character_set_name = (known after apply) + copy_tags_to_snapshot = false + db_subnet_group_name = "osem" + delete_automated_backups = true + endpoint = (known after apply) + engine = "mariadb" + engine_version = "10.6.7" + engine_version_actual = (known after apply) + hosted_zone_id = (known after apply) + id = (known after apply) + identifier = (known after apply) + identifier_prefix = (known after apply) + instance_class = "db.m5.large" + kms_key_id = (known after apply) + latest_restorable_time = (known after apply) + license_model = (known after apply) + maintenance_window = (known after apply) + max_allocated_storage = 100 + monitoring_interval = 0 + monitoring_role_arn = (known after apply) + multi_az = (known after apply) + name = "osem" + nchar_character_set_name = (known after apply) + option_group_name = (known after apply) + parameter_group_name = "default.mariadb10.6" + password = (sensitive value) + performance_insights_enabled = false + performance_insights_kms_key_id = (known after apply) + performance_insights_retention_period = (known after apply) + port = (known after apply) + publicly_accessible = false + replicas = (known after apply) + resource_id = (known after apply) + skip_final_snapshot = true + snapshot_identifier = (known after apply) + status = (known after apply) + storage_encrypted = true + storage_type = (known after apply) + tags_all = (known after apply) + timezone = (known after apply) + username = "osem" + vpc_security_group_ids = (known after apply) } # aws_db_subnet_group.osem will be created + resource "aws_db_subnet_group" "osem" { + arn = (known after apply) + description = "Managed by Terraform" + id = (known after apply) + name = "osem" + name_prefix = (known after apply) + subnet_ids = [ + "subnet-5a826503", + "subnet-8b7adbee", + "subnet-d507c0a2", ] + tags_all = (known after apply) } # aws_route53_record.seagl_amazonses_verification_record will be created + resource "aws_route53_record" "seagl_amazonses_verification_record" { + allow_overwrite = (known after apply) + fqdn = (known after apply) + id = (known after apply) + name = "_amazonses.seagl.org" + records = (known after apply) + ttl = 600 + type = "TXT" + zone_id = "Z0173878287JIU5M4KB8R" } # aws_s3_bucket.state will be created + resource "aws_s3_bucket" "state" { + acceleration_status = (known after apply) + acl = "private" + arn = (known after apply) + bucket = "seagl-terraform" + bucket_domain_name = (known after apply) + bucket_regional_domain_name = (known after apply) + force_destroy = false + hosted_zone_id = (known after apply) + id = (known after apply) + object_lock_enabled = (known after apply) + region = (known after apply) + request_payer = (known after apply) + tags_all = (known after apply) + website_domain = (known after apply) + website_endpoint = (known after apply) + object_lock_configuration { + object_lock_enabled = (known after apply) + rule { + default_retention { + days = (known after apply) + mode = (known after apply) + years = (known after apply) } } } + versioning { + enabled = (known after apply) + mfa_delete = (known after apply) } } # aws_s3_bucket_acl.state will be created + resource "aws_s3_bucket_acl" "state" { + acl = "private" + bucket = (known after apply) + id = (known after apply) + access_control_policy { + grant { + permission = (known after apply) + grantee { + display_name = (known after apply) + email_address = (known after apply) + id = (known after apply) + type = (known after apply) + uri = (known after apply) } } + owner { + display_name = (known after apply) + id = (known after apply) } } } # aws_s3_bucket_public_access_block.state will be created + resource "aws_s3_bucket_public_access_block" "state" { + block_public_acls = true + block_public_policy = true + bucket = (known after apply) + id = (known after apply) + ignore_public_acls = true + restrict_public_buckets = true } # aws_s3_bucket_versioning.state will be created + resource "aws_s3_bucket_versioning" "state" { + bucket = (known after apply) + id = (known after apply) + versioning_configuration { + mfa_delete = (known after apply) + status = "Enabled" } } # aws_secretsmanager_secret.osem-db-pass will be created + resource "aws_secretsmanager_secret" "osem-db-pass" { + arn = (known after apply) + force_overwrite_replica_secret = false + id = (known after apply) + name = "db-pass-osem" + name_prefix = (known after apply) + policy = (known after apply) + recovery_window_in_days = 30 + rotation_enabled = (known after apply) + rotation_lambda_arn = (known after apply) + tags_all = (known after apply) + replica { + kms_key_id = (known after apply) + last_accessed_date = (known after apply) + region = (known after apply) + status = (known after apply) + status_message = (known after apply) } + rotation_rules { + automatically_after_days = (known after apply) } } # aws_secretsmanager_secret_version.osem-db-pass-val will be created + resource "aws_secretsmanager_secret_version" "osem-db-pass-val" { + arn = (known after apply) + id = (known after apply) + secret_id = (known after apply) + secret_string = (sensitive value) + version_id = (known after apply) + version_stages = (known after apply) } # aws_security_group.osem_rds_security_group will be created + resource "aws_security_group" "osem_rds_security_group" { + arn = (known after apply) + description = "Private SG for OSEM RDS" + egress = (known after apply) + id = (known after apply) + ingress = (known after apply) + name = "osem-private-sg" + name_prefix = (known after apply) + owner_id = (known after apply) + revoke_rules_on_delete = false + tags = { + "ManagedBy" = "terraform" + "Name" = "osem--private-sg" + "Role" = "private" } + tags_all = { + "ManagedBy" = "terraform" + "Name" = "osem--private-sg" + "Role" = "private" } + vpc_id = "vpc-231ecb46" } # aws_security_group_rule.private_in will be created + resource "aws_security_group_rule" "private_in" { + cidr_blocks = [ + "172.31.0.0/16", ] + from_port = 3306 + id = (known after apply) + protocol = "-1" + security_group_id = (known after apply) + self = false + source_security_group_id = (known after apply) + to_port = 3306 + type = "ingress" } # aws_security_group_rule.private_out will be created + resource "aws_security_group_rule" "private_out" { + cidr_blocks = [ + "0.0.0.0/0", ] + from_port = 0 + id = (known after apply) + protocol = "-1" + security_group_id = (known after apply) + self = false + source_security_group_id = (known after apply) + to_port = 0 + type = "egress" } # aws_ses_domain_identity.seagl will be created + resource "aws_ses_domain_identity" "seagl" { + arn = (known after apply) + domain = "seagl.org" + id = (known after apply) + verification_token = (known after apply) } # random_password.osem_db_master_pass will be created + resource "random_password" "osem_db_master_pass" { + bcrypt_hash = (sensitive value) + id = (known after apply) + keepers = { + "pass_version" = "1" } + length = 40 + lower = true + min_lower = 0 + min_numeric = 0 + min_special = 5 + min_upper = 0 + number = true + override_special = "!#$%^&*()-_=+[]{}<>:?" + result = (sensitive value) + special = true + upper = true } Plan: 14 to add, 0 to change, 0 to destroy. ───────────────────────────────────────────────────────────────────────────── Note: You didn't use the -out option to save this plan, so Terraform can't guarantee to take exactly these actions if you run "terraform apply" now. ```

Pushed by: @sntxrr, Action: pull_request

SeaGL / seagl-terraform

Ses domain identity #2

Terraform Format and Style 🖌``

Terraform Initialization ⚙️`success`

Terraform Plan 📖`success`

Terraform Validation 🤖`success`

Terraform Format and Style 🖌``

Terraform Initialization ⚙️`success`

Terraform Plan 📖`success`

Terraform Validation 🤖`success`

SeaGL / seagl-terraform

Ses domain identity #2

Terraform Format and Style 🖌``

Terraform Initialization ⚙️success

Terraform Plan 📖success

Terraform Validation 🤖success

Terraform Format and Style 🖌``

Terraform Initialization ⚙️success

Terraform Plan 📖success

Terraform Validation 🤖success

Terraform Initialization ⚙️`success`

Terraform Plan 📖`success`

Terraform Validation 🤖`success`

Terraform Initialization ⚙️`success`

Terraform Plan 📖`success`

Terraform Validation 🤖`success`