I'm running into an issue using the AWS SES service.
Ideally I'd like to setup the entire service using Terraform/Terragrunt. Unfortunately I can't seem to wrap my head around how to go about it.
To setup the SES domain, I need to verify against the domain I want to use. The domain I want to use exists in a different AWS account. So technically, I need to run the aws_ses_domain_identity resource to get the id of the domain identity, then I need to create the Route53 record in my other AWS account with the TXT value that was given to me by the aws_ses_domain_identity resource finally I need to run the aws_ses_domain_identity_verification to validate the domain.
Here is are the resources I'm referring to:
resource "aws_ses_domain_identity" "main" {
domain = var.domain
}
resource "aws_route53_record" "ses_verification" {
zone_id = data.aws_route53_zone.main.zone_id
name = "_amazonses.${aws_ses_domain_identity.main.id}"
type = "TXT"
ttl = 60
records = [aws_ses_domain_identity.main.verification_token]
}
resource "aws_ses_domain_identity_verification" "audit" {
domain = aws_ses_domain_identity.main.id
depends_on = [aws_route53_record.ses_verification]
}
resource "aws_ses_active_receipt_rule_set" "main" {
rule_set_name = "primary-rules"
}
##########
## DATA ##
##########
data "aws_route53_zone" "main" {
name = var.domain
}
How do I go about this with Terraform? I don't think it makes sense to break up the module into three separate when they are so closely intertwined. Do I use two different AWS providers (DNS account, SES account) in the same module?
