Do AWS support SES in CloudFormation?

Question

I'm trying to figure out how to automate the creation of several cloud resources in AWS, using CloudFormation.

Now I need to include the creation of SES (Simple Email Service) domain, but couldn't find the documentation, but I've already checked:

• Simple Email Service Documentation
• CloudFormation Resource Types Documentation

Do AWS support SES in CloudFormation?

Answer 1

CloudFormation provides several built-in Amazon SES resource types, but as of 2020 is still missing the ones many people need: domain and email verification.

Fortunately, CloudFormation has the ability to define your own custom resource types. I've built Custom::SES_Domain and Custom::SES_EmailIdentity resources that are designed to play well with other CloudFormation resources. Get them here: https://github.com/medmunds/aws-cfn-ses-domain.

Once you've pulled the custom CfnSESResources into your template, you can verify an SES domain like this:

Resources:
  # Provision a domain with Amazon SES:
  MySESDomain:
    Type: Custom::SES_Domain
    Properties:
      ServiceToken: !GetAtt CfnSESResources.Outputs.CustomDomainIdentityArn
      Domain: "example.com"
      EnableSend: true
      EnableReceive: false

  # Then add all required DNS records for SES verification and usage:
  MyRoute53RecordsForSES:
    Type: AWS::Route53::RecordSetGroup
    Properties:
      HostedZoneName: "example.com."
      RecordSets: !GetAtt MySESDomain.Route53RecordSets

Full instructions are in the repository. Custom::SES_Domain has properties for controlling several common SES domain options, and exposes attributes that feed into your CloudFormation DNS resources: either a standard AWS::Route53::RecordSetGroup resource as shown above, or other (external) DNS providers via zone file entries.

Answer 2

Unfortunately this is currently not supported, but who knows Re:Invent 2017 is around the corner ,,,

Question asked on AWS Developer Forum

It is possible by creating a custom function, some blog about SES and cloudformation.

Answer 3

Though AWS Cloudformation is not currently supported use the AWS SDKs ( e.g Node SDK) to provision the SES resources required.

Its a common practice to use custom code with AWS SDKs and AWS CLI commands in combination with CloudFormation to provision resources AWS since each approach can be advantages, based on the parameters, number of resources, repetitions and etc.

Answer 4

Here is the current list of SES Resource Types supported by CloudFormation:

AWS::SES::ConfigurationSet

AWS::SES::ConfigurationSetEventDestination

AWS::SES::ReceiptFilter

AWS::SES::ReceiptRule

AWS::SES::ReceiptRuleSet

AWS::SES::Template

Answer 5

Not supported. But, you can make it handled by lambda.

AWSTemplateFormatVersion: '2010-09-09'
Transform: 'AWS::Serverless-2016-10-31'
Description: >-
  A simple email example
Resources:
  FunctionEmailHandler:
    Type: 'AWS::Serverless::Function'
    Properties:
      Handler: email.handler
      Runtime: nodejs6.10
      CodeUri: ..
      Description: >-
        ...
      Tags:
        App: your app
      MemorySize: 128
      Timeout: 10    
      Policies:
        - Version: '2012-10-17'
          Statement:
            - Effect: Allow
              Action:
                - 's3:GetObject'
              Resource: '*'

  LambdaInvokePermission:
    Type: "AWS::Lambda::Permission"
    Properties:
      Action: 'lambda:InvokeFunction'
      FunctionName: !GetAtt FunctionEmailHandler.Arn
      Principal: ses.amazonaws.com

  SESEmailRecievedRule:
    Type: "AWS::SES::ReceiptRule"
    Properties:
      RuleSetName: your default rule set name
      After: store-email-to-s3
      Rule:
        Name: email-recieved-rule
        Enabled: true
        Actions:
          - LambdaAction:
              FunctionArn: !GetAtt FunctionEmailHandler.Arn
              InvocationType: Event