Add ses module and staging implementation

manifest.yml

@@ -13,6 +13,9 @@ applications:
       - notify-api-redis-((env))
       - notify-api-csv-upload-bucket-((env))
       - notify-api-contact-list-bucket-((env))
+      - name: notify-api-ses-((env))
+        parameters:
+          notification_webhook: ""
 
     processes:
       - type: web

terraform/sandbox/main.tf

@@ -55,3 +55,14 @@ module "egress-space" {
     "steven.reilly@gsa.gov"
   ]
 }
+
+module "ses_email" {
+  source = "../shared/ses"
+
+  cf_org_name         = local.cf_org_name
+  cf_space_name       = local.cf_space_name
+  name                = "${local.app_name}-ses-${local.env}"
+  recursive_delete    = local.recursive_delete
+  aws_region          = "us-west-2"
+  email_receipt_error = "notify-support@gsa.gov"
+}

terraform/shared/ses/main.tf

@@ -0,0 +1,29 @@
+###
+# Target space/org
+###
+
+data "cloudfoundry_space" "space" {
+  org_name = var.cf_org_name
+  name     = var.cf_space_name
+}
+
+###
+# SES instance
+###
+
+data "cloudfoundry_service" "ses" {
+  name = "datagov-smtp"
+}
+
+resource "cloudfoundry_service_instance" "ses" {
+  name             = var.name
+  space            = data.cloudfoundry_space.space.id
+  service_plan     = data.cloudfoundry_service.ses.service_plans["base"]
+  recursive_delete = var.recursive_delete
+  json_params = jsonencode({
+    region                        = var.aws_region
+    domain                        = var.email_domain
+    email_receipt_error           = var.email_receipt_error
+    enable_feedback_notifications = true
+  })
+}

terraform/shared/ses/providers.tf

@@ -0,0 +1,9 @@
+terraform {
+  required_version = "~> 1.0"
+  required_providers {
+    cloudfoundry = {
+      source  = "cloudfoundry-community/cloudfoundry"
+      version = "~> 0.15"
+    }
+  }
+}

terraform/shared/ses/variables.tf

@@ -0,0 +1,36 @@
+variable "cf_org_name" {
+  type        = string
+  description = "cloud.gov organization name"
+}
+
+variable "cf_space_name" {
+  type        = string
+  description = "cloud.gov space name (staging or prod)"
+}
+
+variable "name" {
+  type        = string
+  description = "name of the service instance"
+}
+
+variable "recursive_delete" {
+  type        = bool
+  description = "when true, deletes service bindings attached to the resource (not recommended for production)"
+  default     = false
+}
+
+variable "aws_region" {
+  type        = string
+  description = "AWS region the SES instance is in"
+}
+
+variable "email_domain" {
+  type        = string
+  default     = ""
+  description = "domain name that emails will be coming from"
+}
+
+variable "email_receipt_error" {
+  type        = string
+  description = "email address to list in SPF records for errors to be sent to"
+}

terraform/staging/main.tf

@@ -55,3 +55,15 @@ module "egress-space" {
     "steven.reilly@gsa.gov"
   ]
 }
+
+module "ses_email" {
+  source = "../shared/ses"
+
+  cf_org_name         = local.cf_org_name
+  cf_space_name       = local.cf_space_name
+  name                = "${local.app_name}-ses-${local.env}"
+  recursive_delete    = local.recursive_delete
+  aws_region          = "us-gov-west-1"
+  email_domain        = "sandbox.10x.gsa.gov"
+  email_receipt_error = "notify-support@gsa.gov"
+}