Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

aws-ses: EmailIdentity dkimRecords compatibility with Route53 #26738

Open
meza opened this issue Aug 12, 2023 · 2 comments
Open

aws-ses: EmailIdentity dkimRecords compatibility with Route53 #26738

meza opened this issue Aug 12, 2023 · 2 comments
Labels
@aws-cdk/aws-ses Related to Amazon Simple Email Service bug This issue is a bug. effort/medium Medium work item – several days of effort p2

Comments

@meza
Copy link

meza commented Aug 12, 2023
edited
Loading

Describe the bug

When setting up a new verified email identity with new EmailIdentity, you get back a set of dkim records that you then need to add to your hosted zone.

Unfortunately the records are not fully compatible with an IRecordSet.

Expected Behavior

I would expect the record.name to be compatible with a new CnameRecord

Current Behavior

The dkimRecord names don't have a full stop at the end of them which means that when CDK runs, the domain will end up being duplicated.

Reproduction Steps

const zone = HostedZone.fromLookup(this, 'Zone', {
  domainName: 'example.com'
});
const identity = new EmailIdentity(this, 'Identity', {
  dkimIdentity: DkimIdentity.easyDkim(EasyDkimSigningKeyLength.RSA_2048_BIT),
  dkimSigning: true,
  feedbackForwarding: true,
  identity: Identity.publicHostedZone(zone),
  mailFromBehaviorOnMxFailure: MailFromBehaviorOnMxFailure.REJECT_MESSAGE,
  mailFromDomain: 'mail.example.com'
});

identity.dkimRecords.forEach((record, index) => {
  const cnameRecord = new CnameRecord(this, `dKim_${index}`, {
    domainName: record.value,
    recordName: record.name,
    zone: zone
  });
});

Possible Solution

It would be nice if the record.name would include the full stop.
The workaround is this:

identity.dkimRecords.forEach((record, index) => {
  const cnameRecord = new CnameRecord(this, `dKim_${index}`, {
    domainName: record.value,
    recordName: `${record.name}.`,
    zone: zone
  });
});

Another solution would be to have a field that returns the domain keys alone so that we could construct the record names ourselves. Or just return the record name without the domain element.

An alternative approach would be to enrich the EmailIdentity with a zone parameter and make it add the records itself.

Additional Information/Context

No response

CDK CLI Version

2.91.0

Framework Version

No response

Node.js Version

v20.5.0

OS

Ubuntu

Language

Typescript

Language Version

Typescript 5.1.6

Other information

No response
@meza meza added bug This issue is a bug. needs-triage This issue or PR still needs to be triaged. labels Aug 12, 2023
@github-actions github-actions bot added the @aws-cdk/aws-ses Related to Amazon Simple Email Service label Aug 12, 2023
@pahud
Copy link
Contributor

pahud commented Aug 14, 2023

Another solution would be to have a field that returns the domain keys alone so that we could construct the record names ourselves. Or just return the record name without the domain element.

This makes sense to me but I am not sure which one is the best solution. Feel free to submit a PR for that if you are interested.

@pahud pahud added p2 effort/medium Medium work item – several days of effort and removed needs-triage This issue or PR still needs to be triaged. labels Aug 14, 2023
@meza
Copy link
Author

meza commented Aug 23, 2023

Not sure I have the capacity right now but maybe soon. Until then if someone else has it in them to submit a fix, that would be great!

@github-actions github-actions bot mentioned this issue Sep 1, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
@aws-cdk/aws-ses Related to Amazon Simple Email Service bug This issue is a bug. effort/medium Medium work item – several days of effort p2
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@meza @pahud