Add SES email capture for E2E tests#2121
Conversation
There was a problem hiding this comment.
Pull request overview
This PR adds inbound SES email capture to support end-to-end tests for “get a copy of your answers” and related email flows by storing received emails in S3 and exposing the bucket name via Terraform outputs. It also completes SES domain identity verification by creating the required Route53 TXT record and verification resource.
Changes:
- Add an SES receipt rule set with rules to write specific test-recipient emails into prefixed folders in a new S3 bucket.
- Add SES domain identity verification DNS record +
aws_ses_domain_identity_verification. - Export the test email S3 bucket name from the SES module and the forms SES deployment.
Reviewed changes
Copilot reviewed 4 out of 4 changed files in this pull request and generated 3 comments.
| File | Description |
|---|---|
| infra/modules/ses/test_mail.tf | Creates the test emails S3 bucket and SES inbound receipt rules to store emails in S3 prefixes. |
| infra/modules/ses/dns.tf | Adds SES domain verification TXT record and verification resource. |
| infra/modules/ses/outputs.tf | Exposes the test mail bucket name from the SES module. |
| infra/deployments/forms/ses/outputs.tf | Plumbs the SES module’s test mail bucket name output to the deployment outputs. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Receive test confirmation and submission emails into S3 so “get a copy of your answers” flows can be tested. This creates a seperate S3 bucket for emails, and has receipt rules to sort different email receiptents into different folders.
theseanything
force-pushed
the
theseanything/use-ses-email-recieving-for-tests
branch
from
5ff2e76 to
1d12add
Compare
whi-tw
left a comment
whi-tw
left a comment
There was a problem hiding this comment.
Ok, except we don't just create buckets with the standard resource - we always use our bucket modules. secure-bucket is likely the right one for this job
| resource "aws_s3_bucket" "test_mail_bucket" { | ||
| #checkov:skip=CKV2_AWS_62:No event notifications are needed for this temporary test email bucket | ||
| #checkov:skip=CKV_AWS_145:Amazon managed S3 encryption is sufficient for temporary test emails | ||
| #checkov:skip=CKV_AWS_18:Access logging is not needed for this temporary test email bucket | ||
| #checkov:skip=CKV_AWS_144:Cross-region replication is not needed for temporary test emails | ||
| #checkov:skip=CKV2_AWS_6:Public access is controlled by the bucket policy for SES writes only | ||
| #checkov:skip=CKV_AWS_21:Versioning is not needed for temporary test emails that expire after 7 days | ||
| bucket = local.test_mail_bucket_name | ||
| } | ||
|
|
There was a problem hiding this comment.
Can you please use one of our bucket modules for this, rather than rolling a separate bucket?
Receive test confirmation and submission emails into S3 so “get a copy of your answers” flows can be tested.
This creates a seperate S3 bucket for emails, and has receipt rules to sort different email receiptents into different folders.