From c05d400de8f7c760f446e72201f7d4dd88fc7254 Mon Sep 17 00:00:00 2001 From: Script47 Date: Tue, 12 May 2026 11:35:50 +0100 Subject: [PATCH 1/2] fix(ses-domain-identity): fix issue with zone_id --- ses-domain-identity/route53.tf | 2 +- ses-domain-identity/variables.tf | 11 +++++++++++ 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/ses-domain-identity/route53.tf b/ses-domain-identity/route53.tf index a0dff2d..5de17f9 100644 --- a/ses-domain-identity/route53.tf +++ b/ses-domain-identity/route53.tf @@ -1,5 +1,5 @@ locals { - configure_dns = var.zone_id != null + configure_dns = var.manage_dns_records spf_record = join( " ", concat( diff --git a/ses-domain-identity/variables.tf b/ses-domain-identity/variables.tf index 3133f77..b668229 100644 --- a/ses-domain-identity/variables.tf +++ b/ses-domain-identity/variables.tf @@ -2,6 +2,17 @@ variable "zone_id" { type = string description = "The ID of the hosted zone" default = null + + validation { + condition = !var.manage_dns_records || var.zone_id != null + error_message = "zone_id must be provided when manage_dns_records is true." + } +} + +variable "manage_dns_records" { + type = bool + description = "Whether to create Route53 DNS records in the provided zone. Set to false to create the SES domain identity without managing DNS." + default = true } variable "domain" { From e4ad2157222f54c26439e9b44cf03fa8d5766caa Mon Sep 17 00:00:00 2001 From: Script47 Date: Tue, 12 May 2026 11:46:56 +0100 Subject: [PATCH 2/2] chore(ses-domain-identity): update docs --- ses-domain-identity/README.md | 33 +++++++++++++++++++++++++++++++-- 1 file changed, 31 insertions(+), 2 deletions(-) diff --git a/ses-domain-identity/README.md b/ses-domain-identity/README.md index 0447135..3c513d5 100644 --- a/ses-domain-identity/README.md +++ b/ses-domain-identity/README.md @@ -9,10 +9,10 @@ This module allows you to setup domain identification for SES with the following ## Usage -See `variables.tf` for the full argument reference. +### With a literal zone ID ```hcl -module "ses_doamin_identity" { +module "ses_domain_identity" { source = "github.com/script47/aws-tf-modules/ses-domain-identity" zone_id = "zone-id" @@ -41,3 +41,32 @@ module "ses_doamin_identity" { } } ``` + +### With a resource-derived zone ID + +If `zone_id` comes from a resource created in the same apply (e.g. `aws_route53_zone`), set `manage_dns_records = true` explicitly. Without it, Terraform cannot evaluate the `count` at plan time and will error with "Invalid count argument". + +```hcl +module "ses_domain_identity" { + source = "github.com/script47/aws-tf-modules/ses-domain-identity" + + zone_id = aws_route53_zone.zone.id + manage_dns_records = true + domain = "example.org" +} +``` + +### Without DNS management + +To create the SES domain identity without managing Route53 records, set `manage_dns_records = false`. `zone_id` can then be omitted. + +```hcl +module "ses_domain_identity" { + source = "github.com/script47/aws-tf-modules/ses-domain-identity" + + manage_dns_records = false + domain = "example.org" +} +``` + +See `variables.tf` for the full argument reference.