Setting up a connection with the AWS SES SMTP Endpoint
The setup-AWS-SES Jenkins job performs all the steps required for a Self Managed Commerce environment to connect to Amazon’s Simple Email Service (SES) SMTP endpoint. This job allows deployments of Self Managed Commerce to send emails through the SES SMTP interface.
note
The credentials created by this job are used to send email through the Amazon SES SMTP interface and are unique to each AWS region. If you use the Amazon SES SMTP interface to send email in more than one Region, you have to generate a set of SMTP credentials for each Region.
Parameters for the setup-AWS-SES Jenkins Job
plan_mode
When selected, this runs Terraform in plan mode and prompts you to approve changes before you continue. This works in both the setup and destroy modes.
destroy_mode
When checked, this destroys the AWS SES terraform resources instead of creating them.
TF_VAR_awsRegion
The AWS region of your Self Managed Commerce deployment. For more information on which AWS regions have SMTP endpoints, see Service endpoints documentation.
TF_VAR_dnsZoneName
The domain name to be verified. This verifies all email addresses from that domain. For example, if you verify the domain ep.mycompany.com, you can send emails from user1@ep.mycompany.com, user2@ep.mycompany.com, or any other user at ep.mycompany.com.
TF_VAR_hostedZoneID
The hosted zone id of the domain name to be verified.
TF_VAR_updateAWSRecordSets
Updates AWS Route53 with the record sets generated for DKIM and domain verification.
TF_VAR_kubernetes_nickname
The nickname for this group of resources. The nickname corresponds to the namespace that your resources are deployed in.
clusterName
The name of the Kubernetes cluster to setup AWS SES for.
cloudOpsForKubernetesRepoURL
The Git repository URL of the cloudops-for-kubernetes code.
cloudOpsForKubernetesBranch
The branch of cloudops-for-kubernetes to use.
After Setting Up AWS SES
Ensure that email addresses in the Self Managed Commerce database are within the domain used in TF_VAR_dnsZoneName before you send emails with Amazon SES. In the sandbox mode, emails only can be sent to the email addresses and domain that Amazon SES has verified.
- For more information about how to verify email addresses, see the AWS documentation on Verifying Identities in Amazon SES.
If the setup-AWS-SES Jenkins job was run without enabling TF_VAR_updateAWSRecordSets, update your domain’s DNS server with the domain verification token and the DKIM verification tokens.
Verifying the Domain
The domain verification token is found in the
ses-verification-TXT-recordTerraform output of the job. For more information on how to create aTXTrecord for this token, see Amazon SES domain verificationTXTrecords.Setting up
DKIMThe
DKIMverification tokens are found in theses-dkim-tokensTerraform output of the job. For more information about how to createCNAMErecords for these tokens, see Authenticating Email withDKIMin Amazon SES.note
It can take up to 72 hours for Amazon SES to verify that these record sets have been added.
Email Reputation Management
The job that you just ran set up your AWS account with Amazon SES. For more information about how to complete the setup of email reputation management, see Monitoring Your Amazon SES Sender Reputation.
For more information on handling bounce and complaint messages, see Handling Bounces and Complaints.
Requesting Production Access
New Amazon SES accounts are created in sandbox mode. For more information about how to transition out of the sandbox, see Moving Out of the Amazon SES Sandbox in the AWS documentation.
Deploying an Environment with Amazon SES
The setup-AWS-SES job only needs to be run once in CloudOps for Kubernetes. The job creates a Kubernetes secret ep-${kubernetes_nickname}-smtp-secret containing the SMTP credentials.
If the kubernetes_nickname parameter is the same in the deploy-or-delete-commerce-stack Jenkins job and the setup-AWS-SES job.
- Run the deployment job with the
includeAWSSESparameter selected.
If the kubernetes_nickname parameter is different.
- Run the deployment job with the parameters:
smtpHost,smtpPort,smtpScheme,smtpUser, andsmtpPassset.
note
Ensure that you configure your database to use email addresses in the domain you are verified for on AWS SES.