Vh]dZdZdZddlZ ddlmZddlmZddlm Z ddl m Z dd l m Zdd Zdd Zd Zd ZdZdZdZdZdZdZdZdZdZedk(reyy#e$rYPwxYw)aK --- module: ses_identity version_added: 1.0.0 short_description: Manages SES email and domain identity description: - This module allows the user to manage verified email and domain identity for SES. - This covers verifying and removing identities as well as setting up complaint, bounce and delivery notification settings. - Prior to release 5.0.0 this module was called C(community.aws.aws_ses_identity). The usage did not change. author: - Ed Costello (@orthanc) options: identity: description: - This is the email address or domain to verify / delete. - If this contains an '@' then it will be considered an email. Otherwise it will be considered a domain. required: true type: str state: description: Whether to create(or update) or delete the identity. default: present choices: [ 'present', 'absent' ] type: str bounce_notifications: description: - Setup the SNS topic used to report bounce notifications. - If omitted, bounce notifications will not be delivered to a SNS topic. - If bounce notifications are not delivered to a SNS topic, I(feedback_forwarding) must be enabled. suboptions: topic: description: - The ARN of the topic to send notifications to. - If omitted, notifications will not be delivered to a SNS topic. include_headers: description: - Whether or not to include headers when delivering to the SNS topic. - If I(topic) is not specified this will have no impact, but the SES setting is updated even if there is no topic. type: bool default: No type: dict complaint_notifications: description: - Setup the SNS topic used to report complaint notifications. - If omitted, complaint notifications will not be delivered to a SNS topic. - If complaint notifications are not delivered to a SNS topic, I(feedback_forwarding) must be enabled. suboptions: topic: description: - The ARN of the topic to send notifications to. - If omitted, notifications will not be delivered to a SNS topic. include_headers: description: - Whether or not to include headers when delivering to the SNS topic. - If I(topic) is not specified this will have no impact, but the SES setting is updated even if there is no topic. type: bool default: No type: dict delivery_notifications: description: - Setup the SNS topic used to report delivery notifications. - If omitted, delivery notifications will not be delivered to a SNS topic. suboptions: topic: description: - The ARN of the topic to send notifications to. - If omitted, notifications will not be delivered to a SNS topic. include_headers: description: - Whether or not to include headers when delivering to the SNS topic. - If I(topic) is not specified this will have no impact, but the SES setting is updated even if there is no topic. type: bool default: No type: dict feedback_forwarding: description: - Whether or not to enable feedback forwarding. - This can only be false if both I(bounce_notifications) and I(complaint_notifications) specify SNS topics. type: 'bool' default: true extends_documentation_fragment: - amazon.aws.common.modules - amazon.aws.region.modules - amazon.aws.boto3 ab # Note: These examples do not set authentication details, see the AWS Guide for details. - name: Ensure example@example.com email identity exists community.aws.ses_identity: identity: example@example.com state: present - name: Delete example@example.com email identity community.aws.ses_identity: email: example@example.com state: absent - name: Ensure example.com domain identity exists community.aws.ses_identity: identity: example.com state: present # Create an SNS topic and send bounce and complaint notifications to it # instead of emailing the identity owner - name: Ensure complaints-topic exists community.aws.sns_topic: name: "complaints-topic" state: present purge_subscriptions: false register: topic_info - name: Deliver feedback to topic instead of owner email community.aws.ses_identity: identity: example@example.com state: present complaint_notifications: topic: "{{ topic_info.sns_arn }}" include_headers: true bounce_notifications: topic: "{{ topic_info.sns_arn }}" include_headers: false feedback_forwarding: false # Create an SNS topic for delivery notifications and leave complaints # Being forwarded to the identity owner email - name: Ensure delivery-notifications-topic exists community.aws.sns_topic: name: "delivery-notifications-topic" state: present purge_subscriptions: false register: topic_info - name: Delivery notifications to topic community.aws.ses_identity: identity: example@example.com state: present delivery_notifications: topic: "{{ topic_info.sns_arn }}" ai identity: description: The identity being modified. returned: success type: str sample: example@example.com identity_arn: description: The arn of the identity being modified. returned: success type: str sample: arn:aws:ses:us-east-1:12345678:identity/example@example.com verification_attributes: description: The verification information for the identity. returned: success type: complex sample: { "verification_status": "Pending", "verification_token": "...." } contains: verification_status: description: The verification status of the identity. type: str sample: "Pending" verification_token: description: The verification token for a domain identity. type: str notification_attributes: description: The notification setup for the identity. returned: success type: complex sample: { "bounce_topic": "arn:aws:sns:....", "complaint_topic": "arn:aws:sns:....", "delivery_topic": "arn:aws:sns:....", "forwarding_enabled": false, "headers_in_bounce_notifications_enabled": true, "headers_in_complaint_notifications_enabled": true, "headers_in_delivery_notifications_enabled": true } contains: bounce_topic: description: - The ARN of the topic bounce notifications are delivered to. - Omitted if bounce notifications are not delivered to a topic. type: str complaint_topic: description: - The ARN of the topic complaint notifications are delivered to. - Omitted if complaint notifications are not delivered to a topic. type: str delivery_topic: description: - The ARN of the topic delivery notifications are delivered to. - Omitted if delivery notifications are not delivered to a topic. type: str forwarding_enabled: description: Whether or not feedback forwarding is enabled. type: bool headers_in_bounce_notifications_enabled: description: Whether or not headers are included in messages delivered to the bounce topic. type: bool headers_in_complaint_notifications_enabled: description: Whether or not headers are included in messages delivered to the complaint topic. type: bool headers_in_delivery_notifications_enabled: description: Whether or not headers are included in messages delivered to the delivery topic. type: bool N) BotoCoreError) ClientError)camel_dict_to_snake_dict)AWSRetry)AnsibleCommunityAWSModulec td|dzD]7} |j|gd}d}||vrnt j |9|vry||S#ttf$r }|j |d|Yd}~Vd}~wwxYw)NrT Identities aws_retryz8Failed to retrieve identity verification attributes for msgVerificationAttributes)range$get_identity_verification_attributesrr fail_json_awstimesleep) connectionmoduleidentityretries retryDelayattemptresponseeidentity_verifications n/home/dcms/DCMS/lib/python3.12/site-packages/ansible_collections/community/aws/plugins/modules/ses_identity.pyget_verification_attributesrs GaK( o!FFS[R\hlFmH!))A B , ,  :,,  **{+ o  *bckbl(m n n osAB#A>>Bctd|dzD]u} |j|gd}d}||vrnUt |dk7r0|j dj||jtj|w|vry||S#ttf$r }|j |d|Yd}~d}~wwxYw) Nrr Tr z8Failed to retrieve identity notification attributes for r NotificationAttributeszQUnexpected identity found in notification attributes, expected {0} but got {1!r}.) r$get_identity_notification_attributesrrrlen fail_jsonformatkeysrr) rrrrrrrrnotification_attributess rget_identity_notificationsr(sGaK( o!FFS[R\hlFmH#++C"D . .  & '1 ,   gnn+002   :78.. "8 ,,7{+ o  *bckbl(m n n osBC!B<<Cc|jj|jdz}|r|jddSy)N_notificationstopicparamsgetlower)rnotification_typearg_dicts r desired_topicr2's=}}  !2!8!8!:=M!MNH||GT**cp|jj|jdy|dz}|d}n ||vr||}nd}t||}||k7r- |js||dd}|||d<|j d i|yy#t tf$r#} |j| d|d| Yd} ~ yd} ~ wwxYw) Nr*FTopicT)IdentityNotificationTyper SnsTopicz.Failed to set identity notification topic for  r ) r-r.r/r2 check_modeset_identity_notification_topicrrr) rrridentity_notificationsr0 topic_key current_topicrequired_topicrequest_kwargsrs rupdate_notification_topicrB/s }}-3356nEFN!G+I% , ,.y9  "6+<=N& $$ ((9!%""-1?N:.: ::L^L   {+   DXJaPaObc !    s+BB5B00B5cd|jj|jdz}d|zdz}|d}n ||vr||}nd}| d|vr|d}nd}||k7r# |js|j |||dyy#t t f$r#} |j| d|d | Yd} ~ yd} ~ wwxYw) Nr* HeadersInNotificationsEnabledFinclude_headersT)r6r7Enabledr z3Failed to set identity headers in notification for r9r )r-r.r/r;-set_identity_headers_in_notifications_enabledrrr) rrrr=r0r1 header_keycurrentrequiredrs r!update_notification_topic_headersrL[s}}  !2!8!8!:=M!MNH003IIJ% - -(4  1X =-.( $$HH%8IS[gkI  {+   LXJVWXiWjk !    s!A==B/ B**B/c|d}n d|vr|d}nd}|jjd}||k7r" |js|j||dyy#tt f$r }|j |d|Yd}~yd}~wwxYw)NTForwardingEnabledFfeedback_forwarding)r6rNr z/Failed to set identity feedback forwarding for r )r-r.r;(set_identity_feedback_forwarding_enabledrrr)rrrr=rJrKrs rupdate_feedback_forwardingrQ}s%  6 6()<= }}  !67H( f$$CC%TD  {+ f  *YZbYc(d e e fs AB$A??Bcd|jjdi}dD][}|jj|jdz}|d|vr |d||dz<d|zdz}| d |vr |d ||<Wd ||<]|S) NrNrOBounce ComplaintDeliveryr*r+r5rDrErFFr,)rrespr0r1rIs r"create_mock_notifications_responserXsV]]../DE DA %==$$%6%<%<%>AQ%QR  Gx$7080AD"W, - #447MM  $5$A'(9:D $D  % Kr3c 2|jjd}d}t|||}dD]&}|t|||||z}|t |||||z}(|t ||||z}|s|*|j rt|}||fSt|||d}||fS)NrFrSr)r-r.r(rBrLrQr;rX)rrrchangedr=r0s rupdate_identity_notificationsr]s}}  ,HG7 FHU@ ,ZKactuu4 *@BS    )*fhH^__G(0   %G%O " * **&@ FT\fg%h " * **r3c|jjddur,t|dr t|ds|jdyyy)NrOFrTrUzInvalid Parameter Value 'False' for 'feedback_forwarding'. AWS requires feedback forwarding to be enabled unless bounces and complaints are handled by SNS topicsr )r-r.r2r$)rs r$validate_params_for_identity_presentr_sQ }}./58fh/M&+4V   p  5W9r3c |jjd}d}t|||}|[ |js+d|vr|j |dn|j |d|jrd d i}nt|||d }d}n/|d d vr(|jd|zdz|d zt|||jdt||\}} ||z}| |jdd|zdz|zdz|z} |j||| t|t| y#t tf$r }|j|d|Yd}~d}~wwxYw)NrF@T) EmailAddressr )Domainr zFailed to verify identity r VerificationStatusPendingrZr[)reSuccessz Identity z in bad status )rverification_attributeszKUnable to load identity verification attributes after registering identity.z0Unable to load identity notification attributes.z arn:aws:ses::z :identity/)r\r identity_arnrgr') r-r.rr;verify_email_identityverify_domain_identityrrrr$rr] exit_json) rrregion account_idrr\rgrnotifications_changedr'ris rcreate_or_update_identityrps}}  ,HG9*fhW& Q$$(?44(VZ4[55XQU5V   $i' #'B*fV^hi&j # !5 6>T Th&)::=TUi=jj$<=T$U  &jk5RS]_e5f22 $$G&OP!F*S0:= LxWL ! 89P Q 89P Q 5{+ Q  *DXJ(O P P Qs7D--E<EEc*|jjd}d}t|||}|" |js|j |dd}|j||y#t t f$r }|j|d|Yd}~@d}~wwxYw)NrFT)r6r zFailed to delete identity r )r\r) r-r.rr;delete_identityrrrrl)rrrr\rgrs rdestroy_identityrss}}  ,HG9*fhW* Q$$**H*M  {+ Q  *DXJ(O P P QsA##B2B  Bc|jd} |j}|dS#ttf$r!}|j |dYd}~dSd}~wwxYw)Nstsz"Failed to retrieve caller identityr Account)clientget_caller_identityrrr)rrucaller_identityrs rget_account_idrz sl -- CJ113 9 %% ; 'JQ$HII 9 %%Js(AAAc ttddtdddgtdtdtdtdd d d }d D]q}|dz}|jj|}|s&|j Dcgc] }|dvs| }}|sK|j dt |zdz|zdzs|jdtj}|jjd}|dk(r1|j}t|} t|t|||| yt||ycc}w)NTstr)rKtypepresentabsent)defaultchoicesdict)r}bool)rr})rstatebounce_notificationscomplaint_notificationsdelivery_notificationsrO) argument_specsupports_check_mode)bounce complaintdeliveryr*)r+rFzUnexpected keys z in z( valid keys are topic or include_headersr ses)retry_decoratorr)AnsibleAWSModulerr-r.r&r$r|rwrjittered_backoffrmrzr_rprs) rr0 param_namer1x extra_keysrrrmrns rmainrs\ d7)i5JK$(f$5'+'8&*&7#'6#B  ! FA &)99 ==$$Z0 %-]]_^A]8]!^J^  **o&!!A A! $uh6O6O6QRJ MM  g &E #F+ ,V4!*ffjIV,1_s  EE__main__)r ) DOCUMENTATIONEXAMPLESRETURNrbotocore.exceptionsrr ImportError0ansible.module_utils.common.dict_transformationsr;ansible_collections.amazon.aws.plugins.module_utils.retriesr>ansible_collections.community.aws.plugins.module_utils.modulesrrrr(r2rBrLrQrXr]r_rprsrzr__name__r:r3rrsU n6 pD L  1/VPx+(%-P)XD8"+*+\$&)-X zF}   s A!!A)(A)