Configuration of SES event destination

handler.js

const response = require('cfn-response');
const AWS = require('aws-sdk');

const propertiesToParams = (props) => ({
  ConfigurationSetName: props.ConfigSetName,
  EventDestination: {
    Name: props.ConfigSetEventDestinationName,
    Enabled: props.Enabled || true,
    MatchingEventTypes: ['send', 'reject', 'bounce', 'complaint', 'delivery', 'open'],
    SNSDestination: {
      TopicARN: props.SNSTopicArn,
    },
  },
});

const tasks = {
  create: (properties) => {
    const params = propertiesToParams(properties);
    return new AWS.SES({ apiVersion: '2010-12-01' }).createConfigurationSetEventDestination(params).promise();
  },
  update: async (properties) => {
    const params = propertiesToParams(properties);
    return new AWS.SES({ apiVersion: '2010-12-01' }).updateConfigurationSetEventDestination(params).promise();
  },
  delete: (properties) => {
    const params = {
      EventDestinationName: properties.ConfigSetEventDestinationName,
      ConfigurationSetName: properties.ConfigSetName,
    };
    return new AWS.SES({ apiVersion: '2010-12-01' }).deleteConfigurationSetEventDestination(params).promise();
  },
};

exports.handler = (event, context) => {
  console.log(event);
  const task = event.RequestType.toLowerCase();
  if (!tasks[task]) {
    console.error(`Unknown task '${task}' called`);
    response.send(event, context, response.FAILED);
  } else {
    tasks[task](event.ResourceProperties)
      .then((res) => {
        console.log(res);
        response.send(event, context, response.SUCCESS);
      })
      .catch((err) => {
        console.error(err);
        response.send(event, context, response.FAILED);
      });
  }
};

template.yaml

# Events pipeline
# - Send mail specify config set
# - Events added to SNS (decided by config set)
# - Events added by SNS to SQS

  EventsQueue:
    Type: AWS::SQS::Queue
    Properties:
      QueueName: sam-pigeon-events
      Tags:
        - Key: sdrn
          Value: sdrn:schibsted:service:pigeon

  EventsQueuePolicy:
    Type: AWS::SQS::QueuePolicy
    Properties:
      Queues:
        - !Ref EventsQueue
      PolicyDocument:
        Version: '2012-10-17'
        Statement:
          - Effect: Allow
            Action:
              - sqs:SendMessage
            Resource: !GetAtt EventsQueue.Arn
            Principal: '*'
            Condition:
              ArnEquals:
                aws:SourceArn: !Ref EventsSNS

  EventsSNS:
    Type: AWS::SNS::Topic
    Properties:
      TopicName: sam-pigeon-events
      Subscription:
        - Endpoint: !GetAtt EventsQueue.Arn
          Protocol: sqs
      Tags:
        - Key: sdrn
          Value: sdrn:schibsted:service:pigeon

  SESConfigSet:
    Type: AWS::SES::ConfigurationSet
    Properties:
      Name: sam-pigeon-event-config

  SetupSESLambda:
    Type: AWS::Serverless::Function
    Properties:
      CodeUri: src/setup-ses-config/
      Description: Custom resources to configure SES
      Timeout: 30
      Policies:
      - Statement:
        - Sid: AllowSesConfigEventCrud
          Effect: Allow
          Action:
          - ses:CreateConfigurationSetEventDestination
          - ses:UpdateConfigurationSetEventDestination
          - ses:DeleteConfigurationSetEventDestination
          Resource: "*"

  CustomSESConfigEventDestination:
    Type: Custom::SESConfigurationEventDestination # This can be anything as long as it starts with Custom::
    Properties:
      ServiceToken: !GetAtt SetupSESLambda.Arn # Arn of the lambda created above
      ConfigSetEventDestinationName: sam-pigeon-event-sns-config
      ConfigSetName: !Ref SESConfigSet # Config set created above
      SNSTopicArn: !Ref EventsSNS # SES topic created above to send to