AWS::SES::EmailIdentity - AWS CloudFormation
SyntaxPropertiesReturn values

AWS::SES::EmailIdentity

Specifies an identity for using within SES. An identity is an email address or domain that you use when you send email. Before you can use an identity to send email, you first have to verify it. By verifying an identity, you demonstrate that you're the owner of the identity, and that you've given Amazon SES API v2 permission to send email from the identity.

When you verify an email address, SES sends an email to the address. Your email address is verified as soon as you follow the link in the verification email. When you verify a domain without specifying the DkimSigningAttributes properties, OR only the NextSigningKeyLength property of DkimSigningAttributes, this resource provides a set of CNAME token names and values (DkimDNSTokenName1, DkimDNSTokenValue1, DkimDNSTokenName2, DkimDNSTokenValue2, DkimDNSTokenName3, DkimDNSTokenValue3) as outputs. You can then add these to the DNS configuration for your domain. Your domain is verified when Amazon SES detects these records in the DNS configuration for your domain. This verification method is known as Easy DKIM.

Alternatively, you can perform the verification process by providing your own public-private key pair. This verification method is known as Bring Your Own DKIM (BYODKIM). To use BYODKIM, your resource must include DkimSigningAttributes properties DomainSigningSelector and DomainSigningPrivateKey. When you specify this object, you provide a selector (DomainSigningSelector) (a component of the DNS record name that identifies the public key to use for DKIM authentication) and a private key (DomainSigningPrivateKey).

Additionally, you can associate an existing configuration set with the email identity that you're verifying.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

Properties

ConfigurationSetAttributes

Used to associate a configuration set with an email identity.

Required: No

Type: ConfigurationSetAttributes

Update requires: No interruption

DkimAttributes

An object that contains information about the DKIM attributes for the identity.

Required: No

Type: DkimAttributes

Update requires: No interruption

DkimSigningAttributes

If your request includes this object, Amazon SES configures the identity to use Bring Your Own DKIM (BYODKIM) for DKIM authentication purposes, or, configures the key length to be used for Easy DKIM.

Required: No

Type: DkimSigningAttributes

Update requires: No interruption

EmailIdentity

The email address or domain to verify.

Required: Yes

Type: String

Update requires: Replacement

FeedbackAttributes

Used to enable or disable feedback forwarding for an identity.

Required: No

Type: FeedbackAttributes

Update requires: No interruption

MailFromAttributes

Used to enable or disable the custom Mail-From domain configuration for an email identity.

Required: No

Type: MailFromAttributes

Update requires: No interruption

Return values

Ref

When you pass the logical ID of this resource to the intrinsic Ref function, Ref returns the resource name.

For more information about using the Ref function, see Ref.

Fn::GetAtt

DkimDNSTokenName1

The host name for the first token that you have to add to the DNS configuration for your domain.

DkimDNSTokenName2

The host name for the second token that you have to add to the DNS configuration for your domain.

DkimDNSTokenName3

The host name for the third token that you have to add to the DNS configuration for your domain.

DkimDNSTokenValue1

The record value for the first token that you have to add to the DNS configuration for your domain.

DkimDNSTokenValue2

The record value for the second token that you have to add to the DNS configuration for your domain.

DkimDNSTokenValue3

The record value for the third token that you have to add to the DNS configuration for your domain.