🐛 (infra-live): Add missing SES identity (#79)

xunleii · xunleii · commit bfd86abd1336 · 2024-05-19T20:08:09.000+02:00
The noreply identity was not allowed to send mail using SES service.
diff --git a/infrastructure/live/external/mail.tf b/infrastructure/live/external/mail.tf
@@ -29,8 +29,12 @@ resource "aws_ses_email_identity" "allowed_identities" {
 # --<Policies configuration>----------------------------------------------------
 data "aws_iam_policy_document" "transaction_mailer" {
   statement {
-    actions   = ["ses:SendEmail", "ses:SendRawEmail"]
-    resources = [for _, id in aws_ses_email_identity.allowed_identities : id.arn]
+    actions = ["ses:SendEmail", "ses:SendRawEmail"]
+    resources = concat(
+      [aws_ses_email_identity.noreply.arn],
+      [for _, id in aws_ses_email_identity.allowed_identities : id.arn],
+    )
+
     condition {
       test     = "StringEquals"
       variable = "ses:FromAddress"
