pulumi-aws-native
pulumi-aws-native copied to clipboard
pulumi
SES MailManagerRuleSet rules
What happened?
I'm trying to create a MailManagerRuleSet but it seems that there is a problem with capitalization somehow. This is the error I get:
error: operation error CloudControl: UpdateResource, https response error StatusCode: 400, RequestID: 8b27f0b7-ce08-436e-bf3a-96268bba1c32, api error ValidationException: Model validation failed (#/Rules/0/Actions/0: #: 0 subschemas matched instead of one
#/Rules/0/Actions/0: required key [Drop] not found
#/Rules/0/Actions/0: required key [Relay] not found
#/Rules/0/Actions/0: required key [Archive] not found
#/Rules/0/Actions/0: required key [WriteToS3] not found
#/Rules/0/Actions/0: required key [Send] not found
#/Rules/0/Actions/0: required key [AddHeader] not found
#/Rules/0/Actions/0: required key [ReplaceRecipient] not found
#/Rules/0/Actions/0: required key [DeliverToMailbox] not found)
Example
const archive = new MailManagerArchive(`${stackName}-mail-archive`, {
archiveName: 'sent',
retention: {
retentionPeriod: retention as MailManagerArchiveRetentionPeriod,
},
})
const trafficPolicy = new MailManagerTrafficPolicy(`${stackName}-mail-traffic-policy`, {
trafficPolicyName: 'archive',
defaultAction: 'ALLOW',
policyStatements: [
{
action: 'ALLOW',
conditions: [{
stringExpression: {
evaluate: {
attribute: MailManagerRuleSetRuleStringEmailAttribute.Recipient
},
operator: MailManagerRuleSetRuleStringOperator.Equals,
values: [`archive@${domainName}`],
}
}],
}
]
})
const ruleSet = new awsnative.ses.MailManagerRuleSet(`${stackName}-mail-rules`, {
ruleSetName: 'archive',
rules: [
{
name: 'archive',
actions: [{
archive: {
targetArchive: archive.archiveId,
actionFailurePolicy: MailManagerRuleSetActionFailurePolicy.Continue,
}
}],
}
]
})
Output of pulumi about
CLI
Version 3.134.1
Go Version go1.23.1
Go Compiler gc
Plugins KIND NAME VERSION resource aws 6.52.0 resource aws-native 0.125.0 resource awsx 2.15.0 resource docker 4.5.6 resource docker 3.6.1 language nodejs 3.134.1-dev.0 resource random 4.16.5
Host
OS darwin
Version 15.0
Arch arm64
This project is written in nodejs: executable='/Users/argoyle/.nvm/versions/node/v18.19.0/bin/node' version='v18.19.0'
Current Stack: organization/erp-email-gateway-infra/dev
TYPE URN pulumi:pulumi:Stack urn:pulumi:dev::erp-email-gateway-infra::pulumi:pulumi:Stack::erp-email-gateway-infra-dev pulumi:providers:aws urn:pulumi:dev::erp-email-gateway-infra::pulumi:providers:aws::default_6_52_0 aws:route53/zone:Zone urn:pulumi:dev::erp-email-gateway-infra::aws:route53/zone:Zone::erp-email-gateway-hosted-zone pulumi:providers:aws-native urn:pulumi:dev::erp-email-gateway-infra::pulumi:providers:aws-native::default_0_125_0 aws-native:ses:EmailIdentity urn:pulumi:dev::erp-email-gateway-infra::aws-native:ses:EmailIdentity::erp-email-gateway-domain-identity aws-native:ses:MailManagerTrafficPolicy urn:pulumi:dev::erp-email-gateway-infra::aws-native:ses:MailManagerTrafficPolicy::erp-email-gateway-mail-traffic-policy aws-native:ses:MailManagerArchive urn:pulumi:dev::erp-email-gateway-infra::aws-native:ses:MailManagerArchive::erp-email-gateway-mail-archive aws:route53/record:Record urn:pulumi:dev::erp-email-gateway-infra::aws:route53/record:Record::erp-email-gateway-spf aws:route53/record:Record urn:pulumi:dev::erp-email-gateway-infra::aws:route53/record:Record::erp-email-gateway-dmarc aws:route53/record:Record urn:pulumi:dev::erp-email-gateway-infra::aws:route53/record:Record::erp-email-gateway-dkim-record-2 aws:route53/record:Record urn:pulumi:dev::erp-email-gateway-infra::aws:route53/record:Record::erp-email-gateway-dkim-record-3 aws:route53/record:Record urn:pulumi:dev::erp-email-gateway-infra::aws:route53/record:Record::erp-email-gateway-dkim-record-1 pulumi:providers:aws-native urn:pulumi:dev::erp-email-gateway-infra::pulumi:providers:aws-native::default_0_124_0 aws-native:ses:MailManagerRuleSet urn:pulumi:dev::erp-email-gateway-infra::aws-native:ses:MailManagerRuleSet::erp-email-gateway-mail-rules aws-native:ses:MailManagerIngressPoint urn:pulumi:dev::erp-email-gateway-infra::aws-native:ses:MailManagerIngressPoint::erp-email-gateway-mail-ingress aws:route53/record:Record urn:pulumi:dev::erp-email-gateway-infra::aws:route53/record:Record::erp-email-gateway-mx
Found no pending operations associated with dev
Backend
Name gwaihir
URL s3://
Token type personal
Dependencies: NAME VERSION typescript 5.6.2 @pulumi/aws 6.52.0 @pulumi/eslint-plugin 0.2.0 @pulumi/random 4.16.5 @types/node 20.16.9 eslint-config 0.3.0 ts-deepmerge 7.0.1 @eslint/js 9.11.1 @pulumi/aws-native 0.125.0 @pulumi/awsx 2.15.0 eslint 9.11.1 globals 15.9.0 @pulumi/pulumi 3.134.0 @stylistic/eslint-plugin-ts 2.8.0 typescript-eslint 8.7.0
Pulumi locates its logs in /var/folders/fk/r3yd4dyj1mb4vqz_739dp_000000gn/T/ by default
Additional context
No response
Contributing
Vote on this issue by adding a 👍 reaction. To contribute a fix for this issue, leave a comment (and link to your pull request, if you've opened one already).
I can confirm I can reproduce this, self contained version of the repro:
import * as aws from "@pulumi/aws-native";
const stackName = "sn";
const domainName = "stuff.com";
const archive = new aws.ses.MailManagerArchive(`${stackName}-mail-archive`, {
archiveName: 'sent',
retention: {
retentionPeriod: "ONE_YEAR",
},
})
const trafficPolicy = new aws.ses.MailManagerTrafficPolicy(`${stackName}-mail-traffic-policy`, {
trafficPolicyName: 'archive',
defaultAction: 'ALLOW',
policyStatements: [
{
action: 'ALLOW',
conditions: [{
stringExpression: {
evaluate: {
attribute: aws.ses.MailManagerRuleSetRuleStringEmailAttribute.Recipient
},
operator: aws.ses.MailManagerRuleSetRuleStringOperator.Equals,
values: [`archive@${domainName}`],
}
}],
}
]
})
const ruleSet = new aws.ses.MailManagerRuleSet(`${stackName}-mail-rules`, {
ruleSetName: 'archive',
rules: [
{
name: 'archive',
actions: [{
archive: {
targetArchive: archive.archiveId,
actionFailurePolicy: aws.ses.MailManagerRuleSetActionFailurePolicy.Continue,
}
}],
}
]
})
From the logs:
aws-native.Create(urn:pulumi:dev::pulumi-aws-native-1748::aws-native:ses:MailManagerRuleSet::sn-mail-rules).CreateResource "AWS::SES::MailManagerRuleSet"
POST / HTTP/1.1
Host: cloudcontrolapi.us-west-2.amazonaws.com
{
"ClientToken": "6d07ff05-df95-43ba-9af2-4b603d5e9288",
"DesiredState": "{\"RuleSetName\":\"archive\",\"Rules\":[{\"Actions\":[{}],\"Name\":\"archive\"}]}",
"TypeName": "AWS::SES::MailManagerRuleSet"
}
Curious what you meant by "problem with capitalization", at a first glance it appears the rule definition is not making it into the request at all. We will need to investigate further why that is the case. Thanks for a great bug report!
Thanks for the quick turnaround. I thought it just failed to do init-caps on the type archive -> Archive since that's what it was looking for. I hadn't realized that it dropped the action completely 😆
While you're at it, if I change the default action of the traffic policy to 'DENY' I have to set a max message size as well which is optional in the SES UI. The UI on the other hand doesn't allow to unset the values once set. 🤦🏻
The error I get when updating having only changed default action:
error: operation error CloudControl: UpdateResource, https response error StatusCode: 400, RequestID: a6ffa0c2-9132-46fb-b628-e4a14cc98220, api error ValidationException: Model validation failed (#/MaxMessageSizeBytes: failed validation constraint for keyword [minimum])
Error seems to come from AWS though so perhaps nothing you can do anything about.
Can someone point me in a general direction on where to start looking for a solution to this issue?
Unfortunately, it looks like this issue hasn't seen any updates in a while. If you're still experiencing this issue, could you leave a quick comment to let us know so we can prioritize it?
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}