New Feature Request: Support for Workmail

[ghost]

This issue was originally opened by @ruzin as hashicorp/terraform#19346. It was migrated here as a result of the provider split. The original body of the issue is below.

---

Current Terraform Version

Terraform v0.11.10
...

Use-cases

Add Workmail Resource to AWS Provider so that one is able to create, update, read and delete a workmail user.

Hey guys,

I think it'd useful to extend the provider to include the workmail service. I'm learning go atm with the view to create a PR to add workmail. However, workmail is quite a broad resource in that it includes creation of the resource itself and sub resources. Is there any useful material/recommended reading? Thanks!

[ruzin]

The main use case behind this is to fully automate the creation of AWS accounts under AWS organizations. I built a half terraform/half boto3 solution (https://github.com/ruzin/muppet) which can be called as a terraform module to do this but it would be better to have it all in terraform.

[ruzin]

@bflad I tried to open a PR to start working on this issue. But I couldn't push up my local branch. This is my first time contributing to an open source project. So any help appreciated? Thanks

[bflad]

Hi @ruzin 👋 Very exciting!

If you are unfamiliar with social coding on GitHub, I would recommend checking out GitHub Guides. In particular to your problem, the one on Forking might be useful. There's also GitHub Help pages as well: https://help.github.com/articles/fork-a-repo/

Essentially you'll create a "personal copy" of the codebase on GitHub, push up the change to your fork, then submit the change as a pull request back to the main codebase. Hope this gets you started.

[ruzin]

@bflad Ah I see! I was wondering why there were so few branches but so many PRs. makes sense. Thank you, ill try that.

[Jeeppler]

@ruzin are you still working on this feature?

[cicdguy]

Hi guys, let me know if you need any help with this. I can help contribute. Looking forward to this feature!

[OGProgrammer]

Same here!

[andy-hammond]

+1! Would love to be able tie off the account creation process

[ruzin]

hey guys! I haven't been working on this, sorry got sidetracked. please feel free to pick this up!

[sklemmer]

Is anyone working on this? I would love to automate our company email and calendars with terraform.

[lorengordon]

I see a pr was merged, but for some reason I'm not seeing docs....?

• https://github.com/terraform-providers/terraform-provider-aws/pull/11958

[nathantfrank]

Can someone possibly give an update to the lack of documentation?

[kurtmc]

I would be happy to implement this. I think the first thing that needs to be done is figure out which resources need to be created.

Looking at the SDK documentation (https://docs.aws.amazon.com/sdk-for-go/api/service/workmail/) I think that we would probably want to create the following resources:

• aws_workmail_alias
• aws_workmail_group
• aws_workmail_resource
• aws_workmail_user

And the parameters for each of those would probably closely match the input arguments:

• https://docs.aws.amazon.com/sdk-for-go/api/service/workmail/#CreateAliasInput
• https://docs.aws.amazon.com/sdk-for-go/api/service/workmail/#CreateGroupInput
• https://docs.aws.amazon.com/sdk-for-go/api/service/workmail/#CreateResourceInput
• https://docs.aws.amazon.com/sdk-for-go/api/service/workmail/#CreateUserInput

If someone from hashicorp or a maintainer for this provider could tell me if I am going in the right direction for this I would be keen to implement something and create a PR.

[kurtmc]

Something that's blocking this from progressing is that there is no API/SDK support for creating WorkMail organizations. If anyone has some influence at AWS I would appreciate to see it added to the API and SDK.

Edit:

If you want to help bump this up the AWS priority can you please go to https://console.aws.amazon.com/workmail/v2/home?region=us-east-1#/ and hit the feedback button in the bottom left corner and submit a feature request asking for API support for creating AWS WorkMail organizations.

[siteopsio]

@kurtmc There is an API for work mail now and supports organizations. https://awscli.amazonaws.com/v2/documentation/api/latest/reference/workmail/index.html https://docs.aws.amazon.com/workmail/latest/APIReference/workmail-api.pdf

Hope that helps

[sachin-101]

@kurtmc Any updates?

[kurtmc]

@sachin-101 API support is looking good now, and I see it's in the SDK: https://docs.aws.amazon.com/sdk-for-go/api/service/workmail/#WorkMail.CreateOrganization

I try implement some of it this weekend.

[sachin-101]

@kurtmc Yeah I did find it in boto3 (Python SDK) docs as well. https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/workmail.html#WorkMail.Client.create_organization

But it's only in the docs, and while using the SDK, it says AttributeError: 'WorkMail' object has no attribute 'create_organization'.

[Ikana]

@kurtmc let me know if you need any help with this, I can at least test it 😄

[robmoss2k]

The SDK supports a significant number of new methods since @ruzin opened the original ticket. Yesterday saw AWS add API support for mail domains:

https://awsapichanges.info/archive/changes/818967-workmail.html

The SDK already supports these, and many other, methods:

https://docs.aws.amazon.com/sdk-for-go/api/service/workmail/

Is there a guide for how to implement these things?

[nikskiz]

For anyone who came here initially because they had to verify AWS SES sender email. Email verifications is now via DKIM record

Domain verification in Amazon SES is now based on DomainKeys Identified Mail (DKIM), an email authentication standard that receiving mail servers use to validate an email’s authenticity. Configuring DKIM in your domain’s DNS settings confirms to SES that you’re the identity owner, eliminating the need for TXT records. Domain identities that were verified using TXT records do not need to be reverified; however, we still recommend enabling DKIM signatures to enhance the deliverability of your mail with DKIM-compliant email providers. To access your legacy TXT records, download the record set as a .csv .

[sidcarter]

@kurtmc happy to take a look and help as well

[khadersyed]

I started with a PR above. I would love some help on the testing side of things and any other feedback/review/edits that I need to do. I'd love to work on this and have this merged once it's in a good shape.

[lucasff]

Not so much interest from the community for this one, huh?

[DanielViglione]

I have been following this ticket over time and noticed it has been 4 years now and I still don't see any terraform support for creating Workmail organizations. As others stated, this would be highly useful to automate the full creation of accounts under AWS Organizations. The AWS CLI supports WorkMail Organization creation: https://docs.aws.amazon.com/cli/latest/reference/workmail/create-organization.html

[sahaqaa]

It would be handy if Terraform provider had support of AWS WorkMail.

[kschoenberger]

push.

[aleonsan]

+1 . It would be nice to have support to AWS Workmail

[Losty17]

+1, hoping this issue go further

[g-getsov]

+1 :pray: