feat: add SES service with all 44 operations and email retrospection#9
Merged
feat: add SES service with all 44 operations and email retrospection#9
Conversation
) Add AWS Simple Email Service (SES) v1 and v2 support to RustStack. SES v1 uses the awsQuery protocol (same as SNS) and SES v2 uses restJson1 with path-based routing under /v2/email/. All sent emails are captured in memory and exposed via the /_aws/ses REST endpoint for test retrospection - the primary value for local development and CI testing. Implementation covers all 4 phases: - Phase 0: Core sending (SendEmail, SendRawEmail) + identity management (VerifyEmailIdentity, VerifyDomainIdentity, ListIdentities, etc.) + statistics (GetSendQuota, GetSendStatistics) - 12 operations - Phase 1: Template CRUD + SendTemplatedEmail with {{variable}} substitution + configuration set management - 10 operations - Phase 2: Configuration set event destinations + receipt rule set management including CloneReceiptRuleSet - 8 operations - Phase 3: Identity notifications, DKIM, mail-from, sending authorization policies + SES v2 core operations - 14 operations Key features: - Smithy-generated model types from official AWS SES Smithy model - SigV4 Credential service name routing (email for v1, ses for v2) - Email retrospection endpoint (GET/DELETE /_aws/ses) - Auto-verify identities in local dev mode - Template rendering with simple {{variable}} substitution - 23 integration tests covering all phases Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Fix TOCTOU races in TemplateStore, ConfigurationSetStore, and ReceiptRuleSetStore by using DashMap's atomic entry() API instead of separate contains_key() + insert() calls - Return error on invalid base64 in SendRawEmail instead of silently falling back to raw bytes - Fix retrospection query param from 'source' to 'email' per spec - Use case-insensitive matching for From: header in raw email parsing - Extract validate_message_tags() and convert_tags() helpers to eliminate DRY violations across send methods Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
AWS CLI smoke tests covering all 4 phases: - Phase 0: VerifyEmailIdentity, ListIdentities, SendEmail, SendRawEmail, GetSendQuota, GetSendStatistics + retrospection endpoint verification - Phase 1: Template CRUD, SendTemplatedEmail, ConfigurationSet CRUD - Phase 2: ReceiptRuleSet CRUD with CloneReceiptRuleSet - Phase 3: Identity notifications, DKIM, sending authorization policies - Rust integration tests via aws-sdk-ses Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The AWS SDK and CLI sign SES v1 requests with service name "ses" in the SigV4 Credential field, not "email" as originally documented. Updated the gateway router to match on both "ses" and "email" for backwards compatibility with older SDKs. This was causing all SES requests to fall through to the SNS router, resulting in "Unrecognized operation" errors. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The AWS CLI ses send-templated-email command uses --source, not --from. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
/_aws/sesREST retrospection endpoint for test assertionsses-2010-12-01.json)emailfor v1,sesfor v2) to disambiguate from SNSPhase 0: Core Sending + Identities (12 ops)
VerifyEmailIdentity, VerifyDomainIdentity, ListIdentities, DeleteIdentity, GetIdentityVerificationAttributes, VerifyEmailAddress, DeleteVerifiedEmailAddress, ListVerifiedEmailAddresses, SendEmail, SendRawEmail, GetSendQuota, GetSendStatistics
Phase 1: Templates + Configuration Sets (10 ops)
CreateTemplate, GetTemplate, UpdateTemplate, DeleteTemplate, ListTemplates, SendTemplatedEmail, CreateConfigurationSet, DeleteConfigurationSet, DescribeConfigurationSet, ListConfigurationSets
Phase 2: Event Destinations + Receipt Rules (8 ops)
CreateConfigurationSetEventDestination, UpdateConfigurationSetEventDestination, DeleteConfigurationSetEventDestination, CreateReceiptRuleSet, DeleteReceiptRuleSet, CreateReceiptRule, DeleteReceiptRule, DescribeReceiptRuleSet, CloneReceiptRuleSet, DescribeActiveReceiptRuleSet, SetActiveReceiptRuleSet
Phase 3: Notifications, DKIM, Policies (14 ops)
SetIdentityNotificationTopic, SetIdentityFeedbackForwardingEnabled, GetIdentityNotificationAttributes, VerifyDomainDkim, GetIdentityDkimAttributes, SetIdentityMailFromDomain, GetIdentityMailFromDomainAttributes, GetIdentityPolicies, PutIdentityPolicy, DeleteIdentityPolicy, ListIdentityPolicies + SES v2 routing infrastructure
New crates
ruststack-ses-model— auto-generated types from Smithyruststack-ses-http— awsQuery (v1) + restJson1 (v2) protocol layerruststack-ses-core— business logic, storage, retrospectionTest plan
cargo clippy -- -D warningscleancargo +nightly fmtcleancargo deny checkclean🤖 Generated with Claude Code