add data source for sesv2 email identity and email identity mail from

internal/service/sesv2/email_identity.go

@@ -163,6 +163,16 @@ func resourceEmailIdentityCreate(ctx context.Context, d *schema.ResourceData, me
 	return resourceEmailIdentityRead(ctx, d, meta)
 }
 
+func emailIdentityNameToARN(meta interface{}, emailIdentityName string) string {
+	return arn.ARN{
+		Partition: meta.(*conns.AWSClient).Partition,
+		Service:   "ses",
+		Region:    meta.(*conns.AWSClient).Region,
+		AccountID: meta.(*conns.AWSClient).AccountID,
+		Resource:  fmt.Sprintf("identity/%s", emailIdentityName),
+	}.String()
+}
+
 func resourceEmailIdentityRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
 	conn := meta.(*conns.AWSClient).SESV2Client(ctx)
 
@@ -178,13 +188,7 @@ func resourceEmailIdentityRead(ctx context.Context, d *schema.ResourceData, meta
 		return create.DiagError(names.SESV2, create.ErrActionReading, ResNameEmailIdentity, d.Id(), err)
 	}
 
-	arn := arn.ARN{
-		Partition: meta.(*conns.AWSClient).Partition,
-		Service:   "ses",
-		Region:    meta.(*conns.AWSClient).Region,
-		AccountID: meta.(*conns.AWSClient).AccountID,
-		Resource:  fmt.Sprintf("identity/%s", d.Id()),
-	}.String()
+	arn := emailIdentityNameToARN(meta, d.Id())
 
 	d.Set("arn", arn)
 	d.Set("configuration_set_name", out.ConfigurationSetName)

internal/service/sesv2/email_identity_data_source.go

@@ -0,0 +1,151 @@
+package sesv2
+
+import (
+	"context"
+	"fmt"
+
+	"github.com/aws/aws-sdk-go-v2/service/sesv2/types"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation"
+	"github.com/hashicorp/terraform-provider-aws/internal/conns"
+	"github.com/hashicorp/terraform-provider-aws/internal/create"
+	"github.com/hashicorp/terraform-provider-aws/internal/enum"
+	tftags "github.com/hashicorp/terraform-provider-aws/internal/tags"
+	"github.com/hashicorp/terraform-provider-aws/internal/verify"
+	"github.com/hashicorp/terraform-provider-aws/names"
+)
+
+// @SDKDataSource("aws_sesv2_email_identity")
+// @Tags(identifierAttribute="arn")
+func DataSourceEmailIdentity() *schema.Resource {
+	return &schema.Resource{
+		ReadWithoutTimeout: dataSourceEmailIdentityRead,
+
+		Schema: map[string]*schema.Schema{
+			"arn": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+			"configuration_set_name": {
+				Type:         schema.TypeString,
+				Optional:     true,
+				ValidateFunc: validation.StringLenBetween(1, 64),
+			},
+			"dkim_signing_attributes": {
+				Type:     schema.TypeList,
+				Optional: true,
+				Computed: true,
+				MaxItems: 1,
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						"current_signing_key_length": {
+							Type:     schema.TypeString,
+							Computed: true,
+						},
+						"domain_signing_private_key": {
+							Type:         schema.TypeString,
+							Optional:     true,
+							RequiredWith: []string{"dkim_signing_attributes.0.domain_signing_selector"},
+							ValidateFunc: validation.All(
+								validation.StringLenBetween(1, 20480),
+								func(v interface{}, name string) (warns []string, errs []error) {
+									s := v.(string)
+									if !verify.IsBase64Encoded([]byte(s)) {
+										errs = append(errs, fmt.Errorf(
+											"%s: must be base64-encoded", name,
+										))
+									}
+									return
+								},
+							),
+						},
+						"domain_signing_selector": {
+							Type:         schema.TypeString,
+							Optional:     true,
+							RequiredWith: []string{"dkim_signing_attributes.0.domain_signing_private_key"},
+							ValidateFunc: validation.StringLenBetween(1, 63),
+						},
+						"last_key_generation_timestamp": {
+							Type:     schema.TypeString,
+							Computed: true,
+						},
+						"next_signing_key_length": {
+							Type:             schema.TypeString,
+							Optional:         true,
+							Computed:         true,
+							ConflictsWith:    []string{"dkim_signing_attributes.0.domain_signing_private_key", "dkim_signing_attributes.0.domain_signing_selector"},
+							ValidateDiagFunc: enum.Validate[types.DkimSigningKeyLength](),
+						},
+						"signing_attributes_origin": {
+							Type:     schema.TypeString,
+							Computed: true,
+						},
+						"status": {
+							Type:     schema.TypeString,
+							Computed: true,
+						},
+						"tokens": {
+							Type:     schema.TypeList,
+							Computed: true,
+							Elem:     &schema.Schema{Type: schema.TypeString},
+						},
+					},
+				},
+			},
+			"email_identity": {
+				Type:     schema.TypeString,
+				Required: true,
+				ForceNew: true,
+			},
+			"identity_type": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+			names.AttrTags: tftags.TagsSchema(),
+			"verified_for_sending_status": {
+				Type:     schema.TypeBool,
+				Computed: true,
+			},
+		},
+	}
+}
+
+const (
+	DSNameEmailIdentity = "Email Identity Data Source"
+)
+
+func dataSourceEmailIdentityRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
+	conn := meta.(*conns.AWSClient).SESV2Client(ctx)
+
+	name := d.Get("email_identity").(string)
+
+	out, err := FindEmailIdentityByID(ctx, conn, name)
+	if err != nil {
+		return create.DiagError(names.SESV2, create.ErrActionReading, DSNameEmailIdentity, name, err)
+	}
+
+	arn := emailIdentityNameToARN(meta, name)
+
+	d.SetId(name)
+	d.Set("arn", arn)
+	d.Set("configuration_set_name", out.ConfigurationSetName)
+	d.Set("email_identity", name)
+
+	if out.DkimAttributes != nil {
+		tfMap := flattenDKIMAttributes(out.DkimAttributes)
+		tfMap["domain_signing_private_key"] = d.Get("dkim_signing_attributes.0.domain_signing_private_key").(string)
+		tfMap["domain_signing_selector"] = d.Get("dkim_signing_attributes.0.domain_signing_selector").(string)
+
+		if err := d.Set("dkim_signing_attributes", []interface{}{tfMap}); err != nil {
+			return create.DiagError(names.SESV2, create.ErrActionSetting, ResNameEmailIdentity, name, err)
+		}
+	} else {
+		d.Set("dkim_signing_attributes", nil)
+	}
+
+	d.Set("identity_type", string(out.IdentityType))
+	d.Set("verified_for_sending_status", out.VerifiedForSendingStatus)
+
+	return nil
+}

internal/service/sesv2/email_identity_data_source_test.go

@@ -0,0 +1,56 @@
+package sesv2_test
+
+import (
+	"fmt"
+	"testing"
+
+	sdkacctest "github.com/hashicorp/terraform-plugin-testing/helper/acctest"
+	"github.com/hashicorp/terraform-plugin-testing/helper/resource"
+	"github.com/hashicorp/terraform-provider-aws/internal/acctest"
+	"github.com/hashicorp/terraform-provider-aws/names"
+)
+
+func TestAccSESV2EmailIdentityDataSource_basic(t *testing.T) {
+	ctx := acctest.Context(t)
+	rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix)
+	resourceName := "aws_sesv2_email_identity.test"
+	dataSourceName := "data.aws_sesv2_email_identity.test"
+
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck:                 func() { acctest.PreCheck(ctx, t) },
+		ErrorCheck:               acctest.ErrorCheck(t, names.SESV2EndpointID),
+		ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories,
+		CheckDestroy:             testAccCheckEmailIdentityDestroy(ctx),
+		Steps: []resource.TestStep{
+			{
+				Config: testAccEmailIdentityDataSourceConfig_basic(rName),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckEmailIdentityExists(ctx, dataSourceName),
+					resource.TestCheckResourceAttrPair(resourceName, "arn", dataSourceName, "arn"),
+					resource.TestCheckResourceAttrPair(resourceName, "email_identity", dataSourceName, "email_identity"),
+					resource.TestCheckResourceAttrPair(resourceName, "dkim_signing_attributes.#", dataSourceName, "dkim_signing_attributes.#"),
+					resource.TestCheckResourceAttrPair(resourceName, "dkim_signing_attributes.0.current_signing_key_length", dataSourceName, "dkim_signing_attributes.0.current_signing_key_length"),
+					resource.TestCheckResourceAttrPair(resourceName, "dkim_signing_attributes.0.last_key_generation_timestamp", dataSourceName, "dkim_signing_attributes.0.last_key_generation_timestamp"),
+					resource.TestCheckResourceAttrPair(resourceName, "dkim_signing_attributes.0.next_signing_key_length", dataSourceName, "dkim_signing_attributes.0.next_signing_key_length"),
+					resource.TestCheckResourceAttrPair(resourceName, "dkim_signing_attributes.0.signing_attributes_origin", dataSourceName, "dkim_signing_attributes.0.signing_attributes_origin"),
+					resource.TestCheckResourceAttrPair(resourceName, "dkim_signing_attributes.0.status", dataSourceName, "dkim_signing_attributes.0.status"),
+					resource.TestCheckResourceAttrPair(resourceName, "dkim_signing_attributes.0.tokens.#", dataSourceName, "dkim_signing_attributes.0.tokens.#"),
+					resource.TestCheckResourceAttrPair(resourceName, "identity_type", dataSourceName, "identity_type"),
+					resource.TestCheckResourceAttrPair(resourceName, "verified_for_sending_status", dataSourceName, "verified_for_sending_status"),
+				),
+			},
+		},
+	})
+}
+
+func testAccEmailIdentityDataSourceConfig_basic(rName string) string {
+	return fmt.Sprintf(`
+resource "aws_sesv2_email_identity" "test" {
+  email_identity = %[1]q
+}
+
+data "aws_sesv2_email_identity" "test" {
+  email_identity = aws_sesv2_email_identity.test.email_identity
+}
+`, rName)
+}

internal/service/sesv2/email_identity_mail_from_attributes_data_source.go

@@ -0,0 +1,67 @@
+package sesv2
+
+import (
+	"context"
+
+	"github.com/aws/aws-sdk-go-v2/service/sesv2/types"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+	"github.com/hashicorp/terraform-provider-aws/internal/conns"
+	"github.com/hashicorp/terraform-provider-aws/internal/create"
+	"github.com/hashicorp/terraform-provider-aws/internal/enum"
+	"github.com/hashicorp/terraform-provider-aws/names"
+)
+
+// @SDKDataSource("aws_sesv2_email_identity_mail_from_attributes")
+func DataSourceEmailIdentityMailFromAttributes() *schema.Resource {
+	return &schema.Resource{
+		ReadWithoutTimeout: dataSourceEmailIdentityMailFromAttributesRead,
+
+		Schema: map[string]*schema.Schema{
+			"behavior_on_mx_failure": {
+				Type:             schema.TypeString,
+				Optional:         true,
+				Default:          string(types.BehaviorOnMxFailureUseDefaultValue),
+				ValidateDiagFunc: enum.Validate[types.BehaviorOnMxFailure](),
+			},
+			"email_identity": {
+				Type:     schema.TypeString,
+				Required: true,
+				ForceNew: true,
+			},
+			"mail_from_domain": {
+				Type:     schema.TypeString,
+				Optional: true,
+			},
+		},
+	}
+}
+
+const (
+	DSNameEmailIdentityMailFromAttributes = "Email Identity Mail From Attributes Data Source"
+)
+
+func dataSourceEmailIdentityMailFromAttributesRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
+	conn := meta.(*conns.AWSClient).SESV2Client(ctx)
+
+	name := d.Get("email_identity").(string)
+
+	out, err := FindEmailIdentityByID(ctx, conn, name)
+
+	if err != nil {
+		return create.DiagError(names.SESV2, create.ErrActionReading, ResNameEmailIdentityMailFromAttributes, name, err)
+	}
+
+	d.SetId(name)
+	d.Set("email_identity", name)
+
+	if out.MailFromAttributes != nil {
+		d.Set("behavior_on_mx_failure", out.MailFromAttributes.BehaviorOnMxFailure)
+		d.Set("mail_from_domain", out.MailFromAttributes.MailFromDomain)
+	} else {
+		d.Set("behavior_on_mx_failure", nil)
+		d.Set("mail_from_domain", nil)
+	}
+
+	return nil
+}

internal/service/sesv2/email_identity_mail_from_attributes_data_source_test.go

@@ -0,0 +1,57 @@
+package sesv2_test
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/aws/aws-sdk-go-v2/service/sesv2/types"
+	"github.com/hashicorp/terraform-plugin-testing/helper/resource"
+	"github.com/hashicorp/terraform-provider-aws/internal/acctest"
+	"github.com/hashicorp/terraform-provider-aws/names"
+)
+
+func TestAccSESV2EmailIdentityMailFromAttributesDataSource_basic(t *testing.T) {
+	ctx := acctest.Context(t)
+	domain := acctest.RandomDomain()
+	mailFromDomain1 := domain.Subdomain("test1")
+
+	rName := domain.String()
+	resourceName := "aws_sesv2_email_identity_mail_from_attributes.test"
+	dataSourceName := "data.aws_sesv2_email_identity_mail_from_attributes.test"
+
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck:                 func() { acctest.PreCheck(ctx, t) },
+		ErrorCheck:               acctest.ErrorCheck(t, names.SESV2EndpointID),
+		ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories,
+		CheckDestroy:             testAccCheckEmailIdentityDestroy(ctx),
+		Steps: []resource.TestStep{
+			{
+				Config: testAccEmailIdentityMailFromAttributesDataSourceConfig_basic(rName, string(types.BehaviorOnMxFailureRejectMessage), mailFromDomain1.String()),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckEmailIdentityMailFromAttributesExists(ctx, dataSourceName),
+					resource.TestCheckResourceAttrPair(resourceName, "email_identity", dataSourceName, "email_identity"),
+					resource.TestCheckResourceAttrPair(resourceName, "behavior_on_mx_failure", dataSourceName, "behavior_on_mx_failure"),
+					resource.TestCheckResourceAttrPair(resourceName, "mail_from_domain", dataSourceName, "mail_from_domain"),
+				),
+			},
+		},
+	})
+}
+
+func testAccEmailIdentityMailFromAttributesDataSourceConfig_basic(rName, behaviorOnMXFailure, mailFromDomain string) string {
+	return fmt.Sprintf(`
+resource "aws_sesv2_email_identity" "test" {
+  email_identity = %[1]q
+}
+
+resource "aws_sesv2_email_identity_mail_from_attributes" "test" {
+  email_identity         = aws_sesv2_email_identity.test.email_identity
+  behavior_on_mx_failure = %[2]q
+  mail_from_domain       = %[3]q
+}
+
+data "aws_sesv2_email_identity_mail_from_attributes" "test" {
+  email_identity = aws_sesv2_email_identity_mail_from_attributes.test.email_identity
+}
+`, rName, behaviorOnMXFailure, mailFromDomain)
+}