I'm struggling to fully understand the way configuration sets and their associated delivery options work.
I'm trying to ensure that each message sent via AWS SES will enforce tls encryption rather than using the default opportunistic approach.
As per official documentation I have created a new set using AWS cli:
aws ses put-configuration-set-delivery-options --configuration-set-name TlsEncryption --delivery-options TlsPolicy=Require
But I cannot seem to be able to verify that this delivery option is actually attached to this configuration set.
When I run
aws ses describe-configuration-set --configuration-set-name=TlsEncryption
I only get
{
"ConfigurationSet": {
"Name": "TlsEncryption"
}
}
therefore I'm unsure whether the delivery option has been actually set on it and will work with each call when using X-SES-CONFIGURATION-SET: TlsEncryption or not.
Could someone shine some light on it please?
It's buried in the AWS CLI enumerations.
aws ses describe-configuration-set --configuration-set-name tls-config-set --configuration-set-attribute-names deliveryOptions --region=eu-west-1
Note, the magic enum is deliveryOptions
{
"ConfigurationSet": {
"Name": "tls-config-set"
},
"DeliveryOptions": {
"TlsPolicy": "Require"
}
}