fix s3 permissions, add missing s3 bucket save step

Signed-off-by: Jakub Sokołowski <jakub@status.im>

files/index.js

@@ -30,7 +30,7 @@ console.log("AWS Lambda SES Forwarder // @arithmetric // Version 4.2.0");
 //   To match a mailbox name on all domains, use a key without the "at" symbol
 //   and domain part of an email address (i.e. `info`).
 var defaultConfig = {
-  fromEmail: "noreply@dap.ps",
+  fromEmail: "",
   subjectPrefix: "",
   emailBucket: "ses-forwarder-emails",
   emailKeyPrefix: "dap.ps/",

mail.tf

@@ -5,6 +5,8 @@
 
 /* SES S3 Bucket --------------------------------*/
 
+data "aws_caller_identity" "current" {}
+
 resource "aws_s3_bucket" "ses-forwarder-emails" {
   bucket = "ses-forwarder-emails"
   acl    = "private"
@@ -27,7 +29,7 @@ resource "aws_s3_bucket" "ses-forwarder-emails" {
          "Resource": "arn:aws:s3:::${var.ses_forwarder_bucket_name}/*",
          "Condition": {
             "StringEquals": {
-               "aws:Referer": "${var.ses_forwarder_admin_account_arn}"
+               "aws:Referer": "${data.aws_caller_identity.current.account_id}"
             }
          }
       }
@@ -40,6 +42,8 @@ EOF
   }
 }
 
+/* SES Configuration --------------------------------*/
+
 resource "aws_iam_role" "ses_lambda_role" {
   name = "LambdaSesForwarder"
 
@@ -119,9 +123,15 @@ resource "aws_ses_receipt_rule" "ses_forwarder" {
   enabled       = true
   scan_enabled  = true
 
+  s3_action {
+    bucket_name       = "${var.ses_forwarder_bucket_name}"
+    object_key_prefix = "${var.public_domain}/"
+    position          = 1
+  }
+
   lambda_action {
     function_arn    = "${aws_lambda_function.ses_forwarder.arn}"
     invocation_type = "Event"
-    position        = 1
+    position        = 2
   }
 }