Issues with custom IAM Policy for Amazon SES
-
We currently are just using a blanket full SES access policy, but I want to be able to restrict the verified senders (identities) for each site using SES (as seen in this page /wp-admin/options-general.php?page=wp-offload-ses#verified-senders).
I’ve followed the guide here https://deliciousbrains.com/wp-offload-ses/doc/custom-iam-policy-for-amazon-ses/ but when I use the policy outlined, it shows no verified senders in the plugin.
I can add a custom policy with full SES access to all resources and that works. If i limit it to the list provided in the above link with * resources, it shows no identities. Also if I grant full access (which does work) but then limit to my two identity ARNS, it again shows no results.
Any ideas what might be going wrong here?
Example of the policy that actuall works (but shows everything):
{ "Version": "2012-10-17", "Statement": [ { "Sid": "VisualEditor0", "Effect": "Allow", "Action": "ses:*", "Resource": "*" } ] }Example of the policy with resources restricted that doesn’t show any verified senders:
{ "Version": "2012-10-17", "Statement": [ { "Sid": "VisualEditor0", "Effect": "Allow", "Action": "ses:*", "Resource": [ "arn:aws:ses:ap-southeast-2:12345678910:identity/mydomain.com", "arn:aws:ses:ap-southeast-2:12345678910:identity/[email protected]" ] } ] }Also tried limiting the services with all permission as per those docs and that doesn’t work, eg:
{ "Version": "2012-10-17", "Statement": [ { "Sid": "VisualEditor0", "Effect": "Allow", "Action": [ "ses:VerifyEmailIdentity", "ses:GetSendQuota", "ses:SendRawEmail", "ses:DeleteIdentity", "ses:GetIdentityVerificationAttributes", "ses:ListIdentities", "ses:VerifyDomainIdentity" ], "Resource": "*" } ] }
- The topic ‘Issues with custom IAM Policy for Amazon SES’ is closed to new replies.
