On Amazon Web Services debugging issues with SES or Send Email Services can get tricky. When you receive a bounce back message which reads "User is not authorized to perform ses:SendRawEmail", the solution turns out to be simple.
Error Message:
<Sending Email> User `arn:aws:iam::458281000000:user/amazon-workmail-eu-west-1' is not authorized to perform `ses:SendRawEmail' on resource `arn:aws:ses:eu-west-1:489921000000:identity/yourdomain.com'
Solution:
- go to ses console
- identity management > domains
- click your domain
- scroll down to Identity Policy
- create policy
- policy generator
- for principle add the user as mentioned in the bounceback email like arn:aws:iam::458281000000:user/amazon-workmail-eu-west-1
- tick the boxes for
- ses:SendEmail
- ses:SendRawEmail
- and save.
Comments