Obtaining connection values for Amazon SES

About this task

This topic provides instructions to obtain the connection values (Secret access key and Access key ID) for Amazon SES and to connect to App Connect.

Procedure

  1. Log in to your AWS account.
    You can choose between Root user or IAM user based on your role.
    • Root user: Account owner that performs tasks requiring unrestricted access.
    • IAM user: User within an account that performs daily tasks.
    Restriction:
    • In Amazon SES, you cannot send an email directly to a user until your email is verified. For that, you need to create an email-verified identity from the Amazon SES endpoint UI/REST API. Once this is done, you get a verification email from Amazon SES that you need to manually get verified. For more information, see Creating and verifying identities in Amazon SES on the AWS Documentation page.
    • When you create a new Amazon SES account, by default, it is created in the Amazon sandbox. While your account is in the sandbox, you can use all of the features of Amazon SES. However, when your account is in the sandbox, there are some restrictions to the account. You need to manually move the account from sandbox to either Marketing or Transactional to remove these restrictions. For more information, see Moving out of the Amazon SES sandbox on the AWS Documentation page.
    AWS recommends using identity-based managed policies to attach permission sets and roles to an identity, and grant only the permissions the user needs. These policies control what actions that identity can perform, on which resources, and under what conditions. While setting the permissions for an identity in IAM, you can decide whether to use an AWS-managed policy, a customer-managed policy, or an inline policy.

    An AWS-managed policy is a stand-alone policy that is created and administered by AWS. The following are some examples of AWS-managed policies that are specific to Amazon SES:

    • Allowing full access to all Amazon SES actions: This policy allows a user to call any Amazon SES action.
    • Allowing access to only Amazon SES API version 2: This policy allows a user to call only the Amazon SES actions of API version 2.
    • Allowing access to email-sending actions only: This policy permits a user to send email using Amazon SES but does not permit the user to perform administrative actions such as accessing Amazon SES sending statistics.

    For more information about AWS-managed policies that are specific to Amazon SES, see AWS managed policies for Amazon Simple Email Service on the AWS documentation page.

  2. On the navigation menu, click Users.
  3. Select your applicable username or account name.
  4. Click the Security credentials tab, and then click Create access key.
  5. To view the new access key, click Show.
    You can retrieve the secret access key only when you create the key pair for the first time.

    For more information, see AWS Account and Access Keys on the AWS documentation page.