Access Denied while sending email from AWS SES in Lambda function
So, I was also having the same problem which Rakesh has explained but couldn't understand the steps he was saying to do so here is a detailed explanation with steps.
You need to do the following Security, Identity & Compliance -> IAM -> Roles -> select your lambda function -> then edit policy -> open it in JSON and add the below part
{ "Effect":"Allow", "Action":[ "ses:SendEmail", "ses:SendRawEmail" ], "Resource":"*"}
or you can do as per requirement from these policy examples https://docs.aws.amazon.com/ses/latest/DeveloperGuide/control-user-access.html#iam-and-ses-examples-email-sending-actionsalso, you need to verify the email address first so don't forget that. Hope this helps everyone.
After a long debugging i got the issue, "lambda_basic_execution" role need to be granted with permission to access "ses:SendEmail", "ses:SendRawEmail".
Where i was trying to grant permission for the new IAM role i have created, but lambda function is mapped to "lambda_basic_execution" so there is a mismatch.
If you are configuring policies for a SAM Lambda or using a YAML configuration file, you would use something like this:
template.yaml
AWSTemplateFormatVersion: '2010-09-09'Transform: AWS::Serverless-2016-10-31Description: 'your-email-lambda'Resources: YourEmailFunction: Type: AWS:Serverless::Function Properties: Policies: - Version: '2012-10-17' Statement: - Effect: Allow Action: - 'ses:SendEmail' - 'ses:SendRawEmail' Resource: '*'