Access Denied while sending email from AWS SES in Lambda function

So, I was also having the same problem which Rakesh has explained but couldn't understand the steps he was saying to do so here is a detailed explanation with steps.

You need to do the following Security, Identity & Compliance -> IAM -> Roles -> select your lambda function -> then edit policy -> open it in JSON and add the below part

{  "Effect":"Allow",  "Action":[    "ses:SendEmail",    "ses:SendRawEmail"  ],  "Resource":"*"}

or you can do as per requirement from these policy examples https://docs.aws.amazon.com/ses/latest/DeveloperGuide/control-user-access.html#iam-and-ses-examples-email-sending-actionsalso, you need to verify the email address first so don't forget that. Hope this helps everyone.

After a long debugging i got the issue, "lambda_basic_execution" role need to be granted with permission to access "ses:SendEmail", "ses:SendRawEmail".

Where i was trying to grant permission for the new IAM role i have created, but lambda function is mapped to "lambda_basic_execution" so there is a mismatch.

Reference - http://docs.aws.amazon.com/ses/latest/DeveloperGuide/control-user-access.html#iam-and-ses-examples-email-sending-actions

If you are configuring policies for a SAM Lambda or using a YAML configuration file, you would use something like this:

template.yaml

AWSTemplateFormatVersion: '2010-09-09'Transform: AWS::Serverless-2016-10-31Description: 'your-email-lambda'Resources:  YourEmailFunction:    Type: AWS:Serverless::Function    Properties:      Policies:        - Version: '2012-10-17'          Statement:            - Effect: Allow              Action:                - 'ses:SendEmail'                - 'ses:SendRawEmail'              Resource: '*'