silly permissions

The advantages of serverless are sometimes taken away by all the configuration to make the thing work – securely.  But 3 hours today saves 100 hours throughout the year.

This is the manual method of setting up a policy that is not FullAdministrator mode.  It can be further locked down if you were doing government/policy strict work, and you’d want to do it programmatically so it’s automated and auditable.

User with Lambda, SES, API Gateway and CloudFormation Full Access

AWS IAM Policy for Serverless

Serverless Errors From Email Address Send To Permissions

Serverless resource permissions

Add Policy For Receiver Address

SES Email Address Policy

 

Then you can deploy your app with full deploy and sending email capabilities.

Leave a Reply

Your email address will not be published. Required fields are marked *