- Newest
- Most votes
- Most comments
Hi almond.
Have you tried the following troubleshooting steps?
- Confirm that the number is valid using the Amazon Pinpoint number validator. SMS delivery is supported for ‘MOBILE’ phoneType. SMS delivery to ‘VOIP’ numbers might not be successful, but will be attempted on a best effort.
- Confirm that your monthly SMS spend quota isn't depleted by reviewing the TextMessageMonthlySpend metric in Amazon CloudWatch. For more information see View your monthly SMS and voice spending by using CloudWatch.
- If the delivery issue is limited to one or two devices, then rule out device-related issues. Verify that the number(s) can receive SMS outside of Amazon Pinpoint at the time of the failure.
- Turn on SMS event logging to assist in identifying the cause of the failure.
- Review the message status.
- Review how to resolve Unknown error attempting to reach phone.
- Take note of the special requirements and regulations. See Country capabilities and limitations for SMS with Amazon Pinpoint, and confirm that these requirements are being met.
I hope this helps.
Hi almond.
Try the following modifications:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": [
"mobileanalytics:*",
"mobiletargeting:*"
],
"Resource": [
"arn:aws:mobiletargeting:ap-south-1::*"
],
"Condition": {
"IpAddress": {
"aws:SourceIp": []
}
}
}
]
}
The changes are:
- Allow all moblieanalitics and mobiletargeting actions.
- Allow all mobiletargeting resources in the ap-south-1 region
- You can alternatively try to set the resources to
"*"to allow any resource.
This is more permissive than what you had before but it can help to achieve the result you want now. From there make sure to tighten the security until you get to a point where only the resources you need can do the required actions.
I hope this helps.
Hi Jose,
Despite making the changes to the existing policy permissions and replacing them with the above mentioned changes that were suggested, I am still getting the following error :-
AccessDeniedException: User: arn:aws:sts::----:assumed-role/send-otp-pinpoint-RR/TemporarySession is not authorized to perform: mobiletargeting:SendOTPMessage on resource: arn:aws:mobiletargeting:ap-south-1:---:apps/----/otp
Relevant content
- asked a year ago
AWS OFFICIALUpdated a year ago- How do I set up logging for Amazon Pinpoint voice messages for Amazon Pinpoint SMS and Voice v1 API?AWS OFFICIALUpdated 2 years ago
- How do I set up logging for Amazon Pinpoint voice messages for Amazon Pinpoint SMS and Voice v2 API?AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 10 months ago
Hi Jose,
Greatly appreciate for all the points that were mentioned with regards to the concern I raised. I am able to send TEST Messages from my sender ID. But when I trying to integrate the send_otp_message API with Cloudshell as well as my code, I am receiving a similar error for both which is as follows :- arn:aws:sts:::assumed-role/Role-name/TemporarySession is not authorized to perform: mobiletargeting:SendOTPMessage on resource: arn:aws:mobiletargeting:ap-south-1::apps/APP_ID/otp I have cross checked my permissions for the role and are in place. Can you suggest anything regarding that?
Hi almond. Could you share what your role looks like (the policies attached to it)? (Make sure you redact any sensitive information).
{ "Version": "2012-10-17", "Statement": [ { "Sid": "VisualEditor0", "Effect": "Allow", "Action": [ "mobileanalytics:", "mobiletargeting:" ], "Resource": [ "arn:aws:mobiletargeting:ap-south-1::apps//otp", "arn:aws:mobiletargeting:ap-south-1::apps//verify-otp" ], "Condition": { "IpAddress": { "aws:SourceIp": [] } } } ] }