- Newest
- Most votes
- Most comments
It looks like you are trying to use sending authorization to allow your delegate sender account to send email on behalf of your identity owner account.
In Overview of Amazon SES sending authorization there is a note that:
The AWS account of the delegate sender has to be removed from the sandbox before it can be used to send email to non-verified addresses.
and in Verifying an identity for Amazon SES sending authorization it says:
Before you or the delegate sender can send email to non-verified email addresses, you have to submit a request to have your account removed from the Amazon SES sandbox. For more information, see Moving out of the Amazon SES sandbox.
You said:
it seems to use the local ses setup which is sandbox and therefore I get an error that my to email is not verified.
It seems that you will need to move out of the sandbox in both the identity owner and delegate sender accounts before you will be able to send to unverified email addresses.
Emails need to be verified in the account from which the email is being sent via SES. You may need to create an IAM role in account that the domain is verified in with the appropriate assume role policy. Then, you configure your Lambda function to assume an IAM role in another AWS account. https://repost.aws/knowledge-center/lambda-function-assume-iam-role
Relevant content
- Accepted Answerasked 4 months ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated a month ago
- AWS OFFICIALUpdated 2 years ago
I believe that is the answer. I have asked to upgrade to production. it would make sense.