By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

How do I obtain permission to execute "delete-suppressed-destination"?

0

I have found two email addresses that are suppressed. AmazonSES has marked these emails due to a hard bounce and will not forward requets to them until they are cleared off the "account-level suppression list".
From the page
https://docs.aws.amazon.com/ses/latest/DeveloperGuide/sending-email-suppression-list.html
There are CLI commands to manage this list:

aws sesv2 list-suppressed-destinations
aws sesv2 delete-suppressed-destination --email-address recipient@example.com

When I attempt to run these commands, I get a permission denied:

C:\Users\junkm>aws sesv2 list-suppressed-destinations

An error occurred (AccessDeniedException) when calling the ListSuppressedDestinations operation: User: arn:aws:iam::XXXXXXXXX:user/smtp-user.XXXXXXX is not authorized to perform: ses:ListSuppressedDestinations on resource: *

I have spent about 1/2 day looking thru the documentation and can't figure out how to grant myself this permission. From the IAM Access management --> Users screen
I have AmazonSesSendingAccess policy which contains service grouped under Pinpoint Email and SES. The desired calls
list-suppressed-destinations
delete-suppressed-destination
are not in these services and I am unable to find out what policy or Service to add to support these calls.

If you have sweated thru this problem before, please share the wisdom.

Thanks
Obbie Pet

Edited by: Obbie on Apr 28, 2020 3:11 AM
I was able to resolve my problem by adding permission to my user role. Here is the operations I went thru. Not guaranteed to work for you, but it should be a good start..

To add permissions to my user to execute the commands above:

IAM console --> Users  
Press user's name link  
  
Select downarrow for Policy name: "AmazonSesSendingAccess"  
Press SES link  
Press "Edit policy" button  
Press JSON tab  
Permissions were added to the bottom of the JSON list to enable the priviledges need to remove suppressed emails:  
  
                "ses:ListSuppressedDestinations",  
                "ses:ListVerifiedEmailAddresses",  
                "ses:PutAccountSuppressionAttributes"  
  
To save future changes made:  
Make changes to the JSON list  
Press the "Review policy" button  
Press "Save changes"
Topics
Front-End Web & MobileBusiness Applications
Tags
Amazon Simple Email Service
Language
English
Obbie
asked 4 years ago1076 views
1 Answer
0

I had the same problem. Solved it differently.

Apparently you have to 'turn on' the suppression list management:

aws sesv2 put-account-suppression-attributes --suppressed-reasons BOUNCE COMPLAINT

Afterwards the other queries just work.

WimG
answered 4 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content