如何授权lambda用CDK执行ses:SendEmail?
How to authorize lambda to perform ses:SendEmail with CDK?
我收到运行时异常:
AccessDenied: User
arn:aws:sts::431535252:assumed-role/...some-lambda' is not authorized
to perform 'ses:SendEmail' on resource
`arn:aws:ses:us-east-1:52452465462:identity/contact@somedomain.com
查看 docs here,我无法弄清楚如何授予该权限。
目前,需要为 lambda 的执行角色手动添加策略:
theLambda.addToRolePolicy(new iam.PolicyStatement({
actions: ['ses:SendEmail', 'SES:SendRawEmail'],
resources: ['*'],
effect: iam.Effect.ALLOW,
}));
我收到运行时异常:
AccessDenied: User arn:aws:sts::431535252:assumed-role/...some-lambda' is not authorized to perform 'ses:SendEmail' on resource `arn:aws:ses:us-east-1:52452465462:identity/contact@somedomain.com
查看 docs here,我无法弄清楚如何授予该权限。
目前,需要为 lambda 的执行角色手动添加策略:
theLambda.addToRolePolicy(new iam.PolicyStatement({
actions: ['ses:SendEmail', 'SES:SendRawEmail'],
resources: ['*'],
effect: iam.Effect.ALLOW,
}));