问题
I am new to aws lambda. I am trying to send mail with aws ses with aws lambda, without any triggers. Here is my code
import boto3
from botocore.exceptions import ClientError
ses = boto3.client('ses')
email_from = 'proteeti@cloudly.io'
email_to = 'proteeti13@gmail.com'
emaiL_subject = 'Subject'
email_body = 'Body'
def lambda_handler(event, context):
response = ses.send_email(
Source = email_from,
Destination={
'ToAddresses': [
email_to,
],
},
Message={
'Subject': {
'Data': emaiL_subject
},
'Body': {
'Text': {
'Data': email_body
}
}
}
)
I've created a custome role with simple microservices permission. The event is set to hello world. I saved and clicked on test, it shows this errors
{
"errorMessage": "An error occurred (AccessDenied) when calling the SendEmail operation: User `arn:aws:sts::990458801115:assumed-role/basic-lambda-role/sendmail' is not authorized to perform `ses:SendEmail' on resource `arn:aws:ses:us-east-1:990458801115:identity/proteeti@cloudly.io'",
"errorType": "ClientError",
"stackTrace": [
[
"/var/task/lambda_function.py",
28,
"lambda_handler",
"'Data': email_body"
],
[
"/var/runtime/botocore/client.py",
314,
"_api_call",
"return self._make_api_call(operation_name, kwargs)"
],
[
"/var/runtime/botocore/client.py",
612,
"_make_api_call",
"raise error_class(parsed_response, operation_name)"
]
]
}
I wrote the code from here, it runs perfectly locally.
回答1:
The Lambda function you're running this code in does not have permission to send messages using SES. You need to add the action ses:SendEmail
to your basic-lambda-role
IAM Role.
When you run the code locally you will be communicating with SES using your own developer credentials, which probably have higher permissions.
回答2:
It seems that the role you're using doesn't have the relevant policies regarding the SES service.
Step 1: Create a custom policy - For example: SES-SendEmail-Policy
and provide it with the following JSON:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"ses:SendEmail", <--- This is the action that was missing
],
"Resource": "*"
}
]
}
Step 2: Attach the SES-SendEmail-Policy
to the basic-lambda-role
role.
来源:https://stackoverflow.com/questions/52473158/python-error-sending-mail-with-amazon-ses-with-aws-lambda