Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Amplify-cli doesn't add the correct permissions for using the Pinpoint API to send template email

See original GitHub issue

Describe the bug I’ve created a “sendEmail” lambda function which will send all of my transactional emails based on a Pinpoint email template. I’ve added the Analytics permissions via the CLI when adding the function. Can we get the required permissions added, when enabling the function to have access to pinpoint, to send templated emails. I’m going to probably have to hack this into a CF resource for now but it would be great if you guys can support this feature.

Amplify CLI Version 4.24.1

To Reproduce

Add a new function for sending email
Add permissions for analytics (pinpoint) access.
Create a basic html template for sending an email in the lambda function

    var pinpointemail = new AWS.PinpointEmail({apiVersion: '2018-07-26'});
    var params = {
      Content: { /* required */
        Template: {
          TemplateArn: 'ARN of template',
          TemplateData: JSON.stringify({
              name: "Elon Musk"
          })
        }
      },
      Destination: { /* required */
        ToAddresses: [
          'youremail@example.com',
        ]
      },
      FromEmailAddress: 'yourawesomeamplifyapp@app.com',
      ReplyToAddresses: [
        'yourawesomeamplifyapp@app.com',
      ]
    };
    await pinpointemail.sendEmail(params).promise();

I get the following response in CloudWatch logs:

 "AccessDeniedException: User `arn:aws:sts::458325423128:assumed-role/appLambdaRole93f0f918-develop/sendEmailFunction-develop' is not authorized to perform `ses:SendTemplatedEmail' on resource `arn:aws:ses:us-east-1:app:identity/app@app.app'",
        "    at Object.extractError (/var/runtime/node_modules/aws-sdk/lib/protocol/json.js:51:27)",
        "    at Request.extractError (/var/runtime/node_modules/aws-sdk/lib/protocol/rest_json.js:55:8)",

Expected behavior ses:SendTemplatedEmail permissions added when enabling the analytics stack permission for your lambda function.

Desktop (please complete the following information):

OS:Ubuntu 18.04
12

Issue Analytics

State:
Created 3 years ago
Comments:7 (6 by maintainers)

Top GitHub Comments

1reaction

UnleashedMindcommented, Jul 17, 2020

merged the PR.

1reaction

UnleashedMindcommented, Jul 15, 2020

Thanks for logging the issue. The PR looks good too.

Top Results From Across the Web

Amazon Pinpoint actions for IAM policies - AWS Documentation

Manage Amazon Pinpoint access by adding actions to IAM policies for users and resources in your AWS account.

Project-level configurations - Troubleshooting guide

Information to troubleshoot common Amplify CLI project errors. - AWS Amplify Docs.

Add Recommendations to Email campaign

In Amazon Pinpoint, you can retrieve personalized recommendations from a recommender model and add them to messages that you send from campaigns and...

A guide to implement Push Notifications with React Native ...

This is because AWS Amplify doesn't come with a solution out of the ... Meanwhile, the campaign data has been send back to...

Generate a Cloud Backend using AWS Amplify - Luminis

Once you have the CLI installed and an active AWS account, run the first command (current directory does not matter yet), which is:...