1 Answer
- Newest
- Most votes
- Most comments
2
The behavior you observed of Cognito being able to send emails to unverified addresses from within the SES sandbox is likely due to how Cognito integrates with SES. When a Cognito user pool is configured to use SES for email, it is granted permissions via a service-linked role to send emails on behalf of users. This bypassses some of the normal restrictions of the SES sandbox. However, you are correct that in general, the SES sandbox is not meant to allow sending to unverified addresses. There are a few options to consider:
- Verify the email addresses you want to test with so they are allowed within the sandbox.
- Request a limit increase on your SES account to move it fully out of the sandbox by submitting a request through the AWS Support Center. This will allow sending to any addresses once approved.
- Consider alternatives like using a development SES account not in sandbox mode for testing purposes before going to production.
Relevant content
- Accepted Answerasked 4 months ago
AWS OFFICIALUpdated 2 years ago- AWS OFFICIALUpdated 5 months ago
- AWS OFFICIALUpdated 2 years ago
The problem is that i expected it to follow the SES rules instead of bypass them, so the dev pool won't contact any of our customers. Is it possible to make the pool follow the SES sandbox restrictions? EDIT: it is my fault, the problem relys on the
Messagingconfiguration, it can useSend email with Amazon SES - RecommendedorSend email with Cognito, the first option respect the SES verified identities, the second one is insulated from SES and it is normal that doesn't respect any restriction. I found it while checking it through your considerations, thank you :)