IAM user getting access deny error when trying to send SES emails on CLI

Question

I am trying to send SES emails from my CLI but keep getting denied.  The user account is part of a group with AWSSESFullAccess permissions but continues to get the following error:

An error occurred (AccessDenied) when calling the SendEmail operation: User `...` is not authorized to perform `ses:SendEmail` on resource `...`

There is no organization Service Control Policy denying this and the domain resource is verified, the send test email button in the console works properly.  Am I missing something?

Accepted Answer

You may want to try the IAM Policy Simulator to see if it signals which policy is responsible for the denial. See: [Testing IAM policies with the IAM policy simulator](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_testing-policies.html).

IAM user getting access deny error when trying to send SES emails on CLI

相關內容