Menu
Amazon Simple Email Service
Developer Guide (API Version 2010-12-01)

Managing Your Policies for Amazon SES Sending Authorization

In addition to creating and attaching policies to identities as explained in Creating a Policy, you can edit, remove, list, and retrieve an identity's policies, as described in the following sections.

Note

To revoke permissions, you can either edit a policy or remove it.

Editing a Policy

The easiest way to edit a policy is to use the Amazon SES console. If you want to use the Amazon SES API instead, you can use the GetIdentityPolicies API to retrieve the policy, edit the policy by using a text editor, and then use the PutIdentityPolicy API to overwrite the older policy. These actions are explained in the Amazon Simple Email Service API Reference.

The following procedure shows you how to edit a policy by using the Amazon SES console.

To edit a policy by using the Amazon SES console

  1. Sign in to the AWS Management Console and open the Amazon SES console at https://console.aws.amazon.com/ses/.

  2. In the left navigation pane, under Identity Management, choose either Email Addresses or Domains.

  3. In the resource list, choose the identity that is associated with the policy that you want to edit.

  4. In the details pane, expand Identity Policies, find the policy that you want in the Identity Policy list, and then choose Edit Policy.

  5. In the Edit Policy pane, edit the policy, and then choose Apply Policy.

  6. In the Overwrite Existing Policy dialog box, choose Overwrite.

Removing a Policy

To revoke permissions at any time, you can simply remove the policy. You can remove a policy by using the DeleteIdentityPolicy API, as explained in the Amazon Simple Email Service API Reference, or you can use the Amazon SES console, as described in the following procedure.

Important

After you remove a policy, there is no way to get it back. We recommend that you back up the policy by copying and pasting it into a text file before you remove the policy.

To remove a policy by using the Amazon SES console

  1. Sign in to the AWS Management Console and open the Amazon SES console at https://console.aws.amazon.com/ses/.

  2. In the left navigation pane, under Identity Management, choose either Email Addresses or Domains.

  3. In the resource list, choose the identity that is associated with the policy that you want to remove.

  4. In the details pane, expand Identity Policies, find the policy that you want to remove, and then choose Remove Policy.

  5. In the Remove Policy dialog box, choose Yes, Remove Policy.

Listing and Retrieving Policies

You can list the policies that are attached to an identity by using the ListIdentityPolicies API as explained in the Amazon Simple Email Service API Reference. You can also retrieve the policies themselves by using the GetIdentityPolicies API.

You can also jointly perform these operations in the Amazon SES console as described in the following procedure.

To list and show the policies attached to an identity by using the Amazon SES console

  1. Sign in to the AWS Management Console and open the Amazon SES console at https://console.aws.amazon.com/ses/.

  2. In the left navigation pane, under Identity Management, choose either Email Addresses or Domains.

  3. In the resource list, choose the identity for which you want to see policies.

  4. In the details pane, expand Identity Policies. You will see a list of policies.

  5. Find the policy that you want to view in the Identity Policy list, and then choose Show Policy.

  6. After you are finished viewing the policy, close the Show Policy dialog box.