AWS CLI version 2, the latest major version of AWS CLI, is now stable and recommended for general use. To view this page for the AWS CLI version 2, click here. For more information see the AWS CLI version 2 installation instructions and migration guide.
Returns the details of the specified receipt rule set.
For information about managing receipt rule sets, see the Amazon SES Developer Guide .
You can execute this operation no more than once per second.
See also: AWS API Documentation
describe-receipt-rule-set
--rule-set-name <value>
[--cli-input-json <value>]
[--generate-cli-skeleton <value>]
[--debug]
[--endpoint-url <value>]
[--no-verify-ssl]
[--no-paginate]
[--output <value>]
[--query <value>]
[--profile <value>]
[--region <value>]
[--version <value>]
[--color <value>]
[--no-sign-request]
[--ca-bundle <value>]
[--cli-read-timeout <value>]
[--cli-connect-timeout <value>]
--rule-set-name
(string)
The name of the receipt rule set to describe.
--cli-input-json
(string)
Performs service operation based on the JSON string provided. The JSON string follows the format provided by --generate-cli-skeleton
. If other arguments are provided on the command line, the CLI values will override the JSON-provided values. It is not possible to pass arbitrary binary values using a JSON-provided value as the string will be taken literally.
--generate-cli-skeleton
(string)
Prints a JSON skeleton to standard output without sending an API request. If provided with no value or the value input
, prints a sample input JSON that can be used as an argument for --cli-input-json
. If provided with the value output
, it validates the command inputs and returns a sample output JSON for that command.
--debug
(boolean)
Turn on debug logging.
--endpoint-url
(string)
Override command's default URL with the given URL.
--no-verify-ssl
(boolean)
By default, the AWS CLI uses SSL when communicating with AWS services. For each SSL connection, the AWS CLI will verify SSL certificates. This option overrides the default behavior of verifying SSL certificates.
--no-paginate
(boolean)
Disable automatic pagination. If automatic pagination is disabled, the AWS CLI will only make one call, for the first page of results.
--output
(string)
The formatting style for command output.
--query
(string)
A JMESPath query to use in filtering the response data.
--profile
(string)
Use a specific profile from your credential file.
--region
(string)
The region to use. Overrides config/env settings.
--version
(string)
Display the version of this tool.
--color
(string)
Turn on/off color output.
--no-sign-request
(boolean)
Do not sign requests. Credentials will not be loaded if this argument is provided.
--ca-bundle
(string)
The CA certificate bundle to use when verifying SSL certificates. Overrides config/env settings.
--cli-read-timeout
(int)
The maximum socket read time in seconds. If the value is set to 0, the socket read will be blocking and not timeout. The default value is 60 seconds.
--cli-connect-timeout
(int)
The maximum socket connect time in seconds. If the value is set to 0, the socket connect will be blocking and not timeout. The default value is 60 seconds.
Metadata -> (structure)
The metadata for the receipt rule set, which consists of the rule set name and the timestamp of when the rule set was created.
Name -> (string)
The name of the receipt rule set. The name must meet the following requirements:
- Contain only ASCII letters (a-z, A-Z), numbers (0-9), underscores (_), or dashes (-).
- Start and end with a letter or number.
- Contain 64 characters or fewer.
CreatedTimestamp -> (timestamp)
The date and time the receipt rule set was created.
Rules -> (list)
A list of the receipt rules that belong to the specified receipt rule set.
(structure)
Receipt rules enable you to specify which actions Amazon SES should take when it receives mail on behalf of one or more email addresses or domains that you own.
Each receipt rule defines a set of email addresses or domains that it applies to. If the email addresses or domains match at least one recipient address of the message, Amazon SES executes all of the receipt rule's actions on the message.
For information about setting up receipt rules, see the Amazon SES Developer Guide .
Name -> (string)
The name of the receipt rule. The name must meet the following requirements:
- Contain only ASCII letters (a-z, A-Z), numbers (0-9), underscores (_), dashes (-), or periods (.).
- Start and end with a letter or number.
- Contain 64 characters or fewer.
Enabled -> (boolean)
Iftrue
, the receipt rule is active. The default value isfalse
.TlsPolicy -> (string)
Specifies whether Amazon SES should require that incoming email is delivered over a connection encrypted with Transport Layer Security (TLS). If this parameter is set toRequire
, Amazon SES bounces emails that are not received over TLS. The default isOptional
.Recipients -> (list)
The recipient domains and email addresses that the receipt rule applies to. If this field is not specified, this rule matches all recipients on all verified domains.
(string)
Actions -> (list)
An ordered list of actions to perform on messages that match at least one of the recipient email addresses or domains specified in the receipt rule.
(structure)
An action that Amazon SES can take when it receives an email on behalf of one or more email addresses or domains that you own. An instance of this data type can represent only one action.
For information about setting up receipt rules, see the Amazon SES Developer Guide .
S3Action -> (structure)
Saves the received message to an Amazon Simple Storage Service (Amazon S3) bucket and, optionally, publishes a notification to Amazon SNS.
TopicArn -> (string)
The ARN of the Amazon SNS topic to notify when the message is saved to the Amazon S3 bucket. You can find the ARN of a topic by using the ListTopics operation in Amazon SNS.
For more information about Amazon SNS topics, see the Amazon SNS Developer Guide .
BucketName -> (string)
The name of the Amazon S3 bucket for incoming email.ObjectKeyPrefix -> (string)
The key prefix of the Amazon S3 bucket. The key prefix is similar to a directory name that enables you to store similar data under the same directory in a bucket.KmsKeyArn -> (string)
The customer managed key that Amazon SES should use to encrypt your emails before saving them to the Amazon S3 bucket. You can use the default managed key or a custom managed key that you created in Amazon Web Services KMS as follows:
- To use the default managed key, provide an ARN in the form of
arn:aws:kms:REGION:ACCOUNT-ID-WITHOUT-HYPHENS:alias/aws/ses
. For example, if your Amazon Web Services account ID is 123456789012 and you want to use the default managed key in the US West (Oregon) Region, the ARN of the default master key would bearn:aws:kms:us-west-2:123456789012:alias/aws/ses
. If you use the default managed key, you don't need to perform any extra steps to give Amazon SES permission to use the key.- To use a custom managed key that you created in Amazon Web Services KMS, provide the ARN of the managed key and ensure that you add a statement to your key's policy to give Amazon SES permission to use it. For more information about giving permissions, see the Amazon SES Developer Guide .
For more information about key policies, see the Amazon Web Services KMS Developer Guide . If you do not specify a managed key, Amazon SES does not encrypt your emails.
Warning
Your mail is encrypted by Amazon SES using the Amazon S3 encryption client before the mail is submitted to Amazon S3 for storage. It is not encrypted using Amazon S3 server-side encryption. This means that you must use the Amazon S3 encryption client to decrypt the email after retrieving it from Amazon S3, as the service has no access to use your Amazon Web Services KMS keys for decryption. This encryption client is currently available with the Amazon Web Services SDK for Java and Amazon Web Services SDK for Ruby only. For more information about client-side encryption using Amazon Web Services KMS managed keys, see the Amazon S3 Developer Guide .IamRoleArn -> (string)
The ARN of the IAM role to be used by Amazon Simple Email Service while writing to the Amazon S3 bucket, optionally encrypting your mail via the provided customer managed key, and publishing to the Amazon SNS topic. This role should have access to the following APIs:
s3:PutObject
,kms:Encrypt
andkms:GenerateDataKey
for the given Amazon S3 bucket.kms:GenerateDataKey
for the given Amazon Web Services KMS customer managed key.sns:Publish
for the given Amazon SNS topic.Note
If an IAM role ARN is provided, the role (and only the role) is used to access all the given resources (Amazon S3 bucket, Amazon Web Services KMS customer managed key and Amazon SNS topic). Therefore, setting up individual resource access permissions is not required.BounceAction -> (structure)
Rejects the received email by returning a bounce response to the sender and, optionally, publishes a notification to Amazon Simple Notification Service (Amazon SNS).
TopicArn -> (string)
The Amazon Resource Name (ARN) of the Amazon SNS topic to notify when the bounce action is taken. You can find the ARN of a topic by using the ListTopics operation in Amazon SNS.
For more information about Amazon SNS topics, see the Amazon SNS Developer Guide .
SmtpReplyCode -> (string)
The SMTP reply code, as defined by RFC 5321 .StatusCode -> (string)
The SMTP enhanced status code, as defined by RFC 3463 .Message -> (string)
Human-readable text to include in the bounce message.Sender -> (string)
The email address of the sender of the bounced email. This is the address from which the bounce message is sent.WorkmailAction -> (structure)
Calls Amazon WorkMail and, optionally, publishes a notification to Amazon Amazon SNS.
TopicArn -> (string)
The Amazon Resource Name (ARN) of the Amazon SNS topic to notify when the WorkMail action is called. You can find the ARN of a topic by using the ListTopics operation in Amazon SNS.
For more information about Amazon SNS topics, see the Amazon SNS Developer Guide .
OrganizationArn -> (string)
The Amazon Resource Name (ARN) of the Amazon WorkMail organization. Amazon WorkMail ARNs use the following format:
arn:aws:workmail:<region>:<awsAccountId>:organization/<workmailOrganizationId>
You can find the ID of your organization by using the ListOrganizations operation in Amazon WorkMail. Amazon WorkMail organization IDs begin with "
m-
", followed by a string of alphanumeric characters.For information about Amazon WorkMail organizations, see the Amazon WorkMail Administrator Guide .
LambdaAction -> (structure)
Calls an Amazon Web Services Lambda function, and optionally, publishes a notification to Amazon SNS.
TopicArn -> (string)
The Amazon Resource Name (ARN) of the Amazon SNS topic to notify when the Lambda action is executed. You can find the ARN of a topic by using the ListTopics operation in Amazon SNS.
For more information about Amazon SNS topics, see the Amazon SNS Developer Guide .
FunctionArn -> (string)
The Amazon Resource Name (ARN) of the Amazon Web Services Lambda function. An example of an Amazon Web Services Lambda function ARN isarn:aws:lambda:us-west-2:account-id:function:MyFunction
. For more information about Amazon Web Services Lambda, see the Amazon Web Services Lambda Developer Guide .InvocationType -> (string)
The invocation type of the Amazon Web Services Lambda function. An invocation type of
RequestResponse
means that the execution of the function immediately results in a response, and a value ofEvent
means that the function is invoked asynchronously. The default value isEvent
. For information about Amazon Web Services Lambda invocation types, see the Amazon Web Services Lambda Developer Guide .Warning
There is a 30-second timeout onRequestResponse
invocations. You should useEvent
invocation in most cases. UseRequestResponse
only to make a mail flow decision, such as whether to stop the receipt rule or the receipt rule set.StopAction -> (structure)
Terminates the evaluation of the receipt rule set and optionally publishes a notification to Amazon SNS.
Scope -> (string)
The scope of the StopAction. The only acceptable value isRuleSet
.TopicArn -> (string)
The Amazon Resource Name (ARN) of the Amazon SNS topic to notify when the stop action is taken. You can find the ARN of a topic by using the ListTopics Amazon SNS operation.
For more information about Amazon SNS topics, see the Amazon SNS Developer Guide .
AddHeaderAction -> (structure)
Adds a header to the received email.
HeaderName -> (string)
The name of the header to add to the incoming message. The name must contain at least one character, and can contain up to 50 characters. It consists of alphanumeric (a–z, A–Z, 0–9) characters and dashes.HeaderValue -> (string)
The content to include in the header. This value can contain up to 2048 characters. It can't contain newline (\n
) or carriage return (\r
) characters.SNSAction -> (structure)
Publishes the email content within a notification to Amazon SNS.
TopicArn -> (string)
The Amazon Resource Name (ARN) of the Amazon SNS topic to notify. You can find the ARN of a topic by using the ListTopics operation in Amazon SNS.
For more information about Amazon SNS topics, see the Amazon SNS Developer Guide .
Encoding -> (string)
The encoding to use for the email within the Amazon SNS notification. UTF-8 is easier to use, but may not preserve all special characters when a message was encoded with a different encoding format. Base64 preserves all special characters. The default value is UTF-8.ScanEnabled -> (boolean)
Iftrue
, then messages that this receipt rule applies to are scanned for spam and viruses. The default value isfalse
.