Create AWS Role

If you do not have an AWS Account you can create one for free. Follow this link ‘How to create a free AWS account’.

IAM Full Access is something similar to full Admin Access. It gives Send With SES the power to provision any resource within your AWS Account. However Send With SES only provisions resources which are required to send Emails, SMS, and Push Notifications, and to collect various delivery statistics. Currently these resources are - SES, SQS, SNS, S3, Pinpoint, CloudWatch. Send With SES will inform you in advance if any new resource is to be provisioned.

The alternative to IAM Full Access Role is to create a 'User' with specific permissions for each of the required AWS Resource and give Send With SES the 'secret keys' for that user (a risky proposition). You will also need create a 'SNS Role' for collecting CloudWatch metrics and give Send With SES that Role ARN. In future if any new permission is required you will need to edit that User/Role. All this can be confusing and cumbersome to most users. The IAM Full Access Role allows Send With SES to securely and programmatically handle all these tasks for you.

Your AWS Account Security.

Send With SES accesses your AWS Account by requesting a set of temporary keys using the 'IAM Role' provided by you. No third parties can access your account.

You can delete the IAM Role at any time to prevent Send With SES from accessing your AWS Account.

It is highly recommended you create a separate AWS Account exclusively for Send With SES. This way you can be sure that any resource launched within this AWS Account has been provisioned by Send With SES.