How can I find out which IAM user sent an email through Amazon SES?

3 minute read
0

I want to see which AWS Identity and Access Management (IAM) user sent an email through Amazon Simple Email Service (Amazon SES). How can I do that?

Short description

Use Amazon SES event publishing with an Amazon CloudWatch destination to view more information about sent or delivered emails. This information on CloudWatch includes the IAM user who sent the email. Follow these steps:

  1. Create a configuration set with CloudWatch as the event destination.
  2. Send a test email from Amazon SES.
  3. Check the metric on CloudWatch.

Resolution

Before you begin, you must have:

Create a configuration set with CloudWatch as the event destination

  1. Open the Amazon SES console.
  2. From the navigation pane, choose Configuration Sets.
  3. Choose Create Configuration Set.
  4. For Configuration Set Name, enter a name for the configuration set. For example, enter CallerIdentity.
  5. Choose Create Configuration Set.
  6. From the list of configuration sets, choose the set that you just created to view its details.
  7. On the Event Destinations tab, for Add Destination, select CloudWatch.
  8. For CloudWatch Destination, enter the following:
    For Name, enter a name for the event destination. For example, enter NameOfCallerIdentity.
    For Event types, select Send at minimum. You can also select Delivery to be able to filter between messages that delivered successfully or messages that bounced.
    For Value Source, select Message Tag.
    For Dimension Name, enter a name for the dimension. For example, enter ses:caller-identity.
    For Default Value, enter the same value that you entered for Name.
  9. Choose Save.

Send a test email from Amazon SES

  1. From the Amazon SES console, choose Email Addresses or Domains from the navigation pane, depending on whether you're using an email address or domain.
  2. Select your verified email address or domain. Then, choose Send a Test Email.
  3. Choose More options.
  4. Enter the following:
    For To, enter an email address where you want to receive the test email.
    For Configuration Set, enter the name of the configuration set that you created.
    For Subject, enter a subject line for the test email.
  5. Choose Send Test Email.

Check CloudWatch for the metric on the test email

  1. Open the CloudWatch console.
  2. From the navigation pane, choose Metrics.
  3. On the All metrics tab, choose SES.
  4. Choose the dimension name that you entered when you created the configuration set. For example, choose ses:caller-identity.
  5. Under the ses:caller-identity column, you'll see the IAM user who sent the test email.

Related information

Retrieving Amazon SES Event Data from CloudWatch

AWS OFFICIAL
AWS OFFICIALUpdated 2 years ago