# Connect Amazon SES API {% hint style="danger" %} **We are not following Amazon's best practices in this guide to greatly reduce complexity.** This documentation gives you the shortest path to send your first email by having you create access keys for the root user. This will increase your chances of a successful setup. {% endhint %} {% hint style="warning" %} Amazon recommends creating an IAM account that has the minimum access required for using SES as best practice, rather than using root user access keys as shown in this guide. {% endhint %} {% hint style="info" %} **Advanced users only** To implement Amazon's best practices yourself, create a new user with only the [AmazonSESFullAccess](https://docs.aws.amazon.com/ses/latest/DeveloperGuide/control-user-access.html) and [AmazonSNSFullAccess](https://docs.aws.amazon.com/sns/latest/dg/AccessPolicyLanguage.html) permissions policies applied. {% endhint %} First, create an Amazon AWS account if you don't have one. As of the time of this writing, the link is: {% embed url="" %}

Login to the AWS console as the root user you've created {% embed url="" %} ![](https://2024949584-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FHNgw7cfnOYHQr0B6GDXr%2Fuploads%2F8feB4FBxCEH0cCvtJM8P%2FScreenshot%202023-08-20%20at%209.29.01%20PM.png?alt=media\&token=f9105e7f-06bc-4059-8e2c-e5c2c87e3502) You'll start off at the console home page. Take note of your account region, this will be needed later.

In the upper right of the console home, click your username, then security credentials.

Scroll down to create access key.

{% hint style="info" %} Amazon will warn you this is not following best practices, confirm to go to the next step. {% endhint %}

Copy both of your access keys and save them somewhere secure as you will need them to integrate with your EmailDelivery.com platform installation later.

Now that your access credentials have been created, it's time to go to the Amazon SES page. {% embed url="" %} Click verified identities.

Click create identity.

{% hint style="info" %} **Your verified identity is the domain you want to send mail with over Amazon SES** This is going to be a subdomain exclusively created for this purpose. {% endhint %}

After saving, you'll need to verify your ownership of the domain by creating some CNAME records generated by Amazon to your DNS provider.

Below is an example of how this would look on Cloudflare.

{% hint style="info" %} **The best things come to those who wait** Amazon autodetects the CNAME records. You'll need to periodically refresh the page until it finds them. {% endhint %} Once your domain has successfully been verified you'll see the following.

Now it's time to add your Amazon SES sending domain to your platform. In the backend navigation go to Connect -> Amazon SES API.

Click Add SES account.

Look at the URL of your Amazon console to find your region, and add the domain you used for your verified identity.

Click save.

{% hint style="success" %} **if your configuration saves successfully you should now be integrated with Amazon SES.** {% endhint %} 🚨 **For new Amazon SES accounts there's one more step.** 🚨 {% hint style="danger" %} **New accounts start off in the Amazon "Sandbox" until they're approved by Amazon.** When you're in the Amazon sandbox, you can only send test messages to your own verified email addresses; this would typically be a Gmail address. {% endhint %} {% hint style="info" %} **To verify an email address, Amazon emails a link.** Click the link and you can send test messages through Amazon until you're approved to send outside of the sandbox. {% endhint %}

Create an identity just like you did to verify your domain:

Choose Email address instead of Domain this time:

Click the link sent to your email:

{% hint style="success" %} You're done. You can send messages to your verified email address from the sandbox now. {% endhint %} {% hint style="danger" %} **URGENT:** **Don't use an Amazon SES authenticated email address as your ESP platform's Sender Email Address.** {% endhint %}

{% hint style="warning" %} **Using your verified email address as your sender email address will stop Amazon from sending webhooks back to your platform, causing your stats to be blank.** {% endhint %}

{% hint style="info" %} **Troubleshooting** The below steps are optional and for troubleshooting purposes only. {% endhint %} On Amazon, the notifications tab should show feedback notifications have been created. If it's not there, refresh the page a few times.

You should have an SNS topic automatically configured at the following url. {% embed url="" %}

Under topics/subscriptions you should see your platform install domain admin\_url has been added automatically as your webhook endpoint.