I currently have the following definition for a AWS::Serverless::Function in my AWS SAM template:
PostSignUpConfirmationFunction:
Type: AWS::Serverless::Function
Properties:
CodeUri: ./dist/
Handler: cognitoTriggers.handler
Runtime: nodejs8.10
Policies:
- DynamoDBCrudPolicy:
TableName: !Ref Table
How can I also add the permission to use SES to send an email? Thanks!
As you're using AWS SAM, you can simply utilize its policy templates for granting access to send e-mails using SES. There is a policy template called SESCrudPolicy you can use. All you have to do is to provide the identity you want to grant access to. That'd look like:
PostSignUpConfirmationFunction:
Type: AWS::Serverless::Function
Properties:
CodeUri: ./dist/
Handler: cognitoTriggers.handler
Runtime: nodejs8.10
Policies:
- DynamoDBCrudPolicy:
TableName: !Ref Table
- SESCrudPolicy:
IdentityName: identity_you_want_to_use