How to add external email addresses to AWS WorkMail Group?
I can create a group on the Amazon WorkMail console and add internal users to the group. However, I do not see an option to add external email addresses with different domains.
Any tips on how to do this? Should I just create an email forwarding rule on an internal user?
Unfortunately, at present, this isn't possible (more info below). So, your proposed solution of creating an email forwarding rule is likely the best solution.
One thing to note is that you may want to set up email redirect rather than email forwarding. If you redirect, the end recipient will see the email as coming from the original sender and addressed to the original recipient, as opposed to being forwarded. In WorkMail, you'll find redirect as one of the options, alongside forwarding, when setting up the rule(s).
One additional tip for setting up the redirect/forwarding rule. There's no condition in the rules setup to just forward everything. Because of that, you'll likely want to create 2 rules. The first rule would use the condition has my name in the To box and the second rule would use the condition Does not have my name in the To box. This should have you covered for just redirecting/forwarding everything. Fortunately, you can redirect to multiple destinations, so you can probably get away with just these 2 rules even if you have multiple final destinations.
Additional info about not being able to add external addresses to groups:
An AWS team member has stated that this isn't currently supported in this AWS forum post from 2017:
Indeed, it not possible to add an external email address to a group. I will forward this feature request to the service team.
A possible workaround is to create a redirect rule that redirect emails sent to this group to the external users.
As of today, you still get the following message when adding members to a group (console screenshot):
You can only add users and groups that are enabled for access to Amazon WorkMail.
[Edit, 2021-01-17: Tips on bulk addition of email addresses to a rule]
Bulk addition of email addresses to a rule
Unfortunately, there don't currently appear to be any APIs to create inbox rules programmatically. However, you can copy-paste a large number of emails into a rule.
First, you'll want to export the set of email addresses you have into e.g. a CSV file.
Then, you'll want to append a ; to each email address. The reason for this is that the character is recognized as a separator. If we don't use it, the email rule will interpret the entire pasted text as a single email address. As an example, in Google Sheets, this can be done with CONCATENATE. E.g. =concatenate(A1,";"). Here's a screenshot:
Next, open the email rule, copy the email addresses from the spreadsheet, paste them into the recipients box, and click the To button. In this case, it's 100 emails, so it takes a little bit of time to load:
Once it finishes loading, you'll see checkboxes next to the email addresses, like when you add single email addresses manually.
Make sure to click Ok on the recipients dialog, then click Ok on the rule dialog, and finally click Save changes on the Email Rules Settings panel to ensure everything gets saved.
- How to create a size condition using AWS dynamodb-mapper-js
- Unable to read text file in Glue job
- Lambda Provisioned Concurrency showing 0 available. But I'm not using any
- How to use AWS Secret Manger in JavaScript file hosted on ECS container
- Creating a schedule expression for eventbridge using terraform
- AWS RDS restoring snapshot with upgraded engine version giving error
- Error with not existing instance profile while trying to get a django project running on AWS Beanstalk
- Timeout when trying to retrieve EC2 instance-id metadata from within it
- Lease table is not updated when new shards are added causing stale workers in KCL
- libsndfile.so.1: cannot open shared object file: No such file or directory
- Why does ECS binpack strategy on memory always scale up a new EC2 instance despite available resources?
- How to pull every single image (tag or untagged) from AWS ECR?
- In CloudFormation how can I link RDS and Secrets Manager so I don't have to hardcode the password?
- Renaming AWS GraphQL Schema Types
- How to install postgresql-client to Amazon EC2 Linux machine?
- PyCharm: Why "Python Console" is not accessing ~\.aws\credentials file? How to set it within "Python Console"
- Is it possible to run aws s3 sync with boto3?
- Python 3 asyncio with aioboto3 seems sequential
- Serverless / AWS Lambda - Create the triggers for the published lambda versions
- AWS Glue missing permissions
- Invoking lambda from API gateway test, but hitting the endpoint does not invoke the lambda. 500 returned
- terraform destroy needs original terraform code to destroy?
- AWS CDK Change S3 deployment folder lifecycle time
- How to correctly/safely access parameters from AWS SSM Parameter store for my Python script on EC2 instance?
- Why is my image not displaying on my Web page?
- How to copy blobs from azure to aws using python?
- S3 Bucket action doesn't apply to any resources
- Couldn't proceed with upgrade process as new nodes are not joining node group standard-workers
- How to customize "From" name for SNS emails
- Changing the name of a Load Balancer on AWS Console