Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Extract separate SESSuppressionListPolicy
Commit 989e0d7 didn't work, because SESSendEmailPolicy is limited to specific resources, and the suppression list permissions must apply to 'Resource: "*"': User: arn:aws:sts::...:assumed-role/.../elistman-dev-Function-... is not authorized to perform: ses:GetSuppressedDestination on resource: * because no identity-based policy allows the ses:GetSuppressedDestination action I should've noticed that previously.
- Loading branch information