Comprehensive identity verification and configuration system for email addresses and domains. This module handles identity verification, DKIM setup, Mail-From domain configuration, notification management, and authorization policies.
Verify email addresses and domains for sending emails through SES.
/**
* Verifies an email address for sending emails
* @param input - Email address to verify
* @returns Promise with verification response
*/
interface VerifyEmailIdentityCommandInput {
/** Email address to verify */
EmailAddress: string;
}
interface VerifyEmailIdentityCommandOutput {
$metadata: ResponseMetadata;
}
/**
* Verifies a domain for sending emails
* @param input - Domain to verify
* @returns Promise with verification token
*/
interface VerifyDomainIdentityCommandInput {
/** Domain name to verify */
Domain: string;
}
interface VerifyDomainIdentityCommandOutput {
/** DNS TXT record token for domain verification */
VerificationToken: string;
$metadata: ResponseMetadata;
}Usage Example:
import {
SESClient,
VerifyEmailIdentityCommand,
VerifyDomainIdentityCommand
} from "@aws-sdk/client-ses";
const client = new SESClient({ region: "us-east-1" });
// Verify email address
const emailCommand = new VerifyEmailIdentityCommand({
EmailAddress: "user@example.com",
});
await client.send(emailCommand);
// Verify domain
const domainCommand = new VerifyDomainIdentityCommand({
Domain: "example.com",
});
const domainResponse = await client.send(domainCommand);
console.log("Add this TXT record to DNS:", domainResponse.VerificationToken);Retrieve information about verified identities and their status.
/**
* Lists all verified identities
* @param input - Optional filters for identity listing
* @returns Promise with list of identities
*/
interface ListIdentitiesCommandInput {
/** Filter by identity type */
IdentityType?: IdentityType;
/** Token for pagination */
NextToken?: string;
/** Maximum number of results */
MaxItems?: number;
}
interface ListIdentitiesCommandOutput {
/** List of verified identities */
Identities: string[];
/** Token for next page of results */
NextToken?: string;
$metadata: ResponseMetadata;
}
/**
* Gets verification status and attributes for identities
* @param input - List of identities to check
* @returns Promise with verification attributes
*/
interface GetIdentityVerificationAttributesCommandInput {
/** List of identities to check */
Identities: string[];
}
interface GetIdentityVerificationAttributesCommandOutput {
/** Map of identity to verification attributes */
VerificationAttributes: Record<string, IdentityVerificationAttributes>;
$metadata: ResponseMetadata;
}
interface IdentityVerificationAttributes {
/** Current verification status */
VerificationStatus: VerificationStatus;
/** Verification token (for domains) */
VerificationToken?: string;
}Usage Example:
import {
SESClient,
ListIdentitiesCommand,
GetIdentityVerificationAttributesCommand
} from "@aws-sdk/client-ses";
const client = new SESClient({ region: "us-east-1" });
// List all identities
const listCommand = new ListIdentitiesCommand({});
const identities = await client.send(listCommand);
// Check verification status
const verifyCommand = new GetIdentityVerificationAttributesCommand({
Identities: identities.Identities,
});
const verification = await client.send(verifyCommand);
for (const [identity, attrs] of Object.entries(verification.VerificationAttributes)) {
console.log(`${identity}: ${attrs.VerificationStatus}`);
}Configure DomainKeys Identified Mail (DKIM) for domain authentication.
/**
* Generates DKIM tokens for a domain
* @param input - Domain to generate DKIM for
* @returns Promise with DKIM tokens
*/
interface VerifyDomainDkimCommandInput {
/** Domain name for DKIM setup */
Domain: string;
}
interface VerifyDomainDkimCommandOutput {
/** DKIM tokens to add as DNS CNAME records */
DkimTokens: string[];
$metadata: ResponseMetadata;
}
/**
* Enables or disables DKIM signing for an identity
* @param input - Identity and DKIM settings
* @returns Promise with operation result
*/
interface SetIdentityDkimEnabledCommandInput {
/** Identity to configure */
Identity: string;
/** Whether to enable DKIM */
DkimEnabled: boolean;
}
interface SetIdentityDkimEnabledCommandOutput {
$metadata: ResponseMetadata;
}
/**
* Gets DKIM attributes for identities
* @param input - List of identities to check
* @returns Promise with DKIM attributes
*/
interface GetIdentityDkimAttributesCommandInput {
/** List of identities to check */
Identities: string[];
}
interface GetIdentityDkimAttributesCommandOutput {
/** Map of identity to DKIM attributes */
DkimAttributes: Record<string, IdentityDkimAttributes>;
$metadata: ResponseMetadata;
}
interface IdentityDkimAttributes {
/** Whether DKIM is enabled */
DkimEnabled: boolean;
/** DKIM verification status */
DkimVerificationStatus: VerificationStatus;
/** DKIM tokens for DNS setup */
DkimTokens?: string[];
}Configure custom Mail-From domain for better deliverability.
/**
* Sets the Mail-From domain for an identity
* @param input - Identity and Mail-From domain settings
* @returns Promise with operation result
*/
interface SetIdentityMailFromDomainCommandInput {
/** Identity to configure */
Identity: string;
/** Mail-From domain (can be null to remove) */
MailFromDomain?: string;
/** Behavior when MX record lookup fails */
BehaviorOnMXFailure?: BehaviorOnMXFailure;
}
interface SetIdentityMailFromDomainCommandOutput {
$metadata: ResponseMetadata;
}
/**
* Gets Mail-From domain attributes for identities
* @param input - List of identities to check
* @returns Promise with Mail-From attributes
*/
interface GetIdentityMailFromDomainAttributesCommandInput {
/** List of identities to check */
Identities: string[];
}
interface GetIdentityMailFromDomainAttributesCommandOutput {
/** Map of identity to Mail-From attributes */
MailFromDomainAttributes: Record<string, IdentityMailFromDomainAttributes>;
$metadata: ResponseMetadata;
}
interface IdentityMailFromDomainAttributes {
/** Mail-From domain */
MailFromDomain: string;
/** Mail-From domain status */
MailFromDomainStatus: CustomMailFromStatus;
/** Behavior on MX failure */
BehaviorOnMXFailure: BehaviorOnMXFailure;
}Configure SNS notifications for bounces, complaints, and deliveries.
/**
* Sets SNS topic for identity notifications
* @param input - Identity and notification settings
* @returns Promise with operation result
*/
interface SetIdentityNotificationTopicCommandInput {
/** Identity to configure */
Identity: string;
/** Type of notification */
NotificationType: NotificationType;
/** SNS topic ARN (null to disable) */
SnsTopic?: string;
}
interface SetIdentityNotificationTopicCommandOutput {
$metadata: ResponseMetadata;
}
/**
* Enables or disables feedback forwarding for an identity
* @param input - Identity and forwarding settings
* @returns Promise with operation result
*/
interface SetIdentityFeedbackForwardingEnabledCommandInput {
/** Identity to configure */
Identity: string;
/** Whether to enable feedback forwarding */
ForwardingEnabled: boolean;
}
interface SetIdentityFeedbackForwardingEnabledCommandOutput {
$metadata: ResponseMetadata;
}
/**
* Gets notification attributes for identities
* @param input - List of identities to check
* @returns Promise with notification attributes
*/
interface GetIdentityNotificationAttributesCommandInput {
/** List of identities to check */
Identities: string[];
}
interface GetIdentityNotificationAttributesCommandOutput {
/** Map of identity to notification attributes */
NotificationAttributes: Record<string, IdentityNotificationAttributes>;
$metadata: ResponseMetadata;
}
interface IdentityNotificationAttributes {
/** Bounce notification topic */
BounceTopic?: string;
/** Complaint notification topic */
ComplaintTopic?: string;
/** Delivery notification topic */
DeliveryTopic?: string;
/** Whether feedback forwarding is enabled */
ForwardingEnabled: boolean;
/** Whether headers are included in bounce notifications */
HeadersInBounceNotificationsEnabled?: boolean;
/** Whether headers are included in complaint notifications */
HeadersInComplaintNotificationsEnabled?: boolean;
/** Whether headers are included in delivery notifications */
HeadersInDeliveryNotificationsEnabled?: boolean;
}Manage sending authorization policies for cross-account access.
/**
* Adds an authorization policy to an identity
* @param input - Identity, policy name, and policy document
* @returns Promise with operation result
*/
interface PutIdentityPolicyCommandInput {
/** Identity to add policy to */
Identity: string;
/** Name of the policy */
PolicyName: string;
/** JSON policy document */
Policy: string;
}
interface PutIdentityPolicyCommandOutput {
$metadata: ResponseMetadata;
}
/**
* Deletes an authorization policy from an identity
* @param input - Identity and policy name to delete
* @returns Promise with operation result
*/
interface DeleteIdentityPolicyCommandInput {
/** Identity to remove policy from */
Identity: string;
/** Name of the policy to delete */
PolicyName: string;
}
interface DeleteIdentityPolicyCommandOutput {
$metadata: ResponseMetadata;
}
/**
* Gets authorization policies for an identity
* @param input - Identity to get policies for
* @returns Promise with policy list and documents
*/
interface GetIdentityPoliciesCommandInput {
/** Identity to get policies for */
Identity: string;
/** List of specific policy names (optional) */
PolicyNames?: string[];
}
interface GetIdentityPoliciesCommandOutput {
/** Map of policy names to policy documents */
Policies: Record<string, string>;
$metadata: ResponseMetadata;
}Remove verified identities from your account.
/**
* Deletes a verified identity
* @param input - Identity to delete
* @returns Promise with operation result
*/
interface DeleteIdentityCommandInput {
/** Identity to delete */
Identity: string;
}
interface DeleteIdentityCommandOutput {
$metadata: ResponseMetadata;
}type IdentityType = "EmailAddress" | "Domain";
type VerificationStatus =
| "Pending"
| "Success"
| "Failed"
| "TemporaryFailure"
| "NotStarted";
type CustomMailFromStatus =
| "Pending"
| "Success"
| "Failed"
| "TemporaryFailure";
type BehaviorOnMXFailure = "UseDefaultValue" | "RejectMessage";
type NotificationType = "Bounce" | "Complaint" | "Delivery";class FromEmailAddressNotVerifiedException extends SESServiceException {
name: "FromEmailAddressNotVerifiedException";
}
class MailFromDomainNotVerifiedException extends SESServiceException {
name: "MailFromDomainNotVerifiedException";
}
class InvalidPolicyException extends SESServiceException {
name: "InvalidPolicyException";
}
class AlreadyExistsException extends SESServiceException {
name: "AlreadyExistsException";
}Complete Example:
import {
SESClient,
VerifyDomainIdentityCommand,
VerifyDomainDkimCommand,
SetIdentityDkimEnabledCommand,
SetIdentityMailFromDomainCommand,
SetIdentityNotificationTopicCommand
} from "@aws-sdk/client-ses";
const client = new SESClient({ region: "us-east-1" });
// 1. Verify domain
const verifyDomain = new VerifyDomainIdentityCommand({
Domain: "example.com",
});
const domainResult = await client.send(verifyDomain);
console.log("Add TXT record:", domainResult.VerificationToken);
// 2. Set up DKIM
const dkimTokens = new VerifyDomainDkimCommand({
Domain: "example.com",
});
const dkimResult = await client.send(dkimTokens);
console.log("Add CNAME records:", dkimResult.DkimTokens);
// 3. Enable DKIM
const enableDkim = new SetIdentityDkimEnabledCommand({
Identity: "example.com",
DkimEnabled: true,
});
await client.send(enableDkim);
// 4. Set Mail-From domain
const setMailFrom = new SetIdentityMailFromDomainCommand({
Identity: "example.com",
MailFromDomain: "mail.example.com",
BehaviorOnMXFailure: "UseDefaultValue",
});
await client.send(setMailFrom);
// 5. Configure bounce notifications
const setBounceNotification = new SetIdentityNotificationTopicCommand({
Identity: "example.com",
NotificationType: "Bounce",
SnsTopic: "arn:aws:sns:us-east-1:123456789012:ses-bounces",
});
await client.send(setBounceNotification);