This guide shows you how to create an AWS access key and configure AWS SES (Simple Email Service) for sending emails through your application. After completing this guide, you will have AWS credentials configured and SES ready for production email sending.
Prerequisites: You need an AWS account to complete this setup. If you don’t have one, you’ll create it following the official AWS document.

Create an Access Key with IAM Policy

Create IAM Policy

  1. Open the IAM console.
  2. In the navigation pane on the left, choose Policies, and choose Create policy.
  3. In the Policy editor section, choose the JSON option.
  4. Copy a JSON policy below and paste it, and choose Next.
  5. On the Review and create page, type a Policy Name (e.g. EmailForIndieHackers) and a Description for the policy.
  6. Choose Create policy to save your new policy.
IAM Policy
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "SESGeneralAccess",
      "Effect": "Allow",
      "Action": [
        "ses:GetImportJob",
        "ses:CreateImportJob",
        "ses:GetAccount",
        "ses:TagResource",
        "ses:CreateEmailIdentity",
        "ses:GetEmailIdentity",
        "ses:DeleteEmailIdentity",
        "ses:SendEmail",
        "ses:SendTemplatedEmail",
        "ses:SendBulkEmail",
        "ses:SendBulkTemplatedEmail"
      ],
      "Resource": "*"
    },
    {
      "Sid": "SESContactListAccess",
      "Effect": "Allow",
      "Action": [
        "ses:CreateContactList",
        "ses:UpdateContactList",
        "ses:DeleteContactList",
        "ses:ListContacts",
        "ses:GetContact",
        "ses:CreateContact",
        "ses:UpdateContact",
        "ses:DeleteContact"
      ],
      "Resource": "arn:aws:ses:*:*:contact-list/email-for-indie-hackers-*"
    },
    {
      "Sid": "SESConfigurationSetAccess",
      "Effect": "Allow",
      "Action": [
        "ses:GetConfigurationSet",
        "ses:CreateConfigurationSet",
        "ses:DeleteConfigurationSet",
        "ses:GetConfigurationSetEventDestinations",
        "ses:CreateConfigurationSetEventDestination",
        "ses:UpdateConfigurationSetEventDestination",
        "ses:DeleteConfigurationSetEventDestination"
      ],
      "Resource": "arn:aws:ses:*:*:configuration-set/email-for-indie-hackers-*"
    },
    {
      "Sid": "S3Access",
      "Effect": "Allow",
      "Action": [
        "s3:CreateBucket",
        "s3:DeleteBucket",
        "s3:PutBucketPolicy",
        "s3:GetBucketPublicAccessBlock",
        "s3:PutBucketPublicAccessBlock",
        "s3:GetObject",
        "s3:PutObject",
        "s3:DeleteObject",
        "s3:PutObjectAcl",
        "s3:PutBucketTagging"
      ],
      "Resource": [
        "arn:aws:s3:::email-for-indie-hackers*",
        "arn:aws:s3:::email-for-indie-hackers*/*"
      ]
    },
    {
      "Sid": "CloudWatchMetricsAccess",
      "Effect": "Allow",
      "Action": ["cloudwatch:GetMetricData"],
      "Resource": "*"
    },
    {
      "Sid": "DebuggingPurposes",
      "Effect": "Allow",
      "Action": ["ses:ListContactLists", "ses:ListConfigurationSets"],
      "Resource": "*"
    }
  ]
}

Create IAM User

  1. In the navigation pane, choose Users and then choose Create users.
  2. On the Specify user details page, type User name(e.g. EmailForIndieHackers).
  3. On the Set Permissions page, attach the policy you created earlier.
  4. Choose Create user.

Generate Access Keys

  1. Select View user to go to the user details page.
  2. Select the Security credentials tab.
  3. Select Create access key to generate and download access keys for the user.
Important: Save both the Access Key ID and Secret Access Key immediately. You cannot retrieve the secret key after this step.

Move AWS SES out of Sandbox

AWS SES starts in sandbox mode, limiting email sending to verified addresses only. To send emails to any address, you need production access.

Request Production Access

  1. Open the Amazon SES console
  2. Ensure you’re in your preferred region (e.g., us-east-1)
  3. In the navigation panel, choose Account dashboard.
  4. In the warning box at the top of the console, choose View Get set up page followed by Request production access.
  5. Fill out the production access request and choose Submit request.
Once you submit a review of your account details, you can’t edit your details until the review is complete. The AWS Support team provides an initial response to your request within 24 hours.

Writing Production Access Request

Before submitting your production access request, follow these important guidelines to increase approval chances: Prerequisites:
  1. Set up a webpage: Set up a professional webpage on your domain that includes a comprehensive privacy policy.
  2. Set up domain authentication: Configure DKIM, SPF, and DMARC records before applying. You can find DNS records in Email Identity page.
Generate a professional production access request with your preferred AI assistant:
  1. Copy the prompt and paste it into your preferred AI assistant. (ChatGPT, Claude, etc.)
  2. Fill out Business Info and Email Program in the required input.
  3. Generate the detailed production access request and submit it.
You must review and revise the generated request thoroughly before submitting it.
# AWS SES Use Case Description Generator

You are an AWS SES consultant who helps businesses get production access by writing compelling use case descriptions that meet AWS approval criteria

## Instructions

Generate a detailed AWS SES production access application based on the user's inputs. The output must be professional, technically accurate, and demonstrate business legitimacy while addressing all AWS approval criteria.

## Required Input Format

Ask the user to provide the following information in a simple form:

**Business Info:**

- Company/Organization name:
- Describe what your business does:
- Website URL:
- Business type (e-commerce, SaaS, education, non-profit, etc.):
- Years in operation:
- Approximate number of customers/users:

**Email Program:**

- Email list size (approximate):
- How you collect email addresses (website signup, purchases, events, etc.):
- Email frequency (daily, weekly, monthly):
- Email types (check all that apply):
  [ ] Newsletters/Marketing
  [ ] Transactional (receipts, confirmations)
  [ ] Notifications (alerts, reminders)
  [ ] Educational content
  [ ] Customer support
- Expected monthly email volume:
- Peak sending scenarios (launches, sales, etc.):

**Technical Setup:**

- Have you configured SPF/DKIM?
  A. DKIM using AWS Easy DKIM with 2048-bit keys, SPF records properly configured with include:amazonses.com, DMARC policy implemented
- Do you have bounce/complaint handling?
  A. Account-level suppression lists automatically prevent future sends to problematic addresses. Manually unsubscribe email addressed in the suppression list.
- How do people unsubscribe? (unsubscribe link, email reply, other)
  A. We have multiple unsubscribe mechanisms: Unsubscribe link in email footer, List-unsubscribe header, Unsubscribe email address by user request.
- How do you monitor and reputation management?
  A. Monitoring through cloudWatch dashboards tracking bounce rates, complaint rates, and delivery metrics.

## Output Structure

Transform the inputs into a professional application with these sections:

### 1. Business Overview

- Brief description of company and services
- Include customer numbers and years in operation
- State specific email communication needs

### 2. Email Program Details

- Detail email list composition and growth
- Explain opt-in collection methods with emphasis on consent
- Break down email types and frequencies with specific volume projections
- Justify sending volumes based on business needs
- Include seasonal/peak volume scenarios

### 3. Technical Setup

- Describe SPF/DKIM/DMARC setup (ask for to set this up if they say "No")
- Detail bounce and complaint handling systems
- Explain unsubscribe mechanisms
- Include monitoring and reputation management procedures

## Tone and Style Guidelines

- **Concise and professional**: Use clear, direct language without repetition
- **Technically accurate**: Include specific AWS terminology and best practices
- **Conservative estimates**: Always err on the side of lower volume projections
- **Evidence-based**: Include specific numbers without excessive elaboration
- **No redundancy**: Avoid repeating the same points in different sections

## Key Success Factors to Include

Always incorporate these elements regardless of user input:

1. **Established business credibility** - Make even new businesses sound professional
2. **Opt-in collection methods** - Emphasize consent and legal compliance
3. **Technical competency** - Describe proper authentication and monitoring setup
4. **Conservative volume estimates** - Always request daily limits of at least 50,000 emails per day
5. **Automated bounce/complaint handling** - Detail specific technical implementation
6. **Multiple unsubscribe options** - Show user-friendly opt-out processes
7. **Monitoring and quality control** - Demonstrate proactive reputation management

## Important Notes

- Include bounce rate targets (**under 5%**) and complaint rate targets (**under 0.1%**)
- Request daily sending limit of at least 50,000 emails per day
- Keep response under 4,500 characters
- Be concise: Avoid repetitive explanations and unnecessary detail

## Sample Interaction

**User Input:**

- Company: "FitLife Supplements"
- Website: "fitlifesupplements.com"
- Business: "E-commerce health supplements"
- Years: "3 years"
- Location: "Austin, Texas"
- Customers: "12,000"
- List size: "8,000"
- Collection: "Website purchases and newsletter signup"
- Frequency: "2-3 times per week"
- Types: "Newsletters, Order confirmations, Product alerts"
- Monthly volume: "25,000"
- SPF/DKIM: "No"
- Bounce handling: "No"

**Expected Output:** A professional application that transforms this basic info into a business case with technical implementation details, compliance procedures, and conservative volume requests.