4

I have two aws accounts, "A" and "B". I want to use SES from account "A" and publish the bounces on SNS of account "B". On account B, I created a topic with name test1234. The arn of the topic is "arn:aws:sns:us-west-2:123456789:test1234". Then I used aws cli to grant permission to account A like this:

aws sns add-permission --topic-arn arn:aws:sns:us-west-2:123456789:test1234 --label 0987654321 --aws-account-id 0987654321 --action-name Publish

After this, I go to ses of account A and in Notification tab I put the arn above but I get an error which is:

SNS topic arn:aws:sns:us-west-2:123456789:test1234 is invalid. (Service: AmazonSimpleEmailService; Status Code: 400; Error Code: InvalidParameterValue; Request ID: 635fa1f9-a0d8-11e5-ba0a-57f0be7a91f1)

Aditya Patawari
  • 1,065
  • 8
  • 23

1 Answers1

1

the problem is that when you add a permission it does not update the __default_policy_ID Condition of the topic to allow new account id

Vishal Arya
  • 11
  • 2
  • So is this a known issue? Is there a work around? Are you saying the issue is unresolvable or just that you've had the same issue? – music2myear Jun 07 '17 at 18:21