diff --git a/examples/2016-10-31/policy_templates/all_policy_templates.yaml b/examples/2016-10-31/policy_templates/all_policy_templates.yaml index 2947579258..4ad6ccc567 100644 --- a/examples/2016-10-31/policy_templates/all_policy_templates.yaml +++ b/examples/2016-10-31/policy_templates/all_policy_templates.yaml @@ -80,4 +80,5 @@ Resources: - KMSDecryptPolicy: KeyId: keyId - + - SESBulkTemplatedCrudPolicy: + IdentityName: name diff --git a/samtranslator/policy_templates_data/policy_templates.json b/samtranslator/policy_templates_data/policy_templates.json index 5730289879..156af3641c 100644 --- a/samtranslator/policy_templates_data/policy_templates.json +++ b/samtranslator/policy_templates_data/policy_templates.json @@ -1442,6 +1442,39 @@ "Resource": "*" }] } + }, + "SESBulkTemplatedCrudPolicy": { + "Description": "Gives permission to send email, templated email, templated bulk emails and verify identity", + "Parameters": { + "IdentityName": { + "Description": "Identity to give permissions to" + } + }, + "Definition": { + "Statement": [ + { + "Effect": "Allow", + "Action": [ + "ses:GetIdentityVerificationAttributes", + "ses:SendEmail", + "ses:SendRawEmail", + "ses:SendTemplatedEmail", + "ses:SendBulkTemplatedEmail", + "ses:VerifyEmailIdentity" + ], + "Resource": { + "Fn::Sub": [ + "arn:${AWS::Partition}:ses:${AWS::Region}:${AWS::AccountId}:identity/${identityName}", + { + "identityName": { + "Ref": "IdentityName" + } + } + ] + } + } + ] + } } } } diff --git a/tests/translator/input/all_policy_templates.yaml b/tests/translator/input/all_policy_templates.yaml index 55a79737e5..9d3e3de186 100644 --- a/tests/translator/input/all_policy_templates.yaml +++ b/tests/translator/input/all_policy_templates.yaml @@ -132,3 +132,6 @@ Resources: - DynamoDBReconfigurePolicy: TableName: name + + - SESBulkTemplatedCrudPolicy: + IdentityName: name diff --git a/tests/translator/output/all_policy_templates.json b/tests/translator/output/all_policy_templates.json index d0d8ecd1c8..f2638f29a7 100644 --- a/tests/translator/output/all_policy_templates.json +++ b/tests/translator/output/all_policy_templates.json @@ -1117,6 +1117,32 @@ } ] } + }, + { + "PolicyName": "KitchenSinkFunctionRolePolicy45", + "PolicyDocument": { + "Statement": [ + { + "Action": [ + "ses:GetIdentityVerificationAttributes", + "ses:SendEmail", + "ses:SendRawEmail", + "ses:SendTemplatedEmail", + "ses:SendBulkTemplatedEmail", + "ses:VerifyEmailIdentity" + ], + "Resource": { + "Fn::Sub": [ + "arn:${AWS::Partition}:ses:${AWS::Region}:${AWS::AccountId}:identity/${identityName}", + { + "identityName": "name" + } + ] + }, + "Effect": "Allow" + } + ] + } } ], "AssumeRolePolicyDocument": { diff --git a/tests/translator/output/aws-cn/all_policy_templates.json b/tests/translator/output/aws-cn/all_policy_templates.json index 099de39086..16b33cc260 100644 --- a/tests/translator/output/aws-cn/all_policy_templates.json +++ b/tests/translator/output/aws-cn/all_policy_templates.json @@ -1116,6 +1116,32 @@ } ] } + }, + { + "PolicyName": "KitchenSinkFunctionRolePolicy45", + "PolicyDocument": { + "Statement": [ + { + "Action": [ + "ses:GetIdentityVerificationAttributes", + "ses:SendEmail", + "ses:SendRawEmail", + "ses:SendTemplatedEmail", + "ses:SendBulkTemplatedEmail", + "ses:VerifyEmailIdentity" + ], + "Resource": { + "Fn::Sub": [ + "arn:${AWS::Partition}:ses:${AWS::Region}:${AWS::AccountId}:identity/${identityName}", + { + "identityName": "name" + } + ] + }, + "Effect": "Allow" + } + ] + } } ], "AssumeRolePolicyDocument": { diff --git a/tests/translator/output/aws-us-gov/all_policy_templates.json b/tests/translator/output/aws-us-gov/all_policy_templates.json index 795fc93357..62b7ad9d0e 100644 --- a/tests/translator/output/aws-us-gov/all_policy_templates.json +++ b/tests/translator/output/aws-us-gov/all_policy_templates.json @@ -1117,6 +1117,32 @@ } ] } + }, + { + "PolicyName": "KitchenSinkFunctionRolePolicy45", + "PolicyDocument": { + "Statement": [ + { + "Action": [ + "ses:GetIdentityVerificationAttributes", + "ses:SendEmail", + "ses:SendRawEmail", + "ses:SendTemplatedEmail", + "ses:SendBulkTemplatedEmail", + "ses:VerifyEmailIdentity" + ], + "Resource": { + "Fn::Sub": [ + "arn:${AWS::Partition}:ses:${AWS::Region}:${AWS::AccountId}:identity/${identityName}", + { + "identityName": "name" + } + ] + }, + "Effect": "Allow" + } + ] + } } ], "AssumeRolePolicyDocument": {