Here's how to configure AWS SES for use with Knock.

You'll need to take the following steps in AWS before you can configure your SES channel within Knock.

  1. Configure an AWS SES IAM user with send permissions. You'll use the access keys of this user to integrate with SES from the Knock dashboard.
  2. Verify a "From" address within AWS. You'll need to do this before sending emails via SES through Knock.

Once you've completed both of those steps, you'll be able to configure an AWS SES channel in Knock just as you would any other channel. (See: Adding your first channel.)

Configure an AWS SES API key

To send notifications via AWS SES, Knock requires the access key ID and a secret access key of an AWS user with SES send permissions**.** (Specifically, the ses:SendEmail and ses:SendRawEmail ****permissions.)

If you don't already have a user with send permissions, you can create an Identity Access and Management (IAM) user in AWS to use with the Knock API. You can learn more about creating IAM users in AWS here.

Once you've created your new IAM user, you'll need to provision them with the policy below.


Now that you have an AWS user created and provisioned with SES send access, grab the access key ID and a secret access key of the user—we'll use these later when configuring the SES channel within Knock.

Verify a "From" address within AWS SES

Next, you'll need to verify the "From" email address you plan on using to send emails with AWS if you haven't already. To do so, follow the steps outlined in AWS's guide to creating and verifying an email address identity.

Configuring SES in Knock

Now that you have you SES access key ID, secret access key, and verified "From" address, you're ready to configure your SES channel within Knock. To do so, follow the steps in our guide to creating a new channel within Knock: Adding your first channel.

Here are a few other things to keep in mind once you have your SES channel configured in Knock: