Assign IAM SES Role to EC2 Instance

In this blog post, I am going to share with you a way you can assign to your EC2 instance an AWS SES(Simple Email Service) Role. Assigning a new AWS SES Role to an EC2 instance will enable that EC2 instance to execute applications that programmatically consume the AWS SES resources.

1. Create a New Policy

If this is your first time creating a new AWS SES Role then most likely you will need to create a new policy for your SES Role first. To create a new policy, open the IAM console and then click on the Policies link as it is shown on the image below.


On the next page that is called Create policy, select the following options.

Click on the Review policy button and review the policy.

On the Review policy page, type in the policy name and click on Create policy button.

Once the policy is created, you should get a confirmation page similar to the one below.

Now when we have created a new AWS IAM Policy, we can assign this policy to a IAM Role.

1. Create a New Role

To create a new Role for your EC2 instance, you will need to sign in to your AWS console and open the IAM console.

Once you log-in to AWS IAM console, click on the Roles link which you will find in the left side navigation menu.

AWS IAM Roles Console

Once you click on the Roles link, a page with a list of Roles will load. Click on the Create role button.

Create AWS IAM Role Button

Once you click on the Create role button, a page with different AWS services will open. Look for EC2 service and select it.

Once you have selected the EC2 service from the list, scroll down, and select the needed Use Case. To allow your EC2 instance to communicate with AWS services on your behalf, select the first option from the list as it is shown in the image below.


Once the Next: Permissions button gets enabled,  click on the Next: Permissions button.

On the Permissions page, search for the Policy name you have created, select the policy, and click on the Next button.


You may leave the Tags page empty and just continue to the next page.

On the next page type-in the Role name and click on Create button as it is shown on the image below.

This will create a new role and now when the role is created, you can assign it to a running EC2 instance.

Assign AWS Role to EC2 Instance

To assign a newly created AWS Role to EC2 instance,

  • sign-in to AWS EC2 Console,  then
  • switch to a page that lists all running EC2 instances,
  • select the running EC2 instance you want to assign the new role to,
  • and click on Attach/Replace the IAM Role link as it is shown in the image below.

On the next page, search for the Role you have created and apply the created role to EC2 instance as it is shown in the image below.

And this is it. You do not need to restart your EC2 instance for changes to take place. As soon as you have assigned a new IAM SES Role to your running EC2 instance, the changes will take place immediately and your EC2 instance will be able to use the SES resources.

I hope this tutorial was of some help to you.



Leave a Reply

Your email address will not be published. Required fields are marked *