class Aws::SES::Types::S3Action

When included in a receipt rule, this action saves the received message to an Amazon Simple Storage Service (Amazon S3) bucket and, optionally, publishes a notification to Amazon Simple Notification Service (Amazon SNS).

To enable Amazon SES to write emails to your Amazon S3 bucket, use an AWS KMS key to encrypt your emails, or publish to an Amazon SNS topic of another account, Amazon SES must have permission to access those resources. For information about giving permissions, see the [Amazon SES Developer Guide].

<note markdown=“1”> When you save your emails to an Amazon S3 bucket, the maximum email size (including headers) is 30 MB. Emails larger than that will bounce.

</note>

For information about specifying Amazon S3 actions in receipt rules, see the [Amazon SES Developer Guide].

[1]: docs.aws.amazon.com/ses/latest/DeveloperGuide/receiving-email-permissions.html [2]: docs.aws.amazon.com/ses/latest/DeveloperGuide/receiving-email-action-s3.html

@note When making an API call, you may pass S3Action

data as a hash:

    {
      topic_arn: "AmazonResourceName",
      bucket_name: "S3BucketName", # required
      object_key_prefix: "S3KeyPrefix",
      kms_key_arn: "AmazonResourceName",
    }

@!attribute [rw] topic_arn

The ARN of the Amazon SNS topic to notify when the message is saved
to the Amazon S3 bucket. An example of an Amazon SNS topic ARN is
`arn:aws:sns:us-west-2:123456789012:MyTopic`. For more information
about Amazon SNS topics, see the [Amazon SNS Developer Guide][1].

[1]: https://docs.aws.amazon.com/sns/latest/dg/CreateTopic.html
@return [String]

@!attribute [rw] bucket_name

The name of the Amazon S3 bucket that incoming email will be saved
to.
@return [String]

@!attribute [rw] object_key_prefix

The key prefix of the Amazon S3 bucket. The key prefix is similar to
a directory name that enables you to store similar data under the
same directory in a bucket.
@return [String]

@!attribute [rw] kms_key_arn

The customer master key that Amazon SES should use to encrypt your
emails before saving them to the Amazon S3 bucket. You can use the
default master key or a custom master key you created in AWS KMS as
follows:

* To use the default master key, provide an ARN in the form of
  `arn:aws:kms:REGION:ACCOUNT-ID-WITHOUT-HYPHENS:alias/aws/ses`. For
  example, if your AWS account ID is 123456789012 and you want to
  use the default master key in the US West (Oregon) region, the ARN
  of the default master key would be
  `arn:aws:kms:us-west-2:123456789012:alias/aws/ses`. If you use the
  default master key, you don't need to perform any extra steps to
  give Amazon SES permission to use the key.

* To use a custom master key you created in AWS KMS, provide the ARN
  of the master key and ensure that you add a statement to your
  key's policy to give Amazon SES permission to use it. For more
  information about giving permissions, see the [Amazon SES
  Developer Guide][1].

For more information about key policies, see the [AWS KMS Developer
Guide][2]. If you do not specify a master key, Amazon SES will not
encrypt your emails.

Your mail is encrypted by Amazon SES using the Amazon S3 encryption
client before the mail is submitted to Amazon S3 for storage. It is
not encrypted using Amazon S3 server-side encryption. This means
that you must use the Amazon S3 encryption client to decrypt the
email after retrieving it from Amazon S3, as the service has no
access to use your AWS KMS keys for decryption. This encryption
client is currently available with the [AWS SDK for Java][3] and
[AWS SDK for Ruby][4] only. For more information about client-side
encryption using AWS KMS master keys, see the [Amazon S3 Developer
Guide][5].

[1]: https://docs.aws.amazon.com/ses/latest/DeveloperGuide/receiving-email-permissions.html
[2]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html
[3]: http://aws.amazon.com/sdk-for-java/
[4]: http://aws.amazon.com/sdk-for-ruby/
[5]: https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingClientSideEncryption.html
@return [String]

@see docs.aws.amazon.com/goto/WebAPI/email-2010-12-01/S3Action AWS API Documentation

Constants

SENSITIVE