Configuring email notifications for S3 bucket events using lambda function and aws SES

here I will provide a step by step guide on how to create a Lambda function with an S3 bucket trigger that then sends an email notification through AWS SES.

Step 1: Create an S3 bucket

First search for “S3” in the search bar from the home page of the AWS console and then select “create bucket”.

Give your bucket a name and leave the default settings the same and click on “Create bucket” in the lower right hand corner.

Note: S3 names have to be globally unique. If your name is already taken, you have to come up with another name.

Step 2: Create a Role using IAM (Identity Access Management)

We need to create a role to access S3 and SES (simple email service). We will also use CloudWatch for monitoring.

Search for “IAM” in the search bar and click on roles.

Once you get to the roles dashboard click “create role”. Under the heading “Use case” we are going to select “Lambda” and then “Next”

In this next step we will be selecting 3 permissions: AmazonS3FullAccess, AmazonSESFullAccess, & CloudWatchFullAccess and once finished click “next”. On the last page give your role a name and select “next”.

Step 3: Create a Lambda function

Search “Lambda” in the search bar and then click on “Create function”. Leave “author from scratch” selected, create a name for your lambda function and in the runtime dropdown select Python 3.9.

In the “change default execution role” change the execution role to “use an existing role” & select the role you just created then click “create function”. Once the function is successfully created you’ll be taken to the functions homepage and from there click “Add trigger”

Since S3 is going to be our trigger we will select it from the dropdown menu. Then choose the bucket you created in S3 and for the Event type we will leave “all object create events”and “all object delete events”. Last select the acknowledgement for recursive invocation and click “add”.

As you can see the trigger has been added as shown in the diagram but now we are going to add our code by selecting the code section.

In the code section copy and paste the following code…make sure to change the email address to the email you will use*

import boto3
from botocore.exceptions import ClientError

def send_email():
    SENDER = "your_email_address.com" # must be verified in AWS SES Email
    RECIPIENT = "your_emai_address.com" # must be verified in AWS SES Email

    AWS_REGION = "us-east-1"

    # The subject line for the email.
    SUBJECT = "Lambda Function Triggered!!!"

    # The email body for recipients with non-HTML email clients.
    BODY_TEXT = ("Alert...\r\n"
                "This email was sent with Amazon SES using the "
                "AWS SDK for Python (Boto)."
                )
                
    # The HTML body of the email.
    BODY_HTML = """<html>
    <head></head>
    <body>
    <h1>Alert</h1>
    <p>This email was sent with
        <a href='https://aws.amazon.com/ses/'>Amazon SES CQPOCS</a> using the
        <a href='https://aws.amazon.com/sdk-for-python/'>
        AWS SDK for Python (Boto)</a>.</p>
    </body>
    </html>
                """            

    # The character encoding for the email.
    CHARSET = "UTF-8"

    # Create a new SES resource and specify a region.
    client = boto3.client('ses',region_name=AWS_REGION)

    # Try to send the email.
    try:
        #Provide the contents of the email.
        response = client.send_email(
            Destination={
                'ToAddresses': [
                    RECIPIENT,
                ],
            },
            Message={
                'Body': {
                    'Html': {
        
                        'Data': BODY_HTML
                    },
                    'Text': {
        
                        'Data': BODY_TEXT
                    },
                },
                'Subject': {

                    'Data': SUBJECT
                },
            },
            Source=SENDER
        )
    # Display an error if something goes wrong. 
    except ClientError as e:
        print(e.response['Error']['Message'])
    else:
        print("Email sent! Message ID:"),
        print(response['MessageId'])

def lambda_handler(event, context):
    # TODO implement
    send_email()

After changing the email in the code click “Deploy” to save the changes.

Step 4: Verify Email Through SES

Search for “SES’ in the search bar and on the left hand side select “Verified Identities”. Click on “create identity” and select “email address”. Type in the email you chose to use and scroll down and click “create identity”.

Access the email to verify the identity through the email that was generated and your identity status should now be verified.

Go back to the S3 dashboard and click on the S3 bucket

To generate our trigger to send an email notification we are going to upload a file to our S3 bucket. You can choose any image file on your desktop to upload. Once the file is selected scroll to the bottom and select “upload” in the bottom right-hand corner. You should get a success message after.

Step 5: Verify through CloudWatch

Navigate to CloudWatch through the search bar and click “Log Groups” on the left hand side. Select the Lambda functions to view the log stream.

Once you are on the Log events page you can click the most recent log created and you should see an event created. Click on the event and you should see the “Email sent!” message. If not there will be a notification pointing to any syntax errors.

You can also verify by checking that the email was sent that you used for the function.

thank you for reading