How to use the Amazon API to access Yandex Cloud Postbox
Getting started
-
Assign the required roles to the service account.
You can select the appropriate role from the Access management section. For example, to get configuration info, the
postbox.viewer
role is enough. To send emails, the service account needs thepostbox.sender
role. -
It is required for authorization when submitting requests to the Amazon API. To store the key safely, use Yandex Lockbox.
General API request format
<HTTP method> <endpoint> HTTP/2
Host: postbox.cloud.yandex.net
{Authorization|X-YaCloud-SubjectToken}: <authentication_credentials>
X-Amz-Date: <time_in_ISO_8601_format>
<request_body>
For a list of endpoints and relevant HTTP methods, see the API reference. For a list of available headers, see Request headers.
A request must include one of the authentication headers:
-
X-YaCloud-SubjectToken
: Contains a service account IAM token. Learn more about authentication with an IAM token here. -
Authorization
: Contains a static access key and request signature. The signature is required when accessing the API directly without the AWS CLI or apps. Yandex Cloud Postbox supports Amazon Signature Version 4 . For more information, see theAuthorization
header description.You can test the signature generation process using the AWS CLI in debug mode. For this, add the
--debug
flag to theaws
command. For more information, see this debug example.To avoid generating the signature manually, use the cURL
utility: it automatically signs requests to the Amazon API. For more information, see this API use case.