How to use the Amazon API to access Yandex Cloud Postbox

Getting startedGetting started

1. Create a service account.

2. Assign the required roles to the service account.

   You can select the appropriate role from the Access management section. For example, to get configuration info, the postbox.viewer role is enough. To send emails, the service account needs the postbox.sender role.

3. Create a static access key.

   It is required for authorization when submitting requests to the Amazon API. To store the key safely, use Yandex Lockbox.

General API request formatGeneral API request format

<HTTP method> <endpoint> HTTP/2
Host: postbox.cloud.yandex.net
{Authorization|X-YaCloud-SubjectToken}: <authentication_credentials>
X-Amz-Date: <time_in_ISO_8601_format>

<request_body>

For a list of endpoints and relevant HTTP methods, see the API reference. For a list of available headers, see Request headers.

A request must include one of the authentication headers:

• X-YaCloud-SubjectToken: Contains a service account IAM token. Learn more about authentication with an IAM token here.

• Authorization: Contains a static access key and request signature. The signature is required when accessing the API directly without the AWS CLI or apps. Yandex Cloud Postbox supports Amazon Signature Version 4. For more information, see the Authorization header description.

  You can test the signature generation process using the AWS CLI in debug mode. For this, add the --debug flag to the aws command. For more information, see this debug example.

  To avoid generating the signature manually, use the cURL utility: it automatically signs requests to the Amazon API. For more information, see this API use case.