Step 1: Move Amazon SES into production mode Step 2: Get a default Amazon Connect email domain (Optional) Step 3: Use custom email domains Step 4: Enable email and create an Amazon S3 bucket Step 5: Configure a CORS policy Next steps APIs to enable email

Enable email for your Amazon Connect instance

This topic is for administrators who have access to the Amazon Connect console. It explains how to enable email for your instance using the Amazon Connect admin website. For a list of the APIs to enable email programmatically, see APIs to enable email.

When you enable email, you get an autogenerated email domain. Optionally, you can also use custom domains.

Amazon Connect email domain. The email domain is instance-alias.email.connect.aws.
- You can use this domain for testing.
- Or, you can use this email domain to integrate with Amazon Connect and start receiving emails into Amazon Connect. For example, if you have an email address such as support@example.com you can forward email into Amazon Connect by using support@example.email.connect.aws.
Custom domains. You can specify up to 5 custom domains that have been onboarded to Amazon SES.

Step 1: Move Amazon SES into production mode

Amazon Connect uses Amazon SES for sending and receiving emails. If you have a new Amazon SES instance, you need to take it out of sandbox mode. For instructions, see Request production access (Moving out of the Amazon SES sandbox) in the Amazon SES Developer Guide.

After you move Amazon SES into production mode, if you already enabled email when you created your Amazon Connect instance, skip to these topics:

(Optional) Step 3: Use your own custom email domains
Step 5: Configure a CORS policy on your attachments bucket

Step 2: Get a default Amazon Connect email domain

These steps only apply if you already created an Amazon Connect instance but didn't enable email. Complete these steps to get a default email domain from Amazon Connect.

In the Amazon Connect console, on the left navigation menu, choose Email, and then choose Create service role. This role needs to be created only once for your account. It allows Amazon SES to route emails to Amazon Connect.
Choose Add Domain as shown in the following image.
In the Add email domain box, choose Amazon Connect email domain, as shown in the following image. When you choose this option, the name of the domain is autogenerated: instance-alias.email.connect.aws. You cannot change this email address.

(Optional) Step 3: Use your own custom email domains

You can import up to five custom domains that have been onboarded to Amazon SES.

In the Amazon Connect console, on the left navigation menu, choose Email, and then choose Add Domain as shown in the following image.
Choose Use custom email domain. Use the dropdown box to choose custom domains that have been verified by Amazon SES.

Step 4: Enable email and create an Amazon S3 bucket for storing email and attachments

These steps apply only if you already created an Amazon Connect instance but didn't enable email.

You need to update your Data storage settings to enable the email channel and specify the Amazon S3 bucket where email messages and attachments are to be stored. Email requires two Amazon S3 bucket pointers. They can be to the same Amazon S3 bucket or two different buckets.

Important

If you choose Enable Attachments sharing for your instance, you must create an Amazon S3 bucket and configure a CORS policy on your attachments bucket, as described in this topic. If you don't do this, the email channel will not work for your instance.

Open the Amazon Connect console at https://console.aws.amazon.com/connect/.
On the instances page, choose the instance alias. The instance alias is also your instance name, which appears in your Amazon Connect URL. The following image shows the Amazon Connect virtual contact center instances page, with a box around the instance alias.
On the left navigation menu, choose Data storage, Email messages, Edit, Enable exporting email messages to S3, and then choose Save.
Complete the Email messages page to create or select an S3 bucket where email messages are stored. The following image shows an example of a completed page.
If you want to allow email attachments, choose Attachments as well. The following image shows these options.

The following image of the Data storage page shows the Amazon S3 bucket for email messages and attachments.

The Amazon S3 bucket to store emails and attachments.

Step 5: Configure a CORS policy on your attachments bucket

To allow customers and agents to upload and download files, update your cross-origin resource sharing (CORS) policy to allow PUT and GET requests for the Amazon S3 bucket you are using for attachments. This is more secure than enabling public read/write on your Amazon S3 bucket, which we don't recommend.

To configure CORS on the attachments bucket

Find the name of the Amazon S3 bucket for storing attachments:
1. Open the Amazon Connect console at https://console.aws.amazon.com/connect/.
2. In the Amazon Connect console, choose Data storage, and locate the Amazon S3 bucket name.
Open the Amazon S3 console at https://console.aws.amazon.com/s3/.
In the Amazon S3 console, select your Amazon S3 bucket.
Choose the Permissions tab, and then scroll down to the Cross-origin resource sharing (CORS) section.
Add a CORS policy that has one of the following rules on your attachments bucket. For example CORS policies, see Cross-origin resource sharing: Use-case scenarios in the Amazon S3 Developer Guide.
- Option 1: List the endpoints from where attachments will be sent and received, such as the name of your business web site. This rule allows cross-origin PUT and GET requests from your website (for example, http://www.example1.com).
  
  Your CORS policy may look similar to the following example:
```
[
    {
        "AllowedHeaders": [
            "*"
        ],
        "AllowedMethods": [
            "PUT",
            "GET"
        ],
        "AllowedOrigins": [
            "*.my.connect.aws",
            "*.awsapps.com"
        ],
        "ExposeHeaders": []
    }
]
```
- Option 2: Add the * wildcard to AllowedOrigin. This rule allows cross-origin PUT and GET requests from all origins, so you don't have to list your endpoints.
  
  Your CORS policy may look similar to the following example:
```
[
    {                               
        "AllowedMethods": [
            "PUT",
            "GET"            
        ],
        "AllowedOrigins": [   
            "*" 
            ],
       "AllowedHeaders": [
            "*"
            ]
    }    
]
```

Next steps

Set up attachment scanning in Amazon Connect: This topic is for developers who are familiar with Lambda. You can configure Amazon Connect to scan email attachments by using your preferred scanning application.

APIs to enable email

Use the following APIs to enable email programmatically:

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

How Amazon Connect email works

Create email addresses