MailManager / Client / create_rule_set
create_rule_set#
- MailManager.Client.create_rule_set(**kwargs)#
Provision a new rule set.
See also: AWS API Documentation
Request Syntax
response = client.create_rule_set( ClientToken='string', RuleSetName='string', Rules=[ { 'Actions': [ { 'AddHeader': { 'HeaderName': 'string', 'HeaderValue': 'string' }, 'Archive': { 'ActionFailurePolicy': 'CONTINUE'|'DROP', 'TargetArchive': 'string' }, 'DeliverToMailbox': { 'ActionFailurePolicy': 'CONTINUE'|'DROP', 'MailboxArn': 'string', 'RoleArn': 'string' }, 'DeliverToQBusiness': { 'ActionFailurePolicy': 'CONTINUE'|'DROP', 'ApplicationId': 'string', 'IndexId': 'string', 'RoleArn': 'string' }, 'Drop': {} , 'Relay': { 'ActionFailurePolicy': 'CONTINUE'|'DROP', 'MailFrom': 'REPLACE'|'PRESERVE', 'Relay': 'string' }, 'ReplaceRecipient': { 'ReplaceWith': [ 'string', ] }, 'Send': { 'ActionFailurePolicy': 'CONTINUE'|'DROP', 'RoleArn': 'string' }, 'WriteToS3': { 'ActionFailurePolicy': 'CONTINUE'|'DROP', 'RoleArn': 'string', 'S3Bucket': 'string', 'S3Prefix': 'string', 'S3SseKmsKeyId': 'string' } }, ], 'Conditions': [ { 'BooleanExpression': { 'Evaluate': { 'Attribute': 'READ_RECEIPT_REQUESTED'|'TLS'|'TLS_WRAPPED' }, 'Operator': 'IS_TRUE'|'IS_FALSE' }, 'DmarcExpression': { 'Operator': 'EQUALS'|'NOT_EQUALS', 'Values': [ 'NONE'|'QUARANTINE'|'REJECT', ] }, 'IpExpression': { 'Evaluate': { 'Attribute': 'SOURCE_IP' }, 'Operator': 'CIDR_MATCHES'|'NOT_CIDR_MATCHES', 'Values': [ 'string', ] }, 'NumberExpression': { 'Evaluate': { 'Attribute': 'MESSAGE_SIZE' }, 'Operator': 'EQUALS'|'NOT_EQUALS'|'LESS_THAN'|'GREATER_THAN'|'LESS_THAN_OR_EQUAL'|'GREATER_THAN_OR_EQUAL', 'Value': 123.0 }, 'StringExpression': { 'Evaluate': { 'Attribute': 'MAIL_FROM'|'HELO'|'RECIPIENT'|'SENDER'|'FROM'|'SUBJECT'|'TO'|'CC', 'MimeHeaderAttribute': 'string' }, 'Operator': 'EQUALS'|'NOT_EQUALS'|'STARTS_WITH'|'ENDS_WITH'|'CONTAINS', 'Values': [ 'string', ] }, 'VerdictExpression': { 'Evaluate': { 'Analysis': { 'Analyzer': 'string', 'ResultField': 'string' }, 'Attribute': 'SPF'|'DKIM' }, 'Operator': 'EQUALS'|'NOT_EQUALS', 'Values': [ 'PASS'|'FAIL'|'GRAY'|'PROCESSING_FAILED', ] } }, ], 'Name': 'string', 'Unless': [ { 'BooleanExpression': { 'Evaluate': { 'Attribute': 'READ_RECEIPT_REQUESTED'|'TLS'|'TLS_WRAPPED' }, 'Operator': 'IS_TRUE'|'IS_FALSE' }, 'DmarcExpression': { 'Operator': 'EQUALS'|'NOT_EQUALS', 'Values': [ 'NONE'|'QUARANTINE'|'REJECT', ] }, 'IpExpression': { 'Evaluate': { 'Attribute': 'SOURCE_IP' }, 'Operator': 'CIDR_MATCHES'|'NOT_CIDR_MATCHES', 'Values': [ 'string', ] }, 'NumberExpression': { 'Evaluate': { 'Attribute': 'MESSAGE_SIZE' }, 'Operator': 'EQUALS'|'NOT_EQUALS'|'LESS_THAN'|'GREATER_THAN'|'LESS_THAN_OR_EQUAL'|'GREATER_THAN_OR_EQUAL', 'Value': 123.0 }, 'StringExpression': { 'Evaluate': { 'Attribute': 'MAIL_FROM'|'HELO'|'RECIPIENT'|'SENDER'|'FROM'|'SUBJECT'|'TO'|'CC', 'MimeHeaderAttribute': 'string' }, 'Operator': 'EQUALS'|'NOT_EQUALS'|'STARTS_WITH'|'ENDS_WITH'|'CONTAINS', 'Values': [ 'string', ] }, 'VerdictExpression': { 'Evaluate': { 'Analysis': { 'Analyzer': 'string', 'ResultField': 'string' }, 'Attribute': 'SPF'|'DKIM' }, 'Operator': 'EQUALS'|'NOT_EQUALS', 'Values': [ 'PASS'|'FAIL'|'GRAY'|'PROCESSING_FAILED', ] } }, ] }, ], Tags=[ { 'Key': 'string', 'Value': 'string' }, ] )
- Parameters:
ClientToken (string) –
A unique token that Amazon SES uses to recognize subsequent retries of the same request.
This field is autopopulated if not provided.
RuleSetName (string) –
[REQUIRED]
A user-friendly name for the rule set.
Rules (list) –
[REQUIRED]
Conditional rules that are evaluated for determining actions on email.
(dict) –
A rule contains conditions, “unless conditions” and actions. For each envelope recipient of an email, if all conditions match and none of the “unless conditions” match, then all of the actions are executed sequentially. If no conditions are provided, the rule always applies and the actions are implicitly executed. If only “unless conditions” are provided, the rule applies if the email does not match the evaluation of the “unless conditions”.
Actions (list) – [REQUIRED]
The list of actions to execute when the conditions match the incoming email, and none of the “unless conditions” match.
(dict) –
The action for a rule to take. Only one of the contained actions can be set.
Note
This is a Tagged Union structure. Only one of the following top level keys can be set:
AddHeader
,Archive
,DeliverToMailbox
,DeliverToQBusiness
,Drop
,Relay
,ReplaceRecipient
,Send
,WriteToS3
.AddHeader (dict) –
This action adds a header. This can be used to add arbitrary email headers.
HeaderName (string) – [REQUIRED]
The name of the header to add to an email. The header must be prefixed with “X-”. Headers are added regardless of whether the header name pre-existed in the email.
HeaderValue (string) – [REQUIRED]
The value of the header to add to the email.
Archive (dict) –
This action archives the email. This can be used to deliver an email to an archive.
ActionFailurePolicy (string) –
A policy that states what to do in the case of failure. The action will fail if there are configuration errors. For example, the specified archive has been deleted.
TargetArchive (string) – [REQUIRED]
The identifier of the archive to send the email to.
DeliverToMailbox (dict) –
This action delivers an email to a WorkMail mailbox.
ActionFailurePolicy (string) –
A policy that states what to do in the case of failure. The action will fail if there are configuration errors. For example, the mailbox ARN is no longer valid.
MailboxArn (string) – [REQUIRED]
The Amazon Resource Name (ARN) of a WorkMail organization to deliver the email to.
RoleArn (string) – [REQUIRED]
The Amazon Resource Name (ARN) of an IAM role to use to execute this action. The role must have access to the workmail:DeliverToMailbox API.
DeliverToQBusiness (dict) –
This action delivers an email to an Amazon Q Business application for ingestion into its knowledge base.
ActionFailurePolicy (string) –
A policy that states what to do in the case of failure. The action will fail if there are configuration errors. For example, the specified application has been deleted or the role lacks necessary permissions to call the qbusiness:BatchPutDocument API.
ApplicationId (string) – [REQUIRED]
The unique identifier of the Amazon Q Business application instance where the email content will be delivered.
IndexId (string) – [REQUIRED]
The identifier of the knowledge base index within the Amazon Q Business application where the email content will be stored and indexed.
RoleArn (string) – [REQUIRED]
The Amazon Resource Name (ARN) of the IAM Role to use while delivering to Amazon Q Business. This role must have access to the qbusiness:BatchPutDocument API for the given application and index.
Drop (dict) –
This action terminates the evaluation of rules in the rule set.
Relay (dict) –
This action relays the email to another SMTP server.
ActionFailurePolicy (string) –
A policy that states what to do in the case of failure. The action will fail if there are configuration errors. For example, the specified relay has been deleted.
MailFrom (string) –
This action specifies whether to preserve or replace original mail from address while relaying received emails to a destination server.
Relay (string) – [REQUIRED]
The identifier of the relay resource to be used when relaying an email.
ReplaceRecipient (dict) –
The action replaces certain or all recipients with a different set of recipients.
ReplaceWith (list) –
This action specifies the replacement recipient email addresses to insert.
(string) –
Send (dict) –
This action sends the email to the internet.
ActionFailurePolicy (string) –
A policy that states what to do in the case of failure. The action will fail if there are configuration errors. For example, the caller does not have the permissions to call the sendRawEmail API.
RoleArn (string) – [REQUIRED]
The Amazon Resource Name (ARN) of the role to use for this action. This role must have access to the ses:SendRawEmail API.
WriteToS3 (dict) –
This action writes the MIME content of the email to an S3 bucket.
ActionFailurePolicy (string) –
A policy that states what to do in the case of failure. The action will fail if there are configuration errors. For example, the specified the bucket has been deleted.
RoleArn (string) – [REQUIRED]
The Amazon Resource Name (ARN) of the IAM Role to use while writing to S3. This role must have access to the s3:PutObject, kms:Encrypt, and kms:GenerateDataKey APIs for the given bucket.
S3Bucket (string) – [REQUIRED]
The bucket name of the S3 bucket to write to.
S3Prefix (string) –
The S3 prefix to use for the write to the s3 bucket.
S3SseKmsKeyId (string) –
The KMS Key ID to use to encrypt the message in S3.
Conditions (list) –
The conditions of this rule. All conditions must match the email for the actions to be executed. An empty list of conditions means that all emails match, but are still subject to any “unless conditions”
(dict) –
The conditional expression used to evaluate an email for determining if a rule action should be taken.
Note
This is a Tagged Union structure. Only one of the following top level keys can be set:
BooleanExpression
,DmarcExpression
,IpExpression
,NumberExpression
,StringExpression
,VerdictExpression
.BooleanExpression (dict) –
The condition applies to a boolean expression passed in this field.
Evaluate (dict) – [REQUIRED]
The operand on which to perform a boolean condition operation.
Note
This is a Tagged Union structure. Only one of the following top level keys can be set:
Attribute
.Attribute (string) –
The boolean type representing the allowed attribute types for an email.
Operator (string) – [REQUIRED]
The matching operator for a boolean condition expression.
DmarcExpression (dict) –
The condition applies to a DMARC policy expression passed in this field.
Operator (string) – [REQUIRED]
The operator to apply to the DMARC policy of the incoming email.
Values (list) – [REQUIRED]
The values to use for the given DMARC policy operator. For the operator EQUALS, if multiple values are given, they are evaluated as an OR. That is, if any of the given values match, the condition is deemed to match. For the operator NOT_EQUALS, if multiple values are given, they are evaluated as an AND. That is, only if the email’s DMARC policy is not equal to any of the given values, then the condition is deemed to match.
(string) –
IpExpression (dict) –
The condition applies to an IP address expression passed in this field.
Evaluate (dict) – [REQUIRED]
The IP address to evaluate in this condition.
Note
This is a Tagged Union structure. Only one of the following top level keys can be set:
Attribute
.Attribute (string) –
The attribute of the email to evaluate.
Operator (string) – [REQUIRED]
The operator to evaluate the IP address.
Values (list) – [REQUIRED]
The IP CIDR blocks in format “x.y.z.w/n” (eg 10.0.0.0/8) to match with the email’s IP address. For the operator CIDR_MATCHES, if multiple values are given, they are evaluated as an OR. That is, if the IP address is contained within any of the given CIDR ranges, the condition is deemed to match. For NOT_CIDR_MATCHES, if multiple CIDR ranges are given, the condition is deemed to match if the IP address is not contained in any of the given CIDR ranges.
(string) –
NumberExpression (dict) –
The condition applies to a number expression passed in this field.
Evaluate (dict) – [REQUIRED]
The number to evaluate in a numeric condition expression.
Note
This is a Tagged Union structure. Only one of the following top level keys can be set:
Attribute
.Attribute (string) –
An email attribute that is used as the number to evaluate.
Operator (string) – [REQUIRED]
The operator for a numeric condition expression.
Value (float) – [REQUIRED]
The value to evaluate in a numeric condition expression.
StringExpression (dict) –
The condition applies to a string expression passed in this field.
Evaluate (dict) – [REQUIRED]
The string to evaluate in a string condition expression.
Note
This is a Tagged Union structure. Only one of the following top level keys can be set:
Attribute
,MimeHeaderAttribute
.Attribute (string) –
The email attribute to evaluate in a string condition expression.
MimeHeaderAttribute (string) –
The email MIME X-Header attribute to evaluate in a string condition expression.
Operator (string) – [REQUIRED]
The matching operator for a string condition expression.
Values (list) – [REQUIRED]
The string(s) to be evaluated in a string condition expression. For all operators, except for NOT_EQUALS, if multiple values are given, the values are processed as an OR. That is, if any of the values match the email’s string using the given operator, the condition is deemed to match. However, for NOT_EQUALS, the condition is only deemed to match if none of the given strings match the email’s string.
(string) –
VerdictExpression (dict) –
The condition applies to a verdict expression passed in this field.
Evaluate (dict) – [REQUIRED]
The verdict to evaluate in a verdict condition expression.
Note
This is a Tagged Union structure. Only one of the following top level keys can be set:
Analysis
,Attribute
.Analysis (dict) –
The Add On ARN and its returned value to evaluate in a verdict condition expression.
Analyzer (string) – [REQUIRED]
The Amazon Resource Name (ARN) of an Add On.
ResultField (string) – [REQUIRED]
The returned value from an Add On.
Attribute (string) –
The email verdict attribute to evaluate in a string verdict expression.
Operator (string) – [REQUIRED]
The matching operator for a verdict condition expression.
Values (list) – [REQUIRED]
The values to match with the email’s verdict using the given operator. For the EQUALS operator, if multiple values are given, the condition is deemed to match if any of the given verdicts match that of the email. For the NOT_EQUALS operator, if multiple values are given, the condition is deemed to match of none of the given verdicts match the verdict of the email.
(string) –
Name (string) –
The user-friendly name of the rule.
Unless (list) –
The “unless conditions” of this rule. None of the conditions can match the email for the actions to be executed. If any of these conditions do match the email, then the actions are not executed.
(dict) –
The conditional expression used to evaluate an email for determining if a rule action should be taken.
Note
This is a Tagged Union structure. Only one of the following top level keys can be set:
BooleanExpression
,DmarcExpression
,IpExpression
,NumberExpression
,StringExpression
,VerdictExpression
.BooleanExpression (dict) –
The condition applies to a boolean expression passed in this field.
Evaluate (dict) – [REQUIRED]
The operand on which to perform a boolean condition operation.
Note
This is a Tagged Union structure. Only one of the following top level keys can be set:
Attribute
.Attribute (string) –
The boolean type representing the allowed attribute types for an email.
Operator (string) – [REQUIRED]
The matching operator for a boolean condition expression.
DmarcExpression (dict) –
The condition applies to a DMARC policy expression passed in this field.
Operator (string) – [REQUIRED]
The operator to apply to the DMARC policy of the incoming email.
Values (list) – [REQUIRED]
The values to use for the given DMARC policy operator. For the operator EQUALS, if multiple values are given, they are evaluated as an OR. That is, if any of the given values match, the condition is deemed to match. For the operator NOT_EQUALS, if multiple values are given, they are evaluated as an AND. That is, only if the email’s DMARC policy is not equal to any of the given values, then the condition is deemed to match.
(string) –
IpExpression (dict) –
The condition applies to an IP address expression passed in this field.
Evaluate (dict) – [REQUIRED]
The IP address to evaluate in this condition.
Note
This is a Tagged Union structure. Only one of the following top level keys can be set:
Attribute
.Attribute (string) –
The attribute of the email to evaluate.
Operator (string) – [REQUIRED]
The operator to evaluate the IP address.
Values (list) – [REQUIRED]
The IP CIDR blocks in format “x.y.z.w/n” (eg 10.0.0.0/8) to match with the email’s IP address. For the operator CIDR_MATCHES, if multiple values are given, they are evaluated as an OR. That is, if the IP address is contained within any of the given CIDR ranges, the condition is deemed to match. For NOT_CIDR_MATCHES, if multiple CIDR ranges are given, the condition is deemed to match if the IP address is not contained in any of the given CIDR ranges.
(string) –
NumberExpression (dict) –
The condition applies to a number expression passed in this field.
Evaluate (dict) – [REQUIRED]
The number to evaluate in a numeric condition expression.
Note
This is a Tagged Union structure. Only one of the following top level keys can be set:
Attribute
.Attribute (string) –
An email attribute that is used as the number to evaluate.
Operator (string) – [REQUIRED]
The operator for a numeric condition expression.
Value (float) – [REQUIRED]
The value to evaluate in a numeric condition expression.
StringExpression (dict) –
The condition applies to a string expression passed in this field.
Evaluate (dict) – [REQUIRED]
The string to evaluate in a string condition expression.
Note
This is a Tagged Union structure. Only one of the following top level keys can be set:
Attribute
,MimeHeaderAttribute
.Attribute (string) –
The email attribute to evaluate in a string condition expression.
MimeHeaderAttribute (string) –
The email MIME X-Header attribute to evaluate in a string condition expression.
Operator (string) – [REQUIRED]
The matching operator for a string condition expression.
Values (list) – [REQUIRED]
The string(s) to be evaluated in a string condition expression. For all operators, except for NOT_EQUALS, if multiple values are given, the values are processed as an OR. That is, if any of the values match the email’s string using the given operator, the condition is deemed to match. However, for NOT_EQUALS, the condition is only deemed to match if none of the given strings match the email’s string.
(string) –
VerdictExpression (dict) –
The condition applies to a verdict expression passed in this field.
Evaluate (dict) – [REQUIRED]
The verdict to evaluate in a verdict condition expression.
Note
This is a Tagged Union structure. Only one of the following top level keys can be set:
Analysis
,Attribute
.Analysis (dict) –
The Add On ARN and its returned value to evaluate in a verdict condition expression.
Analyzer (string) – [REQUIRED]
The Amazon Resource Name (ARN) of an Add On.
ResultField (string) – [REQUIRED]
The returned value from an Add On.
Attribute (string) –
The email verdict attribute to evaluate in a string verdict expression.
Operator (string) – [REQUIRED]
The matching operator for a verdict condition expression.
Values (list) – [REQUIRED]
The values to match with the email’s verdict using the given operator. For the EQUALS operator, if multiple values are given, the condition is deemed to match if any of the given verdicts match that of the email. For the NOT_EQUALS operator, if multiple values are given, the condition is deemed to match of none of the given verdicts match the verdict of the email.
(string) –
Tags (list) –
The tags used to organize, track, or control access for the resource. For example, { “tags”: {“key1”:”value1”, “key2”:”value2”} }.
(dict) –
A key-value pair (the value is optional), that you can define and assign to Amazon Web Services resources.
Key (string) – [REQUIRED]
The key of the key-value tag.
Value (string) – [REQUIRED]
The value of the key-value tag.
- Return type:
dict
- Returns:
Response Syntax
{ 'RuleSetId': 'string' }
Response Structure
(dict) –
RuleSetId (string) –
The identifier of the created rule set.
Exceptions