Configuration Guide

Setting up Beacon

Follow this step-by-step guide to configure Amazon SES and connect it to your Beacon instance for high-performance mailing.

1

1. Set up SES Account

Amazon Simple Email Service (SES) is the engine behind Beacon. First, you'll need an AWS account.

  • Log in to your AWS Console.
  • Search for Amazon SES in the services search bar.
  • Select the region closest to your audience (e.g., US East (N. Virginia) or Mumbai).

Sandbox Mode

New accounts start in "Sandbox Mode". You can only send emails to verified identities. To send to anyone, you must request "Production Access" in the SES console.

2

2. Verify Identities

You must prove you own the domain or email address you want to send from.

Domain Verification

Best for sending from any address like @yourdomain.com.

  1. Click "Verified Identities" > "Create Identity".
  2. Select "Domain" and enter your domain name.
  3. AWS will provide CNAME records. Add these to your DNS provider (Cloudflare, GoDaddy, etc.).
  4. Wait for status to become "Verified".

Email Verification

Best for quick testing or personal use.

  1. Click "Verified Identities" > "Create Identity".
  2. Select "Email address" and enter your email.
  3. Check your inbox and click the verification link from AWS.
  4. The status will update to "Verified".
3

3. IAM & Permissions

Beacon needs programmatic access to your AWS account to send emails on your behalf.

  1. Navigate to IAM (Identity and Access Management) in AWS.
  2. Go to Users > Create User.
  3. Set a name (e.g., BeaconUser).
  4. In "Set permissions", create or attach a least-privilege policy instead of using "AmazonSESFullAccess".
  5. Grant only the SES permissions Beacon needs, such as ses:SendEmail, ses:SendRawEmail, and ses:GetSendQuota, scoped to your required region and verified identities where possible.

{

  "Version": "2026-04-07",

  "Statement": [

    {

      "Effect": "Allow",

      "Action": [

        "ses:SendEmail",

        "ses:SendRawEmail",

        "ses:GetSendQuota"

      ],

      "Resource": "*"

    }

  ]

}

After attaching the policy, complete user creation. Then open the user's "Security credentials" tab.

Click "Create access key", select "Application running outside AWS", and save your Access Key ID and Secret Access Key.

4

4. Environment Variables

Now, connect Beacon to your AWS account by adding the keys to your .env file.

# .env

AWS_ACCESS_KEY_ID=your_access_key_here

AWS_SECRET_ACCESS_KEY=your_secret_key_here

AWS_SES_REGION=us-east-1 # or your chosen region

5

5. SMTP Setup (Optional)

While Beacon uses the AWS SDK for performance, you might want SMTP credentials for other integrations.

  • In SES Console, go to "SMTP Settings".
  • Note down the SMTP Endpoint (e.g., email-smtp.us-east-1.amazonaws.com).
  • Click "Create SMTP credentials".
  • This will generate a unique SMTP username and password (different from IAM keys).

Ready to send?

Once you've configured your environment variables, restart your application and you're ready to start your first campaign.

Go to Dashboard