Built to enhance control - not take over your infrastructure.

Sovy integrates directly with Amazon SES while keeping your email sending pipeline fully under your AWS control.

Overview

Architecture Overview

Sovy connects to your AWS accounts to manage templates and configuration.Emails are still sent directly from your infrastructure via Amazon SES.

Application server sending email requests to Amazon SES

Your Application

Sends email requests

Amazon SES

Handles all delivery

User’s Inboxes

Receive emails

Control Layer

Sovy control plane connected to AWS for SES template management

Sovy Platform

Connects to AWS. Does not sit in the delivery path

No email proxying
No rerouting
No message interception

Your Application

Sends email requests

Amazon SES

Handles all delivery

Control Layer

Sovy Platform

Connects to AWS.Doesn’t sit in the delivery path

User’s Inboxes

Receive emails

System Boundaries

What Sovy Does & Does Not Do

Clear boundaries for security and control

What Sovy Does

Manages SES templates across environments
Tracks template changes and publishing history
Enforces structured access control
Provides visibility into who changed what and when

What Sovy Does Not Do

Does not send emails on your behalf
Does not proxy email traffic
Does not store or process outgoing email messages
Does not replace Amazon SES

This keeps your email delivery fully inside your AWS environment.

Protection Layer

Security Controls

Fine-grained access control and full visibility into every action.

Secure AWS account integration

Sovy connects to your AWS account via IAM roles and scoped permissions, keeping access fully under your control.

Granular access control

Assign roles and permissions to limit team members to only what they need.

Full audit trail of user actions

Every change is logged with who did what and when for full accountability.

Environment separation

Templates and changes are managed separately in each environment to protect live systems.

Compliance-Oriented Line

Sovy is designed to support operational accountability and internal control requirements in regulated or high-trust environments.

Role-Based Access

Secure AWS Integration

Sovy uses AWS IAM Roles with cross-account access and short-lived credentials.

No long-term Access Keys required
No credential storage
Scoped permissions (least privilege)
External ID protection
Full control retained by your AWS account

TypeScript snippet using AWS STS to assume a scoped Sovy IAM role from your account.

All email delivery remains inside your AWS environment.