I am trying to use an IAM Role that I have attached to an EC2 instance to generate a set of AWS SES SMTP credentials. However, after using the script given by Amazon to generate the SMTP Password from the Secret_Key of the IAM Role, and using the Access_Key_ID of the IAM Role, when trying to send an email via django.core.mail, I get error (535, b'Authentication Credentials Invalid').
This is how I am sending the email:
#django.core.mail
EMAIL_USE_TLS = True
EMAIL_HOST = 'email-smtp.us-east-1.amazonaws.com'
EMAIL_PORT = 587
EMAIL_HOST_USER = credentials.access_key
EMAIL_HOST_PASSWORD = SMTP_PASSWORD
send_mail(
'Subject here',
'Here is the message.',
'[email protected]',
['[email protected]'],
fail_silently=False,
)
And how am I generating the password:
session = boto3.session.Session()
credentials = session.get_credentials().get_frozen_credentials()
region = requests.get('http://169.254.169.254/latest/dynamic/instance-identity/document').json()['region']
SMTP_PASSWORD = smtp_credentials_generate.calculate_key(secret_access_key=credentials.secret_key, region=region)
The SMTP Password generate script is here: https://docs.aws.amazon.com/ses/latest/DeveloperGuide/smtp-credentials.html.
Through some research, I found these links that say you cannot use an IAM Role to use generate SMTP credentials:
https://serverfault.com/questions/584789/is-it-possible-to-send-email-via-the-amazon-ses-smtp-service-with-a-iam-role-acc https://hector.dev/2015/01/17/sending-e-mail-via-amazon-ses-over-smtp-with-iam-roles.html
However, Amazons official QA says that it is possible: https://aws.amazon.com/premiumsupport/knowledge-center/ses-create-smtp-credentials/
Important: The IAM user or role that you use to create the SMTP credentials...
So is it possible or not? What am I doing wrong?
