Reputation: 12876
Sending mail from a Java app to SES by using only an instance role
Is there a way to leverage instance roles to be able to send mail to SES from a Java application running on an Amazon Linux EC2 instance so that one does not have to have IAM access keys on the box or in memory?
Would prefer not to have any private keys, including IAM keys (even those with locked down privileges), on our EC2 instances whether on disk or in memory.
Upvotes: 2
Views: 1962
Answers (1)
Reputation: 36043
Create an IAM EC2 Instance Profile/Role with the following policy:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Stmt1393257734000",
"Effect": "Allow",
"Action": [
"ses:SendEmail"
],
"Resource": [
"*"
]
}
}
When you launch your instance, assign to it your IAM EC2 instance profile from above, then you can use the AWS cli or various AWS SDK to send emails using the ses:SendEmail command.
Edit:
The AWS SDK for Java can use Instance Profile credentials.
AmazonSimpleEmailService sesClient = new AmazonSimpleEmailServiceClient(new InstanceProfileCredentialsProvider());
Reference: http://docs.aws.amazon.com/AWSSdkDocsJava/latest/DeveloperGuide/java-dg-roles.html
Upvotes: 5
Related Questions
- Sending Emails with Amazon SES and Spring Boot
- Enable user to send and receive email through AWS SES
- AWS SES Service For sending mail using java
- AWS: Sending email through SES from Lambda
- Not able to send Email using Amazon SES in Java
- How do I send an email through SES with temporary SES-specific credentials?
- Bulk Mail Sending Through AWS SES
- How do you provide AWS keys to Amazon SES service when sending emails?
- Amazon SES - Send email using IAM Roles
- Sending HTML email through amazon ses