[英]django aws ses boto3 - why different IAM credentials are used for verify_email_identity
I am trying to use django boto3 aws ses to to send email. 我正在尝试使用django boto3 aws ses发送电子邮件。 I notice verify_email_identity uses a different IAM credentials, where is this set actually ? 我注意到verify_email_identity使用不同的IAM凭据,此设置实际上在哪里? i didnt set it in my django app. 我没有在我的Django应用中设置它。
client = boto3.client('ses', region_name='us-east-1')
client.verify_email_identity(EmailAddress="bounce@example.com") -> IAM user B
conn = mail.get_connection('django_amazon_ses.EmailBackend') -> IAM user A
email = EmailMessage(
'Subject', 'Content', 'bounce@example.com', ['to@example.com'],
headers={'From': 'from@example.com'},
)
self.assertGreater(conn.send_messages([email]), 0) -> IAM user A
IAM user A has all the permission (like below), but IAM user B doesnt have. IAM用户A具有所有权限(如下所示),但IAM用户B没有。 to me its strange why it is using IAM user B, how can that be possible ? 对我来说奇怪的是,为什么使用IAM用户B,这怎么可能? i checked all my code there is no such settings for IAM user B 我检查了所有代码,IAM用户B没有此类设置
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"ses:SendEmail",
"ses:SendRawEmail",
"ses:VerifyEmailIdentity"
],
"Resource": "*"
}
]
}
In settings.py, this is IAM user A credentials, i didnt not set IAM user B in anywhere in the app, maybe somewhere else in the mac pc, but im not sure. 在settings.py中,这是IAM用户A的凭据,我没有在应用程序中的任何位置(可能在mac pc中的其他位置)设置IAM用户B,但是我不确定。
AWS_ACCESS_KEY_ID = config('AWS_ACCESS_KEY_ID')
AWS_SECRET_ACCESS_KEY = config('AWS_SECRET_ACCESS_KEY')
The question is client = boto3.client and verify_email_identity sets the aws credentials 问题是client = boto3.client和verify_email_identity设置aws凭证
The django_amazon_ses
backend is designed for Django. django_amazon_ses
后端是为Django设计的。 Therefore it can fetch credentials from your settings . 因此,它可以从您的设置中获取凭据 。
When you use boto3.client()
directly, it doesn't know about your Django settings. 直接使用boto3.client()
,它不知道您的Django设置。 It tries to fetch your credentials from several places . 它尝试从多个位置获取您的凭据 。
If you want to use the credentials from your Django settings, you can explicitly use them when instantiating the boto3 client: 如果要使用Django设置中的凭据,可以在实例化boto3客户端时显式使用它们:
s3_client = boto3.client(
'ses',
aws_access_key_id=settings.AWS_SERVER_PUBLIC_KEY,
aws_secret_access_key=settings.AWS_SERVER_SECRET_KEY,
region_name='us-east-1',
)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.