[英]Status Code 403: SignatureDoesNotMatch when I am using Amazon SES
I created a new Amazon account.我创建了一个新的亚马逊帐户。 Created SMTP Credentials and used AWS Java SDK to send emails.创建 SMTP 凭证并使用 AWS Java SDK 发送电子邮件。 But it is failing with following error:但它失败并出现以下错误:
Status Code: 403, AWS Service: AmazonSimpleEmailService, AWS Request ID: xyz, AWS Error Code: SignatureDoesNotMatch, AWS Error Message: The request signature we calculated does not match the signature you provided.状态代码:403,AWS 服务:AmazonSimpleEmailService,AWS 请求 ID:xyz,AWS 错误代码:SignatureDoesNotMatch,AWS 错误消息:我们计算的请求签名与您提供的签名不匹配。 Check your AWS Secret Access Key and signing method.检查您的 AWS 秘密访问密钥和签名方法。 Consult the service documentation for details.有关详细信息,请参阅服务文档。
The keys to be provided to send Emails are not "SMTP Credentials" .用于发送电子邮件的密钥不是“SMTP 凭据”。 The keys are instead Global access key which can be retrieved http://docs.amazonwebservices.com/ses/latest/GettingStartedGuide/GetAccessIDs.html .密钥是全局访问密钥,可以检索http://docs.amazonwebservices.com/ses/latest/GettingStartedGuide/GetAccessIDs.html 。
SMTP Credentials are not valid for use with SES API (AWS Java SDK). SMTP 凭证不适用于 SES API (AWS Java SDK)。 SMTP credential are in fact different to the ones manually created for IAM users, even that this different is not visible anywhere on AWS Console. SMTP 凭证实际上与为 IAM 用户手动创建的凭证不同,即使这种不同在 AWS 控制台上的任何地方都看不到。 Take a look here to see differences: http://docs.aws.amazon.com/ses/latest/DeveloperGuide/using-credentials.html在这里查看差异: http : //docs.aws.amazon.com/ses/latest/DeveloperGuide/using-credentials.html
You don't actually need to create Global Access credentials (which could be a security leak), but you should create a new IAM user with the following security policy, and create new credentials for that user.您实际上不需要创建全局访问凭证(这可能是安全漏洞),但您应该使用以下安全策略创建一个新的 IAM 用户,并为该用户创建新的凭证。
{
"Version": "2012-10-17",
"Statement":[{
"Effect":"Allow",
"Action":["ses:SendEmail", "ses:SendRawEmail"],
"Resource":"*"
}
]
}
PS: Probably, you could just add new credentials to the SMTP IAM user already created for SES, but I haven't yet tested this. PS:也许,您可以向已为 SES 创建的 SMTP IAM 用户添加新凭据,但我尚未对此进行测试。
Link to latest doc for credential types - https://docs.aws.amazon.com/ses/latest/dg/send-email-concepts-credentials.html链接到凭证类型的最新文档 - https://docs.aws.amazon.com/ses/latest/dg/send-email-concepts-credentials.html
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.