On-campus developers are used to having applications send email via appsmtp.mail.cornell.edu. Currently, there is no similar Cornell service in AWS for developers to use. This page shows how to setup the AWS Simple Email Service (SES) to send email from applications.
|
This solution uses SES in limited or sandbox mode, where you validate sender (i.e., "from") email addresses one at a time. This convinces SES that you are the owner of the email address so it will send email from the address on your behalf. For this example, we assume that you own or control the myapp-support@cornell.edu email address.
Verify the myapp-support@cornell.edu email address following instructions in AWS documentation: http://docs.aws.amazon.com/ses/latest/DeveloperGuide/verify-email-addresses.html.
In this step, you create an IAM role, group, and user to facilitate sending email using Simple Email Service using a CloudFormation Template.
From Address | In sandbox or limited mode, all of the emails sent via SES must use one of the sender (i.e. "from") addresses previously validated with SES (in step 1). |
---|---|
To Address | any desired |
Host | email-smtp.us-east-1.amazonaws.com (i.e., email-smtp.<AWS_REGION>.amazonaws.com) |
Port | 587 |
Use TLS? | yes |
User name | This is the access key produced by the iam-ses.yaml CloudFormation template. It will look something like "AKIAI42SV3U3D465DCGA" |
Password | This is the secret access key produced by the iam-ses.yaml CloudFormation template. |
We recommend creating an IAM user for each application (or project) that you wish to send email via SES. The second and further IAM users can use the same IAM role and group created by the CloudFormation template we use here. It may be easiest to manually create these additional users:
Ideally, you want to rotate the access keys for all your IAM users periodically. This includes the keys used by these IAM users created for SES access. Here's some AWS documentation on how to do that: https://aws.amazon.com/blogs/security/how-to-rotate-access-keys-for-iam-users/