Nitroglycerin Pickle Machine

    ses-smtp-credentials-cdk

    1.0.17 • Public • Published

    ses-smtp-credentials-cdk

    npm version

    Generate AWS SES SMTP credentials for sending mail via SES.

    What

    On the 10th January 2019 AWS changed how SES SMTP authentication works to restrict access on a per-region basis. This makes providing SES credentials annoyingly hard, if you are automating everything via Cloudformation.

    This addresses that.

    Usage

    import { SesSmtpCredentials } from 'ses-smtp-credentials-cdk';
    
    // ...
    
    const smtpCredentials = new SesSmtpCredentials(this, 'Credentials', {
        region: 'eu-west-1'
    });
    
    new ssm.StringParameter(this, 'CredentialsParameter', {
        parameterName: 'email',
        stringValue: JSON.stringify({
            username: smtpCredentials.username(),
            password: smtpCredentials.password(),
        })
    });

    Implementation

    1. A user is created in IAM with only permissions for ses:SendRawEmail.
    2. The user is given an access key.
    3. The secret key is signed for the desired region (see below)
    4. the access key and signed secret key are returned as username and password

    Signature algorithm

    The algorithm for signing the key is as specified here:

    https://docs.aws.amazon.com/ses/latest/DeveloperGuide/smtp-credentials.html

    Nota Bene: Confidentiality of keys

    The returned username and password are provided via Cloudformation (rather like the Iam::AccessKey resource), which is potentially a problem for confidentiality. Better would be for this custom resource to write directly to a secret. Patches are welcome.

    Development

    Releasing a new version

    Run

    $ npm version (patch|minor|major)
    $ git push origin master [tag you just created]
    

    Keywords

    none

    Install

    npm i ses-smtp-credentials-cdk

    DownloadsWeekly Downloads

    54

    Version

    1.0.17

    License

    Apache-2.0

    Unpacked Size

    26.3 kB

    Total Files

    10

    Last publish

    Collaborators

    • winjer
    • plumdog
    • isotoma-ci