Amazon Simple Email Service
開發人員指南

從現有 IAM 登入資料產生 SMTP 登入資料

若要使用 Amazon SES SMTP 界面傳送電子郵件,您必須建立 SMTP 使用者名稱和密碼。建立 SMTP 使用者名稱和密碼最簡單的方式是使用 Amazon SES 主控台。如需更多詳細資訊,請參閱 使用 Amazon SES 主控台來取得 Amazon SES SMTP 登入資料

某些程式設計語言包含您可用於將 IAM 私密存取金鑰轉換為 SMTP 密碼的程式庫。如果您有 IAM 使用者想要用於透過 SMTP 界面來傳送電子郵件,您可以使用這些程式碼範例,將該使用者的 AWS 私密存取金鑰轉換為 SMTP 密碼。

請先將您希望轉換的 AWS 私密存取金鑰置放在名為 AWS_SECRET_ACCESS_KEY 的環境變數中,再執行這些範例。這些程式碼範例會將您轉換的 SMTP 密碼做為其輸出來傳遞。此密碼和 SMTP 使用者名稱 (與您的 AWS 存取金鑰 ID 相同) 即為您的 Amazon SES SMTP 登入資料。

BashJavaPython
Bash
#!/usr/bin/env bash # These variables are required to calculate the SMTP password. VERSION='\x02' MESSAGE='SendRawEmail' # Check to see if OpenSSL is installed. If not, exit with errors. if ! [[ -x "$(command -v openssl)" ]]; then echo "Error: OpenSSL isn't installed." >&2 exit 1 # If OpenSSL is installed, check to see that the environment variable has a # length greater than 0. If not, exit with errors. elif [[ -z "${AWS_SECRET_ACCESS_KEY}" ]]; then echo "Error: Couldn't find environment variable AWS_SECRET_ACCESS_KEY." >&2 exit 1 fi # If we made it this far, all of the required elements exist. # Calculate the SMTP password. (echo -en $VERSION; echo -n $MESSAGE \ | openssl dgst -sha256 -hmac $AWS_SECRET_ACCESS_KEY -binary) \ | openssl enc -base64
Java
import javax.crypto.Mac; import javax.crypto.spec.SecretKeySpec; import javax.xml.bind.DatatypeConverter; public class SesSmtpCredentialGenerator { // Put your AWS secret access key in this environment variable. private static final String KEY_ENV_VARIABLE = "AWS_SECRET_ACCESS_KEY"; // Used to generate the HMAC signature. Do not modify. private static final String MESSAGE = "SendRawEmail"; // Version number. Do not modify. private static final byte VERSION = 0x02; public static void main(String[] args) { // Get the AWS secret access key from environment variable AWS_SECRET_ACCESS_KEY. String key = System.getenv(KEY_ENV_VARIABLE); if (key == null) { System.out.println("Error: Cannot find environment variable AWS_SECRET_ACCESS_KEY."); System.exit(0); } // Create an HMAC-SHA256 key from the raw bytes of the AWS secret access key. SecretKeySpec secretKey = new SecretKeySpec(key.getBytes(), "HmacSHA256"); try { // Get an HMAC-SHA256 Mac instance and initialize it with the AWS secret access key. Mac mac = Mac.getInstance("HmacSHA256"); mac.init(secretKey); // Compute the HMAC signature on the input data bytes. byte[] rawSignature = mac.doFinal(MESSAGE.getBytes()); // Prepend the version number to the signature. byte[] rawSignatureWithVersion = new byte[rawSignature.length + 1]; byte[] versionArray = {VERSION}; System.arraycopy(versionArray, 0, rawSignatureWithVersion, 0, 1); System.arraycopy(rawSignature, 0, rawSignatureWithVersion, 1, rawSignature.length); // To get the final SMTP password, convert the HMAC signature to base 64. String smtpPassword = DatatypeConverter.printBase64Binary(rawSignatureWithVersion); System.out.println(smtpPassword); } catch (Exception ex) { System.out.println("Error generating SMTP password: " + ex.getMessage()); } } }
Python
import os #required to fetch environment varibles import hmac #required to compute the HMAC key import hashlib #required to create a SHA256 hash import base64 #required to encode the computed key import sys #required for system functions (exiting, in this case) # Fetch the environment variable called AWS_SECRET_ACCESS_KEY, which contains # the secret access key for your IAM user. key = os.getenv('AWS_SECRET_ACCESS_KEY',0) # These varibles are used when calculating the SMTP password. You shouldn't # change them. message = 'SendRawEmail' version = '\x02' # See if the environment variable exists. If not, quit and show an error. if key == 0: sys.exit("Error: Can't find environment variable AWS_SECRET_ACCESS_KEY.") # Compute an HMAC-SHA256 key from the AWS secret access key. signatureInBytes = hmac.new(key.encode('utf-8'),message.encode('utf-8'),hashlib.sha256).digest() # Prepend the version number to the signature. signatureAndVersion = version.encode('utf-8') + signatureInBytes # Base64-encode the string that contains the version number and signature. smtpPassword = base64.b64encode(signatureAndVersion) # Decode the string and print it to the console. print(smtpPassword.decode('utf-8'))