Amazon Simple Email Service is ending support for Signature Version 3 effective September 30, 2020
Like most of AWS Simple Email Service clients, we have been notified that Amazon Simple Email Service is ending support for Signature Version 3 effective September 30, 2020.
https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html
The above link and this one (https://docs.aws.amazon.com/general/latest/gr/sigv4_signing.html) seem to suggest that if we use AWS SDK, the signing process is handled automatically.
This leads me to believe that we just need to ensure we are using the latest versions of AWS SDK? Is this correct?
========================================================================
Also, one test to see which version is used for signing seems to be inspecting the HTTP API request for:
GET https://iam.amazonaws.com/?Action=ListUsers&Version=2010-05-08 HTTP/1.1
Authorization: AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20150830/us-east-1/iam/aws4_request, SignedHeaders=content-type;host;x-amz-date, Signature=5d672d79c15b13162d9279b0855cfba6789a8edb4c82c400e06b5924a6f2b5d7
content-type: application/x-www-form-urlencoded; charset=utf-8
host: iam.amazonaws.com
x-amz-date: 20150830T123600Z
In other words, if version 4, "Authorization: AWS4-HMAC-SHA256" will be seen. I am not sure when this HTTP API Request is sent.
Is this when we use AWS SDK to create the AmazonSimpleEmailServiceClient ?
Dim client As New Amazon.SimpleEmail.AmazonSimpleEmailServiceClient("<Access-key-id>", "<Secret-access-key-id>", Amazon.RegionEndPoint.<EndPoint>)
Or when we send the email request?
Dim mailObj As New SendEmailRequest
...
Dim response = client.SendEmail(mailObj)
Thanks Thomas, if your comment was an answer I would have accepted it :-)
I inspected the HTTP request header using fiddler as it sends the email.
And can confirm that it was using Signature version 3.
Then I moved to AWS SDK 3.3, and inspected the HTTP header and found out that the Signature is version 4.
So it does appear that all we need to do is upgrade our AWS SDK. Thanks.
Hope this helps someone else.
- AWS CLI Create Default VPC
- Email address is not verified (AWS SES)
- RDS Proxy: PENDING_PROXY_CAPACITY and "DBProxy Target unavailable due to an internal error"
- mTLS on AWS ALBs across multiple regions
- How to debug a aws lambda function?
- AWS SAM retrieve secret value from Secret Manager with dynamic referencing
- Cloudfront redirect when signed cookies not present
- Is there a wildcard character in AWS EventBridge rules?
- Laravel file upload s3 Multipart
- Increase EC2 disk storage without losing any data
- AWS Lambda triggers SES in VPC
- Setting HTTP Headers with Lambda@Edge
- How to find an Amazon EC2 AMI if I only have the id?
- AWS Lambda - Can't set memory larger than 3008 MB
- Which one is the cheapest to use AWS RDS or my own database?
- AWS Glue Please verify role's TrustPolicy
- How to create event bus events with source 'aws.'?
- Terraform and AWS: No Configuration Files Found Error
- How to transfer the packets through NAT gateway instead of public IP?
- Is Aws well architected framework supports API's?
- Can't delete AWS internet Gateway
- Unable to Trigger Lambda function in AWS using Python code from my local setup
- How to login with AWS CLI using credentials profiles
- How to retrieve multiple endpoints using data "aws_vpc_endpoint" resource?
- When pushing to ECS, Docker image errors out with module not found error
- Is there a way to drop file extensions when using AWS CLI with --recursive?
- On-demand self-hosted AWS EC2 runner for GitHub Actions
- How to manage dev and prod environments in a SAM project with CloudFormation Stacks, API Gateway, Lambda, and other AWS services?
- EC2 Instance error telling me multiple IAM Roles are attached when I try to change it...?
- (NoSuchVersion) when calling the GetObject operation: The specified version does not exist