Sending on behalf of users with Amazon SES - amazon-web-services

Sometimes it's necessary to send an email with the reply-to address of another user. For example, if a LinkedIn user sends a connection of theirs a LinkedIn message, it makes sense to send that email from the user that sent the message, so that clicking 'reply' actually replies to the person who sent the message.
Is there a way to do this with Amazon SES?

You can pass ReplyToAddresses parameter in $ses->sendEmail() (documentation PHP V2, assuming other languages and versions will have similar structure, search for it)
$sesClient->sendEmail([
'Source' => 'sender#mail.ru',
'Destination' => 'dummy#clie.nt',
'Message' => [
'Subject' => [
'Data' => 'Spammer attack',
],
'Body' => [
'Html' => [
'Data' => 'Le Attacke!',
],
],
],
'ReplyToAddresses' => [
'reply#ema.il',
'sender#mail.ru',
'dummy#clie.nt',
]
]);

Related

Naming an AWS EC2 security group IP permissions rule

I am using the AWS PHP SDK version 3. I am able to create security groups using the API, as well as creating IP Permission rules. What I can't figure out is how give the IP Permissions rule a name.
Here's what I have:
$params =
[
'Description' => 'My Security Group',
'GroupName' => 'my_security_group',
'VpcId' => 'vpc-a9d2h3d7',
'TagSpecifications' => [
[
'ResourceType' => 'security-group',
'Tags' =>
[
['Key' => 'Name', 'Value' => 'My Security Group']
]
]
],
];
$Ec2Client->createSecurityGroup($params);
At this point the group is created
Then I create an IP Permissions rule:
$ip_permissions = [
'GroupName' => 'my_security_group',
'FromPort' => 0,
'ToPort' => 65535,
'IpProtocol' => 'tcp',
'IpRanges' => [['CidrIp' => 'xx.xxx.xx.xxxx/32', 'Description' => 'Main Office']],
];
$Ec2Client->authorizeSecurityGroupIngress($ip_permissions);
Through the AWS Console, I can see that the rule is created, but the Name column is empty. How do I create the Name through the API?
It would be same, by using TagSpecifications. But instead of security-group you need to have security-group-rule:
'TagSpecifications' => [
[
'ResourceType' => 'security-group-rule',
'Tags' =>
[
['Key' => 'Name', 'Value' => 'My Security Group Rule']
]
]
]
Full example in AWS CLI (don't have php):
aws ec2 authorize-security-group-ingress --group-id sg-00102bde0b55e29fe --ip-permissions FromPort=0,IpProtocol=tcp,IpRanges='[{CidrIp=10.10.10.10/32,Description="Main Office"}]',ToPort=65535 --tag-specifications ResourceType=security-group-rule,Tags='[{Key=Name,Value=MyName}]'

How to Put Events to custom bus using aws php sdk?

I am trying to send an event to custom event bus 'custom-event-bus' using AWS PHP SDK using the following code
$client->putEvents([
'Entries' => [ // REQUIRED
[
'Detail' => '{"alpha":"beta"}',
'DetailType' => '',
'EventBusName' => 'custom-event-bus',
'Resources' => ['arn:aws:events:us-east-1:351123639451:event-bus/custom-event-bus',],
'Source' => 'my-application',
'Time' => time(),
],
],
]);
I am getting this error in the result:
AccessDeniedException (client): User: arn:aws:iam::351123639451:user/my-user is not authorized to perform: events:PutEvents on resource: arn:aws:events:us-east-1:351123639451:event-bus/default - {"__type":"AccessDeniedException","Message":"User: arn:aws:iam::351123639451:user/my-user is not authorized to perform: events:PutEvents on resource: arn:aws:events:us-east-1:351123639451:event-bus/default"}
From this error message, it seems to be that it is sending an event on the default event bus, not the custom one to which I am sending.
The syntax here is correct, EventBusName is where you would specify the event bus name.
I would recommend checking that you have no other calls to this function name, perhaps taking it out and running independently.

How to set Importance priority when sending email via SES using boto3

I'm sending emails using AWS Lambda function that calls the SES service via boto3. I managed to get everything working, however i would like to add 'important' priority on the email. Reading the boto3 api docs it does not state setting priority. Has anyone done this for SES please. Below is example of call to boto3:
import boto3
ses = boto3.client('ses')
email_response = ses.send_email(
Destination={
'BccAddresses': [
],
'CcAddresses': [
],
'ToAddresses': [
email_address
],
},
Message={
'Body': {
'Html': {
'Charset': 'UTF-8',
'Data': html_output,
},
},
'Subject': {
'Charset': 'UTF-8',
'Data': 'My msg'
},
},
Source=SENDER
)
You'll want to use the send_raw_email() method instead since SMTP Priority is a SES-supported customer header field, though not as a boto3 method argument.
You can read more about the SMTP Priority field in the SMTP sending an priority email StackOverflow answer.

Issues generating CloudFront signed URLs; always Access Denied

I’m having issues generating signed URLs with CloudFront. Whatever I try, I just get an “Access Denied” response.
I’ve created a distribution in CloudFront, and a CloudFront key pair ID. I’ve downloaded the private and public keys for that key pair ID.
In a simple PHP script, I’m trying the following:
use Aws\CloudFront\CloudFrontClient;
$cloudfront = new CloudFrontClient([
'credentials' => [
'key' => '[redacted]', // Access key ID of IAM user with Administrator policy
'secret' => '[redacted]', // Secret access key of same IAM user
],
'debug' => true,
'region' => 'eu-west-1',
'version' => 'latest',
]);
$expires = strtotime('+6 hours');
$resource = 'https://[redacted].cloudfront.net/mp4/bunny-trailer.mp4';
$url = $cloudfront->getSignedUrl([
'url' => $resource,
'policy' => json_encode([
'Statement' => [
[
'Resource' => $resource,
'Condition' => [
'DateLessThan' => [
'AWS:EpochTime' => $expires,
],
],
],
],
]),
'expires' => $expires,
'key_pair_id' => '[redacted]', // Access key ID of CloudFront key pair
'private_key' => '[redacted]', // Relative path to pk-[redacted].pem file
]);
But when visiting the generated URL, it just always gives me an error in the browser with a code of “AccessDenied”.
What am I doing wrong?
Discovered what the issue was. The objects in my S3 bucket weren’t publicly-accessible, and I hadn’t added an Origin Access Identity, so CloudFront couldn’t pull the objects from my origin (my S3 bucket) to cache them.
As soon as I added an Origin Access Identity and added it to my S3 bucket’s policy, my objects immediately became accessible through my CloudFront distribution via signed URLs.
Relevant documentation: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html#private-content-creating-oai

The request signature we calculated does not match the signature you provided

I am using SES for sending email here is my code can you anybody tell me what is the problem ?
Is there anyone facing the same problem??
I have also check my credentials they are also correct.
$client = SesClient::factory(array(
'version'=> 'latest',
'region' => REGION,
'credentials' => array(
'key' => "AKIA***********",
'secret' => "AoIM6Z/clu********************",
),
));
try {
$result = $client->sendEmail([
'Destination' => [
'ToAddresses' => [
RECIPIENT,
],
],
'Message' => [
'Body' => [
'Html' => [
'Charset' => CHARSET,
'Data' => HTMLBODY,
],
'Text' => [
'Charset' => CHARSET,
'Data' => TEXTBODY,
],
],
'Subject' => [
'Charset' => CHARSET,
'Data' => SUBJECT,
],
],
'Source' => SENDER,
// If you are not using a configuration set, comment or delete the
// following line
'ConfigurationSetName' => CONFIGSET,
]);
$messageId = $result->get('MessageId');
echo("Email sent! Message ID: $messageId"."\n");
} catch (SesException $error) {
echo("The email was not sent. Error message: ".$error-
>getAwsErrorMessage()."\n");
}
}
After so much googling I found out that my credentials are wrong. Just regenerate the credentials, try it again and it should work. Another thing is that the when key includes '/', it will not work, so if your key contains '/', regenerate it.