Skip to content

[Mailer] SES API Transport authentication not working on ap-southeast-2 #35468

@badams

Description

@badams

Symfony version(s) affected: 4.4/5.0

Description
When using the SesApiTransport on the ap-southeast-2 region and valid credentials requests will fail with the following error

Unable to send an email: The security token included in the request is invalid (code InvalidClientTokenId).

How to reproduce
Configure the Mailer with AWS API transport with region (ses+api://AWS_ACCESS_KEY_ID: AWS_SECRET_ACCESS_KEY@default?region=ap-southeast-2) and attempt to use the transport to send mail.

Possible Solution
My investigation seems to indicate that the issue is caused by the way the authorization signature is generated https://github.com/symfony/amazon-mailer/blob/master/Transport/SesApiTransport.php#L85
as the result from the official sdk is quite different.

Additional context
As a work around I've developed a custom transport that relies on the aws-php-sdk package for, unfortunately the base Transport class does not allow the addition of custom Transports so I can not use Transport::fromDsn(ses+sdk:...) to instantiate my transport

Metadata

Metadata

Assignees

No one assigned

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions