Photo by Torsten Dettlaff from Pexels |
- You need to have an aws account, you can use aws free tier for this. If you don't have an aws account, set it up before you start. (https://aws.amazon.com/free/)
- Since we are using the free tier account and even for the paid accounts, initially aws ses provides us a sandbox environment to use. The limitation of the sandbox account is we only can send and receive emails from verified email addresses which is verified in the aws ses. Since we are doing this for development sandbox environment is enough for us, to move to production we need to get support from aws support.
- In this application we are going to send emails from one address, this can be your company address or other address use for sending emails to your users. You need to register this email address and other few email address in the aws ses. Follow the below steps.
1) Verify the email addresses
- Go to aws console and go to Simple Email Service, in the SES home you will see a tab as Email address. Add email address needs to be verified using Verify a New Email Address button.
- You will receive a confirmation links to your email address you added to verify. Click the link and accept the confirmation. Now your email address are verified.
2) Getting aws credentials
- Since we are using aws SDK we need a way to verify that our application has the right authorization to access the aws resource. aws provides us aws_access_key_id and aws_secret_access_key for this purpose.
- It's a best practice to use a separate IAM user with only SES related permissions rather than using the aws root account credentials for this purpose.
- To create a IAM user go to IAM page (https://console.aws.amazon.com/iam), then go to add User. Under the Select aws access type, tick the Access type as Programmatic access.
- Next will be the permissions page, click the Attach existing policies directly and search for SES from filter polices and select AmazonSESFullAccess.
- Next will be Tags, Review and finally create the user. You will receive Access key ID and a Secret access key. Save them in a safe location and you should not share them with anyone.
3) Using the credentials.
- Now we have the credentials from the aws. There are multiple ways to store the credentials and use in the application. Check out the below link to learn more about using the aws credentials.
- I am going to save these credentials in ~/.aws/credentials file. (If you are using windows use C:\Users\USERNAME\.aws\credentials) the credentials file should look like.
[default] aws_access_key_id = ACCESS_KEY aws_secret_access_key = SECRET_KEY
- Yes, I know that a lot's of configuration :D
4) Code
AwsSesService class
Email sender is injected from the application.yml file.
Important point about sdkRequestTimeout is, if the request takes more than configured requestTimeout value, it will return back a error response telling the request has timeout, from this we can prevent the server became overloaded with high latency requests. It's a simple fault-tolerance mechanism. Learn more about this in here. (https://aws.amazon.com/blogs/developer/tuning-the-aws-sdk-for-java-to-improve-resiliency/)
- You can have the source code at the end of the blog post, I will only post here the Configuration class to build the SES client and the Service class.
- Lets create a bean to build AmazonSimpleEmailService with aws region supply through the application.yml
5) Test the application
- Run the spring boot application.
- Send the below post request.
- If the sending is successful, check your mail inbox you should receive and email from the sender email address we configured.
References & Useful Readings.
https://docs.aws.amazon.com/ses/latest/DeveloperGuide/send-using-sdk-java.html
https://docs.aws.amazon.com/ses/latest/DeveloperGuide/send-using-sdk-java.html
Comments
Post a Comment