Configuring the AWS SDK for Java

10,757

Solution 1

You can verify your User Credentials and privileges from IAM console https://console.aws.amazon.com/iam/home.

Go to users tab, click on user check privileges. You can also generate new SMTP credentials from https://console.aws.amazon.com/ses/home#smtp-settings: in case.

Solution 2

The problem was how I was declaring the credentials in the .properties file

accessKey="ACCESSKEY"; # Java-string-like

when instead I should have had

accessKey=ACCESSKEY
Share:
10,757
Marius Butuc
Author by

Marius Butuc

Ruby & Rails aficionado keen on big data, cloud computing, usable web & photography.

Updated on June 04, 2022

Comments

  • Marius Butuc
    Marius Butuc over 1 year

    After configuring the AWS SDK for Java (v1.3.8), I want to test everything by running their AWSJavaMailSample.

    After double checking that the following are true:

    1. signed up for SES;
    2. verified a sender address and sent test message from the AWS console;
    3. having production access;
    4. added the accessKey and the secretKey to the AwsCredentials.properties file, from https://aws-portal.amazon.com/gp/aws/securityCredentials

    I get an InvalidClientTokenId: the AWS Access Key ID provided does not exist in the AWS records.

    [AmazonSimpleEmailService]$ java AWSJavaMailSample
    Exception in thread "main" Status Code: 403, AWS Service: AmazonSimpleEmailService, AWS Request ID: 6db92cf8-8d69-11e1-b872-d1f99982ef22, AWS Error Code: InvalidClientTokenId, AWS Error Message: The security token included in the request is invalid
        at com.amazonaws.http.AmazonHttpClient.handleErrorResponse(AmazonHttpClient.java:552)
        at com.amazonaws.http.AmazonHttpClient.executeHelper(AmazonHttpClient.java:289)
        at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:170)
        at com.amazonaws.services.simpleemail.AmazonSimpleEmailServiceClient.invoke(AmazonSimpleEmailServiceClient.java:479)
        at com.amazonaws.services.simpleemail.AmazonSimpleEmailServiceClient.listVerifiedEmailAddresses(AmazonSimpleEmailServiceClient.java:214)
        at com.amazonaws.services.simpleemail.AmazonSimpleEmailServiceClient.listVerifiedEmailAddresses(AmazonSimpleEmailServiceClient.java:410)
        at AWSJavaMailSample.verifyEmailAddress(AWSJavaMailSample.java:155)
        at AWSJavaMailSample.main(AWSJavaMailSample.java:75)
    

    Where AWSJavaMailSample.java:75 is the verifyEmailAddress(ses, FROM); call.


    Update #1, following shashankaholic's comment

    I've created two new users:

    1. ses-test, attached AmazonSESFullAccess user policy
      {"Statement":[{"Effect":"Allow","Action":["ses:*"],"Resource":"*" }]}
    2. ses-smtp-user, with the default AmazonSesSendingAccess
      {"Statement":[{"Effect":"Allow","Action":"ses:SendRawEmail","Resource":"*"}]}

    And I get the same response.

    Even after attaching AdministratorAccess to ses-smtp-user
    {"Statement":[{"Effect":"Allow","Action":"*","Resource":"*"}]}
    still same response:

    Exception in thread "main" Status Code: 403, 
    AWS Service: AmazonSimpleEmailService, 
    AWS Request ID: [...], 
    AWS Error Code: InvalidClientTokenId, 
    AWS Error Message: The security token included in the request is invalid
    

    What credentials should be used in this case?

    Or how should the AWS SDK for Java be configured for AWSJavaMailSample to work?


    Update #2:

    the problem was how I was declaring the credentials in the .properties file

    accessKey="ACCESSKEY"; # Java-string-like
    

    when instead I should have had

    accessKey=ACCESSKEY