Configuring the AWS SDK for Java
Solution 1
You can verify your User Credentials and privileges from IAM console https://console.aws.amazon.com/iam/home.
Go to users tab, click on user check privileges. You can also generate new SMTP credentials from https://console.aws.amazon.com/ses/home#smtp-settings: in case.
Solution 2
The problem was how I was declaring the credentials in the .properties file
accessKey="ACCESSKEY"; # Java-string-like
when instead I should have had
accessKey=ACCESSKEY
Marius Butuc
Ruby & Rails aficionado keen on big data, cloud computing, usable web & photography.
Updated on June 04, 2022Comments
-
Marius Butuc over 1 year
After configuring the AWS SDK for Java (v1.3.8), I want to test everything by running their AWSJavaMailSample.
After double checking that the following are true:
- signed up for SES;
- verified a sender address and sent test message from the AWS console;
- having production access;
- added the
accessKey
and thesecretKey
to the AwsCredentials.properties file, from https://aws-portal.amazon.com/gp/aws/securityCredentials
I get an InvalidClientTokenId: the AWS Access Key ID provided does not exist in the AWS records.
[AmazonSimpleEmailService]$ java AWSJavaMailSample Exception in thread "main" Status Code: 403, AWS Service: AmazonSimpleEmailService, AWS Request ID: 6db92cf8-8d69-11e1-b872-d1f99982ef22, AWS Error Code: InvalidClientTokenId, AWS Error Message: The security token included in the request is invalid at com.amazonaws.http.AmazonHttpClient.handleErrorResponse(AmazonHttpClient.java:552) at com.amazonaws.http.AmazonHttpClient.executeHelper(AmazonHttpClient.java:289) at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:170) at com.amazonaws.services.simpleemail.AmazonSimpleEmailServiceClient.invoke(AmazonSimpleEmailServiceClient.java:479) at com.amazonaws.services.simpleemail.AmazonSimpleEmailServiceClient.listVerifiedEmailAddresses(AmazonSimpleEmailServiceClient.java:214) at com.amazonaws.services.simpleemail.AmazonSimpleEmailServiceClient.listVerifiedEmailAddresses(AmazonSimpleEmailServiceClient.java:410) at AWSJavaMailSample.verifyEmailAddress(AWSJavaMailSample.java:155) at AWSJavaMailSample.main(AWSJavaMailSample.java:75)
Where
AWSJavaMailSample.java:75
is theverifyEmailAddress(ses, FROM);
call.
Update #1, following shashankaholic's comment
I've created two new users:
-
ses-test, attached AmazonSESFullAccess user policy
{"Statement":[{"Effect":"Allow","Action":["ses:*"],"Resource":"*" }]}
-
ses-smtp-user, with the default AmazonSesSendingAccess
{"Statement":[{"Effect":"Allow","Action":"ses:SendRawEmail","Resource":"*"}]}
And I get the same response.
Even after attaching AdministratorAccess to ses-smtp-user
{"Statement":[{"Effect":"Allow","Action":"*","Resource":"*"}]}
still same response:Exception in thread "main" Status Code: 403, AWS Service: AmazonSimpleEmailService, AWS Request ID: [...], AWS Error Code: InvalidClientTokenId, AWS Error Message: The security token included in the request is invalid
What credentials should be used in this case?
Or how should the AWS SDK for Java be configured for AWSJavaMailSample to work?
Update #2:
the problem was how I was declaring the credentials in the .properties file
accessKey="ACCESSKEY"; # Java-string-like
when instead I should have had
accessKey=ACCESSKEY