Authentication failure when trying to send SES email via Ansible e-mail module

Question

I'm trying to send an e-mail via SES in an Ansible template. The credentials have been used in other applications successfully (not ansible templates but servers like Splunk which send e-mail as well and bash scripts). I've double and triple checked the credentials.

The task is:

mail:
        host: email-smtp.us-east-1.amazonaws.com
        port: 587
        secure: starttls
        username: [redacted]
        password: [redacted]
        to: [redacted]
        from: [redacted]
        subject: 'Patching for server {{ ansible_hostname }}'
        body: '{{ yum_update_output }}'
      delegate_to: localhost

The output is:
fatal: [[redacted] -> localhost]: FAILED! => {"changed": false, "msg": "Authentication to email-smtp.us-east-1.amazonaws.com:587 failed, please check your username and/or password", "rc": 1}

Answer

Hello,

From your question, I can see that you are able to send emails via SES using multiple application, however when using Ansible template you are getting errors that asking for checking the credentials.

Since other applications such as batch and Splunk work fine with your SES credentials, I suspect that the issue might be related to the template itself or to the Ansible version that you are using, I would like to ask you kindly if you can share the Ansible version that you are using so I can replicate this on my environment, to understand better why Ansible is not able to send emails using the same credentials that are working with other applications.

Answer

Hello,

Thank you for confirming the Ansible version as well as the Operating system

I have tried to run the same on my environment, the only change that I have done is the following:

```
- hosts: localhost
  tasks:
  - name: Sending an e-mail using AWS SES
    mail:
      host: email-smtp.us-east-1.amazonaws.com
      port: 587
      secure: starttls
      username: [SMTP_Username]
      password: [SMTP_Password]
      to: [sender@domain]
      from: [sender@domain]
      subject: "Patching for server {{ ansible_hostname }}"
      body: Test
    delegate_to: localhost

```

Next, I have saved the above YAML in email.yaml file, I am able to successfully run the command : `ansible-playbook email.yaml` and I can see the emails recieved in the target mailbox.

Having said that, I would like to know if you are using SMTP credentials or IAM user access and secret key to send the emails via Ansible mail module.

The reason I am asking this question is that when using the SMTP interface, we need to use SMTP credentials, while in batch (if you use AWS CLI commands) we can use IAM user access key and secret key, please confirm that you have configured the Ansible with SMTP crednetials :
        Obtaining Amazon SES SMTP credentials - https://docs.aws.amazon.com/ses/latest/dg/smtp-credentials.html

One more thing is that SMTP credentials are unique to each AWS Region, hence please confirm if you are using SMTP credentials in us-east-1 region : 
        Using the Amazon SES SMTP interface to send email - Requirements to send email over SMTP - https://docs.aws.amazon.com/ses/latest/dg/send-email-smtp.html#send-email-smtp-requirements

Answer

Hi Abudallh, thanks for your response. I'm currently running Ansible 2.9.9 on RHEL 7.

I was thinking this may have something to do with some field or header I may be missing as well.

Authentication failure when trying to send SES email via Ansible e-mail module

관련 콘텐츠