- 최신
- 최다 투표
- 가장 많은 댓글
Hi,
Those are uses spotted since the beginning of the year, so the notification you received should normally begin with
"If you have already migrated your credentials from Signature Version 2 to Signature Version 4, you can ignore this communication."
EDIT: actually, I doubled checked and you're absolutely right. The communication reminder still contains "over the last week", which is wrong. Those were observed since the beginning of the year. I will make sure this gets corrected, please accept our apologies for the confusion.
Same problem, just received this email: "We have observed Signature Version 2 requests (on an Amazon SES SMTP endpoint) originating from your account over the last week."
IAM doesn't show any activity for the old user since I regenerated the SMTP credentials 33 days ago.
Thanks.
This line in the email is somewhat misleading:
We have observed Signature Version 2 requests (on an Amazon SES SMTP endpoint) originating from your account over the last week
Got me thinking...could I have a server somewhere using the old credentials? I didn't think so.
So, if in IAM, I can see no activity on the old accounts then I am fine.
Steve
That's the correct way to verify it if you are getting your SMTP credentials from the SES console, absolutely.
There is another, rarer case: for the few customers that are self-signing an existing IAM user by using the sigv2 algorithm (either in their code, or through a library), if they just changed the algorithm to be the sigv4 signing algorithm, they could legitimately still observe activity on the user.
Yes, this was fairly unsettling! Having inherited this system I was pretty sure that I had updated our SMTP credentials in all the requisite locations. Then I got this e-mail warning me that in the past week the service is still being accessed with SIGv2 credentials. I spent hours combing through, self-auditing the entire system and writing up a support request. I should have googled first!
(File this under "Don't believe everything you read on the internet. Even if it comes from Amazon.")
Same issue here. I wish the email was more careful about when the V2 creds were used.