By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Authentication failure when trying to send SES email via Ansible e-mail module

0

I'm trying to send an e-mail via SES in an Ansible template. The credentials have been used in other applications successfully (not ansible templates but servers like Splunk which send e-mail as well and bash scripts). I've double and triple checked the credentials.

The task is:

  mail:
    host: email-smtp.us-east-1.amazonaws.com
    port: 587
    secure: starttls
    username: [redacted]
    password: [redacted]
    to: [redacted]
    from: [redacted]
    subject: 'Patching for server {{ ansible_hostname }}'
    body: '{{ yum_update_output }}'
  delegate_to: localhost

The output is: fatal: [[redacted] -> localhost]: FAILED! => {"changed": false, "msg": "Authentication to email-smtp.us-east-1.amazonaws.com:587 failed, please check your username and/or password", "rc": 1}

Topics
Front-End Web & MobileBusiness Applications
Tags
Amazon Simple Email Service
Language
English
AWS-User-7871855
asked 2 years ago759 views
3 Answers
1

Hello,

From your question, I can see that you are able to send emails via SES using multiple application, however when using Ansible template you are getting errors that asking for checking the credentials.

Since other applications such as batch and Splunk work fine with your SES credentials, I suspect that the issue might be related to the template itself or to the Ansible version that you are using, I would like to ask you kindly if you can share the Ansible version that you are using so I can replicate this on my environment, to understand better why Ansible is not able to send emails using the same credentials that are working with other applications.

AWS
AbdallahAWS
answered 2 years ago
1

Hello,

Thank you for confirming the Ansible version as well as the Operating system

I have tried to run the same on my environment, the only change that I have done is the following:

- hosts: localhost
  tasks:
  - name: Sending an e-mail using AWS SES
    mail:
      host: email-smtp.us-east-1.amazonaws.com
      port: 587
      secure: starttls
      username: [SMTP_Username]
      password: [SMTP_Password]
      to: [sender@domain]
      from: [sender@domain]
      subject: "Patching for server {{ ansible_hostname }}"
      body: Test
    delegate_to: localhost

Next, I have saved the above YAML in email.yaml file, I am able to successfully run the command : ansible-playbook email.yaml and I can see the emails recieved in the target mailbox.

Having said that, I would like to know if you are using SMTP credentials or IAM user access and secret key to send the emails via Ansible mail module.

The reason I am asking this question is that when using the SMTP interface, we need to use SMTP credentials, while in batch (if you use AWS CLI commands) we can use IAM user access key and secret key, please confirm that you have configured the Ansible with SMTP crednetials : Obtaining Amazon SES SMTP credentials - https://docs.aws.amazon.com/ses/latest/dg/smtp-credentials.html

One more thing is that SMTP credentials are unique to each AWS Region, hence please confirm if you are using SMTP credentials in us-east-1 region : Using the Amazon SES SMTP interface to send email - Requirements to send email over SMTP - https://docs.aws.amazon.com/ses/latest/dg/send-email-smtp.html#send-email-smtp-requirements

AWS
AbdallahAWS
answered 2 years ago
0

Hi Abudallh, thanks for your response. I'm currently running Ansible 2.9.9 on RHEL 7.

I was thinking this may have something to do with some field or header I may be missing as well.

AWS-User-7871855
answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content