Code Self Study Forum

Sending Emails with Amazon SES

I’ve been setting up Amazon SES on a website and wanted to make a post with notes so that it’s easier next time. This is a “wiki post” that anyone can edit. Feel free to add resources and make corrections.

I’ll keep adding links here as I close my tabs.

Descriptions of the Relevant Services

I hadn’t used AWS before, so I had to figure out what all the various services were and how they fit together. Here’s a quick summary.

  • SES — sends emails but doesn’t log things or do much else by itself
  • SNS — creates “topics” (channels of messages) that “subscribers” can receive. There are different kinds of subscribers: HTTP, email, email-JSON, SMS, AWS Lambda function, etc.
  • IAM — identity and access management. This is where you create users (humans and programs) in your AWS account and give them permissions to perform tasks. For security purposes, you don’t want your email sending program to have access to deploy servers that mine bitcoins, so you can create an IAM user for your program that only has access to the SES part of your AWS account. There’s a guide to setting it up in the free preview videos for this Udemy course. (Tip: don’t pay more than $10-12 for courses on Udemy because they go on sale regularly.)
  • Cloudwatch — a logging service
  • Cloudfront — a CDN that you can use for click event tracking
  • Lambda — small bits of code that run based on triggers (HTTP requests, Cloudwatch events, and more). You can use Node, Python, Go, Java, C#, Ruby or another language.
  • S3 — file storage
  • Route 53 — Amazon’s domain name system (I’m using Cloudflare for DNS, so I didn’t look at Route 53.)

Tutorials

I started with this post, but it didn’t have enough information to finish the project, which is why I started making this wiki post.

Video Tutorials

SMTP Support

Normally, you can send the emails with credentials from an IAM user that only has access to SES, but there is also a way to use SMTP if needed.

Monitoring

There’s also a page on Creating a Daily Dashboard to Track Bounces and Complaints, but it says that it’s outdated as of 2019.

TODO: add information on how to download logs and trigger Lambda functions based on SES-related events (bounces, complaints, etc.).

Blocking Incoming Emails

See Also

2 Likes

It’s a difficult topic. On a current work project we set up policies SNS, SQS, IAM, policies etc on terraform because the aws console is a pita to deal with. The sending code was in golang using aws go libraries. Terraform isn’t that easy either though. I really like pulumi though, and it allows you to deal with cloud providers fairly easily as well as kubernetes. I would use it in future projects if I had the choice.

1 Like

Are those something like CloudFormation? Today I was watching some videos on Serverless Framework that used CloudFormation, and now I’m watching the preview videos for this course, because it looks interesting.

Cloudformation is similar. Cloudformation is aws specific means of setting up policies and services that follows the trend of “infrastructure as code”. I don’t have much experience but my more devops coworkers consider it a pita as well. It actually is xml. If you look at this it’s really hard to read: https://s3.us-west-2.amazonaws.com/cloudformation-templates-us-west-2/AutoScalingScheduledAction.template Terraform looks like a cross between json and xml. Terraform is widely used. Syntax looks like here: https://www.linode.com/docs/applications/configuration-management/introduction-to-hcl/ Cloudformation may be as well.
I like Pulumi because it does a lot of what terraform does, but in python or javascript and some other languages. I’m hoping it will catch on over terraform, because I would prefer to write devops stuff in python over bash or terraform. This is a pulumi example of setting up an s3 bucket including using a kms key: https://www.pulumi.com/docs/get-started/aws/modify-program/
Many less lines than terraform or cloud formation would be, and much less hassle than jumping around the aws console.

There are many ways to skin the cat in devops land. You can also do a lot with python and aws sdk. The cloud agnosticism of terraform and other platforms seems to me to be unrealistic. It works for simple service layers, but in the end you are tied to a specific cloud provider and migrating to another would be a tremendous effort.

1 Like

I like the way pulumi looks. Is the free version enough, or do you have to pay for it? It looks like it gets expensive as soon as you have four users.

I’ve watched most of those CloudFormation videos to see if it could help me with a problem, and the instructor recommends using YAML instead of JSON.

Here’s how to create an S3 bucket with CloudFormation. You can put various properties like AccessControl and BucketName in the Properties field.

---
Resources:
  MyS3Bucket:
    Type: "AWS::S3::Bucket"
    Properties: {}

Oh yeah yaml is probably better. I’m not sure what they said was a pain about cloudformation. Looking from this reddit thread people cite a lot of reasons: slow deployments, doesn’t support a lot of aws features. Terraform seems to support aws better than cloudformation even though cloudformation is an aws product. There are some that like it though. https://www.reddit.com/r/aws/comments/at2dk6/cloudformation_synonym_for_sucks/
Probably if your not a hard-core admin cloudformation will be fine. Frustrations come when you have advanced requirements. Real-world deployments are so much more complicated than what you see in udemy courses etc. Usually that’s driven by security, monitoring, and performance requirements although sometimes things just seem to be over-built. Not that those courses are bad - I study stuff that way too like devops and machine learning stuff that I wasn’t familiar with. They’re a good way to get the fundamentals.
For an individual pulumi’s free version gives you everything except project/stacks which I’m not clear on their purpose (maybe a stack is a set of deployments). Their pricing is a bit steep and disappointing. I think it may limit their adoption.

1 Like

I watch a lot of Udemy, because I like to see people live code things from start to finish. Sometimes I only buy a course to watch a few sections.

There are docs for AWS, but they are overwhelming. According to the video, the CloudFormation docs in PDF format are something like 1,800 pages. Udemy gives me a quick overview of the important parts in <2 hours of watching (at 2x speed) for $10.99.

I’m not a hardcore admin and my sites aren’t large enough to have a devops team yet. I mostly need ways to deploy and manage live sites without eating up all my time or having things get too expensive.

As someone not familiar with it, when I go to their site, it makes me think that it’s going to be limited in use unless I pay them, and that if we add just a couple more programmers, there would suddenly be a $3,600+/year bill. That makes me cautious about trying it. If they stated that the community edition works fine with multiple people, then I’d be less cautious about trying it.

1 Like

The last videos mentioned an interesting tool called Troposphere that lets you write CloudFormation templates in Python. I haven’t tried it yet.

Here’s an example from the docs:

>>> from troposphere import Ref, Template
>>> import troposphere.ec2 as ec2
>>> t = Template()
>>> instance = ec2.Instance("myinstance")
>>> instance.ImageId = "ami-951945d0"
>>> instance.InstanceType = "t1.micro"
>>> t.add_resource(instance)
<troposphere.ec2.Instance object at 0x101bf3390>
>>> print(t.to_json())
{
    "Resources": {
        "myinstance": {
            "Properties": {
                "ImageId": "ami-951945d0",
                "InstanceType": "t1.micro"
            },
            "Type": "AWS::EC2::Instance"
        }
    }
}
>>> print(t.to_yaml())
Resources:
    myinstance:
        Properties:
            ImageId: ami-951945d0
            InstanceType: t1.micro
        Type: AWS::EC2::Instance

Yeah that was mentioned in the reddit. I’ll have to check that out. It might be a good option.

1 Like