search

AtlasOfLivingAustralia / alerts

Alerts services
https://alerts.ala.org.au
Other
1 stars 6 forks source link

Using AWS SES instead of GMail relay service #217

Open qifeng-bai opened 3 months ago

qifeng-bai commented 3 months ago

Link to #211

At this moment, Alerts use:

grails:
    mail:
        port: 2525
        server: localhost

to forward local Postfix server. Postfix server is configured to use SMPT4Dev on dev environment or Gmail relay service on test / prod env

@brucehyslop mentioned:

If alerts is on a AWS VM, that VM need permission to send to SES. These privileges are setup when provisioning the VM then everything should just work.

If you deploy to non AWS infrastructure then we need to setup AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY , that what comp=-login does for you on local dev environment.

I',adding config to enable/disable the SES library. You could setup the dev config to disable and send to smtp4dev. The comparison accounts SES config will only send to verified email addresses so shouldn't spam real users. You can add your email to the list and you will get those emails. I'm not sure if there's support for a sandboxed mailbox to view the blocked emails.

qifeng-bai commented 3 months ago

Questions: 1, How to configure the different senders: For example, for alert-test, the sender should be alerts-test@ala.org.au For alerts prod, it should be alers@ala.org.au

qifeng-bai commented 3 months ago

Issues:

Run './gradlew bootRun' under the terminal which runs with comp-login.

The first error:

Unable to load AWS credentials from Java system properties (aws.accessKeyId and aws.secretKey), WebIdentityTokenCredentialsProvider: To use assume role profiles the aws-java-sdk-sts module must be on the class path.,

After addimplementation 'com.amazonaws:aws-java-sdk-sts:1.12.553' in

The error become: org.springframework.mail.MailSendException: Failed messages: com.amazonaws.SdkClientException: Unable to load AWS credentials from any provider in the chain: [EnvironmentVariableCredentialsProvider: Unable to load AWS credentials from environment variables (AWS_ACCESS_KEY_ID (or AWS_ACCESS_KEY) and AWS_SECRET_KEY (or AWS_SECRET_ACCESS_KEY)), SystemPropertiesCredentialsProvider: Unable to load AWS credentials from Java system properties (aws.accessKeyId and aws.secretKey), WebIdentityTokenCredentialsProvider: You must specify a value for roleArn and roleSessionName, com.amazonaws.auth.profile.ProfileCredentialsProvider@7bffdb58: Unable to load credentials into profile [profile comp]: AWS Access Key ID is not specified.: ]

brucehyslop commented 3 months ago

Questions: 1, How to configure the different senders: For example, for alert-test, the sender should be alerts-test@ala.org.au For alerts prod, it should be alers@ala.org.au

There should be no change to the way the mails from address is configured using config.postie.emailSender this should have a different address for the test and prod environments.

Note: you will need to make sure that the senders email address is verified in the AWS SES configuration for the environment. ie. the alerts@ala.org.au will need to be verified in prod AWS SES

brucehyslop commented 3 months ago

To send via SES simply add the the ala-mail library to the alerts dependency and update the grails-mail plugin to the latest version:

    implementation 'org.grails.plugins:mail:4.0.0'
    implementation 'au.org.ala:ala-mail:1.0.0-SNAPSHOT'

You will also need to enable the sending of emails via SES:

mail.ses.enabled = true

You can revert to the SMTP delivery by setting mail.ses.enabled = false in the /data/alerts/config/alerts-config.properties file