Amazon Simple Email Service (SES) had extended support for Signature Version 3 to February 28th, 2021. To continue to use Amazon SES, you must migrate to Signature Version 4 which offers enhanced security for authentication and authorization of Amazon SES customers.
We have identified that, between 2021-04-05 and 2021-04-12, your AWS account *** used Signature Version 3 to call Amazon SES APIs in the eu-west-1 Region.
Your Signature Version 3 requests were identified to be originating from:
IAM Users:
IPs:
User Agents: Boto/2.49.0 Python/3.7.10 Linux/4.14.209-160.339.amzn2.x86_64, Boto/2.49.0 Python/3.7.8 Linux/4.14.209-160.339.amzn2.x86_64
Your Signature Version 3 requests were identified to be using the following SES actions:
APIs: SendRawEmail
Example Request ID using Signature Version 3: ****
You can identify API requests that use Signature Version 3 by looking at the request headers. Requests that use the Signature Version 3 resemble the following example (note the "AWS3"):
X-Amzn-Authorization: AWS3-HTTPS AWSAccessKeyId=AKIAIOSFODNN7EXAMPLE,Algorithm=HMACSHA256,Signature=lBP67vCvGl ...
To move to Signature Version 4:
If you are self-signing your requests, refer to our documentation for Authenticating requests to the Amazon SES API [1] and creating a canonical request for Signature Version 4 [2].
If you are not self-signing your requests, simply update your SDK/CLI to the latest version.
The Amazon SES team will update the request information weekly and will stop notifications once we identify that Signature Version 3 is no longer being used from your account.
DanielOverdevest
commented
3 years ago
Amazon Simple Email Service (SES) had extended support for Signature Version 3 to February 28th, 2021. To continue to use Amazon SES, you must migrate to Signature Version 4 which offers enhanced security for authentication and authorization of Amazon SES customers.
We have identified that, between 2021-04-05 and 2021-04-12, your AWS account *** used Signature Version 3 to call Amazon SES APIs in the eu-west-1 Region.
Your Signature Version 3 requests were identified to be originating from:
IAM Users: IPs: User Agents: Boto/2.49.0 Python/3.7.10 Linux/4.14.209-160.339.amzn2.x86_64, Boto/2.49.0 Python/3.7.8 Linux/4.14.209-160.339.amzn2.x86_64 Your Signature Version 3 requests were identified to be using the following SES actions:
APIs: SendRawEmail Example Request ID using Signature Version 3: ****
You can identify API requests that use Signature Version 3 by looking at the request headers. Requests that use the Signature Version 3 resemble the following example (note the "AWS3"): X-Amzn-Authorization: AWS3-HTTPS AWSAccessKeyId=AKIAIOSFODNN7EXAMPLE,Algorithm=HMACSHA256,Signature=lBP67vCvGl ...
To move to Signature Version 4:
If you are self-signing your requests, refer to our documentation for Authenticating requests to the Amazon SES API [1] and creating a canonical request for Signature Version 4 [2]. If you are not self-signing your requests, simply update your SDK/CLI to the latest version. The Amazon SES team will update the request information weekly and will stop notifications once we identify that Signature Version 3 is no longer being used from your account.