django-ses: InvalidClientTokenId with "AWS_SES_REGION_NAME = 'eu-central-1'"

Hi,

I have been using Django-ses for a while and everything worked fine. When I wanted to move out of the ses sandbox, I realised that I had not set the region to “eu-central-1”.

After I did that, I cannot send emails anymore and instead get this error message:

boto.exception.BotoServerError: BotoServerError: 403 Forbidden
<ErrorResponse xmlns="http://ses.amazonaws.com/doc/2010-12-01/">
  <Error>
    <Type>Sender</Type>
    <Code>InvalidClientTokenId</Code>
    <Message>The security token included in the request is invalid.</Message>
  </Error>
  <RequestId>ec8c6de9-9bdc-48ab-8a35-50c8caf4fcd1</RequestId>
</ErrorResponse>

Any idea what the problem is? Cheers, Gregor

BTW: my settings.py looks like this:

DEFAULT_FROM_EMAIL = '***@gmail.com'
EMAIL_BACKEND = 'django_ses.SESBackend'
with open('/etc/AWS_ACCESS_KEY_ID.txt') as f:
    AWS_ACCESS_KEY_ID = f.read().strip()

with open('/etc/AWS_SECRET_ACCESS_KEY.txt') as f:
    AWS_SECRET_ACCESS_KEY = f.read().strip()

AWS_SES_REGION_NAME = 'eu-central-1'
AWS_SES_REGION_ENDPOINT = 'email.eu-central-1.amazonaws.com'

About this issue

  • Original URL
  • State: closed
  • Created 4 years ago
  • Reactions: 5
  • Comments: 18 (12 by maintainers)

Most upvoted comments

maybe the signature version (needs v4 for Frankfurt) comes to play?

https://docs.aws.amazon.com/general/latest/gr/signature-version-2.html https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html

+2
starenka on Apr 22, 2020
Read more comments on GitHub
← django-ses: AWS SES Signature V4 : Can't find the request header in the log
django-tenants: delete tenants with queryset method doesn't delete their schemas →