Created
November 13, 2017 01:06
-
-
Save danew/995266c10b1047ac041a4518156f1833 to your computer and use it in GitHub Desktop.
Ansible filter to create AWS SES SMTP password from aws access secret
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| import base64 | |
| from Crypto.Hash import HMAC, SHA256 | |
| class PasswordEncoder: | |
| def encode(self, secret): | |
| signature = self._hmac_sha256(b'SendRawEmail', secret) | |
| byte_array = self._version_signature(signature) | |
| return self._base64_encode(byte_array) | |
| def _hmac_sha256(self, msg, key): | |
| return HMAC.new(key=key, msg=msg, digestmod=SHA256).digest() | |
| def _version_signature(self, signature): | |
| return bytearray(0x02).join(signature) | |
| def _base64_encode(self, bytes): | |
| return base64.b64encode(bytes) | |
| def _print_bytes(self, bytes): | |
| print(self._base64_encode(bytes)) | |
| class FilterModule(object): | |
| def filters(self): | |
| return { | |
| 'smtp_password': self._smtp_password | |
| } | |
| def _smtp_password(self, aws_access_secret): | |
| return str(PasswordEncoder().encode(str(aws_access_secret))) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Thanks for this gist. FYI AWS have updated their way of generating SMTP passwords: https://docs.aws.amazon.com/ses/latest/dg/smtp-credentials.html