Skip to content

Instantly share code, notes, and snippets.

@danew
Created November 13, 2017 01:06
Show Gist options
  • Save danew/995266c10b1047ac041a4518156f1833 to your computer and use it in GitHub Desktop.
Save danew/995266c10b1047ac041a4518156f1833 to your computer and use it in GitHub Desktop.
Ansible filter to create AWS SES SMTP password from aws access secret
#!/usr/bin/env python
import base64
from Crypto.Hash import HMAC, SHA256
class PasswordEncoder:
def encode(self, secret):
signature = self._hmac_sha256(b'SendRawEmail', secret)
byte_array = self._version_signature(signature)
return self._base64_encode(byte_array)
def _hmac_sha256(self, msg, key):
return HMAC.new(key=key, msg=msg, digestmod=SHA256).digest()
def _version_signature(self, signature):
return bytearray(0x02).join(signature)
def _base64_encode(self, bytes):
return base64.b64encode(bytes)
def _print_bytes(self, bytes):
print(self._base64_encode(bytes))
class FilterModule(object):
def filters(self):
return {
'smtp_password': self._smtp_password
}
def _smtp_password(self, aws_access_secret):
return str(PasswordEncoder().encode(str(aws_access_secret)))
@johncant
Copy link

Thanks for this gist. FYI AWS have updated their way of generating SMTP passwords: https://docs.aws.amazon.com/ses/latest/dg/smtp-credentials.html

@lotyp
Copy link

lotyp commented Oct 15, 2023

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment