Answer-first summary for fast verification
Answer: Configure the application to connect to Amazon SES by using STARTTLS. Obtain Amazon SES SMTP credentials. Use the credentials to authenticate with Amazon SES.
Amazon Simple Email Service (Amazon SES) supports various methods for sending email messages. In this scenario, the key considerations involve the requirements and limitations of both the legacy SMTP server (which does not support TLS encryption and uses TCP port 25) and Amazon SES. 1. **STARTTLS for Encryption:** Amazon SES supports STARTTLS, which provides a way to take an existing insecure connection and upgrade it to a secure connection using TLS encryption. This method is essential because the migration requires secure transmission of email. 2. **SMTP Credentials:** To authenticate and authorize the application to send emails via Amazon SES, SMTP credentials are needed. These credentials are different from your AWS IAM credentials and are specifically generated for use with Amazon SES. Here's why option B is correct: - **Application Configuration with STARTTLS:** This offers compatibility with Amazon SES’s requirement for secure communication, enabling the application to leverage an encrypted connection. - **Obtain Amazon SES SMTP Credentials:** The application will need these credentials to authenticate with Amazon SES. This is a necessary step because IAM roles or API keys are not used directly for SMTP authentication with Amazon SES. These steps satisfy the conditions for utilizing Amazon SES for email delivery while ensuring secure transmission and proper authentication.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
A company recently completed the migration from an on-premises data center to the AWS Cloud by using a replatforming strategy. One of the migrated servers is running a legacy Simple Mail Transfer Protocol (SMTP) service that a critical application relies upon. The application sends outbound email messages to the company’s customers. The legacy SMTP server does not support TLS encryption and uses TCP port 25. The application can use SMTP only. The company decides to use Amazon Simple Email Service (Amazon SES) and to decommission the legacy SMTP server. The company has created and validated the SES domain. The company has lifted the SES limits. What should the company do to modify the application to send email messages from Amazon SES?
A
Configure the application to connect to Amazon SES by using TLS Wrapper. Create an IAM role that has ses:SendEmail and ses:SendRawEmail permissions. Attach the IAM role to an Amazon EC2 instance.
B
Configure the application to connect to Amazon SES by using STARTTLS. Obtain Amazon SES SMTP credentials. Use the credentials to authenticate with Amazon SES.
C
Configure the application to use the SES API to send email messages. Create an IAM role that has ses:SendEmail and ses:SendRawEmail permissions. Use the IAM role as a service role for Amazon SES.
D
Configure the application to connect to Amazon SES by using STARTTLS. Obtain Amazon SES SMTP credentials. Use the credentials to authenticate with Amazon SES.