What should the company do to modify the application to send email messages from Amazon SES?
Configure the application to connect to Amazon SES by using TLS Wrapper. Create an IAM role that has ses:SendEmail and ses:SendRawEmail permissions. Attach the IAM role to an Amazon EC2 instance.
Configure the application to connect to Amazon SES by using STARTTLS. Obtain Amazon SES SMTP credentials. Use the credentials to authenticate with Amazon SES.
Configure the application to use the SES API to send email messages. Create an IAM role that has ses:SendEmail and ses:SendRawEmail permissions. Use the IAM role as a service role for Amazon SES.
Configure the application to use AWS SDKs to send email messages. Create an IAM user for Amazon SES. Generate API access keys. Use the access keys to authenticate with Amazon SES.
Explanations:
While using a TLS Wrapper could allow the application to send emails securely, the application is stated to use SMTP only, and Amazon SES requires either SMTP credentials with STARTTLS or the SES API for sending emails. Therefore, this option does not correctly align with SES’s requirements.
This option correctly specifies that the application can connect to Amazon SES using STARTTLS, which allows secure transmission. It also highlights the need for Amazon SES SMTP credentials for authentication, which is required when connecting via SMTP. This aligns with how SES is typically configured for legacy applications.
Although using the SES API to send messages is a valid approach, it does not adhere to the requirement that the application can only use SMTP. This option suggests a service role for SES, which is unnecessary for SMTP use, making it incorrect for the given scenario.
While using AWS SDKs is a valid method for sending emails, it does not meet the requirement that the application can only use SMTP. Additionally, generating API access keys and creating an IAM user is not relevant for an application limited to SMTP usage.