Hi, I could not get my AWS SES credentials to work, despite being absolutely sure I copied them correctly. Error 403
So I deleted the credentials, and then tried to recreate.
This error is slightly different, but still a 403. Any idea how I can fix this?
ERROR: Forbidden - perhaps check your credentials?
The request signature we calculated does not match the signature you provided. Check your AWS Secret Access Key and signing method. Consult the service documentation for details.
{"message":"Request failed with status code 403","name":"Error","stack":"Error: Request failed with status code 403\n at createError (/usr/local/lib/node_modules/n8n/node_modules/axios/lib/core/createError.js:16:15)\n at settle (/usr/local/lib/node_modules/n8n/node_modules/axios/lib/core/settle.js:17:12)\n at IncomingMessage.handleStreamEnd (/usr/local/lib/node_modules/n8n/node_modules/axios/lib/adapters/http.js:269:11)\n at IncomingMessage.emit (events.js:327:22)\n at endReadableNT (internal/streams/readable.js:1327:12)\n at processTicksAndRejections (internal/process/task_queues.js:80:21)"}
I’m trying to create a email connection to SES though. Does n8n use SNS to get bounce notifications?
I’ve added both an AmazonSESFullAccess and AmazonSNSFullAccess policy to this users.
I’ve verified the AccessKeyID and Secret are correct.
Still the same 403 error.
Hmmm
I just changed the endpoint to a postbin so I could see what n8n is actually sending.
here is the authorization header. I notice it is sending to us-east-1. Whereas my SES/SNS is at us-west-2. Is it defaulting to us-east-1 because i just put a custom endpoint in? Or is that a bug?
Yes, however I’m not sure if putting in the custom endpoint to test would have overridden that.
I just tried putting in the endpoint with the region, and it fails with the same error.
I also added the n8n user to the admin group, so it can do anything. Same error.
Is there a log anywhere that I can see what n8n is actually sending is?
I just check if I could send an SNS message using the same credentials, and it was successful.
It is very odd.
Another oddity, is that when I looked at the log for the credentials in AWS, prior to that successful SNS message, it showed that the accesskey has never actually been used. After that successful SNS it shows as being used once.
I’m not sure if AWS registers a use only when it is a successful access.
As you can see does it set “us-west-2” totally correctly. To be 100% sure that it does actually send that did I change the code that it sends everything to webhook.site, also there it did arrive exactly the same way. Meaning that you are right that it has to do with the custom endpoint.
Sadly no idea why it would not work for you.
Are you 100% sure the problem is n8n related? Did you try using these credentials with another service and there they worked?
For anyone else who runs into this. I found a solution.
A few days ago, I noticed I was getting those weird failures on another node. Where it just dumps a stack trace (in the original post).
The solution was to delete the workflow, create a new fresh workflow, and copy in the nodes from scratch.
This morning I wondered if that could solve the issue.
So I created a new workflow with just the SES node. And shazam, it worked as expected.
I suspect there must be some sort of weird caching going on somewhere.
I have a sneaking suspicion, that the caching could be on the cloudflare end (we use it as the proxy).
But could it be on the n8n side? It is the only thing I can think of.
And fyi, that original workflow SES node, which is identical, still throws a 403 error.
Strange…